<p>looking at a library from, presumably, bytedance android sdk, and that thing sure looks like malware</p><p>using syscall() all over the place, parsing /proc/self/maps to call random dalvik functions, encrypting logs to, presumably, send them over the network</p>