0/61

Threat

com.meizu.powersave

Power Saving Mode

Analyzed on 2022-05-14T18:01:46.821164

19

permissions

1

activities

1

services

0

receivers

0

domains

File sums

MD5 f3b9e525c6bad281f4190711f3185a8b
SHA1 e63ad243a6cf5f7ace842f19f775059671198b6f
SHA256 ab3b1e36dcb862f9c9d5d53c239d2cecf4efbf551774a99096c2149609e4ec8f
Size 0.15MB

APKiD

Information computed with APKiD.

/tmp/tmpkeck1hjc!classes.dex
compiler
  • dx

SSdeep

Information computed with ssdeep.

APK file 1536:tooAAioBd/slZfqvuK1rk0C3Q/yiyWUbqTX5xMzhSv9/fJgeAo5h0tMFE3UDPJ:tDlBd/slZwOWUb6X5xuhCd15agEErJ
Manifest 96:YHKNhyYPgScuyDNPw++jBxHjG1sE3tsaHVXq3J3y6ylYkTrb2oOfPdRpreueNrSb:Y…
classes.dex 768:SIQCZ6wVCnERIIXsOJBmUOajAX+pJj3jbKcC3AnE1694r41YHeQZ/ttIDW+yk0:PD…

Dexofuzzy

Information computed with Dexofuzzy.

APK file 48:AjlQOt9hbnzk7wB8lKLcxqT+if7LIJGbKlhiGDxO4ct53H1zKiFo8LcGn:ABlU8gxq…
classes.dex 48:AjlQOt9hbnzk7wB8lKLcxqT+if7LIJGbKlhiGDxO4ct53H1zKiFo8LcGn:ABlU8gxq…

APK details

Information computed with AndroGuard and Pithus.

Package com.meizu.powersave
App name Power Saving Mode
Version name 7.0.0-2018073109
Version code 7000000
SDK 20 - 25
UAID 9585f868a72cac83ffdaf373f61ca49e6fc0ac10
Signature Signature V1
Frosting Not frosted

Certificate details

Information computed with AndroGuard.

MD5 1c44d05f494a1c2dc6cbcbac9c92ecfd
SHA1 62e45913d032f80956b627ed68069934f37e7f35
SHA256 94153299d67ab1b37a39ed5fe17e893df87084fb129077be51863bcbd9132336
Issuer Email Address: m9@meizu.com, Common Name: m9, Organizational Unit: Meizu, Organization: Meizu, Locality: ZhuHai View, State/Province: GuangZhou, Country: CN
Not before 2010-11-27T09:09:19+00:00
Not after 2038-04-14T09:09:19+00:00

Manifest analysis

Information computed with MobSF.

High Launch Mode of Activity (com.meizu.powersave.PowerSaveMode) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
Medium High Intent Priority (1000)[android:priority]
By setting an intent priority higher than another intent, the app effectively overrides other requests.

Activities

Information computed with AndroGuard.

com.meizu.powersave.PowerSaveMode

Services

Information computed with AndroGuard.

com.meizu.powersave.NotificationListenerService

Sample timeline

Oldest file found in APK Nov. 27, 2010, 2:09 a.m.
Latest file found in APK Nov. 27, 2010, 2:09 a.m.
Certificate valid not before Nov. 27, 2010, 9:09 a.m.
First submission on VT Jan. 28, 2021, 2:51 a.m.
Last submission on VT Jan. 28, 2021, 2:51 a.m.
Upload on Pithus May 14, 2022, 6:01 p.m.
Certificate valid not after April 14, 2038, 9:09 a.m.

NIAP analysis

Information computed with MobSF.

FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['network connectivity'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to ['call lists', 'address book'].
Access to Platform Resources
FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Network Communications
FDP_DAR_EXT.1.1 The application does not encrypt files in non-volatile memory.
Encryption Of Sensitive Application Data
FMT_MEC_EXT.1.1 The application invoke the mechanisms recommended by the platform vendor for storing and setting configuration options.
Supported Configuration Mechanism
FTP_DIT_EXT.1.1 The application does not encrypt any data in traffic or does not transmit any data between itself and another trusted IT product.
Protection of Data in Transit

Code analysis

Information computed with MobSF.

Low
CVSS:7.5
The App logs information. Sensitive information should never be logged.
MASVS: MSTG-STORAGE-3
CWE-532 Insertion of Sensitive Information into Log File
Files:
 com/meizu/powersave/a/a.java
com/meizu/powersave/PowerSaveMode.java
com/meizu/powersave/DigitalClockAndWeatherForLauncherScreen.java
com/meizu/powersave/NotificationListenerService.java
com/meizu/powersave/ui/AODBatteryView.java
com/meizu/powersave/a/b.java

Permissions analysis

Information computed with MobSF.

High android.permission.READ_CALL_LOG Allows an application to read the user's call log.
High android.permission.READ_PHONE_STATE read phone state and identity
Allows the application to access the phone features of the device. An application with this permission can determine the phone number and serial number of this phone, whether a call is active, the number that call is connected to and so on.
High android.permission.READ_CONTACTS read contact data
Allows an application to read all of the contact (address) data stored on your phone. Malicious applications can use this to send your data to other people.
High android.permission.SYSTEM_ALERT_WINDOW display system-level alerts
Allows an application to show system-alert windows. Malicious applications can take over the entire screen of the phone.
High android.permission.READ_SMS read SMS or MMS
Allows application to read SMS messages stored on your phone or SIM card. Malicious applications may read your confidential messages.
High android.permission.WRITE_SETTINGS modify global system settings
Allows an application to modify the system's settings data. Malicious applications can corrupt your system's configuration.
High android.permission.READ_EXTERNAL_STORAGE read external storage contents
Allows an application to read from external storage.
High android.permission.WRITE_EXTERNAL_STORAGE read/modify/delete external storage contents
Allows an application to write to external storage.
Low android.permission.EXPAND_STATUS_BAR expand/collapse status bar
Allows application to expand or collapse the status bar.
Low android.permission.INTERNET full Internet access
Allows an application to create network sockets.
Medium android.permission.SET_PREFERRED_APPLICATIONS set preferred applications
Allows an application to modify your preferred applications. This can allow malicious applications to silently change the applications that are run, spoofing your existing applications to collect private data from you.
Medium android.permission.STATUS_BAR_SERVICE status bar
Allows the application to be the status bar.
Medium android.permission.STATUS_BAR disable or modify status bar
Allows application to disable the status bar or add and remove system icons.
Medium android.permission.WRITE_SECURE_SETTINGS modify secure system settings
Allows an application to modify the system's secure settings data. Not for use by common applications.
android.permission.GET_INTENT_SENDER_INTENT Unknown permission
Unknown permission from android reference
android.permission.WRITE_MEDIA_STORAGE Unknown permission
Unknown permission from android reference
android.permission.START_ANY_ACTIVITY Unknown permission
Unknown permission from android reference
android.permission.INTERACT_ACROSS_USERS_FULL Unknown permission
Unknown permission from android reference
com.meizu.battery.provider.permission Unknown permission
Unknown permission from android reference

Threat analysis

Information computed with Quark-Engine.

Confidence:
100%
Find a method from given class name, usually for reflection
Confidence:
100%
Method reflection
Confidence:
100%
Read sensitive data(SMS, CALLLOG, etc)
Confidence:
100%
Monitor the broadcast action events (BOOT_COMPLETED)
Confidence:
100%
Get calendar information
Confidence:
100%
Method reflection
Confidence:
100%
Initialize class object dynamically

Behavior analysis

Information computed with MobSF.

Get system service
       com/meizu/powersave/a/a.java
Inter process communication
       com/meizu/powersave/a/a.java
com/meizu/powersave/PowerSaveMode.java
com/a/a/a/a.java
com/meizu/powersave/DigitalClockAndWeatherForLauncherScreen.java
com/meizu/powersave/NotificationListenerService.java
com/meizu/powersave/c.java
Java reflection
       com/meizu/powersave/a/a.java
com/meizu/powersave/PowerSaveMode.java
Local file i/o operations
       com/meizu/powersave/a/c.java
Sending broadcast
       com/meizu/powersave/PowerSaveMode.java
Starting activity
       com/meizu/powersave/PowerSaveMode.java
Starting service
       com/meizu/powersave/PowerSaveMode.java

Control flow graphs analysis

Information computed by Pithus.

The application probably starts another application