This SO file has a special section called "ncc," which contains the initialization function (init). It's the only function with various root and hook detection mechanisms. The SO crashes before fully loading, likely because it detected something. I wonder if this is some kind of commercial protection?
01.png
Additionally, after this kind of control flow flattening processing, are there any mature tools or solutions available now to assist with analysis? I haven’t done Android analysis in a long time, so I came here specifically to ask—thank you very much!
02.png
I'm not sure how to upload the icon—attaching it as a file doesn't seem to work (or isn't accessible).
https://imgur.com/a/c7HY4j8