Malicious
7 /57

Threat

com.lexun.sjgs

乐讯手机高手

Analyzed on 2021-12-06T09:20:19.889370

38

permissions

218

activities

11

services

3

receivers

79

domains

File sums

MD5 157ecf570f8dca5cc9222b63e6508c4a
SHA1 918b3aca106a03837134e4bc66498a205f76ac67
SHA256 6588ff47dd130457cdb1da32802a957a7861fe43b35563c3fe1fdd4258e3cf19
Size 17.74MB

APKiD

Information computed with APKiD.

/tmp/tmphqz42eze!classes.dex
anti_vm
  • Build.FINGERPRINT check
  • Build.MODEL check
  • Build.MANUFACTURER check
  • Build.PRODUCT check
  • Build.HARDWARE check
  • Build.BOARD check
  • possible Build.SERIAL check
  • SIM operator check
  • network operator name check
  • device ID check
  • subscriber ID check
  • emulator file check
compiler
  • dexlib 1.x

SSdeep

Information computed with ssdeep.

APK file 393216:XrvK8eUohEAIICMEYBonyRaszz+stfV9L5bFjKjikxguVoUhs:XrvFeU6fCMEYoMzzRF5BYbs
Manifest 768:KkOgS5ZU3Hdz7koxyThhyVhD0cjaMujAt031G8+mZswMljDKseOrlQXJIJo5+xVt:…
classes.dex 49152:sbFluMYqw/G1nwigyG7AsNJxcqopWoGQtv3oEnUcyfpvgC15p:sBlu9GtgXA0Hc…

Dexofuzzy

Information computed with Dexofuzzy.

APK file 6144:cCKPL1hfNz/R9TyhIhNpatZCOulMfu29oVvQvuxNBJW19U3IuZplEwlN9wbpjLz4…
classes.dex 6144:cCKPL1hfNz/R9TyhIhNpatZCOulMfu29oVvQvuxNBJW19U3IuZplEwlN9wbpjLz4…

APK details

Information computed with AndroGuard and Pithus.

Package com.lexun.sjgs
App name 乐讯手机高手
Version name 1.7.3
Version code 31
SDK 9 - 21
UAID b8988fe1a2c6a60127eaa845818af8edc34f2f65
Signature Signature V1
Frosting Not frosted

Certificate details

Information computed with AndroGuard.

MD5 39f600770be86d39b7fdae6fd79470ab
SHA1 003555fef82dca4f4343a2969af859ae60e54cc4
SHA256 a0549a2444710c3177934b0c2ef61f431296c7a4fea97ed0daab29bb0b0101f6
Issuer Common Name: zhangyang, Organizational Unit: lexun Inc, Organization: lexun Inc, Locality: ShenZhen, State/Province: GuangDong, Country: CN
Not before 2014-01-23T03:03:50+00:00
Not after 2039-01-17T03:03:50+00:00

Manifest analysis

Information computed with MobSF.

Medium Application Data can be Backed up[android:allowBackup=true]
This flag allows anyone to backup your application data via adb. It allows users who have enabled USB debugging to copy application data off of the device.
High Launch Mode of Activity (com.lexun.sjgs.DefaultAct) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Activity (com.lexun.sjgs.HomeAct) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Launch Mode of Activity (com.lexun.sjgs.MainActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (com.lexun.sjgs.MyTest) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Activity (com.lexun.sjgs.MyHistoryAct) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.lexun.sjgs.SetUpAct) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.lexun.sjgs.DetailAct) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.lexun.webview.WebViewAct) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.lexun.sjgs.ModifyTopicActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.lexun.sjgs.MyselfOtherAct) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Launch Mode of Activity (com.lexun.sjgs.MoreAct) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (com.lexun.sjgs.QuestionAct) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (com.lexun.sjgs.app360Act) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (com.lexun.sjgs.LexunAppAct) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Activity (com.lexun.sjgs.RelyMsgListActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Service (com.lexun.sjgs.service.SjgsMessageService) is not Protected.An intent-filter exists.
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Service is explicitly exported.
High Activity (com.lexun.sendtopic.WriteTopicActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Launch Mode of Activity (com.lexun.login.LoginAct) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (com.tencent.tauth.AuthActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Activity (com.tencent.tauth.AuthActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Service (com.lexun.wallpaper.information.lxtc.setting.service.DownBitmapService) is not Protected.An intent-filter exists.
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Service is explicitly exported.
High Service (com.lexun.wallpaper.information.lxtc.setting.service.WallpaperUpdatePicService) is not Protected.An intent-filter exists.
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Service is explicitly exported.
High Launch Mode of Activity (com.lexun.fleamarket.DefaultAct) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (com.lexun.fleamarket.TradelistAct) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Activity (com.lexun.fleamarket.TradeDetailAct) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Launch Mode of Activity (com.lexun.fleamarket.MyselfAct) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Service (com.lexun.fleamarket.service.MessageService) is not Protected.An intent-filter exists.
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Service is explicitly exported.
High Service (com.baidu.location.f) is not Protected.An intent-filter exists.
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Service is explicitly exported.
High Launch Mode of Activity (com.lexun.message.mainframe.LexunMainMessageActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Activity (com.lexun.message.message.MessageConversationList) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.lexun.message.group.ModifyGroupMessageAct) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Service (com.lexun.message.frame.service.CLexunCommService) is not Protected.An intent-filter exists.
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Service is explicitly exported.
High Broadcast Receiver (com.lexun.message.receiver.LexunBootComplementReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Broadcast Receiver (com.lexun.message.receiver.LexunMessageReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Broadcast Receiver (com.lexun.message.receiver.LexunNetworkChangReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Content Provider (com.lexun.message.friendlib.cache.FriendProvider) would not be Protected if the application ran on a device where the the API level was less than 17. [Content Provider, targetSdkVersion >= 17]
The Content Provider( Content Provider) would be exported if the application ran on a device where the the API level was less than 17. In that situation, it would be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.lexun.phoneacespecial.SpecialMainAct) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
Medium High Intent Priority (2147483647)[android:priority]
By setting an intent priority higher than another intent, the app effectively overrides other requests.

Browsable activities

Information computed with MobSF.

com.lexun.sjgs.LodingActivity

Hosts: postsjgsmain.lexun

Schemes: lexun://

com.lexun.sendtopic.WriteTopicActivity

Hosts: sjgs.lexun.send

Schemes: lexun://

com.tencent.tauth.AuthActivity

Schemes: tencent1101256349://

Main Activity

Information computed with AndroGuard. 

com.lexun.sjgs.LodingActivity

Activities

Information computed with AndroGuard. 

com.lexun.sjgs.LodingActivity
com.lexun.sjgs.AwardGetListAct
com.lexun.sjgs.DefaultAct
com.lexun.sjgs.HomeAct
com.lexun.sjgs.MainActivity
com.lexun.sjgs.MyTest
com.lexun.sjgs.FilterAct
com.lexun.sjgs.SearchAnswerAct
com.lexun.sjgs.QuestionFamousAct
com.lexun.sjgs.DaqaunAct
com.lexun.sjgs.MyselfAct
com.lexun.sjgs.MyHistoryAct
com.lexun.sjgs.FilterResAct
com.lexun.sjgs.MyQuestionAct
com.lexun.sjgs.FilterQuestionAct
com.lexun.sjgs.ZtListAct
com.lexun.sjgs.SearchAct
com.lexun.sjgs.SetUpAct
com.lexun.sjgs.DownloadPathActivity
com.lexun.sjgs.AboutAct
com.lexun.sjgs.SoftCategoryAct
com.lexun.sjgs.ChoosePhoneAct
com.lexun.sjgs.ForumListAct
com.lexun.sjgs.ForumListSpecialAct
com.lexun.sjgs.SginInAct
com.lexun.sjgs.DetailAct
com.lexun.sjgs.ToolsAct
com.lexun.webview.WebViewAct
com.lexun.sjgs.SendRefReplyAct
com.lexun.sjgs.SetBestAct
com.lexun.sjgs.SignDetailAct
com.lexun.sjgs.WriteTopicAct
com.lexun.sjgs.ModifyTopicActivity
com.lexun.sjgs.ReplyActivity
com.lexun.sjgs.MyListAct
com.lexun.sjgs.MyselfOtherAct
com.lexun.sjgs.UploadImgActivity
com.lexun.sjgs.MoreAct
com.lexun.sjgs.QuestionAct
com.lexun.sjgs.app360Act
com.lexun.sjgs.LexunAppAct
com.lexun.sjgs.GoodRESAct
com.lexun.sjgs.GameAct
com.lexun.sjgs.GoodSubjectActivity
com.lexun.sjgs.GoodBigGunActivity
com.lexun.sjgs.GoodRESListActivity
com.lexun.sjgs.GoodResAllAct
com.lexun.sjgs.RelyMsgListActivity
com.lexun.sjgs.ManagerTopicAct
com.lexun.sjgs.ZTMoveAct
com.lexun.sjgs.ModeratorRecommendAct
com.lexun.sjgs.ReportAct
com.lexun.sjgs.BlackUserAct
com.lexun.sjgs.ChangeColorAct
com.lexun.sjgs.MoveTopicAct
com.lexun.sjgs.MoveToBaodianAct
com.lexun.sjgs.BWManagerAct
com.lexun.sjgs.BWGropdelLogListAct
com.lexun.sjgs.BWManagerLogListAct
com.lexun.sjgs.BWBlackUserListAct
com.lexun.sjgs.BWFoottopicListAct
com.lexun.sjgs.BWRecommandListAct
com.lexun.sjgs.BWSendGroupMsgAct
com.lexun.sjgs.BWSendGroupSelectAct
com.lexun.sjgs.BWBBSManagerAct
com.lexun.sjgs.BWBBSNoteEditAct
com.lexun.sjgs.BWAddLogoAct
com.lexun.sjgs.WriteForumNote
com.lexun.sjgs.BWManagerLubricantAct
com.lexun.sjgs.BWManagerTopicAct
com.lexun.sjgs.BWDeleteTopicReplyAct
com.lexun.sjgs.BWManagerReportAct
com.lexun.sjgs.BWForumReplySetAct
com.lexun.sjgs.BWRecycleTopicAct
com.lexun.sjgs.BWGroupDeleteTopicAct
com.lexun.sjgs.GoldPageAct
com.lexun.sendtopic.WriteTopicActivity
com.lexun.sendtopic.ArticleTypeActivity
com.lexun.sendtopic.AddResActivity
com.lexun.sendtopic.PhotoListAct
com.lexun.sendtopic.PhotoMulSelectAct
com.lexun.sendtopic.PhotoSelectActivity
com.lexun.sendtopic.SelResActivity
com.lexun.sendtopic.SendingActivity
com.lexun.sendtopic.VoteOptionActivity
com.lexun.sendtopic.ManagerAttachmentAct
com.lexun.sendtopic.AddNetUrlAct
com.lexun.login.LoginAct
com.lexun.login.ServiceTermsAct
com.lexun.login.FindBackPwd1Act
com.lexun.login.FindBackPwd2Act
com.lexun.login.FindBackPwdActivity
com.lexun.login.NewPwdAct
com.lexun.login.shareacount.ShareAccountActivity
com.lexun.login.UpdateUserinfoActivity
com.lexun.login.ChoosePhotoWayAct
com.lexun.login.ModifyUserInfoAct
com.lexun.login.ModifyHeadIconActivity
com.lexun.lexungallery.activity.PhotoDetilActivity
com.lexun.download.manager.DloadMainAct
com.tencent.plus.ImageActivity
com.tencent.connect.common.AssistActivity
com.tencent.tauth.AuthActivity
com.lexun.share.ShareActivity
com.lexun.share.WebViewActivity
com.lexun.lexunlottery.CircleActivity
com.lexun.lexunlottery.LotteryRecordActivity
com.lexun.lexunlottery.AwardRecordActivity
com.lexun.romload.information.lxtc.view.RomListAct
com.lexun.romload.information.lxtc.view.RomListSearchAct
com.lexun.romload.information.lxtc.view.ArticleListAct
com.lexun.romload.information.lxtc.view.RomDetailAct
com.lexun.romload.information.lxtc.view.ArticleDetailAct
com.lexun.romload.information.lxtc.view.RomToolsAct
com.lexun.wallpaper.information.lxtc.setting.cutphoto.CropImageAct
com.lexun.wallpaper.information.lxtc.setting.view.WallpaperLocalLookAct
com.lexun.wallpaper.information.lxtc.setting.view.WallpaperLookAct
com.lexun.wallpaper.information.lxtc.setting.view.WallpaperSetModelAct
com.lexun.wallpaper.information.lxtc.setting.view.WallpaperClassAct
com.lexun.wallpaper.information.lxtc.setting.view.WallpaperMainAct
com.lexun.fleamarket.LodingActivity
com.lexun.fleamarket.DefaultAct
com.lexun.fleamarket.TradelistAct
com.lexun.fleamarket.TradelistSearchAct
com.lexun.fleamarket.TradeDetailAct
com.lexun.fleamarket.ReplyActivity
com.lexun.fleamarket.TradeFilterAct
com.lexun.fleamarket.CategoryAct
com.lexun.fleamarket.PublishAct
com.lexun.fleamarket.ExchangeMethodAct
com.lexun.fleamarket.ChooseLocationAct
com.lexun.fleamarket.MyselfAct
com.lexun.fleamarket.MyselfOtherAct
com.lexun.fleamarket.MyListAct
com.lexun.fleamarket.SetupAct
com.lexun.fleamarket.AboutusAct
com.lexun.fleamarket.TradeFilterLocationAct
com.lexun.fleamarket.SendingActivity
com.lexun.fleamarket.ChoosePhotoWayAct
com.lexun.fleamarket.SendRefReplyAct
com.lexun.fleamarket.ShowimgAct
com.lexun.fleamarket.SearchAct
com.lexun.fleamarket.WriteTopicAct
com.lexun.fleamarket.SignDetailAct
com.lexun.fleamarket.EditPostAct
com.lexun.fleamarket.RelyMsgListActivity
com.lexun.lxsystemmanager.HelpAct
com.lexun.lxsystemmanager.ringtones.RingtonesListActivity
com.lexun.lxsystemmanager.ringtones.RingtoneEditActivity
com.lexun.lxsystemmanager.ringtones.ChooseContactActivity
com.lexun.lxsystemmanager.fontmanager.FontManagerActivity
com.lexun.lxsystemmanager.appmanager.AppManagerActivity
com.lexun.lxsystemmanager.appmanager.RecycleBinActivity
com.lexun.lxsystemmanager.deviceinfor.SystemInforActivity
com.lexun.message.mainframe.LexunMainMessageActivity
com.lexun.message.chatroom.ChatRoomListAct
com.lexun.message.chatroom.ChatRoomListMyAct
com.lexun.message.chatroom.ChatRoomChatDetailAct
com.lexun.message.chatroom.ChatRoomMemListAct
com.lexun.message.chatroom.ChatRoomCardAct
com.lexun.message.message.MessageConversationList
com.lexun.message.message.VideoCamera
com.lexun.message.message.MessageGroupChatAct
com.lexun.message.message.MessageGroupChatStatusAct
com.lexun.message.message.VideoPlay
com.lexun.message.message.MessageAddNewUserActivity
com.lexun.message.message.MessageDetailActivity
com.lexun.message.message.MessageUnreceiveActivity
com.lexun.message.message.PushtopicListAct
com.lexun.message.message.MessageAddUnreceiveActivity
com.lexun.message.message.PictureActivity
com.lexun.message.message.MessageSettingActNew
com.lexun.message.message.MessageRemindTimeSetAct
com.lexun.message.message.LocationOverlayAct
com.lexun.message.group.MyLexunGroupAct
com.lexun.message.group.GroupHotAct
com.lexun.message.group.ModifyGroupMessageAct
com.lexun.message.group.GroupCardHostAct
com.lexun.message.group.GroupCardNormalAct
com.lexun.message.group.GroupPermissionSetAct
com.lexun.message.group.GroupMessageSetAct
com.lexun.message.group.GroupMemberDetailAct
com.lexun.message.group.GroupDetailListAct
com.lexun.message.group.GroupSearchAct
com.lexun.message.group.CreateGroupChatAct
com.lexun.message.group.GroupNoticeCenter
com.lexun.message.group.ManageGroupAct
com.lexun.message.group.InviteGroupAct
com.lexun.message.message.MessageLodingAct
com.lexun.message.message.MessageAboutAct
com.lexun.message.friend.activity.GuaidingActivity
com.lexun.message.friend.activity.FriendListActivity
com.lexun.message.friend.activity.FriendListActivityNew
com.lexun.message.friend.activity.FriendPaperActivity
com.lexun.message.friend.activity.MessageActivity
com.lexun.message.friend.activity.FriendBlackListActivity
com.lexun.message.friend.activity.FriendAddBlackListActivity
com.lexun.message.friend.activity.FriendAddListActivity
com.lexun.message.friend.activity.MinePaperActivity
com.lexun.message.friend.activity.MineSetActivity
com.lexun.message.friend.activity.MinePaperChangeSignActiviy
com.lexun.message.friend.activity.FriendPaperChangeNoteActiviy
com.lexun.message.friend.activity.FriendSendMsgActivity
com.lexun.message.friend.activity.FriendCheckActivity
com.lexun.message.friend.activity.MineSuggestionActivity
com.lexun.message.ex.doodle.PaintActivity
com.lexun.message.ex.festivalsms.ChosenActivity
com.lexun.lxsystemmanager.deviceinfor.DetailAct
com.lexun.lxsystemmanager.deviceinfor.SettingAct
com.lexun.phoneacespecial.SpecialListAct
com.lexun.phoneacespecial.SpecialMainAct
com.lexun.phoneacespecial.WebViewAct
com.lexun.phoneacespecial.SpecialCommentListAct
com.lexun.sjgs.BonusMainAct
com.lexun.sjgs.BonusOpenAct
com.lexun.sjgs.BonusSendAct
com.lexun.sjgs.PhoneUsersAct
com.lexun.sjgs.AtPersonAct

Receivers

Information computed with AndroGuard. 

com.lexun.message.receiver.LexunBootComplementReceiver
com.lexun.message.receiver.LexunMessageReceiver
com.lexun.message.receiver.LexunNetworkChangReceiver

Services

Information computed with AndroGuard. 

com.lexun.sjgs.service.SjgsMessageService
com.lexun.sendtopic.send.SendService
com.lexun.download.manager.service.NotificationService
com.lexun.wallpaper.information.lxtc.setting.service.DownBitmapService
com.lexun.wallpaper.information.lxtc.setting.service.WallpaperUpdatePicService
com.lexun.fleamarket.send.SendService
com.lexun.fleamarket.service.MessageService
com.baidu.location.f
com.lexun.lxsystemmanager.service.ToolService
com.lexun.message.frame.service.CLexunCommService
com.baidu.location.f

Sample timeline

Certificate valid not before Jan. 23, 2014, 3:03 a.m.
Oldest file found in APK Dec. 9, 2015, 8:56 p.m.
Latest file found in APK Dec. 9, 2015, 8:58 p.m.
First submission on VT Sept. 24, 2016, 1:20 a.m.
Last submission on VT March 27, 2018, 10:12 a.m.
Upload on Pithus Dec. 6, 2021, 9:20 a.m.
Certificate valid not after Jan. 17, 2039, 3:03 a.m.

VirusTotal

Score 7/57
Report https://www.virustotal.com/gui/file/6588ff47dd130457cdb1da32802a957a7861fe43b35563c3fe1fdd4258e3cf19/detection

Most Popular AV Detections

Provided by VirusTotal

Threat name: autoins Identified 2 times

NIAP analysis

Information computed with MobSF.

FCS_RBG_EXT.1.1 The application invoke platform-provided DRBG functionality for its cryptographic operations.
Random Bit Generation Services
FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['network connectivity', 'camera', 'location', 'bluetooth', 'microphone'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to ['system logs'].
Access to Platform Resources
FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Network Communications
FDP_DAR_EXT.1.1 The application implement functionality to encrypt sensitive data in non-volatile memory.
Encryption Of Sensitive Application Data
FMT_MEC_EXT.1.1 The application invoke the mechanisms recommended by the platform vendor for storing and setting configuration options.
Supported Configuration Mechanism
FTP_DIT_EXT.1.1 The application does encrypt some transmitted data with HTTPS/TLS/SSH between itself and another trusted IT product.
Protection of Data in Transit
FCS_RBG_EXT.2.1
FCS_RBG_EXT.2.2		 The application perform all deterministic random bit generation (DRBG) services in accordance with NIST Special Publication 800-90A using Hash_DRBG. The deterministic RBG is seeded by an entropy source that accumulates entropy from a platform-based DRBG and a software-based noise source, with a minimum of 256 bits of entropy at least equal to the greatest security strength (according to NIST SP 800-57) of the keys and hashes that it will generate.
Random Bit Generation from Application
FCS_COP.1.1(1) The application perform encryption/decryption in accordance with a specified cryptographic algorithm AES-CBC (as defined in NIST SP 800-38A) mode or AES-GCM (as defined in NIST SP 800-38D) and cryptographic key sizes 256-bit/128-bit.
Cryptographic Operation - Encryption/Decryption
FCS_COP.1.1(2) The application perform cryptographic hashing services not in accordance with FCS_COP.1.1(2) and uses the cryptographic algorithm RC2/RC4/MD4/MD5.
Cryptographic Operation - Hashing
FCS_HTTPS_EXT.1.2 The application implement HTTPS using TLS.
HTTPS Protocol
FCS_HTTPS_EXT.1.3 The application notify the user and not establish the connection or request application authorization to establish the connection if the peer certificate is deemed invalid.
HTTPS Protocol
FIA_X509_EXT.1.1 The application invoked platform-provided functionality to validate certificates in accordance with the following rules: ['The certificate path must terminate with a trusted CA certificate'].
X.509 Certificate Validation
FIA_X509_EXT.2.1 The application use X.509v3 certificates as defined by RFC 5280 to support authentication for HTTPS , TLS.
X.509 Certificate Authentication

Code analysis

Information computed with MobSF.

Low
CVSS:7.5
The App logs information. Sensitive information should never be logged.
MASVS: MSTG-STORAGE-3
CWE-532 Insertion of Sensitive Information into Log File
Files: 
 com/tencent/mm/sdk/channel/MMessageAct.java
 com/lexun/sjgs/task/aj.java
 com/lexun/sjgs/a/dw.java
 com/lexun/lxsystemmanager/e/g.java
 com/lexun/sjgs/util/h.java
 com/tencent/open/a.java
 com/lexun/lxsystemmanager/ringtones/cb.java
 com/lexun/sjgs/util/bh.java
 com/lexun/romload/information/lxtc/util/i.java
 com/lexun/lexunlottery/LotteryRecordActivity.java
 com/lexun/romload/information/lxtc/view/am.java
 com/lexun/sjgs/GoodSubjectActivity.java
 com/lexun/sendtopic/a/bg.java
 com/lexun/sendtopic/c/b.java
 com/lexun/sendtopic/bean/HomeListItemBean.java
 com/lexun/sjgs/a/z.java
 com/lexun/sjgs/ht.java
 com/lexun/sjgs/a/cf.java
 com/lexun/sendtopic/a/ap.java
 com/lexun/sendtopic/view/ResListView.java
 com/lexun/sjgsparts/a/a.java
 com/tencent/mm/sdk/openapi/WXVideoObject.java
 com/lexun/message/friendlib/a/e.java
 com/lexun/message/chatroom/x.java
 com/lexun/romload/information/lxtc/view/f.java
 com/lexun/message/receiver/LexunMessageReceiver.java
 com/lexun/login/ah.java
 com/lexun/message/lexunframemessageback/a/s.java
 com/lexun/sjgs/a/d.java
 com/lexun/wallpaper/information/lxtc/setting/d/c.java
 com/lexun/sendtopic/view/MyImageView.java
 com/lexun/socketuploadfile/b.java
 com/lexun/login/b/a/c.java
 com/lexun/sjgs/ModifyTopicActivity.java
 com/lexun/sjgs/id.java
 com/tencent/mm/sdk/openapi/GetMessageFromWX.java
 com/baidu/location/b/u.java
 com/lexun/sendtopic/e/d.java
 com/lexun/romload/information/lxtc/d/d.java
 com/lexun/lxsystemmanager/ringtones/RingdroidEditActivity.java
 com/lexun/login/aa.java
 com/lexun/sjgs/a/k.java
 com/lexun/sjgs/a/am.java
 com/koushikdutta/async/o.java
 com/lexun/sendtopic/ad.java
 com/lexun/sendtopic/a/k.java
 com/tencent/mm/sdk/openapi/WXFileObject.java
 com/lexun/socketuploadfile/b/b.java
 com/tencent/mm/sdk/platformtools/KVConfig.java
 com/lexun/sjgs/hx.java
 com/lexun/login/as.java
 com/koushikdutta/ion/w.java
 com/lexun/sjgs/task/bl.java
 com/lexun/lxsystemmanager/appmanager/ag.java
 com/lexun/sjgs/no.java
 com/lexun/sjgslib/a/d.java
 com/lexun/sjgs/task/a.java
 com/koushikdutta/ion/c/a.java
 com/lexun/sendtopic/a.java
 com/lexun/phoneacespecial/e/bv.java
 com/lexun/wallpaper/information/lxtc/setting/a/h.java
 com/lexun/sendtopic/c/f.java
 com/tencent/open/PKDialog.java
 com/lexun/sendtopic/i/z.java
 com/lexun/romload/information/lxtc/a/a.java
 com/lexun/sjgs/he.java
 com/lexun/sjgs/task/ac.java
 com/lexun/message/slidingmenu/lib/SlidingMenu.java
 com/lexun/sjgs/task/af.java
 com/lexun/lxsystemmanager/b/o.java
 com/lexun/sendtopic/ah.java
 com/lexun/sendtopic/send/a.java
 com/lexun/sjgs/task/w.java
 com/lexun/sendtopic/AddResActivity.java
 com/lexun/fleamarket/a/b.java
 com/lexun/sjgs/a/en.java
 com/lexun/sjgs/GoodResAllAct.java
 com/lexun/lxsystemmanager/ringtones/ChooseContactActivity.java
 com/lexun/message/group/GroupCardHostAct.java
 com/baidu/location/b/q.java
 com/tencent/mm/sdk/contact/RContact.java
 com/lexun/message/ex/doodle/n.java
 com/lexun/sendtopic/e/k.java
 com/lexun/sendtopic/p.java
 com/lexun/sjgs/a/cu.java
 com/tencent/mm/sdk/openapi/WXAppExtendObject.java
 com/lexun/message/frame/service/h.java
 com/lexun/sendtopic/i/a/a.java
 com/lexun/message/group/CreateGroupChatAct.java
 com/lexun/wallpaper/information/lxtc/setting/view/WallpaperMainAct.java
 com/tencent/mm/sdk/plugin/MMPluginProviderConstants.java
 com/lexun/download/manager/a/s.java
 com/lexun/wallpaper/information/lxtc/setting/broadcast/WallpaperBroadcastReceiver.java
 com/lexun/sendtopic/a/ai.java
 com/lexun/sjgs/a/cm.java
 com/lexun/sendtopic/a/h.java
 com/lexun/lxsystemmanager/b/a.java
 com/lexun/message/slidingmenu/lib/CustomViewBehind.java
 com/lexun/sjgs/dk.java
 com/lexun/sjgs/MyselfOtherAct.java
 com/lexun/sendtopic/a/bn.java
 com/lexun/message/h/l.java
 com/lexun/lxsystemmanager/appmanager/ba.java
 com/lexun/sjgs/DownloadPathActivity.java
 com/lexun/lxsystemmanager/appmanager/bb.java
 com/tencent/mm/sdk/openapi/WXEmojiObject.java
 com/lexun/lexunlottery/d/b.java
 com/lexun/message/dslv/m.java
 com/lexun/romload/information/lxtc/a/l.java
 com/lexun/message/f/b.java
 com/lexun/login/ao.java
 com/lexun/sjgs/a/bh.java
 com/baidu/mapapi/common/Logger.java
 com/lexun/wallpaper/information/lxtc/setting/util/q.java
 com/baidu/location/BDNotifyListener.java
 com/lexun/sjgs/dl.java
 com/lexun/message/lexunframemessageback/k.java
 com/tencent/connect/auth/AuthAgent.java
 com/lexun/login/az.java
 com/lexun/romload/information/lxtc/view/ae.java
 com/lexun/login/shareacount/c.java
 com/baidu/platform/comapi/util/f.java
 com/lexun/sjgs/kz.java
 com/lexun/message/frame/service/i.java
 com/lexun/sjgs/a/cb.java
 com/lexun/download/manager/a.java
 com/lexun/message/lexunframeservice/control/u.java
 com/lexun/message/friendlib/cache/FriendProvider.java
 com/lexun/lexunlottery/n.java
 com/tencent/stat/event/Event.java
 com/lexun/download/manager/DloadMainAct.java
 com/lexun/romload/information/lxtc/view/aq.java
 com/lexun/sendtopic/i.java
 com/koushikdutta/async/http/libcore/o.java
 com/tencent/utils/Util.java
 com/lexun/sjgs/fp.java
 com/baidu/location/b/r.java
 com/lexun/message/ex/doodle/f.java
 com/lexun/sjgs/a/er.java
 com/lexun/romload/information/lxtc/view/ArticleDetailAct.java
 com/lexun/sjgs/service/c.java
 com/lexun/message/frame/service/p.java
 com/koushikdutta/ion/a/b.java
 com/lexun/sjgs/util/be.java
 com/lexun/message/ex/doodle/PaintActivity.java
 com/lexun/sjgs/a/v.java
 com/tencent/open/TaskGuide.java
 com/lexun/sjgs/fd.java
 com/lexun/sendtopic/h.java
 com/tencent/mm/ui/MMPullDownView.java
 com/lexun/sendtopic/i/o.java
 com/lexun/login/a/d.java
 com/lexun/sjgs/c/af.java
 com/lexun/sendtopic/a/v.java
 com/lexun/sjgs/task/bp.java
 android/content/pm/SwipeListView.java
 com/lexun/sjgs/a/fl.java
 com/lexun/sjgs/task/bd.java
 com/nostra13/universalimageloader/a/a/a/a/a.java
 com/lexun/wallpaper/information/lxtc/setting/bean/HomeListItemBean.java
 com/lexun/sendtopic/send/SendSizeBroadcastReciver.java
 com/lexun/message/h/e.java
 com/baidu/platform/comapi/util/PermissionCheck.java
 com/tencent/utils/SystemUtils.java
 com/lexun/sjgs/a/ff.java
 com/tencent/mm/sdk/platformtools/SyncTask.java
 com/lexun/sjgs/task/aq.java
 com/lexun/download/manager/a/ag.java
 com/lexun/phoneacespecial/e/bw.java
 com/lexun/sjgs/receiver/MsgBroadcastReciver.java
 com/tencent/mm/sdk/platformtools/MAlarmHandler.java
 com/tencent/mm/sdk/platformtools/NetStatusUtil.java
 com/lexun/sendtopic/b/a.java
 com/lexun/romload/information/lxtc/view/x.java
 com/tencent/mm/sdk/storage/MAutoDBItem.java
 com/baidu/android/bbalbs/common/util/a.java
 com/tencent/mm/sdk/platformtools/ChannelUtil.java
 com/lexun/login/LoginAct.java
 com/lexun/sjgs/ln.java
 com/lexun/sjgs/ju.java
 com/lexun/lexunlottery/m.java
 com/lexun/sendtopic/bean/Article.java
 com/lexun/sjgs/task/av.java
 com/lexun/sjgs/task/d.java
 com/lexun/sjgs/a/n.java
 com/lexun/login/av.java
 com/lexun/sjgs/DefaultAct.java
 com/lexun/sjgs/in.java
 com/lexun/sendtopic/i/l.java
 com/tencent/mm/sdk/platformtools/TimeLogger.java
 com/baidu/mapapi/map/TileOverlayOptions.java
 com/lexun/sendtopic/h/b.java
 com/handmark/pulltorefresh/library/d.java
 com/lexun/sendtopic/c/l.java
 com/lexun/sjgs/a/aw.java
 com/lexun/wallpaper/information/lxtc/setting/view/WallpaperLocalLookAct.java
 com/lexun/sjgs/a/bp.java
 com/lexun/sendtopic/o.java
 com/lexun/lexunlottery/t.java
 com/lexun/sjgs/net/e.java
 com/lexun/message/friend/activity/ef.java
 com/lexun/sjgs/a/l.java
 com/sina/weibo/sdk/utils/MD5.java
 com/lexun/sjgs/a/by.java
 com/lexun/message/friend/activity/ac.java
 com/lexun/sjgs/c/a.java
 com/lexun/sendtopic/i/a/b.java
 com/lexun/sendtopic/a/a.java
 com/lexun/sendtopic/a/ad.java
 com/lexun/sjgs/d/k.java
 com/lexun/sjgs/a/au.java
 com/lexun/sendtopic/e/a.java
 com/lexun/sendtopic/ag.java
 com/lexun/sendtopic/g/a.java
 com/lexun/lxsystemmanager/b/e.java
 com/lexun/sjgs/MyselfAct.java
 com/lexun/sjgs/ie.java
 com/lexun/sjgs/net/c.java
 com/tencent/mm/sdk/openapi/SendAuth.java
 com/tencent/mm/sdk/storage/ContentProviderDB.java
 com/tencent/mm/sdk/platformtools/Util.java
 com/lexun/sjgs/a/ay.java
 com/koushikdutta/async/c.java
 com/tencent/mm/sdk/storage/MAutoStorage.java
 com/lexun/loginlib/a.java
 com/baidu/mapapi/map/n.java
 com/lexun/romload/information/lxtc/view/aj.java
 com/lexun/sjgs/a/fd.java
 com/tencent/weiyun/FileManager.java
 com/lexun/sendtopic/c/a/e.java
 com/lexun/sjgs/a/br.java
 com/lexun/sendtopic/e/e.java
 com/handmark/pulltorefresh/library/SwipeListView.java
 com/lexun/update/c/a.java
 com/lexun/romload/information/lxtc/a/s.java
 com/lexun/sjgs/a/ci.java
 com/lexun/sjgs/task/h.java
 com/lexun/sjgs/task/bf.java
 com/tencent/utils/AsynLoadImg.java
 com/lexun/wallpaper/information/framework/c/a.java
 com/app/common/view/WorkspaceView.java
 com/lexun/wallpaper/information/lxtc/setting/util/a.java
 com/lexun/download/manager/e.java
 com/lexun/lxsystemmanager/ringtones/RingtoneEditActivity.java
 com/lexun/lxsystemmanager/b/c.java
 com/lexun/sendtopic/a/bf.java
 com/lexun/sendtopic/ae.java
 com/baidu/location/b/t.java
 com/lexun/lexunlottery/a/a.java
 com/lexun/sendtopic/send/d.java
 com/lexun/login/b/a/d.java
 com/lexun/message/frame/service/k.java
 com/lexun/login/utils/d.java
 com/lexun/sjgs/fi.java
 com/lexun/socketuploadfile/a.java
 com/lexun/sendtopic/e/h.java
 com/lexun/sjgs/task/HongbaoOpreateTask.java
 com/tencent/open/b.java
 com/lexun/lxsystemmanager/appmanager/p.java
 com/lexun/sjgs/gu.java
 com/baidu/platform/comapi/a.java
 com/lexun/sendtopic/a/w.java
 com/lexun/login/ag.java
 com/lexun/lexunlottery/a/d.java
 u/aly/ft.java
 com/lexun/message/lexunframemessageback/r.java
 com/tencent/mm/sdk/platformtools/BackwardSupportUtil.java
 com/lexun/sendtopic/c/ac.java
 com/lexun/sendtopic/PhotoListAct.java
 com/lexun/sjgs/fs.java
 com/lexun/lexunspecalwindow/receiver/WlanStatusChangeReceiver.java
 com/lexun/sjgs/BaseApplication.java
 com/tencent/connect/share/a.java
 com/lexun/message/h/a.java
 com/lexun/sendtopic/view/CustomRelativeLayout.java
 com/lexun/sjgs/view/TView.java
 com/lexun/lxsystemmanager/d/a.java
 com/lexun/phoneacespecial/g/c.java
 com/baidu/location/b.java
 com/baidu/location/f/a/b.java
 com/lexun/sjgs/task/bt.java
 com/lexun/sjgs/fg.java
 com/lexun/sjgs/is.java
 com/lexun/sendtopic/send/f.java
 com/lexun/sjgsparts/b/f.java
 com/lexun/lexunlottery/o.java
 com/tencent/open/SocialApiIml.java
 com/lexun/login/a/a.java
 com/lexun/sendtopic/j.java
 com/lexun/socketuploadfile/f.java
 com/lexun/lexungallery/customerview/DetailGallery.java
 com/lexun/sendtopic/al.java
 com/lexun/sjgs/task/ao.java
 com/lexun/login/ae.java
 com/lexun/sendtopic/SendingActivity.java
 com/lexun/romload/information/lxtc/view/i.java
 com/lexun/lexunlottery/e.java
 com/lexun/sjgs/ez.java
 com/lexun/message/lexunframemessageback/h.java
 com/lexun/message/friendlib/a/b.java
 com/lexun/sendtopic/x.java
 com/lexun/phoneacespecial/g/a.java
 com/lexun/lexunlottery/AwardRecordActivity.java
 com/lexun/wallpaper/information/framework/util/b.java
 com/lexun/lexunlottery/c.java
 com/lexun/wallpaper/information/lxtc/setting/e/a.java
 com/lexun/sendtopic/WriteTopicActivity.java
 com/lexun/download/manager/a/r.java
 com/lexun/message/frame/service/f.java
 com/lexun/sjgs/util/bc.java
 com/tencent/connect/share/QQShare.java
 com/lexun/sjgs/task/bh.java
 com/lexun/romload/information/lxtc/d/a.java
 com/lexun/sjgs/a/fb.java
 com/lexun/message/frame/service/r.java
 com/lexun/sjgs/view/ReplyListView.java
 com/tencent/mm/sdk/platformtools/TrafficStats.java
 com/lexun/message/lexunframeservice/control/e.java
 com/lexun/sjgs/util/q.java
 com/lexun/sjgs/a/cd.java
 com/lexun/romload/information/lxtc/a/n.java
 com/lexun/lxsystemmanager/appmanager/AppManagerActivity.java
 com/koushikdutta/ion/e/b.java
 com/lexun/sjgs/task/y.java
 com/lexun/sjgs/task/aa.java
 com/lexun/login/ax.java
 com/lexun/lexunlottery/a/f.java
 com/tencent/utils/ServerSetting.java
 com/lexun/lexungallery/activity/PhotoDetilActivity.java
 com/lexun/login/FindBackPwdActivity.java
 com/app/common/view/ImageZoomView.java
 com/tencent/open/a/c.java
 com/lexun/sjgs/task/ah.java
 com/lexun/message/friend/activity/ca.java
 com/lexun/wallpaper/information/lxtc/setting/view/WallpaperClassAct.java
 com/lexun/sjgs/RelyMsgListActivity.java
 com/lexun/sjgs/bp.java
 com/lexun/romload/information/framework/util/a.java
 com/lexun/sjgs/a/bk.java
 com/lexun/sendtopic/a/bd.java
 com/lexun/lxsystemmanager/ringtones/bg.java
 com/ant/liao/GifView.java
 com/lexun/lxsystemmanager/appmanager/b.java
 com/lexun/lexungallery/activity/b.java
 com/lexun/sendtopic/a/f.java
 com/lexun/update/c/c.java
 com/lexun/message/friend/activity/bt.java
 com/lexun/sjgs/task/at.java
 com/tencent/mm/sdk/openapi/WXTextObject.java
 com/lexun/sjgs/a/ak.java
 com/lexun/wallpaper/information/lxtc/setting/a/i.java
 com/lexun/login/q.java
 com/lexun/sendtopic/a/ak.java
 com/lexun/sjgs/GoodBigGunActivity.java
 com/lexun/download/manager/c.java
 com/lexun/romload/information/framework/util/TView.java
 com/lexun/sendtopic/f/a.java
 com/lexun/sjgs/eb.java
 com/lexun/sjgs/a/fu.java
 com/lexun/sjgs/task/f.java
 com/lexun/sendtopic/h/a.java
 com/lexun/webview/a.java
 com/lexun/sjgs/bt.java
 com/lexun/sendtopic/af.java
 com/lexun/download/manager/a/b.java
 com/lexun/sendtopic/a/m.java
 com/lexun/sjgs/c/z.java
 com/lexun/sjgs/a/bb.java
 com/lexun/lxsystemmanager/ringtones/bt.java
 com/lexun/message/h/f.java
 com/lexun/sendtopic/e/b.java
 com/lexun/romload/information/lxtc/d/f.java
 com/lexun/login/b/g.java
 com/tencent/mm/sdk/openapi/WXMusicObject.java
 com/lexun/sjgs/util/u.java
 com/lexun/sjgs/b/c.java
 com/lexun/message/ex/doodle/FingerShowView.java
 com/lexun/sendtopic/i/a/c.java
 com/lexun/login/b/a/e.java
 com/lexun/sjgs/a/x.java
 com/lexun/sjgs/c/o.java
 com/tencent/mm/sdk/platformtools/PhoneUtil20Impl.java
 com/lexun/sjgs/a/bm.java
 com/tencent/connect/a/a.java
 com/tencent/mm/sdk/storage/MStorageEvent.java
 com/lexun/sjgs/df.java
 com/tencent/open/c.java
 com/lexun/wallpaper/information/framework/model/a.java
 com/handmark/pulltorefresh/library/PullToRefreshBase.java
 com/lexun/lxsystemmanager/e/i.java
 com/lexun/lxsystemmanager/service/ToolService.java
 com/tencent/mm/sdk/platformtools/SensorController.java
 com/lexun/message/chatroom/ChatRoomChatDetailAct.java
 com/lexun/sjgs/la.java
 com/tencent/mm/sdk/plugin/MMPluginOAuth.java
 com/lexun/sjgs/task/bn.java
 com/lexun/sendtopic/c/d.java
 com/baidu/lbsapi/auth/a.java
 com/iflytek/msc/f/e.java
 com/lexun/sjgs/util/j.java
 com/lexun/message/lexunframemessageback/b.java
 com/lexun/login/f.java
 com/lexun/update/c/b.java
 com/lexun/lxsystemmanager/d/d.java
 com/lexun/login/ModifyUserInfoAct.java
 com/lexun/sjgs/a/fv.java
 com/lexun/sendtopic/a/ag.java
 com/lexun/sendtopic/b/a/a.java
 com/lexun/lexunspecalwindow/customerview/AnimLinearlayoutNew.java
 com/tencent/mm/sdk/openapi/WXMediaMessage.java
 com/lexun/common/view/ImageZoomView.java
 com/lexun/login/ay.java
 com/lexun/romload/information/framework/util/MyApplication.java
 com/handmark/pulltorefresh/library/PullToRefreshAdapterViewBase.java
 com/lexun/update/b/a.java
 com/lexun/romload/information/lxtc/view/av.java
 com/lexun/sjgs/task/n.java
 com/iflytek/ui/a/d.java
 com/lexun/socketuploadfile/d.java
 com/lexun/sendtopic/a/bi.java
 com/tencent/mm/sdk/plugin/MMPluginAPIImpl.java
 com/lexun/sjgs/hk.java
 com/lexun/sjgs/task/al.java
 com/tencent/connect/share/QzoneShare.java
 com/lexun/lxsystemmanager/ringtones/ac.java
 com/lexun/sjgs/c/at.java
 com/lexun/sjgs/jd.java
 com/lexun/sjgs/d/a.java
 com/tencent/stat/common/StatLogger.java
 com/lexun/romload/information/lxtc/view/ad.java
 com/tencent/mm/sdk/platformtools/MMEntryLock.java
 com/lexun/sendtopic/v.java
 com/baidu/mapapi/map/TileOverlay.java
 com/lexun/sendtopic/i/q.java
 com/lexun/login/aj.java
 com/lexun/sjgs/fc.java
 com/lexun/sendtopic/y.java
 com/lexun/login/i.java
 com/lexun/clientaward/a.java
 com/lexun/sjgs/ForumListSpecialAct.java
 com/lexun/sjgs/cr.java
 com/lexun/romload/information/lxtc/a/k.java
 com/lexun/sendtopic/a/au.java
 com/lexun/sendtopic/file/b.java
 com/lexun/update/c/e.java
 com/lexun/lxsystemmanager/ringtones/i.java
 com/lexun/sendtopic/a/bb.java
 com/koushikdutta/async/bb.java
 com/lexun/sendtopic/send/SendResultBroadcastReciver.java
 com/lexun/sjgs/a/bt.java
 com/lexun/message/friendlib/c/a.java
 com/lexun/lexunlottery/c/c.java
 com/lexun/sjgs/task/j.java
 com/lexun/sjgs/task/ae.java
 com/lexun/common/activity/SimpleWebViewAct.java
 com/lexun/sjgs/a/cl.java
 com/lexun/sjgslib/b/q.java
 com/lexun/message/friend/activity/bw.java
 com/lexun/sjgs/task/u.java
 com/lexun/message/message/ec.java
 com/lexun/sendtopic/PhotoSelectActivity.java
 com/lexun/sjgs/fr.java
 com/lexun/message/message/aw.java
 com/lexun/sjgs/util/y.java
 com/lexun/sjgs/util/URLSpan.java
 com/lexun/sendtopic/ab.java
 com/lexun/login/c/a.java
 com/lexun/message/friend/activity/di.java
 com/lexun/sjgs/hd.java
 com/lexun/romload/information/lxtc/view/as.java
 com/lexun/lxsystemmanager/e/m.java
 com/lexun/sjgs/a/ac.java
 com/lexun/message/view/RotateRecordingTime.java
 com/lexun/sjgs/a/cz.java
 com/lexun/lexunspecalwindow/customerview/g.java
 com/lexun/sendtopic/c/r.java
 com/lexun/sendtopic/h/e.java
 com/lexun/lxsystemmanager/e/l.java
 com/lexun/sjgs/c/al.java
 com/lexun/sendtopic/u.java
 com/app/common/SimpleWebViewAct.java
 com/lexun/message/message/VideoCamera.java
 com/lexun/message/view/c.java
 com/lexun/romload/information/lxtc/view/w.java
 com/lexun/message/frame/service/CLexunCommService.java
 com/lexun/sjgs/d/h.java
 com/baidu/location/g/b.java
 com/lexun/lexungallery/e/a.java
 com/lexun/sendtopic/file/FileCategoryHelper.java
 com/tencent/utils/HttpUtils.java
 com/lexun/sjgs/jo.java
 com/lexun/sjgs/BaseFragmentActivity.java
 com/lexun/message/friend/activity/aq.java
 com/lexun/wallpaper/information/lxtc/setting/cutphoto/CropImageAct.java
 com/lexun/message/ex/doodle/l.java
 com/lexun/sjgs/c/aa.java
 com/lexun/sjgs/task/bq.java
 com/baidu/mapapi/map/PolylineOptions.java
 com/lexun/login/shareacount/d.java
 com/lexun/lexunlottery/s.java
 com/lexun/sendtopic/z.java
 com/lexun/sendtopic/send/c.java
 com/lexun/sjgs/kn.java
 com/baidu/location/b/s.java
 com/lexun/sjgs/a/an.java
 com/lexun/message/friendlib/a/d.java
 com/lexun/socketuploadfile/c.java
 com/lexun/sjgs/c/w.java
 com/lexun/message/frame/service/c.java
 com/lexun/sjgs/task/bv.java
 com/lexun/sendtopic/SelResActivity.java
 com/handmark/pulltorefresh/library/a/f.java
 com/tencent/mm/sdk/openapi/WXWebpageObject.java
 com/lexun/lexungallery/c/f.java
 com/lexun/message/ex/doodle/FingerView.java
 com/lexun/sjgs/task/bj.java
 com/lexun/webview/WebViewAct.java
 com/lexun/sjgs/bean/HomeListItemBean.java
 com/lexun/update/c/f.java
 com/lexun/lexungallery/activity/e.java
 com/lexun/sjgs/GoodRESListActivity.java
 com/lexun/sjgs/a/dg.java
 com/lexun/sjgs/fq.java
 com/lexun/sjgs/MyListAct.java
 com/lexun/phoneacespecial/f/a.java
 com/lexun/sjgs/task/o.java
 com/lexun/login/t.java
 com/lexun/sjgs/hv.java
 com/lexun/wallpaper/information/lxtc/setting/e/c.java
 com/lexun/login/n.java
 com/koushikdutta/async/http/libcore/b.java
 com/lexun/sjgs/lt.java
 com/lexun/sjgs/ee.java
 com/lexun/sjgs/BaseActivityGroup.java
 com/lexun/message/friend/activity/dd.java
 com/lexun/sjgs/nm.java
 com/lexun/romload/information/lxtc/a/q.java
 com/lexun/download/manager/c/a.java
 com/baidu/mapapi/map/Polyline.java
 com/lexun/sjgs/d/b.java
 com/lexun/romload/information/lxtc/view/BaseFragmentActvity.java
 com/lexun/sendtopic/i/ab.java
 com/lexun/login/shareacount/ShareAccountActivity.java
 com/lexun/phoneacespecial/WebViewAct.java
 com/lexun/romload/information/lxtc/view/al.java
 com/lexun/message/friend/activity/g.java
 com/lexun/message/friend/activity/dz.java
 com/lexun/sjgs/task/bb.java
 com/lexun/sjgs/a/y.java
 com/lexun/sjgs/a/cg.java
 com/lexun/lxsystemmanager/appmanager/az.java
 com/lexun/sjgs/lb.java
 com/lexun/message/lexunframeservice/control/m.java
 com/lexun/sjgs/et.java
 com/lexun/sendtopic/a/bh.java
 com/lexun/login/ModifyHeadIconActivity.java
 com/lexun/sjgs/task/q.java
 com/lexun/romload/information/lxtc/view/RomListSearchAct.java
 com/lexun/sjgs/UploadImgActivity.java
 com/lexun/login/FindBackPwd2Act.java
 com/lexun/sendtopic/c/y.java
 com/lexun/sjgs/LodingActivity.java
 com/lexun/sendtopic/a/l.java
 com/lexun/sjgs/a/ct.java
 com/lexun/sendtopic/PhotoMulSelectAct.java
 com/lexun/sjgs/ReplyActivity.java
 com/tencent/mm/sdk/platformtools/Log.java
 com/lexun/sjgs/ia.java
 com/baidu/platform/comjni/map/basemap/a.java
 com/lexun/lexunlottery/i.java
 com/lexun/login/a/e.java
 com/lexun/sjgs/BWManagerAct.java
 com/lexun/romload/information/lxtc/d/g.java
 com/lexun/sendtopic/c/a.java
 com/lexun/loginlib/a/a.java
 com/lexun/sendtopic/f.java
 com/lexun/sjgs/cy.java
 com/lexun/romload/information/framework/util/b.java
 com/lexun/sendtopic/a/ax.java
 com/lexun/sendtopic/send/b.java
 com/lexun/message/h/g.java
 com/lexun/sjgs/task/s.java
 com/tencent/open/TDialog.java
 com/lexun/sjgs/dy.java
 com/lexun/message/frame/service/a/b.java
 com/koushikdutta/async/http/m.java
 com/lexun/login/r.java
 com/lexun/download/manager/service/NotificationService.java
 com/lexun/sjgslib/a/c.java
 com/lexun/sendtopic/c/j.java
 com/lexun/sjgs/a/fq.java
 com/lexun/sjgs/a/as.java
 com/lexun/sjgs/task/b.java
 com/lexun/romload/information/framework/c/e.java
 com/baidu/location/a/a.java
 com/lexun/sendtopic/BaseActivity.java
 com/lexun/common/view/WorkspaceView.java
 com/lexun/sjgs/go.java
 com/lexun/sjgs/jp.java
 com/lexun/message/friend/activity/cx.java
 com/lexun/sjgs/a/cc.java
 com/lexun/sjgs/a/fj.java
 com/lexun/sjgs/util/r.java
 com/lexun/lexunlottery/r.java
 com/lexun/sendtopic/i/w.java
 com/lexun/sendtopic/c/c.java
 com/lexun/sendtopic/a/bo.java
 com/lexun/sjgs/mf.java
 com/lexun/message/frame/service/q.java
 com/lexun/wallpaper/information/lxtc/setting/d/d.java
 com/lexun/sjgs/da.java
 com/tencent/mm/sdk/platformtools/MMApplicationContext.java
 com/tencent/utils/OpenConfig.java
 com/lexun/sjgs/ff.java
 com/tencent/mm/sdk/platformtools/LBSManager.java
 com/lexun/message/friendlib/d/e.java
 com/lexun/sjgs/a/cx.java
 com/lexun/sendtopic/a/n.java
 com/lexun/sjgs/c/ak.java
 com/tencent/open/a/b.java
 com/lexun/sjgs/task/bx.java
 com/lexun/sendtopic/send/SendService.java
 com/lexun/lexunlottery/d.java
 com/lexun/message/e/a.java
 com/lexun/wallpaper/information/framework/util/c.java
 com/tencent/mm/sdk/openapi/WXImageObject.java
 com/lexun/phoneacespecial/w.java
 com/lexun/message/frame/service/s.java
 com/lexun/message/friendlib/a/a.java
 com/lexun/lxsystemmanager/appmanager/v.java
 com/lexun/sendtopic/aa.java
 com/lexun/sjgs/a/t.java
 com/lexun/sendtopic/c/h.java
 com/lexun/lexungallery/c/b.java
 com/lexun/sendtopic/c/a/h.java
 com/lexun/sjgs/DetailAct.java
 com/tencent/mm/sdk/openapi/SendMessageToWX.java
 com/tencent/connect/auth/AuthDialog.java
 com/lexun/lexunlottery/CircleActivity.java
 com/lexun/lexungallery/a/c.java
 com/lexun/sjgs/d/g.java
 com/baidu/location/b/p.java
 com/tencent/mm/sdk/platformtools/LocaleUtil.java
 com/lexun/sendtopic/w.java
 com/lexun/sendtopic/a/av.java
 com/lexun/sjgs/task/bs.java
 com/lexun/message/message/MessageDetailActivity.java
 com/lexun/sjgs/a/bj.java
 com/lexun/login/FindBackPwd1Act.java
 com/lexun/sjgs/BaseActivity.java
 com/lexun/sendtopic/VoteOptionActivity.java
 com/lexun/lxsystemmanagerui/view/RoundProgressBar.java
 com/lexun/sjgs/a/bv.java
 com/lexun/login/a/b.java
 com/lexun/download/manager/d.java
 com/lexun/sendtopic/send/e.java
 com/lexun/sjgs/dt.java
 com/lexun/message/group/o.java
 com/tencent/b/a/c.java
 com/lexun/lexungallery/c/d.java
 com/lexun/sjgs/d/e.java
 com/lexun/romload/information/lxtc/view/t.java
 com/lexun/lexungallery/a/a.java
 com/lexun/socketuploadfile/e.java
 com/tencent/mm/sdk/openapi/WXApiImplV10.java
 com/lexun/romload/information/lxtc/view/BaseActivity.java
 com/lexun/romload/information/lxtc/view/RomDetailAct.java
 com/lexun/lexunlottery/BaseActivity.java
 com/lexun/romload/information/lxtc/d/b.java
 com/lexun/sjgs/gt.java
 com/koushikdutta/async/bj.java
 com/lexun/sendtopic/bean/CPath.java
 com/lexun/wallpaper/information/lxtc/setting/cutphoto/CropImageView.java
 com/lexun/romload/information/lxtc/a/h.java
 com/lexun/wallpaper/information/framework/c/e.java
 com/lexun/login/UpdateUserinfoActivity.java
 com/lexun/sendtopic/a/be.java
 com/lexun/sjgs/a/be.java
 com/lexun/sjgs/MainActivity.java
 com/lexun/message/lexunframemessageback/s.java
 com/lexun/romload/information/lxtc/a/c.java
 com/lexun/message/friend/activity/cg.java
 com/lexun/loginlib/a/h.java
 com/lexun/romload/information/lxtc/view/ai.java
 com/lexun/update/a/a.java
 com/tencent/open/a/d.java
 com/lexun/sjgs/view/a.java
 com/tencent/mm/sdk/channel/MMessage.java
 com/lexun/sendtopic/c/a/a.java
 com/lexun/sendtopic/a/ae.java
 com/lexun/sjgs/task/l.java
 com/lexun/login/k.java
 com/lexun/share/e/a.java
 com/lexun/login/w.java
 com/lexun/sendtopic/c/t.java
 com/sina/weibo/sdk/utils/LogUtil.java
 com/lexun/sjgs/service/SjgsMessageService.java
 com/lexun/message/friend/activity/FriendSendMsgActivity.java
 com/lexun/sjgs/task/az.java
 com/lexun/update/c/i.java
 com/lexun/message/group/h.java
 com/lexun/sjgs/HomeAct.java
 com/lexun/message/adapter/o.java
High
CVSS:5.5
App can read/write to External Storage. Any App can read data written to External Storage.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files: 
 com/baidu/platform/comapi/util/e.java
 com/lexun/clientaward/a.java
 com/lexun/update/c/e.java
 com/tencent/connect/share/a.java
 com/lexun/lxsystemmanager/e/g.java
 com/tencent/b/b/c.java
 com/lexun/romload/information/lxtc/util/i.java
 com/baidu/location/f/a/b.java
 com/lexun/sendtopic/c/h.java
 com/lexun/lxsystemmanager/e/a.java
 com/lexun/sendtopic/bean/CAPP.java
 com/lexun/sjgsparts/b/f.java
 com/lexun/message/lexunframemessageback/c.java
 com/lexun/message/h/f.java
 com/lexun/message/h/l.java
 com/baidu/location/e/t.java
 com/lexun/common/j/b.java
 com/lexun/lexungallery/e/c.java
 com/lexun/sjgs/c/ac.java
 com/baidu/platform/comapi/util/d.java
 com/lexun/message/dslv/m.java
 com/lexun/sendtopic/i/aa.java
 com/lexun/wallpaper/information/lxtc/setting/util/q.java
 com/tencent/stat/common/StatCommonHelper.java
 com/lexun/message/lexunframemessageback/h.java
 com/baidu/location/c/b.java
 com/tencent/open/c.java
 com/tencent/b/a/h.java
 com/lexun/phoneacespecial/g/a.java
 com/nostra13/universalimageloader/b/g.java
 com/lexun/message/message/VideoCamera.java
 com/lexun/login/utils/f.java
 com/lexun/download/manager/DloadMainAct.java
 com/lexun/message/lexunframeservice/control/i.java
 com/baidu/location/e/h.java
 com/tencent/utils/Util.java
 com/lexun/sendtopic/bean/Constant.java
 u/aly/hz.java
 com/lexun/sjgs/util/q.java
 com/lexun/message/h/d.java
 com/tencent/mm/sdk/platformtools/Util.java
 com/lexun/message/frame/service/p.java
 com/lexun/sjgs/util/be.java
 com/lexun/sendtopic/i/p.java
 com/lexun/sendtopic/bean/CPath.java
 com/lexun/socketuploadfile/b/b.java
 com/lexun/message/lexunframemessageback/f.java
 com/lexun/romload/information/framework/util/a.java
 com/tencent/utils/AsynLoadImg.java
 com/lexun/socketuploadfile/test/c.java
 com/lexun/wallpaper/information/framework/c/a.java
 com/lexun/wallpaper/information/lxtc/setting/cutphoto/i.java
 com/lexun/lxsystemmanager/ringtones/RingtoneEditActivity.java
 com/tencent/connect/dataprovider/CallbackManager.java
 com/baidu/location/b/k.java
 com/lexun/sendtopic/i/z.java
 com/lexun/sendtopic/file/i.java
 com/lexun/sendtopic/i/n.java
 com/tencent/stat/common/Env.java
 com/lexun/update/c/f.java
 com/lexun/update/c/c.java
 com/baidu/vi/VDeviceAPI.java
 com/lexun/message/frame/service/q.java
 com/lexun/sendtopic/e/k.java
 com/baidu/android/bbalbs/common/util/a.java
 com/tencent/open/a/b.java
 com/lexun/lxsystemmanager/e/h.java
 com/lexun/sendtopic/i/q.java
 com/baidu/location/b/e.java
 com/lexun/wallpaper/information/framework/util/a.java
High
CVSS:7.5
The App uses an insecure Random Number Generator.
MASVS: MSTG-CRYPTO-6
CWE-330 Use of Insufficiently Random Values
M5: Insufficient Cryptography
Files: 
 com/lexun/sjgs/task/s.java
 com/lexun/lxsystemmanager/ringtones/RingdroidEditActivity.java
 com/baidu/location/h/f.java
 com/iflytek/msc/f/d.java
 com/lexun/sjgs/task/y.java
 com/lexun/sjgs/task/aj.java
 com/tencent/mm/sdk/platformtools/Util.java
 com/lexun/sjgs/task/aa.java
 u/aly/fu.java
 com/tencent/open/a/c.java
 com/iflytek/ui/a/g.java
 com/lexun/message/lexunframeservice/control/m.java
 com/lexun/sjgs/task/u.java
 com/lexun/common/view/KeywordsFlow.java
 com/lexun/sjgs/task/bf.java
 com/lexun/sjgs/task/q.java
 com/lexun/message/message/MessageDetailActivity.java
 com/tencent/stat/common/StatCommonHelper.java
 com/lexun/common/j/d.java
 com/lexun/loginlib/b/c.java
 com/lexun/sjgs/task/ac.java
 com/lexun/sjgs/task/af.java
 com/lexun/sjgs/task/al.java
 com/lexun/sjgs/task/w.java
 com/umeng/analytics/l.java
 com/lexun/sjgs/task/o.java
 com/lexun/lxsystemmanager/e/l.java
 com/app/common/view/KeywordsFlow.java
 com/baidu/location/e/h.java
 com/lexun/sjgs/task/f.java
High
CVSS:5.9
App uses SQLite Database and execute raw SQL query. Untrusted user input in raw SQL queries can cause SQL Injection. Also sensitive information should be encrypted and written to the database.
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
M7: Client Code Quality
Files: 
 com/lexun/message/lexunframemessageback/a/i.java
 com/lexun/sjgs/net/f.java
 com/lexun/message/lexunframemessageback/a/c.java
 com/lexun/wallpaper/information/lxtc/setting/d/e.java
 com/lexun/download/manager/c/a.java
 com/lexun/message/lexunframemessageback/a/o.java
 com/lexun/login/utils/b.java
 com/lexun/sjgs/b/b.java
 com/lexun/sendtopic/b/b.java
 com/lexun/common/g/c.java
 com/lexun/message/lexunframemessageback/a/n.java
 com/lexun/message/lexunframemessageback/a/b.java
 com/baidu/location/c/j.java
 com/lexun/message/lexunframemessageback/a/h.java
 com/lexun/webview/history/a.java
 com/baidu/location/c/b.java
 com/lexun/sendtopic/b/c.java
 com/baidu/location/c/k.java
 com/lexun/message/lexunframemessageback/a/s.java
 com/lexun/sjgs/net/e.java
 com/lexun/sjgs/net/j.java
 com/lexun/message/frame/service/a/a.java
 com/baidu/location/c/q.java
 com/lexun/message/lexunframemessageback/a/d.java
 com/lexun/login/utils/LoginContentprovider.java
 com/tencent/stat/StatStore.java
 com/lexun/message/lexunframemessageback/a/g.java
 com/lexun/message/lexunframemessageback/a/m.java
 com/lexun/message/lexunframemessageback/a/j.java
 com/lexun/message/lexunframemessageback/a/p.java
 com/lexun/common/g/d.java
 com/lexun/message/lexunframemessageback/a/f.java
 com/lexun/message/lexunframemessageback/a/l.java
 com/lexun/message/frame/service/a/b.java
 com/lexun/download/manager/c/d.java
 com/lexun/update/a/b.java
 com/lexun/sendtopic/b/e.java
 com/baidu/location/c/a.java
 com/lexun/message/lexunframemessageback/a/q.java
 com/lexun/message/frame/service/a/c.java
 com/lexun/message/lexunframemessageback/a/a.java
 com/lexun/loginlib/a/h.java
 com/lexun/message/lexunframemessageback/a/k.java
 com/lexun/message/lexunframemessageback/a/e.java
 com/lexun/message/lexunframemessageback/a/r.java
 com/lexun/sjgs/net/d.java
 com/lexun/socketuploadfile/a/a.java
 com/lexun/wallpaper/information/lxtc/setting/d/a.java
 com/lexun/sjgslib/a/h.java
 com/lexun/socketuploadfile/a/c.java
 com/lexun/sjgs/net/bean/DBClientsList.java
 com/lexun/update/a/c.java
 com/lexun/sendtopic/b/a.java
 com/lexun/message/friendlib/cache/f.java
 com/tencent/open/a/b.java
High
CVSS:7.4
Files may contain hardcoded sensitive informations like usernames, passwords, keys etc.
MASVS: MSTG-STORAGE-14
CWE-312 Cleartext Storage of Sensitive Information
M9: Reverse Engineering
Files: 
 com/tencent/mm/sdk/plugin/MMPluginProviderConstants.java
 com/tencent/mm/sdk/conversation/RConversationStorage.java
 com/tencent/mm/sdk/platformtools/Util.java
 com/tencent/connect/common/Constants.java
 com/lexun/wallpaper/information/framework/c/e.java
 com/lexun/sjgslib/b/f.java
 com/tencent/mm/sdk/platformtools/KVConfig.java
 com/lexun/common/e/a/b.java
 com/lexun/romload/information/framework/c/e.java
 com/sina/weibo/sdk/utils/NetworkHelper.java
 com/lexun/sendtopic/e/e.java
 com/tencent/mm/sdk/platformtools/LocaleUtil.java
 com/tencent/mm/sdk/conversation/RConversation.java
 com/tencent/tauth/AuthActivity.java
 com/sina/weibo/sdk/constant/WBConstants.java
 com/tencent/mm/sdk/plugin/MMPluginAPIImpl.java
 com/lexun/sjgs/task/bj.java
 com/tencent/mm/sdk/openapi/ConstantsAPI.java
 com/lexun/sjgslib/b/k.java
 com/lexun/fleamarket/a/b.java
 com/tencent/stat/common/RC4.java
 com/baidu/lbsapi/auth/LBSAuthManager.java
 com/tencent/mm/sdk/contact/RContact.java
 com/tencent/mm/sdk/message/RMsgInfoStorage.java
 com/tencent/open/SocialConstants.java
 com/lexun/sjgslib/b/e.java
 com/lexun/common/bean/UserInfo.java
 com/lexun/common/bean/QQSDKLoginBean.java
High
CVSS:5.5
App creates temp file. Sensitive information should never be written into a temp file.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files: 
 com/lexun/message/chatroom/ChatRoomChatDetailAct.java
 com/lexun/message/group/GroupCardHostAct.java
 com/lexun/message/message/MessageDetailActivity.java
High
CVSS:7.4
MD5 is a weak hash known to have hash collisions.
MASVS: MSTG-CRYPTO-4
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
M5: Insufficient Cryptography
Files: 
 com/koushikdutta/async/http/ResponseCacheMiddleware.java
 com/lexun/lexungallery/c/e.java
 com/baidu/location/b/k.java
 com/baidu/mapapi/map/BitmapDescriptor.java
 com/baidu/mapapi/map/Marker.java
 com/nostra13/universalimageloader/a/a/b/c.java
 com/baidu/android/bbalbs/common/a/c.java
 com/umeng/analytics/l.java
 com/tencent/utils/SystemUtils.java
 com/sina/weibo/sdk/utils/MD5.java
 com/lexun/common/j/u.java
 com/tencent/weiyun/FileManager.java
 com/lexun/lxsystemmanager/d/h.java
 com/iflytek/msc/f/f.java
 u/aly/fz.java
 com/baidu/location/f/a/c.java
 com/tencent/a/b/j.java
 com/lexun/socketuploadfile/b/a.java
 com/tencent/utils/Util.java
 com/tencent/mm/algorithm/MD5.java
 com/tencent/stat/common/StatCommonHelper.java
Medium
CVSS:4.3
IP Address disclosure
MASVS: MSTG-CODE-2
CWE-200 Information Exposure
Files: 
 com/baidu/lbsapi/auth/f.java
 com/lexun/sjgs/a/dw.java
 com/baidu/lbsapi/auth/c.java
 com/koushikdutta/async/k.java
 com/umeng/analytics/a.java
 com/lexun/sjgs/a/dg.java
 com/baidu/location/b/d.java
 com/baidu/location/c/d.java
 com/baidu/platform/comapi/util/c.java
 com/lexun/common/e/a/b.java
 com/lexun/sjgs/c/t.java
 com/lexun/sjgs/c/h.java
 com/baidu/location/b/m.java
 u/aly/in.java
 com/tencent/stat/common/StatCommonHelper.java
High
CVSS:5.9
SHA-1 is a weak hash known to have hash collisions.
MASVS: MSTG-CRYPTO-4
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
M5: Insufficient Cryptography
Files: 
 com/tencent/weiyun/FileManager.java
 com/baidu/platform/comapi/util/a.java
 com/baidu/lbsapi/auth/b.java
 com/baidu/location/b/j.java
 com/lexun/loginlib/c/b.java
High
CVSS:4.3
Hidden elements in view can be used to hide data from user. But this data can be leaked
MASVS: MSTG-STORAGE-7
CWE-919 - Weaknesses in Mobile Applications
M1: Improper Platform Usage
Files: 
 com/lexun/login/ae.java
High
CVSS:7.4
Insecure Implementation of SSL. Trusting all the certificates or accepting self signed certificates is a critical Security Hole. This application is vulnerable to MITM attacks
MASVS: MSTG-NETWORK-3
CWE-295 Improper Certificate Validation
M3: Insecure Communication
Files: 
 com/baidu/lbsapi/auth/f.java
 com/baidu/lbsapi/auth/c.java
 com/sina/weibo/sdk/net/HttpManager.java
 com/baidu/location/b/m.java
Info
CVSS:0
This App uses SSL certificate pinning to detect or prevent MITM attacks in secure communication channel.
MASVS: MSTG-NETWORK-4
Files: 
 com/koushikdutta/async/j.java
 com/baidu/lbsapi/auth/f.java
 com/baidu/lbsapi/auth/c.java
 com/sina/weibo/sdk/net/HttpManager.java
 com/baidu/location/b/m.java
 com/tencent/utils/HttpUtils.java
Low
CVSS:0
This App copies data to clipboard. Sensitive data should not be copied to clipboard as other applications can access it.
MASVS: MSTG-STORAGE-10
Files: 
 com/lexun/share/k.java
 com/lexun/share/l.java
Pygal China: 5400 Germany: 400 Hong Kong: 1100 Netherlands: 100 Russian Federation: 100 United States: 300

Map computed by Pithus.

Domains analysis

Information computed with MobSF.

CN bl.lexun.cn 47.107.122.10
HK graph.qq.com 203.205.253.150
CN comservice.lexun.com 47.107.122.10
CN client.anall.cn 183.240.30.3
CN www.myapp.com 203.205.235.63
CN openmobile.qq.com 203.205.239.162
CN lstest.map.soso.com 125.39.120.62
HK fusion.qq.com 203.205.254.103
DE login.lexun.com 185.232.59.133
CN wap.lexun.com 139.159.226.209
DE vector0.map.bdimg.com 185.10.104.115
CN zone.lexun.com 139.159.226.209
CN lexun.com 139.159.226.209
HK ls.map.soso.com 124.156.189.176
CN msg.lexun.com 139.159.226.209
CN newvector.map.baidu.com 14.215.177.115
CN app.sina.cn 39.156.6.144
CN clientsj.lexun.cn 47.107.122.10
NL mta.oa.com 193.123.33.15
CN t.cn 47.95.48.149
wspeed.qq.com
lba.baidu.com
US ringdroid.appspot.com 142.250.74.212
HK open.weibo.cn 114.134.80.166
CN act.lexun.com 139.159.226.209
CN player.youku.com 106.11.40.57
CN wp.map.baidu.com 112.34.116.1
HK api.map.baidu.com 103.235.46.245
CN sv0.map.bdimg.com 112.34.116.10
CN sapi.map.baidu.com 180.97.33.141
CN sjgs.lexun.com 139.159.232.222
HK client.map.baidu.com 103.235.47.88
US sapi.skyhookwireless.com 52.53.54.250
DE alog.umeng.com 8.211.36.31
HK qzs.qq.com 203.205.137.76
CN www.kuaipan.cn 47.107.13.37
HK cgi.connect.qq.com 203.205.254.62
HK appact.qzone.qq.com 203.205.219.229
CN clienterror.lexun.com 139.159.226.209
CN yunpan.cn 36.110.213.149
RU ishare.iask.sina.com.cn 79.133.177.225
CN c.lexun.com 139.159.226.209
CN fbbs.lexun.com 139.159.226.209
CN pingma.qq.com 119.45.78.184
CN yun.baidu.com 220.181.111.91
CN webpresence.qq.com 203.205.239.181
CN sjgs3.lexun.cn 139.159.210.216
CN sj.lexun.cn 139.159.232.222
CN oc.umeng.com 203.119.128.55
CN itsdata.map.baidu.com 112.34.111.228
CN vdisk.weibo.com 14.152.72.122
CN kuai.xunlei.com 47.98.65.156
oc.umeng.co
alog.umeng.co
DE d1.client.map.bdimg.com 185.10.104.115
CN its.map.baidu.com 180.97.33.101
CN g.lexun.com 139.159.226.209
CN clientsc.lexun.cn 47.107.122.10
CN www.6v.com 120.24.170.31
US skyhookwireless.com 96.45.83.226
CN dev.voicecloud.cn 59.107.24.11
CN mta.qq.com 111.161.14.94