0/64

Threat

com.samsung.android.SettingsReceiver

Settings

Analyzed on 2022-05-05T01:05:58.394527

32

permissions

0

activities

1

services

14

receivers

0

domains

File sums

MD5 86a1f203efb8f83e5580ad1d515fb02f
SHA1 bc728820d0fd0ad05d4f0f5b6916e441ebd34e1f
SHA256 c80bb0d7cd666ffa7710d9f658b17df8de891910f86785e553822785fc08f09e
Size 0.09MB

APKiD

Information computed with APKiD.

SSdeep

Information computed with ssdeep.

APK file 1536:QmYwjxUPoW7AFzd0jSbKUo3ztsOmrwDljuHu+qlAKcgA:swKljSb63ztsKjuxt/7
Manifest 384:gggSG0omo3AsLmtYWQoi3N5yO2ckH/V7mqllZ3HhhjWY/HTpEIR1+a/vZ3YHzUmb:…

Dexofuzzy

Information computed with Dexofuzzy.

APK details

Information computed with AndroGuard and Pithus.

Package com.samsung.android.SettingsReceiver
App name Settings
Version name 9
Version code 28
SDK 28 - 28
UAID d0fe7d9d0cd791c73b600ca916faec40955f89cf
Signature Signature V1 Signature V2
Frosting Not frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown

Certificate details

Information computed with AndroGuard.

MD5 d087e72912fba064cafa78dc34aea839
SHA1 9ca5170f381919dfe0446fcdab18b19a143b3163
SHA256 34df0e7a9f1cf1892e45c056b4973cd81ccf148a4050d11aea4ac5a65f900a42
Issuer Email Address: android.os@samsung.com, Common Name: Samsung Cert, Organizational Unit: DMC, Organization: Samsung Corporation, Locality: Suwon City, State/Province: South Korea, Country: KR
Not before 2011-06-22T12:25:12+00:00
Not after 2038-11-07T12:25:12+00:00

File Analysis

Information computed with MobSF.

Findings Files
Certificate/Key files hardcoded inside the app. SEC-INF/buildConfirm.crt

Manifest analysis

Information computed with MobSF.

Medium Application Data can be Backed up[android:allowBackup] flag is missing.
The flag [android:allowBackup] should be set to false. By default it is set to true and allows anyone to backup your application data via adb. It allows users who have enabled USB debugging to copy application data off of the device.
High Broadcast Receiver (SettingsIntentReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Broadcast Receiver (AccountReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Broadcast Receiver (.RetailModeReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Broadcast Receiver (.CpaReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
Low Broadcast Receiver (SettingsIntentReceiver$UPlusSettingsIntentReceiver) is Protected by a permission.
Permission: com.sec.permission.UPLUS_SETTINGS
protectionLevel: signature[android:exported=true]
A Broadcast Receiver is found to be exported, but is protected by permission.
High Broadcast Receiver (.LockAppShortcutReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
Low Broadcast Receiver (.IrisReceiver) is Protected by a permission.
Permission: com.samsung.android.permission.IRIS_WEB_SIGNIN
protectionLevel: signature[android:exported=true]
A Broadcast Receiver is found to be exported, but is protected by permission.
High Broadcast Receiver (.BiometricsReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Broadcast Receiver (com.samsung.android.SettingsReceiver.autopoweronoff.AutoPowerOnOffReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Service (com.samsung.android.SettingsReceiver.NetworkStateJobService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (.net.DataUsageReminderReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
Low Broadcast Receiver (.SendLastLocationReceiver) is Protected by a permission.
Permission: com.samsung.android.permission.LASTLOCATION_SETTINGS
protectionLevel: signature[android:exported=true]
A Broadcast Receiver is found to be exported, but is protected by permission.
High Broadcast Receiver (.FindMyMobileSettingsReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
Low Broadcast Receiver (.FingerGestureSpayReceiver) is Protected by a permission.
Permission: com.samsung.android.permission.FINGERGESTURE_SPAY_SETTINGS
protectionLevel: signature[android:exported=true]
A Broadcast Receiver is found to be exported, but is protected by permission.
High Broadcast Receiver (com.samsung.android.SettingsReceiver.KnoxPrivacyNoticeReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.samsung.android.knox.permission.KNOX_LICENSE_INTERNAL [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.

Receivers

Information computed with AndroGuard.

com.samsung.android.SettingsReceiver.SettingsIntentReceiver
com.samsung.android.SettingsReceiver.AccountReceiver
com.samsung.android.SettingsReceiver.RetailModeReceiver
com.samsung.android.SettingsReceiver.CpaReceiver
com.samsung.android.SettingsReceiver.SettingsIntentReceiver$UPlusSettingsIntentReceiver
com.samsung.android.SettingsReceiver.LockAppShortcutReceiver
com.samsung.android.SettingsReceiver.IrisReceiver
com.samsung.android.SettingsReceiver.BiometricsReceiver
com.samsung.android.SettingsReceiver.autopoweronoff.AutoPowerOnOffReceiver
com.samsung.android.SettingsReceiver.net.DataUsageReminderReceiver
com.samsung.android.SettingsReceiver.SendLastLocationReceiver
com.samsung.android.SettingsReceiver.FindMyMobileSettingsReceiver
com.samsung.android.SettingsReceiver.FingerGestureSpayReceiver
com.samsung.android.SettingsReceiver.KnoxPrivacyNoticeReceiver

Services

Information computed with AndroGuard.

com.samsung.android.SettingsReceiver.NetworkStateJobService

Sample timeline

Oldest file found in APK Jan. 1, 2009, midnight
Latest file found in APK Jan. 1, 2009, midnight
Certificate valid not before June 22, 2011, 12:25 p.m.
First submission on VT Sept. 22, 2020, 11:01 a.m.
Last submission on VT Sept. 22, 2020, 11:01 a.m.
Upload on Pithus May 5, 2022, 1:05 a.m.
Certificate valid not after Nov. 7, 2038, 12:25 p.m.

NIAP analysis

Information computed with MobSF.

FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['bluetooth', 'network connectivity'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to no sensitive information repositories.
Access to Platform Resources
FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Network Communications
FDP_DAR_EXT.1.1 The application does not encrypt files in non-volatile memory.
Encryption Of Sensitive Application Data
FTP_DIT_EXT.1.1 The application does not encrypt any data in traffic or does not transmit any data between itself and another trusted IT product.
Protection of Data in Transit

Permissions analysis

Information computed with MobSF.

High android.permission.WRITE_EXTERNAL_STORAGE read/modify/delete external storage contents
Allows an application to write to external storage.
High android.permission.READ_EXTERNAL_STORAGE read external storage contents
Allows an application to read from external storage.
High android.permission.WRITE_SETTINGS modify global system settings
Allows an application to modify the system's settings data. Malicious applications can corrupt your system's configuration.
Low android.permission.BLUETOOTH create Bluetooth connections
Allows applications to connect to paired bluetooth devices.
Low android.permission.BLUETOOTH_ADMIN bluetooth administration
Allows applications to discover and pair bluetooth devices.
Low android.permission.MODIFY_AUDIO_SETTINGS change your audio settings
Allows application to modify global audio settings, such as volume and routing.
Low android.permission.ACCESS_NETWORK_STATE view network status
Allows an application to view the status of all networks.
Low android.permission.INTERNET full Internet access
Allows an application to create network sockets.
Low android.permission.RECEIVE_BOOT_COMPLETED automatically start at boot
Allows an application to start itself as soon as the system has finished booting. This can make it take longer to start the phone and allow the application to slow down the overall phone by always running.
Low android.permission.KILL_BACKGROUND_PROCESSES kill background processes
Allows an application to kill background processes of other applications, even if memory is not low.
Medium android.permission.COPY_PROTECTED_DATA Allows to invoke default container service to copy content. Not for use by common applications.
Allows to invoke default container service to copy content. Not for use by common applications.
Medium android.permission.FORCE_STOP_PACKAGES force-stop other applications
Allows an application to stop other applications forcibly.
Medium android.permission.WRITE_SECURE_SETTINGS modify secure system settings
Allows an application to modify the system's secure settings data. Not for use by common applications.
Medium android.permission.BLUETOOTH_PRIVILEGED Allows applications to pair bluetooth devices without user interaction, and to allow or disallow phonebook access or message access. This is not available to third party applications.
Medium android.permission.ACCESS_CHECKIN_PROPERTIES access check-in properties
Allows read/write access to properties uploaded by the check-in service. Not for use by common applications.
Medium android.permission.STATUS_BAR disable or modify status bar
Allows application to disable the status bar or add and remove system icons.
android.permission.MANAGE_USB Unknown permission
Unknown permission from android reference
android.permission.INTERACT_ACROSS_USERS_FULL Unknown permission
Unknown permission from android reference
android.permission.ACCESS_NOTIFICATIONS Unknown permission
Unknown permission from android reference
android.permission.WRITE_INTERNAL_STORAGE Unknown permission
Unknown permission from android reference
android.permission.CONNECTIVITY_INTERNAL Unknown permission
Unknown permission from android reference
com.sec.settings.accessibility.permission.TOGGLE_TALK_BACK Unknown permission
Unknown permission from android reference
com.samsung.android.internal.intelligence.useranalysis.permission.READ_PLACE Unknown permission
Unknown permission from android reference
com.samsung.android.internal.intelligence.useranalysis.permission.WRITE_PLACE Unknown permission
Unknown permission from android reference
com.samsung.android.providers.context.permission.WRITE_USE_APP_FEATURE_SURVEY Unknown permission
Unknown permission from android reference
com.sec.permission.UPLUS_SETTINGS Unknown permission
Unknown permission from android reference
com.samsung.permission.HOME_TRIPLE_CLICK Unknown permission
Unknown permission from android reference
com.samsung.permission.DIRECT_ACCESS Unknown permission
Unknown permission from android reference
com.sec.permission.AssistiveLight_ONOFF Unknown permission
Unknown permission from android reference
kr.co.rightbrain.RetailMode.permission.READ Unknown permission
Unknown permission from android reference
com.osp.app.signin.BROADCAST_PERMISSION Unknown permission
Unknown permission from android reference
android.permission.MANAGE_ACTIVITY_STACKS Unknown permission
Unknown permission from android reference

Threat analysis

Information computed with Quark-Engine.

Control flow graphs analysis

Information computed by Pithus.