0/58

Threat

com.secretcodes.geekyitools.pro

Geeky Tools Pro

Analyzed on 2022-01-17T15:04:04.539892

32

permissions

91

activities

5

services

6

receivers

81

domains

File sums

MD5 7b0863e333486c99823f2152aa4157ae
SHA1 f29ee2332af37dbe717ce9abd30141124a1fb32c
SHA256 9578266aa98a93e50789bc6619396b75363cc20f99e817c2de8d676445c1c1a6
Size 7.21MB

APKiD

Information computed with APKiD.

/tmp/tmp_ximdma5!classes.dex
anti_vm
  • Build.FINGERPRINT check
  • Build.MODEL check
  • Build.MANUFACTURER check
  • Build.PRODUCT check
  • Build.HARDWARE check
  • Build.BOARD check
  • possible Build.SERIAL check
  • Build.TAGS check
  • possible ro.secure check
compiler
  • r8

SSdeep

Information computed with ssdeep.

APK file 98304:kcAxqnAKlQNuDtg7A0fgG/pIS3IGUy8fzeLDRYdfN+NOUhjDMnfX88EjyaxvGpi4:kc3AKl7cn/p5hw6LiFNCBhnOi+JQ//2
Manifest 768:sIQmiddPkA65K3uqV2enm4ytoTYo9RwAJFLo43Y3SEJ/CTyD8SCUyAg9tGJpcKfV:…
classes.dex 49152:3ZTjuwKUmJrwZ8Y6K+NwcrCNn2cEJG8x6NyVTe3aUmlgg0+/:3g/M84KTe3a5gg…

Dexofuzzy

Information computed with Dexofuzzy.

APK file 6144:gTNeACdbY70Hoazy3JciADIfCXhdbgyQXx0RCN8sT:4eACdbVHW/cRZ4Xx652
classes.dex 6144:gTNeACdbY70Hoazy3JciADIfCXhdbgyQXx0RCN8sT:4eACdbVHW/cRZ4Xx652

APK details

Information computed with AndroGuard and Pithus.

Package com.secretcodes.geekyitools.pro
App name Geeky Tools Pro
Version name 1.0.2
Version code 2
SDK 16 - 30
UAID bddeb45199cbc13795059b0d487c10e47d4328fa
Signature Signature V1 Signature V2 Signature V3
Frosting Frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown
  • 0xf05368c0: Unknown
  • 0x6dff800d: Source stamp V2 X509 cert
  • 0x2146444e: Google metadata
  • 0x42726577: Verity padding

Certificate details

Information computed with AndroGuard.

MD5 e11006298fcb2db2179a056949f38dc4
SHA1 cdce22435516bcf2821cfec851eefdec28f34673
SHA256 836077c08848b1cf1f41bc36e3004e8544145f9511e408cc89323647e39fc49c
Issuer Common Name: Android, Organizational Unit: Android, Organization: Google Inc., Locality: Mountain View, State/Province: California, Country: US
Not before 2021-08-25T12:07:02+00:00
Not after 2051-08-25T12:07:02+00:00

File Analysis

Information computed with MobSF.

Findings Files
Certificate/Key files hardcoded inside the app. okhttp3/internal/publicsuffix/NOTICE
stamp-cert-sha256

Manifest analysis

Information computed with MobSF.

High Clear text traffic is Enabled For App[android:usesCleartextTraffic=true]
The app intends to use cleartext network traffic, such as cleartext HTTP, FTP stacks, DownloadManager, and MediaPlayer. The default value for apps that target API level 27 or lower is "true". Apps that target API level 28 or higher default to "false". The key reason for avoiding cleartext traffic is the lack of confidentiality, authenticity, and protections against tampering; a network attacker can eavesdrop on transmitted data and also modify it without being detected.
Low App has a Network Security Configuration[android:networkSecurityConfig=@xml/network_security_config]
The Network Security Configuration feature lets apps customize their network security settings in a safe, declarative configuration file without modifying app code. These settings can be configured for specific domains and for a specific app.
Medium Application Data can be Backed up[android:allowBackup=true]
This flag allows anyone to backup your application data via adb. It allows users who have enabled USB debugging to copy application data off of the device.
High Activity (com.secretcodes.geekyitools.antispyware.activity.SubActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Broadcast Receiver (com.secretcodes.geekyitools.antispyware.safe.RealTimeProtectionReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Service (com.secretcodes.geekyitools.antispyware.safe.SignatureScanService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.secretcodes.geekyitools.Utility.AdminReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_DEVICE_ADMIN [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.secretcodes.geekyitools.antispyware.activity.IndicatorService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_ACCESSIBILITY_SERVICE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.secretcodes.geekyitools.antispyware.activity.PrivacyBreacherService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.secretcodes.geekyitools.antispyware.activity.EventReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.secretcodes.geekyitools.antispyware.Battery.BatteryWidget) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Broadcast Receiver (com.secretcodes.geekyitools.antispyware.Battery.WidgetReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.RECEIVE_BOOT_COMPLETED [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (com.secretcodes.geekyitools.Utility.ConnectivityReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
Medium High Action Priority (1000)[android:priority]
By setting an action priority higher than another action, the app effectively overrides other requests.

Main Activity

Information computed with AndroGuard.

com.secretcodes.geekyitools.activity.SplashScreen

Activities

Information computed with AndroGuard.

com.secretcodes.geekyitools.activity.SplashScreen
com.secretcodes.geekyitools.activity.PrivacyPolicyActivity
com.secretcodes.geekyitools.activity.SettingActivity
com.secretcodes.geekyitools.activity.MainActivity
com.secretcodes.geekyitools.activity.HomeActivity
com.secretcodes.geekyitools.antispyware.activity.CustomActivity
com.secretcodes.geekyitools.networkutility.IpTools_Activity
com.secretcodes.geekyitools.device.DeviceInfo_Main_Activity
com.secretcodes.geekyitools.androidShell.AndroidShellActivity
com.secretcodes.geekyitools.hiddencodes.ManualCode_Main_Activity
com.secretcodes.geekyitools.wifiscanner.WifiMasterActivity
com.secretcodes.geekyitools.wifiscanner.ChannelRatingActivity
com.secretcodes.geekyitools.wifiscanner.AccessPointsActivity
com.secretcodes.geekyitools.whouse.DeviceDetailActivity
com.secretcodes.geekyitools.whouse.OneStep
com.secretcodes.geekyitools.whouse.WiFiRouterInfo
com.secretcodes.geekyitools.whouse.WhoUseWifiActivity
com.secretcodes.geekyitools.whouse.Router_Page
com.secretcodes.geekyitools.wifiscanner.WiFiSignalActivity
com.secretcodes.geekyitools.activity.HowToUseActivity
com.secretcodes.geekyitools.guide.EthicalGuideActivity
com.secretcodes.geekyitools.guide.BasicTermsActivity
com.secretcodes.geekyitools.guide.PenTest_Activity
com.secretcodes.geekyitools.antispyware.activity.SubActivity
com.secretcodes.geekyitools.antispyware.activity.AntivirusScanActivity
com.secretcodes.geekyitools.antispyware.safe.ScanComplete
com.secretcodes.geekyitools.antispyware.activity.ProcessActivity
com.secretcodes.geekyitools.antispyware.safe.ScanAppActivity
com.secretcodes.geekyitools.antispyware.activity.AntiAppsScannerActivity
com.secretcodes.geekyitools.antispyware.activity.PhoneMonitorActivity
com.secretcodes.geekyitools.antispyware.activity.PhoneMonitorHistory
com.secretcodes.geekyitools.antispyware.activity.StartRepairActivity
com.secretcodes.geekyitools.antispyware.activity.JunkCleanActivity
com.secretcodes.geekyitools.antispyware.activity.BatteryActivity
com.secretcodes.geekyitools.antispyware.activity.DoneJunkCleanActivity
com.secretcodes.geekyitools.antispyware.activity.OptimizeNowActivity
com.secretcodes.geekyitools.antispyware.activity.BatteryResultActivity
com.secretcodes.geekyitools.antispyware.activity.SystemAdvisor
com.secretcodes.geekyitools.devicetesting.DeviceTestMain
com.secretcodes.geekyitools.device.fragments.SensorDetailActivity
com.secretcodes.geekyitools.devicetesting.FlashlightTestActivity
com.secretcodes.geekyitools.devicetesting.TouchActivity
com.secretcodes.geekyitools.devicetesting.TouchTestActivity
com.secretcodes.geekyitools.devicetesting.DisplayTestActivity
com.secretcodes.geekyitools.devicetesting.DisplayTestFullScreen
com.secretcodes.geekyitools.devicetesting.LoudSpeakerTestActivity
com.secretcodes.geekyitools.devicetesting.EarSpeakerTestActivity
com.secretcodes.geekyitools.devicetesting.EarProximityTestActivity
com.secretcodes.geekyitools.devicetesting.LightSensorTestActivity
com.secretcodes.geekyitools.devicetesting.VibrationTestActivity
com.secretcodes.geekyitools.devicetesting.WifiTestActivity
com.secretcodes.geekyitools.devicetesting.BluetoothTestActivity
com.secretcodes.geekyitools.devicetesting.VolumeUpTestActivity
com.secretcodes.geekyitools.devicetesting.VolumeDownTestActivity
com.secretcodes.geekyitools.hiddencodes.SearchCode.Autohiddencode
com.secretcodes.geekyitools.networkutility.frag.IPCalc.IPv6Calculator
com.secretcodes.geekyitools.networkutility.frag.IPCalc.Preferences
com.secretcodes.geekyitools.networkutility.frag.IPCalc.Converter
com.secretcodes.geekyitools.networkutility.frag.Traceroute.Preferences
com.secretcodes.geekyitools.guide.cmnd.SearchLinux
com.secretcodes.geekyitools.guide.OnlineTutorials
com.secretcodes.geekyitools.guide.NetworkCommands
com.secretcodes.geekyitools.guide.NetworkCommandsData
com.secretcodes.geekyitools.guide.tools.Tools1
com.secretcodes.geekyitools.guide.tools.Tools2
com.secretcodes.geekyitools.guide.tools.Tools3
com.secretcodes.geekyitools.guide.tools.Tools4
com.secretcodes.geekyitools.guide.tools.Tools5
com.secretcodes.geekyitools.guide.tools.Tools6
com.secretcodes.geekyitools.guide.tools.Tools7
com.secretcodes.geekyitools.guide.tools.Tools8
com.secretcodes.geekyitools.guide.tools.Tools9
com.secretcodes.geekyitools.guide.tools.Tools10
com.secretcodes.geekyitools.guide.tools.Tools11
com.secretcodes.geekyitools.guide.tools.Tools12
com.secretcodes.geekyitools.guide.tools.Tools13
com.secretcodes.geekyitools.guide.tools.Tools14
com.secretcodes.geekyitools.guide.tools.Tools15
com.secretcodes.geekyitools.guide.tools.Tools16
com.secretcodes.geekyitools.guide.tools.ToolsDesc
com.secretcodes.geekyitools.guide.tools.ToolsDesc2
com.secretcodes.geekyitools.guide.cmnd.LinuxCommandsMain
com.secretcodes.geekyitools.guide.OfflineTutorials
com.secretcodes.geekyitools.guide.offline.SearchOffline
com.secretcodes.geekyitools.guide.offline.FavOfflineTutData
com.secretcodes.geekyitools.guide.FavOfflineTut
com.secretcodes.geekyitools.antispyware.activity.PermissionDetailActivity
pub.devrel.easypermissions.AppSettingsDialogHolderActivity
com.karumi.dexter.DexterActivity
com.google.android.gms.common.api.GoogleApiActivity
com.nabinbhandari.android.permissions.PermissionsActivity

Receivers

Information computed with AndroGuard.

com.secretcodes.geekyitools.antispyware.safe.RealTimeProtectionReceiver
com.secretcodes.geekyitools.Utility.AdminReceiver
com.secretcodes.geekyitools.antispyware.activity.EventReceiver
com.secretcodes.geekyitools.antispyware.Battery.BatteryWidget
com.secretcodes.geekyitools.antispyware.Battery.WidgetReceiver
com.secretcodes.geekyitools.Utility.ConnectivityReceiver

Services

Information computed with AndroGuard.

com.secretcodes.geekyitools.antispyware.safe.SignatureScanService
com.secretcodes.geekyitools.antispyware.activity.IndicatorService
com.secretcodes.geekyitools.antispyware.activity.PrivacyBreacherService
com.secretcodes.geekyitools.antispyware.task.MonitorService
com.secretcodes.geekyitools.antispyware.task.UpdateService

Sample timeline

Oldest file found in APK Jan. 1, 1981, 1:01 a.m.
Latest file found in APK Jan. 1, 1981, 1:01 a.m.
Certificate valid not before Aug. 25, 2021, 12:07 p.m.
First submission on VT Dec. 30, 2021, 5:40 p.m.
Last submission on VT Jan. 8, 2022, 5:26 p.m.
Upload on Pithus Jan. 17, 2022, 3:04 p.m.
Certificate valid not after Aug. 25, 2051, 12:07 p.m.

NIAP analysis

Information computed with MobSF.

FCS_RBG_EXT.1.1 The application invoke platform-provided DRBG functionality for its cryptographic operations.
Random Bit Generation Services
FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['location', 'bluetooth', 'network connectivity', 'camera'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to no sensitive information repositories.
Access to Platform Resources
FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Network Communications
FDP_DAR_EXT.1.1 The application implement functionality to encrypt sensitive data in non-volatile memory.
Encryption Of Sensitive Application Data
FMT_MEC_EXT.1.1 The application invoke the mechanisms recommended by the platform vendor for storing and setting configuration options.
Supported Configuration Mechanism
FTP_DIT_EXT.1.1 The application does encrypt some transmitted data with HTTPS/TLS/SSH between itself and another trusted IT product.
Protection of Data in Transit
FCS_RBG_EXT.2.1
FCS_RBG_EXT.2.2
The application perform all deterministic random bit generation (DRBG) services in accordance with NIST Special Publication 800-90A using Hash_DRBG. The deterministic RBG is seeded by an entropy source that accumulates entropy from a platform-based DRBG and a software-based noise source, with a minimum of 256 bits of entropy at least equal to the greatest security strength (according to NIST SP 800-57) of the keys and hashes that it will generate.
Random Bit Generation from Application
FCS_COP.1.1(1) The application perform encryption/decryption in accordance with a specified cryptographic algorithm AES-CBC (as defined in NIST SP 800-38A) mode or AES-GCM (as defined in NIST SP 800-38D) and cryptographic key sizes 256-bit/128-bit.
Cryptographic Operation - Encryption/Decryption
FCS_COP.1.1(2) The application perform cryptographic hashing services not in accordance with FCS_COP.1.1(2) and uses the cryptographic algorithm RC2/RC4/MD4/MD5.
Cryptographic Operation - Hashing
FCS_HTTPS_EXT.1.1 The application implement the HTTPS protocol that complies with RFC 2818.
HTTPS Protocol
FCS_HTTPS_EXT.1.2 The application implement HTTPS using TLS.
HTTPS Protocol
FCS_HTTPS_EXT.1.3 The application notify the user and not establish the connection or request application authorization to establish the connection if the peer certificate is deemed invalid.
HTTPS Protocol
FIA_X509_EXT.1.1 The application invoked platform-provided functionality to validate certificates in accordance with the following rules: ['The certificate path must terminate with a trusted CA certificate'].
X.509 Certificate Validation
FIA_X509_EXT.2.1 The application use X.509v3 certificates as defined by RFC 5280 to support authentication for HTTPS , TLS.
X.509 Certificate Authentication
FPT_TUD_EXT.2.1 The application shall be distributed using the format of the platform-supported package manager.
Integrity for Installation and Update

Code analysis

Information computed with MobSF.

Low
CVSS:7.5
The App logs information. Sensitive information should never be logged.
MASVS: MSTG-STORAGE-3
CWE-532 Insertion of Sensitive Information into Log File
Files:
 defpackage/y4.java
defpackage/ba.java
defpackage/ff.java
defpackage/wn0.java
com/secretcodes/geekyitools/networkutility/frag/IPCalc/HistoryProvider.java
defpackage/pa.java
defpackage/c6.java
defpackage/wk0.java
defpackage/w8.java
defpackage/ig.java
defpackage/oi.java
defpackage/kz.java
com/secretcodes/geekyitools/networkutility/IpTools_Activity.java
defpackage/k4.java
defpackage/o9.java
defpackage/mw.java
defpackage/fg.java
defpackage/fe0.java
defpackage/r9.java
defpackage/sa.java
defpackage/kd.java
defpackage/vc0.java
defpackage/u30.java
defpackage/j2.java
defpackage/t8.java
com/secretcodes/geekyitools/Utility/ConnectivityReceiver.java
defpackage/m2.java
defpackage/a0.java
com/nabinbhandari/android/permissions/PermissionsActivity.java
defpackage/kq0.java
defpackage/dg.java
defpackage/s5.java
defpackage/u00.java
defpackage/sn0.java
com/secretcodes/geekyitools/antispyware/activity/AntivirusScanActivity.java
defpackage/vz.java
defpackage/v61.java
defpackage/q30.java
defpackage/l61.java
defpackage/en0.java
com/secretcodes/geekyitools/antispyware/safe/ScanAppActivity.java
defpackage/mb1.java
defpackage/d61.java
com/secretcodes/geekyitools/whouse/WiFiRouterInfo.java
defpackage/up0.java
defpackage/b5.java
defpackage/pu.java
defpackage/ch.java
defpackage/da.java
com/secretcodes/geekyitools/guide/offline/FavOfflineTutData.java
defpackage/x9.java
defpackage/o1.java
defpackage/rp0.java
defpackage/s20.java
defpackage/c4.java
defpackage/em1.java
defpackage/o20.java
defpackage/of.java
defpackage/xz.java
defpackage/dm0.java
defpackage/nx.java
defpackage/p4.java
defpackage/ka.java
defpackage/z0.java
defpackage/zp0.java
defpackage/i4.java
defpackage/ty.java
defpackage/sd.java
defpackage/x4.java
defpackage/p90.java
defpackage/zc.java
defpackage/pm0.java
defpackage/fd.java
com/secretcodes/geekyitools/whouse/Router_Page.java
defpackage/wm0.java
defpackage/ib0.java
defpackage/i31.java
defpackage/dh.java
defpackage/pe.java
defpackage/k20.java
defpackage/d71.java
defpackage/kl0.java
defpackage/q4.java
defpackage/j7.java
defpackage/ui.java
com/secretcodes/geekyitools/devicetesting/DeviceTestMain.java
defpackage/v00.java
defpackage/ra.java
defpackage/e91.java
defpackage/y3.java
defpackage/g61.java
defpackage/u8.java
defpackage/sd0.java
defpackage/wx.java
defpackage/yi.java
defpackage/qk.java
defpackage/c1.java
defpackage/pf.java
defpackage/ao0.java
defpackage/u71.java
defpackage/oc.java
defpackage/bo0.java
defpackage/e71.java
defpackage/q1.java
defpackage/zr0.java
defpackage/s40.java
defpackage/an.java
com/secretcodes/geekyitools/antispyware/activity/PhoneMonitorActivity.java
defpackage/tj.java
defpackage/qu.java
defpackage/x10.java
defpackage/ay.java
defpackage/v8.java
com/secretcodes/geekyitools/activity/HomeActivity.java
defpackage/mg.java
defpackage/m5.java
defpackage/su.java
defpackage/qa.java
defpackage/ab.java
defpackage/l4.java
com/wang/avi/AVLoadingIndicatorView.java
defpackage/t3.java
defpackage/zx.java
defpackage/a6.java
defpackage/a30.java
defpackage/wd0.java
defpackage/ic.java
defpackage/qm.java
defpackage/q3.java
defpackage/ng.java
defpackage/sp0.java
defpackage/dq0.java
com/secretcodes/geekyitools/antispyware/activity/JunkCleanActivity.java
defpackage/z20.java
defpackage/d2.java
com/secretcodes/geekyitools/antispyware/safe/SignatureScanService.java
defpackage/ae.java
defpackage/jc.java
com/secretcodes/geekyitools/activity/MainActivity.java
defpackage/wi.java
defpackage/b21.java
defpackage/mz.java
defpackage/ov.java
defpackage/oa.java
defpackage/n.java
defpackage/oa1.java
defpackage/og.java
defpackage/va.java
defpackage/nt.java
defpackage/a20.java
defpackage/b6.java
defpackage/fe.java
com/secretcodes/geekyitools/Utility/AdminReceiver.java
defpackage/om.java
defpackage/p9.java
defpackage/r5.java
defpackage/v11.java
defpackage/r8.java
defpackage/x5.java
defpackage/zb.java
defpackage/me.java
defpackage/mn.java
defpackage/il0.java
defpackage/df.java
defpackage/j30.java
defpackage/yl0.java
defpackage/mb.java
defpackage/ru.java
defpackage/m61.java
defpackage/a61.java
defpackage/ze.java
High
CVSS:7.4
MD5 is a weak hash known to have hash collisions.
MASVS: MSTG-CRYPTO-4
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
M5: Insufficient Cryptography
Files:
 defpackage/qc1.java
defpackage/dc1.java
defpackage/le1.java
High
CVSS:7.5
The App uses an insecure Random Number Generator.
MASVS: MSTG-CRYPTO-6
CWE-330 Use of Insufficiently Random Values
M5: Insufficient Cryptography
Files:
 defpackage/vk1.java
defpackage/uw1.java
defpackage/m31.java
defpackage/oc1.java
defpackage/hr1.java
defpackage/y71.java
defpackage/q71.java
defpackage/ak0.java
com/secretcodes/geekyitools/antispyware/activity/StartRepairActivity.java
defpackage/a0.java
defpackage/uu1.java
defpackage/ff1.java
defpackage/bt1.java
defpackage/fo1.java
High
CVSS:5.5
App can read/write to External Storage. Any App can read data written to External Storage.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files:
 defpackage/ca.java
defpackage/zp0.java
com/secretcodes/geekyitools/antispyware/safe/ScanAppActivity.java
com/secretcodes/geekyitools/antispyware/activity/StartRepairActivity.java
Medium
CVSS:4.3
IP Address disclosure
MASVS: MSTG-CODE-2
CWE-200 Information Exposure
Files:
 defpackage/ub1.java
defpackage/wb1.java
defpackage/sl0.java
com/secretcodes/geekyitools/guide/offline/FavOfflineTutData.java
defpackage/wu1.java
defpackage/pb1.java
com/secretcodes/geekyitools/whouse/WiFiRouterInfo.java
defpackage/l31.java
High
CVSS:5.9
SHA-1 is a weak hash known to have hash collisions.
MASVS: MSTG-CRYPTO-4
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
M5: Insufficient Cryptography
Files:
 defpackage/uu1.java
defpackage/dq0.java
Low
CVSS:0
This App copies data to clipboard. Sensitive data should not be copied to clipboard as other applications can access it.
MASVS: MSTG-STORAGE-10
Files:
 defpackage/f51.java
defpackage/zo0.java
defpackage/b41.java
defpackage/v51.java
defpackage/yo0.java
Info
CVSS:0
This App uses SSL certificate pinning to detect or prevent MITM attacks in secure communication channel.
MASVS: MSTG-NETWORK-4
Files:
 defpackage/on1.java
defpackage/ct1.java
High
CVSS:5.5
App creates temp file. Sensitive information should never be written into a temp file.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files:
 defpackage/wi.java
High
CVSS:5.9
App uses SQLite Database and execute raw SQL query. Untrusted user input in raw SQL queries can cause SQL Injection. Also sensitive information should be encrypted and written to the database.
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
M7: Client Code Quality
Files:
 defpackage/mm0.java
defpackage/kq0.java
com/secretcodes/geekyitools/networkutility/frag/IPCalc/HistoryProvider.java
defpackage/e71.java
defpackage/yl0.java
defpackage/t71.java
defpackage/p31.java
High
CVSS:0
This App may request root (Super User) privileges.
MASVS: MSTG-RESILIENCE-1
CWE-250 Execution with Unnecessary Privileges
Files:
 defpackage/fq0.java
Info
CVSS:0
This App may have root detection capabilities.
MASVS: MSTG-RESILIENCE-1
Files:
 defpackage/xn0.java
High
CVSS:7.4
Files may contain hardcoded sensitive informations like usernames, passwords, keys etc.
MASVS: MSTG-STORAGE-14
CWE-312 Cleartext Storage of Sensitive Information
M9: Reverse Engineering
Files:
 defpackage/sl0.java
Pygal Germany: 1500 France: 200 Hong Kong: 200 Ireland: 400 Malaysia: 100 Netherlands: 200 Russian Federation: 100 Singapore: 100 United States: 5100

Map computed by Pithus.

Network analysis

Information computed with MobSF.

High Base config is insecurely configured to permit clear text traffic to all domains.
Scope: ['*']
Medium Base config is configured to trust system certificates.
Scope: ['*']
High Base config is configured to trust user installed certificates.
Scope: ['*']

Domains analysis

Information computed with MobSF.

US www.hcon.in 199.34.228.58
DE filezilla-project.org 49.12.121.47
US www.piriform.com 151.101.12.64
US google.com 142.250.186.46
DE www.ibm.com 23.45.100.209
US www.zaproxy.org 172.67.129.53
US www.kali.org 35.185.44.232
US code.google.com 142.250.185.206
US accounts.google.com 142.250.186.109
IE www.yahoo.com 87.248.100.216
IE www.intruder.io 3.248.8.137
DE www.fakeinbox.com 91.250.86.53
DE www.command.com 23.45.110.181
DE p0f.apponic.com 143.204.215.94
US www.throwawaymail.com 104.26.7.144
am4wuhz3zifexz5u.onion
DE msdn.microsoft.com 88.221.63.39
US securityxploded.com 69.64.94.55
US probely.com 172.67.70.222
DE www.oracle.com 23.45.98.206
US www.social-engineer.org 172.67.97.71
US tlk.io 104.21.25.167
US cain-abel.en.softonic.com 35.227.233.104
US api.ipify.org 54.91.59.199
US beefproject.com 104.21.44.180
DE www.openvas.org 45.135.105.67
US www.immunitysec.com 54.234.255.59
FR www.wampserver.com 31.15.26.4
US www.fakemailgenerator.com 172.67.135.108
DE www.guerrillamail.com 168.119.142.36
US sqlmap.org 185.199.109.153
US downloads.sourceforge.net 204.68.111.105
US icecreamapps.com 108.59.9.105
IE checkip.amazonaws.com 34.254.3.33
US w3af.org 172.67.132.200
US www.webinaria.com 184.164.76.202
NL facebook.com 157.240.236.35
US sqlninja.sourceforge.net 204.68.111.100
US www.websecurify.com 172.67.72.201
US www.wireshark.org 172.67.75.39
US www.arachni-scanner.com 172.67.132.197
US dradisframework.com 162.243.97.37
US goo.gl 142.250.186.78
US www.ettercap-project.org 172.67.194.158
DE www.glasswire.com 143.204.215.98
US camstudio.org 209.59.174.236
HK www.hknic.net.hk 203.119.87.14
US tinytake.com 52.2.198.134
US sites.google.com 142.250.186.46
DE www.metasploit.com 143.204.215.122
US sboxr.com 104.21.19.221
US www.ezvid.com 54.157.4.65
SG topratedseeall.com 148.66.138.103
US 10minutemail.com 172.66.42.230
US www.nagios.org 45.33.126.74
FR www.beyondtrust.com 45.60.65.64
schemas.android.com
US www.acunetix.com 54.208.84.166
US ip-api.com 208.95.112.1
US wiki.owasp.org 104.22.26.77
US play.google.com 172.217.16.142
US www.flexera.com 151.101.14.133
IE portswigger.net 52.49.65.127
US www.macvendorlookup.com 3.141.75.143
US whatismyipaddress.com 104.16.154.36
DE www.extractpdf.com 51.89.96.225
DE www.maltego.com 3.67.234.155
US www.tenable.com 104.16.53.62
US mailinator.com 104.26.1.114
DE www.s4apps.com 217.160.0.11
US mitnickhacks.blogspot.com 142.250.184.193
US www.netsparker.com 3.222.63.62
NL www.facebook.com 157.240.236.35
US www.indusface.com 64.185.181.238
DE www.netsetman.com 85.13.135.165
US spyse.com 104.22.59.132
US www.veracode.com 104.18.1.69
RU www.anonymailer.net 195.128.123.1
US plus.google.com 172.217.18.110
HK hackthistv.com 154.89.79.244
MY emkei.cz 101.99.94.116

URL analysis

Information computed with MobSF.

https://play.google.com/store/apps/details?id=
https://play.google.com/store/apps/dev?id=4749516082998468718
Defined in com/secretcodes/geekyitools/activity/HomeActivity.java
https://play.google.com/store/apps/details?id=
https://play.google.com/store/apps/dev?id=4749516082998468718
Defined in com/secretcodes/geekyitools/activity/HomeActivity.java
https://sites.google.com/view/geekyitools/home
Defined in com/secretcodes/geekyitools/activity/PrivacyPolicyActivity.java
https://play.google.com/store/apps/details?id=
https://play.google.com/store/apps/dev?id=4749516082998468718
Defined in com/secretcodes/geekyitools/activity/MainActivity.java
https://play.google.com/store/apps/details?id=
https://play.google.com/store/apps/dev?id=4749516082998468718
Defined in com/secretcodes/geekyitools/activity/MainActivity.java
https://api.ipify.org/
http://checkip.amazonaws.com/
http://ip-api.com/
Defined in com/secretcodes/geekyitools/whouse/WiFiRouterInfo.java
https://api.ipify.org/
http://checkip.amazonaws.com/
http://ip-api.com/
Defined in com/secretcodes/geekyitools/whouse/WiFiRouterInfo.java
https://api.ipify.org/
http://checkip.amazonaws.com/
http://ip-api.com/
Defined in com/secretcodes/geekyitools/whouse/WiFiRouterInfo.java
http://facebook.com)
www.command.com
https://www.piriform.com/recuva/download
http://172.32.15.110:8080.
https://icecreamapps.com/Download-Screen-Recorder/
http://camstudio.org/
https://www.ezvid.com/download
http://www.webinaria.com/record.php
https://tinytake.com/
http://hackthistv.com/eviltwin.zip
http://am4wuhz3zifexz5u.onion/
http://downloads.sourceforge.net/project/ubuntuzilla/mozilla/apt
http://www.wampserver.com/en/
https://www.facebook.com/whitehat/
http://www.netsetman.com/en/freeware#nsmdl
http://securityxploded.com
https://accounts.google.com/signin/recovery
http://whatismyipaddress.com/
http://www.extractpdf.com/
https://filezilla-project.org/download.php?show_all=1
https://code.google.com/p/killkeys/
http://msdn.microsoft.com/en-us/library/dd375731(VS.85).aspx
https://google.com/history
https://portswigger.net/buy/
http://localhost
https://www.glasswire.com/
http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html
http://10minutemail.com/
https://emkei.cz/
www.fakemailgenerator.com/
http://www.throwawaymail.com/
www.fakeinbox.com/
https://mailinator.com/
http://www.anonymailer.net/
https://www.guerrillamail.com/
Defined in com/secretcodes/geekyitools/guide/offline/FavOfflineTutData.java