Pithus report for Settings - com.samsung.android.SettingsReceiver

File sums

MD5	`86a1f203efb8f83e5580ad1d515fb02f`
SHA1	`bc728820d0fd0ad05d4f0f5b6916e441ebd34e1f`
SHA256	`c80bb0d7cd666ffa7710d9f658b17df8de891910f86785e553822785fc08f09e`
Size	`0.09MB`

APKiD

Information computed with APKiD.

SSdeep

Information computed with ssdeep.

APK file	`1536:QmYwjxUPoW7AFzd0jSbKUo3ztsOmrwDljuHu+qlAKcgA:swKljSb63ztsKjuxt/7`
Manifest	`384:gggSG0omo3AsLmtYWQoi3N5yO2ckH/V7mqllZ3HhhjWY/HTpEIR1+a/vZ3YHzUmb:…`

Dexofuzzy

Information computed with Dexofuzzy.

APK details

Information computed with AndroGuard and Pithus.

Package	`com.samsung.android.SettingsReceiver`
App name	`Settings`
Version name	`9`
Version code	`28`
SDK	`28` - `28`
UAID	`d0fe7d9d0cd791c73b600ca916faec40955f89cf`
Signature	Signature V1 Signature V2
Frosting	Not frosted Blocks found within V2 signature: `0x7109871a`: Unknown

Certificate details

Information computed with AndroGuard.

MD5	`d087e72912fba064cafa78dc34aea839`
SHA1	`9ca5170f381919dfe0446fcdab18b19a143b3163`
SHA256	`34df0e7a9f1cf1892e45c056b4973cd81ccf148a4050d11aea4ac5a65f900a42`
Issuer	`Email Address: android.os@samsung.com, Common Name: Samsung Cert, Organizational Unit: DMC, Organization: Samsung Corporation, Locality: Suwon City, State/Province: South Korea, Country: KR`
Not before	`2011-06-22T12:25:12+00:00`
Not after	`2038-11-07T12:25:12+00:00`

File Analysis

Information computed with MobSF.

Findings	Files
Certificate/Key files hardcoded inside the app.	`SEC-INF/buildConfirm.crt`

Manifest analysis

Information computed with MobSF.

Medium	Application Data can be Backed up[android:allowBackup] flag is missing. The flag [android:allowBackup] should be set to false. By default it is set to true and allows anyone to backup your application data via adb. It allows users who have enabled USB debugging to copy application data off of the device.
High	Broadcast Receiver (SettingsIntentReceiver) is not Protected.An intent-filter exists. A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High	Broadcast Receiver (AccountReceiver) is not Protected.An intent-filter exists. A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High	Broadcast Receiver (.RetailModeReceiver) is not Protected.An intent-filter exists. A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High	Broadcast Receiver (.CpaReceiver) is not Protected.An intent-filter exists. A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
Low	Broadcast Receiver (SettingsIntentReceiver$UPlusSettingsIntentReceiver) is Protected by a permission. Permission: com.sec.permission.UPLUS_SETTINGS protectionLevel: signature[android:exported=true] A Broadcast Receiver is found to be exported, but is protected by permission.
High	Broadcast Receiver (.LockAppShortcutReceiver) is not Protected.An intent-filter exists. A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
Low	Broadcast Receiver (.IrisReceiver) is Protected by a permission. Permission: com.samsung.android.permission.IRIS_WEB_SIGNIN protectionLevel: signature[android:exported=true] A Broadcast Receiver is found to be exported, but is protected by permission.
High	Broadcast Receiver (.BiometricsReceiver) is not Protected.An intent-filter exists. A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High	Broadcast Receiver (com.samsung.android.SettingsReceiver.autopoweronoff.AutoPowerOnOffReceiver) is not Protected.An intent-filter exists. A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High	Service (com.samsung.android.SettingsReceiver.NetworkStateJobService) is Protected by a permission, but the protection level of the permission should be checked. Permission: android.permission.BIND_JOB_SERVICE [android:exported=true] A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High	Broadcast Receiver (.net.DataUsageReminderReceiver) is not Protected.An intent-filter exists. A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
Low	Broadcast Receiver (.SendLastLocationReceiver) is Protected by a permission. Permission: com.samsung.android.permission.LASTLOCATION_SETTINGS protectionLevel: signature[android:exported=true] A Broadcast Receiver is found to be exported, but is protected by permission.
High	Broadcast Receiver (.FindMyMobileSettingsReceiver) is not Protected.An intent-filter exists. A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
Low	Broadcast Receiver (.FingerGestureSpayReceiver) is Protected by a permission. Permission: com.samsung.android.permission.FINGERGESTURE_SPAY_SETTINGS protectionLevel: signature[android:exported=true] A Broadcast Receiver is found to be exported, but is protected by permission.
High	Broadcast Receiver (com.samsung.android.SettingsReceiver.KnoxPrivacyNoticeReceiver) is Protected by a permission, but the protection level of the permission should be checked. Permission: com.samsung.android.knox.permission.KNOX_LICENSE_INTERNAL [android:exported=true] A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.

Receivers

Information computed with AndroGuard.

com.samsung.android.SettingsReceiver.SettingsIntentReceiver
com.samsung.android.SettingsReceiver.AccountReceiver
com.samsung.android.SettingsReceiver.RetailModeReceiver
com.samsung.android.SettingsReceiver.CpaReceiver
com.samsung.android.SettingsReceiver.SettingsIntentReceiver$UPlusSettingsIntentReceiver
com.samsung.android.SettingsReceiver.LockAppShortcutReceiver
com.samsung.android.SettingsReceiver.IrisReceiver
com.samsung.android.SettingsReceiver.BiometricsReceiver
com.samsung.android.SettingsReceiver.autopoweronoff.AutoPowerOnOffReceiver
com.samsung.android.SettingsReceiver.net.DataUsageReminderReceiver
com.samsung.android.SettingsReceiver.SendLastLocationReceiver
com.samsung.android.SettingsReceiver.FindMyMobileSettingsReceiver
com.samsung.android.SettingsReceiver.FingerGestureSpayReceiver
com.samsung.android.SettingsReceiver.KnoxPrivacyNoticeReceiver

Services

Information computed with AndroGuard.

com.samsung.android.SettingsReceiver.NetworkStateJobService

Sample timeline

Oldest file found in APK	Jan. 1, 2009, midnight
Latest file found in APK	Jan. 1, 2009, midnight
Certificate valid not before	June 22, 2011, 12:25 p.m.
First submission on VT	Sept. 22, 2020, 11:01 a.m.
Last submission on VT	Sept. 22, 2020, 11:01 a.m.
Upload on Pithus	May 5, 2022, 1:05 a.m.
Certificate valid not after	Nov. 7, 2038, 12:25 p.m.

VirusTotal

Score	0/64
Report	https://www.virustotal.com/gui/file/c80bb0d7cd666ffa7710d9f658b17df8de891910f86785e553822785fc08f09e/detection

NIAP analysis

Information computed with MobSF.

FCS_STO_EXT.1.1	The application does not store any credentials to non-volatile memory. Storage of Credentials
FCS_CKM_EXT.1.1	The application generate no asymmetric cryptographic keys. Cryptographic Key Generation Services
FDP_DEC_EXT.1.1	The application has access to ['bluetooth', 'network connectivity']. Access to Platform Resources
FDP_DEC_EXT.1.2	The application has access to no sensitive information repositories. Access to Platform Resources
FDP_NET_EXT.1.1	The application has user/application initiated network communications. Network Communications
FDP_DAR_EXT.1.1	The application does not encrypt files in non-volatile memory. Encryption Of Sensitive Application Data
FTP_DIT_EXT.1.1	The application does not encrypt any data in traffic or does not transmit any data between itself and another trusted IT product. Protection of Data in Transit

Permissions analysis

Information computed with MobSF.

High	`android.permission.WRITE_EXTERNAL_STORAGE`	read/modify/delete external storage contents Allows an application to write to external storage.
High	`android.permission.READ_EXTERNAL_STORAGE`	read external storage contents Allows an application to read from external storage.
High	`android.permission.WRITE_SETTINGS`	modify global system settings Allows an application to modify the system's settings data. Malicious applications can corrupt your system's configuration.
Low	`android.permission.BLUETOOTH`	create Bluetooth connections Allows applications to connect to paired bluetooth devices.
Low	`android.permission.BLUETOOTH_ADMIN`	bluetooth administration Allows applications to discover and pair bluetooth devices.
Low	`android.permission.MODIFY_AUDIO_SETTINGS`	change your audio settings Allows application to modify global audio settings, such as volume and routing.
Low	`android.permission.ACCESS_NETWORK_STATE`	view network status Allows an application to view the status of all networks.
Low	`android.permission.INTERNET`	full Internet access Allows an application to create network sockets.
Low	`android.permission.RECEIVE_BOOT_COMPLETED`	automatically start at boot Allows an application to start itself as soon as the system has finished booting. This can make it take longer to start the phone and allow the application to slow down the overall phone by always running.
Low	`android.permission.KILL_BACKGROUND_PROCESSES`	kill background processes Allows an application to kill background processes of other applications, even if memory is not low.
Medium	`android.permission.COPY_PROTECTED_DATA`	Allows to invoke default container service to copy content. Not for use by common applications. Allows to invoke default container service to copy content. Not for use by common applications.
Medium	`android.permission.FORCE_STOP_PACKAGES`	force-stop other applications Allows an application to stop other applications forcibly.
Medium	`android.permission.WRITE_SECURE_SETTINGS`	modify secure system settings Allows an application to modify the system's secure settings data. Not for use by common applications.
Medium	`android.permission.BLUETOOTH_PRIVILEGED`	Allows applications to pair bluetooth devices without user interaction, and to allow or disallow phonebook access or message access. This is not available to third party applications.
Medium	`android.permission.ACCESS_CHECKIN_PROPERTIES`	access check-in properties Allows read/write access to properties uploaded by the check-in service. Not for use by common applications.
Medium	`android.permission.STATUS_BAR`	disable or modify status bar Allows application to disable the status bar or add and remove system icons.
	`android.permission.MANAGE_USB`	Unknown permission Unknown permission from android reference
	`android.permission.INTERACT_ACROSS_USERS_FULL`	Unknown permission Unknown permission from android reference
	`android.permission.ACCESS_NOTIFICATIONS`	Unknown permission Unknown permission from android reference
	`android.permission.WRITE_INTERNAL_STORAGE`	Unknown permission Unknown permission from android reference
	`android.permission.CONNECTIVITY_INTERNAL`	Unknown permission Unknown permission from android reference
	`com.sec.settings.accessibility.permission.TOGGLE_TALK_BACK`	Unknown permission Unknown permission from android reference
	`com.samsung.android.internal.intelligence.useranalysis.permission.READ_PLACE`	Unknown permission Unknown permission from android reference
	`com.samsung.android.internal.intelligence.useranalysis.permission.WRITE_PLACE`	Unknown permission Unknown permission from android reference
	`com.samsung.android.providers.context.permission.WRITE_USE_APP_FEATURE_SURVEY`	Unknown permission Unknown permission from android reference
	`com.sec.permission.UPLUS_SETTINGS`	Unknown permission Unknown permission from android reference
	`com.samsung.permission.HOME_TRIPLE_CLICK`	Unknown permission Unknown permission from android reference
	`com.samsung.permission.DIRECT_ACCESS`	Unknown permission Unknown permission from android reference
	`com.sec.permission.AssistiveLight_ONOFF`	Unknown permission Unknown permission from android reference
	`kr.co.rightbrain.RetailMode.permission.READ`	Unknown permission Unknown permission from android reference
	`com.osp.app.signin.BROADCAST_PERMISSION`	Unknown permission Unknown permission from android reference
	`android.permission.MANAGE_ACTIVITY_STACKS`	Unknown permission Unknown permission from android reference

Threat analysis

Information computed with Quark-Engine.

Control flow graphs analysis

Information computed by Pithus.

com.samsung.android.SettingsReceiver

Settings

32

permissions

0

activities

1

services

14

receivers

0

domains

File sums

APKiD

SSdeep

Dexofuzzy

APK details

Certificate details

File Analysis

Manifest analysis

Receivers

Services

Sample timeline

VirusTotal

NIAP analysis

Permissions analysis

Threat analysis

Control flow graphs analysis