最近分析一个东西,看了看它的加载机制,这里直接把伪代码贴出来
[SP,#0x38+var_24]
0x18 FindClass
0x1C4 GetStaticMethodID
0x1C8 CallStaticObjectMethod
0x84 GetMethodID
0x88 CallObjectMethod
0x29C NewStringUTF
0x70 NewObject
jclass activityThread = (*env)->FindClass(env,"android/app/ActivityThread");
jmethodID currentActivityThread = (*env)->GetStaticMethodID(env,activityThread, "currentActivityThread", "()Landroid/app/ActivityThread;");
jobject at = (*env)->CallStaticObjectMethod(env,activityThread, currentActivityThread);
jmethodID getApplication = (*env)->GetMethodID