0/60

Threat

com.samsung.android.setting.multisound

Separate app sound

Analyzed on 2022-01-21T13:49:07.760589

6

permissions

1

activities

0

services

0

receivers

0

domains

File sums

MD5 f60b09f1ccb3588176b0c138489b4ce5
SHA1 a83127b959ba6c9f88c367d30dcbefd8cceadbe0
SHA256 83109a9c29ebaf220ee8509ae6185d880bb5c8bf1b8003035893a596bd07ad80
Size 2.29MB

APKiD

Information computed with APKiD.

/tmp/tmpuv8c2dgj!classes.dex
compiler
  • dx

SSdeep

Information computed with ssdeep.

APK file 49152:vDRM0uVDvoMUKuurI4a3GXT3HHFmnhRRQStNI:7RkUKut2HFmZQh
Manifest 96:yB8U1VBerTPTPps6sEsvtsg1svCFClSqL5DrLwNz4Gpx:yBXBePLxJkpmCFClSwGNpx
classes.dex 12288:Ga19y2H1guN2jnKQReO/s0T/45A2T9NnJ8uTC6Kt97Vvwg3hdRB5E1k+IK81tH1…

Dexofuzzy

Information computed with Dexofuzzy.

APK file 96:59APVUI5qKa6WAYmC01z2g1BNQfk6TqzogSfoQm0X9YFTSZnlc:0PVUI5qKFcmCEqg…
classes.dex 96:59APVUI5qKa6WAYmC01z2g1BNQfk6TqzogSfoQm0X9YFTSZnlc:0PVUI5qKFcmCEqg…

APK details

Information computed with AndroGuard and Pithus.

Package com.samsung.android.setting.multisound
App name Separate app sound
Version name 1.0.00.18
Version code 100018000
SDK 26 - 28
UAID 7d397e3f270e0cc31621880b7c66b8a4f1ccdfd1
Signature Signature V1 Signature V2
Frosting Not frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown

Certificate details

Information computed with AndroGuard.

MD5 d087e72912fba064cafa78dc34aea839
SHA1 9ca5170f381919dfe0446fcdab18b19a143b3163
SHA256 34df0e7a9f1cf1892e45c056b4973cd81ccf148a4050d11aea4ac5a65f900a42
Issuer Email Address: android.os@samsung.com, Common Name: Samsung Cert, Organizational Unit: DMC, Organization: Samsung Corporation, Locality: Suwon City, State/Province: South Korea, Country: KR
Not before 2011-06-22T12:25:12+00:00
Not after 2038-11-07T12:25:12+00:00

File Analysis

Information computed with MobSF.

Findings Files
Certificate/Key files hardcoded inside the app. SEC-INF/buildConfirm.crt

Manifest analysis

Information computed with MobSF.

Medium Application Data can be Backed up[android:allowBackup=true]
This flag allows anyone to backup your application data via adb. It allows users who have enabled USB debugging to copy application data off of the device.

Activities

Information computed with AndroGuard.

com.samsung.android.setting.multisound.MultiSoundSettingsActivity

Sample timeline

Oldest file found in APK Jan. 1, 2009, midnight
Latest file found in APK Jan. 1, 2009, midnight
Certificate valid not before June 22, 2011, 12:25 p.m.
First submission on VT April 27, 2021, 3:59 a.m.
Last submission on VT April 27, 2021, 3:59 a.m.
Upload on Pithus Jan. 21, 2022, 1:49 p.m.
Certificate valid not after Nov. 7, 2038, 12:25 p.m.

NIAP analysis

Information computed with MobSF.

FCS_RBG_EXT.1.1 The application use no DRBG functionality for its cryptographic operations.
Random Bit Generation Services
FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['bluetooth'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to no sensitive information repositories.
Access to Platform Resources
FDP_NET_EXT.1.1 The application has no network communications.
Network Communications
FDP_DAR_EXT.1.1 The application does not encrypt files in non-volatile memory.
Encryption Of Sensitive Application Data
FMT_MEC_EXT.1.1 The application invoke the mechanisms recommended by the platform vendor for storing and setting configuration options.
Supported Configuration Mechanism
FTP_DIT_EXT.1.1 The application does not encrypt any data in traffic or does not transmit any data between itself and another trusted IT product.
Protection of Data in Transit

Code analysis

Information computed with MobSF.

Low
CVSS:7.5
The App logs information. Sensitive information should never be logged.
MASVS: MSTG-STORAGE-3
CWE-532 Insertion of Sensitive Information into Log File
Files:
 com/samsung/android/setting/multisound/SelectAppFragment.java
com/samsung/android/setting/multisound/d.java
com/samsung/android/setting/multisound/b.java
com/samsung/android/setting/multisound/e.java
com/samsung/android/setting/multisound/a.java

Permissions analysis

Information computed with MobSF.

High android.permission.WRITE_SETTINGS modify global system settings
Allows an application to modify the system's settings data. Malicious applications can corrupt your system's configuration.
Low android.permission.BLUETOOTH create Bluetooth connections
Allows applications to connect to paired bluetooth devices.
Low android.permission.BLUETOOTH_ADMIN bluetooth administration
Allows applications to discover and pair bluetooth devices.
Low android.permission.MODIFY_AUDIO_SETTINGS change your audio settings
Allows application to modify global audio settings, such as volume and routing.
Medium android.permission.WRITE_SECURE_SETTINGS modify secure system settings
Allows an application to modify the system's secure settings data. Not for use by common applications.
Medium android.permission.MODIFY_PHONE_STATE modify phone status
Allows the application to control the phone features of the device. An application with this permission can switch networks, turn the phone radio on and off and the like, without ever notifying you.

Threat analysis

Information computed with Quark-Engine.

Confidence:
100%
Load external class
Confidence:
100%
Find a method from given class name, usually for reflection
Confidence:
100%
Method reflection
Confidence:
100%
Load class from given class name
Confidence:
100%
Read sensitive data(SMS, CALLLOG, etc)
Confidence:
100%
Monitor the broadcast action events (BOOT_COMPLETED)
Confidence:
100%
Get last known location of the device
Confidence:
100%
Get location of the device
Confidence:
100%
Method reflection
Confidence:
100%
Get the time of current location
Confidence:
100%
Initialize class object dynamically
Confidence:
80%
Get calendar information
Confidence:
80%
Get resource file from res/raw directory

Behavior analysis

Information computed with MobSF.

Get installed applications
       com/samsung/android/setting/multisound/a.java
Get system service
       com/samsung/android/setting/multisound/widget/SASButtonPreference.java
com/samsung/android/setting/multisound/d.java
com/samsung/android/setting/multisound/c.java
com/samsung/android/setting/multisound/b.java
com/samsung/android/setting/multisound/e.java
com/samsung/android/setting/multisound/widget/RadioPreference.java
Inter process communication
       com/samsung/android/setting/multisound/b.java
com/samsung/android/setting/multisound/a.java
Sending broadcast
       com/samsung/android/setting/multisound/b.java

Control flow graphs analysis

Information computed by Pithus.

The application probably gets the location based on GPS and/or Wi-Fi

The application probably listens accessibility events