Low Risk

Threat level

com.tilks.arscmerge

AntiSplit-G2

Analyzed on 2021-07-13T14:22:32.243308

2

permissions

4

activities

2

services

0

receivers

0

domains

File sums

MD5 aaba42cb814fd8ace90a72718d98b745
SHA1 92c3bc4e9580573602aae48f7fab169b2fbe0845
SHA256 c0e818d9b43f3eb78172122fbd14b012438192c55855a5b88ccd2c698a7a7d5f
Size 1.39MB

APKiD

Information computed with APKiD.

/tmp/tmp_vnfor4z
packer
  • Jiagu
/tmp/tmp_vnfor4z!classes.dex
compiler
  • dexlib 2.x

SSdeep

Information computed with ssdeep.

APK file 24576:WrCZx+/1lkyjbIdBUFccnFBc2xFhP3KDrQ/x9JJU/qxGcd7FFMNlczjNJgT:WrF/fjDz3cyhPaD0/vJJOqh7FKbQjLk
Manifest 96:MxVNdfiXcOSmDN3gir3IL+yWi/2n1Xm22CO7llth:MOXSANgir++yWiG1uCOdh
classes.dex 3072:t2TdBpM8iXyNrhqCU6x3sh5r3JqHH0BRs6Bh+4O:gfpM8AbZU8D8UkihxO

Dexofuzzy

Information computed with Dexofuzzy.

APK file 6:RWm3KnK56PikiEE8GtVm0fFUUlzUFJVn4XofdQV/AprGzOXMaK0m3lvkFT5OsJgK:RW…
classes.dex 6:RWm3KnK56PikiEE8GtVm0fFUUlzUFJVn4XofdQV/AprGzOXMaK0m3lvkFT5OsJgK:RW…

APK details

Information computed with AndroGuard and Pithus.

Package com.tilks.arscmerge
App name AntiSplit-G2
Version name 1.3
Version code 1
SDK 21 - 29
UAID 3df27bb91ff782f75db9d5be1285cda3bd09c8a7
Signature Signature V1 Signature V2
Frosting Not frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown
  • 0x42726577: Verity padding

Certificate details

Information computed with AndroGuard.

MD5 814dae99d9251482ae12f678dd50edbb
SHA1 d1b23213e1fed0ad1b92ca36c257ed04f86c8cfa
SHA256 4c8a6e9effab16eb737647cc4b052473f7363f0d8f5a2d64c9cc6b155da780c9
Issuer Common Name: FuckUltima, Organizational Unit: FuckUltima, Country: GB
Not before 2021-06-18T13:40:12+00:00
Not after 2046-06-12T13:40:12+00:00

File Analysis

Information computed with MobSF.

Findings Files
Certificate/Key files hardcoded inside the app. assets/.appkey

Manifest analysis

Information computed with MobSF.

Medium Application Data can be Backed up[android:allowBackup=true]
This flag allows anyone to backup your application data via adb. It allows users who have enabled USB debugging to copy application data off of the device.

Main Activity

Information computed with AndroGuard.

['com.tilks.arsc.main.MainActivity', 'com.tilks.arsc.main.SettingsActivity', 'com.nabinbhandari.android.permissions.PermissionsActivity', 'com.tilks.apkmirror.MainActivity']

Activities

Information computed with AndroGuard.

com.tilks.arsc.main.MainActivity
com.tilks.arsc.main.SettingsActivity
com.nabinbhandari.android.permissions.PermissionsActivity
com.tilks.apkmirror.MainActivity

Services

Information computed with AndroGuard.

com.tilks.arsc.main.MergeService
com.tilks.apkmirror.MergeService

NIAP analysis

Information computed with MobSF.

FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to no hardware resources.
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to no sensitive information repositories.
Access to Platform Resources
FDP_NET_EXT.1.1 The application has no network communications.
Network Communications
FDP_DAR_EXT.1.1 The application does not encrypt files in non-volatile memory.
Encryption Of Sensitive Application Data
FTP_DIT_EXT.1.1 The application does not encrypt any data in traffic or does not transmit any data between itself and another trusted IT product.
Protection of Data in Transit

Permissions analysis

Information computed with MobSF.

High android.permission.READ_EXTERNAL_STORAGE read external storage contents
Allows an application to read from external storage.
High android.permission.WRITE_EXTERNAL_STORAGE read/modify/delete external storage contents
Allows an application to write to external storage.

Threat analysis

Information computed with Quark-Engine.

Confidence:
100%
Read file from assets directory
Confidence:
100%
Method reflection
Confidence:
80%
Read data and put it into a buffer stream
Confidence:
80%
Read file and put it into a stream
Confidence:
80%
Open a file from given absolute path of the file
Confidence:
80%
Get absolute path of the file and store in string

Behavior analysis

Information computed with MobSF.

Java reflection
       com/qihoo/util/c.java
com/stub/StubApp.java
Loading native code (shared library)
       com/stub/StubApp.java

Control flow graphs analysis

Information computed by Pithus.