0/57

Threat

com.google.android.apps.wellbeing

Digital Wellbeing

Analyzed on 2021-10-21T14:01:16.529611

36

permissions

24

activities

19

services

103

receivers

10

domains

File sums

MD5 ddf451ffa97999d3f37d4474dabc6fe8
SHA1 1af42a6a613d8a82ea749b323264be9f452022c0
SHA256 0394fce2e095813fc556ddd0cb6edb2e0cdb7fa6be657be63282bb9a9e8cad82
Size 15.1MB

APKiD

Information computed with APKiD.

/tmp/tmpp6t8xzwa
anti_disassembly
  • illegal class name
/tmp/tmpp6t8xzwa!classes.dex
anti_disassembly
  • illegal class name
anti_vm
  • Build.FINGERPRINT check
  • Build.MANUFACTURER check
  • Build.HARDWARE check
  • possible Build.SERIAL check
  • Build.TAGS check
compiler
  • r8 without marker (suspicious)
/tmp/tmpp6t8xzwa!classes2.dex
compiler
  • r8 without marker (suspicious)

SSdeep

Information computed with ssdeep.

APK file 98304:3OK82PwYFkR5e7qki4hSLEViSPWzXA8DVruGeeXjLsDCCtmu7kZorU/K2z8q/Msf:eK82YYoYiCW8+q7eXXK2z5MsI8MZWFa8
Manifest 3072:Au5jLTi7EJCq/Ayo+fOaX7x4KND5DJ9EuObI+UP7h9UK8Eoi6IVXyIP:FTi7EJCq…
classes.dex 98304:jOK82PwYFkR5e7qki4hSLEViSPWzXA8D+:iK82YYoYiCW8r
classes2.dex 6144:Bz/iw83Q2h80t/ROf7jgEDcDexSF3TGSzhbdWQ7HqTJjq739qi8sUUNneCHwmGuK…

Dexofuzzy

Information computed with Dexofuzzy.

APK file 6144:TbNVNqZTbnp9wLoZ9/MPSvH3JjyYD+xCyzYNODZlLvRGmbHz4Ecs40:XbNqT9wLu…
classes.dex 6144:TbNVNqZTbnp9wLoZ9/MPSvH3JjyYD+xCyzYNODZlLvRGmbHz4L:XbNqT9wLu9Rpe…
classes2.dex 384:dZZZXx4ZZZZ25RbJhMbefyN/EFUTkHCbv7zphK3RhAJH9Rn3ZiffetZK5ZutFNxj:…

APK details

Information computed with AndroGuard and Pithus.

Package com.google.android.apps.wellbeing
App name Digital Wellbeing
Version name 1.0.394639398
Version code 297557
SDK 28 - 30
UAID fe1cda477eb90db042c98079aac575ac09dc420c
Signature Signature V1 Signature V2 Signature V3
Frosting Frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown
  • 0xf05368c0: Unknown
  • 0x6dff800d: Source stamp V2 X509 cert
  • 0x2146444e: Google metadata
  • 0x42726577: Verity padding

Certificate details

Information computed with AndroGuard.

MD5 5d7f145e1d808cc8e95c4c78241ab37f
SHA1 4ebdd02380f1fa0b6741491f0af35625dba76e9f
SHA256 07184f6ee5cd6ae54bbe55745e79368ba91104b3cf49012298c77f07c1f4b2ef
Issuer Common Name: Android, Organizational Unit: Android, Organization: Google Inc., Locality: Mountain View, State/Province: California, Country: US
Not before 2018-03-09T03:54:38+00:00
Not after 2048-03-09T03:54:38+00:00

File Analysis

Information computed with MobSF.

Findings Files
Certificate/Key files hardcoded inside the app. stamp-cert-sha256

Manifest analysis

Information computed with MobSF.

Medium Application Data can be Backed up[android:allowBackup=true]
This flag allows anyone to backup your application data via adb. It allows users who have enabled USB debugging to copy application data off of the device.
High Content Provider (com.google.android.apps.wellbeing.api.impl.WellbeingSettingsProvider) is not Protected. [android:exported=true]
A Content Provider is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.google.android.apps.wellbeing.appindexing.impl.WellbeingAppIndexingUpdateReceiver_Receiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.google.android.gms.permission.APPINDEXING [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (com.google.android.apps.wellbeing.autodnd.impl.ContextManagerRestartBroadcastReceiver_Receiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.google.android.gms.contextmanager.CONTEXT_MANAGER_RESTARTED_BROADCAST [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity-Alias (com.google.android.apps.wellbeing.autodnd.ui.AutoDndGesturesSettingsActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Content Provider (com.google.android.apps.wellbeing.autodnd.ui.SettingsContentProvider) is not Protected. [android:exported=true]
A Content Provider is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.google.android.apps.wellbeing.bedtime.manager.SyncBedtimeBroadcastReceiver_Receiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.google.android.apps.wellbeing.datamanagement.ui.ExportedDataAccessSettingsActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.google.android.apps.wellbeing.dnd.impl.DndConditionProviderService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_CONDITION_PROVIDER_SERVICE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (com.google.android.apps.wellbeing.experiments.listener.impl.PhenotypeConfigurationChangedBroadcastReceiver_Receiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.google.android.gms.permission.PHENOTYPE_UPDATE_BROADCAST [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (com.google.android.apps.wellbeing.fences.ContextManagerRestartReceiver_Receiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.google.android.gms.contextmanager.CONTEXT_MANAGER_RESTARTED_BROADCAST [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.google.android.apps.wellbeing.focusmode.quicksettings.FocusModeTileService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_QUICK_SETTINGS_TILE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity-Alias (com.google.android.apps.wellbeing.focusmode.ui.FocusModeConfigActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.google.android.apps.wellbeing.focusmode.ui.FocusModeSettingsActivity) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.READ_SEARCH_INDEXABLES [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (com.google.android.apps.wellbeing.powerstate.impl.ContextManagerRestartedBroadcastReceiver_Receiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.google.android.gms.contextmanager.CONTEXT_MANAGER_RESTARTED_BROADCAST [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.google.android.apps.wellbeing.screen.ui.GrayscaleTileService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_QUICK_SETTINGS_TILE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Content Provider (com.google.android.apps.wellbeing.searchindexables.impl.WellbeingSearchIndexablesProvider) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.READ_SEARCH_INDEXABLES [android:exported=true]
A Content Provider is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity-Alias (com.google.android.apps.wellbeing.settings.AlwaysEnabledSettingsActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.google.android.apps.wellbeing.settings.LauncherActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.google.android.apps.wellbeing.home.TopLevelSettingsActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.google.android.apps.wellbeing.settings.TopLevelSettingsActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.google.android.apps.wellbeing.sleepinsights.ui.ExternalSleepInsightsActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Content Provider (com.google.android.apps.wellbeing.slices.impl.WellbeingSliceProvider) is not Protected. [android:exported=true]
A Content Provider is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.google.android.apps.wellbeing.web.wellbeing.impl.WellbeingService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.google.android.apps.wellbeing.winddown.impl.WindDownClockAlarmActionReceiver_Receiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.android.systemui.permission.SEND_ALERT_BROADCASTS [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (com.google.android.libraries.phenotype.client.stable.AccountRemovedBroadcastReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.google.android.libraries.phenotype.client.stable.PhenotypeUpdateBackgroundBroadcastReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.google.android.gms.permission.PHENOTYPE_UPDATE_BROADCAST [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.google.android.libraries.social.licenses.LicenseMenuActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.google.android.libraries.surveys.internal.view.SurveyActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.google.apps.tiktok.account.data.device.DeviceAccountsChangedReceiver_Receiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.google.apps.tiktok.experiments.phenotype.ConfigurationUpdatedReceiver_Receiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.google.apps.tiktok.nav.gateway.GatewayActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.google.android.apps.wellbeing.winddown.ui.WindDownEntryActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.google.android.apps.wellbeing.web.wellbeing.impl.WebsiteDetailsDeepLink) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.google.android.apps.wellbeing.walkingdetection.ui.WalkingDetectionActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.google.android.apps.wellbeing.dnd.impl.DndConfigActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.google.android.apps.wellbeing.datamanagement.optin.ui.ExportedBedtimeDataOptInActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.google.android.apps.wellbeing.datamanagement.accessrequest.ExternalAccessRequestActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.google.android.apps.wellbeing.dashboard.DashboardSettingsActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.google.android.apps.wellbeing.home.AppsNotificationSettingsActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.google.android.apps.wellbeing.common.ui.quicksettings.QuickSettingsTileLongPressActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.google.android.apps.wellbeing.appindexing.impl.UrlHandlerActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.google.android.apps.wellbeing.appdetails.AppInfoSettingsActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity-Alias (com.google.android.apps.wellbeing.appconfig.suspend.gateway.SuspendedAppDetailsDeepLink) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.SEND_SHOW_SUSPENDED_APP_DETAILS [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (com.google.apps.tiktok.sync.impl.SyncPackageReplacedReceiver_Receiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (androidx.work.impl.background.systemjob.SystemJobService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (androidx.work.impl.diagnostics.DiagnosticsReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.DUMP [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
Medium High Intent Priority (998)[android:priority]
By setting an intent priority higher than another intent, the app effectively overrides other requests.
Medium High Intent Priority (999)[android:priority]
By setting an intent priority higher than another intent, the app effectively overrides other requests.
Medium High Intent Priority (999)[android:priority]
By setting an intent priority higher than another intent, the app effectively overrides other requests.
Medium High Intent Priority (999)[android:priority]
By setting an intent priority higher than another intent, the app effectively overrides other requests.
Medium High Intent Priority (999)[android:priority]
By setting an intent priority higher than another intent, the app effectively overrides other requests.
Medium High Intent Priority (500)[android:priority]
By setting an intent priority higher than another intent, the app effectively overrides other requests.
Medium High Intent Priority (500)[android:priority]
By setting an intent priority higher than another intent, the app effectively overrides other requests.
Medium High Intent Priority (500)[android:priority]
By setting an intent priority higher than another intent, the app effectively overrides other requests.
Medium High Intent Priority (501)[android:priority]
By setting an intent priority higher than another intent, the app effectively overrides other requests.

Browsable activities

Information computed with MobSF.

com.google.android.apps.wellbeing.appindexing.impl.UrlHandlerActivity

Hosts: com.google.android.apps.wellbeing

Schemes: android-app://

Activities

Information computed with AndroGuard.

com.google.android.apps.wellbeing.appdetails.components.ComponentDetailsActivity
com.google.android.apps.wellbeing.appdetails.AppDetailsActivity
com.google.android.apps.wellbeing.autodnd.ui.AutoDndActivity
com.google.android.apps.wellbeing.common.ui.dialog.DialogActivity
com.google.android.apps.wellbeing.dashboard.DashboardActivity
com.google.android.apps.wellbeing.datamanagement.accessrequest.AccessRequestActivity
com.google.android.apps.wellbeing.datamanagement.optin.ui.ClockOptInActivity
com.google.android.apps.wellbeing.datamanagement.ui.DataManagementActivity
com.google.android.apps.wellbeing.focusmode.quicksettings.ui.FocusModeQuickSettingsOnboardingActivity
com.google.android.apps.wellbeing.focusmode.schedule.FocusModeScheduleActivity
com.google.android.apps.wellbeing.focusmode.ui.FocusModeActivity
com.google.android.apps.wellbeing.freshstart.FreshStartActivity
com.google.android.apps.wellbeing.kidsmanagement.SupervisedMemberActivity
com.google.android.apps.wellbeing.settings.SettingsActivity
com.google.android.apps.wellbeing.sleepinsights.ui.SleepInsightsActivity
com.google.android.apps.wellbeing.walkingdetection.SendFeedbackActionActivity
com.google.android.apps.wellbeing.walkingdetection.ui.WalkingDetectionSettingsActivity
com.google.android.apps.wellbeing.winddown.ui.WindDownActivity
com.google.android.apps.wellbeing.workscheduler.ui.WorkSchedulerActivity
com.google.android.gms.common.api.GoogleApiActivity
com.google.android.libraries.social.licenses.LicenseMenuActivity
com.google.android.libraries.social.licenses.LicenseActivity
com.google.android.libraries.surveys.internal.view.SurveyActivity
com.google.apps.tiktok.nav.gateway.GatewayActivity

Receivers

Information computed with AndroGuard.

com.google.android.apps.wellbeing.account.AccountPackageReplacedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.alarm.NextAlarmClockChangedReceiver_Receiver
com.google.android.apps.wellbeing.alarm.BootCompleteReceiver_Receiver
com.google.android.apps.wellbeing.api.launcher.impl.LauncherActionBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.api.launcher.impl.LauncherActionsChangedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.appconfig.limit.impl.MidnightAlarmBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.appconfig.limit.impl.AppUsageObserverBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.appconfig.limit.impl.AppUsageLimitObserverBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.appconfig.limit.impl.BootCompletedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.appconfig.limit.impl.TimezoneChangeBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.appconfig.limit.impl.TimeChangeBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.appconfig.limit.impl.PackageReplacedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.appconfig.service.impl.UsageLimitServicePackageReplacedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.appconfig.suspend.impl.SuspendManagerImplLocaleChangedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.appconfig.suspend.impl.PackageUnsuspendedManuallyBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.appconfig.sync.impl.AppSyncLocaleChangedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.appconfig.sync.impl.AppSyncPackageRemovedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.appindexing.impl.WellbeingAppIndexingUpdateReceiver_Receiver
com.google.android.apps.wellbeing.appusage.impl.AppUsageBootCompletedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.appusage.impl.AppUsageTimeChangedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.appusage.impl.AppUsagePackageFullyRemovedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.autodnd.discovery.RefreshStateReceiver_Receiver
com.google.android.apps.wellbeing.autodnd.discovery.AutoDndDiscoveryNotificationDismissedReceiver_Receiver
com.google.android.apps.wellbeing.autodnd.impl.AutoDndFeedbackReceiver_Receiver
com.google.android.apps.wellbeing.autodnd.impl.AutoDndFenceBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.autodnd.impl.AutoDndManagerPackageReplacedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.autodnd.impl.AutoDndBootCompletedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.autodnd.impl.ContextManagerRestartBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.autodnd.ui.AutoDndUiPackageReplacedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.autodnd.ui.AutoDndUiBootCompletedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.backup.composite.impl.CompositeBackupPackageReplacedReceiver_Receiver
com.google.android.apps.wellbeing.bedtime.manager.SyncBedtimeBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.common.notification.channelstate.NotificationChannelStateChangeReceiver_Receiver
com.google.android.apps.wellbeing.dnd.impl.DndPackageReplacedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.experiments.listener.impl.PhenotypeConfigurationChangedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.fences.WellbeingUpdateReceiver_Receiver
com.google.android.apps.wellbeing.fences.BootCompletedReceiver_Receiver
com.google.android.apps.wellbeing.fences.ContextManagerRestartReceiver_Receiver
com.google.android.apps.wellbeing.fences.screen.ScreenOnOffReceiver_Receiver
com.google.android.apps.wellbeing.fences.shush.ShushStateChangeReceiver_Receiver
com.google.android.apps.wellbeing.focusmode.growth.OnAppStartedReceiver_Receiver
com.google.android.apps.wellbeing.focusmode.growth.OnTargetedGrowthNotificationDismissedReceiver_Receiver
com.google.android.apps.wellbeing.focusmode.growth.OnBroadGrowthNotificationDismissedReceiver_Receiver
com.google.android.apps.wellbeing.focusmode.growth.OnScheduledNotificationAlarm_Receiver
com.google.android.apps.wellbeing.focusmode.growth.NotificationAlarmAdjustReceiver_Receiver
com.google.android.apps.wellbeing.focusmode.manager.impl.FocusModeNotificationActionBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.focusmode.manager.impl.FocusModeRefreshStateBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.powerstate.impl.PowerStateFenceBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.powerstate.impl.PowerStatePackageReplacedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.powerstate.impl.PowerStateBootCompletedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.powerstate.impl.ContextManagerRestartedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.schedule.impl.ScheduleAlarmBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.schedule.impl.ScheduleTimeChangeBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.screen.impl.ScreenLockedBootCompletedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.screen.impl.ScreenPackageReplacedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.screen.impl.ScreenBootCompletedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.screen.impl.AmbientDisplayLockedBootCompletedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.screen.ui.GrayscaleTileDisablingBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.settings.LauncherShortcutRefreshStateBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.sleepdetection.SleepDetectionResultBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.sleepdetection.RefreshSleepDetectionRegistrationBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.task.ScheduledTaskReceiver_Receiver
com.google.android.apps.wellbeing.time.delta.CheckTimeDeltaBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.time.zone.RefreshTimeZoneSnapshotBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.walkingdetection.WalkingActivityDetectedReceiver_Receiver
com.google.android.apps.wellbeing.walkingdetection.ActivityUpdateReceiver_Receiver
com.google.android.apps.wellbeing.walkingdetection.WalkingDetectionBootCompleteReceiver_Receiver
com.google.android.apps.wellbeing.winddown.discovery.NotificationAlarmReceiver_Receiver
com.google.android.apps.wellbeing.winddown.discovery.DayOfWeekNotificationRefreshStateReceiver_Receiver
com.google.android.apps.wellbeing.winddown.discovery.NotificationDismissedReceiver_Receiver
com.google.android.apps.wellbeing.winddown.impl.WindDownBootCompletedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.winddown.impl.WindDownLockedBootCompletedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.winddown.impl.WindDownAlarmBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.winddown.impl.WindDownTimeChangedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.winddown.impl.WindDownTimezoneChangedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.winddown.impl.WindDownPackageReplacedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.winddown.impl.WindDownLocaleChangedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.winddown.impl.PauseWindDownBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.winddown.impl.ResumeWindDownBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.winddown.impl.TurnOffWindDownBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.winddown.impl.WindDownGrayscaleChangedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.winddown.impl.RejectPowerStateTriggerDiscoveryReceiver_Receiver
com.google.android.apps.wellbeing.winddown.impl.UsePowerStateTriggerDiscoveryReceiver_Receiver
com.google.android.apps.wellbeing.winddown.impl.WindDownClockAlarmActionReceiver_Receiver
com.google.android.apps.wellbeing.winddown.impl.CalmWakeupNotificationDismissedBroadcastReceiver_Receiver
com.google.android.apps.wellbeing.workscheduler.manager.ManagedProfileChangesListener_Receiver
com.google.android.apps.wellbeing.workscheduler.manager.WorkSchedulerActor_Receiver
com.google.android.apps.wellbeing.workscheduler.manager.WorkSchedulerRestoreSchedules_Receiver
com.google.android.libraries.performance.primes.transmitter.LifeboatReceiver
com.google.android.libraries.phenotype.client.stable.AccountRemovedBroadcastReceiver
com.google.android.libraries.phenotype.client.stable.PhenotypeUpdateBackgroundBroadcastReceiver
com.google.apps.tiktok.account.data.device.DeviceAccountsChangedReceiver_Receiver
com.google.apps.tiktok.experiments.phenotype.ConfigurationUpdatedReceiver_Receiver
com.google.apps.tiktok.logging.backends.clientlogging.ClientLoggingReceiver_Receiver
com.google.apps.tiktok.sync.impl.SyncPackageReplacedReceiver_Receiver
androidx.work.impl.utils.ForceStopRunnable$BroadcastReceiver
androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy
androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy
androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy
androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy
androidx.work.impl.background.systemalarm.RescheduleReceiver
androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver
androidx.work.impl.diagnostics.DiagnosticsReceiver

Services

Information computed with AndroGuard.

com.google.android.libraries.phenotype.registration.PhenotypeMetadataHolderService
com.google.android.apps.wellbeing.autodnd.impl.AutoDndJobService
com.google.android.apps.wellbeing.dnd.impl.DndConditionProviderService
com.google.android.apps.wellbeing.focusmode.growth.SettingsStateChangeService$AirplaneModeChangeService
com.google.android.apps.wellbeing.focusmode.growth.SettingsStateChangeService$DndChangeService
com.google.android.apps.wellbeing.focusmode.manager.impl.FocusModeForegroundService
com.google.android.apps.wellbeing.focusmode.quicksettings.FocusModeTileService
com.google.android.apps.wellbeing.powerstate.impl.PowerStateJobService
com.google.android.apps.wellbeing.screen.ui.GrayscaleTileService
com.google.android.apps.wellbeing.task.TaskManagerForegroundService
com.google.android.apps.wellbeing.walkingdetection.WalkCounterService
com.google.android.apps.wellbeing.web.wellbeing.impl.WellbeingService
com.google.android.libraries.directboot.DirectBootHelperService
com.google.apps.tiktok.concurrent.AndroidFuturesService
com.google.apps.tiktok.concurrent.InternalForegroundService
androidx.work.impl.background.systemalarm.SystemAlarmService
androidx.work.impl.background.systemjob.SystemJobService
androidx.work.impl.foreground.SystemForegroundService
com.google.android.build.data.PropertiesServiceHolder

Sample timeline

Oldest file found in APK Jan. 1, 2009, midnight
Latest file found in APK Jan. 1, 2009, midnight
Certificate valid not before March 9, 2018, 3:54 a.m.
First submission on VT Sept. 8, 2021, 10:13 a.m.
Last submission on VT Oct. 21, 2021, 8:58 a.m.
Upload on Pithus Oct. 21, 2021, 2:01 p.m.
Certificate valid not after March 9, 2048, 3:54 a.m.

NIAP analysis

Information computed with MobSF.

FCS_RBG_EXT.1.1 The application implement DRBG functionality for its cryptographic operations.
Random Bit Generation Services
FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['location', 'network connectivity'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to no sensitive information repositories.
Access to Platform Resources
FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Network Communications
FDP_DAR_EXT.1.1 The application does not encrypt files in non-volatile memory.
Encryption Of Sensitive Application Data
FMT_MEC_EXT.1.1 The application invoke the mechanisms recommended by the platform vendor for storing and setting configuration options.
Supported Configuration Mechanism
FTP_DIT_EXT.1.1 The application does encrypt some transmitted data with HTTPS/TLS/SSH between itself and another trusted IT product.
Protection of Data in Transit
FCS_RBG_EXT.2.1
FCS_RBG_EXT.2.2
The application perform all deterministic random bit generation (DRBG) services in accordance with NIST Special Publication 800-90A using Hash_DRBG. The deterministic RBG is seeded by an entropy source that accumulates entropy from a platform-based DRBG and a software-based noise source, with a minimum of 256 bits of entropy at least equal to the greatest security strength (according to NIST SP 800-57) of the keys and hashes that it will generate.
Random Bit Generation from Application
FCS_COP.1.1(2) The application perform cryptographic hashing services not in accordance with FCS_COP.1.1(2) and uses the cryptographic algorithm RC2/RC4/MD4/MD5.
Cryptographic Operation - Hashing
FCS_HTTPS_EXT.1.1 The application implement the HTTPS protocol that complies with RFC 2818.
HTTPS Protocol
FCS_HTTPS_EXT.1.2 The application implement HTTPS using TLS.
HTTPS Protocol
FCS_HTTPS_EXT.1.3 The application notify the user and not establish the connection or request application authorization to establish the connection if the peer certificate is deemed invalid.
HTTPS Protocol
FIA_X509_EXT.1.1 The application invoked platform-provided functionality to validate certificates in accordance with the following rules: ['The certificate path must terminate with a trusted CA certificate'].
X.509 Certificate Validation
FIA_X509_EXT.2.1 The application use X.509v3 certificates as defined by RFC 5280 to support authentication for HTTPS , TLS.
X.509 Certificate Authentication
FPT_TUD_EXT.2.1 The application shall be distributed using the format of the platform-supported package manager.
Integrity for Installation and Update

Code analysis

Information computed with MobSF.

Low
CVSS:7.5
The App logs information. Sensitive information should never be logged.
MASVS: MSTG-STORAGE-3
CWE-532 Insertion of Sensitive Information into Log File
Files:
 defpackage/jrq.java
defpackage/jcy.java
defpackage/msi.java
defpackage/jqm.java
defpackage/qq.java
defpackage/axg.java
defpackage/kkw.java
defpackage/ads.java
defpackage/abi.java
defpackage/inb.java
defpackage/ltc.java
defpackage/kbv.java
defpackage/ijf.java
defpackage/ico.java
defpackage/kmi.java
defpackage/lfd.java
defpackage/sw.java
defpackage/hy.java
defpackage/tp.java
defpackage/hro.java
defpackage/jss.java
defpackage/bkz.java
defpackage/hwb.java
defpackage/lfm.java
defpackage/jdt.java
defpackage/keh.java
defpackage/hxf.java
defpackage/lgq.java
defpackage/dtn.java
defpackage/knm.java
defpackage/inm.java
defpackage/xy.java
defpackage/vk.java
defpackage/gs.java
defpackage/abm.java
defpackage/jt.java
defpackage/lkb.java
defpackage/ilr.java
defpackage/mqu.java
defpackage/kbr.java
defpackage/hpr.java
defpackage/afl.java
defpackage/hxo.java
defpackage/htp.java
defpackage/bjv.java
defpackage/kdb.java
defpackage/iuz.java
defpackage/hpx.java
defpackage/ado.java
defpackage/ev.java
defpackage/ife.java
defpackage/hqo.java
defpackage/kcq.java
defpackage/icd.java
defpackage/hzg.java
defpackage/hsh.java
defpackage/mid.java
defpackage/bdp.java
defpackage/lgd.java
defpackage/ni.java
defpackage/kbx.java
defpackage/iaw.java
defpackage/hrb.java
defpackage/jsc.java
defpackage/ign.java
defpackage/act.java
defpackage/jqg.java
defpackage/ihe.java
defpackage/hxa.java
defpackage/hwt.java
defpackage/lke.java
defpackage/kbo.java
defpackage/st.java
defpackage/bjz.java
defpackage/olv.java
defpackage/dts.java
defpackage/hxz.java
defpackage/jse.java
defpackage/ake.java
defpackage/jef.java
defpackage/ci.java
defpackage/hzs.java
defpackage/bcs.java
defpackage/gg.java
defpackage/huo.java
defpackage/kcv.java
defpackage/ua.java
defpackage/ug.java
defpackage/ajw.java
defpackage/leg.java
defpackage/fu.java
defpackage/kcj.java
defpackage/huz.java
defpackage/jqe.java
defpackage/jpx.java
defpackage/hvb.java
defpackage/nzw.java
defpackage/gz.java
defpackage/awq.java
defpackage/huh.java
defpackage/kbj.java
defpackage/jsq.java
defpackage/ijq.java
defpackage/knq.java
defpackage/ha.java
defpackage/eo.java
defpackage/nw.java
defpackage/me.java
defpackage/ozb.java
defpackage/qc.java
defpackage/hxs.java
defpackage/lhv.java
defpackage/mrq.java
defpackage/jsi.java
defpackage/min.java
defpackage/oad.java
defpackage/ozc.java
defpackage/juq.java
defpackage/hxr.java
defpackage/kdr.java
defpackage/icn.java
defpackage/kcn.java
defpackage/jtm.java
defpackage/bdf.java
defpackage/bjs.java
defpackage/hm.java
defpackage/acn.java
defpackage/aas.java
defpackage/ket.java
defpackage/uw.java
defpackage/hzb.java
defpackage/hof.java
defpackage/jqn.java
defpackage/kcw.java
defpackage/jj.java
defpackage/hwy.java
defpackage/gx.java
defpackage/lkl.java
defpackage/hxi.java
defpackage/ozl.java
defpackage/ibh.java
defpackage/htk.java
defpackage/zj.java
defpackage/juo.java
defpackage/hrt.java
defpackage/hf.java
defpackage/hnd.java
defpackage/hyb.java
defpackage/kce.java
defpackage/jqp.java
defpackage/hud.java
defpackage/of.java
defpackage/adi.java
defpackage/ep.java
defpackage/ozg.java
defpackage/len.java
defpackage/bik.java
defpackage/cqz.java
defpackage/bgx.java
defpackage/hx.java
defpackage/bhb.java
defpackage/lm.java
defpackage/wn.java
defpackage/jq.java
defpackage/afi.java
defpackage/dtt.java
defpackage/gpo.java
defpackage/jso.java
defpackage/hux.java
defpackage/blj.java
defpackage/br.java
defpackage/khq.java
defpackage/uc.java
defpackage/aiu.java
defpackage/nnr.java
defpackage/afu.java
defpackage/hra.java
defpackage/jsb.java
defpackage/kby.java
defpackage/lol.java
defpackage/kcr.java
defpackage/bfg.java
defpackage/iwu.java
defpackage/hsy.java
defpackage/cl.java
defpackage/hrl.java
defpackage/kee.java
defpackage/jul.java
defpackage/jqt.java
defpackage/lgo.java
defpackage/bje.java
defpackage/hxj.java
defpackage/rr.java
defpackage/qy.java
defpackage/miq.java
defpackage/jdn.java
defpackage/hob.java
defpackage/bis.java
defpackage/ice.java
defpackage/jqo.java
defpackage/mix.java
defpackage/nh.java
defpackage/acx.java
defpackage/ick.java
defpackage/abf.java
defpackage/mir.java
defpackage/hj.java
defpackage/adq.java
defpackage/afv.java
defpackage/kbm.java
defpackage/hrs.java
defpackage/huk.java
defpackage/jcu.java
defpackage/lkm.java
defpackage/zt.java
defpackage/oyr.java
defpackage/gq.java
defpackage/iv.java
defpackage/crr.java
defpackage/hzo.java
defpackage/juy.java
High
CVSS:5.5
App creates temp file. Sensitive information should never be written into a temp file.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files:
 defpackage/cl.java
defpackage/ick.java
High
CVSS:7.5
The App uses an insecure Random Number Generator.
MASVS: MSTG-CRYPTO-6
CWE-330 Use of Insufficiently Random Values
M5: Insufficient Cryptography
Files:
 defpackage/ode.java
defpackage/vt.java
defpackage/oii.java
defpackage/ndv.java
j$/util/concurrent/ThreadLocalRandom.java
defpackage/ooi.java
defpackage/lrj.java
defpackage/nbs.java
defpackage/oxe.java
defpackage/mdm.java
defpackage/jnk.java
defpackage/mfi.java
defpackage/lzh.java
defpackage/jnn.java
defpackage/jia.java
defpackage/ito.java
defpackage/jnz.java
defpackage/jfy.java
defpackage/nfm.java
defpackage/joa.java
defpackage/ojx.java
defpackage/odj.java
defpackage/okv.java
j$/util/List$CC.java
defpackage/lnz.java
defpackage/neu.java
defpackage/fdi.java
defpackage/jno.java
j$/util/AbstractList.java
defpackage/odh.java
defpackage/gqj.java
defpackage/nea.java
defpackage/mdh.java
defpackage/okz.java
defpackage/fni.java
defpackage/mdi.java
defpackage/oun.java
defpackage/mll.java
defpackage/lvb.java
defpackage/ncz.java
defpackage/lny.java
defpackage/kqe.java
defpackage/ney.java
defpackage/ier.java
defpackage/jjx.java
defpackage/old.java
defpackage/ncr.java
defpackage/ndm.java
defpackage/jbh.java
defpackage/wn.java
defpackage/itn.java
defpackage/mbx.java
defpackage/nbn.java
defpackage/nci.java
defpackage/lzo.java
High
CVSS:5.9
App uses SQLite Database and execute raw SQL query. Untrusted user input in raw SQL queries can cause SQL Injection. Also sensitive information should be encrypted and written to the database.
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
M7: Client Code Quality
Files:
 defpackage/aft.java
defpackage/jzs.java
defpackage/kah.java
High
CVSS:5.9
SHA-1 is a weak hash known to have hash collisions.
MASVS: MSTG-CRYPTO-4
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
M5: Insufficient Cryptography
Files:
 defpackage/hzd.java
defpackage/kcq.java
High
CVSS:7.4
MD5 is a weak hash known to have hash collisions.
MASVS: MSTG-CRYPTO-4
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
M5: Insufficient Cryptography
Files:
 defpackage/mqi.java
defpackage/hqi.java
defpackage/kav.java
High
CVSS:7.4
Files may contain hardcoded sensitive informations like usernames, passwords, keys etc.
MASVS: MSTG-STORAGE-14
CWE-312 Cleartext Storage of Sensitive Information
M9: Reverse Engineering
Files:
 defpackage/eac.java
defpackage/don.java
defpackage/edz.java
High
CVSS:5.5
App can read/write to External Storage. Any App can read data written to External Storage.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files:
 defpackage/jvb.java
Info
CVSS:0
This App may have root detection capabilities.
MASVS: MSTG-RESILIENCE-1
Files:
 defpackage/jqg.java
Pygal United States: 800

Map computed by Pithus.

Domains analysis

Information computed with MobSF.

US www.googleapis.com 142.250.186.106
US play.google.com 142.250.186.78
ns.adobe.com
US policies.google.com 172.217.16.142
US www.gstatic.com 142.250.185.163
US plus.google.com 142.250.184.238
US www.google.com 142.250.186.100
schemas.android.com
US github.com 140.82.121.4
US crbug.com 216.239.32.29

URL analysis

Information computed with MobSF.

https://policies.google.com/privacy
https://policies.google.com/terms
Defined in defpackage/fih.java
https://policies.google.com/privacy
https://policies.google.com/terms
Defined in defpackage/fih.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kid.permission
https://www.googleapis.com/auth/kid.permission.readonly
https://www.googleapis.com/auth/kids.supervision.setup.parent
Defined in defpackage/mzx.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kid.permission
https://www.googleapis.com/auth/kid.permission.readonly
https://www.googleapis.com/auth/kids.supervision.setup.parent
Defined in defpackage/mzx.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kid.permission
https://www.googleapis.com/auth/kid.permission.readonly
https://www.googleapis.com/auth/kids.supervision.setup.parent
Defined in defpackage/mzx.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kid.permission
https://www.googleapis.com/auth/kid.permission.readonly
https://www.googleapis.com/auth/kids.supervision.setup.parent
Defined in defpackage/mzx.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kid.permission
https://www.googleapis.com/auth/kid.permission.readonly
https://www.googleapis.com/auth/kids.supervision.setup.parent
Defined in defpackage/mzx.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kid.permission
https://www.googleapis.com/auth/kid.permission.readonly
https://www.googleapis.com/auth/kids.supervision.setup.parent
Defined in defpackage/mzx.java
https://www.googleapis.com/auth/supportcontent
Defined in defpackage/kce.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.family
https://www.googleapis.com/auth/kid.family.readonly
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.hogsmeade
https://www.googleapis.com/auth/kid.permission
Defined in defpackage/mzy.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.family
https://www.googleapis.com/auth/kid.family.readonly
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.hogsmeade
https://www.googleapis.com/auth/kid.permission
Defined in defpackage/mzy.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.family
https://www.googleapis.com/auth/kid.family.readonly
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.hogsmeade
https://www.googleapis.com/auth/kid.permission
Defined in defpackage/mzy.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.family
https://www.googleapis.com/auth/kid.family.readonly
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.hogsmeade
https://www.googleapis.com/auth/kid.permission
Defined in defpackage/mzy.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.family
https://www.googleapis.com/auth/kid.family.readonly
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.hogsmeade
https://www.googleapis.com/auth/kid.permission
Defined in defpackage/mzy.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.family
https://www.googleapis.com/auth/kid.family.readonly
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.hogsmeade
https://www.googleapis.com/auth/kid.permission
Defined in defpackage/mzy.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.family
https://www.googleapis.com/auth/kid.family.readonly
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.hogsmeade
https://www.googleapis.com/auth/kid.permission
Defined in defpackage/mzy.java
https://www.googleapis.com/auth/kid.management
Defined in defpackage/jfy.java
https://github.com/grpc/grpc-java/issues/1767
Defined in defpackage/mwp.java
https://www.google.com/policies/privacy/
Defined in defpackage/jsv.java
https://play.google.com/apps/testing/com.google.android.apps.wellbeing
Defined in defpackage/fol.java
https://www.googleapis.com/auth/userinfo.email
Defined in defpackage/ksw.java
https://crbug.com/581399
Defined in defpackage/ozl.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kid.cloudrestriction
https://www.googleapis.com/auth/kid.permission
https://www.googleapis.com/auth/kid.permission.readonly
Defined in defpackage/mzw.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kid.cloudrestriction
https://www.googleapis.com/auth/kid.permission
https://www.googleapis.com/auth/kid.permission.readonly
Defined in defpackage/mzw.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kid.cloudrestriction
https://www.googleapis.com/auth/kid.permission
https://www.googleapis.com/auth/kid.permission.readonly
Defined in defpackage/mzw.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kid.cloudrestriction
https://www.googleapis.com/auth/kid.permission
https://www.googleapis.com/auth/kid.permission.readonly
Defined in defpackage/mzw.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kid.cloudrestriction
https://www.googleapis.com/auth/kid.permission
https://www.googleapis.com/auth/kid.permission.readonly
Defined in defpackage/mzw.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kid.cloudrestriction
https://www.googleapis.com/auth/kid.permission
https://www.googleapis.com/auth/kid.permission.readonly
Defined in defpackage/mzw.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kid.cloudrestriction
https://www.googleapis.com/auth/kid.permission
https://www.googleapis.com/auth/kid.permission.readonly
Defined in defpackage/mzw.java
https://plus.google.com/
Defined in defpackage/hxt.java
https://www.googleapis.com/auth/photos.image.readonly
Defined in defpackage/llj.java
https://www.google.com/policies/terms/
Defined in defpackage/kcq.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kid.permission
https://www.googleapis.com/auth/kid.permission.readonly
Defined in defpackage/mzv.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kid.permission
https://www.googleapis.com/auth/kid.permission.readonly
Defined in defpackage/mzv.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kid.permission
https://www.googleapis.com/auth/kid.permission.readonly
Defined in defpackage/mzv.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kid.permission
https://www.googleapis.com/auth/kid.permission.readonly
Defined in defpackage/mzv.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kid.permission
https://www.googleapis.com/auth/kid.permission.readonly
Defined in defpackage/mzv.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kid.permission
https://www.googleapis.com/auth/kid.permission.readonly
Defined in defpackage/mzv.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.family
https://www.googleapis.com/auth/kid.family.readonly
Defined in defpackage/mzz.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.family
https://www.googleapis.com/auth/kid.family.readonly
Defined in defpackage/mzz.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.family
https://www.googleapis.com/auth/kid.family.readonly
Defined in defpackage/mzz.java
http://schemas.android.com/apk/res-auto
Defined in defpackage/kjo.java
https://www.google.com/policies/privacy/
Defined in defpackage/inm.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kids.supervision.setup.child
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
Defined in defpackage/mzu.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kids.supervision.setup.child
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
Defined in defpackage/mzu.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kids.supervision.setup.child
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
Defined in defpackage/mzu.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kids.supervision.setup.child
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
Defined in defpackage/mzu.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kids.supervision.setup.child
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
Defined in defpackage/mzu.java
http://ns.adobe.com/xap/1.0/
Defined in defpackage/abi.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.family
https://www.googleapis.com/auth/kid.family.readonly
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kids.hogsmeade
Defined in defpackage/naa.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.family
https://www.googleapis.com/auth/kid.family.readonly
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kids.hogsmeade
Defined in defpackage/naa.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.family
https://www.googleapis.com/auth/kid.family.readonly
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kids.hogsmeade
Defined in defpackage/naa.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.family
https://www.googleapis.com/auth/kid.family.readonly
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kids.hogsmeade
Defined in defpackage/naa.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.family
https://www.googleapis.com/auth/kid.family.readonly
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kids.hogsmeade
Defined in defpackage/naa.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.family
https://www.googleapis.com/auth/kid.family.readonly
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kids.hogsmeade
Defined in defpackage/naa.java
https://www.googleapis.com/auth/kid.management
https://www.googleapis.com/auth/kid.family
https://www.googleapis.com/auth/kid.family.readonly
https://www.googleapis.com/auth/kid.management.bootstrap
https://www.googleapis.com/auth/kid.management.privileged
https://www.googleapis.com/auth/kids.supervision.setup.parent
https://www.googleapis.com/auth/kids.hogsmeade
Defined in defpackage/naa.java
http://schemas.android.com/apk/res/android
Defined in defpackage/hj.java

Permissions analysis

Information computed with MobSF.

High android.permission.WRITE_EXTERNAL_STORAGE read/modify/delete external storage contents
Allows an application to write to external storage.
High android.permission.SYSTEM_ALERT_WINDOW display system-level alerts
Allows an application to show system-alert windows. Malicious applications can take over the entire screen of the phone.
High com.google.android.gms.permission.ACTIVITY_RECOGNITION allow application to recognize physical activity
Allows an application to recognize physical activity.
High android.permission.ACTIVITY_RECOGNITION allow application to recognize physical activity
Allows an application to recognize physical activity.
High android.permission.ACCESS_FINE_LOCATION fine (GPS) location
Access fine location sources, such as the Global Positioning System on the phone, where available. Malicious applications can use this to determine where you are and may consume additional battery power.
High android.permission.ACCESS_BACKGROUND_LOCATION access location in background
Allows an app to access location in the background. If you're requesting this permission, you must also request either
Low android.permission.WAKE_LOCK prevent phone from sleeping
Allows an application to prevent the phone from going to sleep.
Low android.permission.RECEIVE_BOOT_COMPLETED automatically start at boot
Allows an application to start itself as soon as the system has finished booting. This can make it take longer to start the phone and allow the application to slow down the overall phone by always running.
Low android.permission.FOREGROUND_SERVICE Allows a regular application to use Service.startForeground
Low android.permission.INTERACT_ACROSS_PROFILES Allows interaction across profiles in the same profile group.
Low android.permission.SET_WALLPAPER set wallpaper
Allows the application to set the system wallpaper.
Low android.permission.GET_PACKAGE_SIZE measure application storage space
Allows an application to find out the space used by any package.
Low android.permission.ACCESS_NOTIFICATION_POLICY Marker permission for applications that wish to access notification policy.
Low android.permission.VIBRATE control vibrator
Allows the application to control the vibrator.
Low android.permission.QUERY_ALL_PACKAGES Allows query of any normal app on the device, regardless of manifest declarations.
Low android.permission.ACCESS_NETWORK_STATE view network status
Allows an application to view the status of all networks.
Low android.permission.INTERNET full Internet access
Allows an application to create network sockets.
Medium android.permission.PACKAGE_USAGE_STATS update component usage statistics
Allows the modification of collected component usage statistics. Not for use by common applications.
Medium android.permission.WRITE_SECURE_SETTINGS modify secure system settings
Allows an application to modify the system's secure settings data. Not for use by common applications.
Medium android.permission.MODIFY_PHONE_STATE modify phone status
Allows the application to control the phone features of the device. An application with this permission can switch networks, turn the phone radio on and off and the like, without ever notifying you.
Medium android.permission.SET_WALLPAPER_COMPONENT
android.permission.SYSTEM_APPLICATION_OVERLAY Unknown permission
Unknown permission from android reference
android.permission.OBSERVE_APP_USAGE Unknown permission
Unknown permission from android reference
android.permission.SUSPEND_APPS Unknown permission
Unknown permission from android reference
android.permission.CONTROL_DISPLAY_SATURATION Unknown permission
Unknown permission from android reference
android.permission.SUBSTITUTE_NOTIFICATION_APP_NAME Unknown permission
Unknown permission from android reference
android.permission.ACCESS_INSTANT_APPS Unknown permission
Unknown permission from android reference
android.permission.START_ACTIVITIES_FROM_BACKGROUND Unknown permission
Unknown permission from android reference
android.permission.MODIFY_QUIET_MODE Unknown permission
Unknown permission from android reference
android.permission.READ_DREAM_STATE Unknown permission
Unknown permission from android reference
android.permission.WRITE_DREAM_STATE Unknown permission
Unknown permission from android reference
android.permission.READ_WALLPAPER_INTERNAL Unknown permission
Unknown permission from android reference
com.google.android.providers.gsf.permission.READ_GSERVICES Unknown permission
Unknown permission from android reference
android.permission.CONTROL_DISPLAY_COLOR_TRANSFORMS Unknown permission
Unknown permission from android reference
android.permission.MANAGE_ROLE_HOLDERS Unknown permission
Unknown permission from android reference
com.google.android.deskclock.permission.RECEIVE_ALERT_BROADCASTS Unknown permission
Unknown permission from android reference

Threat analysis

Information computed with Quark-Engine.

Confidence:
100%
Check if the network is connected
Confidence:
100%
Start another application from current application
Confidence:
100%
Load external class
Confidence:
100%
Implicit intent(view a web page, make a phone call, etc.)
Confidence:
100%
Query the list of the installed packages
Confidence:
100%
Find a method from given class name, usually for reflection
Confidence:
100%
Check the active network type
Confidence:
100%
Connect to a URL and receive input stream from the server
Confidence:
100%
Method reflection
Confidence:
100%
Monitor data identified by a given content URI changes(SMS, MMS, etc.)
Confidence:
100%
Load class from given class name
Confidence:
100%
Retrieve data from broadcast
Confidence:
100%
Read sensitive data(SMS, CALLLOG, etc)
Confidence:
100%
Open a file from given absolute path of the file
Confidence:
100%
Implicit intent(view a web page, make a phone call, etc.) via setData
Confidence:
100%
Send notification
Confidence:
100%
Monitor the broadcast action events (BOOT_COMPLETED)
Confidence:
100%
Check the current active network type
Confidence:
100%
Check the network capabilities
Confidence:
100%
Get last known location of the device
Confidence:
100%
Get location of the device
Confidence:
100%
Method reflection
Confidence:
100%
Hide the current app's icon
Confidence:
100%
Connect to the remote server through the given URL
Confidence:
100%
Query data from URI (SMS, CALLLOGS)
Confidence:
100%
Check if the device is in data roaming mode
Confidence:
100%
Get the time of current location
Confidence:
100%
Initialize class object dynamically
Confidence:
100%
Read the input stream from given URL
Confidence:
100%
Connect to a URL and set request method
Confidence:
100%
Get specific method from other Dex files
Confidence:
80%
Connect to a URL and read data from it
Confidence: