Moderate Risk

Threat level

im.cwtch.flwtch

Cwtch

Analyzed on 2021-10-18T11:08:33.817410

10

permissions

1

activities

5

services

8

receivers

15

domains

File sums

MD5 76d3ef92d6f58dad646fcab6bbfc2c64
SHA1 cbaad57687d04b6e1b81220947399a7ad785f906
SHA256 47373b0b08ec6ba63965e06b2389169148db95e1d2526d2b9d95594dcecb9ffd
Size 41.78MB

APKiD

Information computed with APKiD.

/tmp/tmp01clqjl7!classes.dex
compiler
  • unknown (please file detection issue!)

SSdeep

Information computed with ssdeep.

APK file 786432:ePJUamypyX9CPcvAy75nwk6Ybwzk5TPI3zxgR8iMVGddfnskf1biSf0:8JUammQ1vL5x6YbwQo1E2wdt9fc
Manifest 192:s9bSl4W4ouo2k/kRE60b21SbAoTmRzeCTy1MZg7KYufsl+TtrTFu0HQqxRs9Ahqn:…
classes.dex 24576:+98Mcr/OmiwxtV2NLyfR9pbBXL1atcBFWNiiXEbt+Cm:bGmXVFKCFWNiiXnCm

Dexofuzzy

Information computed with Dexofuzzy.

APK file 3072:2xlEUwLLAvs5z/vQ+mnT9/S3l7ztJcIVle:2LHsvQlR/j
classes.dex 3072:2xlEUwLLAvs5z/vQ+mnT9/S3l7ztJcIVle:2LHsvQlR/j

APK details

Information computed with AndroGuard and Pithus.

Package im.cwtch.flwtch
App name Cwtch
Version name 1.3.0
Version code 20
SDK 16 - 30
UAID da93f832903fa3dfba6f6bf373ef381987f0bc0b
Signature Signature V1 Signature V2
Frosting Not frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown
  • 0x42726577: Verity padding

Certificate details

Information computed with AndroGuard.

MD5 e1650197c184a4df110460f82eca649e
SHA1 0523a5041717c503507bea82c4ef21216dbd0cce
SHA256 dca75600a92c89791e0ba63a9f07b67de88440a16eefdefdbf45aeb4654e254a
Issuer Organizational Unit: Cwtch, Organization: Open Privacy Research Society, Country: CA
Not before 2020-12-10T00:41:43+00:00
Not after 2045-12-04T00:41:43+00:00

Manifest analysis

Information computed with MobSF.

Medium Application Data can be Backed up[android:allowBackup] flag is missing.
The flag [android:allowBackup] should be set to false. By default it is set to true and allows anyone to backup your application data via adb. It allows users who have enabled USB debugging to copy application data off of the device.
High Service (androidx.work.impl.background.systemjob.SystemJobService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (androidx.work.impl.diagnostics.DiagnosticsReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.DUMP [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.

Main Activity

Information computed with AndroGuard.

im.cwtch.flwtch.MainActivity

Activities

Information computed with AndroGuard.

im.cwtch.flwtch.MainActivity

Receivers

Information computed with AndroGuard.

androidx.work.impl.utils.ForceStopRunnable$BroadcastReceiver
androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy
androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy
androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy
androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy
androidx.work.impl.background.systemalarm.RescheduleReceiver
androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver
androidx.work.impl.diagnostics.DiagnosticsReceiver

Services

Information computed with AndroGuard.

androidx.work.multiprocess.RemoteWorkManagerService
androidx.work.impl.background.systemalarm.SystemAlarmService
androidx.work.impl.background.systemjob.SystemJobService
androidx.work.impl.foreground.SystemForegroundService
androidx.room.MultiInstanceInvalidationService

NIAP analysis

Information computed with MobSF.

FCS_RBG_EXT.1.1 The application use no DRBG functionality for its cryptographic operations.
Random Bit Generation Services
FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['network connectivity'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to no sensitive information repositories.
Access to Platform Resources
FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Network Communications
FDP_DAR_EXT.1.1 The application does not encrypt files in non-volatile memory.
Encryption Of Sensitive Application Data
FMT_MEC_EXT.1.1 The application invoke the mechanisms recommended by the platform vendor for storing and setting configuration options.
Supported Configuration Mechanism
FTP_DIT_EXT.1.1 The application does encrypt some transmitted data with HTTPS/TLS/SSH between itself and another trusted IT product.
Protection of Data in Transit
FCS_HTTPS_EXT.1.3 The application notify the user and not establish the connection or request application authorization to establish the connection if the peer certificate is deemed invalid.
HTTPS Protocol

Code analysis

Information computed with MobSF.

High
CVSS:7.5
The App uses an insecure Random Number Generator.
MASVS: MSTG-CRYPTO-6
CWE-330 Use of Insufficiently Random Values
M5: Insufficient Cryptography
Files:
 g/f.java
f/l/s.java
f/r/b.java
com/mr/flutter/plugin/filepicker/c.java
f/r/a.java
Low
CVSS:7.5
The App logs information. Sensitive information should never be logged.
MASVS: MSTG-STORAGE-3
CWE-532 Insertion of Sensitive Information into Log File
Files:
 b/k/a/a/i.java
b/e/i/a.java
b/a/k/a/a.java
b/e/e/b/f.java
b/e/f/d.java
e/a/b.java
b/e/f/e.java
b/e/f/b.java
b/e/m/r.java
com/mr/flutter/plugin/filepicker/b.java
b/e/f/h.java
com/airbnb/lottie/y/c.java
b/e/m/v/b.java
b/e/m/q.java
b/e/e/b/b.java
b/e/m/b.java
b/e/f/f.java
im/cwtch/flwtch/FlwtchWorker.java
com/mr/flutter/plugin/filepicker/c.java
b/a/m/d.java
b/e/f/i.java
com/airbnb/lottie/LottieAnimationView.java
b/e/m/s.java
b/i/a/a.java
b/e/m/f.java
im/cwtch/flwtch/MainActivity.java
b/j/a/c.java
High
CVSS:5.5
App can read/write to External Storage. Any App can read data written to External Storage.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files:
 io/flutter/plugins/b/h.java
com/mr/flutter/plugin/filepicker/c.java
com/mr/flutter/plugin/filepicker/b.java
Low
CVSS:0
This App copies data to clipboard. Sensitive data should not be copied to clipboard as other applications can access it.
MASVS: MSTG-STORAGE-10
Files:
 io/flutter/plugin/editing/b.java
io/flutter/plugin/platform/e.java
High
CVSS:5.9
App uses SQLite Database and execute raw SQL query. Untrusted user input in raw SQL queries can cause SQL Injection. Also sensitive information should be encrypted and written to the database.
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
M7: Client Code Quality
Files:
 b/j/a/g/a.java
Pygal Germany: 400 France: 200 United States: 800

Map computed by Pithus.

Domains analysis

Information computed with MobSF.

DE trac.torproject.org 116.202.120.166
DE blog.torproject.org 78.47.61.104
US freehaven.net 128.31.0.34
FR www.freepik.com 51.210.235.65
US developer.android.com 142.250.184.238
US www.w3.org 128.30.52.100
DE www.openssl.org 23.45.99.93
FR www.flaticon.com 51.210.235.66
US api.flutter.dev 199.36.158.100
DE wiki.torproject.org 116.202.120.165
US www.torproject.org 38.229.82.25
US flutter.dev 151.101.1.195
US github.com 140.82.121.4
US www.google.comwww.mit.eduwww.yahoo.comwww.slashdot.org 204.68.111.106
schemas.android.com

URL analysis

Information computed with MobSF.

https://developer.android.com/guide/topics/permissions/overview
Defined in io/flutter/plugin/platform/e.java
https://github.com/flutter/flutter/issues/2897).It
Defined in io/flutter/plugin/platform/k.java
http://schemas.android.com/apk/res/android
Defined in b/e/e/b/g.java
https://www.freepik.com)
www.flaticon.com)
file:///
https://api.flutter.dev/flutter/material/Scaffold/of.html
https://api.flutter.dev/flutter/dart-ui/ChannelBuffers-class.html
https://flutter.dev/docs/release/breaking-changes/network-policy-ios-android.
https://github.com/flutter/flutter/issues/new.
Defined in lib/armeabi-v7a/libapp.so
https://www.freepik.com)
www.flaticon.com)
file:///
https://api.flutter.dev/flutter/material/Scaffold/of.html
https://api.flutter.dev/flutter/dart-ui/ChannelBuffers-class.html
https://flutter.dev/docs/release/breaking-changes/network-policy-ios-android.
https://github.com/flutter/flutter/issues/new.
Defined in lib/armeabi-v7a/libapp.so
https://www.freepik.com)
www.flaticon.com)
file:///
https://api.flutter.dev/flutter/material/Scaffold/of.html
https://api.flutter.dev/flutter/dart-ui/ChannelBuffers-class.html
https://flutter.dev/docs/release/breaking-changes/network-policy-ios-android.
https://github.com/flutter/flutter/issues/new.
Defined in lib/armeabi-v7a/libapp.so
https://www.freepik.com)
www.flaticon.com)
file:///
https://api.flutter.dev/flutter/material/Scaffold/of.html
https://api.flutter.dev/flutter/dart-ui/ChannelBuffers-class.html
https://flutter.dev/docs/release/breaking-changes/network-policy-ios-android.
https://github.com/flutter/flutter/issues/new.
Defined in lib/armeabi-v7a/libapp.so
http://www.w3.org/XML/1998/namespace
data:application/dart
data:application/dart;
http://www.w3.org/2000/xmlns/
https://www.w3.org/Style/CSS/Test/Fonts/Ahem/).
https://github.com/flutter/flutter/issues.
https://github.com/flutter/flutter/issues/73620.
Defined in lib/armeabi-v7a/libflutter.so
http://www.w3.org/XML/1998/namespace
data:application/dart
data:application/dart;
http://www.w3.org/2000/xmlns/
https://www.w3.org/Style/CSS/Test/Fonts/Ahem/).
https://github.com/flutter/flutter/issues.
https://github.com/flutter/flutter/issues/73620.
Defined in lib/armeabi-v7a/libflutter.so
http://www.w3.org/XML/1998/namespace
data:application/dart
data:application/dart;
http://www.w3.org/2000/xmlns/
https://www.w3.org/Style/CSS/Test/Fonts/Ahem/).
https://github.com/flutter/flutter/issues.
https://github.com/flutter/flutter/issues/73620.
Defined in lib/armeabi-v7a/libflutter.so
http://www.w3.org/XML/1998/namespace
data:application/dart
data:application/dart;
http://www.w3.org/2000/xmlns/
https://www.w3.org/Style/CSS/Test/Fonts/Ahem/).
https://github.com/flutter/flutter/issues.
https://github.com/flutter/flutter/issues/73620.
Defined in lib/armeabi-v7a/libflutter.so
http://www.w3.org/XML/1998/namespace
data:application/dart
data:application/dart;
http://www.w3.org/2000/xmlns/
https://www.w3.org/Style/CSS/Test/Fonts/Ahem/).
https://github.com/flutter/flutter/issues.
https://github.com/flutter/flutter/issues/73620.
Defined in lib/armeabi-v7a/libflutter.so
https://www.torproject.org/download/download#warning
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s
http://%s:%d
http://%s@%s:%d
http://%s
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://www.torproject.org/docs/faq.html#BestOSForRelay
https://trac.torproject.org/8742
www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org
https://www.torproject.org/
https://freehaven.net/anonbib/#hs-attack06
https://trac.torproject.org/projects/tor/ticket/14917.
https://trac.torproject.org/projects/tor/ticket/21155.
http://www.openssl.org/support/faq.html
Defined in lib/armeabi-v7a/libtor.so
https://www.torproject.org/download/download#warning
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s
http://%s:%d
http://%s@%s:%d
http://%s
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://www.torproject.org/docs/faq.html#BestOSForRelay
https://trac.torproject.org/8742
www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org
https://www.torproject.org/
https://freehaven.net/anonbib/#hs-attack06
https://trac.torproject.org/projects/tor/ticket/14917.
https://trac.torproject.org/projects/tor/ticket/21155.
http://www.openssl.org/support/faq.html
Defined in lib/armeabi-v7a/libtor.so
https://www.torproject.org/download/download#warning
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s
http://%s:%d
http://%s@%s:%d
http://%s
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://www.torproject.org/docs/faq.html#BestOSForRelay
https://trac.torproject.org/8742
www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org
https://www.torproject.org/
https://freehaven.net/anonbib/#hs-attack06
https://trac.torproject.org/projects/tor/ticket/14917.
https://trac.torproject.org/projects/tor/ticket/21155.
http://www.openssl.org/support/faq.html
Defined in lib/armeabi-v7a/libtor.so
https://www.torproject.org/download/download#warning
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s
http://%s:%d
http://%s@%s:%d
http://%s
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://www.torproject.org/docs/faq.html#BestOSForRelay
https://trac.torproject.org/8742
www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org
https://www.torproject.org/
https://freehaven.net/anonbib/#hs-attack06
https://trac.torproject.org/projects/tor/ticket/14917.
https://trac.torproject.org/projects/tor/ticket/21155.
http://www.openssl.org/support/faq.html
Defined in lib/armeabi-v7a/libtor.so
https://www.torproject.org/download/download#warning
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s
http://%s:%d
http://%s@%s:%d
http://%s
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://www.torproject.org/docs/faq.html#BestOSForRelay
https://trac.torproject.org/8742
www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org
https://www.torproject.org/
https://freehaven.net/anonbib/#hs-attack06
https://trac.torproject.org/projects/tor/ticket/14917.
https://trac.torproject.org/projects/tor/ticket/21155.
http://www.openssl.org/support/faq.html
Defined in lib/armeabi-v7a/libtor.so
https://www.torproject.org/download/download#warning
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s
http://%s:%d
http://%s@%s:%d
http://%s
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://www.torproject.org/docs/faq.html#BestOSForRelay
https://trac.torproject.org/8742
www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org
https://www.torproject.org/
https://freehaven.net/anonbib/#hs-attack06
https://trac.torproject.org/projects/tor/ticket/14917.
https://trac.torproject.org/projects/tor/ticket/21155.
http://www.openssl.org/support/faq.html
Defined in lib/armeabi-v7a/libtor.so
https://www.torproject.org/download/download#warning
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s
http://%s:%d
http://%s@%s:%d
http://%s
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://www.torproject.org/docs/faq.html#BestOSForRelay
https://trac.torproject.org/8742
www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org
https://www.torproject.org/
https://freehaven.net/anonbib/#hs-attack06
https://trac.torproject.org/projects/tor/ticket/14917.
https://trac.torproject.org/projects/tor/ticket/21155.
http://www.openssl.org/support/faq.html
Defined in lib/armeabi-v7a/libtor.so
https://www.torproject.org/download/download#warning
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s
http://%s:%d
http://%s@%s:%d
http://%s
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://www.torproject.org/docs/faq.html#BestOSForRelay
https://trac.torproject.org/8742
www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org
https://www.torproject.org/
https://freehaven.net/anonbib/#hs-attack06
https://trac.torproject.org/projects/tor/ticket/14917.
https://trac.torproject.org/projects/tor/ticket/21155.
http://www.openssl.org/support/faq.html
Defined in lib/armeabi-v7a/libtor.so
https://www.torproject.org/download/download#warning
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s
http://%s:%d
http://%s@%s:%d
http://%s
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://www.torproject.org/docs/faq.html#BestOSForRelay
https://trac.torproject.org/8742
www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org
https://www.torproject.org/
https://freehaven.net/anonbib/#hs-attack06
https://trac.torproject.org/projects/tor/ticket/14917.
https://trac.torproject.org/projects/tor/ticket/21155.
http://www.openssl.org/support/faq.html
Defined in lib/armeabi-v7a/libtor.so
https://www.torproject.org/download/download#warning
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s
http://%s:%d
http://%s@%s:%d
http://%s
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://www.torproject.org/docs/faq.html#BestOSForRelay
https://trac.torproject.org/8742
www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org
https://www.torproject.org/
https://freehaven.net/anonbib/#hs-attack06
https://trac.torproject.org/projects/tor/ticket/14917.
https://trac.torproject.org/projects/tor/ticket/21155.
http://www.openssl.org/support/faq.html
Defined in lib/armeabi-v7a/libtor.so
file:///
https://api.flutter.dev/flutter/material/Scaffold/of.html
https://flutter.dev/docs/release/breaking-changes/network-policy-ios-android.
https://github.com/flutter/flutter/issues/new.
Defined in lib/x86_64/libapp.so
file:///
https://api.flutter.dev/flutter/material/Scaffold/of.html
https://flutter.dev/docs/release/breaking-changes/network-policy-ios-android.
https://github.com/flutter/flutter/issues/new.
Defined in lib/x86_64/libapp.so
file:///
https://api.flutter.dev/flutter/material/Scaffold/of.html
https://flutter.dev/docs/release/breaking-changes/network-policy-ios-android.
https://github.com/flutter/flutter/issues/new.
Defined in lib/x86_64/libapp.so
data:application/dart
data:application/dart;
https://www.w3.org/Style/CSS/Test/Fonts/Ahem/).
https://github.com/flutter/flutter/issues.
https://github.com/flutter/flutter/issues/73620.
http://www.w3.org/XML/1998/namespace
http://www.w3.org/2000/xmlns/
Defined in lib/x86_64/libflutter.so
data:application/dart
data:application/dart;
https://www.w3.org/Style/CSS/Test/Fonts/Ahem/).
https://github.com/flutter/flutter/issues.
https://github.com/flutter/flutter/issues/73620.
http://www.w3.org/XML/1998/namespace
http://www.w3.org/2000/xmlns/
Defined in lib/x86_64/libflutter.so
data:application/dart
data:application/dart;
https://www.w3.org/Style/CSS/Test/Fonts/Ahem/).
https://github.com/flutter/flutter/issues.
https://github.com/flutter/flutter/issues/73620.
http://www.w3.org/XML/1998/namespace
http://www.w3.org/2000/xmlns/
Defined in lib/x86_64/libflutter.so
data:application/dart
data:application/dart;
https://www.w3.org/Style/CSS/Test/Fonts/Ahem/).
https://github.com/flutter/flutter/issues.
https://github.com/flutter/flutter/issues/73620.
http://www.w3.org/XML/1998/namespace
http://www.w3.org/2000/xmlns/
Defined in lib/x86_64/libflutter.so
data:application/dart
data:application/dart;
https://www.w3.org/Style/CSS/Test/Fonts/Ahem/).
https://github.com/flutter/flutter/issues.
https://github.com/flutter/flutter/issues/73620.
http://www.w3.org/XML/1998/namespace
http://www.w3.org/2000/xmlns/
Defined in lib/x86_64/libflutter.so
file:///
https://api.flutter.dev/flutter/material/Scaffold/of.html
https://flutter.dev/docs/release/breaking-changes/network-policy-ios-android.
https://github.com/flutter/flutter/issues/new.
Defined in lib/arm64-v8a/libapp.so
file:///
https://api.flutter.dev/flutter/material/Scaffold/of.html
https://flutter.dev/docs/release/breaking-changes/network-policy-ios-android.
https://github.com/flutter/flutter/issues/new.
Defined in lib/arm64-v8a/libapp.so
file:///
https://api.flutter.dev/flutter/material/Scaffold/of.html
https://flutter.dev/docs/release/breaking-changes/network-policy-ios-android.
https://github.com/flutter/flutter/issues/new.
Defined in lib/arm64-v8a/libapp.so
http://www.w3.org/XML/1998/namespace
data:application/dart
data:application/dart;
http://www.w3.org/2000/xmlns/
https://www.w3.org/Style/CSS/Test/Fonts/Ahem/).
https://github.com/flutter/flutter/issues.
https://github.com/flutter/flutter/issues/73620.
Defined in lib/arm64-v8a/libflutter.so
http://www.w3.org/XML/1998/namespace
data:application/dart
data:application/dart;
http://www.w3.org/2000/xmlns/
https://www.w3.org/Style/CSS/Test/Fonts/Ahem/).
https://github.com/flutter/flutter/issues.
https://github.com/flutter/flutter/issues/73620.
Defined in lib/arm64-v8a/libflutter.so
http://www.w3.org/XML/1998/namespace
data:application/dart
data:application/dart;
http://www.w3.org/2000/xmlns/
https://www.w3.org/Style/CSS/Test/Fonts/Ahem/).
https://github.com/flutter/flutter/issues.
https://github.com/flutter/flutter/issues/73620.
Defined in lib/arm64-v8a/libflutter.so
http://www.w3.org/XML/1998/namespace
data:application/dart
data:application/dart;
http://www.w3.org/2000/xmlns/
https://www.w3.org/Style/CSS/Test/Fonts/Ahem/).
https://github.com/flutter/flutter/issues.
https://github.com/flutter/flutter/issues/73620.
Defined in lib/arm64-v8a/libflutter.so
http://www.w3.org/XML/1998/namespace
data:application/dart
data:application/dart;
http://www.w3.org/2000/xmlns/
https://www.w3.org/Style/CSS/Test/Fonts/Ahem/).
https://github.com/flutter/flutter/issues.
https://github.com/flutter/flutter/issues/73620.
Defined in lib/arm64-v8a/libflutter.so
https://www.torproject.org/download/download#warning
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s
http://%s:%d
http://%s@%s:%d
http://%s
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://www.torproject.org/docs/faq.html#BestOSForRelay
https://trac.torproject.org/8742
www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org
https://www.torproject.org/
https://freehaven.net/anonbib/#hs-attack06
https://trac.torproject.org/projects/tor/ticket/14917.
https://trac.torproject.org/projects/tor/ticket/21155.
http://www.openssl.org/support/faq.html
Defined in lib/arm64-v8a/libtor.so
https://www.torproject.org/download/download#warning
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s
http://%s:%d
http://%s@%s:%d
http://%s
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://www.torproject.org/docs/faq.html#BestOSForRelay
https://trac.torproject.org/8742
www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org
https://www.torproject.org/
https://freehaven.net/anonbib/#hs-attack06
https://trac.torproject.org/projects/tor/ticket/14917.
https://trac.torproject.org/projects/tor/ticket/21155.
http://www.openssl.org/support/faq.html
Defined in lib/arm64-v8a/libtor.so
https://www.torproject.org/download/download#warning
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s
http://%s:%d
http://%s@%s:%d
http://%s
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://www.torproject.org/docs/faq.html#BestOSForRelay
https://trac.torproject.org/8742
www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org
https://www.torproject.org/
https://freehaven.net/anonbib/#hs-attack06
https://trac.torproject.org/projects/tor/ticket/14917.
https://trac.torproject.org/projects/tor/ticket/21155.
http://www.openssl.org/support/faq.html
Defined in lib/arm64-v8a/libtor.so
https://www.torproject.org/download/download#warning
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s
http://%s:%d
http://%s@%s:%d
http://%s
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://www.torproject.org/docs/faq.html#BestOSForRelay
https://trac.torproject.org/8742
www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org
https://www.torproject.org/
https://freehaven.net/anonbib/#hs-attack06
https://trac.torproject.org/projects/tor/ticket/14917.
https://trac.torproject.org/projects/tor/ticket/21155.
http://www.openssl.org/support/faq.html
Defined in lib/arm64-v8a/libtor.so
https://www.torproject.org/download/download#warning
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s
http://%s:%d
http://%s@%s:%d
http://%s
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://www.torproject.org/docs/faq.html#BestOSForRelay
https://trac.torproject.org/8742
www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org
https://www.torproject.org/
https://freehaven.net/anonbib/#hs-attack06
https://trac.torproject.org/projects/tor/ticket/14917.
https://trac.torproject.org/projects/tor/ticket/21155.
http://www.openssl.org/support/faq.html
Defined in lib/arm64-v8a/libtor.so
https://www.torproject.org/download/download#warning
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s
http://%s:%d
http://%s@%s:%d
http://%s
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://www.torproject.org/docs/faq.html#BestOSForRelay
https://trac.torproject.org/8742
www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org
https://www.torproject.org/
https://freehaven.net/anonbib/#hs-attack06
https://trac.torproject.org/projects/tor/ticket/14917.
https://trac.torproject.org/projects/tor/ticket/21155.
http://www.openssl.org/support/faq.html
Defined in lib/arm64-v8a/libtor.so
https://www.torproject.org/download/download#warning
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s
http://%s:%d
http://%s@%s:%d
http://%s
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://www.torproject.org/docs/faq.html#BestOSForRelay
https://trac.torproject.org/8742
www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org
https://www.torproject.org/
https://freehaven.net/anonbib/#hs-attack06
https://trac.torproject.org/projects/tor/ticket/14917.
https://trac.torproject.org/projects/tor/ticket/21155.
http://www.openssl.org/support/faq.html
Defined in lib/arm64-v8a/libtor.so
https://www.torproject.org/download/download#warning
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s
http://%s:%d
http://%s@%s:%d
http://%s
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://www.torproject.org/docs/faq.html#BestOSForRelay
https://trac.torproject.org/8742
www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org
https://www.torproject.org/
https://freehaven.net/anonbib/#hs-attack06
https://trac.torproject.org/projects/tor/ticket/14917.
https://trac.torproject.org/projects/tor/ticket/21155.
http://www.openssl.org/support/faq.html
Defined in lib/arm64-v8a/libtor.so
https://www.torproject.org/download/download#warning
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s
http://%s:%d
http://%s@%s:%d
http://%s
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://www.torproject.org/docs/faq.html#BestOSForRelay
https://trac.torproject.org/8742
www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org
https://www.torproject.org/
https://freehaven.net/anonbib/#hs-attack06
https://trac.torproject.org/projects/tor/ticket/14917.
https://trac.torproject.org/projects/tor/ticket/21155.
http://www.openssl.org/support/faq.html
Defined in lib/arm64-v8a/libtor.so
https://www.torproject.org/download/download#warning
https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.%s
http://%s:%d
http://%s@%s:%d
http://%s
https://blog.torproject.org/blog/lifecycle-of-a-new-relay
https://www.torproject.org/docs/faq.html#BestOSForRelay
https://trac.torproject.org/8742
www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org
https://www.torproject.org/
https://freehaven.net/anonbib/#hs-attack06
https://trac.torproject.org/projects/tor/ticket/14917.
https://trac.torproject.org/projects/tor/ticket/21155.
http://www.openssl.org/support/faq.html
Defined in lib/arm64-v8a/libtor.so

Permissions analysis

Information computed with MobSF.

High android.permission.GET_TASKS retrieve running applications
Allows application to retrieve information about currently and recently running tasks. May allow malicious applications to discover private information about other applications.
High android.permission.WRITE_EXTERNAL_STORAGE read/modify/delete external storage contents
Allows an application to write to external storage.
High android.permission.READ_EXTERNAL_STORAGE read external storage contents
Allows an application to read from external storage.
High android.permission.MANAGE_EXTERNAL_STORAGE Allows an application a broad access to external storage in scoped storage
Allows an application a broad access to external storage in scoped storage. Intended to be used by few apps that need to manage files on behalf of the users.
Low android.permission.INTERNET full Internet access
Allows an application to create network sockets.
Low android.permission.FOREGROUND_SERVICE Allows a regular application to use Service.startForeground
Low android.permission.WAKE_LOCK prevent phone from sleeping
Allows an application to prevent the phone from going to sleep.
Low android.permission.ACCESS_NETWORK_STATE view network status
Allows an application to view the status of all networks.
Low android.permission.RECEIVE_BOOT_COMPLETED automatically start at boot
Allows an application to start itself as soon as the system has finished booting. This can make it take longer to start the phone and allow the application to slow down the overall phone by always running.
android.permission.PERMISSIONS_STORAGE Unknown permission
Unknown permission from android reference

Threat analysis

Information computed with Quark-Engine.

Confidence:
100%
Check if the network is connected
Confidence:
100%
Load external class
Confidence:
100%
Find a method from given class name, usually for reflection
Confidence:
100%
Check the active network type
Confidence:
100%
Method reflection
Confidence:
100%
Retrieve data from broadcast
Confidence:
100%
Read sensitive data(SMS, CALLLOG, etc)
Confidence:
100%
Open a file from given absolute path of the file
Confidence:
100%
Check the current network type
Confidence:
100%
Monitor the broadcast action events (BOOT_COMPLETED)
Confidence:
100%
Get absolute path of the file and store in string
Confidence:
100%
Check the current active network type
Confidence:
100%
Check the network capabilities
Confidence:
100%
Method reflection
Confidence:
100%
Hide the current app's icon
Confidence:
100%
Connect to the remote server through the given URL
Confidence:
100%
Check if the device is in data roaming mode
Confidence:
100%
Initialize class object dynamically
Confidence:
100%
Connect to a URL and set request method
Confidence:
80%
Read data and put it into a buffer stream
Confidence:
80%
Read file and put it into a stream
Confidence:
80%
Get declared method from given method name
Confidence:
80%
Implicit intent(view a web page, make a phone call, etc.) via setData
Confidence:
80%
Read file from assets directory
Confidence:
80%
Get resource file from res/raw directory

Behavior analysis

Information computed with MobSF.

Android notifications
       im/cwtch/flwtch/FlwtchWorker.java
Base64 decode
       com/airbnb/lottie/u/b.java
b/e/e/b/c.java
Base64 encode
       b/e/j/a.java
Content provider
       io/flutter/embedding/engine/d.java
Get system service
       io/flutter/plugin/editing/b.java
b/e/m/q.java
b/f/a/c.java
io/flutter/plugin/platform/e.java
io/flutter/plugin/platform/l.java
io/flutter/embedding/android/l.java
io/flutter/embedding/engine/h/c.java
im/cwtch/flwtch/FlwtchWorker.java
com/mr/flutter/plugin/filepicker/c.java
b/a/m/c.java
io/flutter/plugin/editing/d.java
io/flutter/plugin/platform/SingleViewPresentation.java
Http connection
       com/airbnb/lottie/w/a.java
com/airbnb/lottie/w/b.java
Inter process communication
       io/flutter/embedding/android/e.java
b/e/e/a.java
b/i/a/a.java
e/a/c/a/m.java
io/flutter/embedding/engine/e.java
im/cwtch/flwtch/MainActivity.java
io/flutter/embedding/android/d.java
io/flutter/embedding/engine/i/c/b.java
im/cwtch/flwtch/FlwtchWorker.java
io/flutter/embedding/engine/d.java
e/a/c/a/n.java
com/mr/flutter/plugin/filepicker/b.java
Java reflection
       b/e/m/q.java
f/o/a.java
kotlinx/coroutines/internal/i.java
f/n/j/a/h.java
b/e/f/f.java
b/e/f/g.java
kotlinx/coroutines/internal/g.java
com/mr/flutter/plugin/filepicker/c.java
c/a/a/b/a/a.java
b/a/m/d.java
b/e/f/d.java
f/q/c/h.java
f/n/j/a/f.java
io/flutter/view/AccessibilityViewEmbedder.java
b/e/f/e.java
kotlinx/coroutines/internal/h.java
kotlinx/coroutines/internal/t.java
kotlinx/coroutines/o.java
io/flutter/embedding/engine/i/g/a.java
f/o/b.java
kotlinx/coroutines/android/AndroidExceptionPreHandler.java
c/a/a/a/d.java
b/e/f/h.java
io/flutter/plugin/platform/SingleViewPresentation.java
Loading native code (shared library)
       io/flutter/embedding/engine/FlutterJNI.java
go/Seq.java
Local file i/o operations
       e/a/d/a.java
io/flutter/plugins/b/h.java
im/cwtch/flwtch/MainActivity.java
com/mr/flutter/plugin/filepicker/c.java
com/airbnb/lottie/c.java
b/e/f/i.java
Set or read clipboard data
       io/flutter/plugin/editing/b.java
io/flutter/plugin/platform/e.java
Starting activity
       im/cwtch/flwtch/MainActivity.java
com/mr/flutter/plugin/filepicker/b.java
Starting service
       b/e/e/a.java
Tcp socket
       com/airbnb/lottie/y/h.java