Professional Documents
Culture Documents
Sample Name:
P6SLite_v2.5.1_apkpure.com.apk
Cookbook:
defaultandroidfilecookbook.jbs
Time: 00:53:06
Date: 09/09/2020
Version: 29.0.0 Ocean Jasper
Table of Contents
Table of Contents 2
Analysis Report P6SLite_v2.5.1_apkpure.com.apk 4
Overview 4
General Information 4
Detection 4
Signatures 4
Classification 4
Yara Overview 4
Signature Overview 4
Operating System Destruction: 4
System Summary: 4
Hooking and other Techniques for Hiding and Protection: 5
Malware Analysis System Evasion: 5
Anti Debugging: 5
Stealing of Sensitive Information: 5
Mitre Att&ck Matrix 5
Screenshots 5
Thumbnails 5
Antivirus, Machine Learning and Genetic Malware Detection 6
Initial Sample 6
Dropped Files 6
Domains 6
URLs 6
Domains and IPs 7
Contacted Domains 7
URLs from Memory and Binaries 7
Contacted IPs 9
General Information 9
Joe Sandbox View / Context 10
IPs 10
Domains 10
ASN 10
JA3 Fingerprints 10
Dropped Files 10
Created / dropped Files 10
Static File Info 10
General 10
File Icon 11
Static APK Info 11
General 11
Activities 11
Receivers 13
Services 13
Permission Requested 13
Certificate 13
Resources 14
Network Behavior 48
UDP Packets 48
APK Behavior 48
Installation 48
Miscellaneous 48
System Calls 49
By Permission (executed) 50
By Permission (non-executed) 50
Disassembly 50
0 Executed Methods 50
Sample P6SLite_v2.5.1_apkpure.c
Name: om.apk Checks
Checks ifif app
app is
is currently
currently debugged
debugged
Might
Readstry
Reads thetoserial
the detect
serial if ADB of
number
number is the
of running
the devic
devic…
devic… Miner Spreading
SHA256: 8df81fa47f11bb2…
Reads
Requests
theto
Requests serial
to number
ignore
ignore ofoptimizat
battery
battery the devic…
optimizat…
optimizat malicious
malicious
malicious
malicious
suspicious
suspicious
suspicious
Phishing
Requests
Starts/registers
to ignore
Starts/registers battery optimizat
aa service/receiver
service/receiver on
on…
on…
suspicious
clean
clean
clean
clean
/proc a service/receiver on
Starts/registers
Accesses /proc
Accesses Exploiter Banker
Accesses
Accesses /proc
Accesses android
android OS
OS build
build fields
fields
Spyware Trojan / Bot
Blocks
Accesses
Blocks or android phone
or controls
controls OS build
phone fields
keys
keys Adware
Blocks
Checksor
Checks controls
CPU
CPU phone keys
details
details
Score: 64
Range: 0 - 100 Checks
Checks CPU
Checks an detailsconnection
an internet
internet connection is
is av
av…
av…
Checks
Checks ififif phone
Checks phone is
phone is rooted
is rooted (checks
rooted (checks fo
fo…
fo…
(checks fo
Checks
Checks ifif phone
phone is
is rooted
rooted (checks
(checks fo
fo…
fo…
Yara Overview Dials
Checks if phone
Dials phone
phone is rooted (checks fo
numbers
numbers
Dials
Enables
phone
Enables or numbers
or disables
disables WIFI
WIFI
No yara matches
Enables
Executes disables
Executesornative
native WIFI
commands
commands
Executes
Found native commands
Found suspicious
suspicious command
command strings
strings …
Has ansuspicious
Found
Has an unnatural command
unnatural receiver
receiver strings
priority
priority (of
(of…
(of…
Signature Overview Has an unnaturalto
Has functionality
functionality receiver
to send priority
send UDP
UDP packe(of …
packe
packe…
Has functionality
Has functionalty
functionalty totoadd
to send
add anUDP
an packe
overlay
overlay to
to…
to…
• Location Tracking
Has functionalty
Has permission
permission to tochange
to add an the
change overlayWIFIto…
the WIFI
• Spreading
• Networking Has
Has permission
permission to change
to download
download thefiles
WIFI
files wit
wit…
wit…
• Key, Mouse, Clipboard, Microphone and Screen Capturing
• E-Banking Has
Has permission
Fraud permission to download
to execute
execute code filesafte
code wit …
afte…
afte
• Operating System
Spam, unwanted Advertisements and Ransom Demands
execute orcode afte…
• Change of System
Has
Has permission
permission toto mount
mount or unmoun
unmoun…
unmoun
Destruction
• System Summary
Has
Has Appearance
permission
Has permission
permission toto mount
to perform or
perform phoneunmoun
phone ca ca…
ca…
• Data Obfuscation
• Persistence and Installation Behavior
Has
Has permission
permission to perform
to query
query thethephone
list ofca
list of cc…
c…
• Boot SurvivalHas
• Hooking andHasotherpermission
permission to query
to read the list oflog
read low-level
low-level c…
log…
log
Lists
Kills/terminates
Lists and processes
and deletes
deletes files
files in
in the
the same
same cc…
c…
Click to jump to signature section deletes files
Lists
Loadsand
Loads aa webpage
webpage withincache
with the same
cache c
disabled
disabled
Loads
Loads aa webpage
Loads webpage with
with cache
cache disabled
disabled
Loads
May a webpage
May access
access the with cache
the Android
Android disabled
keyguard
keyguard (l(l…
(l…
May
May access
May check the
check for
for Android
popular
popular keyguard
installed
installed (l
apps
apps
Operating System Destruction:
May check
take aa for
May take
May popular
camera
camera installed apps
picture
picture
Performs
Opens
Performs internet
anDNS
DNS connection
lookups
lookups (Java
(Java API)
API)
Queries aadate
Potential
Queries list aware
list of
of sample
installed
installed found
applications
applications
Anti Debugging:
Remote
Initial Privilege Defense Credential Lateral Command Service
Access Execution Persistence Escalation Evasion Access Discovery Movement Collection Exfiltration and Control Network Effects Effects
Valid Windows Path Path Application Access System Remote Location Exfiltration Data Exploit SS7 to Remotely
Accounts Management Interception Interception Discovery 2 Sensitive Network Services Tracking 1 1 Over Other Obfuscation Redirect Phone Track Device
Instrumentation Data in Connections Network Calls/SMS 1 Without
Device Discovery 1 Medium Authorization
Logs 1
Default Scheduled Boot or Boot or Evade Analysis Access System Remote Capture Exfiltration Junk Data Eavesdrop on Remotely
Accounts Task/Job Logon Logon Environment 1 Stored Network Desktop Audio 2 1 Over Insecure Network Wipe Data
Initialization Initialization Application Configuration Protocol Bluetooth Communication 1 Without
Scripts Scripts Data 1 Discovery 2 Authorization
Domain At (Linux) Logon Script Logon Obfuscated Security Security SMB/Windows Network Automated Steganography Exploit SS7 to Obtain
Accounts (Windows) Script Files or Account Software Admin Shares Information Exfiltration Track Device Device
(Windows) Information Manager Discovery 1 Discovery 4 Location Cloud
Backups
Local At (Windows) Logon Script Logon Binary Padding NTDS Location Distributed Access Scheduled Protocol SIM Card Swap
Accounts (Mac) Script Tracking 1 1 Component Sensitive Data Transfer Impersonation
(Mac) Object Model in Device
Logs 1
Cloud Cron Network Network Software LSA Application SSH Access Stored Data Fallback Manipulate Device
Accounts Logon Script Logon Packing Secrets Discovery 2 Application Transfer Channels Communication
Script Data 1 Size Limits
Replication Launchd Rc.common Rc.common Steganography Cached System VNC GUI Input Exfiltration Multiband Jamming or Denial
Through Domain Information Capture Over C2 Communication of Service
Removable Credentials Discovery 4 Channel
Media
External Scheduled Startup Startup Compile After DCSync Evade Analysis Windows Web Portal Exfiltration Commonly Rogue Wi-Fi
Remote Task Items Items Delivery Environment 1 Remote Capture Over Used Port Access Points
Services Management Alternative
Protocol
Drive-by Command and Scheduled Scheduled Indicator Proc Process Shared Credential API Exfiltration Application Downgrade to
Compromise Scripting Task/Job Task/Job Removal from Filesystem Discovery 1 Webroot Hooking Over Layer Protocol Insecure Protocols
Interpreter Tools Symmetric
Encrypted
Non-C2
Protocol
Screenshots
Thumbnails
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Initial Sample
No Antivirus matches
Dropped Files
No Antivirus matches
Domains
No Antivirus matches
URLs
Contacted Domains
Contacted IPs
No contacted IP infos
General Information
IPs
No context
Domains
No context
ASN
No context
JA3 Fingerprints
No context
Dropped Files
No context
General
File type: Zip archive data
Entropy (8bit): 7.945487919776959
File Icon
General
Label: P6SLite
Minimum SDK required: 17
Target SDK required: 28
Version Code: 46
Version Name: 46
Package Name: com.zwcode.p6slite
Is Activity: true
Is Receiver: true
Is Service: true
Requests System Level Permissions: false
Play Store Compatible: true
Activities
Name Is Entrypoint
com.zwcode.p6slitecom.zwcode.p6slite.activity.AddDeviceResultActivity
com.zwcode.p6slitecom.zwcode.p6slite.activity.AddDeviceActivity
com.zwcode.p6slitecom.zwcode.p6slite.activity.WebActivity
com.zwcode.p6slitecom.zwcode.p6slite.MainActivity
com.zwcode.p6slitecom.zwcode.countrycode.CountryActivity
com.zwcode.p6slitecom.zwcode.p6slite.activity.SplashActivity true
com.zwcode.p6slitecom.zwcode.p6slite.activity.LoginActivity
com.zwcode.p6slitecom.zwcode.p6slite.activity.RegiseterEmailOrPhoneActivity
com.zwcode.p6slitecom.zwcode.p6slite.activity.RegiseterActivity
com.zwcode.p6slitecom.zwcode.p6slite.activity.DeviceAddNormalActivity
com.zwcode.p6slitecom.zwcode.p6slite.activity.DeviceAddTypeActivity
com.zwcode.p6slitecom.zwcode.p6slite.activity.DeviceLanSearchActivity
com.zwcode.p6slitecom.zwcode.p6slite.scan.CaptureActivity
com.zwcode.p6slitecom.zwcode.p6slite.activity.ScanActivity
com.zwcode.p6slitecom.zwcode.p6slite.activity.DeviceEditActivity
com.zwcode.p6slitecom.zwcode.p6slite.activity.AlarmAudioSetActivity
com.zwcode.p6slitecom.zwcode.p6slite.activity.PushImgActivity
com.zwcode.p6slitecom.zwcode.p6slite.activity.DeviceOnChargeActivity
com.zwcode.p6slitecom.zwcode.p6slite.activity.DeviceResetActivity
com.zwcode.p6slitecom.zwcode.p6slite.activity.DeviceWifiTypeChooseActivity
com.zwcode.p6slitecom.zwcode.p6slite.activity.DeviceAddTypeQRActivity
Services
Permission Requested
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.BIND_JOB_SERVICE
android.permission.CALL_PHONE
android.permission.CAMERA
android.permission.CHANGE_WIFI_MULTICAST_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
android.permission.FLASHLIGHT
android.permission.FOREGROUND_SERVICE
android.permission.GET_TASKS
android.permission.GET_TOP_ACTIVITY_INFO
android.permission.INTERNET
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_LOGS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.RECORD_AUDIO
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.VIBRATE
android.permission.WAKE_LOCK
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS
com.google.android.c2dm.permission.RECEIVE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
Certificate
Name: classes.dex
Issuer: CN=ruision,OU=comruision,O=ruision,L=shenzhen,ST=
guangdong,C=CN
Subject: CN=ruision,OU=comruision,O=ruision,L=shenzhen,ST=
guangdong,C=CN
Network Behavior
UDP Packets
APK Behavior
Installation
Installation Messages
Name Is Error
>>>>>> START com.android.internal.os.RuntimeInit uid 0 <<<<<< true
Calling main entry com.android.commands.am.Am
Shutting down VM
Shutting down VM
FATAL EXCEPTION: main
Process: com.zwcode.p6slite, PID: 4427
java.lang.UnsatisfiedLinkError: No implementation found for int com.p2p.pppp_api.PPCS_APIs.PPCS_Initialize(byte[]) (tried
Java_com_p2p_pppp_1api_PPCS_1APIs_PPCS_1Initialize and Java_com_p2p_pppp_1api_PPCS_1APIs_PPCS_1Initialize___3B)
at com.p2p.pppp_api.PPCS_APIs.PPCS_Initialize(Native Method)
at java.lang.reflect.Method.invoke(Native Method)
>>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<<
Calling main entry com.android.commands.uiautomator.Launcher
Shutting down VM
>>>>>> START com.android.internal.os.RuntimeInit uid 2000 <<<<<<
Calling main entry com.android.commands.uiautomator.Launcher
Shutting down VM
Miscellaneous
HWH265_API
swscale-4
avcodec-57
converter
System Calls
read(49, "09-08 18:54:19.368 4427 4427 W libnb : Native bridge is disabled\n09-08 18:54:19.370 4427 4427 W .zwcode.p6slit: Unexpected CPU variant for X86 using defaults: x86\n09-
08 18:54:19.775 4427 4427 I .zwcode.p6slit: The ClassLoaderContext is a special shared library.\n09-08 18:54:19.975 4427 4427 I MultiDex: VM with version 2.1.0 has multidex
support\n09-08 18:54:19.975 4427 4427 I MultiDex: Installing application\n09-08 18:54:19.975 4427 4427 I MultiDex: VM has multidex support, MultiDex support library is disabled.\n09-08
18:54:20.048 4427 4427 D FirebaseApp: com.google.firebase.auth.FirebaseAuth is not linked. Skipping initialization.\n09-08 18:54:20.049 4427 4427 D FirebaseApp:
com.google.firebase.crash.FirebaseCrash is not linked. Skipping initialization.\n09-08 18:54:20.070 4427 4427 I FirebaseInitProvider: FirebaseApp initialization successful\n09-08
18:54:20.175 4427 4427 D MicroMsg.PaySdk.WXFactory: createWXAPI, appId = wx0e5e508dfda87c09, checkSignature = true\n09-08 18:54:20.176 4427 4427 D
MicroMsg.SDK.WXApiImplV10: <init>, appId = wx0e5e508dfda87c09, checkSignature = true\n09-08 18:54:20.178 4427 4427 E MicroMsg.SDK.WXApiImplV10: register app failed for
wechat app signature check failed\n09-08 18:54:20.178 4427 4427 W .zwcode.p6slit: Accessing hidden field Landroid/app/ActivityThread;->mHiddenApiWarningShown:Z (dark greylist,
reflection)\n09-08 18:54:20.179 4427 4427 W System.err: java.lang.NoSuchFieldException: No field mHiddenApiWarningShown in class Landroid/app/ActivityThread; (declaration of
'android.app.ActivityThread' appears in /system/framework/framework.jar)\n09-08 18:54:20.179 4427 4427 W System.err: \tat java.lang.Class.getDeclaredField(Native Method)\n09-08
18:54:20.179 4427 4427 W System.err: \tat com.zwcode.p6slite.MyApplication.closeAndroidPDialog(MyApplication.java:171)\n09-08 18:54:20.179 4427 4427 W System.err: \tat
com.zwcode.p6slite.MyApplication.onCreate(MyApplication.java:106)\n09-08 18:54:20.179 4427 4427 W System.err: \tat
android.app.Instrumentation.callApplicationOnCreate(Instrumentation.java:1154)\n09-08 18:54:20.179 4427 4427 W System.err: \tat
android.app.ActivityThread.handleBindApplication(ActivityThread.java:5871)\n09-08 18:54:20.179 4427 4427 W System.err: \tat
android.app.ActivityThread.access$1100(ActivityThread.java:199)\n09-08 18:54:20.179 4427 4427 W System.err: \tat
android.app.ActivityThread$H.handleMessage(ActivityThread.java:1650)\n09-08 18:54:20.180 4427 4427 W System.err: \tat android.os.Handler.dispatchMessage(Handler.java:106)\n09-08
18:54:20.180 4427 4427 W System.err: \tat android.os.Looper.loop(Looper.java:193)\n09-08 18:54:20.180 4427 4427 W System.err: \tat
android.app.ActivityThread.main(ActivityThread.java:6669)\n09-08 18:54:20.180 4427 4427 W System.err: \tat java.lang.reflect.Method.invoke(Native Method)\n09-08 18:54:20.180 4427
4427 W System.err: \tat com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:518)\n09-08 18:54:20.180 4427 4427 W System.err: \tat
com.android.internal.os.ZygoteInit.main(ZygoteInit.java:858)\n09-08 18:54:20.283 4427 4471 I FA : App measurement is starting up, version: 12451\n09-08 18:54:20.287 4427 4471 I
FA : To enable debug logging run: adb shell setprop log.tag.FA VERBOSE\n09-08 18:54:20.426 4427 4471 I FA : To enable faster debug mode event logging run:\n09-08
18:54:20.426 4427 4471 I FA : adb shell setprop debug.firebase.analytics.app com.zwcode.p6slite\n09-08 18:54:20.470 4427 4427 I .zwcode.p6slite: type=1400 audit(0.0:586): avc:
denied { read } for name=\"anr\" dev=\"sda1\" ino=213067 scontext=u:r:untrusted_app:s0:c76,c256,c512,c768 tcontext=u:object_r:anr_data_file:s0 tclass=dir permissive=1\n09-08
18:54:20.556 4427 4442 I .zwcode.p6slit: Background concurrent copying GC freed 12723(3MB) AllocSpace objects, 0(0B) LOS objects, 49% free, 1651KB/3MB, paused 624us total
351.576ms\n09-08 18:54:20.603 4427 4427 I System.out: loadLibrary PPCS_API lib,dlopen failed: \"/data/app/com.zwcode.p6slite-au1CPqFvbhbt5GhO5sOR4A==/lib/arm/libPPCS_API.so\"
has unexpected e_machine: 40 (EM_ARM)\n09-08 18:54:20.603 4427 4427 E .zwcode.p6slit: No implementation found for int com.p2p.pppp_api.PPCS_APIs.PPCS_Initialize(byte[]) (tried
Java_com_p2p_pppp_1api_PPCS_1APIs_PPCS_1Initialize and Java_com_p2p_pppp_1api_PPCS_1APIs_PPCS_1Initialize___3B)\n09-08 18:54:20.604 4427 4427 D AndroidRuntime:
Shutting down VM\n--------- beginning of crash\n09-08 18:54:20.604 4427 4427 E AndroidRuntime: FATAL EXCEPTION: main\n09-08 18:54:20.604 4427 4427 E AndroidRuntime: Process:
com.zwcode.p6slite, PID: 4427\n09-08 18:54:20.604 4427 4427 E AndroidRuntime: java.lang.UnsatisfiedLinkError: No implementation found for int
com.p2p.pppp_api.PPCS_APIs.PPCS_Initialize(byte[]) (tried Java_com_p2p_pppp_1api_PPCS_1APIs_PPCS_1Initialize and
Java_com_p2p_pppp_1api_PPCS_1APIs_PPCS_1Initialize___3B)\n09-08 18:54:20.604 4427 4427 E AndroidRuntime: \tat com.p2p.pppp_api.PPCS_APIs.PPCS_Initialize(Native
Method)\n09-08 18:54:20.604 4427 4427 E AndroidRuntime: \tat com.echosoft.gcd10000.core.global.DevicesManage.initAll(DevicesManage.java:110)\n09-08 18:54:20.604 4427 4427 E
AndroidRuntime: \tat com.zwcode.p6slite.MyApplication.initializePPCS(MyApplication.java:200)\n09-08 18:54:20.604 4427 4427 E AndroidRuntime: \tat
com.zwcode.p6slite.MyApplication.onCreate(MyApplication.java:118)\n09-08 18:54:20.604 4427 4427 E AndroidRuntime: \tat
android.app.Instrumentation.callApplicationOnCreate(Instrumentation.java:1154)\n09-08 18:54:20.604 4427 4427 E AndroidRuntime: \tat
android.app.ActivityThread.handleBindApplication(ActivityThread.java:5871)\n09-08 18:54:20.604 4427 4427 E AndroidRuntime: \tat
android.app.ActivityThread.access$1100(ActivityThread.java:199)\n09-08 18:54:20.604 4427 4427 E AndroidRuntime: \tat
android.app.ActivityThread$H.handleMessage(ActivityThread.java:1650)\n09-08 18:54:20.604 4427 4427 E AndroidRuntime: \tat
android.os.Handler.dispatchMessage(Handler.java:106)\n09-08 18:54:20.604 4427 4427 E AndroidRuntime: \tat android.os.Looper.loop(Looper.java:193)\n09-08 18:54:20.604 4427 4427
E AndroidRuntime: \tat android.app.ActivityThread.main(ActivityThread.java:6669)\n09-08 18:54:20.604 4427 4427 E AndroidRuntime: \tat java.lang.reflect.Method.invoke(Native
Method)\n09-08 18:54:20.604 4427 4427 E AndroidRuntime: \tat com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:518)\n09-08 18:54:20.604 4427 4427 E
AndroidRuntime: \tat com.android.internal.os.ZygoteInit.main(ZygoteInit.java:858)\n09-08 18:54:20.736 4484 4484 I getprop : type=1400 audit(0.0:587): avc: denied { open } for
path=\"/dev/__properties__/u:object_r:bluetooth_prop:s0\" dev=\"tmpfs\" ino=6158 scontext=u:r:untrusted_app:s0:c76,c256,c512,c768 tcontext=u:object_r:bluetooth_prop:s0 tclass=file
permissive=1\n09-08 18:54:20.736 4484 4484 I getprop : type=1400 audit(0.0:588): avc: denied { getattr } for path=\"/dev/__properties__/u:object_r:bluetooth_prop:s0\" dev=\"tmpfs\"
ino=6158 scontext=u:r:untrusted_app:s0:c76,c256,c512,c768 tcontext=u:object_r:bluetooth_prop:s0 tclass=file permissive=1\n09-08 18:54:20.736 4484 4484 I getprop : type=1400
audit(0.0:589): avc: denied { map } for path=\"/dev/__properties__/u:object_r:bluetooth_prop:s0\" dev=\"tmpfs\" ino=6158 scontext=u:r:untrusted_app:s0:c76,c256,c512,c768
tcontext=u:object_r:bluetooth_prop:s0 tclass=file permissive=1\n09-08 18:54:20.749 4484 4484 I getprop : type=1400 audit(0.0:590): avc: denied { open } for
path=\"/dev/__properties__/u:object_r:bootloader_boot_reason_prop:s0\" dev=\"tmpfs\" ino=6159 scontext=u:r:untrusted_app:s0:c76,c256,c512,c768
tcontext=u:object_r:bootloader_boot_reason_prop:s0 tclass=file permissive=1\n09-08 18:54:20.849 4427 4481 W System.err: java.io.FileNotFoundException: /system/build.prop (Permission
denied)\n09-08 18:54:20.850 4427 4481 W System.err: \tat java.io.FileInputStream.open0(Native Method)\n09-08 18:54:20.850 4427 4481 W System.err: \tat
java.io.FileInputStream.open(FileInputStream.java:231)\n09-08 18:54:20.850 4427 4481 W System.err: \tat java.io.FileInputStream.<init>(FileInputStream.java:165)\n09-08 18:54:20.852
4427 4481 W System.err: \tat java.io.FileInputS", 8192) = 8192
fstat64(47, {st_mode=S_IFCHR|0666, st_rdev=makedev(10, 60), ...}) = 0
Copyright null 2020 Page 49 of 50
fstat64(47, {st_mode=S_IFCHR|0666, st_rdev=makedev(10, 60), ...}) = 0
fstat64(47, {st_mode=S_IFCHR|0666, st_rdev=makedev(10, 60), ...}) = 0
fstat64(47, {st_mode=S_IFCHR|0666, st_rdev=makedev(10, 60), ...}) = 0
fstat64(47, {st_mode=S_IFCHR|0666, st_rdev=makedev(10, 60), ...}) = 0
fstat64(47, {st_mode=S_IFCHR|0666, st_rdev=makedev(10, 60), ...}) = 0
fstat64(47, {st_mode=S_IFCHR|0666, st_rdev=makedev(10, 60), ...}) = 0
fstat64(47, {st_mode=S_IFCHR|0666, st_rdev=makedev(10, 60), ...}) = 0
fstat64(47, {st_mode=S_IFCHR|0666, st_rdev=makedev(10, 60), ...}) = 0
fstat64(47, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
fstat64(48, <unfinished ...>
fstat64(47, {st_mode=S_IFCHR|0666, st_rdev=makedev(10, 60), ...}) = 0
fstat64(47, {st_mode=S_IFCHR|0666, st_rdev=makedev(10, 60), ...}) = 0
fstat64(47, <unfinished ...>
fstat64(47, {st_mode=S_IFCHR|0666, st_rdev=makedev(10, 60), ...}) = 0
fstat64(47, {st_mode=S_IFCHR|0666, st_rdev=makedev(10, 60), ...}) = 0
fstat64(47, {st_mode=S_IFCHR|0666, st_rdev=makedev(10, 60), ...}) = 0
fstat64(47, {st_mode=S_IFCHR|0666, st_rdev=makedev(10, 60), ...}) = 0
fstat64(47, {st_mode=S_IFCHR|0666, st_rdev=makedev(10, 60), ...}) = 0
By Permission (executed)
By Permission (non-executed)
Disassembly
0 Executed Methods
0 Non-Executed Methods