0/63

Threat

com.samsung.sec.android.application.csc

Service provider update

Analyzed on 2022-06-04T21:35:40.379440

77

permissions

6

activities

8

services

3

receivers

0

domains

File sums

MD5 3ad96d4dd4f8c2d8e6ff11c973bea68a
SHA1 0476b38b2adccb0ae01026569dee80f168834fa3
SHA256 0443c78784f3ca36cad331ca2ee1ac85c0f0f754c8eca1dca66a5a58461e349f
Size 0.46MB

APKiD

Information computed with APKiD.

/tmp/tmpmelf0htm!classes.dex
yara_issue
  • yara issue - dex file recognized by apkid but not yara module
anti_vm
  • ro.build.type check
compiler
  • unknown (please file detection issue!)

SSdeep

Information computed with ssdeep.

APK file 12288:vtjS+1dsZXn0ffQz+XjEO5Gk5P+5vhioUHaAxnRemP11:lu+16ZXExEO75m5piD6Unsmb
Manifest 768:3fgShERzCICGCVKDG0N2+Dg//AGjId3sboBQMnHJx3fHlIJ0phaRmv9Pbfk4AipH:…
classes.dex 24576:KPDf2WZtSuMsDKrRrUlDO2fApfFETqgy8T:8DrEETx3T

Dexofuzzy

Information computed with Dexofuzzy.

classes.dex None

APK details

Information computed with AndroGuard and Pithus.

Package com.samsung.sec.android.application.csc
App name Service provider update
Version name 1.0.1.0
Version code 100
SDK 28 - 28
UAID 79b2985534c971175b413a2d125393d35a193d24
Signature Signature V1 Signature V2
Frosting Not frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown

Certificate details

Information computed with AndroGuard.

MD5 d087e72912fba064cafa78dc34aea839
SHA1 9ca5170f381919dfe0446fcdab18b19a143b3163
SHA256 34df0e7a9f1cf1892e45c056b4973cd81ccf148a4050d11aea4ac5a65f900a42
Issuer Email Address: android.os@samsung.com, Common Name: Samsung Cert, Organizational Unit: DMC, Organization: Samsung Corporation, Locality: Suwon City, State/Province: South Korea, Country: KR
Not before 2011-06-22T12:25:12+00:00
Not after 2038-11-07T12:25:12+00:00

File Analysis

Information computed with MobSF.

Findings Files
Certificate/Key files hardcoded inside the app. SEC-INF/buildConfirm.crt

Manifest analysis

Information computed with MobSF.

Low App is direct-boot aware [android:directBootAware=true]
This app can run before the user unlocks the device. If you're using a custom subclass of Application, and if any component inside your application is direct - boot aware, then your entire custom application is considered to be direct - boot aware.During Direct Boot, your application can only access the data that is stored in device protected storage.
Medium Application Data can be Backed up[android:allowBackup] flag is missing.
The flag [android:allowBackup] should be set to false. By default it is set to true and allows anyone to backup your application data via adb. It allows users who have enabled USB debugging to copy application data off of the device.
Low Activity (com.samsung.sec.android.application.preconfig.PreconfigCanada) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.sec.permission.preconfig
protectionLevel: signatureOrSystem [android:exported=true]
An Activity is found to be exported, but is protected by a permission. However, the protection level of the permission is set to signatureOrSystem. It is recommended that signature level is used instead. Signature level should suffice for most purposes, and does not depend on where the applications are installed on the device.
Low Activity (com.samsung.sec.android.application.preconfig.PreconfigRegionalDevice) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.sec.permission.preconfig
protectionLevel: signatureOrSystem [android:exported=true]
An Activity is found to be exported, but is protected by a permission. However, the protection level of the permission is set to signatureOrSystem. It is recommended that signature level is used instead. Signature level should suffice for most purposes, and does not depend on where the applications are installed on the device.
High Activity (com.samsung.sec.android.application.preconfig.TestActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.samsung.sec.android.application.preconfig.FeatureLoadTest) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
Low Broadcast Receiver (com.samsung.sec.android.application.preconfig.PreconfigBroadcastReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.sec.permission.preconfig
protectionLevel: signatureOrSystem [android:exported=true]
A Broadcast Receiver is found to be exported, but is protected by a permission. However, the protection level of the permission is set to signatureOrSystem. It is recommended that signature level is used instead. Signature level should suffice for most purposes, and does not depend on where the applications are installed on the device.
Low Broadcast Receiver (.receiver.CscReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.samsung.sec.android.application.csc
protectionLevel: signatureOrSystem [android:exported=true]
A Broadcast Receiver is found to be exported, but is protected by a permission. However, the protection level of the permission is set to signatureOrSystem. It is recommended that signature level is used instead. Signature level should suffice for most purposes, and does not depend on where the applications are installed on the device.
High Broadcast Receiver (.receiver.CscFactoryReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Activity (.utils.CscVerifierActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Dailer Code: \ 83052020100812173552301071192687 Found [android:scheme="android_secret_code"]
A secret code was found in the manifest. These codes, when entered into the dialer grant access to hidden content that may contain sensitive information.
High Dailer Code: \ 22623277326634424320 Found [android:scheme="android_secret_code"]
A secret code was found in the manifest. These codes, when entered into the dialer grant access to hidden content that may contain sensitive information.
High Dailer Code: \ 272837883 Found [android:scheme="android_secret_code"]
A secret code was found in the manifest. These codes, when entered into the dialer grant access to hidden content that may contain sensitive information.
High Dailer Code: \ 3472867046185743 Found [android:scheme="android_secret_code"]
A secret code was found in the manifest. These codes, when entered into the dialer grant access to hidden content that may contain sensitive information.
High Dailer Code: 9920 Found [android:scheme="android_secret_code"]
A secret code was found in the manifest. These codes, when entered into the dialer grant access to hidden content that may contain sensitive information.
High Dailer Code: \ 83052020100812173552301071192687 Found [android:scheme="android_secret_code"]
A secret code was found in the manifest. These codes, when entered into the dialer grant access to hidden content that may contain sensitive information.
High Dailer Code: \ 22623277326634424320 Found [android:scheme="android_secret_code"]
A secret code was found in the manifest. These codes, when entered into the dialer grant access to hidden content that may contain sensitive information.
High Dailer Code: \ 272837883 Found [android:scheme="android_secret_code"]
A secret code was found in the manifest. These codes, when entered into the dialer grant access to hidden content that may contain sensitive information.
High Dailer Code: \ 3472867046185743 Found [android:scheme="android_secret_code"]
A secret code was found in the manifest. These codes, when entered into the dialer grant access to hidden content that may contain sensitive information.

Activities

Information computed with AndroGuard.

com.samsung.sec.android.application.preconfig.Preconfig
com.samsung.sec.android.application.preconfig.PreconfigCanada
com.samsung.sec.android.application.preconfig.PreconfigRegionalDevice
com.samsung.sec.android.application.preconfig.TestActivity
com.samsung.sec.android.application.preconfig.FeatureLoadTest
com.samsung.sec.android.application.csc.utils.CscVerifierActivity

Receivers

Information computed with AndroGuard.

com.samsung.sec.android.application.preconfig.PreconfigBroadcastReceiver
com.samsung.sec.android.application.csc.receiver.CscReceiver
com.samsung.sec.android.application.csc.receiver.CscFactoryReceiver

Services

Information computed with AndroGuard.

com.samsung.sec.android.application.preconfig.PreconfigService
com.samsung.sec.android.application.preconfig.lateactivation.LateActivationIntentService
com.samsung.sec.android.application.preconfig.lateactivation.LateActivationService
com.samsung.sec.android.application.preconfig.lateactivation.LateActivationJobService
com.samsung.sec.android.application.csc.service.CscCompareService
com.samsung.sec.android.application.csc.service.CscUpdateService
com.samsung.sec.android.application.csc.service.CscModemSettingService
com.samsung.sec.android.application.csc.service.CscSimStateService

Sample timeline

Oldest file found in APK Jan. 1, 2009, midnight
Latest file found in APK Jan. 1, 2009, midnight
Certificate valid not before June 22, 2011, 12:25 p.m.
First submission on VT Jan. 8, 2021, 8:08 p.m.
Last submission on VT Jan. 8, 2021, 8:08 p.m.
Upload on Pithus June 4, 2022, 9:35 p.m.
Certificate valid not after Nov. 7, 2038, 12:25 p.m.

NIAP analysis

Information computed with MobSF.

FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['location', 'network connectivity'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to ['call lists', 'address book', 'calendar'].
Access to Platform Resources
FDP_NET_EXT.1.1 The application has no network communications.
Network Communications
FDP_DAR_EXT.1.1 The application does not encrypt files in non-volatile memory.
Encryption Of Sensitive Application Data
FMT_MEC_EXT.1.1 The application invoke the mechanisms recommended by the platform vendor for storing and setting configuration options.
Supported Configuration Mechanism
FTP_DIT_EXT.1.1 The application does not encrypt any data in traffic or does not transmit any data between itself and another trusted IT product.
Protection of Data in Transit

Code analysis

Information computed with MobSF.

Low
CVSS:7.5
The App logs information. Sensitive information should never be logged.
MASVS: MSTG-STORAGE-3
CWE-532 Insertion of Sensitive Information into Log File
Files:
 com/samsung/sec/android/application/csc/utils/log/Log.java
com/samsung/sec/android/application/csc/utils/parser/CscParser.java
com/samsung/sec/android/application/preconfig/lateactivation/LateActivationJobService.java
com/samsung/sec/android/application/csc/utils/log/CscFileLog.java
com/samsung/sec/android/application/preconfig/lateactivation/preference/LateActivationPref.java
com/samsung/sec/android/application/csc/CscDRMVerifier.java
com/samsung/sec/android/application/csc/service/CscCompareService.java
com/samsung/sec/android/application/preconfig/lateactivation/ui/LateActivationDialog.java
com/samsung/sec/android/application/csc/CscWbAmr.java
com/samsung/sec/android/application/csc/CscNetwork.java
com/samsung/sec/android/application/preconfig/PreconfigBroadcastReceiver.java
com/samsung/sec/android/application/csc/service/CscUpdateService.java
com/samsung/sec/android/application/csc/CscSBrowser.java
com/samsung/sec/android/application/csc/utils/CscVerifierActivity.java
com/samsung/sec/android/application/csc/CscCalendar.java
com/samsung/sec/android/jni/hdcp/HdcpKey.java
com/samsung/sec/android/application/csc/CscGPS.java
com/samsung/sec/android/application/preconfig/Preconfig.java
com/samsung/sec/android/application/csc/service/CscSimStateService.java
com/samsung/sec/android/application/preconfig/lateactivation/ui/LateActivationNotification.java
com/samsung/sec/android/application/csc/service/CscModemSettingService.java
com/samsung/sec/android/application/preconfig/PreconfigCanada.java
com/samsung/sec/android/application/preconfig/lateactivation/LateActivationIntentService.java
com/samsung/sec/android/application/csc/receiver/CscReceiver.java
com/samsung/sec/android/application/csc/CscSettings.java
com/samsung/sec/android/application/csc/receiver/CscFactoryReceiver.java
com/samsung/sec/android/application/csc/CscChameleon.java
com/samsung/sec/android/application/csc/CscBrowser.java
com/samsung/sec/android/application/preconfig/lateactivation/LateActivationService.java
com/samsung/sec/android/application/csc/CscCamera.java
com/samsung/sec/android/application/csc/CscFota.java
com/samsung/sec/android/application/csc/CscSmsMms.java
com/samsung/sec/android/application/csc/CscChromeBrowser.java
com/samsung/sec/android/application/csc/CscContents.java
com/samsung/sec/android/application/csc/CscCloud.java
com/samsung/sec/android/application/csc/utils/parser/CscXMLParser.java
com/samsung/sec/android/application/csc/CscVoiceMail.java
com/samsung/sec/android/application/csc/utils/log/CscVerifierLog.java
com/samsung/sec/android/application/csc/utils/Device.java
com/samsung/sec/android/application/csc/utils/CscTgManager.java
com/samsung/sec/android/application/csc/utils/parser/CscXMLElement.java
com/samsung/sec/android/application/csc/CscContacts.java
com/samsung/sec/android/application/preconfig/TestActivity.java
com/samsung/sec/android/application/csc/utils/CscDBManager.java
com/samsung/sec/android/application/csc/CscConnection.java
com/samsung/sec/android/application/preconfig/lateactivation/LateActivationStateContext.java
com/samsung/sec/android/application/csc/CscAudioManager.java
com/samsung/sec/android/application/csc/utils/CscUtil.java
com/samsung/sec/android/application/preconfig/FeatureLoadTest.java
com/samsung/sec/android/application/preconfig/lateactivation/PreconfigPackageManager.java
com/samsung/sec/android/application/preconfig/PreconfigService.java
com/samsung/sec/android/application/csc/utils/log/CscCompareResetverifyLog.java
com/samsung/sec/android/application/csc/CscPackageManager.java
com/samsung/sec/android/application/csc/CscHomescreen.java
com/samsung/sec/android/application/csc/CscRingtoneManager.java
com/samsung/sec/android/application/preconfig/PreconfigRegionalDevice.java
High
CVSS:5.5
App can read/write to External Storage. Any App can read data written to External Storage.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files:
 com/samsung/sec/android/application/csc/CscChameleon.java
com/samsung/sec/android/application/csc/CscBrowser.java
com/samsung/sec/android/application/csc/utils/log/CscVerifierLog.java
com/samsung/sec/android/application/preconfig/Preconfig.java
Medium
CVSS:7.4
Files may contain hardcoded sensitive information like usernames, passwords, keys etc.
MASVS: MSTG-STORAGE-14
CWE-312 Cleartext Storage of Sensitive Information
M9: Reverse Engineering
Files:
 com/samsung/sec/android/application/csc/CscSmsMms.java
Medium
CVSS:5.9
App uses SQLite Database and execute raw SQL query. Untrusted user input in raw SQL queries can cause SQL Injection. Also sensitive information should be encrypted and written to the database.
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
M7: Client Code Quality
Files:
 com/samsung/sec/android/application/csc/utils/CscDBManager.java
com/samsung/sec/android/application/csc/CscContents.java

Permissions analysis

Information computed with MobSF.

High android.permission.WRITE_SETTINGS modify global system settings
Allows an application to modify the system's settings data. Malicious applications can corrupt your system's configuration.
High android.permission.READ_PHONE_STATE read phone state and identity
Allows the application to access the phone features of the device. An application with this permission can determine the phone number and serial number of this phone, whether a call is active, the number that call is connected to and so on.
High android.permission.WRITE_APN_SETTINGS write Access Point Name settings
Allows an application to modify the APN settings, such as Proxy and Port of any APN.
High android.permission.SET_ANIMATION_SCALE modify global animation speed
Allows an application to change the global animation speed (faster or slower animations) at any time.
High android.permission.READ_CALENDAR read calendar events
Allows an application to read all of the calendar events stored on your phone. Malicious applications can use this to send your calendar events to other people.
High android.permission.ACCESS_FINE_LOCATION fine (GPS) location
Access fine location sources, such as the Global Positioning System on the phone, where available. Malicious applications can use this to determine where you are and may consume additional battery power.
High android.permission.READ_PROFILE read the user's personal profile data
Allows an application to read the user's personal profile data.
High android.permission.READ_CONTACTS read contact data
Allows an application to read all of the contact (address) data stored on your phone. Malicious applications can use this to send your data to other people.
High android.permission.WRITE_CONTACTS write contact data
Allows an application to modify the contact (address) data stored on your phone. Malicious applications can use this to erase or modify your contact data.
High android.permission.READ_CALL_LOG Allows an application to read the user's call log.
High android.permission.WRITE_CALL_LOG Allows an application to write (but not read) the user's call log data.
High android.permission.WRITE_EXTERNAL_STORAGE read/modify/delete external storage contents
Allows an application to write to external storage.
High android.permission.SYSTEM_ALERT_WINDOW display system-level alerts
Allows an application to show system-alert windows. Malicious applications can take over the entire screen of the phone.
Low android.permission.RECEIVE_BOOT_COMPLETED automatically start at boot
Allows an application to start itself as soon as the system has finished booting. This can make it take longer to start the phone and allow the application to slow down the overall phone by always running.
Low android.permission.MODIFY_AUDIO_SETTINGS change your audio settings
Allows application to modify global audio settings, such as volume and routing.
Low android.permission.ACCESS_LOCATION_EXTRA_COMMANDS access extra location provider commands
Access extra location provider commands. Malicious applications could use this to interfere with the operation of the GPS or other location sources.
Low android.permission.READ_SYNC_SETTINGS read sync settings
Allows an application to read the sync settings, such as whether sync is enabled for Contacts.
Low android.permission.WRITE_SYNC_SETTINGS write sync settings
Allows an application to modify the sync settings, such as whether sync is enabled for Contacts.
Low android.permission.WAKE_LOCK prevent phone from sleeping
Allows an application to prevent the phone from going to sleep.
Low android.permission.BROADCAST_STICKY send sticky broadcast
Allows an application to send sticky broadcasts, which remain after the broadcast ends. Malicious applications can make the phone slow or unstable by causing it to use too much memory.
Low android.permission.ACCESS_NETWORK_STATE view network status
Allows an application to view the status of all networks.
Low android.permission.REORDER_TASKS reorder applications running
Allows an application to move tasks to the foreground and background. Malicious applications can force themselves to the front without your control.
Medium android.permission.SET_PREFERRED_APPLICATIONS set preferred applications
Allows an application to modify your preferred applications. This can allow malicious applications to silently change the applications that are run, spoofing your existing applications to collect private data from you.
Medium android.permission.CLEAR_APP_USER_DATA delete other applications' data
Allows an application to clear user data.
Medium android.permission.WRITE_SECURE_SETTINGS modify secure system settings
Allows an application to modify the system's secure settings data. Not for use by common applications.
Medium android.permission.CHANGE_COMPONENT_ENABLED_STATE enable or disable application components
Allows an application to change whether or not a component of another application is enabled. Malicious applications can use this to disable important phone capabilities. It is important to be careful with permission, as it is possible to bring application components into an unusable, inconsistent or unstable state.
Medium android.permission.SET_WALLPAPER_COMPONENT
Medium android.permission.SET_TIME_ZONE set time zone
Allows an application to change the phone's time zone.
Medium android.permission.REBOOT force phone reboot
Allows the application to force the phone to reboot.
Medium android.permission.MASTER_CLEAR reset system to factory defaults
Allows an application to completely reset the system to its factory settings, erasing all data, configuration and installed applications.
Medium android.permission.DELETE_PACKAGES delete applications
Allows an application to delete Android packages. Malicious applications can use this to delete important applications.
com.sec.android.app.sbrowser.operatorbookmarks.permission.READ_OPERATOR_BOOKMARKS Unknown permission
Unknown permission from android reference
com.sec.android.app.sbrowser.operatorbookmarks.permission.WRITE_OPERATOR_BOOKMARKS Unknown permission
Unknown permission from android reference
com.sec.android.app.sbrowser.operatorbookmarks.permission.BOOKMARK_AUTO_SET Unknown permission
Unknown permission from android reference
com.sec.android.app.sbrowser.permission.QUICKACCESS Unknown permission
Unknown permission from android reference
com.android.browser.permission.READ_HISTORY_BOOKMARKS Unknown permission
Unknown permission from android reference
com.android.browser.permission.WRITE_HISTORY_BOOKMARKS Unknown permission
Unknown permission from android reference
com.sec.android.app.browser.permission.HOMEPAGE Unknown permission
Unknown permission from android reference
com.sec.samsung.android.chromecustomizations.permission.HOMEPAGE Unknown permission
Unknown permission from android reference
android.permission.READ_PRIVILEGED_PHONE_STATE Unknown permission
Unknown permission from android reference
com.sec.android.permission.READ_MEMO Unknown permission
Unknown permission from android reference
com.sec.android.permission.WRITE_MEMO Unknown permission
Unknown permission from android reference
com.sec.android.widgetapp.q1_penmemo.permission.READ Unknown permission
Unknown permission from android reference
com.sec.android.widgetapp.q1_penmemo.permission.WRITE Unknown permission
Unknown permission from android reference
com.sec.android.provider.logsprovider.permission.READ_LOGS Unknown permission
Unknown permission from android reference
com.sec.android.provider.logsprovider.permission.WRITE_LOGS Unknown permission
Unknown permission from android reference
com.sec.android.app.clockpackage.permission.READ_ALARM Unknown permission
Unknown permission from android reference
com.sec.android.app.clockpackage.permission.WRITE_ALARM Unknown permission
Unknown permission from android reference
com.sec.android.app.deskclock.permission.READ_ALARM Unknown permission
Unknown permission from android reference
com.sec.android.app.deskclock.permission.WRITE_ALARM Unknown permission
Unknown permission from android reference
sec.android.permission.READ_MSG_PREF Unknown permission
Unknown permission from android reference
sec.android.permission.WRITE_MSG_PREF Unknown permission
Unknown permission from android reference
sec.android.permission.READ_EMAIL_PREF Unknown permission
Unknown permission from android reference
sec.android.permission.WRITE_EMAIL_PREF Unknown permission
Unknown permission from android reference
com.sec.android.app.calendar.permission.READ_CALENDAR_SETTINGS Unknown permission
Unknown permission from android reference
com.sec.android.app.calendar.permission.WRITE_CALENDAR_SETTINGS Unknown permission
Unknown permission from android reference
com.sec.phone.permission.SEC_FACTORY_PHONE Unknown permission
Unknown permission from android reference
android.permission.INTERACT_ACROSS_USERS Unknown permission
Unknown permission from android reference
android.permission.MANAGE_USERS Unknown permission
Unknown permission from android reference
android.permission.UPDATE_APP_OPS_STATS Unknown permission
Unknown permission from android reference
android.permission.WRITE_MEDIA_STORAGE Unknown permission
Unknown permission from android reference
com.samsung.android.memo.READ_COUNT Unknown permission
Unknown permission from android reference
com.sec.imsservice.READ_IMS_PERMISSION Unknown permission
Unknown permission from android reference
com.sec.imsservice.WRITE_IMS_PERMISSION Unknown permission
Unknown permission from android reference
com.sec.imsservice.PERMISSION Unknown permission
Unknown permission from android reference
com.samsung.commonimsinterface.PERMISSION Unknown permission
Unknown permission from android reference
com.samsung.sec.android.application.csc Unknown permission
Unknown permission from android reference
com.samsung.android.communicationservice.permission.CHAMELEON_MMS_UPDATE Unknown permission
Unknown permission from android reference
com.android.launcher.permission.ID Unknown permission
Unknown permission from android reference
com.sec.android.cloudagent.permission.READ Unknown permission
Unknown permission from android reference
com.sec.android.cloudagent.permission.WRITE Unknown permission
Unknown permission from android reference
com.samsung.android.settings.mysettings.read Unknown permission
Unknown permission from android reference
com.samsung.android.settings.mysettings.write Unknown permission
Unknown permission from android reference
com.samsung.android.app.notes.READ Unknown permission
Unknown permission from android reference
com.samsung.android.settings.permission.ACCESS_EPISODE Unknown permission
Unknown permission from android reference
com.sec.android.app.setupwizardlegalprovider.ACCESS_SERVICE Unknown permission
Unknown permission from android reference
android.permission.GRANT_RUNTIME_PERMISSIONS Unknown permission
Unknown permission from android reference

Threat analysis

Information computed with Quark-Engine.

Confidence:
100%
Run shell script programmably
Confidence:
100%
Implicit intent(view a web page, make a phone call, etc.)
Confidence:
100%
Query the list of the installed packages
Confidence:
100%
Write the IMSI number into a file
Confidence:
100%
Read data and put it into a buffer stream
Confidence:
100%
Method reflection
Confidence:
100%
Load class from given class name
Confidence:
100%
Read sensitive data(SMS, CALLLOG, etc)
Confidence:
100%
Open a file from given absolute path of the file
Confidence:
100%
Send notification
Confidence:
100%
Monitor the broadcast action events (BOOT_COMPLETED)
Confidence:
100%
Query the IMSI number
Confidence:
100%
Deletes media specified by a content URI(SMS, CALL_LOG, File, etc.)
Confidence:
100%
Method reflection
Confidence:
100%
Hide the current app's icon
Confidence:
100%
Query data from URI (SMS, CALLLOGS)
Confidence:
100%
Initialize class object dynamically
Confidence:
80%
Read file and put it into a stream
Confidence:
80%
Get declared method from given method name
Confidence:
80%
Get absolute path of the file and store in string
Confidence:
80%
Executes the specified string Linux command

Behavior analysis

Information computed with MobSF.

Android notifications
       com/samsung/sec/android/application/preconfig/lateactivation/ui/LateActivationNotification.java
Content provider
       com/samsung/sec/android/application/csc/CscChameleon.java
com/samsung/sec/android/application/csc/CscBrowser.java
com/samsung/sec/android/application/csc/CscContacts.java
com/samsung/sec/android/application/csc/CscSBrowser.java
com/samsung/sec/android/application/csc/CscChromeBrowser.java
Get installed applications
       com/samsung/sec/android/application/csc/CscPackageManager.java
Get sim operator name
       com/samsung/sec/android/application/csc/CscSBrowser.java
Get sim provider details
       com/samsung/sec/android/application/csc/service/CscSimStateService.java
com/samsung/sec/android/application/csc/receiver/CscReceiver.java
com/samsung/sec/android/application/csc/CscSBrowser.java
Get subscriber id
       com/samsung/sec/android/application/csc/CscSBrowser.java
Get system service
       com/samsung/sec/android/application/csc/service/CscSimStateService.java
com/samsung/sec/android/application/preconfig/lateactivation/ui/LateActivationNotification.java
com/samsung/sec/android/application/preconfig/TestActivity.java
com/samsung/sec/android/application/csc/receiver/CscReceiver.java
com/samsung/sec/android/application/csc/CscSettings.java
com/samsung/sec/android/application/csc/CscConnection.java
com/samsung/sec/android/application/preconfig/lateactivation/ui/LateActivationDialog.java
com/samsung/sec/android/application/csc/utils/CscUtil.java
com/samsung/sec/android/application/preconfig/lateactivation/PreconfigPackageManager.java
com/samsung/sec/android/application/csc/CscChameleon.java
com/samsung/sec/android/application/preconfig/PreconfigService.java
com/samsung/sec/android/application/csc/CscSBrowser.java
com/samsung/sec/android/application/csc/CscChromeBrowser.java
com/samsung/sec/android/application/csc/CscContents.java
com/samsung/sec/android/application/csc/CscGPS.java
com/samsung/sec/android/application/preconfig/Preconfig.java
Inter process communication
       com/samsung/sec/android/application/csc/CscCloud.java
com/samsung/sec/android/application/csc/CscVoiceMail.java
com/samsung/sec/android/application/preconfig/lateactivation/LateActivationJobService.java
com/samsung/sec/android/application/csc/service/CscCompareService.java
com/samsung/sec/android/application/preconfig/lateactivation/ui/LateActivationDialog.java
com/samsung/sec/android/application/preconfig/PreconfigBroadcastReceiver.java
com/samsung/sec/android/application/csc/service/CscUpdateService.java
com/samsung/sec/android/application/csc/CscSBrowser.java
com/samsung/sec/android/application/csc/utils/CscVerifierActivity.java
com/samsung/sec/android/application/csc/CscCalendar.java
com/samsung/sec/android/application/preconfig/Preconfig.java
com/samsung/sec/android/application/csc/service/CscSimStateService.java
com/samsung/sec/android/application/csc/service/CscModemSettingService.java
com/samsung/sec/android/application/preconfig/TestActivity.java
com/samsung/sec/android/application/preconfig/lateactivation/LateActivationIntentService.java
com/samsung/sec/android/application/csc/receiver/CscReceiver.java
com/samsung/sec/android/application/csc/CscSamsungKeypad.java
com/samsung/sec/android/application/csc/CscSettings.java
com/samsung/sec/android/application/csc/receiver/CscFactoryReceiver.java
com/samsung/sec/android/application/csc/CscConnection.java
com/samsung/sec/android/application/preconfig/lateactivation/LateActivationStateContext.java
com/samsung/sec/android/application/preconfig/FeatureLoadTest.java
com/samsung/sec/android/application/csc/CscChameleon.java
com/samsung/sec/android/application/csc/CscBrowser.java
com/samsung/sec/android/application/preconfig/lateactivation/LateActivationService.java
com/samsung/sec/android/application/preconfig/PreconfigService.java
com/samsung/sec/android/application/csc/CscFota.java
com/samsung/sec/android/application/csc/CscSmsMms.java
com/samsung/sec/android/application/preconfig/PreconfigRegionalDevice.java
Java reflection
       com/samsung/sec/android/application/csc/utils/log/LogLineInfo.java
Local file i/o operations
       com/samsung/sec/android/application/csc/utils/CscUtil.java
com/samsung/sec/android/application/csc/CscCloud.java
com/samsung/sec/android/application/csc/CscChameleon.java
com/samsung/sec/android/application/csc/CscBrowser.java
com/samsung/sec/android/application/csc/CscVoiceMail.java
com/samsung/sec/android/application/csc/CscSamsungKeypad.java
com/samsung/sec/android/application/csc/service/CscUpdateService.java
com/samsung/sec/android/application/csc/CscSettings.java
com/samsung/sec/android/application/csc/CscSBrowser.java
com/samsung/sec/android/application/csc/utils/Preference.java
com/samsung/sec/android/application/csc/receiver/CscFactoryReceiver.java
Query database of sms, contacts etc
       com/samsung/sec/android/application/csc/CscBrowser.java
com/samsung/sec/android/application/csc/CscContacts.java
com/samsung/sec/android/application/csc/CscSettings.java
com/samsung/sec/android/application/csc/CscSBrowser.java
com/samsung/sec/android/application/csc/CscConnection.java
com/samsung/sec/android/application/csc/CscSmsMms.java
com/samsung/sec/android/application/csc/CscChromeBrowser.java
com/samsung/sec/android/application/csc/CscContents.java
com/samsung/sec/android/application/csc/CscCalendar.java
Sending broadcast
       com/samsung/sec/android/application/csc/service/CscModemSettingService.java
com/samsung/sec/android/application/csc/CscCloud.java
com/samsung/sec/android/application/csc/CscVoiceMail.java
com/samsung/sec/android/application/csc/CscSamsungKeypad.java
com/samsung/sec/android/application/csc/CscSettings.java
com/samsung/sec/android/application/csc/CscConnection.java
com/samsung/sec/android/application/csc/service/CscCompareService.java
com/samsung/sec/android/application/preconfig/FeatureLoadTest.java
com/samsung/sec/android/application/csc/CscChameleon.java
com/samsung/sec/android/application/csc/CscBrowser.java
com/samsung/sec/android/application/preconfig/PreconfigService.java
com/samsung/sec/android/application/csc/service/CscUpdateService.java
com/samsung/sec/android/application/csc/CscSBrowser.java
com/samsung/sec/android/application/csc/CscFota.java
com/samsung/sec/android/application/csc/CscCalendar.java
com/samsung/sec/android/application/preconfig/Preconfig.java
Starting activity
       com/samsung/sec/android/application/preconfig/lateactivation/ui/LateActivationDialog.java
com/samsung/sec/android/application/csc/receiver/CscReceiver.java
com/samsung/sec/android/application/preconfig/PreconfigBroadcastReceiver.java
com/samsung/sec/android/application/preconfig/Preconfig.java
Starting service
       com/samsung/sec/android/application/csc/service/CscSimStateService.java
com/samsung/sec/android/application/preconfig/TestActivity.java
com/samsung/sec/android/application/csc/receiver/CscReceiver.java
com/samsung/sec/android/application/preconfig/PreconfigBroadcastReceiver.java
com/samsung/sec/android/application/csc/CscSettings.java
com/samsung/sec/android/application/csc/utils/CscVerifierActivity.java
com/samsung/sec/android/application/csc/receiver/CscFactoryReceiver.java

Control flow graphs analysis

Information computed by Pithus.

The application probably gets the subscriber ID associated to the SIM card/ Should never be collected

The application probably lists all installed applications