0/63
Threat
Analyzed on 2021-11-13T18:49:29.109798
MD5 | 13927b3e9165fc63fd24657da3aa8027 | |
SHA1 | 05ec245f408697f2c2046df140d6e4d679fa6aa7 | |
SHA256 | 023556f105d2524de0542656e2f59b5d56ffc82e2fca92b00ebb93fd079d135b | |
Size | 24.78MB |
Information computed with APKiD.
/tmp/tmpn5zgsari!classes.dex | |
anti_vm |
|
compiler |
|
Information computed with ssdeep.
APK file | 786432:7XxxxbDTl5iK+HwqWZ/Dt6A4QS2tZrz8zkXs:Txxxb+KcwqWZLB4hcFQCs | |
Manifest | 384:jYLsdI55eUQt9fjtyngvI1SSQ1AHX8SXdm:jGEI55eUQt9rtyngvI1SSTHsSXdm | |
classes.dex | 49152:+89r7qjiG8fAdP17dlwznc9jBChIK62h0bgA9HMdLNcPByaX:+6jAdP17HjK62J… |
Information computed with Dexofuzzy.
APK file | 6144:hal9GFujY/Q9mt+8y2zPbAxNH8fv8ls2S:halwdFth | |
classes.dex | 6144:hal9GFujY/Q9mt+8y2zPbAxNH8fv8ls2S:halwdFth |
Information computed with AndroGuard and Pithus.
Information computed with AndroGuard.
Information computed with MobSF.
Findings | Files |
---|---|
Certificate/Key files hardcoded inside the app. |
assets/cacert.pem |
Information computed with MobSF.
Medium | Application Data can be Backed up[android:allowBackup=true] This flag allows anyone to backup your application data via adb. It allows users who have enabled USB debugging to copy application data off of the device. |
High | Activity (is.xyz.mpv.MPVActivity) is not Protected. [android:exported=true] An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. |
Information computed with MobSF.
is.xyz.mpv.MPVActivity |
Hosts: * Schemes: rtmp:// rtmps:// rtp:// rtsp:// mms:// mmst:// mmsh:// tcp:// udp:// content:// file:// http:// https:// Mime types: video/* audio/* application/vnd.apple.mpegurl text/plain |
Information computed with AndroGuard.
|
Information computed with AndroGuard.
|
Information computed with AndroGuard.
|
Information computed with AndroGuard.
|
Oldest file found in APK | Jan. 1, 1981, 1:01 a.m. |
Latest file found in APK | Jan. 1, 1981, 1:01 a.m. |
Certificate valid not before | March 19, 2021, 12:19 p.m. |
First submission on VT | Oct. 24, 2021, 8:22 a.m. |
Last submission on VT | Nov. 13, 2021, 6:49 p.m. |
Upload on Pithus | Nov. 13, 2021, 6:49 p.m. |
Certificate valid not after | Aug. 4, 2048, 12:19 p.m. |
Information computed by Pithus.
Score | 0/63 |
Report | https://www.virustotal.com/gui/file/023556f105d2524de0542656e2f59b5d56ffc82e2fca92b00ebb93fd079d135b/detection |
Information computed with MobSF.
FCS_RBG_EXT.1.1 | The application use no DRBG functionality for its cryptographic operations. Random Bit Generation Services |
FCS_STO_EXT.1.1 | The application does not store any credentials to non-volatile memory. Storage of Credentials |
FCS_CKM_EXT.1.1 | The application generate no asymmetric cryptographic keys. Cryptographic Key Generation Services |
FDP_DEC_EXT.1.1 | The application has access to ['network connectivity']. Access to Platform Resources |
FDP_DEC_EXT.1.2 | The application has access to no sensitive information repositories. Access to Platform Resources |
FDP_NET_EXT.1.1 | The application has user/application initiated network communications. Network Communications |
FDP_DAR_EXT.1.1 | The application implement functionality to encrypt sensitive data in non-volatile memory. Encryption Of Sensitive Application Data |
FMT_MEC_EXT.1.1 | The application invoke the mechanisms recommended by the platform vendor for storing and setting configuration options. Supported Configuration Mechanism |
FTP_DIT_EXT.1.1 | The application does encrypt some transmitted data with HTTPS/TLS/SSH between itself and another trusted IT product. Protection of Data in Transit |
Information computed with MobSF.
Information computed with MobSF.
Information computed with Quark-Engine.
Confidence:
|
Load external class |
Confidence:
|
Find a method from given class name, usually for reflection |
Confidence:
|
Method reflection |
Confidence:
|
Load class from given class name |
Confidence:
|
Retrieve data from broadcast |
Confidence:
|
Read sensitive data(SMS, CALLLOG, etc) |
Confidence:
|
Send notification |
Confidence:
|
Monitor the broadcast action events (BOOT_COMPLETED) |
Confidence:
|
Get absolute path of the file and store in string |
Confidence:
|
Get last known location of the device |
Confidence:
|
Get location of the device |
Confidence:
|
Method reflection |
Confidence:
|
Get the time of current location |
Confidence:
|
Initialize class object dynamically |
Confidence:
|
Read file and put it into a stream |
Confidence:
|
Get declared method from given method name |
Confidence:
|
Open a file from given absolute path of the file |
Confidence:
|
Implicit intent(view a web page, make a phone call, etc.) via setData |
Confidence:
|
Get resource file from res/raw directory |
Information computed with MobSF.
Information computed by Pithus.