1/62

Threat

com.android.dumpviewer

DumpViewer

Analyzed on 2022-05-26T13:02:54.488521

3

permissions

4

activities

0

services

0

receivers

0

domains

File sums

MD5 4d03310d30cabe2e0ed8fdea63f9ebd4
SHA1 f152218d9c8e3f0ab90d9f53ca1096e6b795ae5d
SHA256 58fba96bff99c8c170b071e692523f4dbdf450b8f4c3a1e1d1cfdf934a2126d3
Size 2.9MB

APKiD

Information computed with APKiD.

/tmp/tmp3o6ym10n!classes.dex
yara_issue
  • yara issue - dex file recognized by apkid but not yara module
anti_vm
  • Build.FINGERPRINT check
  • Build.MODEL check
  • Build.MANUFACTURER check
compiler
  • unknown (please file detection issue!)
/tmp/tmp3o6ym10n!classes2.dex
yara_issue
  • yara issue - dex file recognized by apkid but not yara module
compiler
  • unknown (please file detection issue!)

SSdeep

Information computed with ssdeep.

APK file 49152:QI2gaI9VQ+qM8nqqMSmqOa3ngsuFIoVHah7fel3KzjCFFlEGdK3PW:t9VQ+n4qP7q1nAG86h7GB73lEGqu
Manifest 96:+JxVaU1fEer/EyFIwjuqdsGtAMeAMDC4oyU0qVLM2qc1kkSUR5DhlC9XM07ivEqc:+…
classes.dex 49152:8dyrlxhtlbfMPJKb5ynOg6/o6zgQOK62Rnw88p/haqjo0U:br5nzZg6zUK6296/…
classes2.dex 24576:YglvWY5Nx1PhXVhDMg5xF06DH0m4fzuNSZqhbXmzKn6lzjhU5D6o/gKv:7tfDMg…

Dexofuzzy

Information computed with Dexofuzzy.

classes.dex None
classes2.dex None

APK details

Information computed with AndroGuard and Pithus.

Package com.android.dumpviewer
App name DumpViewer
Version name Tiramisu
Version code 32
SDK 31 - 31
UAID 3c884c84b9b2aed1d5f9fdca41e53a33f9ebd5f6
Signature Signature V1 Signature V2 Signature V3
Frosting Not frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown
  • 0xf05368c0: Unknown
  • 0x42726577: Verity padding

Certificate details

Information computed with AndroGuard.

MD5 e89b158e4bcf988ebd09eb83f5378e87
SHA1 61ed377e85d386a8dfee6b864bd85b0bfaa5af81
SHA256 a40da80a59d170caa950cf15c18c454d47a39b26989d8b640ecd745ba71bf5dc
Issuer Email Address: android@android.com, Common Name: Android, Organizational Unit: Android, Organization: Android, Locality: Mountain View, State/Province: California, Country: US
Not before 2008-02-29T01:33:46+00:00
Not after 2035-07-17T01:33:46+00:00

Manifest analysis

Information computed with MobSF.

Medium Application Data can be Backed up[android:allowBackup=true]
This flag allows anyone to backup your application data via adb. It allows users who have enabled USB debugging to copy application data off of the device.
High Activity (com.android.dumpviewer.pickers.PackageNamePicker) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.android.dumpviewer.pickers.ProcessNamePicker) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.

Main Activity

Information computed with AndroGuard.

com.android.dumpviewer.DumpActivity

Activities

Information computed with AndroGuard.

com.android.dumpviewer.DumpActivity
com.android.dumpviewer.pickers.PackageNamePicker
com.android.dumpviewer.pickers.ProcessNamePicker
com.android.dumpviewer.TestScrollingActivity

Sample timeline

Certificate valid not before Feb. 29, 2008, 1:33 a.m.
Oldest file found in APK Jan. 1, 2009, midnight
Latest file found in APK Jan. 1, 2009, midnight
First submission on VT May 26, 2022, 1:01 p.m.
Last submission on VT May 26, 2022, 1:01 p.m.
Upload on Pithus May 26, 2022, 1:02 p.m.
Certificate valid not after July 17, 2035, 1:33 a.m.

NIAP analysis

Information computed with MobSF.

FCS_RBG_EXT.1.1 The application use no DRBG functionality for its cryptographic operations.
Random Bit Generation Services
FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to no hardware resources.
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to ['system logs'].
Access to Platform Resources
FDP_NET_EXT.1.1 The application has no network communications.
Network Communications
FDP_DAR_EXT.1.1 The application implement functionality to encrypt sensitive data in non-volatile memory.
Encryption Of Sensitive Application Data
FMT_MEC_EXT.1.1 The application invoke the mechanisms recommended by the platform vendor for storing and setting configuration options.
Supported Configuration Mechanism
FTP_DIT_EXT.1.1 The application does encrypt some transmitted data with HTTPS/TLS/SSH between itself and another trusted IT product.
Protection of Data in Transit

Permissions analysis

Information computed with MobSF.

High android.permission.READ_LOGS read sensitive log data
Allows an application to read from the system's various log files. This allows it to discover general information about what you are doing with the phone, potentially including personal or private information.
Medium android.permission.PACKAGE_USAGE_STATS update component usage statistics
Allows the modification of collected component usage statistics. Not for use by common applications.
Medium android.permission.DUMP retrieve system internal status
Allows application to retrieve internal status of the system. Malicious applications may retrieve a wide variety of private and secure information that they should never commonly need.

Threat analysis

Information computed with Quark-Engine.

Confidence:
100%
Load external class
Confidence:
100%
Find a method from given class name, usually for reflection
Confidence:
100%
Method reflection
Confidence:
100%
Read sensitive data(SMS, CALLLOG, etc)
Confidence:
100%
Monitor the broadcast action events (BOOT_COMPLETED)
Confidence:
100%
Read file from assets directory
Confidence:
100%
Get last known location of the device
Confidence:
100%
Get location of the device
Confidence:
100%
Method reflection
Confidence:
100%
Get the time of current location
Confidence:
100%
Initialize class object dynamically
Confidence:
80%
Read file and put it into a stream
Confidence:
80%
Get declared method from given method name
Confidence:
80%
Implicit intent(view a web page, make a phone call, etc.) via setData
Confidence:
80%
Get resource file from res/raw directory

Control flow graphs analysis

Information computed by Pithus.

The application probably gets the network connections information

The application probably plays sound

The application probably executes OS commands

The application probably listens accessibility events