0/60

Threat

com.clearos.launcher

ClearNAV Launcher

Analyzed on 2021-08-28T15:58:30.464420

30

permissions

53

activities

21

services

10

receivers

44

domains

File sums

MD5 5d676d1606be706ebd252e17b89e34ac
SHA1 1a6456518fe14237263371684647c0d24dd74b84
SHA256 26bd79156d2d0709b8cdf25b49fad221dbdc2dd833366d3626cf979b2a26dcf1
Size 57.72MB

APKiD

Information computed with APKiD.

/tmp/tmpm47ws6y0!classes.dex
anti_vm
  • Build.FINGERPRINT check
  • Build.MODEL check
  • Build.MANUFACTURER check
  • Build.PRODUCT check
  • Build.HARDWARE check
  • Build.TAGS check
anti_debug
  • Debug.isDebuggerConnected() check
compiler
  • r8

SSdeep

Information computed with ssdeep.

APK file 786432:EXuJzYzxKyYw3cFvmRAXbnnfAX3ALbZ5M3iocs0lHJBw6HGdLyTXXw3n0I3w:1JzYdGw36uGTfU3AGits01Jod8nw0
Manifest 768:GzecUIQB5YJW2t2/Rt6pcKBT6X1SbqUQBxo0/1T0b9NPmhSFaJtyDmACv9tGktJG:…
classes.dex 49152:HRGdttIp0sakKIGwz19iaGWPi/gxPfhVD+IxT1vQmByoq6tTs4qI74y/X/GxvgJ…

Dexofuzzy

Information computed with Dexofuzzy.

APK file 6144:0K1KH0aqwq+LBylqKUzQmEd0sEvDEWJcuBvWEtSwmBBOQYBLxvwXmGTV/pmLnQ45…
classes.dex 6144:0K1KH0aqwq+LBylqKUzQmEd0sEvDEWJcuBvWEtSwmBBOQYBLxvwXmGTV/pmLnQ45…

APK details

Information computed with AndroGuard and Pithus.

Package com.clearos.launcher
App name ClearNAV Launcher
Version name 38
Version code 1650
SDK 21 - 29
UAID 1877abc814b259e25ab6d3f84845d7eecebdc614
Signature Signature V1 Signature V2
Frosting Not frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown
  • 0x504b4453: Dependency metadata
  • 0x42726577: Verity padding

Certificate details

Information computed with AndroGuard.

MD5 5d42d0fef6cc52f37d2ff487e7c2c43a
SHA1 dfaab993de750d7b5430bbd4217472311d94f9d0
SHA256 dbc3effb13da2f7447a07f29b9e9c605e301d001196301897a1656c75b22de60
Issuer Common Name: vincenzo colucci, Locality: Bologna, State/Province: Italy, Country: 39
Not before 2011-03-13T15:38:32+00:00
Not after 2061-02-28T15:38:32+00:00

Manifest analysis

Information computed with MobSF.

High Activity (ginlemon.flower.preferences.PrefSectionActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (ginlemon.flower.ExternalIntentHandler) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (ginlemon.flower.preferences.showcases.MyLockScreensActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (ginlemon.flower.widgetPicker.WidgetPickerActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (ginlemon.flower.preferences.HiddenAppsActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (ginlemon.flower.preferences.FontPickerActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (ginlemon.flower.preferences.showcases.MyThemesActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (ginlemon.flower.PreventModificationsActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.android.wallpapercropper.WallpaperCropActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (ginlemon.flower.preferences.BlackScreenActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (ginlemon.flower.preferences.ExportedActivities$RestoreBackup) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (ginlemon.flower.preferences.ExportedActivities$FakeHome) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (ginlemon.flower.billing.classicpaywall.PaywallActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (ginlemon.flower.preferences.ExportedActivities$FakeActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (ginlemon.flower.DummyActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (ginlemon.flower.preferences.prefMenu.PrefMenuActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (ginlemon.flower.shortcuts.AddDeepShortcutActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (ginlemon.flower.preferences.ExportedActivities$SetHomeActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (ginlemon.flower.graphic.UIdemoActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (ginlemon.flower.billing.newpaywall.NewPaywallActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (ginlemon.notifications.listener.NotificationListener) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_NOTIFICATION_LISTENER_SERVICE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (ginlemon.flower.library.PanelActionService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_ACCESSIBILITY_SERVICE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (ginlemon.flower.cloudMessaging.SlFirebaseMessagingService) is not Protected.An intent-filter exists.
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Service is explicitly exported.
High Content Provider (ginlemon.flower.provider.KustomProvider) is not Protected. [android:exported=true]
A Content Provider is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Content Provider (ginlemon.flower.preferences.SettingsProvider) is not Protected. [android:exported=true]
A Content Provider is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.google.firebase.iid.FirebaseInstanceIdReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.google.android.c2dm.permission.SEND [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (androidx.work.impl.background.systemjob.SystemJobService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.

Browsable activities

Information computed with MobSF.

ginlemon.flower.preferences.ExportedActivities$RestoreBackup

Hosts: *

Schemes: file:// content://

Mime types: */* application/octet-stream

Main Activity

Information computed with AndroGuard. 

['ginlemon.flower.HomeScreen', 'ginlemon.flower.preferences.PrefSectionActivity', 'ginlemon.flower.recovery.DebugActivity', 'ginlemon.flower.ExternalIntentHandler', 'ginlemon.flower.preferences.showcases.MyLockScreensActivity', 'ginlemon.flower.widgetPicker.WidgetPickerActivity', 'ginlemon.flower.preferences.HiddenAppsActivity', 'ginlemon.flower.preferences.FontPickerActivity', 'ginlemon.flower.preferences.showcases.MyThemesActivity', 'ginlemon.flower.preferences.showcases.WallpaperSelectorActivity', 'ginlemon.flower.PreventModificationsActivity', 'ginlemon.flower.iconPicker.IconPackIconPickerActivity', 'ginlemon.flower.iconPicker.IconPickerActivity', 'com.android.wallpapercropper.WallpaperCropActivity', 'ginlemon.flower.recovery.RecoveryActivity', 'ginlemon.flower.webApp.WebAppActivity', 'ginlemon.flower.webApp.PickerDialogBuilder', 'ginlemon.flower.preferences.BlackScreenActivity', 'ginlemon.flower.preferences.ExportedActivities$RestoreBackup', 'ginlemon.flower.preferences.ExportedActivities$FakeHome', 'ginlemon.flower.billing.classicpaywall.PaywallActivity', 'ginlemon.flower.preferences.ExportedActivities$FakeActivity', 'ginlemon.flower.DummyActivity', 'ginlemon.flower.preferences.prefMenu.PrefMenuActivity', 'ginlemon.notifications.listener.preferences.BlacklistActivity', 'ginlemon.flower.preferences.backup.BackupActivity', 'ginlemon.flower.preferences.showcases.ExplorerActivity', 'ginlemon.flower.preferences.teamInfo.VersionInfoActivity', 'ginlemon.flower.preferences.teamInfo.AboutActivity', 'ginlemon.flower.preferences.IconAppearancePrefActivity', 'ginlemon.flower.welcome.WelcomeActivity', 'ginlemon.flower.welcome.UpgradeActivity', 'ginlemon.flower.shortcuts.AddDeepShortcutActivity', 'ginlemon.flower.addPicker.AddPickerActivity', 'ginlemon.flower.preferences.ScreenshotViewActivity', 'ginlemon.flower.preferences.ExportedActivities$SetHomeActivity', 'ginlemon.flower.preferences.panelsEditor.PanelsEditorActivity', 'ginlemon.flower.preferences.feed.TopicsManagerActivity', 'ginlemon.flower.preferences.OverDrawingAppsActivity', 'ginlemon.flower.preferences.NotLaunchableAppsActivity', 'ginlemon.flower.RatingActivity', 'ginlemon.flower.billing.MiniPremiumAdvantagesActivity', 'ginlemon.flower.whatsnew.WhatsNewActivity', 'ginlemon.flower.graphic.UIdemoActivity', 'ginlemon.flower.provider.KustomProvider$AutoFinishTransparentActivity', 'ginlemon.flower.preferences.PaletteActivity', 'ginlemon.flower.library.EncapsulationActivity', 'ginlemon.flower.WidgetConfigurationActivity', 'ginlemon.flower.billing.newpaywall.NewPaywallActivity', 'ginlemon.flower.preferences.teamInfo.ClearNavInfoActivity', 'com.android.billingclient.api.ProxyBillingActivity', 'com.google.android.gms.ads.AdActivity', 'com.google.android.gms.common.api.GoogleApiActivity']

Activities

Information computed with AndroGuard. 

ginlemon.flower.HomeScreen
ginlemon.flower.preferences.PrefSectionActivity
ginlemon.flower.recovery.DebugActivity
ginlemon.flower.ExternalIntentHandler
ginlemon.flower.preferences.showcases.MyLockScreensActivity
ginlemon.flower.widgetPicker.WidgetPickerActivity
ginlemon.flower.preferences.HiddenAppsActivity
ginlemon.flower.preferences.FontPickerActivity
ginlemon.flower.preferences.showcases.MyThemesActivity
ginlemon.flower.preferences.showcases.WallpaperSelectorActivity
ginlemon.flower.PreventModificationsActivity
ginlemon.flower.iconPicker.IconPackIconPickerActivity
ginlemon.flower.iconPicker.IconPickerActivity
com.android.wallpapercropper.WallpaperCropActivity
ginlemon.flower.recovery.RecoveryActivity
ginlemon.flower.webApp.WebAppActivity
ginlemon.flower.webApp.PickerDialogBuilder
ginlemon.flower.preferences.BlackScreenActivity
ginlemon.flower.preferences.ExportedActivities$RestoreBackup
ginlemon.flower.preferences.ExportedActivities$FakeHome
ginlemon.flower.billing.classicpaywall.PaywallActivity
ginlemon.flower.preferences.ExportedActivities$FakeActivity
ginlemon.flower.DummyActivity
ginlemon.flower.preferences.prefMenu.PrefMenuActivity
ginlemon.notifications.listener.preferences.BlacklistActivity
ginlemon.flower.preferences.backup.BackupActivity
ginlemon.flower.preferences.showcases.ExplorerActivity
ginlemon.flower.preferences.teamInfo.VersionInfoActivity
ginlemon.flower.preferences.teamInfo.AboutActivity
ginlemon.flower.preferences.IconAppearancePrefActivity
ginlemon.flower.welcome.WelcomeActivity
ginlemon.flower.welcome.UpgradeActivity
ginlemon.flower.shortcuts.AddDeepShortcutActivity
ginlemon.flower.addPicker.AddPickerActivity
ginlemon.flower.preferences.ScreenshotViewActivity
ginlemon.flower.preferences.ExportedActivities$SetHomeActivity
ginlemon.flower.preferences.panelsEditor.PanelsEditorActivity
ginlemon.flower.preferences.feed.TopicsManagerActivity
ginlemon.flower.preferences.OverDrawingAppsActivity
ginlemon.flower.preferences.NotLaunchableAppsActivity
ginlemon.flower.RatingActivity
ginlemon.flower.billing.MiniPremiumAdvantagesActivity
ginlemon.flower.whatsnew.WhatsNewActivity
ginlemon.flower.graphic.UIdemoActivity
ginlemon.flower.provider.KustomProvider$AutoFinishTransparentActivity
ginlemon.flower.preferences.PaletteActivity
ginlemon.flower.library.EncapsulationActivity
ginlemon.flower.WidgetConfigurationActivity
ginlemon.flower.billing.newpaywall.NewPaywallActivity
ginlemon.flower.preferences.teamInfo.ClearNavInfoActivity
com.android.billingclient.api.ProxyBillingActivity
com.google.android.gms.ads.AdActivity
com.google.android.gms.common.api.GoogleApiActivity

Receivers

Information computed with AndroGuard. 

com.google.android.gms.measurement.AppMeasurementReceiver
com.google.firebase.iid.FirebaseInstanceIdReceiver
androidx.work.impl.utils.ForceStopRunnable$BroadcastReceiver
androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy
androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy
androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy
androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy
androidx.work.impl.background.systemalarm.RescheduleReceiver
androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver
com.google.android.datatransport.runtime.scheduling.jobscheduling.AlarmManagerSchedulerBroadcastReceiver

Services

Information computed with AndroGuard. 

ginlemon.flower.core.appCatalogation.AppCatalogWorker
ginlemon.flower.smartfixes.NotLaunchableEngagementWorker
ginlemon.flower.billing.PurchaseReEngagementWorker
ginlemon.notifications.listener.RestartNotificationListenerWorker
ginlemon.notifications.listener.NotificationListener
ginlemon.flower.library.PanelActionService
ginlemon.flower.locker.LockscreenService
ginlemon.flower.cloudMessaging.SlFirebaseMessagingService
ginlemon.flower.wallpaperColorExtractor.ColorExtractorService
ginlemon.flower.billing.seasonalPromo.SyncSeasonalPromoWorker
ginlemon.flower.billing.seasonalPromo.SeasonalPromoWorker
com.google.firebase.messaging.FirebaseMessagingService
com.google.firebase.components.ComponentDiscoveryService
com.google.android.gms.measurement.AppMeasurementService
com.google.android.gms.measurement.AppMeasurementJobService
androidx.work.impl.background.systemalarm.SystemAlarmService
androidx.work.impl.background.systemjob.SystemJobService
androidx.work.impl.foreground.SystemForegroundService
com.google.android.datatransport.runtime.backends.TransportBackendDiscovery
com.google.android.datatransport.runtime.scheduling.jobscheduling.JobInfoSchedulerService
androidx.room.MultiInstanceInvalidationService

Sample timeline

Certificate valid not before March 13, 2011, 3:38 p.m.
First submission on VT Aug. 27, 2021, 10:35 p.m.
Last submission on VT Aug. 27, 2021, 10:35 p.m.
Upload on Pithus Aug. 28, 2021, 3:58 p.m.
Certificate valid not after Feb. 28, 2061, 3:38 p.m.

NIAP analysis

Information computed with MobSF.

FCS_RBG_EXT.1.1 The application invoke platform-provided DRBG functionality for its cryptographic operations.
Random Bit Generation Services
FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['location', 'network connectivity'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to ['calender', 'address book'].
Access to Platform Resources
FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Network Communications
FDP_DAR_EXT.1.1 The application implement functionality to encrypt sensitive data in non-volatile memory.
Encryption Of Sensitive Application Data
FMT_MEC_EXT.1.1 The application invoke the mechanisms recommended by the platform vendor for storing and setting configuration options.
Supported Configuration Mechanism
FTP_DIT_EXT.1.1 The application does encrypt some transmitted data with HTTPS/TLS/SSH between itself and another trusted IT product.
Protection of Data in Transit
FCS_RBG_EXT.2.1
FCS_RBG_EXT.2.2		 The application perform all deterministic random bit generation (DRBG) services in accordance with NIST Special Publication 800-90A using Hash_DRBG. The deterministic RBG is seeded by an entropy source that accumulates entropy from a platform-based DRBG and a software-based noise source, with a minimum of 256 bits of entropy at least equal to the greatest security strength (according to NIST SP 800-57) of the keys and hashes that it will generate.
Random Bit Generation from Application
FCS_COP.1.1(2) The application perform cryptographic hashing services not in accordance with FCS_COP.1.1(2) and uses the cryptographic algorithm RC2/RC4/MD4/MD5.
Cryptographic Operation - Hashing
FCS_HTTPS_EXT.1.1 The application implement the HTTPS protocol that complies with RFC 2818.
HTTPS Protocol
FCS_HTTPS_EXT.1.2 The application implement HTTPS using TLS.
HTTPS Protocol
FCS_HTTPS_EXT.1.3 The application notify the user and not establish the connection or request application authorization to establish the connection if the peer certificate is deemed invalid.
HTTPS Protocol
FIA_X509_EXT.1.1 The application invoked platform-provided functionality to validate certificates in accordance with the following rules: ['The certificate path must terminate with a trusted CA certificate'].
X.509 Certificate Validation
FIA_X509_EXT.2.1 The application use X.509v3 certificates as defined by RFC 5280 to support authentication for HTTPS , TLS.
X.509 Certificate Authentication
FPT_TUD_EXT.2.1 The application shall be distributed using the format of the platform-supported package manager.
Integrity for Installation and Update

Code analysis

Information computed with MobSF.

Low
CVSS:7.5
The App logs information. Sensitive information should never be logged.
MASVS: MSTG-STORAGE-3
CWE-532 Insertion of Sensitive Information into Log File
Files: 
 ginlemon/flower/cloudMessaging/SlFirebaseMessagingService.java
 defpackage/np.java
 defpackage/s62.java
 defpackage/bk2.java
 defpackage/dh1.java
 ginlemon/flower/home/widget/WeatherClockView$systemBroadcastReceiver$1.java
 defpackage/n5.java
 defpackage/u31.java
 defpackage/wq1.java
 defpackage/vn1.java
 defpackage/hh1.java
 defpackage/tr.java
 defpackage/pm.java
 defpackage/fn1.java
 defpackage/wf.java
 defpackage/rn1.java
 defpackage/z32.java
 defpackage/f32.java
 defpackage/ak1.java
 defpackage/ge1.java
 defpackage/r61.java
 defpackage/oi2.java
 ginlemon/flower/preferences/showcases/MyLockScreensActivity.java
 defpackage/ke1.java
 defpackage/vo.java
 defpackage/i81.java
 ginlemon/flower/searchPanel/views/SearchBarPlaceholder.java
 defpackage/iq3.java
 ginlemon/flower/wallpaperColorExtractor/ColorExtractorService.java
 defpackage/bv0.java
 defpackage/sl.java
 defpackage/mu.java
 defpackage/i5.java
 defpackage/se1.java
 defpackage/r.java
 defpackage/gb2.java
 defpackage/dm1.java
 defpackage/yb0.java
 defpackage/xa.java
 defpackage/kb2.java
 defpackage/sv1.java
 defpackage/v82.java
 defpackage/i31.java
 defpackage/gq1.java
 defpackage/sn2.java
 defpackage/fm.java
 defpackage/wn2.java
 defpackage/ff2.java
 ginlemon/flower/billing/periodicPromo/PromoNotificationWorker.java
 defpackage/or.java
 defpackage/vu1.java
 defpackage/j4.java
 defpackage/oq1.java
 defpackage/la.java
 defpackage/vb1.java
 defpackage/xy1.java
 defpackage/wq.java
 defpackage/oj1.java
 defpackage/zb1.java
 defpackage/y72.java
 defpackage/wj1.java
 defpackage/qz.java
 defpackage/xj1.java
 defpackage/wx.java
 ginlemon/flower/billing/SLProMigrationProvider.java
 defpackage/yu0.java
 defpackage/ia.java
 defpackage/fd1.java
 defpackage/c41.java
 ginlemon/flower/shortcuts/AddDeepShortcutActivity.java
 defpackage/uj2.java
 defpackage/mj2.java
 defpackage/id1.java
 defpackage/g71.java
 ginlemon/flower/home/widget/HomeWidgetResizerFrame.java
 defpackage/h71.java
 defpackage/oo.java
 defpackage/cd2.java
 defpackage/zx1.java
 defpackage/nd2.java
 ginlemon/flower/LockerView.java
 ginlemon/flower/iconPicker/IconPickerActivity.java
 defpackage/tb2.java
 ginlemon/flower/ads/AdsAreaView.java
 defpackage/jr.java
 defpackage/l4.java
 defpackage/am2.java
 ginlemon/flower/searchEngine/SearchEngine.java
 defpackage/vg1.java
 defpackage/m22.java
 defpackage/fg1.java
 ginlemon/flower/App.java
 ginlemon/flower/widgetPanel/DragLayer.java
 defpackage/z81.java
 defpackage/kf.java
 defpackage/d92.java
 defpackage/jz1.java
 defpackage/m51.java
 defpackage/w82.java
 ginlemon/flower/HomeScreen.java
 ginlemon/flower/preferences/panelsEditor/PanelsEditorActivity.java
 ginlemon/flower/locker/LockscreenService.java
 ginlemon/flower/recovery/RecoveryActivity.java
 defpackage/tl2.java
 defpackage/yp1.java
 defpackage/xl.java
 defpackage/p22.java
 defpackage/uw1.java
 defpackage/qo.java
 defpackage/bl1.java
 defpackage/zq.java
 defpackage/aa2.java
 defpackage/to1.java
 ginlemon/flower/home/quickstart/BubbleView.java
 ginlemon/flower/billing/PurchaseReEngagementWorker.java
 defpackage/gk2.java
 defpackage/uh2.java
 ginlemon/flower/library/EncapsulationActivity.java
 defpackage/mh2.java
 defpackage/bd.java
 defpackage/eh2.java
 defpackage/wf2.java
 defpackage/h02.java
 defpackage/ay1.java
 ginlemon/flower/PreventModificationsActivity.java
 defpackage/c6.java
 defpackage/fr.java
 defpackage/h4.java
 defpackage/eh1.java
 defpackage/ch1.java
 defpackage/t31.java
 defpackage/b81.java
 defpackage/qk0.java
 defpackage/g32.java
 defpackage/nk1.java
 defpackage/w32.java
 defpackage/qc1.java
 ginlemon/flower/billing/seasonalPromo/SeasonalPromoWorker.java
 defpackage/sn1.java
 defpackage/k32.java
 defpackage/hm.java
 defpackage/e51.java
 defpackage/oh1.java
 defpackage/cd.java
 defpackage/so.java
 defpackage/sz.java
 defpackage/mf2.java
 defpackage/lq1.java
 defpackage/ih1.java
 defpackage/kf2.java
 defpackage/zn2.java
 defpackage/nb.java
 defpackage/lh2.java
 defpackage/yq.java
 ginlemon/flower/preferences/prefMenu/PrefMenuActivity.java
 ginlemon/library/models/AppModel.java
 ginlemon/flower/home/widget/WeatherClockView$localReceiver$1.java
 defpackage/c8.java
 defpackage/fh2.java
 defpackage/c61.java
 defpackage/r12.java
 defpackage/tl1.java
 defpackage/me2.java
 ginlemon/flower/widgetPanel/CellLayout.java
 defpackage/ar.java
 defpackage/p52.java
 defpackage/ql2.java
 defpackage/to.java
 defpackage/i4.java
 defpackage/ep.java
 defpackage/k7.java
 defpackage/fm2.java
 defpackage/s61.java
 defpackage/pi2.java
 defpackage/kc1.java
 defpackage/de1.java
 defpackage/y6.java
 ginlemon/flower/preferences/BlackScreenActivity.java
 defpackage/ig1.java
 defpackage/ym1.java
 defpackage/ea.java
 ginlemon/flower/feed/NewsPanel.java
 defpackage/qk2.java
 defpackage/g42.java
 ginlemon/flower/preferences/FontPickerActivity.java
 ginlemon/flower/webApp/PickerDialogBuilder.java
 defpackage/m7.java
 defpackage/yj1.java
 defpackage/ku.java
 defpackage/sd0.java
 defpackage/n71.java
 defpackage/lu1.java
 defpackage/on.java
 defpackage/i41.java
 defpackage/hr1.java
 defpackage/d41.java
 defpackage/jd1.java
 defpackage/pj2.java
 defpackage/qj2.java
 defpackage/vj2.java
 defpackage/br.java
 ginlemon/flower/home/quickstart/FlowerView.java
 defpackage/lg2.java
 defpackage/vx1.java
 defpackage/bd2.java
 defpackage/pg.java
 defpackage/cl1.java
 defpackage/wr1.java
 defpackage/b12.java
 defpackage/o41.java
 defpackage/re2.java
 defpackage/ub1.java
 defpackage/zg1.java
 defpackage/f42.java
 defpackage/km2.java
 defpackage/gd.java
 defpackage/lz.java
 defpackage/ns.java
 defpackage/rl.java
 defpackage/ue1.java
 defpackage/ge2.java
 defpackage/xa2.java
 defpackage/jo2.java
 defpackage/k82.java
 ginlemon/flower/library/preferences/colorPicker/HSVAlphaSlider.java
 ginlemon/flower/drawer/DrawerRecyclerView.java
 defpackage/fi2.java
 defpackage/rd2.java
 defpackage/cm.java
 defpackage/i51.java
 defpackage/kl2.java
 defpackage/of1.java
 ginlemon/library/widgets/VideoTextureView.java
 defpackage/rr1.java
 ginlemon/flower/searchEngine/SearchEngine$localReceiver$1.java
 defpackage/je1.java
 defpackage/lf2.java
 defpackage/o31.java
 defpackage/r5.java
 ginlemon/flower/home/widget/ClockView.java
 defpackage/o0.java
 defpackage/my0.java
 defpackage/by1.java
 ginlemon/flower/searchPanel/SearchPanel.java
 ginlemon/flower/drawer/DrawerPanel$localBr$1.java
 defpackage/bh1.java
 ginlemon/flower/PopupLayer.java
 ginlemon/flower/drawer/DrawerPanel.java
 defpackage/yq1.java
 ginlemon/flower/preferences/prefMenu/SwipeBehavior.java
 ginlemon/flower/SLEventsReceiver.java
 defpackage/tn1.java
 defpackage/ir.java
 defpackage/k4.java
 defpackage/zl2.java
 defpackage/i.java
 defpackage/y5.java
 defpackage/d32.java
 defpackage/as.java
 defpackage/p61.java
 defpackage/ie1.java
 defpackage/jc1.java
 defpackage/nc1.java
 defpackage/mi2.java
 defpackage/ma.java
 ginlemon/flower/preferences/showcases/WallpaperSelectorActivity.java
 defpackage/n3.java
 defpackage/be2.java
 defpackage/me1.java
 defpackage/tk2.java
 defpackage/wd.java
 defpackage/po.java
 defpackage/bn.java
 defpackage/t61.java
 defpackage/l61.java
 defpackage/h61.java
 defpackage/hv0.java
 defpackage/pv0.java
 defpackage/sh2.java
 defpackage/gw1.java
 defpackage/kp1.java
 defpackage/xk2.java
 defpackage/oo2.java
 defpackage/vq.java
 defpackage/d7.java
 defpackage/hz1.java
 defpackage/vh1.java
 ginlemon/flower/drawer/category/CategoryLayout.java
 defpackage/nr.java
 defpackage/ko2.java
 defpackage/xn.java
 defpackage/a62.java
 defpackage/qc0.java
 defpackage/fc1.java
 defpackage/gp1.java
 defpackage/qd2.java
 ginlemon/flower/preferences/SettingsProvider.java
 defpackage/r51.java
 ginlemon/flower/widgetPanel/WidgetWorkspace.java
 defpackage/co2.java
 defpackage/ds1.java
 defpackage/f51.java
 defpackage/wp1.java
 defpackage/jh1.java
 defpackage/gc.java
 defpackage/rd.java
 ginlemon/flower/widgetPanel/ResizerFrame.java
 defpackage/cw1.java
 defpackage/kw1.java
 defpackage/oh2.java
 defpackage/n22.java
 defpackage/ur.java
 defpackage/nd0.java
 defpackage/ro1.java
 defpackage/rd0.java
 defpackage/h41.java
 defpackage/ux1.java
 defpackage/dd.java
 defpackage/e41.java
 defpackage/ro.java
 defpackage/cd1.java
 defpackage/jj2.java
 defpackage/ld1.java
 defpackage/kd1.java
 defpackage/e71.java
 defpackage/Cdo.java
 defpackage/jg2.java
 ginlemon/flower/welcome/presets/PresetPreview.java
 ginlemon/flower/whatsnew/WhatsNewActivity.java
 defpackage/hx1.java
 defpackage/rm1.java
 defpackage/gm2.java
 ginlemon/flower/home/widget/HomeWidgetArea.java
 defpackage/m5.java
 defpackage/da2.java
 defpackage/ve2.java
 defpackage/w52.java
 defpackage/jm1.java
 defpackage/m41.java
 defpackage/uy.java
 defpackage/b42.java
 defpackage/bw1.java
 defpackage/oq.java
 defpackage/ve1.java
 defpackage/a92.java
 defpackage/fo.java
 defpackage/lp1.java
 ginlemon/flower/welcome/WallpapersLayout.java
 defpackage/w81.java
 defpackage/bm1.java
 ginlemon/flower/preferences/PrefSectionActivity.java
 defpackage/nb2.java
 defpackage/tp1.java
 defpackage/d8.java
 defpackage/yl.java
 defpackage/nf1.java
 defpackage/kf1.java
 defpackage/qb2.java
 defpackage/xr.java
 defpackage/ic1.java
 defpackage/cp.java
 defpackage/op.java
 ginlemon/flower/home/widget/WeatherClockView.java
 defpackage/b3.java
 defpackage/aq1.java
 defpackage/u42.java
 defpackage/ne1.java
 ginlemon/flower/drawer/Drawer.java
 defpackage/cv0.java
 defpackage/dm2.java
 defpackage/ah1.java
 ginlemon/flower/worker/RandomWallpaperWorker.java
 defpackage/qn1.java
 ginlemon/flower/library/PanelActionService.java
 defpackage/pa.java
 defpackage/py0.java
 ginlemon/flower/welcome/WelcomeActivity.java
 defpackage/r31.java
 defpackage/vq1.java
 defpackage/y92.java
 defpackage/ok0.java
 defpackage/sc1.java
 ginlemon/flower/welcome/UpgradeActivity.java
 defpackage/zi2.java
 defpackage/un1.java
 defpackage/en1.java
 ginlemon/flower/widgetPanel/LauncherProvider.java
 ginlemon/flower/googleFeed/GoogleNowPanel.java
 defpackage/vf1.java
 defpackage/xf1.java
 defpackage/iq.java
 defpackage/k3.java
 defpackage/ke.java
 ginlemon/flower/workspace/PanelsWorkspace.java
 ginlemon/flower/widgetPanel/WidgetResizerFrame.java
 defpackage/kh1.java
 defpackage/f31.java
 defpackage/h31.java
 defpackage/l31.java
 defpackage/qh1.java
 defpackage/cf2.java
 ginlemon/flower/preferences/panelsEditor/PanelManagerLayout.java
 ginlemon/flower/widgetPanel/WidgetPanel.java
 defpackage/wg.java
 defpackage/ds.java
 defpackage/tw1.java
 defpackage/zw1.java
 defpackage/zv1.java
 defpackage/th2.java
 ginlemon/flower/library/preferences/colorPicker/HSVValueSlider.java
 defpackage/c92.java
 defpackage/oa2.java
 defpackage/h52.java
 defpackage/lf1.java
 defpackage/ka.java
 defpackage/y82.java
 defpackage/hi2.java
 ginlemon/flower/widgetPanel/WidgetEditorPopup.java
 defpackage/rm.java
 defpackage/ml2.java
 ginlemon/flower/preferences/showcases/MyThemesActivity.java
 defpackage/mv.java
 defpackage/ag1.java
 ginlemon/flower/searchPanel/views/ExpandableActionsLayout.java
 defpackage/he1.java
 defpackage/an1.java
 defpackage/nv1.java
 defpackage/o42.java
 defpackage/a5.java
 ginlemon/flower/billing/newpaywall/NewPaywallActivity.java
 defpackage/sd1.java
 defpackage/nm2.java
 defpackage/f00.java
 defpackage/c42.java
 defpackage/lm.java
 defpackage/rm2.java
 defpackage/l3.java
 defpackage/jq.java
 defpackage/bm2.java
 ginlemon/flower/home/HomePanel.java
 ginlemon/notifications/listener/NotificationListener.java
 defpackage/g41.java
 defpackage/ig2.java
 defpackage/sm2.java
 defpackage/up.java
 defpackage/ju1.java
 defpackage/l71.java
 defpackage/b41.java
 ginlemon/flower/billing/classicpaywall/PaywallActivity.java
 defpackage/gd1.java
 defpackage/hd1.java
 defpackage/tu1.java
 defpackage/v71.java
 defpackage/f71.java
 defpackage/ed2.java
 defpackage/x7.java
 ginlemon/flower/preferences/IconPackPreviewView.java
 defpackage/qa.java
 defpackage/pm1.java
 defpackage/rd1.java
 defpackage/a41.java
 defpackage/te2.java
 ginlemon/flower/preferences/showcases/ExplorerActivity.java
 defpackage/mm2.java
 defpackage/q41.java
 defpackage/or1.java
 ginlemon/notifications/listener/preferences/BlacklistActivity.java
 ginlemon/flower/preferences/MinimalModeTileService.java
 defpackage/cm2.java
 defpackage/sf.java
 defpackage/x72.java
 defpackage/ro2.java
 ginlemon/flower/widgetPicker/WidgetPickerActivity.java
 defpackage/na.java
 ginlemon/flower/googleFeed/GoogleNowPanel$broadcastReceiver$1.java
 defpackage/j3.java
 defpackage/mo2.java
 defpackage/pa2.java
 ginlemon/flower/locker/LockscreenService$checkBoot$1.java
 defpackage/jb2.java
 defpackage/pc0.java
 defpackage/pp1.java
 defpackage/hc1.java
 defpackage/x82.java
 defpackage/hl2.java
 defpackage/q61.java
 defpackage/s4.java
 ginlemon/flower/addPicker/AddPickerActivity.java
 defpackage/fl1.java
 defpackage/cs.java
 defpackage/dv1.java
 defpackage/om.java
 defpackage/z7.java
 defpackage/ck2.java
 ginlemon/flower/welcome/SplashLayout.java
 defpackage/gq.java
 defpackage/pd0.java
 defpackage/re1.java
 defpackage/xb1.java
 defpackage/ih2.java
 defpackage/s72.java
High
CVSS:5.5
App creates temp file. Sensitive information should never be written into a temp file.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files: 
 defpackage/je1.java
 defpackage/cd2.java
 defpackage/gd.java
 defpackage/xz1.java
 defpackage/d61.java
 defpackage/qj2.java
High
CVSS:7.5
The App uses an insecure Random Number Generator.
MASVS: MSTG-CRYPTO-6
CWE-330 Use of Insufficiently Random Values
M5: Insufficient Cryptography
Files: 
 defpackage/ej0.java
 defpackage/j10.java
 defpackage/j91.java
 defpackage/bu2.java
 defpackage/mf0.java
 defpackage/su3.java
 defpackage/zb3.java
 defpackage/v81.java
 defpackage/dg0.java
 defpackage/jc3.java
 defpackage/eq2.java
 defpackage/k90.java
 defpackage/yt2.java
 defpackage/ph0.java
 defpackage/zt2.java
 defpackage/jp.java
 defpackage/ee0.java
 defpackage/ge0.java
 defpackage/b90.java
 defpackage/kq2.java
 defpackage/dq2.java
 defpackage/re0.java
 defpackage/zh0.java
 defpackage/bf0.java
 defpackage/xx2.java
 defpackage/df0.java
 defpackage/gk0.java
 defpackage/ff2.java
 defpackage/lf2.java
 defpackage/j81.java
 defpackage/ik0.java
 defpackage/fg0.java
 defpackage/o80.java
 defpackage/r91.java
 defpackage/wp2.java
 defpackage/fa0.java
 defpackage/c80.java
 defpackage/e80.java
 defpackage/ba0.java
 defpackage/ai0.java
 defpackage/en3.java
 defpackage/x80.java
 defpackage/ji0.java
Low
CVSS:0
This App copies data to clipboard. Sensitive data should not be copied to clipboard as other applications can access it.
MASVS: MSTG-STORAGE-10
Files: 
 defpackage/g.java
 defpackage/dz1.java
High
CVSS:5.9
App uses SQLite Database and execute raw SQL query. Untrusted user input in raw SQL queries can cause SQL Injection. Also sensitive information should be encrypted and written to the database.
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
M7: Client Code Quality
Files: 
 defpackage/tl1.java
 defpackage/fo.java
 defpackage/hr1.java
 defpackage/wl1.java
 defpackage/yq1.java
 defpackage/dm1.java
 defpackage/fm1.java
 defpackage/wq1.java
 defpackage/bm1.java
 defpackage/xq1.java
 defpackage/vj2.java
 ginlemon/flower/widgetPanel/LauncherProvider.java
 defpackage/w82.java
 defpackage/ak1.java
 defpackage/an1.java
 defpackage/ut0.java
 defpackage/jh1.java
 defpackage/cx.java
 defpackage/tt0.java
 defpackage/gx.java
 defpackage/gl0.java
 ginlemon/flower/searchEngine/SearchEngine.java
 defpackage/nr1.java
 defpackage/hx.java
 defpackage/wd.java
 defpackage/s72.java
 defpackage/bd.java
High
CVSS:5.5
App can read/write to External Storage. Any App can read data written to External Storage.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files: 
 defpackage/h02.java
 ginlemon/flower/wallpaperColorExtractor/ColorExtractorService.java
 defpackage/e02.java
 ginlemon/flower/preferences/backup/BackupActivity.java
 defpackage/b0.java
 ginlemon/flower/preferences/FontPickerActivity.java
 defpackage/bk2.java
 defpackage/ll2.java
 ginlemon/flower/preferences/ScreenshotViewActivity.java
Info
CVSS:0
This App uses SSL certificate pinning to detect or prevent MITM attacks in secure communication channel.
MASVS: MSTG-NETWORK-4
Files: 
 ginlemon/flower/preferences/OverDrawingAppsActivity.java
 ginlemon/flower/widgetPicker/WidgetPickerActivity.java
 ginlemon/flower/addPicker/AddPickerActivity.java
 ginlemon/flower/preferences/backup/BackupActivity.java
 ginlemon/flower/preferences/showcases/MyLockScreensActivity.java
 defpackage/wn2.java
 ginlemon/flower/preferences/NotLaunchableAppsActivity.java
 ginlemon/flower/preferences/HiddenAppsActivity.java
 ginlemon/flower/preferences/showcases/WallpaperSelectorActivity.java
 ginlemon/flower/billing/classicpaywall/PaywallActivity.java
 ginlemon/flower/preferences/showcases/ExplorerActivity.java
 defpackage/tp1.java
 ginlemon/flower/iconPicker/IconPackIconPickerActivity.java
 ginlemon/flower/preferences/showcases/MyThemesActivity.java
 ginlemon/flower/App.java
 defpackage/ir3.java
High
CVSS:5.9
SHA-1 is a weak hash known to have hash collisions.
MASVS: MSTG-CRYPTO-4
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
M5: Insufficient Cryptography
Files: 
 defpackage/e51.java
 defpackage/c61.java
 defpackage/xw1.java
 defpackage/fm2.java
 defpackage/wn2.java
Medium
CVSS:4.3
IP Address disclosure
MASVS: MSTG-CODE-2
CWE-200 Information Exposure
Files: 
 defpackage/oo.java
 defpackage/up.java
 defpackage/zq.java
 defpackage/mo.java
 defpackage/kl2.java
 defpackage/tl2.java
 defpackage/oq.java
Low
CVSS:3.9
App can write to App Directory. Sensitive Information should be encrypted.
MASVS: MSTG-STORAGE-14
CWE-276 Incorrect Default Permissions
Files: 
 defpackage/vj2.java
 defpackage/uw1.java
 defpackage/dh1.java
Info
CVSS:0
This App may have root detection capabilities.
MASVS: MSTG-RESILIENCE-1
Files: 
 defpackage/fm2.java
Pygal Germany: 200 France: 100 Hong Kong: 100 Ireland: 100 Korea, Republic of: 100 Netherlands: 800 Russian Federation: 100 Sweden: 100 United States: 2200

Map computed by Pithus.

Domains analysis

Information computed with MobSF.

US www.ecosia.org 104.18.6.104
RU yandex.ru 5.255.255.77
NL www.startpage.com 89.146.4.148
US google.com 142.250.186.46
NL m.facebook.com 157.240.236.35
US www.xda-developers.com 104.18.19.88
HK www.baidu.com 103.235.46.39
settings.crashlytics.com
US clearfoundation.co.nz 209.90.117.216
US pagead2.googlesyndication.com 142.250.185.98
US www.thinkclearly.news 184.73.33.93
NL www.instagram.com 157.240.236.174
US www.google.com 216.58.212.132
US www.clearcellular.org 54.166.197.183
IE us.search.yahoo.com 212.82.100.137
DE ac.ecosia.org 3.64.35.128
US news.google.com 142.250.185.174
US images.unsplash.com 151.101.14.208
e.crashlytics.com
www.s
NL api.smartlauncher.net 188.166.200.125
schemas.android.com
US www.twitter.com 104.244.42.1
KR search.naver.com 125.209.230.167
US www.bing.com 204.79.197.200
US www.googleadservices.com 142.250.184.226
SE us.se 46.59.86.6
FR www.qwant.com 194.187.168.100
US firebase.google.com 142.250.185.238
DE www.leganerd.com 78.46.77.46
US www.clearos.com 52.4.160.28
NL www.smartlauncher.net 188.166.135.6
US api.unsplash.com 151.101.13.181
US support.google.com 142.250.185.142
US play.google.com 142.250.185.110
US www.reddit.com 151.101.13.140
www.e
US www.androidcentral.com 104.18.90.25
NL pro.openweathermap.org 37.139.20.211
US clearoslauncher.firebaseio.com 35.201.97.85
NL static.smartlauncher.net 188.166.201.8
US suggestqueries.google.com 142.250.184.206
NL duckduckgo.com 40.114.177.156
www.g

URL analysis

Information computed with MobSF.

https://www.twitter.com
https://www.androidcentral.com
https://www.xda-developers.com/
https://www.leganerd.com
https://news.google.com
Defined in ginlemon/flower/WebPanel.java
https://www.reddit.com/r/smartlauncher
Defined in ginlemon/flower/RatingActivity.java
https://www.clearcellular.org/clearnav-terms-of-service.html
https://www.clearcellular.org/clearnav-privacy-policy.html
Defined in ginlemon/flower/welcome/SplashLayout.java
https://www.clearcellular.org/clearnav-privacy-policy.html/
https://www.clearcellular.org/clearnav-terms-of-service.html/
Defined in ginlemon/flower/preferences/PrefSectionActivity.java
https://api.smartlauncher.net/adv/tracking/com-vinwap-parallaxwallpaper
Defined in ginlemon/flower/preferences/showcases/WallpaperSelectorActivity.java
https://www.instagram.com/smartlauncher/
Defined in ginlemon/flower/preferences/prefMenu/PrefMenuActivity.java
https://play.google.com/store/apps/developer?id=Smart+Launcher+Team
https://static.smartlauncher.net/credits/easteregg/selfie.webp
https://static.smartlauncher.net/credits/easteregg/sushi.webp
https://static.smartlauncher.net/credits/easteregg/bridge.webp
https://static.smartlauncher.net/credits/easteregg/germany.webp
https://static.smartlauncher.net/credits/easteregg/photo_team.jpg
Defined in ginlemon/flower/preferences/teamInfo/AboutActivity.java
https://play.google.com/store/apps/details?id=
Defined in ginlemon/flower/drawer/Drawer.java
http://schemas.android.com/apk/res/android
Defined in defpackage/l3.java
https://google.com/search?
Defined in defpackage/rr0.java
https://%s/%s/%s
https://firebase.google.com/support/privacy/init-options.
Defined in defpackage/r51.java
https://api.smartlauncher.net/bestapp/listAll/%s?category=%s&locale=%s&metered=%s&mode=%s
Defined in defpackage/nc1.java
https://pro.openweathermap.org/data/2.5/weather?lat=
Defined in defpackage/qk2.java
http://www.
Defined in defpackage/qb2.java
https://news.google.com
Defined in defpackage/uw1.java
https://play.google.com/store/account/subscriptions?package=ginlemon.flowerfree
https://www.clearcellular.org/clearnav-privacy-policy.html/
https://play.google.com/store/apps/details?id=ginlemon.flowerfree
Defined in defpackage/gi1.java
https://static.smartlauncher.net/bestapp/thumb/
Defined in defpackage/mc1.java
https://settings.crashlytics.com/spi/v2/platforms/android/apps/%s/settings
Defined in defpackage/ro2.java
http://play.google.com/store/apps/details
https://play.google.com/store/apps/details
Defined in defpackage/hc1.java
http://schemas.android.com/apk/res/android
Defined in defpackage/eh2.java
https://clearfoundation.co.nz/
https://www.clearos.com/products/clearos-editions/clearos-mobile
https://www.clearcellular.org/clearnav-terms-of-service.html/
https://www.clearcellular.org/clearnav-privacy-policy.html/
Defined in defpackage/ii1.java
https://m.facebook.com/ads/ad_choices
https://support.google.com/adsense/troubleshooter/1631343
Defined in defpackage/zb1.java
https://www.googleadservices.com/pagead/conversion/app/deeplink?id_type=adid&sdk_version=%s&rdid=%s&bundleid=%s&retry=%s
Defined in defpackage/wq0.java
https://ac.ecosia.org/autocomplete
https://www.ecosia.org/search?q=
Defined in defpackage/x82.java
https://static.smartlauncher.net/wallpapers/wall_easter_egg.png
https://static.smartlauncher.net/wallpapers/wall_easter_egg_thumb.png
Defined in defpackage/k32.java
https://www.thinkclearly.news/rest/security/resetPIN
Defined in defpackage/hz1.java
http://static.smartlauncher.net/themes/thumb/
https://static.smartlauncher.net/themes/thumb/
http://static.smartlauncher.net/lockscreen/thumb/
https://static.smartlauncher.net/lockscreen/thumb/
Defined in defpackage/f32.java
https://www.thinkclearly.news/rest/news/feed?market=
Defined in defpackage/gp1.java
https://www.google.com/search?q=
https://www.g
https://us.search.yahoo.com/search?fr=yhs-invalid&p=
https://us.se
https://yandex.ru/search/?text=
https://yande
https://www.baidu.com/s?wd=
https://www.baidu.com/s?wd=$query
https://duckduckgo.com/?q=
https://duckduckgo.com/?q=$query
https://www.bing.com/search?q=
https://www.bing.com/search?q=$query
https://www.startpage.com/do/asearch?query=
https://www.s
https://search.naver.com/search.naver?query=
https://searc
https://www.qwant.com/?q=
https://www.qwant.com/?q=$query
https://www.ecosia.org/search?q=
https://www.e
Defined in defpackage/q82.java
https://www.smartlauncher.net/betatester/
Defined in defpackage/b0.java
https://pagead2.googlesyndication.com/pagead/gen_204?id=gmob-apps
Defined in defpackage/wx.java
https://e.crashlytics.com/spi/v2/events
Defined in defpackage/lo2.java
https://static.smartlauncher.net/
Defined in defpackage/de1.java
https://pro.openweathermap.org/data/2.5/weather?q=
Defined in defpackage/i72.java
https://api.smartlauncher.net/clickfail/
Defined in defpackage/ic1.java
https://www.thinkclearly.news/rest/news/topics?market=
Defined in defpackage/yp1.java
https://api.unsplash.com
https://images.unsplash.com/photo
https://api.unsplash.com/photos/random
Defined in defpackage/p52.java
https://www.smartlauncher.net/bridge/
Defined in defpackage/pq1.java
https://www.google.com/search?q=
https://suggestqueries.google.com/complete/search
Defined in defpackage/y82.java
http://www.smartlauncher.net
www.smartlauncher.net
https://clearoslauncher.firebaseio.com
Defined in Android String Resource

Permissions analysis

Information computed with MobSF.

High android.permission.ACCESS_FINE_LOCATION fine (GPS) location
Access fine location sources, such as the Global Positioning System on the phone, where available. Malicious applications can use this to determine where you are and may consume additional battery power.
High android.permission.CALL_PHONE directly call phone numbers
Allows the application to call phone numbers without your intervention. Malicious applications may cause unexpected calls on your phone bill. Note that this does not allow the application to call emergency numbers.
High android.permission.READ_CALENDAR read calendar events
Allows an application to read all of the calendar events stored on your phone. Malicious applications can use this to send your calendar events to other people.
High android.permission.WRITE_EXTERNAL_STORAGE read/modify/delete external storage contents
Allows an application to write to external storage.
High android.permission.READ_CONTACTS read contact data
Allows an application to read all of the contact (address) data stored on your phone. Malicious applications can use this to send your data to other people.
High android.permission.WRITE_SETTINGS modify global system settings
Allows an application to modify the system's settings data. Malicious applications can corrupt your system's configuration.
High com.google.android.gms.permission.ACTIVITY_RECOGNITION allow application to recognize physical activity
Allows an application to recognize physical activity.
High android.permission.READ_PHONE_STATE read phone state and identity
Allows the application to access the phone features of the device. An application with this permission can determine the phone number and serial number of this phone, whether a call is active, the number that call is connected to and so on.
Low android.permission.EXPAND_STATUS_BAR expand/collapse status bar
Allows application to expand or collapse the status bar.
Low android.permission.RESTART_PACKAGES kill background processes
Allows an application to kill background processes of other applications, even if memory is not low.
Low android.permission.VIBRATE control vibrator
Allows the application to control the vibrator.
Low android.permission.DISABLE_KEYGUARD Allows applications to disable the keyguard if it is not secure.
Low android.permission.SET_WALLPAPER set wallpaper
Allows the application to set the system wallpaper.
Low android.permission.SET_WALLPAPER_HINTS set wallpaper size hints
Allows the application to set the system wallpaper size hints.
Low android.permission.INTERNET full Internet access
Allows an application to create network sockets.
Low android.permission.ACCESS_NETWORK_STATE view network status
Allows an application to view the status of all networks.
Low android.permission.KILL_BACKGROUND_PROCESSES kill background processes
Allows an application to kill background processes of other applications, even if memory is not low.
Low android.permission.REQUEST_DELETE_PACKAGES Allows an application to request deleting packages.
Low android.permission.WAKE_LOCK prevent phone from sleeping
Allows an application to prevent the phone from going to sleep.
Low android.permission.RECEIVE_BOOT_COMPLETED automatically start at boot
Allows an application to start itself as soon as the system has finished booting. This can make it take longer to start the phone and allow the application to slow down the overall phone by always running.
Low android.permission.FOREGROUND_SERVICE Allows a regular application to use Service.startForeground
Medium android.permission.BIND_NOTIFICATION_LISTENER_SERVICE Must be required by an NotificationListenerService, to ensure that only the system can bind to it.
Medium com.google.android.c2dm.permission.RECEIVE C2DM permissions
Permission for cloud to device messaging.
com.huawei.android.mewidget.permission.data Unknown permission
Unknown permission from android reference
com.zte.appwidget.contact.permission.WRITE_SETTINGS Unknown permission
Unknown permission from android reference
android.permission.ACCESS_WEATHERCLOCK_PROVIDER Unknown permission
Unknown permission from android reference
ginlemon.receiveNotifications Unknown permission
Unknown permission from android reference
ginlemon.canTurnOffScreen Unknown permission
Unknown permission from android reference
com.android.vending.BILLING Unknown permission
Unknown permission from android reference
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE Unknown permission
Unknown permission from android reference

Threat analysis

Information computed with Quark-Engine.

Confidence:
100%
Check if the network is connected
Confidence:
100%
Start another application from current application
Confidence:
100%
Load external class
Confidence:
100%
Create a socket connection to the given host address
Confidence:
100%
Implicit intent(view a web page, make a phone call, etc.)
Confidence:
100%
Get absolute path of file and put it to JSON object
Confidence:
100%
Find a method from given class name, usually for reflection
Confidence:
100%
Check the active network type
Confidence:
100%
Connect to a URL and receive input stream from the server
Confidence:
100%
Method reflection
Confidence:
100%
Connect to a URL and read data from it
Confidence:
100%
Monitor data identified by a given content URI changes(SMS, MMS, etc.)
Confidence:
100%
Create a secure socket connection to the given host address
Confidence:
100%
Load class from given class name
Confidence:
100%
Retrieve data from broadcast
Confidence:
100%
Read sensitive data(SMS, CALLLOG, etc)
Confidence:
100%
Implicit intent(view a web page, make a phone call, etc.) via setData
Confidence:
100%
Connect to a URL and get the response code
Confidence:
100%
Send notification
Confidence:
100%
Monitor the broadcast action events (BOOT_COMPLETED)
Confidence:
100%
Get Location of the device and append this info to a string
Confidence:
100%