0/61

Threat

com.mixplorer

MiXplorer

Analyzed on 2022-04-06T17:08:50.531973

24

permissions

19

activities

8

services

4

receivers

82

domains

File sums

MD5 99c5efce331ebd6315783004f9f24631
SHA1 dbe0d738f8dafdbe19d2c297f571fa5b7ce3c81d
SHA256 07408af01aaa59dd762ddf3caab206df2fc1356b967139a99e80f266465a2088
Size 2.11MB

APKiD

Information computed with APKiD.

/tmp/tmpg31uz3gz!classes.dex
anti_vm
  • Build.MODEL check
  • Build.MANUFACTURER check
  • Build.PRODUCT check
  • Build.BOARD check
  • network operator name check
compiler
  • dx

SSdeep

Information computed with ssdeep.

APK file 49152:T8iamA1xsE2AEOaShhl/AdPUs7z30hRYS8muzP6XtFkA4BjXFOPQ9c0p6:D81xstAEOaSd/A9FHM8muzyXtFkjjlw
Manifest 1536:DyuYAGa4UWPv2KcMbIFfNckoKd330OWQNAzCpEL+ddj57H6+NIybTFXKkAR07o5O…
classes.dex 24576:x6OCl1p3Rj27CP8qqVm7Bbkj0dtFxti5b1KQWa2je0f0AF7mF9iYsBFe6rUY1IP…

Dexofuzzy

Information computed with Dexofuzzy.

APK file 3072:hP6BRErl98oFSSoqNippMCvSNOW2b+7KPY7Uhb5d582EZNnnrWeJJ2H6WI9YT47H…
classes.dex 3072:hP6BRErl98oFSSoqNippMCvSNOW2b+7KPY7Uhb5d582EZNnnrWeJJ2H6WI9YT47H…

APK details

Information computed with AndroGuard and Pithus.

Package com.mixplorer
App name MiXplorer
Version name 6.28.1
Version code 1805171
SDK 5 - 27
UAID 89242d704d759e20a142a63e2a8e880509b307b0
Signature Signature V1
Frosting Not frosted

Certificate details

Information computed with AndroGuard.

MD5 116d67d8148f6767c09477893c331270
SHA1 ca76778f8596f10a4cea041f3b3cef77cde44dc3
SHA256 724eebd26a756e0762c255052e49709391baa21d17d98c34071e091f18b90063
Issuer Common Name: MiXplorer.com, Organizational Unit: Android Development, Organization: MiProjects - Hootan Parsa, Locality: Tehran, Country: IR, Email Address: MiXplorer@gmail.com
Not before 2015-06-17T22:10:35+00:00
Not after 2165-06-17T22:10:35+00:00

Manifest analysis

Information computed with MobSF.

Medium Application Data can be Backed up[android:allowBackup=true]
This flag allows anyone to backup your application data via adb. It allows users who have enabled USB debugging to copy application data off of the device.
High Activity (com.mixplorer.activities.ExploreActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.mixplorer.activities.CopyActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Launch Mode of Activity (com.mixplorer.activities.SendAnywhereActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Activity (com.mixplorer.activities.SendAnywhereActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.mixplorer.activities.ClipboardActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High TaskAffinity is set for Activity
(com.mixplorer.activities.TextEditorActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.mixplorer.activities.TextEditorActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High TaskAffinity is set for Activity
(com.mixplorer.activities.CodeEditorActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.mixplorer.activities.CodeEditorActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High TaskAffinity is set for Activity
(com.mixplorer.activities.ContentViewerActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Launch Mode of Activity (com.mixplorer.activities.ContentViewerActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Activity (com.mixplorer.activities.ContentViewerActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High TaskAffinity is set for Activity
(com.mixplorer.activities.EBookReaderActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Launch Mode of Activity (com.mixplorer.activities.EBookReaderActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Activity (com.mixplorer.activities.EBookReaderActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High TaskAffinity is set for Activity
(com.mixplorer.activities.ImageViewerActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Launch Mode of Activity (com.mixplorer.activities.ImageViewerActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Activity (com.mixplorer.activities.ImageViewerActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High TaskAffinity is set for Activity
(com.mixplorer.activities.PlayerActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Launch Mode of Activity (com.mixplorer.activities.PlayerActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Activity (com.mixplorer.activities.PlayerActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.mixplorer.activities.BluetoothActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.mixplorer.activities.ConfigFtpWidget) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.mixplorer.activities.ConfigHttpWidget) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.mixplorer.activities.ConfigTcpWidget) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.mixplorer.activities.ShortcutActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.mixplorer.activities.HexViewerActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.mixplorer.activities.FontViewerActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Broadcast Receiver (com.mixplorer.providers.WidgetFTPProvider) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Broadcast Receiver (com.mixplorer.providers.WidgetHTTPProvider) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Broadcast Receiver (com.mixplorer.providers.WidgetTCPProvider) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Service (com.mixplorer.services.TileServiceFTP) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_QUICK_SETTINGS_TILE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.mixplorer.services.TileServiceHTTP) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_QUICK_SETTINGS_TILE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.mixplorer.services.TileServiceTCP) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_QUICK_SETTINGS_TILE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (com.mixplorer.BroadcastReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Content Provider (com.mixplorer.providers.TempFileProvider) is not Protected. [android:exported=true]
A Content Provider is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
Medium High Intent Priority (500)[android:priority]
By setting an intent priority higher than another intent, the app effectively overrides other requests.

Browsable activities

Information computed with MobSF.

com.mixplorer.activities.BrowseActivity

Hosts: *

Schemes: com.mixplorer:// file:// folder:// directory:// content:// smb:// bt:// http:// https:// ftp:// sftp://

Mime types: */* resource/folder text/* image/* audio/* video/* application/* gzip/document font/* model/* message/* misc/* vnd.android.document/root

com.mixplorer.activities.ExploreActivity

Hosts: *

Schemes: file:// content:// smb:// bt:// http:// https:// ftp:// sftp://

Mime types: */* application/mix-archive application/miui-mtz application/java-archive application/gzip gzip/document application/x-zip application/x-zip-compressed application/x-bzip application/gzipped application/x-gunzip application/x-gzip-compressed application/gzip-compressed application/x-compressed application/x-compress application/x-winzip multipart/x-zip application/zip application/rar application/x-rar-compressed application/x-gtar application/x-tar application/x-bz2 application/x-bzip2 application/x-gzip application/x-7z-compressed application/x-lzip application/x-shockwave-flash application/epub+zip

com.mixplorer.activities.CopyActivity

Hosts: *

Schemes: file:// content:// smb:// bt:// http:// https:// ftp:// sftp://

Mime types: */* application/x-bittorrent text/* image/* audio/* video/* application/* gzip/document font/* model/* message/* multipart/* misc/*

com.mixplorer.activities.EBookReaderActivity

Schemes: file:// content:// smb:// bt:// http:// https:// ftp:// ftps:// sftp://

Mime types: application/pdf application/epub application/epub+zip application/vnd.amazon.ebook application/x-mobipocket application/x-mobipocket-ebook application/x-pilot-prc application/oebps-package+xml application/fb2+xml application/x-fictionbook application/x-fictionbook+xml

com.mixplorer.activities.ImageViewerActivity

Schemes: file:// content:// smb:// bt:// http:// https:// ftp:// ftps:// sftp://

Mime types: image/* application/x-win-bitmap vnd.android.cursor.dir/image application/x-cdisplay application/x-cbr application/x-cbt application/x-cb7

com.mixplorer.activities.PlayerActivity

Schemes: file:// content:// smb:// bt:// rtsp:// mms:// http:// https:// ftp:// ftps:// sftp://

Mime types: video/* audio/* vnd.android.cursor.dir/video audio/mpegURL audio/x-mpegurl audio/x-scpls application/x-rtsp */rmvb */avi */mkv application/3gpp* application/mp4 application/mpeg* application/ogg application/sdp application/vnd.3gp* application/vnd.apple.mpegurl application/vnd.dvd* application/vnd.dolby* application/vnd.rn-realmedia* application/x-iso9660-image application/x-extension-mp4 application/x-flac application/x-matroska application/x-mpegURL application/x-ogg application/x-quicktimeplayer application/x-shockwave-flash application/xspf+xml misc/ultravox application/x-mplayer2 application/x-winamp

com.mixplorer.activities.HexViewerActivity

Schemes: file:// content:// smb:// bt:// http:// https:// ftp:// ftps:// sftp://

Mime types: application/x-msdownload

com.mixplorer.activities.FontViewerActivity

Hosts: *

Schemes: file:// content:// smb:// bt:// http:// https:// ftp:// ftps:// sftp://

Mime types: application/x-font-otf application/x-font-opentype application/x-font-ttf font/truetype font/ttf */*

Main Activity

Information computed with AndroGuard. 

com.mixplorer.activities.BrowseActivity

Activities

Information computed with AndroGuard. 

com.mixplorer.activities.BrowseActivity
com.mixplorer.activities.ExploreActivity
com.mixplorer.activities.CopyActivity
com.mixplorer.activities.SendAnywhereActivity
com.mixplorer.activities.PreferenceActivity
com.mixplorer.activities.ClipboardActivity
com.mixplorer.activities.TextEditorActivity
com.mixplorer.activities.CodeEditorActivity
com.mixplorer.activities.ContentViewerActivity
com.mixplorer.activities.EBookReaderActivity
com.mixplorer.activities.ImageViewerActivity
com.mixplorer.activities.PlayerActivity
com.mixplorer.activities.BluetoothActivity
com.mixplorer.activities.ConfigFtpWidget
com.mixplorer.activities.ConfigHttpWidget
com.mixplorer.activities.ConfigTcpWidget
com.mixplorer.activities.ShortcutActivity
com.mixplorer.activities.HexViewerActivity
com.mixplorer.activities.FontViewerActivity

Receivers

Information computed with AndroGuard. 

com.mixplorer.providers.WidgetFTPProvider
com.mixplorer.providers.WidgetHTTPProvider
com.mixplorer.providers.WidgetTCPProvider
com.mixplorer.BroadcastReceiver

Services

Information computed with AndroGuard. 

com.mixplorer.services.TileServiceFTP
com.mixplorer.services.TileServiceHTTP
com.mixplorer.services.TileServiceTCP
com.mixplorer.services.PlayerService
com.mixplorer.services.OperationService
com.mixplorer.services.FTPServerService
com.mixplorer.services.HTTPServerService
com.mixplorer.services.TCPServerService

Sample timeline

Certificate valid not before June 17, 2015, 10:10 p.m.
First submission on VT May 17, 2018, 6:59 p.m.
Latest file found in APK May 17, 2018, 11 p.m.
Last submission on VT Sept. 25, 2018, 5:56 a.m.
Upload on Pithus April 6, 2022, 5:08 p.m.
Certificate valid not after June 17, 2165, 10:10 p.m.

NIAP analysis

Information computed with MobSF.

FCS_RBG_EXT.1.1 The application invoke platform-provided DRBG functionality for its cryptographic operations.
Random Bit Generation Services
FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application implement asymmetric key generation.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['USB', 'bluetooth', 'network connectivity'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to no sensitive information repositories.
Access to Platform Resources
FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Network Communications
FDP_DAR_EXT.1.1 The application implement functionality to encrypt sensitive data in non-volatile memory.
Encryption Of Sensitive Application Data
FMT_MEC_EXT.1.1 The application invoke the mechanisms recommended by the platform vendor for storing and setting configuration options.
Supported Configuration Mechanism
FTP_DIT_EXT.1.1 The application does encrypt some transmitted data with HTTPS/TLS/SSH between itself and another trusted IT product.
Protection of Data in Transit
FCS_RBG_EXT.2.1
FCS_RBG_EXT.2.2		 The application perform all deterministic random bit generation (DRBG) services in accordance with NIST Special Publication 800-90A using Hash_DRBG. The deterministic RBG is seeded by an entropy source that accumulates entropy from a platform-based DRBG and a software-based noise source, with a minimum of 256 bits of entropy at least equal to the greatest security strength (according to NIST SP 800-57) of the keys and hashes that it will generate.
Random Bit Generation from Application
FCS_CKM.1.1(1) The application generate asymmetric cryptographic keys not in accordance with FCS_CKM.1.1(1) using key generation algorithm RSA schemes and cryptographic key sizes of 1024-bit or lower.
Cryptographic Asymmetric Key Generation
FCS_CKM.1.1(3)
FCS_CKM.1.2(3)		 A password/passphrase shall perform [Password-based Key Derivation Functions] in accordance with a specified cryptographic algorithm..
Password Conditioning
FCS_COP.1.1(1) The application perform encryption/decryption not in accordance with FCS_COP.1.1(1), AES-ECB mode is being used.
Cryptographic Operation - Encryption/Decryption
FCS_COP.1.1(2) The application perform cryptographic hashing services not in accordance with FCS_COP.1.1(2) and uses the cryptographic algorithm RC2/RC4/MD4/MD5.
Cryptographic Operation - Hashing
FCS_COP.1.1(3) The application perform cryptographic signature services (generation and verification) in accordance with a specified cryptographic algorithm RSA schemes using cryptographic key sizes of 2048-bit or greater.
Cryptographic Operation - Signing
FCS_COP.1.1(4) The application perform keyed-hash message authentication with cryptographic algorithm ['HMAC-SHA1', 'HMAC-SHA-256'] .
Cryptographic Operation - Keyed-Hash Message Authentication
FCS_HTTPS_EXT.1.2 The application implement HTTPS using TLS.
HTTPS Protocol
FCS_HTTPS_EXT.1.3 The application notify the user and not establish the connection or request application authorization to establish the connection if the peer certificate is deemed invalid.
HTTPS Protocol
FIA_X509_EXT.1.1 The application invoked platform-provided functionality to validate certificates in accordance with the following rules: ['The certificate path must terminate with a trusted CA certificate'].
X.509 Certificate Validation
FIA_X509_EXT.2.1 The application use X.509v3 certificates as defined by RFC 5280 to support authentication for HTTPS , TLS.
X.509 Certificate Authentication
FCS_CKM.1.1(2) The application shall generate symmetric cryptographic keys using a Random Bit Generator as specified in FCS_RBG_EXT.1 and specified cryptographic key sizes 128 bit or 256 bit.
Cryptographic Symmetric Key Generation

Code analysis

Information computed with MobSF.

Medium
CVSS:7.4
MD5 is a weak hash known to have hash collisions.
MASVS: MSTG-CRYPTO-4
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
M5: Insufficient Cryptography
Files: 
 h/d/t.java
 h/d/r.java
 javax/b/a/a.java
 com/c/a/a/v.java
 com/a/b/a/c/b.java
 h/e/d.java
Low
CVSS:7.5
The App logs information. Sensitive information should never be logged.
MASVS: MSTG-STORAGE-3
CWE-532 Insertion of Sensitive Information into Log File
Files: 
 com/mixplorer/f/bj.java
 android/a/c/c/a.java
 com/a/b/a/f.java
 com/c/a/bm.java
 g/b/i.java
 com/mixplorer/e/at.java
 com/c/a/b/a.java
 com/c/a/an.java
 com/mixplorer/g/a/e.java
 com/a/b/a/g.java
 com/mixplorer/l/aq.java
 p/a/a/a.java
 a/h.java
 javax/b/q.java
 com/c/a/a/y.java
 com/mixplorer/c/ah.java
 com/c/a/as.java
 com/c/a/am.java
 com/mixplorer/g/b/a/j.java
 com/c/a/t.java
 com/c/a/w.java
 com/mixplorer/g/a/h.java
 android/a/d/c/d.java
 f/c.java
 com/mixplorer/l/am.java
 com/a/b/a/a/a.java
 android/a/b/a.java
 f/i.java
 com/a/b/a/a/d.java
 com/c/a/a/m.java
 c/d/a.java
 com/c/a/a/v.java
 com/c/a/u.java
 g/b/f.java
 com/mixplorer/g/b/i.java
 com/mixplorer/AppImpl.java
 javax/b/d.java
 com/c/a/a/ab.java
 com/mixplorer/widgets/MiViewPager.java
 g/b/a.java
 p/e.java
 com/mixplorer/l/ag.java
 com/mixplorer/g/b/a/k.java
 com/c/a/a/aa.java
 com/c/a/v.java
 android/a/d/c/h.java
 com/a/b/a/e.java
 com/b/b/a/a/a/a/a.java
 com/c/c/a.java
 com/c/a/a/z.java
 d/m.java
 com/mixplorer/f/an.java
 android/a/c/g/o.java
High
CVSS:7.4
Weak Encryption algorithm used
MASVS: MSTG-CRYPTO-4
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
M5: Insufficient Cryptography
Files: 
 com/c/a/a/i.java
 com/c/a/a/ag.java
 com/c/a/a/h.java
 com/c/a/a/af.java
 com/c/a/a/g.java
Medium
CVSS:5.9
SHA-1 is a weak hash known to have hash collisions.
MASVS: MSTG-CRYPTO-4
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
M5: Insufficient Cryptography
Files: 
 com/c/a/a/w.java
 com/c/a/a/ae.java
 b/a.java
 com/c/a/a/ac.java
 org/a/a/a/ag.java
 com/c/a/a/y.java
 com/mixplorer/h/b/b/b.java
 org/a/a/a/m.java
 u/c/a.java
Medium
CVSS:5.9
App uses SQLite Database and execute raw SQL query. Untrusted user input in raw SQL queries can cause SQL Injection. Also sensitive information should be encrypted and written to the database.
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
M7: Client Code Quality
Files: 
 com/mixplorer/f/b.java
 d/m.java
Medium
CVSS:7.5
The App uses an insecure Random Number Generator.
MASVS: MSTG-CRYPTO-6
CWE-330 Use of Insufficiently Random Values
M5: Insufficient Cryptography
Files: 
 h/d/bb.java
 h/d/r.java
 v/a/b.java
 j/a.java
 u/b/b/b.java
 v/a/f.java
 j/d.java
 com/mixplorer/h/a/p/b.java
 com/mixplorer/h/a/p/f.java
 com/mixplorer/h/b/a.java
Medium
CVSS:7.4
Files may contain hardcoded sensitive information like usernames, passwords, keys etc.
MASVS: MSTG-STORAGE-14
CWE-312 Cleartext Storage of Sensitive Information
M9: Reverse Engineering
Files: 
 q/d/a/e.java
 org/a/a/a/h.java
 h/d/as.java
 com/mixplorer/g/b/j.java
High
CVSS:5.5
App can read/write to External Storage. Any App can read data written to External Storage.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files: 
 com/mixplorer/f/bk.java
 com/mixplorer/f/a.java
 com/a/b/a/e.java
Medium
CVSS:4.3
IP Address disclosure
MASVS: MSTG-CODE-2
CWE-200 Information Exposure
Files: 
 h/b/g.java
 h/b.java
 com/c/a/bm.java
 m/b/c.java
 h/b/e.java
 com/mixplorer/h/c/b/b.java
 com/mixplorer/h/c/b/a.java
 m/a.java
 com/c/a/d.java
 com/mixplorer/l/aq.java
 com/c/a/f.java
 com/c/a/ay.java
 com/c/a/k.java
Info
CVSS:0
This App uses SSL certificate pinning to detect or prevent MITM attacks in secure communication channel.
MASVS: MSTG-NETWORK-4
Files: 
 n/y.java
 a/e.java
 com/mixplorer/h/d/b.java
Low
CVSS:0
This App copies data to clipboard. Sensitive data should not be copied to clipboard as other applications can access it.
MASVS: MSTG-STORAGE-10
Files: 
 com/mixplorer/l/ad.java
High
CVSS:7.4
Insecure WebView Implementation. WebView ignores SSL Certificate errors and accept any SSL Certificate. This application is vulnerable to MITM attacks
MASVS: MSTG-NETWORK-3
CWE-295 Improper Certificate Validation
M3: Insecure Communication
Files: 
 com/mixplorer/c/ah.java
Pygal China: 900 Germany: 1300 Finland: 100 France: 300 United Kingdom: 100 Luxembourg: 200 Netherlands: 800 Portugal: 300 Russian Federation: 600 United States: 3200

Map computed by Pithus.

Domains analysis

Information computed with MobSF.

US www.dropbox.com 162.125.66.18
FR apis.live.net 40.90.136.179
PT api-content.meocloud.pt 213.13.26.148
NL gallery.asymmetrics.nl 185.182.56.169
US evs.idrive.com 173.255.12.83
CN openapi.baidu.com 39.156.66.111
RU auth.mail.ru 217.69.139.60
CN upload-vdisk.sina.com.cn 123.126.45.208
NL login.microsoftonline.com 20.190.160.8
RU cloud-api.yandex.net 213.180.204.127
US www.copy.com 104.21.39.72
US www.backblaze.com 104.17.5.3
US api.dropboxapi.com 162.125.66.19
US www.mediafire.com 104.16.203.237
DE api.hidrive.strato.com 85.214.3.77
US api.pcloud.com 74.120.8.13
NL onedrive.live.com 13.107.43.13
LU my.pcloud.com 45.131.244.10
FI api.acoustid.org 95.217.88.167
NL www.facebook.com 157.240.236.35
partner.samsungcloud.com
DE www.amazon.com 143.204.94.173
DE www.hidrive.strato.com 85.214.3.74
DE api.box.com 185.235.236.197
CN pcs.baidu.com 140.249.34.53
CN www.kuaipan.cn 47.107.13.37
NL login.live.com 20.190.160.4
RU cloud.mail.ru 217.69.139.55
US drive.google.com 142.250.185.206
US sites.google.com 142.250.185.142
US api.backblaze.com 104.153.233.174
DE coverartarchive.org 148.251.152.7
US api.4sync.com 199.101.134.238
PT meocloud.pt 213.13.26.145
NL officeapps.live.com 13.107.6.171
LU mega.nz 31.216.144.5
US xmlpull.org 74.50.61.58
DE send-anywhere.com 143.204.98.60
RU disk.yandex.com 87.250.250.50
NL www.daisy.org 65.52.139.180
DE www.musicbrainz.org 138.201.227.205
US xml.org 104.239.240.11
PT publicapi.meocloud.pt 213.13.145.121
DE www.mixplorer.com 185.212.70.66
NL g.api.mega.co.nz 66.203.125.12
DE www.free-hidrive.com 81.169.145.238
US www.w3.org 128.30.52.100
US www.sugarsync.com 208.94.4.90
US forum.xda-developers.com 104.18.18.88
US api.amazon.com 52.119.198.106
CN pan.baidu.com 220.181.111.91
DE mixplorer.com 185.212.70.66
US www.4sync.com 199.101.134.238
US www.idpf.org 128.30.52.155
FR hubic.com 178.33.124.183
CN api.weipan.cn 14.152.72.122
api.office.com
DE www.box.com 185.235.236.197
US upload.4sync.com 204.155.149.37
schemas.android.com
US accounts.google.com 142.250.185.77
US api.4shared.com 199.101.133.51
US purl.org 207.241.239.242
RU oauth.yandex.com 93.158.134.114
DE upload.box.com 185.235.236.226
US itunes.apple.com 69.192.160.24
US upload.4shared.com 208.88.224.136
US twitter.com 104.244.42.65
US api.send-anywhere.com 52.33.56.148
US content.dropboxapi.com 162.125.66.14
US api.sugarsync.com 208.94.4.81
US drive.amazonaws.com 52.46.141.106
CN www.kanbox.com 203.119.207.130
CN vdisk.weibo.com 14.152.72.122
US www.idrive.com 148.66.234.46
US www.googleapis.com 142.250.186.74
GB sharepoint.com 13.107.9.168
RU e.mail.ru 217.69.139.216
VG www.4shared.com 74.117.178.90
CN auth.sina.com.cn 180.149.134.158
DE www.owncloud.org 78.46.146.179
FR api.hubic.com 178.33.124.190

URL analysis

Information computed with MobSF.

http://www.w3.org/TR/SVG11/feature#
http://www.w3.org/1999/xlink
http://xml.org/sax/properties/lexical-handler
http://www.w3.org/2000/svg
Defined in g/b/i.java
http://www.w3.org/TR/SVG11/feature#
http://www.w3.org/1999/xlink
http://xml.org/sax/properties/lexical-handler
http://www.w3.org/2000/svg
Defined in g/b/i.java
http://www.w3.org/TR/SVG11/feature#
http://www.w3.org/1999/xlink
http://xml.org/sax/properties/lexical-handler
http://www.w3.org/2000/svg
Defined in g/b/i.java
http://www.w3.org/TR/SVG11/feature#
http://www.w3.org/1999/xlink
http://xml.org/sax/properties/lexical-handler
http://www.w3.org/2000/svg
Defined in g/b/i.java
http://xmlpull.org/v1/doc/features.html#relaxed
Defined in c/e/a.java
http://purl.org/dc/elements/1.1/
http://www.idpf.org/2007/opf
Defined in c/b/b.java
http://purl.org/dc/elements/1.1/
http://www.idpf.org/2007/opf
Defined in c/b/b.java
http://www.idpf.org/2007/opf
http://www.daisy.org/z3986/2005/ncx/
http://purl.org/dc/elements/1.1/
Defined in c/b/a.java
http://www.idpf.org/2007/opf
http://www.daisy.org/z3986/2005/ncx/
http://purl.org/dc/elements/1.1/
Defined in c/b/a.java
http://www.idpf.org/2007/opf
http://www.daisy.org/z3986/2005/ncx/
http://purl.org/dc/elements/1.1/
Defined in c/b/a.java
http://xmlpull.org/v1/doc/features.html#relaxed
Defined in c/a/a.java
http://xmlpull.org/v1/doc/features.html#process-namespaces
Defined in com/mixplorer/f/ax.java
http://mixplorer.com/files/busybox/meefik-v1.27.2-
http://mixplorer.com/files/toybox/toybox-
Defined in com/mixplorer/f/az.java
http://mixplorer.com/files/busybox/meefik-v1.27.2-
http://mixplorer.com/files/toybox/toybox-
Defined in com/mixplorer/f/az.java
https://sites.google.com/site/mixplorer/callback/
Defined in com/mixplorer/e/ao.java
ftp://host
ftps://host
sftp://host
http://host
https://host
https://www.box.com
https://www.dropbox.com
https://drive.google.com
https://onedrive.live.com
https://sharepoint.com
https://www.sugarsync.com
https://mega.nz
https://www.backblaze.com
https://www.copy.com
https://www.mediafire.com
https://www.4sync.com
https://www.4shared.com
https://www.idrive.com
https://pan.baidu.com
https://vdisk.weibo.com
https://www.kuaipan.cn
https://www.kanbox.com
https://hubic.com
https://meocloud.pt
https://www.free-hidrive.com
https://www.owncloud.org
https://disk.yandex.com
https://www.amazon.com
https://my.pcloud.com
https://www.facebook.com
https://cloud.mail.ru
file:///host
Defined in com/mixplorer/e/ae.java
ftp://host
ftps://host
sftp://host
http://host
https://host
https://www.box.com
https://www.dropbox.com
https://drive.google.com
https://onedrive.live.com
https://sharepoint.com
https://www.sugarsync.com
https://mega.nz
https://www.backblaze.com
https://www.copy.com
https://www.mediafire.com
https://www.4sync.com
https://www.4shared.com
https://www.idrive.com
https://pan.baidu.com
https://vdisk.weibo.com
https://www.kuaipan.cn
https://www.kanbox.com
https://hubic.com
https://meocloud.pt
https://www.free-hidrive.com
https://www.owncloud.org
https://disk.yandex.com
https://www.amazon.com
https://my.pcloud.com
https://www.facebook.com
https://cloud.mail.ru
file:///host
Defined in com/mixplorer/e/ae.java
ftp://host
ftps://host
sftp://host
http://host
https://host
https://www.box.com
https://www.dropbox.com
https://drive.google.com
https://onedrive.live.com
https://sharepoint.com
https://www.sugarsync.com
https://mega.nz
https://www.backblaze.com
https://www.copy.com
https://www.mediafire.com
https://www.4sync.com
https://www.4shared.com
https://www.idrive.com
https://pan.baidu.com
https://vdisk.weibo.com
https://www.kuaipan.cn
https://www.kanbox.com