Moderate Risk

Threat level

com.samsung.android.app.cocktailbarservice

Edge panels

Analyzed on 2021-12-30T14:16:15.484021

80

permissions

14

activities

5

services

4

receivers

8

domains

File sums

MD5 a8a0a2674dfab36cb4feb00b5fdc6b40
SHA1 2e634d79d45c326a0662ada99f5edd7eaff084e8
SHA256 8b7290a0359791ac259114c106c337c854fc49e0f9a2cacf73321fce1ab6e1d7
Size 8.49MB

APKiD

Information computed with APKiD.

/tmp/tmp5ukmgjs5!classes.dex
yara_issue
  • yara issue - dex file recognized by apkid but not yara module
anti_vm
  • Build.FINGERPRINT check
  • Build.MANUFACTURER check
  • possible Build.SERIAL check
compiler
  • unknown (please file detection issue!)

SSdeep

Information computed with ssdeep.

APK file 98304:B9orx/dgzbMG+9/LBK62KGddRe4uwYmtUxjKnrEEVJaLUnFPWmML:BWrFdprLXjmtceJY3L
Manifest 768:myMOQv4PiqBvo/RuPQTP/UaJ9NPA91yyOBAfMYklWDLpkXAKguJorEv/cKmpgqNs:…
classes.dex 49152:RiR/o376rU/dgQeme/zzqmyw059HBKHE79//Il57KtDFADX0K62KrqJjdRwcBS4…

Dexofuzzy

Information computed with Dexofuzzy.

classes.dex None

APK details

Information computed with AndroGuard and Pithus.

Package com.samsung.android.app.cocktailbarservice
App name Edge panels
Version name 7.1.36.0
Version code 713607000
SDK 28 - 29
UAID c6c2b335db542700ee7feed402a71f4ec361ce23
Signature Signature V1 Signature V2
Frosting Not frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown

Certificate details

Information computed with AndroGuard.

MD5 d087e72912fba064cafa78dc34aea839
SHA1 9ca5170f381919dfe0446fcdab18b19a143b3163
SHA256 34df0e7a9f1cf1892e45c056b4973cd81ccf148a4050d11aea4ac5a65f900a42
Issuer Email Address: android.os@samsung.com, Common Name: Samsung Cert, Organizational Unit: DMC, Organization: Samsung Corporation, Locality: Suwon City, State/Province: South Korea, Country: KR
Not before 2011-06-22T12:25:12+00:00
Not after 2038-11-07T12:25:12+00:00

File Analysis

Information computed with MobSF.

Findings Files
Certificate/Key files hardcoded inside the app. SEC-INF/buildConfirm.crt

Manifest analysis

Information computed with MobSF.

Low App has a Network Security Configuration[android:networkSecurityConfig=@xml/network_security_config]
The Network Security Configuration feature lets apps customize their network security settings in a safe, declarative configuration file without modifying app code. These settings can be configured for specific domains and for a specific app.
Low Service (com.samsung.android.app.cocktailbarservice.CocktailBarService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.samsung.android.app.cocktailbarservice.permission.EDGE_ENABLE
protectionLevel: signatureOrSystem [android:exported=true]
A Service is found to be exported, but is protected by a permission. However, the protection level of the permission is set to signatureOrSystem. It is recommended that signature level is used instead. Signature level should suffice for most purposes, and does not depend on where the applications are installed on the device.
High Activity (com.samsung.android.app.cocktailbarservice.cocktailsettings.EdgeScreenSettingsMain) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.samsung.android.app.cocktailbarservice.cocktailsettings.HandleSettings) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.samsung.android.app.cocktailbarservice.cocktailsettings.OpenSourceLicense) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.samsung.android.app.cocktailbarservice.cocktailsettings.OpenSourceLicenseForB2B) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.samsung.android.app.cocktailbarservice.cocktailsettings.OpenSourceLicenseList) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.samsung.android.app.cocktailbarservice.cocktailsettings.EdgePanels) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.samsung.android.app.cocktailbarservice.cocktailsettings.ReorderPanels) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.samsung.android.app.cocktailbarservice.cocktailsettings.UninstallPanels) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.samsung.android.app.cocktailbarservice.cocktailsettings.HideContentOnLockScreen) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
Low Activity (com.samsung.android.app.cocktailbarservice.cocktailsettings.SplashEdgeSetting) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.samsung.android.app.cocktailbarservice.permission.ENABLE_EDGE_PANEL
protectionLevel: signatureOrSystem [android:exported=true]
An Activity is found to be exported, but is protected by a permission. However, the protection level of the permission is set to signatureOrSystem. It is recommended that signature level is used instead. Signature level should suffice for most purposes, and does not depend on where the applications are installed on the device.
High Activity (com.samsung.android.app.cocktailbarservice.cocktailsettings.search.PanelSearchActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.samsung.android.app.cocktailbarservice.routine.EdgePanelRoutineSetting) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Content Provider (com.samsung.android.app.cocktailbarservice.routine.EdgePanelRoutineProvider) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.WRITE_SECURE_SETTINGS [android:exported=true]
A Content Provider is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (com.samsung.android.app.cocktailbarservice.backup.CocktailBarBRReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.wssnps.permission.COM_WSSNPS [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (com.samsung.android.app.cocktailbarservice.settings.ResetReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.sec.android.settings.permission.SOFT_RESET [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (com.samsung.android.app.cocktailbarservice.settings.RetailResetReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.samsung.sea.retailagent.permission.RETAILMODE [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.samsung.android.app.cocktailbarservice.badge.NotificationListener) is not Protected.An intent-filter exists.
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Service is explicitly exported.
High Content Provider (com.samsung.android.app.cocktailbarservice.badge.BadgeContentProvider) is not Protected. [android:exported=true]
A Content Provider is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Content Provider (com.samsung.android.app.cocktailbarservice.settings.EdgeSALoggingProvider) is not Protected. [android:exported=true]
A Content Provider is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
Low Content Provider (com.samsung.android.app.cocktailbarservice.bixby.EdgeBixbyProvider) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.samsung.android.app.cocktailbarservice.permission.BIXBY_PROVIDER
protectionLevel: signatureOrSystem [android:exported=true]
A Content Provider is found to be exported, but is protected by a permission. However, the protection level of the permission is set to signatureOrSystem. It is recommended that signature level is used instead. Signature level should suffice for most purposes, and does not depend on where the applications are installed on the device.
High Service (com.samsung.android.sdk.bixby.BixbyAppService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.samsung.android.bixby.agent.permission.APP_SERVICE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Content Provider (com.samsung.android.app.cocktailbarservice.settings.SettingsSearchProvider) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.READ_SEARCH_INDEXABLES [android:exported=true]
A Content Provider is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Content Provider (com.samsung.android.app.cocktailbarservice.settings.EdgeSettingProvider) is not Protected. [android:exported=true]
A Content Provider is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
Low Content Provider (com.samsung.android.app.cocktailbarservice.history.CocktailProvider) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.samsung.android.app.cocktailbarservice.permission.ACCESS_PANEL
protectionLevel: signatureOrSystem [android:exported=true]
A Content Provider is found to be exported, but is protected by a permission. However, the protection level of the permission is set to signatureOrSystem. It is recommended that signature level is used instead. Signature level should suffice for most purposes, and does not depend on where the applications are installed on the device.
Low Content Provider (com.samsung.android.app.cocktailbarservice.settings.PanelInfoManagerProvider) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.samsung.android.app.cocktailbarservice.permission.ACCESS_PANEL
protectionLevel: signatureOrSystem [android:exported=true]
A Content Provider is found to be exported, but is protected by a permission. However, the protection level of the permission is set to signatureOrSystem. It is recommended that signature level is used instead. Signature level should suffice for most purposes, and does not depend on where the applications are installed on the device.
Low Content Provider (com.samsung.android.app.cocktailbarservice.settings.PanelManagerProvider) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.samsung.android.app.cocktailbarservice.permission.ACCESS_PANEL
protectionLevel: signatureOrSystem [android:exported=true]
A Content Provider is found to be exported, but is protected by a permission. However, the protection level of the permission is set to signatureOrSystem. It is recommended that signature level is used instead. Signature level should suffice for most purposes, and does not depend on where the applications are installed on the device.
Low Content Provider (com.samsung.android.app.cocktailbarservice.settings.CheckForUpdateProvider) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.samsung.android.app.cocktailbarservice.permission.ACCESS_PANEL
protectionLevel: signatureOrSystem [android:exported=true]
A Content Provider is found to be exported, but is protected by a permission. However, the protection level of the permission is set to signatureOrSystem. It is recommended that signature level is used instead. Signature level should suffice for most purposes, and does not depend on where the applications are installed on the device.
High Content Provider (com.samsung.android.sdk.bixby2.provider.CapsuleProvider) is not Protected. [android:exported=true]
A Content Provider is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.

Activities

Information computed with AndroGuard.

com.samsung.android.app.cocktailbarservice.cocktailsettings.EdgeScreenSettingsMain
com.samsung.android.app.cocktailbarservice.cocktailsettings.HandleSettings
com.samsung.android.app.cocktailbarservice.cocktailsettings.CheckUpdate
com.samsung.android.app.cocktailbarservice.cocktailsettings.OpenSourceLicense
com.samsung.android.app.cocktailbarservice.cocktailsettings.OpenSourceLicenseForB2B
com.samsung.android.app.cocktailbarservice.cocktailsettings.OpenSourceLicenseList
com.samsung.android.app.cocktailbarservice.cocktailsettings.EdgePanels
com.samsung.android.app.cocktailbarservice.cocktailsettings.ReorderPanels
com.samsung.android.app.cocktailbarservice.cocktailsettings.UninstallPanels
com.samsung.android.app.cocktailbarservice.cocktailsettings.HideContentOnLockScreen
com.samsung.android.app.cocktailbarservice.cocktailsettings.SplashEdgeSetting
com.samsung.android.app.cocktailbarservice.cocktailsettings.search.PanelSearchActivity
com.samsung.android.app.cocktailbarservice.routine.EdgePanelRoutineSetting
com.samsung.android.app.cocktailbarservice.CocktailBarPermissionActivity

Receivers

Information computed with AndroGuard.

com.samsung.android.app.cocktailbarservice.backup.CocktailBarBRReceiver
com.samsung.android.app.cocktailbarservice.settings.ResetReceiver
com.samsung.android.app.cocktailbarservice.settings.RetailResetReceiver
com.samsung.android.app.cocktailbarservice.CocktailBarReceiver

Services

Information computed with AndroGuard.

com.samsung.android.app.cocktailbarservice.CocktailBarService
com.samsung.android.app.cocktailbarservice.CocktailBarForegroundService
com.samsung.android.app.cocktailbarservice.badge.NotificationListener
com.samsung.android.sdk.bixby.BixbyAppService
com.sec.android.diagmonagent.log.ged.scheduler.GEDJobService

NIAP analysis

Information computed with MobSF.

FCS_RBG_EXT.1.1 The application invoke platform-provided DRBG functionality for its cryptographic operations.
Random Bit Generation Services
FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['network connectivity'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to no sensitive information repositories.
Access to Platform Resources
FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Network Communications
FDP_DAR_EXT.1.1 The application implement functionality to encrypt sensitive data in non-volatile memory.
Encryption Of Sensitive Application Data
FMT_MEC_EXT.1.1 The application invoke the mechanisms recommended by the platform vendor for storing and setting configuration options.
Supported Configuration Mechanism
FTP_DIT_EXT.1.1 The application does encrypt some transmitted data with HTTPS/TLS/SSH between itself and another trusted IT product.
Protection of Data in Transit
FCS_RBG_EXT.2.1
FCS_RBG_EXT.2.2
The application perform all deterministic random bit generation (DRBG) services in accordance with NIST Special Publication 800-90A using Hash_DRBG. The deterministic RBG is seeded by an entropy source that accumulates entropy from a platform-based DRBG and a software-based noise source, with a minimum of 256 bits of entropy at least equal to the greatest security strength (according to NIST SP 800-57) of the keys and hashes that it will generate.
Random Bit Generation from Application
FCS_CKM.1.1(3)
FCS_CKM.1.2(3)
A password/passphrase shall perform [Password-based Key Derivation Functions] in accordance with a specified cryptographic algorithm..
Password Conditioning
FCS_COP.1.1(1) The application perform encryption/decryption in accordance with a specified cryptographic algorithm AES-CBC (as defined in NIST SP 800-38A) mode or AES-GCM (as defined in NIST SP 800-38D) and cryptographic key sizes 256-bit/128-bit.
Cryptographic Operation - Encryption/Decryption
FCS_COP.1.1(2) The application perform cryptographic hashing services in accordance with a specified cryptographic algorithm SHA-1/SHA-256/SHA-384/SHA-512 and message digest sizes 160/256/384/512 bits.
Cryptographic Operation - Hashing
FCS_HTTPS_EXT.1.1 The application implement the HTTPS protocol that complies with RFC 2818.
HTTPS Protocol
FCS_HTTPS_EXT.1.2 The application implement HTTPS using TLS.
HTTPS Protocol
FIA_X509_EXT.2.1 The application use X.509v3 certificates as defined by RFC 5280 to support authentication for HTTPS , TLS.
X.509 Certificate Authentication
FCS_CKM.1.1(2) The application shall generate symmetric cryptographic keys using a Random Bit Generator as specified in FCS_RBG_EXT.1 and specified cryptographic key sizes 128 bit or 256 bit.
Cryptographic Symmetric Key Generation

Code analysis

Information computed with MobSF.

Low
CVSS:7.5
The App logs information. Sensitive information should never be logged.
MASVS: MSTG-STORAGE-3
CWE-532 Insertion of Sensitive Information into Log File
Files:
 com/samsung/android/app/cocktailbarservice/ui/view/PanelDescriptionView.java
com/samsung/android/app/cocktailbarservice/ui/panelcontainer/AbstractCocktailPanelContainer.java
com/samsung/android/app/cocktailbarservice/manager/CocktailBarPanelManager.java
com/sec/android/diagmonagent/log/ged/util/DeviceUtils.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/fragment/HandleSettingFragment.java
com/samsung/android/app/cocktailbarservice/history/CocktailProvider.java
com/sec/android/diagmonagent/log/ged/db/DataController.java
com/samsung/context/sdk/samsunganalytics/internal/util/Debug.java
com/samsung/android/app/cocktailbarservice/reflection/samsung/SemAbsCocktailLoadablePanelReflection.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/SplashEdgeSetting.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/search/HistoryProvider.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/widget/RadioPreference.java
com/samsung/android/app/cocktailbarservice/history/CocktailDBHelper.java
com/samsung/android/app/cocktailbarservice/ui/PanelAllowList.java
com/samsung/android/sdk/cover/CoverListenerDelegate.java
com/samsung/android/app/cocktailbarservice/routine/EdgePanelRoutineSetting.java
com/samsung/android/app/cocktailbarservice/manager/CocktailBarDeviceStateManager.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/fragment/EdgeScreenSettingsMainFragment.java
com/samsung/android/sdk/cover/ScoverManager.java
com/samsung/android/app/cocktailbarservice/reflection/AbstractStubReflection.java
com/samsung/android/app/cocktailbarservice/backup/CocktailBarBRReceiver.java
com/sec/android/diagmonagent/dma/aperf/utils/aPerfUtil.java
com/samsung/android/app/cocktailbarservice/util/CocktailContextUtils.java
com/sec/android/diagmonagent/log/ged/scheduler/GEDScheduler.java
com/samsung/android/app/cocktailbarservice/reflection/AbstractProxyReflection.java
com/sec/android/diagmonagent/log/ged/servreinterface/model/client/TokenClient.java
com/sec/android/diagmonagent/log/provider/utils/DiagMonUtil.java
com/samsung/android/app/cocktailbarservice/ui/view/RefreshLayout.java
com/samsung/android/app/cocktailbarservice/reflection/samsung/RefLoadablePanelPanelListenerProxy.java
com/samsung/android/app/cocktailbarservice/backup/CocktailBarBRThread.java
com/sec/android/diagmonagent/dma/aperf/utils/aPerfValidation.java
com/samsung/android/app/cocktailbarservice/ui/view/OutTouchControlView.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/CheckUpdate.java
com/samsung/android/app/cocktailbarservice/settings/SettingsSearchProvider.java
com/samsung/android/sepunion/SemGoodCatchManager.java
com/sec/android/diagmonagent/log/provider/newLogProvider.java
com/sec/android/diagmonagent/log/provider/DiagMonConfig.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/widget/RoundedCornerRelativeLayout.java
com/sec/android/diagmonagent/log/provider/threadExecutor/EventReportExecutor.java
com/sec/android/diagmonagent/log/ged/db/dao/ResultDao.java
com/sec/android/diagmonagent/log/provider/DiagMonLogger.java
com/airbnb/lottie/utils/LogcatLogger.java
com/samsung/android/app/cocktailbarservice/manager/CocktailBarPositionManager.java
com/sec/android/diagmonagent/log/provider/EventBuilder.java
com/samsung/android/app/cocktailbarservice/ui/handler/HandlerDragView.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/widget/LottieViewPagerAdapter.java
com/samsung/android/app/cocktailbarservice/history/CocktailProviderManager.java
com/sec/android/diagmonagent/log/ged/servreinterface/model/client/DiagmonClient.java
com/sec/android/diagmonagent/log/provider/threadExecutor/AppPerfReportExecutor.java
com/sec/android/diagmonagent/log/ged/util/ParsingUtils.java
com/sec/android/diagmonagent/log/ged/util/RestUtils.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/search/HistoryView.java
com/sec/android/diagmonagent/log/provider/threadExecutor/ANRExecutor.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/EdgePanels.java
com/sec/android/diagmonagent/log/ged/scheduler/GEDJobService.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/widget/RelativeLinkPreference.java
com/samsung/android/app/cocktailbarservice/controller/traystate/TrayStateFullWindow.java
com/samsung/android/sdk/cover/LegacyLedSystemEventListenerDelegate.java
com/samsung/android/app/cocktailbarservice/CocktailBarReceiver.java
com/samsung/android/app/cocktailbarservice/manager/CocktailBarSAManager.java
com/samsung/android/app/cocktailbarservice/controller/traystate/TraySpecificModeController.java
com/sec/android/diagmonagent/log/ged/servreinterface/controller/DiagmonApiManager.java
com/samsung/android/app/cocktailbarservice/controller/traystate/TrayVisibilityController.java
com/samsung/android/app/cocktailbarservice/reflection/AbstractBaseReflection.java
com/samsung/android/sdk/bixby/BixbyApi.java
com/samsung/android/app/cocktailbarservice/util/image/ImageLoader.java
com/samsung/android/app/cocktailbarservice/routine/EdgePanelRoutineProvider.java
com/samsung/android/app/cocktailbarservice/settings/ResetReceiver.java
com/samsung/android/sdk/bixby2/LogUtil.java
com/sec/android/diagmonagent/log/provider/DiagMonSDK.java
com/samsung/android/app/cocktailbarservice/ui/handler/AbstractHandleDragViewState.java
com/samsung/android/sdk/bixby/BixbyAppService.java
com/samsung/android/app/cocktailbarservice/galaxyapps/CheckForUpdates.java
com/samsung/android/app/cocktailbarservice/Feature.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/widget/ImageTextView.java
com/samsung/android/app/cocktailbarservice/controller/CocktailBarUiController.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/search/ContrastTextView.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/PanelImageLruCache.java
com/samsung/android/app/cocktailbarservice/backup/GenerateXML.java
com/samsung/android/app/cocktailbarservice/controller/traystate/TrayStateController.java
com/sec/android/diagmonagent/log/ged/util/PreferenceUtils.java
com/samsung/context/sdk/samsunganalytics/internal/sender/buffering/database/DbManager.java
com/samsung/android/app/cocktailbarservice/CocktailBarForegroundService.java
com/sec/android/diagmonagent/log/provider/threadExecutor/ServiceRegistrationExecutor.java
com/sec/android/diagmonagent/log/ged/util/ValidationUtils.java
com/samsung/android/app/cocktailbarservice/CocktailBarService.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/widget/ImageTextViewSpan.java
com/samsung/android/app/cocktailbarservice/ui/view/CocktailBarTriggerContainerView.java
com/samsung/android/app/cocktailbarservice/controller/traystate/TrayStateTrigger.java
com/airbnb/lottie/PerformanceTracker.java
com/samsung/android/app/cocktailbarservice/ui/panelcontainer/AbstractPanelAdapter.java
com/samsung/android/app/cocktailbarservice/bixby/EmEdgeManager.java
com/samsung/android/app/cocktailbarservice/manager/CocktailBarApplication.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/search/PanelSearchActivity.java
com/samsung/android/app/cocktailbarservice/manager/CocktailBarSettingsManagerUtils.java
com/samsung/android/sdk/bixby/CommandHandlerRunnable.java
com/sec/android/diagmonagent/log/provider/utils/ZipHelper.java
com/sec/android/diagmonagent/log/ged/db/dao/ServiceDao.java
com/samsung/android/sepunion/Log.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/UninstallPanels.java
com/sec/android/diagmonagent/log/ged/db/dao/EventDao.java
com/samsung/android/sepunion/SemDeviceInfoManager.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/fragment/HideContentOnLockScreenFragment.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/widget/ViewPagerAdapter.java
com/samsung/android/app/cocktailbarservice/badge/NotificationListener.java
com/samsung/android/app/cocktailbarservice/galaxyapps/SearchEngineGalaxyApps.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/widget/ColorSelectorPreference.java
com/samsung/android/app/cocktailbarservice/manager/CocktailBarPanelInfoManager.java
com/samsung/android/app/cocktailbarservice/controller/traystate/AbstractTrayState.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/search/HistoryDbOpenHelper.java
com/samsung/android/app/cocktailbarservice/manager/DumpManager.java
com/samsung/android/app/cocktailbarservice/manager/CocktailBarPanelVisibilityManager.java
com/samsung/android/app/cocktailbarservice/manager/CocktailBarSettingsObserver.java
com/samsung/android/app/cocktailbarservice/utils/TalkBackUtil.java
com/samsung/android/app/cocktailbarservice/ui/panel/AbstractCocktailPanelView.java
com/samsung/android/app/cocktailbarservice/badge/BadgeContentProvider.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/OpenSourceLicenseList.java
com/samsung/android/app/cocktailbarservice/ui/CocktailPanelFactory.java
com/samsung/android/app/cocktailbarservice/ui/view/CocktailBarContainerView.java
com/samsung/android/app/cocktailbarservice/backup/BRUtils.java
com/sec/android/diagmonagent/log/ged/servreinterface/model/client/FileUploadClient.java
com/samsung/android/app/cocktailbarservice/util/image/ImageLruCache.java
com/samsung/android/sepunion/ExclusiveTaskManager.java
com/samsung/android/sepunion/SemUnionManager.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/fragment/AboutEdgeScreenFragment.java
com/samsung/android/app/cocktailbarservice/settings/CocktailSettingHelper.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/HandleSettings.java
com/sec/android/diagmonagent/common/logger/AppLogData.java
com/samsung/android/app/cocktailbarservice/utils/Utils.java
com/samsung/android/app/cocktailbarservice/utils/DeviceColorMonitor.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/providerutils/SettingProviderUtils.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/LaunchUtils.java
com/samsung/android/app/cocktailbarservice/ui/CocktailBarGestureDetector.java
com/samsung/android/app/cocktailbarservice/util/CocktailUtils.java
com/samsung/android/app/cocktailbarservice/utils/PopupUtils.java
com/samsung/android/app/cocktailbarservice/ui/anim/CocktailPanelSlider.java
com/samsung/android/app/cocktailbarservice/util/image/UriLoaderIcon.java
com/samsung/android/settings/search/provider/SearchIndexablesProvider.java
com/airbnb/lottie/LottieAnimationView.java
com/samsung/android/app/cocktailbarservice/ui/panel/AbstractRemotePanelView.java
com/samsung/android/app/cocktailbarservice/settings/RetailResetReceiver.java
com/samsung/android/app/cocktailbarservice/ui/panelcontainer/GeneralPositionPanelContainer.java
com/samsung/android/app/cocktailbarservice/controller/traystate/InjectorReflection.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/EdgeScreenSettingsMain.java
com/samsung/android/app/cocktailbarservice/bixby/EdgeBixbyProvider.java
com/samsung/android/app/cocktailbarservice/ui/blur/BlurredCaptureStorage.java
com/sec/android/diagmonagent/common/logger/AppLog.java
com/sec/android/diagmonagent/log/provider/utils/Validator.java
High
CVSS:7.5
The App uses an insecure Random Number Generator.
MASVS: MSTG-CRYPTO-6
CWE-330 Use of Insufficiently Random Values
M5: Insufficient Cryptography
Files:
 okio/Options.java
High
CVSS:5.9
App uses SQLite Database and execute raw SQL query. Untrusted user input in raw SQL queries can cause SQL Injection. Also sensitive information should be encrypted and written to the database.
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
M7: Client Code Quality
Files:
 com/samsung/context/sdk/samsunganalytics/internal/sender/buffering/database/DbManager.java
com/samsung/context/sdk/samsunganalytics/internal/sender/buffering/database/DefaultDBOpenHelper.java
com/samsung/android/app/cocktailbarservice/history/CocktailDBHelper.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/search/HistoryDbOpenHelper.java
com/sec/android/diagmonagent/log/ged/db/GEDDatabase.java
High
CVSS:5.9
SHA-1 is a weak hash known to have hash collisions.
MASVS: MSTG-CRYPTO-4
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
M5: Insufficient Cryptography
Files:
 com/samsung/android/app/cocktailbarservice/backup/Encryption.java
High
CVSS:7.4
Files may contain hardcoded sensitive informations like usernames, passwords, keys etc.
MASVS: MSTG-STORAGE-14
CWE-312 Cleartext Storage of Sensitive Information
M9: Reverse Engineering
Files:
 com/sec/android/diagmonagent/log/ged/db/dao/Contracts.java
com/samsung/android/app/cocktailbarservice/settings/EdgeSettingProvider.java
com/sec/android/diagmonagent/log/provider/utils/BundleContract.java
com/samsung/android/settings/search/provider/SearchIndexablesContract.java
com/samsung/android/app/cocktailbarservice/manager/CocktailBarSAManager.java
com/samsung/android/app/cocktailbarservice/badge/BadgeContentProvider.java
com/samsung/android/app/cocktailbarservice/logging/SALoggingConstants.java
com/samsung/android/app/cocktailbarservice/badge/NotificationItem.java
com/sec/android/diagmonagent/log/ged/util/RestUtils.java
com/samsung/android/app/cocktailbarservice/util/image/ImageLruCache.java
com/samsung/android/app/cocktailbarservice/data/CocktailConstants.java
com/samsung/android/app/cocktailbarservice/badge/NotificationListener.java
com/samsung/android/settings/search/provider/SecSearchIndexablesContract.java
com/samsung/android/app/cocktailbarservice/backup/CocktailBarBRThread.java
com/samsung/android/app/cocktailbarservice/settings/SettingsSearchProvider.java
Info
CVSS:0
This App uses SSL certificate pinning to detect or prevent MITM attacks in secure communication channel.
MASVS: MSTG-NETWORK-4
Files:
 com/samsung/context/sdk/samsunganalytics/internal/security/CertificateManager.java
High
CVSS:5.5
App can read/write to External Storage. Any App can read data written to External Storage.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files:
 com/samsung/android/app/cocktailbarservice/galaxyapps/TargetInfo.java
Medium
CVSS:4.3
IP Address disclosure
MASVS: MSTG-CODE-2
CWE-200 Information Exposure
Files:
 com/samsung/android/app/cocktailbarservice/galaxyapps/SearchEngineGalaxyApps.java
Pygal China: 300 Germany: 100 Ireland: 200 United States: 200

Map computed by Pithus.

Network analysis

Information computed with MobSF.

High Domain config is insecurely configured to permit clear text traffic to these domains in scope.
Scope: ['img.samsungapps.com']

Domains analysis

Information computed with MobSF.

DE diagmon-policy.samsungdm.com 13.35.253.55
US dc.di.atlas.samsung.com 34.120.24.208
CN cn-ms.samsungapps.com 54.222.166.248
IE vas.samsungapps.com 52.19.111.37
IE diagmon-serviceapi.samsungdm.com 54.246.1.192
CN diagmon-policy.samsung.com.cn 116.129.226.137
CN diagmon-apigw.samsung.com.cn 69.234.218.217
US regi.di.atlas.samsung.com 34.102.190.55

URL analysis

Information computed with MobSF.

https://regi.di.atlas.samsung.com
https://dc.di.atlas.samsung.com
Defined in com/samsung/context/sdk/samsunganalytics/internal/connection/Domain.java
https://regi.di.atlas.samsung.com
https://dc.di.atlas.samsung.com
Defined in com/samsung/context/sdk/samsunganalytics/internal/connection/Domain.java
https://vas.samsungapps.com/stub/stubUpdateCheck.as
Defined in com/samsung/android/app/cocktailbarservice/galaxyapps/CheckForUpdates.java
https://52.18.34.211/mercury/myApps/display/searchAppList.as?
https://vas.samsungapps.com/myApps/display/searchAppList.as?
https://cn-ms.samsungapps.com/getCNVasURL.as
https://vas.samsungapps.com/myApps/display/searchAppList.as
https://52.18.34.211/mercury/myApps/display/searchAppList.as
Defined in com/samsung/android/app/cocktailbarservice/galaxyapps/SearchEngineGalaxyApps.java
https://52.18.34.211/mercury/myApps/display/searchAppList.as?
https://vas.samsungapps.com/myApps/display/searchAppList.as?
https://cn-ms.samsungapps.com/getCNVasURL.as
https://vas.samsungapps.com/myApps/display/searchAppList.as
https://52.18.34.211/mercury/myApps/display/searchAppList.as
Defined in com/samsung/android/app/cocktailbarservice/galaxyapps/SearchEngineGalaxyApps.java
https://52.18.34.211/mercury/myApps/display/searchAppList.as?
https://vas.samsungapps.com/myApps/display/searchAppList.as?
https://cn-ms.samsungapps.com/getCNVasURL.as
https://vas.samsungapps.com/myApps/display/searchAppList.as
https://52.18.34.211/mercury/myApps/display/searchAppList.as
Defined in com/samsung/android/app/cocktailbarservice/galaxyapps/SearchEngineGalaxyApps.java
https://diagmon-apigw.samsung.com.cn
https://diagmon-serviceapi.samsungdm.com
https://diagmon-policy.samsung.com.cn
https://diagmon-policy.samsungdm.com
Defined in com/sec/android/diagmonagent/log/ged/util/RestUtils.java
https://diagmon-apigw.samsung.com.cn
https://diagmon-serviceapi.samsungdm.com
https://diagmon-policy.samsung.com.cn
https://diagmon-policy.samsungdm.com
Defined in com/sec/android/diagmonagent/log/ged/util/RestUtils.java
https://diagmon-apigw.samsung.com.cn
https://diagmon-serviceapi.samsungdm.com
https://diagmon-policy.samsung.com.cn
https://diagmon-policy.samsungdm.com
Defined in com/sec/android/diagmonagent/log/ged/util/RestUtils.java
https://diagmon-apigw.samsung.com.cn
https://diagmon-serviceapi.samsungdm.com
https://diagmon-policy.samsung.com.cn
https://diagmon-policy.samsungdm.com
Defined in com/sec/android/diagmonagent/log/ged/util/RestUtils.java

Permissions analysis

Information computed with MobSF.

High android.permission.READ_EXTERNAL_STORAGE read external storage contents
Allows an application to read from external storage.
High android.permission.WRITE_EXTERNAL_STORAGE read/modify/delete external storage contents
Allows an application to write to external storage.
High android.permission.WRITE_SETTINGS modify global system settings
Allows an application to modify the system's settings data. Malicious applications can corrupt your system's configuration.
High android.permission.SYSTEM_ALERT_WINDOW display system-level alerts
Allows an application to show system-alert windows. Malicious applications can take over the entire screen of the phone.
High android.permission.SET_PROCESS_LIMIT limit number of running processes
Allows an application to control the maximum number of processes that will run. Never needed for common applications.
Low android.permission.WAKE_LOCK prevent phone from sleeping
Allows an application to prevent the phone from going to sleep.
Low android.permission.VIBRATE control vibrator
Allows the application to control the vibrator.
Low android.permission.EXPAND_STATUS_BAR expand/collapse status bar
Allows application to expand or collapse the status bar.
Low android.permission.ACCESS_NETWORK_STATE view network status
Allows an application to view the status of all networks.
Low android.permission.REORDER_TASKS reorder applications running
Allows an application to move tasks to the foreground and background. Malicious applications can force themselves to the front without your control.
Low android.permission.DISABLE_KEYGUARD Allows applications to disable the keyguard if it is not secure.
Low android.permission.RECEIVE_BOOT_COMPLETED automatically start at boot
Allows an application to start itself as soon as the system has finished booting. This can make it take longer to start the phone and allow the application to slow down the overall phone by always running.
Low android.permission.INTERNET full Internet access
Allows an application to create network sockets.
Low android.permission.FOREGROUND_SERVICE Allows a regular application to use Service.startForeground
Medium android.permission.BROADCAST_PACKAGE_REMOVED send package removed broadcast
Allows an application to broadcast a notification that an application package has been removed. Malicious applications may use this to kill any other application running.
Medium android.permission.DEVICE_POWER turn phone on or off
Allows the application to turn the phone on or off.
Medium android.permission.STOP_APP_SWITCHES prevent app switches
Prevents the user from switching to another application.
Medium android.permission.INTERNAL_SYSTEM_WINDOW display unauthorised windows
Allows the creation of windows that are intended to be used by the internal system user interface. Not for use by common applications.
Medium android.permission.STATUS_BAR_SERVICE status bar
Allows the application to be the status bar.
Medium android.permission.SET_ACTIVITY_WATCHER monitor and control all application launching
Allows an application to monitor and control how the system launches activities. Malicious applications may compromise the system completely. This permission is needed only for development, never for common phone usage.
Medium android.permission.INJECT_EVENTS press keys and control buttons
Allows an application to deliver its own input events (key presses, etc.) to other applications. Malicious applications can use this to take over the phone.
Medium android.permission.READ_FRAME_BUFFER read frame buffer
Allows application to read the content of the frame buffer.
Medium android.permission.DELETE_PACKAGES delete applications
Allows an application to delete Android packages. Malicious applications can use this to delete important applications.
Medium android.permission.WRITE_SECURE_SETTINGS modify secure system settings
Allows an application to modify the system's secure settings data. Not for use by common applications.
Medium android.permission.MASTER_CLEAR reset system to factory defaults
Allows an application to completely reset the system to its factory settings, erasing all data, configuration and installed applications.
Medium android.permission.STATUS_BAR disable or modify status bar
Allows application to disable the status bar or add and remove system icons.
Medium android.permission.MODIFY_PHONE_STATE modify phone status
Allows the application to control the phone features of the device. An application with this permission can switch networks, turn the phone radio on and off and the like, without ever notifying you.
Medium android.permission.BIND_APPWIDGET choose widgets
Allows the application to tell the system which widgets can be used by which application. With this permission, applications can give access to personal data to other applications. Not for use by common applications.
com.samsung.kidshome.broadcast.DEFAULT_HOME_CHANGE_PERMISSION Unknown permission
Unknown permission from android reference
com.samsung.permission.READ_SEC_COMMON_POLICY Unknown permission
Unknown permission from android reference
com.samsung.android.permission.EDGE_LIGHTING_HOST Unknown permission
Unknown permission from android reference
com.samsung.android.service.peoplestripe.ACTION_PERMISSION Unknown permission
Unknown permission from android reference
com.samsung.android.cocktailbar.quicktool.permission.FLASH_LIGHT Unknown permission
Unknown permission from android reference
com.sec.android.app.voicenote.service.RECORDER_PERMISSION Unknown permission
Unknown permission from android reference
com.samsung.radio.service.permission.BIND_RADIOSERVICE Unknown permission
Unknown permission from android reference
com.system.permission.READ_NOTIFICATIONS Unknown permission
Unknown permission from android reference
android.permission.ACCESS_KEYGUARD_SECURE_STORAGE Unknown permission
Unknown permission from android reference
com.samsung.android.permission.LOCK_TASK_MODE Unknown permission
Unknown permission from android reference
android.permission.REAL_GET_TASKS Unknown permission
Unknown permission from android reference
android.permission.READ_PRIVILEGED_PHONE_STATE Unknown permission
Unknown permission from android reference
android.permission.MANAGE_USERS Unknown permission
Unknown permission from android reference
android.permission.INTERACT_ACROSS_USERS Unknown permission
Unknown permission from android reference
android.permission.START_ANY_ACTIVITY Unknown permission
Unknown permission from android reference
android.permission.GET_INTENT_SENDER_INTENT Unknown permission
Unknown permission from android reference
android.permission.INTERACT_ACROSS_USERS_FULL Unknown permission
Unknown permission from android reference
android.permission.MANAGE_NETWORK_POLICY Unknown permission
Unknown permission from android reference
com.android.alarm.permission.SET_ALARM Unknown permission
Unknown permission from android reference
com.sec.android.daemonapp.ap.accuweather.ACCUWEATHER_DAEMON_ACCESS_PROVIDER Unknown permission
Unknown permission from android reference
com.sec.android.daemonapp.ap.kweather.KWEATHER_DAEMON_ACCESS_PROVIDER Unknown permission
Unknown permission from android reference
com.sec.android.daemonapp.ap.weathernewsjp.WEATHERNEWS_DAEMON_ACCESS_PROVIDER Unknown permission
Unknown permission from android reference
com.sec.android.daemonapp.cmaweather.CMAWEATHER_DAEMON_ACCESS_PROVIDER Unknown permission
Unknown permission from android reference
com.sec.android.daemonapp.permission.WRITE_PROVIDER Unknown permission
Unknown permission from android reference
com.samsung.android.cocktail.permission.CALL_ACTION Unknown permission
Unknown permission from android reference
com.sec.android.phone.permission.VOICE_RECORDER_SERVICE Unknown permission
Unknown permission from android reference
com.sec.android.phone.permission.WRITE_ANSWERING_MEMO Unknown permission
Unknown permission from android reference
com.sec.android.phone.permission.READ_ANSWERING_MEMO Unknown permission
Unknown permission from android reference
com.samsung.android.providers.context.permission.WRITE_USE_APP_FEATURE_SURVEY Unknown permission
Unknown permission from android reference
com.samsung.android.settings.intelligence.READ_SETTINGS_SEARCH_DATA_PROVIDER Unknown permission
Unknown permission from android reference
com.samsung.container.OBSERVER Unknown permission
Unknown permission from android reference
android.permission.UPDATE_APP_OPS_STATS Unknown permission
Unknown permission from android reference
com.sec.android.settings.permission.SOFT_RESET Unknown permission
Unknown permission from android reference
com.wssnps.permission.COM_WSSNPS Unknown permission
Unknown permission from android reference
com.sec.android.provider.badge.permission.READ Unknown permission
Unknown permission from android reference
com.samsung.permission.READ_SM_DATA Unknown permission
Unknown permission from android reference
android.permission.START_ACTIVITIES_FROM_BACKGROUND Unknown permission
Unknown permission from android reference
android.permission.MANAGE_ACTIVITY_STACKS Unknown permission
Unknown permission from android reference
com.samsung.applock.permission.STATUSCHANGED Unknown permission
Unknown permission from android reference
com.samsung.applock.permission.STATUS_UPDATE Unknown permission
Unknown permission from android reference
com.samsung.android.app.cocktailbarservice.permission.ACCESS_PANEL Unknown permission
Unknown permission from android reference
com.sec.spp.permission.TOKEN_01580c748102677fa00b57b9fa6145fd9caf5fdae48f896ff940a4939f04… Unknown permission
Unknown permission from android reference
com.samsung.android.permission.CHANGE_DISPLAY_COLOR Unknown permission
Unknown permission from android reference
android.permission.CONTROL_KEYGUARD Unknown permission
Unknown permission from android reference
com.samsung.android.app.cocktailbarservice.permission.EDGE_HANDLER_STATE Unknown permission
Unknown permission from android reference
android.permission.ACCESS_SHORTCUTS Unknown permission
Unknown permission from android reference
com.samsung.sea.retailagent.permission.RETAILMODE Unknown permission
Unknown permission from android reference
com.samsung.android.app.galaxyfinder.permission.ACCESS_APPLICATION_PROVIDER Unknown permission
Unknown permission from android reference
com.samsung.android.bixby.service.bixbysearch.permission.BIXBY_SEARCH Unknown permission
Unknown permission from android reference
com.samsung.android.scs.ai.search.permission.WRITE Unknown permission
Unknown permission from android reference
com.samsung.android.scs.ai.search.permission.READ Unknown permission
Unknown permission from android reference
com.samsung.android.permisson.SCREEN_ROTATION_ANIMATION_STARTED Unknown permission
Unknown permission from android reference

Threat analysis

Information computed with Quark-Engine.

Confidence:
100%
Load external class
Confidence:
100%
Implicit intent(view a web page, make a phone call, etc.)
Confidence:
100%
Get absolute path of file and put it to JSON object
Confidence:
100%
Find a method from given class name, usually for reflection
Confidence:
100%
Connect to a URL and receive input stream from the server
Confidence:
100%
Method reflection
Confidence:
100%
Connect to a URL and read data from it
Confidence:
100%
Monitor data identified by a given content URI changes(SMS, MMS, etc.)
Confidence:
100%
Retrieve data from broadcast
Confidence:
100%
Read sensitive data(SMS, CALLLOG, etc)
Confidence:
100%
Open a file from given absolute path of the file
Confidence:
100%
Put data in cursor to JSON object
Confidence:
100%
Implicit intent(view a web page, make a phone call, etc.) via setData
Confidence:
100%
Connect to a URL and get the response code
Confidence:
100%
Monitor the broadcast action events (BOOT_COMPLETED)
Confidence:
100%
Monitor incoming call status
Confidence:
100%
Read file from assets directory
Confidence:
100%
Get last known location of the device
Confidence:
100%
Get location of the device
Confidence:
100%
Load additional DEX files dynamically
Confidence:
100%
Method reflection
Confidence:
100%
Connect to the remote server through the given URL
Confidence:
100%
Query data from URI (SMS, CALLLOGS)
Confidence:
100%
Get the time of current location
Confidence:
100%
Initialize class object dynamically
Confidence:
100%
Read the input stream from given URL
Confidence:
100%
Check the list of currently running applications
Confidence:
100%
Connect to a URL and set request method
Confidence:
80%
Read data and put it into a buffer stream
Confidence:
80%
Read file and put it into a stream
Confidence:
80%
Get declared method from given method name
Confidence:
80%
Query the SIM card status
Confidence:
80%
Get absolute path of the file and store in string
Confidence:
80%
Get calendar information
Confidence:
80%
Check if the given file path exist
Confidence:
80%
Put buffer stream (data) to JSON object
Confidence:
80%
Read file into a stream and put it into a JSON object
Confidence:
80%
Executes the specified string Linux command
Confidence:
80%
Get resource file from res/raw directory

Behavior analysis

Information computed with MobSF.

Base64 decode
       com/airbnb/lottie/manager/ImageAssetManager.java
com/samsung/android/sdk/bixby/BixbyAppService.java
com/samsung/android/sdk/bixby2/provider/CapsuleProvider.java
com/samsung/android/app/cocktailbarservice/util/image/UriLoaderIcon.java
Base64 encode
       com/sec/android/diagmonagent/log/ged/util/RestUtils.java
Content provider
       com/samsung/android/app/cocktailbarservice/settings/EdgeSettingProvider.java
com/samsung/android/app/cocktailbarservice/settings/EdgeSALoggingProvider.java
com/samsung/android/sdk/bixby2/provider/CapsuleProvider.java
com/samsung/android/app/cocktailbarservice/badge/BadgeContentProvider.java
com/samsung/android/SDK/routine/AbsRoutineActionProvider.java
com/samsung/android/app/cocktailbarservice/settings/CheckForUpdateProvider.java
com/samsung/android/settings/search/provider/SearchIndexablesProvider.java
com/samsung/android/app/cocktailbarservice/history/CocktailProvider.java
com/samsung/android/app/cocktailbarservice/bixby/EdgeBixbyProvider.java
com/samsung/android/SDK/routine/AbsRoutineConditionProvider.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/search/HistoryProvider.java
com/sec/android/diagmonagent/log/provider/newLogProvider.java
com/samsung/android/app/cocktailbarservice/settings/PanelInfoManagerProvider.java
com/samsung/android/app/cocktailbarservice/settings/PanelManagerProvider.java
Crypto
       okio/HashingSink.java
okio/ByteString.java
okio/HashingSource.java
com/samsung/android/app/cocktailbarservice/backup/Encryption.java
okio/Buffer.java
Execute os command
       com/sec/android/diagmonagent/log/provider/DiagMonLogger.java
Get installed applications
       com/samsung/android/app/cocktailbarservice/util/CocktailUtils.java
Get sim provider details
       com/samsung/android/app/cocktailbarservice/galaxyapps/TargetInfo.java
com/samsung/context/sdk/samsunganalytics/internal/device/DeviceInfo.java
com/sec/android/diagmonagent/log/ged/util/DeviceUtils.java
Get system service
       com/samsung/context/sdk/samsunganalytics/internal/sender/DLS/DLSLogSender.java
com/samsung/android/app/cocktailbarservice/utils/TalkBackUtil.java
com/samsung/android/sepunion/SemPluginManager.java
com/samsung/android/app/cocktailbarservice/ui/view/PanelDescriptionView.java
com/samsung/android/app/cocktailbarservice/controller/CocktailBarUiController.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/search/InstalledSearchResultAdapter.java
com/samsung/android/app/cocktailbarservice/manager/CocktailBarPositionManager.java
com/sec/android/diagmonagent/log/ged/util/DeviceUtils.java
com/samsung/android/app/cocktailbarservice/controller/traystate/TrayStateController.java
com/samsung/android/sepunion/ExclusiveTaskManager.java
com/samsung/android/app/cocktailbarservice/CocktailBarForegroundService.java
com/samsung/android/app/cocktailbarservice/CocktailBarService.java
com/sec/android/diagmonagent/log/ged/scheduler/GEDJobService.java
com/samsung/android/app/cocktailbarservice/ui/view/CocktailBarTriggerContainerView.java
com/samsung/android/app/cocktailbarservice/controller/traystate/TrayStateTrigger.java
com/samsung/android/app/cocktailbarservice/controller/traystate/TrayStateFullWindow.java
com/samsung/android/app/cocktailbarservice/reflection/content/ContextReflection.java
com/samsung/android/app/cocktailbarservice/manager/CocktailBarApplication.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/search/PanelSearchActivity.java
com/samsung/android/app/cocktailbarservice/manager/CocktailBarSettingsManagerUtils.java
com/samsung/android/app/cocktailbarservice/utils/Utils.java
com/samsung/android/app/cocktailbarservice/controller/traystate/TraySpecificModeController.java
com/samsung/android/app/cocktailbarservice/util/CocktailPermissionUtils.java
com/samsung/android/app/cocktailbarservice/util/CocktailUtils.java
com/samsung/context/sdk/samsunganalytics/internal/device/DeviceInfo.java
com/samsung/android/app/cocktailbarservice/controller/traystate/TrayVisibilityController.java
com/samsung/android/app/cocktailbarservice/ui/panel/AbstractRemotePanelView.java
com/samsung/android/app/cocktailbarservice/ui/panel/CocktailPortraitRemotePanelView.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/search/GalaxyAppsSearchResultAdapter.java
com/sec/android/diagmonagent/log/ged/scheduler/GEDScheduler.java
com/samsung/android/sepunion/SemDeviceInfoManager.java
com/samsung/android/app/cocktailbarservice/controller/traystate/InjectorReflection.java
com/samsung/android/app/cocktailbarservice/ui/blur/BlurredCaptureStorage.java
com/samsung/android/app/cocktailbarservice/galaxyapps/CheckForUpdates.java
com/samsung/android/app/cocktailbarservice/galaxyapps/TargetInfo.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/ReorderPanels.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/widget/ColorSelectorPreference.java
com/samsung/context/sdk/samsunganalytics/internal/policy/Validation.java
com/samsung/android/sepunion/SemGoodCatchManager.java
Http connection
       com/airbnb/lottie/network/NetworkFetcher.java
com/sec/android/diagmonagent/log/ged/servreinterface/model/client/TokenClient.java
com/samsung/android/app/cocktailbarservice/galaxyapps/SearchEngineGalaxyApps.java
com/sec/android/diagmonagent/log/ged/servreinterface/model/client/DiagmonClient.java
com/sec/android/diagmonagent/log/ged/servreinterface/model/client/FileUploadClient.java
Https connection
       com/samsung/context/sdk/samsunganalytics/internal/policy/GetPolicyClient.java
com/samsung/context/sdk/samsunganalytics/internal/sender/DLS/DLSAPIClient.java
com/samsung/context/sdk/samsunganalytics/internal/terms/RegisterTask.java
Inter process communication
       com/samsung/android/app/cocktailbarservice/ui/view/PanelDescriptionView.java
com/samsung/android/app/cocktailbarservice/controller/CocktailBarUiController.java
com/samsung/android/sdk/bixby2/provider/CapsuleProvider.java
com/samsung/android/sepunion/SemPluginManagerLocal.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/providerutils/CocktailBarServiceUtils.java
com/samsung/android/app/cocktailbarservice/controller/traystate/TrayStateController.java
com/samsung/android/sepunion/SemOnUnionEventIntentListener.java
com/samsung/android/sdk/bixby/StateReader.java
com/samsung/context/sdk/samsunganalytics/internal/Tracker.java
com/samsung/android/app/cocktailbarservice/reflection/app/PendingIntentReflection.java
com/samsung/android/app/cocktailbarservice/CocktailBarForegroundService.java
com/sec/android/diagmonagent/sa/IDMAInterface.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/SplashEdgeSetting.java
com/samsung/android/app/cocktailbarservice/CocktailBarService.java
com/sec/spp/push/dlc/api/IDlcService.java
com/samsung/android/app/cocktailbarservice/ui/PanelAllowList.java
com/samsung/context/sdk/samsunganalytics/internal/util/Utils.java
com/samsung/android/app/cocktailbarservice/routine/EdgePanelRoutineSetting.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/fragment/EdgeScreenSettingsMainFragment.java
com/samsung/android/sdk/cover/ScoverManager.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/search/PanelSearchActivity.java
com/samsung/android/app/cocktailbarservice/reflection/AbstractStubReflection.java
com/samsung/android/app/cocktailbarservice/backup/CocktailBarBRReceiver.java
com/samsung/android/app/cocktailbarservice/reflection/app/IActivityManagerNativeReflection.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/UninstallPanels.java
com/samsung/android/sepunion/SemDeviceInfoManager.java
com/samsung/android/sdk/bixby2/action/ResponseCallback.java
com/samsung/android/app/cocktailbarservice/reflection/ReflectionContainer.java
com/samsung/android/bixby/agent/IBixbyAgentAppService.java
com/samsung/android/app/cocktailbarservice/backup/CocktailBarBRThread.java
com/samsung/android/app/cocktailbarservice/galaxyapps/SearchEngineGalaxyApps.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/CheckUpdate.java
com/samsung/android/sepunion/SemGoodCatchManager.java
com/samsung/android/app/cocktailbarservice/reflection/view/IWindowManagerStubReflection.java
com/sec/android/diagmonagent/log/provider/threadExecutor/EventReportExecutor.java
com/samsung/android/app/cocktailbarservice/reflection/samsung/RefLoadablePanelOnClickHandler.java
com/samsung/context/sdk/samsunganalytics/internal/sender/DMA/DMABinder.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/OpenSourceLicenseList.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/providerutils/PanelManagerUtils.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/HideContentOnLockScreen.java
com/samsung/android/bixby/agent/IBixbyAgentAppServiceCallback.java
com/samsung/android/app/cocktailbarservice/backup/BRUtils.java
com/samsung/android/app/cocktailbarservice/reflection/os/ServiceManagerReflection.java
com/samsung/android/sdk/bixby/data/State.java
com/samsung/android/sepunion/SemUnionManagerLocal.java
com/samsung/android/sepunion/SemUnionManager.java
com/samsung/android/app/cocktailbarservice/galaxyapps/GalaxyAppsContent.java
com/samsung/android/app/cocktailbarservice/ui/view/SecurityPanelView.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/EdgePanels.java
com/samsung/lib/edge/frameworkreflector/RemoteViewsReflector.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/fragment/AboutEdgeScreenFragment.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/widget/RelativeLinkPreference.java
com/samsung/android/app/cocktailbarservice/controller/traystate/TrayStateFullWindow.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/HandleSettings.java
com/samsung/android/app/cocktailbarservice/CocktailBarReceiver.java
com/samsung/android/app/cocktailbarservice/utils/Utils.java
com/samsung/android/app/cocktailbarservice/reflection/app/ReflectionAppContainer.java
com/samsung/android/app/cocktailbarservice/CocktailBarPermissionActivity.java
com/samsung/android/app/cocktailbarservice/controller/traystate/TraySpecificModeController.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/LaunchUtils.java
com/samsung/android/app/cocktailbarservice/util/CocktailUtils.java
com/samsung/lib/edge/frameworkreflector/UsageStatsWatcherReflector.java
com/samsung/android/sdk/bixby/data/ParamFilling.java
com/samsung/android/sdk/bixby/data/PathRuleInfo.java
com/samsung/android/app/cocktailbarservice/controller/traystate/TrayVisibilityController.java
com/samsung/android/app/cocktailbarservice/ui/panel/AbstractRemotePanelView.java
com/samsung/android/app/cocktailbarservice/settings/RetailResetReceiver.java
com/samsung/android/sdk/bixby2/receiver/ApplicationTriggerReceiver.java
com/samsung/android/sdk/bixby/BixbyApi.java
com/samsung/android/app/cocktailbarservice/routine/EdgePanelRoutineProvider.java
com/samsung/android/app/cocktailbarservice/controller/traystate/InjectorReflection.java
com/samsung/android/app/cocktailbarservice/settings/ResetReceiver.java
com/sec/android/diagmonagent/log/provider/DiagMonSDK.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/EdgeScreenSettingsMain.java
com/samsung/android/sdk/bixby/BixbyAppService.java
com/samsung/android/app/cocktailbarservice/bixby/EdgeBixbyProvider.java
com/samsung/android/app/cocktailbarservice/reflection/app/ActivityReflection.java
com/samsung/android/app/cocktailbarservice/galaxyapps/CheckForUpdates.java
com/samsung/android/app/cocktailbarservice/reflection/samsung/SpenGestureManagerServiceReflection.java
com/samsung/context/sdk/samsunganalytics/internal/policy/Validation.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/OpenSourceLicenseForB2B.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/OpenSourceLicense.java
com/samsung/android/app/cocktailbarservice/settings/PanelManagerProvider.java
Java reflection
       com/samsung/android/sdk/cover/LegacyLedSystemEventListenerDelegate.java
com/samsung/android/app/cocktailbarservice/reflection/AbstractStubReflection.java
com/samsung/android/app/cocktailbarservice/utils/Utils.java
okio/ByteString.java
com/samsung/android/app/cocktailbarservice/reflection/samsung/RefLoadablePanelOnClickHandler.java
com/samsung/android/app/cocktailbarservice/ui/panel/AbstractRemotePanelView.java
com/samsung/android/app/cocktailbarservice/reflection/AbstractBaseReflection.java
com/samsung/android/sdk/bixby/BixbyApi.java
com/samsung/android/app/cocktailbarservice/history/CocktailProvider.java
com/samsung/android/app/cocktailbarservice/reflection/AbstractProxyReflection.java
com/samsung/android/sepunion/SemUnionManager.java
com/samsung/android/app/cocktailbarservice/reflection/samsung/SemAbsCocktailLoadablePanelReflection.java
com/samsung/android/app/cocktailbarservice/badge/NotificationListener.java
com/samsung/android/sdk/bixby/BixbyAppService.java
com/samsung/android/app/cocktailbarservice/reflection/samsung/RefLoadablePanelPanelListenerProxy.java
com/samsung/context/sdk/samsunganalytics/internal/policy/PolicyUtils.java
com/samsung/android/app/cocktailbarservice/reflection/samsung/SpenGestureManagerServiceReflection.java
com/samsung/context/sdk/samsunganalytics/internal/policy/Validation.java
Loading native code (shared library)
       com/sec/android/diagmonagent/common/NativeHelper.java
Local file i/o operations
       com/airbnb/lottie/network/NetworkCache.java
com/samsung/android/app/cocktailbarservice/manager/CocktailBarSettingsManagerUtils.java
com/samsung/android/app/cocktailbarservice/manager/CocktailBarSAManager.java
com/samsung/android/app/cocktailbarservice/manager/CocktailBarPanelManager.java
com/samsung/android/app/cocktailbarservice/settings/CheckForUpdateProvider.java
com/samsung/android/app/cocktailbarservice/util/CocktailUtils.java
com/sec/android/diagmonagent/log/ged/db/dao/ServiceDao.java
com/samsung/android/app/cocktailbarservice/backup/BRUtils.java
com/samsung/android/app/cocktailbarservice/settings/RetailResetReceiver.java
com/samsung/context/sdk/samsunganalytics/internal/Tracker.java
com/samsung/android/app/cocktailbarservice/settings/ResetReceiver.java
com/sec/android/diagmonagent/log/ged/util/PreferenceUtils.java
com/samsung/context/sdk/samsunganalytics/internal/policy/GetPolicyClient.java
com/samsung/context/sdk/samsunganalytics/internal/setting/SettingReader.java
com/sec/android/diagmonagent/log/provider/threadExecutor/ServiceRegistrationExecutor.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/EdgePanels.java
com/samsung/android/app/cocktailbarservice/galaxyapps/SearchEngineGalaxyApps.java
com/sec/android/diagmonagent/log/provider/newLogProvider.java
com/samsung/context/sdk/samsunganalytics/internal/util/Preferences.java
com/samsung/android/app/cocktailbarservice/ui/panelcontainer/AbstractPanelAdapter.java
com/samsung/android/app/cocktailbarservice/settings/CocktailSettingHelper.java
com/samsung/android/app/cocktailbarservice/manager/DumpManager.java
Message digest
       com/sec/android/diagmonagent/log/ged/util/RestUtils.java
okio/HashingSink.java
okio/ByteString.java
okio/HashingSource.java
com/samsung/android/app/cocktailbarservice/backup/Encryption.java
okio/Buffer.java
com/samsung/context/sdk/samsunganalytics/internal/policy/Validation.java
Query database of sms, contacts etc
       com/samsung/android/app/cocktailbarservice/utils/Utils.java
com/samsung/android/app/cocktailbarservice/util/CocktailUtils.java
com/samsung/android/app/cocktailbarservice/history/CocktailProvider.java
Sending broadcast
       com/sec/android/diagmonagent/log/provider/threadExecutor/EventReportExecutor.java
com/samsung/context/sdk/samsunganalytics/internal/Tracker.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/HandleSettings.java
com/sec/android/diagmonagent/log/provider/DiagMonSDK.java
com/samsung/android/app/cocktailbarservice/CocktailBarPermissionActivity.java
com/samsung/android/sdk/bixby2/provider/CapsuleProvider.java
com/samsung/android/app/cocktailbarservice/backup/CocktailBarBRThread.java
com/samsung/android/app/cocktailbarservice/galaxyapps/CheckForUpdates.java
com/samsung/android/sdk/bixby/BixbyApi.java
Starting activity
       com/samsung/android/app/cocktailbarservice/cocktailsettings/fragment/EdgeScreenSettingsMainFragment.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/search/PanelSearchActivity.java
com/samsung/android/app/cocktailbarservice/CocktailBarPermissionActivity.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/OpenSourceLicenseList.java
com/samsung/android/app/cocktailbarservice/util/CocktailUtils.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/search/GalaxyAppsSearchResultAdapter.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/UninstallPanels.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/EdgeScreenSettingsMain.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/SplashEdgeSetting.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/EdgePanels.java
com/samsung/android/app/cocktailbarservice/bixby/EdgeBixbyProvider.java
com/samsung/android/app/cocktailbarservice/galaxyapps/CheckForUpdates.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/CheckUpdate.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/fragment/AboutEdgeScreenFragment.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/widget/RelativeLinkPreference.java
Starting service
       com/samsung/android/app/cocktailbarservice/routine/EdgePanelRoutineProvider.java
com/samsung/android/app/cocktailbarservice/CocktailBarReceiver.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/EdgeScreenSettingsMain.java
com/samsung/context/sdk/samsunganalytics/internal/sender/DMA/DMABinder.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/EdgePanels.java
com/samsung/android/app/cocktailbarservice/bixby/EdgeBixbyProvider.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/providerutils/PanelManagerUtils.java
com/samsung/android/app/cocktailbarservice/settings/PanelManagerProvider.java
com/samsung/android/app/cocktailbarservice/controller/traystate/TrayStateFullWindow.java
com/samsung/android/app/cocktailbarservice/backup/BRUtils.java
com/samsung/android/app/cocktailbarservice/cocktailsettings/providerutils/CocktailBarServiceUtils.java
com/samsung/android/app/cocktailbarservice/settings/RetailResetReceiver.java
Tcp socket
       com/samsung/android/app/cocktailbarservice/galaxyapps/SearchEngineGalaxyApps.java
okio/Okio.java
Url connection to file/http/https/ftp/jar
       com/samsung/android/app/cocktailbarservice/galaxyapps/CheckForUpdates.java
com/samsung/android/app/cocktailbarservice/util/image/UriLoaderIcon.java
Webview get request
       com/samsung/android/app/cocktailbarservice/cocktailsettings/OpenSourceLicense.java

Control flow graphs analysis

Information computed by Pithus.

The application probably lists running applications