Malicious
10
/63

Threat

com.szabh.sma_new.universal

Smart Time

Analyzed on 2021-07-09T15:06:34.104561

32

permissions

71

activities

9

services

5

receivers

15

domains

File sums

MD5 0752056f0960783a9665cc68a05eb631
SHA1 47e5dc1d4f858f4bb5c2382eed18dc379082c250
SHA256 ce6de7b1df203649998297aef695543a50fe7001c6f7887f11065e5383749c6e
Size 33.36MB

APKiD

Information computed with APKiD.

/tmp/tmpjao7y0oy
packer
  • Jiagu
/tmp/tmpjao7y0oy!classes.dex
compiler
  • dexlib 2.x

SSdeep

Information computed with ssdeep.

APK file 393216:/FT9HuVxe8o+LEQ9WUt3uOh3ZtKYNjuTESRdFSRhr2nnwkxyl+gWuSXwsm:NpWto38WM3Xvi4SSDkgl1Sw
Manifest 768:sjSt3Y3nOevmCy6eUz7GHGhPLoO+SKGXtOOA7moEprlPP5ThB9hHCY1Vcm860QTS:…
classes.dex 98304:bfsT0adckTHnyyAqVgCdcsti2FYA/g0zuSkZzs/VkP7+cqJrYdND:rs3PAqOCdl…

Dexofuzzy

Information computed with Dexofuzzy.

APK file 6:RWm3KnK56PikiEE8GtVm0fFUUlzYfdQV/AprGzOovyqXEATmJtfGRrKbmeLHKT5I:RW…
classes.dex 6:RWm3KnK56PikiEE8GtVm0fFUUlzYfdQV/AprGzOovyqXEATmJtfGRrKbmeLHKT5I:RW…

APK details

Information computed with AndroGuard and Pithus.

Package com.szabh.sma_new.universal
App name Smart Time
Version name 1.4.5.7
Version code 1457
SDK 19 - 29
UAID eba5bd0b6139ae22ee67705754fc0ad5e0d30414
Signature Signature V1 Signature V2
Frosting Not frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown
  • 0x42726577: Verity padding

Certificate details

Information computed with AndroGuard.

MD5 fb814910c79e74b3e9a1e158049b5fbd
SHA1 da1c3f7d5df12611788c947252e4320346438970
SHA256 22f1cfbef897405e5de13d0e86d42e939b8de7c0789025eb9d2d26b8cda54083
Issuer Common Name: sma, Organizational Unit: smalife, Organization: sma, Locality: shenzhen, State/Province: guandong, Country: 86
Not before 2015-06-10T10:27:09+00:00
Not after 2045-06-02T10:27:09+00:00

File Analysis

Information computed with MobSF.

Findings Files
Certificate/Key files hardcoded inside the app. assets/.appkey
assets/geo_global_ca.cer
okhttp3/internal/publicsuffix/NOTICE
Findings Files
Hardcoded Keystore found. assets/adcom.bks

Manifest analysis

Information computed with MobSF.

Low App has a Network Security Configuration[android:networkSecurityConfig=@xml/network_security_config]
The Network Security Configuration feature lets apps customize their network security settings in a safe, declarative configuration file without modifying app code. These settings can be configured for specific domains and for a specific app.
High Activity (com.szabh.sma_new.universal.wxapi.WXEntryActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Launch Mode of Activity (com.szabh.sma_new.activity.MainActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Service (com.bestmafen.smablelib.server.MyNotificationService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_NOTIFICATION_LISTENER_SERVICE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (com.szabh.sma_new.receiver.BleReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Broadcast Receiver (com.sma.androidthirdpartylogin.wechat.WeChatRegister) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.tencent.mm.plugin.permission.SEND [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.facebook.CustomTabActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Launch Mode of Activity (com.tencent.tauth.AuthActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Activity (com.tencent.tauth.AuthActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Service (com.blankj.utilcode.util.MessengerUtils$ServerService) is not Protected.An intent-filter exists.
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Service is explicitly exported.
High Broadcast Receiver (com.abupdate.iot_libs.receiver.UpgradeReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Service (com.abupdate.iot_libs.service.JobSchedulerService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.google.android.gms.auth.api.signin.RevocationBoundService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.google.android.gms.auth.api.signin.permission.REVOCATION_NOTIFICATION [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (com.facebook.CampaignTrackingReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.INSTALL_PACKAGES [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.sina.weibo.sdk.share.WbShareResultActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Launch Mode of Activity (com.sina.weibo.sdk.share.WbShareToStoryActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
Medium High Intent Priority (2147483647)[android:priority]
By setting an intent priority higher than another intent, the app effectively overrides other requests.

Browsable activities

Information computed with MobSF.

com.facebook.CustomTabActivity

Schemes: @string/fb_login_protocol_scheme://

com.tencent.tauth.AuthActivity

Schemes: @string/qq_id://

Main Activity

Information computed with AndroGuard.

['com.szabh.sma_new.universal.wxapi.WXEntryActivity', 'com.szabh.sma_new.activity.LauncherActivity', 'com.szabh.sma_new.activity.GuideActivity', 'com.szabh.sma_new.activity.StartActivity', 'com.szabh.sma_new.activity.LoginActivity', 'com.szabh.sma_new.activity.RegisterActivity', 'com.szabh.sma_new.activity.ResetPwdActivity', 'com.szabh.sma_new.activity.MyInfoActivity', 'com.szabh.sma_new.activity.MainActivity', 'com.szabh.sma_new.activity.SportDetailActivity', 'com.szabh.sma_new.activity.ExerciseRecordActivity', 'com.szabh.sma_new.activity.ExerciseRecordActivity2', 'com.szabh.sma_new.activity.ExerciseRecordActivityB2', 'com.szabh.sma_new.activity.TrackerActivity', 'com.szabh.sma_new.activity.HeartDetailActivity', 'com.szabh.sma_new.activity.BloodPressureDetailActivity', 'com.szabh.sma_new.activity.SleepDetailActivity', 'com.szabh.sma_new.activity.RestingHeartActivity', 'com.szabh.sma_new.activity.ProductListActivity', 'com.szabh.sma_new.activity.BindActivity', 'com.szabh.sma_new.activity.FirmwareUpdateActivity', 'com.szabh.sma_new.activity.FirmwareUpdateMActivity', 'com.szabh.sma_new.activity.FirmwareUpdateGoodixActivity', 'com.szabh.sma_new.activity.FirmwareUpdate2Activity', 'com.szabh.sma_new.dfu.DfuNotificationActivity', 'com.szabh.sma_new.activity.SedentarinessActivity', 'com.szabh.sma_new.activity.AlarmListActivity', 'com.szabh.sma_new.activity.AlarmSettingsActivity', 'com.szabh.sma_new.activity.HeartRateSettingsActivity', 'com.szabh.sma_new.camera.CameraActivity', 'com.szabh.sma_new.activity.ViewPhotoActivity', 'com.szabh.sma_new.activity.ViewPhotoActivity2', 'com.szabh.sma_new.activity.WatchFaceActivity', 'com.szabh.sma_new.activity.NotificationSettingsActivity', 'com.szabh.sma_new.activity.PersonalSettingsActivity', 'com.szabh.sma_new.activity.ExerciseGoalActivity', 'com.szabh.sma_new.activity.MoreSettingsActivity', 'com.szabh.sma_new.activity.ChangePwdActivity', 'com.szabh.sma_new.activity.FeedBackActivity', 'com.szabh.sma_new.activity.AboutUsActivity', 'com.szabh.sma_new.activity.FirmwareFixProductsActivity', 'com.szabh.sma_new.activity.FirmwareFixActivity', 'com.szabh.sma_new.activity.FirmwareFixDevicesActivity', 'com.szabh.sma_new.activity.UsageHelpActivity', 'com.szabh.sma_new.activity.SyncTimeActivity', 'com.szabh.sma_new.activity.DeviceLightSetActivity', 'com.szabh.sma_new.activity.PrivacyPolicyActivity', 'com.szabh.sma_new.activity.AbyxDeviceGuideActivity', 'com.szabh.sma_new.activity.AppPrivacyPolicy', 'com.szabh.sma_new.activity.AboutDataActivity', 'com.szabh.sma_new.activity.DataSyncActivity', 'com.szabh.sma_new.activity.UnBindWarnActivity', 'com.szabh.sma_new.activity.UpdateCompletedActivity', 'com.szabh.sma_new.activity.TrackerInfoActivity', 'com.szabh.sma_new.activity.NewStartActivity', 'com.szabh.sma_new.activity.HealthCareSetActivity', 'com.szabh.sma_new.activity.PrivacyInfoActivity', 'com.szabh.sma_new.activity.ContactUsActivity', 'me.zheteng.countrycodeselector.CountryCodeSelectorActivity', 'com.facebook.FacebookActivity', 'com.facebook.CustomTabActivity', 'com.tencent.tauth.AuthActivity', 'com.tencent.connect.common.AssistActivity', 'com.facebook.CustomTabMainActivity', 'com.blankj.utilcode.util.Utils$TransActivity', 'com.google.android.gms.auth.api.signin.internal.SignInHubActivity', 'com.google.android.gms.common.api.GoogleApiActivity', 'com.sina.weibo.sdk.web.WeiboSdkWebActivity', 'com.sina.weibo.sdk.share.WbShareResultActivity', 'com.sina.weibo.sdk.share.WbShareTransActivity', 'com.sina.weibo.sdk.share.WbShareToStoryActivity']

Activities

Information computed with AndroGuard.

com.szabh.sma_new.universal.wxapi.WXEntryActivity
com.szabh.sma_new.activity.LauncherActivity
com.szabh.sma_new.activity.GuideActivity
com.szabh.sma_new.activity.StartActivity
com.szabh.sma_new.activity.LoginActivity
com.szabh.sma_new.activity.RegisterActivity
com.szabh.sma_new.activity.ResetPwdActivity
com.szabh.sma_new.activity.MyInfoActivity
com.szabh.sma_new.activity.MainActivity
com.szabh.sma_new.activity.SportDetailActivity
com.szabh.sma_new.activity.ExerciseRecordActivity
com.szabh.sma_new.activity.ExerciseRecordActivity2
com.szabh.sma_new.activity.ExerciseRecordActivityB2
com.szabh.sma_new.activity.TrackerActivity
com.szabh.sma_new.activity.HeartDetailActivity
com.szabh.sma_new.activity.BloodPressureDetailActivity
com.szabh.sma_new.activity.SleepDetailActivity
com.szabh.sma_new.activity.RestingHeartActivity
com.szabh.sma_new.activity.ProductListActivity
com.szabh.sma_new.activity.BindActivity
com.szabh.sma_new.activity.FirmwareUpdateActivity
com.szabh.sma_new.activity.FirmwareUpdateMActivity
com.szabh.sma_new.activity.FirmwareUpdateGoodixActivity
com.szabh.sma_new.activity.FirmwareUpdate2Activity
com.szabh.sma_new.dfu.DfuNotificationActivity
com.szabh.sma_new.activity.SedentarinessActivity
com.szabh.sma_new.activity.AlarmListActivity
com.szabh.sma_new.activity.AlarmSettingsActivity
com.szabh.sma_new.activity.HeartRateSettingsActivity
com.szabh.sma_new.camera.CameraActivity
com.szabh.sma_new.activity.ViewPhotoActivity
com.szabh.sma_new.activity.ViewPhotoActivity2
com.szabh.sma_new.activity.WatchFaceActivity
com.szabh.sma_new.activity.NotificationSettingsActivity
com.szabh.sma_new.activity.PersonalSettingsActivity
com.szabh.sma_new.activity.ExerciseGoalActivity
com.szabh.sma_new.activity.MoreSettingsActivity
com.szabh.sma_new.activity.ChangePwdActivity
com.szabh.sma_new.activity.FeedBackActivity
com.szabh.sma_new.activity.AboutUsActivity
com.szabh.sma_new.activity.FirmwareFixProductsActivity
com.szabh.sma_new.activity.FirmwareFixActivity
com.szabh.sma_new.activity.FirmwareFixDevicesActivity
com.szabh.sma_new.activity.UsageHelpActivity
com.szabh.sma_new.activity.SyncTimeActivity
com.szabh.sma_new.activity.DeviceLightSetActivity
com.szabh.sma_new.activity.PrivacyPolicyActivity
com.szabh.sma_new.activity.AbyxDeviceGuideActivity
com.szabh.sma_new.activity.AppPrivacyPolicy
com.szabh.sma_new.activity.AboutDataActivity
com.szabh.sma_new.activity.DataSyncActivity
com.szabh.sma_new.activity.UnBindWarnActivity
com.szabh.sma_new.activity.UpdateCompletedActivity
com.szabh.sma_new.activity.TrackerInfoActivity
com.szabh.sma_new.activity.NewStartActivity
com.szabh.sma_new.activity.HealthCareSetActivity
com.szabh.sma_new.activity.PrivacyInfoActivity
com.szabh.sma_new.activity.ContactUsActivity
me.zheteng.countrycodeselector.CountryCodeSelectorActivity
com.facebook.FacebookActivity
com.facebook.CustomTabActivity
com.tencent.tauth.AuthActivity
com.tencent.connect.common.AssistActivity
com.facebook.CustomTabMainActivity
com.blankj.utilcode.util.Utils$TransActivity
com.google.android.gms.auth.api.signin.internal.SignInHubActivity
com.google.android.gms.common.api.GoogleApiActivity
com.sina.weibo.sdk.web.WeiboSdkWebActivity
com.sina.weibo.sdk.share.WbShareResultActivity
com.sina.weibo.sdk.share.WbShareTransActivity
com.sina.weibo.sdk.share.WbShareToStoryActivity

Receivers

Information computed with AndroGuard.

com.szabh.sma_new.receiver.BleReceiver
com.sma.androidthirdpartylogin.wechat.WeChatRegister
com.abupdate.iot_libs.receiver.UpgradeReceiver
com.facebook.CurrentAccessTokenExpirationBroadcastReceiver
com.facebook.CampaignTrackingReceiver

Services

Information computed with AndroGuard.

com.szabh.sma_new.service.SmaService
com.szabh.sma_new.dfu.DfuService
com.bestmafen.smablelib.server.MyNotificationService
com.baidu.location.f
com.blankj.utilcode.util.MessengerUtils$ServerService
com.abupdate.iot_libs.service.JobSchedulerService
com.abupdate.iot_libs.service.OtaService
com.google.android.gms.auth.api.signin.RevocationBoundService
com.abupdate.mqtt_libs.mqtt_service.MqttService

Sample timeline

Certificate valid not before June 10, 2015, 10:27 a.m.
Latest file found in APK Dec. 15, 2020, 7:48 p.m.
First submission on VT Dec. 28, 2020, 2:32 p.m.
Last submission on VT April 9, 2021, 9:19 p.m.
Upload on Pithus July 9, 2021, 3:06 p.m.
Certificate valid not after June 2, 2045, 10:27 a.m.

VirusTotal

Score 10/63
Report https://www.virustotal.com/gui/file/ce6de7b1df203649998297aef695543a50fe7001c6f7887f11065e5383749c6e/detection

Most Popular AV Detections

Provided by VirusTotal

Threat name: java Identified 2 times
Threat name: jiagu Identified 2 times
Threat name: uselvfq21 Identified 2 times

NIAP analysis

Information computed with MobSF.

FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['bluetooth', 'camera', 'network connectivity', 'location'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to ['call lists', 'address book'].
Access to Platform Resources
FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Network Communications
FDP_DAR_EXT.1.1 The application does not encrypt files in non-volatile memory.
Encryption Of Sensitive Application Data
FTP_DIT_EXT.1.1 The application does not encrypt any data in traffic or does not transmit any data between itself and another trusted IT product.
Protection of Data in Transit
Pygal China: 800 Germany: 100 Hong Kong: 300 Italy: 100 Singapore: 200

Map computed by Pithus.

Network analysis

Information computed with MobSF.

High Base config is insecurely configured to permit clear text traffic to all domains.
Scope: ['*']

Domains analysis

Information computed with MobSF.

CN newvector.map.baidu.com 14.215.177.115
CN v.map.baidu.com 112.34.116.1
SG www.aliyun.com 47.88.251.186
HK client.map.baidu.com 103.235.47.88
CN mapoffdownload.bdstatic.com 123.235.30.47
HK www.smawatch.cn 47.52.240.233
CN itsmap3.baidu.com 180.97.33.101
SG www.smawatch.com 154.85.59.169
CN sv.map.baidu.com 112.34.116.10
DE vectormap0.bdimg.com 185.10.104.115
CN newclient.map.baidu.com 182.61.200.57
HK api.map.baidu.com 103.235.46.245
CN indoorsearch.map.baidu.com 117.185.16.233
IT www.cellularline.com 194.185.33.41
CN offmap2.baidu.com 116.114.98.35

URL analysis

Information computed with MobSF.

http://www.cellularline.com/xc_en/about-us/
http://www.smawatch.com/Store/
http://www.smawatch.com/page263/
https://www.aliyun.com/.
https://www.smawatch.com/page262
http://www.smawatch.cn/APP/SMART-TIME/privacy.htm
http://www.smawatch.cn/APP/PrivacyPolicy
https://www.aliyun.com/
http://www.cellularline.com/xc_fr/about-us/
http://www.cellularline.com/xc_es/about-us/
http://www.cellularline.com/it_it/about-us/
https://www.cellularline.com/en/chi-siamo
Defined in Android String Resource
http://client.map.baidu.com/imap/sdk/tj?qt=vmap
http://api.map.baidu.com/sdkproxy/lbs_androidsdk/statistics/v1/
https://newclient.map.baidu.com/client/
https://client.map.baidu.com/
https://v.map.baidu.com/low/
https://v.map.baidu.com/indoorinside/
https://v.map.baidu.com/high/
https://newclient.map.baidu.com/pic/newvector/
https://newvector.map.baidu.com/
https://vectormap0.bdimg.com/vecdata/
https://newclient.map.baidu.com/its/
https://itsmap3.baidu.com/
https://newclient.map.baidu.com/pic/starpic/
http://api.map.baidu.com/sdkws/heatmap?
https://sv.map.baidu.com
https://sv.map.baidu.com/
https://client.map.baidu.com/offline-search/?
https://offmap2.baidu.com/offline-search/?
https://mapoffdownload.bdstatic.com/
https://newvector.map.baidu.com/grid_vc/
https://newvector.map.baidu.com/travel_vc/
https://newvector.map.baidu.com/inst_grid/
https://indoorsearch.map.baidu.com/is/
http://client.map.baidu.com/?qt=rg&mmproxyver=1&url=
Defined in lib/armeabi-v7a/libBaiduMapSDK_map_v6_3_0.so
http://client.map.baidu.com/imap/sdk/tj?qt=vmap
http://api.map.baidu.com/sdkproxy/lbs_androidsdk/statistics/v1/
https://newclient.map.baidu.com/client/
https://client.map.baidu.com/
https://v.map.baidu.com/low/
https://v.map.baidu.com/indoorinside/
https://v.map.baidu.com/high/
https://newclient.map.baidu.com/pic/newvector/
https://newvector.map.baidu.com/
https://vectormap0.bdimg.com/vecdata/
https://newclient.map.baidu.com/its/
https://itsmap3.baidu.com/
https://newclient.map.baidu.com/pic/starpic/
http://api.map.baidu.com/sdkws/heatmap?
https://sv.map.baidu.com
https://sv.map.baidu.com/
https://client.map.baidu.com/offline-search/?
https://offmap2.baidu.com/offline-search/?
https://mapoffdownload.bdstatic.com/
https://newvector.map.baidu.com/grid_vc/
https://newvector.map.baidu.com/travel_vc/
https://newvector.map.baidu.com/inst_grid/
https://indoorsearch.map.baidu.com/is/
http://client.map.baidu.com/?qt=rg&mmproxyver=1&url=
Defined in lib/armeabi/libBaiduMapSDK_map_v6_3_0.so
http://client.map.baidu.com/imap/sdk/tj?qt=vmap
http://api.map.baidu.com/sdkproxy/lbs_androidsdk/statistics/v1/
https://newclient.map.baidu.com/client/
https://client.map.baidu.com/
https://v.map.baidu.com/low/
https://v.map.baidu.com/indoorinside/
https://v.map.baidu.com/high/
https://newclient.map.baidu.com/pic/newvector/
https://newvector.map.baidu.com/
https://vectormap0.bdimg.com/vecdata/
https://newclient.map.baidu.com/its/
https://itsmap3.baidu.com/
https://newclient.map.baidu.com/pic/starpic/
http://api.map.baidu.com/sdkws/heatmap?
https://sv.map.baidu.com
https://sv.map.baidu.com/
https://client.map.baidu.com/offline-search/?
https://offmap2.baidu.com/offline-search/?
https://mapoffdownload.bdstatic.com/
https://newvector.map.baidu.com/grid_vc/
https://newvector.map.baidu.com/travel_vc/
https://newvector.map.baidu.com/inst_grid/
https://indoorsearch.map.baidu.com/is/
http://client.map.baidu.com/?qt=rg&mmproxyver=1&url=
Defined in lib/arm64-v8a/libBaiduMapSDK_map_v6_3_0.so

Permissions analysis

Information computed with MobSF.

High android.permission.READ_PHONE_STATE read phone state and identity
Allows the application to access the phone features of the device. An application with this permission can determine the phone number and serial number of this phone, whether a call is active, the number that call is connected to and so on.
High android.permission.WRITE_EXTERNAL_STORAGE read/modify/delete external storage contents
Allows an application to write to external storage.
High android.permission.READ_EXTERNAL_STORAGE read external storage contents
Allows an application to read from external storage.
High android.permission.CALL_PHONE directly call phone numbers
Allows the application to call phone numbers without your intervention. Malicious applications may cause unexpected calls on your phone bill. Note that this does not allow the application to call emergency numbers.
High android.permission.READ_CALL_LOG Allows an application to read the user's call log.
High android.permission.ACCESS_FINE_LOCATION fine (GPS) location
Access fine location sources, such as the Global Positioning System on the phone, where available. Malicious applications can use this to determine where you are and may consume additional battery power.
High android.permission.ACCESS_COARSE_LOCATION coarse (network-based) location
Access coarse location sources, such as the mobile network database, to determine an approximate phone location, where available. Malicious applications can use this to determine approximately where you are.
High android.permission.GET_TASKS retrieve running applications
Allows application to retrieve information about currently and recently running tasks. May allow malicious applications to discover private information about other applications.
High android.permission.SYSTEM_ALERT_WINDOW display system-level alerts
Allows an application to show system-alert windows. Malicious applications can take over the entire screen of the phone.
High android.permission.GET_ACCOUNTS list accounts
Allows access to the list of accounts in the Accounts Service.
High android.permission.USE_CREDENTIALS use the authentication credentials of an account
Allows an application to request authentication tokens.
High android.permission.MANAGE_ACCOUNTS manage the accounts list
Allows an application to perform operations like adding and removing accounts and deleting their password.
High android.permission.CAMERA take pictures and videos
Allows application to take pictures and videos with the camera. This allows the application to collect images that the camera is seeing at any time.
High android.permission.READ_CONTACTS read contact data
Allows an application to read all of the contact (address) data stored on your phone. Malicious applications can use this to send your data to other people.
High android.permission.RECEIVE_SMS receive SMS
Allows application to receive and process SMS messages. Malicious applications may monitor your messages or delete them without showing them to you.
High android.permission.READ_SMS read SMS or MMS
Allows application to read SMS messages stored on your phone or SIM card. Malicious applications may read your confidential messages.
Low android.permission.CHANGE_WIFI_STATE change Wi-Fi status
Allows an application to connect to and disconnect from Wi-Fi access points and to make changes to configured Wi-Fi networks.
Low android.permission.CHANGE_NETWORK_STATE change network connectivity
Allows applications to change network connectivity state.
Low android.permission.ACCESS_NETWORK_STATE view network status
Allows an application to view the status of all networks.
Low android.permission.ACCESS_WIFI_STATE view Wi-Fi status
Allows an application to view the information about the status of Wi-Fi.
Low android.permission.INTERNET full Internet access
Allows an application to create network sockets.
Low android.permission.BLUETOOTH create Bluetooth connections
Allows applications to connect to paired bluetooth devices.
Low android.permission.BLUETOOTH_ADMIN bluetooth administration
Allows applications to discover and pair bluetooth devices.
Low android.permission.MODIFY_AUDIO_SETTINGS change your audio settings
Allows application to modify global audio settings, such as volume and routing.
Low android.permission.VIBRATE control vibrator
Allows the application to control the vibrator.
Low android.permission.RECEIVE_BOOT_COMPLETED automatically start at boot
Allows an application to start itself as soon as the system has finished booting. This can make it take longer to start the phone and allow the application to slow down the overall phone by always running.
Low android.permission.ACCESS_LOCATION_EXTRA_COMMANDS access extra location provider commands
Access extra location provider commands. Malicious applications could use this to interfere with the operation of the GPS or other location sources.
Low android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS Permission an application must hold in order to use Settings.ACTION_REQUEST_IGNORE_BATTERY_OPTIMIZATIONS.
Low android.permission.FOREGROUND_SERVICE Allows a regular application to use Service.startForeground
Low android.permission.WAKE_LOCK prevent phone from sleeping
Allows an application to prevent the phone from going to sleep.
android.permission.RECOVERY Unknown permission
Unknown permission from android reference
permissions.com.abupdate.fota.update Unknown permission
Unknown permission from android reference

Threat analysis

Information computed with Quark-Engine.

Confidence:
100%
Read file from assets directory
Confidence:
100%
Method reflection
Confidence:
80%
Read data and put it into a buffer stream
Confidence:
80%
Read file and put it into a stream
Confidence:
80%
Open a file from given absolute path of the file
Confidence:
80%
Get absolute path of the file and store in string

Behavior analysis

Information computed with MobSF.

Java reflection
       com/qihoo/util/c.java
com/stub/StubApp.java
Load and manipulate dex files
       com/stub/StubApp.java
Loading native code (shared library)
       com/stub/StubApp.java