Analyzed on 2022-01-19T02:02:50.719713











File sums

MD5 126988f5c5be23895838eb6d97f7c269
SHA1 baa30d4083b66daa7013aa3dfe14acce9d088008
SHA256 5be19fabdd1317692531ad2ddd34aa9ce536b353941a85db31d6f137c11fd5a0
Size 0.46MB


Information computed with APKiD.


Information computed with ssdeep.

APK file 6144:TcS9cgiFPfODFGsSLCSrzYOJO2U3wNJfHP+P+mzCWUnGrrVuASKnYPMsClI7MqrB:rOgQqNSLrrzYcOiLfpN16rEdKnY8wVB
Manifest 24:yQbXLvPlKlDP8DWPlaTlUQ8MCltqQBDL8:9bbvPlKlDkKPlolz8DqQBDL8


Information computed with Dexofuzzy.

APK details

Information computed with AndroGuard and Pithus.

Package com.systoon.dongaotoon
App name
Version name None
Version code 21123121
SDK None - None
UAID 9e136b898f1451bcb44d5686ccebdbd042fc804b
Signature Signature V1 Signature V2 Signature V3
Frosting Not frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown
  • 0xf05368c0: Unknown
  • 0x6dff800d: Source stamp V2 X509 cert
  • 0x42726577: Verity padding

Certificate details

Information computed with AndroGuard.

MD5 d643c600be9f66e5f53c6e971dccf9f9
SHA1 c07d3450929559fb6e90f45154d2a76f12f7447f
SHA256 1120833c2f2790232975213d53294b662565fa5a85f50f662e88fddbbf3e2468
Issuer Organization: Beijing Syswin Zhengwutoon Technology Co. Ltd., Locality: Beijing, State/Province: Beijing, Country: 86
Not before 2018-02-06T01:12:11+00:00
Not after 2043-01-31T01:12:11+00:00

File Analysis

Information computed with MobSF.

Findings Files
Certificate/Key files hardcoded inside the app. stamp-cert-sha256

Manifest analysis

Information computed with MobSF.

Medium Application Data can be Backed up[android:allowBackup] flag is missing.
The flag [android:allowBackup] should be set to false. By default it is set to true and allows anyone to backup your application data via adb. It allows users who have enabled USB debugging to copy application data off of the device.

Sample timeline

Oldest file found in APK Jan. 1, 1981, 1:01 a.m.
Latest file found in APK Jan. 1, 1981, 1:01 a.m.
Certificate valid not before Feb. 6, 2018, 1:12 a.m.
First submission on VT Jan. 19, 2022, 2:01 a.m.
Last submission on VT Jan. 19, 2022, 2:01 a.m.
Upload on Pithus Jan. 19, 2022, 2:02 a.m.
Certificate valid not after Jan. 31, 2043, 1:12 a.m.

NIAP analysis

Information computed with MobSF.

FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to no hardware resources.
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to no sensitive information repositories.
Access to Platform Resources
FDP_NET_EXT.1.1 The application has no network communications.
Network Communications
FDP_DAR_EXT.1.1 The application does not encrypt files in non-volatile memory.
Encryption Of Sensitive Application Data
FTP_DIT_EXT.1.1 The application does not encrypt any data in traffic or does not transmit any data between itself and another trusted IT product.
Protection of Data in Transit

Threat analysis

Information computed with Quark-Engine.

Control flow graphs analysis

Information computed by Pithus.