Low Risk

Threat level

com.roya.shandong

移动社区

Analyzed on 2021-10-18T03:28:03.089374

70

permissions

198

activities

14

services

6

receivers

3

domains

File sums

MD5 a3915f4126a593bd36b0bed7f6714396
SHA1 e018d1bf27b83ae39f53ee6534d5a7cc3faba2f3
SHA256 cedce5b2eace19a8993b0326a3fbf4d0eed6a8503c639eb8004c69496ff5299c
Size 33.82MB

APKiD

Information computed with APKiD.

/tmp/tmpsxtkisi8
packer
  • Jiagu
/tmp/tmpsxtkisi8!classes.dex
obfuscator
  • unreadable field names
  • unreadable method names
compiler
  • dexlib 2.x

SSdeep

Information computed with ssdeep.

APK file 786432:cPWvQiugImKCqinH7StU3NhcYuC4PPiWBKpvelZIwCPOCEF:cPWvPu9iH2O3NB8XgF2SRUF
Manifest 768:cepXS6KTY3YzBotosy/QKbkUhoOirY9ZGMAVSDpNQXUU3WRlZhOJZ0wg387AnB3l:…
classes.dex 98304:nuaMu/ROMBEuSduQ05Ev/JCYj10Hp2cmt1UbGNiM51MkjWmEQU5kQF945mgn:nu…

Dexofuzzy

Information computed with Dexofuzzy.

APK file 6:i6Wm3KnK56PikiEE8GtVm0fFUUlzYfdQV/AprGzOovyqXEATmJtxMmeL5xtCKT5I:VW…
classes.dex 6:i6Wm3KnK56PikiEE8GtVm0fFUUlzYfdQV/AprGzOovyqXEATmJtxMmeL5xtCKT5I:VW…

APK details

Information computed with AndroGuard and Pithus.

Package com.roya.shandong
App name 移动社区
Version name 2.9.0
Version code 760
SDK 16 - 23
UAID 99e7b1e94068f56610e8afd62a9dc3278379ce38
Signature Signature V1 Signature V2
Frosting Not frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown
  • 0x42726577: Verity padding

Certificate details

Information computed with AndroGuard.

MD5 cc4b7be1d78e9cf989b4d940b8604c0c
SHA1 21dacc36774f2c9095023eda1bb628820dca47d5
SHA256 e7e71a8ff87808fe38578147325c3c8c2f5a8faa19214d0433d3111345855616
Issuer Common Name: SDYD
Not before 2016-07-11T13:44:18+00:00
Not after 2116-06-17T13:44:18+00:00

File Analysis

Information computed with MobSF.

Findings Files
Certificate/Key files hardcoded inside the app. assets/.appkey
com/sina/weibo/sdk/net/cacert_cn.cer
com/sina/weibo/sdk/net/cacert_com.cer

Manifest analysis

Information computed with MobSF.

High Launch Mode of Activity (com.roya.shandong.ui.im.home.homePage.HomeWorkTabActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (com.roya.shandong.mail.MailEditActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Broadcast Receiver (com.roya.shandong.mail.reciver.EmailReciver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.roya.shandong.permission.toYDSQActivity
protectionLevel: normal [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission. However, the protection level of the permission is set to normal. This means that a malicious application can request and obtain the permission and interact with the component. If it was set to signature, only applications signed with the same certificate could obtain the permission.
High Launch Mode of Activity (com.roya.shandong.ui.main.HomeTabHostAcitivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Broadcast Receiver (com.roya.shandong.phonestate.PhoneAboutService$PhoneStateReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Launch Mode of Activity (com.roya.shandong.ui.im.workCircle.WorkCircleActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (com.roya.shandong.ui.theother.MoreActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (com.roya.shandong.ui.im.mypwd.GesturesInActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Activity (com.roya.shandong.ui.im.MessageByShareActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.roya.shandong.ui.im.workCircle.PostTalkByShareActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.roya.shandong.netty.service.PushAlarmReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: oem.permission.SENDMAIL [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Launch Mode of Activity (com.roya.shandong.ui.im.serverno.ServiceNoIMActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (com.roya.shandong.ui.im.serverno.ServiceNoDetailActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Activity (com.roya.shandong.ui.setting.ShareInfoActivity) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.roya.shandong.permission.toYDSQActivity
protectionLevel: normal [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission. However, the protection level of the permission is set to normal. This means that a malicious application can request and obtain the permission and interact with the component. If it was set to signature, only applications signed with the same certificate could obtain the permission.
High Service (com.baidu.location.f) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BAIDU_LOCATION_SERVICE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Launch Mode of Activity (com.roya.shandong.LoadResActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (com.roya.shandong.ui.im.workplatform.AppSearchActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Broadcast Receiver (com.roya.shandong.ui.im.workplatform.fragment.CompleteReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Launch Mode of Activity (com.roya.shandong.ui.im.TransferGroupManagerActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (com.roya.shandong.ui.im.GroupManagerSettingActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (com.roya.shandong.ui.im.AddAdministratorActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (com.roya.shandong.androidrn.RNReceiveActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (com.roya.library_tbs.webviewcontainer.ContainerBrowserActivity1) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (com.roya.library_tbs.webviewcontainer.ContainerBrowserActivity2) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (com.roya.library_tbs.webviewcontainer.ContainerBrowserActivity3) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (com.roya.library_tbs.webviewcontainer.ContainerBrowserActivity4) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (com.roya.library_tbs.webviewcontainer.ContainerBrowserActivity5) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Launch Mode of Activity (com.roya.library_tbs.view.MyBrowserActivity) is not standard.
An Activity should not be having the launch mode attribute set to "singleTask/singleInstance" as it becomes root Activity and it is possible for other applications to read the contents of the calling Intent. So it is required to use the "standard" launch mode attribute when sensitive information is included in an Intent.
High Service (com.nisc.api.NtlsVpnService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_VPN_SERVICE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
Medium High Intent Priority (1000)[android:priority]
By setting an intent priority higher than another intent, the app effectively overrides other requests.

Browsable activities

Information computed with MobSF.

com.roya.shandong.ui.theother.EnterpriseCutscenesActivity

Hosts: message_private_url_ydsq

Schemes: linkclick://

com.roya.shandong.ui.setting.ShareInfoActivity

Hosts: vwt.data

Schemes: sharevwt://

com.roya.library_tbs.view.MyBrowserActivity

Hosts: message_private_url

Schemes: linkclick://

Main Activity

Information computed with AndroGuard. 

com.roya.shandong.ui.theother.EnterpriseCutscenesActivity

Activities

Information computed with AndroGuard. 

com.roya.shandong.ui.address.AddressMainActivity
com.roya.shandong.ui.address.AddressSearchActivity
com.roya.shandong.ui.im.home.homePage.HomeWorkTabActivity
com.roya.shandong.ui.address.selector.AddressMainSelectorActivity
com.roya.shandong.ui.address.selector.AddressSelectCorpActivity
com.roya.shandong.ui.im.GuideActivity
com.roya.shandong.mail.MailFirstActivity
com.roya.shandong.mail.MailActivity
com.roya.shandong.mail.MailSettingActivity
com.roya.shandong.mail.MailBoundActivity
com.roya.shandong.mail.MailSetupActivity
com.roya.shandong.mail.DailyContactsActivity
com.roya.shandong.mail.MailEditActivity
com.roya.shandong.mail.MailBoundOtherActivity
com.roya.shandong.mail.MailSearchActivity
com.roya.shandong.mail.MailContentActivity
com.roya.shandong.mail.MailConstactsActivity
com.roya.shandong.mail.MailAddConstact
com.roya.shandong.LoginActivity
com.roya.shandong.ui.LoadingDialogActivity
com.roya.shandong.ui.password.CodeLoginActivity
com.roya.shandong.ui.password.VerifyCodeActivity
com.roya.shandong.ui.password.SmsCodeActivity
com.roya.shandong.ui.password.JudgeIsLoginOrRegist
com.roya.shandong.ui.password.VerifyPhoneNumActivity
com.roya.shandong.ui.main.HomeTabHostAcitivity
com.roya.shandong.ui.theother.TestActivity
com.roya.shandong.ui.im.ValidatePCLoginActivity
com.roya.shandong.ui.im.IMMainActivity
com.roya.shandong.ui.im.IMDetailActivity
com.roya.shandong.ui.im.IMConfigActivity
com.roya.shandong.ui.im.SetChatBgActivity
com.roya.shandong.ui.im.GroupDetailSetting
com.roya.shandong.ui.im.ChangeGroupNameActivity
com.roya.shandong.ui.im.SelectChatBackground
com.roya.shandong.ui.im.FindChatActivity
com.roya.shandong.ui.im.FindChatItemActivity
com.roya.shandong.ui.im.TwoDimensionalBarCodeActivity
com.roya.shandong.ui.im.IMLocationActivity
com.roya.shandong.ui.im.IMLocation2Activity
com.roya.shandong.ui.address.weixin.WeixinAddressActivity
com.roya.shandong.ui.address.weixin.WeixinDetailsActivity
com.roya.shandong.ui.address.weixin.WeixinSMAPDetailsActivity
com.roya.shandong.ui.address.weixin.WeixinSelectorAddressActivity
com.roya.shandong.ui.address.selector.TaskSelectAddressActivity
com.roya.shandong.ui.address.weixin.WeixinImGroupSelectorActivity
com.roya.shandong.ui.address.weixin.WeixinExtendsSelectActivity
com.roya.shandong.ui.im.workCircle.ShowMultiImageActivity
com.roya.shandong.ui.im.workCircle.MultiImageFolderActivity
com.roya.shandong.ui.im.operate.IMShowImageActivity
com.roya.shandong.ui.setting.AboutActivity
com.roya.shandong.ui.im.videoRecorder.VideoRecorderActivity
com.roya.shandong.ui.im.workCircle.PostTalkActivity
com.roya.shandong.ui.im.workCircle.PostTalkPhotoDetailActivity
com.roya.shandong.ui.theother.NoTroubleActivity
com.roya.shandong.ui.im.work.WorkMainActivity
com.roya.shandong.ui.im.workCircle.WorkCircleActivity
com.roya.shandong.ui.im.workCircle.PersonalWorkCircleActivity
com.roya.shandong.ui.im.workCircle.imageWatch.ImagePagerActivity
com.roya.shandong.ui.im.operate.IMShowImageSendActivity
com.roya.shandong.ui.theother.MoreActivity
com.roya.shandong.ui.theother.EnterpriseCutscenesActivity
com.roya.shandong.ui.theother.FestivalActivity
com.roya.shandong.ui.setting.MeActivity
com.roya.shandong.ui.theother.MyFeedBackActivity
com.roya.shandong.ui.setting.MeApplicationAddActivity
com.roya.shandong.ui.setting.MeCustomerManagerActivity
com.roya.shandong.ui.setting.BusinessInfoActivity
com.roya.shandong.ui.setting.BusinessInfoDetailActivity
com.roya.shandong.ui.setting.RequestionAndAnswerActivity
com.roya.shandong.ui.theother.RevisePasswordActivity
com.roya.shandong.ui.im.operate.IMShowVideoActivity
com.roya.shandong.ui.applicationSequare.ApplicationSquareActivity
com.roya.shandong.ui.im.workCircle.WorkShowImageActivity
com.roya.shandong.ui.im.workCircle.WorkShowAllImageActivity
com.roya.shandong.ui.im.file.FileSelectActivity
com.roya.shandong.ui.im.file.FileSelectFirstActivity
com.roya.shandong.ui.im.file.RecentFileSelectActivity
com.roya.shandong.ui.im.operate.IMFilePreviewActivity
com.roya.shandong.ui.applicationSequare.more.AppDetailActivity
com.roya.shandong.ui.im.announcement.AnnouncementListActivity
com.roya.shandong.ui.im.mypwd.SetPwdActivity
com.roya.shandong.ui.im.mypwd.CheckPwdActivity
com.roya.shandong.ui.address.weixin.ErrorCorrectionActivity
com.roya.shandong.ui.im.mypwd.GesturesInActivity
com.roya.shandong.ui.im.MessageByShareActivity
com.roya.shandong.ui.im.workCircle.PostTalkByShareActivity
com.roya.shandong.ui.im.PersonSelectorActivity
com.roya.shandong.ui.im.serverno.ServiceNoIMActivity
com.roya.shandong.ui.im.serverno.ServiceNoDetailActivity
com.roya.shandong.ui.im.serverno.EnterpriseAppActivity
com.roya.shandong.ui.im.serverno.MeetingBombScreenActivity
com.roya.shandong.ui.im.serverno.EnterpriseAppDetailActivity
com.roya.shandong.ui.im.workCircle.WorkCircleMsgInfoActivity
com.roya.shandong.ui.im.operate.FilePreviewActivity
com.roya.shandong.ui.im.serverno.ParameterSettingActivity
com.roya.shandong.ui.setting.OnlineMobileActivity
com.roya.shandong.ui.theother.TanpingSetActivity
com.roya.shandong.ui.theother.ChoiceThemeActivity
com.roya.shandong.ui.im.workCircle.WorkCircleDetailActivity
com.roya.shandong.ui.address.weixin.PersonSelectorAloneActivity
com.roya.shandong.ui.theother.GesturesSetActivity
com.roya.shandong.ui.theother.FloatWindowActivity
com.roya.shandong.ui.theother.RemindSetActivity
com.roya.shandong.ui.setting.subscribe.SubscribeListActivity
com.roya.shandong.ui.setting.subscribe.VerifyCode139Activity
com.roya.shandong.ui.setting.subscribe.VerifyPhoneNum139Activity
com.roya.shandong.ui.setting.subscribe.AlreadyBinding139Activity
com.roya.shandong.ui.im.ShowWebImageActivity
com.roya.shandong.ui.address.selector.StarMemberSelectorActivity2
com.roya.shandong.ui.setting.ShareInfoActivity
com.roya.shandong.ui.setting.TwoDimensionActivity
com.roya.shandong.ui.im.selectImage.PhotoActivity
com.roya.shandong.ui.im.selectImage.PhotoAlbumActivity
com.roya.shandong.ui.im.selectImage.ShowBigPic
com.roya.shandong.ui.im.selectImage.PreviewPictureActivity
com.sina.weibo.sdk.component.WeiboSdkBrowser
com.roya.shandong.ui.theother.ChooseSoundActivity
com.roya.shandong.createcompany.view.CreateCompanyActivity
com.roya.shandong.managecompany.view.impl.AddWorkerActivity
com.roya.shandong.managecompany.view.impl.LocalContactActivity
com.roya.shandong.managecompany.view.impl.LocalContactDetailActivity
com.roya.shandong.managecompany.callandsms.CallLogActivity
com.roya.shandong.LoadResActivity
com.roya.shandong.ui.im.workplatform.WorksMainActivity
com.roya.shandong.ui.im.workplatform.WorkGridActivity
com.roya.shandong.ui.im.workplatform.AppDetailQRCodeActivity
com.roya.shandong.ui.im.workplatform.AppDetailActivity
com.roya.shandong.ui.im.workplatform.AppSearchActivity
com.roya.shandong.ui.im.workplatform.PicDetailViewActivity
com.royasoft.libzxing.zxing.activity.CaptureActivity
com.roya.shandong.ui.im.CircleMemberActivity
com.roya.shandong.ui.im.message.MessageRelatedActivity
com.roya.shandong.managecompany.view.impl.ManageEntranceActivity
com.roya.shandong.managecompany.view.impl.AddSubDeptActivity
com.roya.shandong.managecompany.view.impl.DeptSelectorActivity
com.roya.shandong.managecompany.view.impl.EditWorkerActivity
com.roya.shandong.managecompany.view.impl.EnterEnterpriseInfoActivity
com.roya.shandong.managecompany.view.impl.EnterpriseCertificationActivity
com.roya.shandong.managecompany.view.impl.SetDeptActivity
com.roya.shandong.managecompany.view.impl.SubmitDocumentsActivity
com.roya.shandong.groupmanage.view.GroupDeleteMemberActivity
com.roya.shandong.ui.im.H5HistoryActivity
com.roya.shandong.ui.address.selector.StarMemberSelectorActivity
com.roya.shandong.ui.theother.AddressSettingActivity
com.roya.shandong.ui.address.weixin.generalContact.view.GeneralContactActivity
com.roya.shandong.ui.address.weixin.generalContact.view.GeneralContactSelectActivity
com.roya.shandong.ui.theother.CollectionActivity
com.roya.shandong.ui.im.GroupManagerActivity
com.roya.shandong.ui.im.TransferGroupManagerActivity
com.roya.shandong.ui.im.GroupManagerSettingActivity
com.roya.shandong.ui.im.AddAdministratorActivity
com.roya.shandong.ui.theother.FunctionSettingActivity
com.facebook.react.devsupport.DevSettingsActivity
com.roya.shandong.androidrn.RNReceiveActivity
com.roya.shandong.ui.main.search.view.SearchAllActivity
com.roya.shandong.ui.main.search.view.SearchSpecifiedActivity
com.royasoft.taskmodule.activitis.MyEndTaskActivity
com.royasoft.taskmodule.activitis.MyReciveTaskActivity
com.royasoft.taskmodule.activitis.MySendTaskActivity
com.royasoft.taskmodule.activitis.TaskDetail1Activity
com.royasoft.taskmodule.activitis.BaseTaskActivity
com.royasoft.taskmodule.activitis.NewCreateTaskActivity
com.royasoft.taskmodule.activitis.NewCreateTaskSDActivity
com.royasoft.taskmodule.activitis.RecvieTaskDetailActivity
com.royasoft.taskmodule.activitis.selectImage.PhotoActivity
com.royasoft.taskmodule.activitis.selectImage.PreviewPictureActivity
com.royasoft.taskmodule.activitis.SendTaskDetailActivity
com.royasoft.taskmodule.activitis.TaskFeedBackPeopleActivity
com.royasoft.taskmodule.activitis.TaskFeedBackPeopleActivitySD
com.royasoft.taskmodule.activitis.TaskMainActivity
com.royasoft.taskmodule.activitis.TaskPhotoDetailActivity
com.royasoft.taskmodule.activitis.TaskReplyActivity
com.royasoft.taskmodule.activitis.TaskStageSettingActivity
com.roya.library_tbs.view.ServiceBrowserActivity
com.roya.library_tbs.view.BrowserActivity
com.roya.library_tbs.view.BulletinDetailBrowserActivity
com.roya.library_tbs.view.OnlineMobileBrowserActivity
com.roya.library_tbs.view.MeetingBombScreenBrowserActivity
com.roya.library_tbs.webviewcontainer.ContainerBrowserActivity1
com.roya.library_tbs.webviewcontainer.ContainerBrowserActivity2
com.roya.library_tbs.webviewcontainer.ContainerBrowserActivity3
com.roya.library_tbs.webviewcontainer.ContainerBrowserActivity4
com.roya.library_tbs.webviewcontainer.ContainerBrowserActivity5
com.roya.library_tbs.view.MyBrowserActivity
com.royasoft.votelibrary.activities.VoteMainActivity
com.royasoft.votelibrary.activities.MySendVoteActivity
com.royasoft.votelibrary.activities.MyReciveVoteActivity
com.royasoft.votelibrary.activities.VoteDetailActivity
com.royasoft.votelibrary.activities.VoteJoinPersonDetailActivity
com.royasoft.votelibrary.activities.PollVoteActivity
com.royasoft.votelibrary.activities.PhotoActivity
com.royasoft.votelibrary.activities.PreviewPictureActivity
com.royasoft.votelibrary.activities.VoteJoinPersonDetailActivity2
com.roya.wechat.library_cardholder.ui.activity.CardHolderMainActivity
com.roya.wechat.library_cardholder.ui.activity.CardDetailActivity
com.roya.wechat.library_cardholder.ui.activity.EditCardActivity
com.nisc.Olym_Ntls_SecurityEngine$NtlsVpnActivity

Receivers

Information computed with AndroGuard. 

com.roya.shandong.mail.reciver.EmailReciver
com.roya.shandong.phonestate.PhoneAboutService$PhoneStateReceiver
com.roya.shandong.netty.service.PushAlarmReceiver
com.roya.shandong.keepalive.WakeMainReceiver
com.roya.shandong.keepalive.WakeReceiver
com.roya.shandong.ui.im.workplatform.fragment.CompleteReceiver

Services

Information computed with AndroGuard. 

com.tencent.smtt.export.external.DexClassLoaderProviderService
com.roya.shandong.service.UpLoadLogService
com.roya.shandong.phonestate.PhoneAboutService
com.roya.shandong.netty.service.ReConnectService
com.roya.shandong.service.UpdateService
com.roya.shandong.netty.service.OfflineMsgService
com.roya.shandong.netty.service.BuildConnectionService
com.baidu.location.f
com.roya.shandong.keepalive.WakeMainService
com.roya.shandong.keepalive.WakeMainService$NotifyInnerService
com.roya.shandong.netty.service.BaseConnectService$NotifyInnerService
com.roya.shandong.keepalive.WakeService
com.roya.shandong.keepalive.WakeService$NotifyInnerService
com.nisc.api.NtlsVpnService

NIAP analysis

Information computed with MobSF.

FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['network connectivity', 'camera', 'location', 'bluetooth', 'microphone'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to ['system logs', 'call lists', 'address book'].
Access to Platform Resources
FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Network Communications
FDP_DAR_EXT.1.1 The application does not encrypt files in non-volatile memory.
Encryption Of Sensitive Application Data
FTP_DIT_EXT.1.1 The application does not encrypt any data in traffic or does not transmit any data between itself and another trusted IT product.
Protection of Data in Transit
Pygal China: 100 Germany: 100 Hong Kong: 100

Map computed by Pithus.

Domains analysis

Information computed with MobSF.

CN www.royasoft.com.cn 47.117.115.111
DE www.openssl.org 2.17.187.9
HK www.baidu.com 103.235.46.39

URL analysis

Information computed with MobSF.

http://www.openssl.org/support/faq.html
Defined in lib/armeabi/libcrypto.so
https://www.openssl.org/docs/faq.html
Defined in lib/armeabi/libsqlcipher.so

Permissions analysis

Information computed with MobSF.

High android.permission.ACCESS_FINE_LOCATION fine (GPS) location
Access fine location sources, such as the Global Positioning System on the phone, where available. Malicious applications can use this to determine where you are and may consume additional battery power.
High android.permission.ACCESS_COARSE_LOCATION coarse (network-based) location
Access coarse location sources, such as the mobile network database, to determine an approximate phone location, where available. Malicious applications can use this to determine approximately where you are.
High android.permission.SYSTEM_ALERT_WINDOW display system-level alerts
Allows an application to show system-alert windows. Malicious applications can take over the entire screen of the phone.
High android.permission.READ_EXTERNAL_STORAGE read external storage contents
Allows an application to read from external storage.
High android.permission.READ_SMS read SMS or MMS
Allows application to read SMS messages stored on your phone or SIM card. Malicious applications may read your confidential messages.
High android.permission.READ_CONTACTS read contact data
Allows an application to read all of the contact (address) data stored on your phone. Malicious applications can use this to send your data to other people.
High android.permission.WRITE_CONTACTS write contact data
Allows an application to modify the contact (address) data stored on your phone. Malicious applications can use this to erase or modify your contact data.
High android.permission.WRITE_SMS edit SMS or MMS
Allows application to write to SMS messages stored on your phone or SIM card. Malicious applications may delete your messages.
High android.permission.SEND_SMS send SMS messages
Allows application to send SMS messages. Malicious applications may cost you money by sending messages without your confirmation.
High android.permission.CALL_PHONE directly call phone numbers
Allows the application to call phone numbers without your intervention. Malicious applications may cause unexpected calls on your phone bill. Note that this does not allow the application to call emergency numbers.
High android.permission.RECORD_AUDIO record audio
Allows application to access the audio record path.
High android.permission.MOUNT_UNMOUNT_FILESYSTEMS mount and unmount file systems
Allows the application to mount and unmount file systems for removable storage.
High android.permission.WRITE_EXTERNAL_STORAGE read/modify/delete external storage contents
Allows an application to write to external storage.
High android.permission.GET_ACCOUNTS list accounts
Allows access to the list of accounts in the Accounts Service.
High android.permission.MANAGE_ACCOUNTS manage the accounts list
Allows an application to perform operations like adding and removing accounts and deleting their password.
High android.permission.AUTHENTICATE_ACCOUNTS act as an account authenticator
Allows an application to use the account authenticator capabilities of the Account Manager, including creating accounts as well as obtaining and setting their passwords.
High android.permission.WRITE_SETTINGS modify global system settings
Allows an application to modify the system's settings data. Malicious applications can corrupt your system's configuration.
High android.permission.CAMERA take pictures and videos
Allows application to take pictures and videos with the camera. This allows the application to collect images that the camera is seeing at any time.
High android.permission.RECEIVE_SMS receive SMS
Allows application to receive and process SMS messages. Malicious applications may monitor your messages or delete them without showing them to you.
High android.permission.WRITE_CALL_LOG Allows an application to write (but not read) the user's call log data.
High android.permission.READ_CALL_LOG Allows an application to read the user's call log.
High android.permission.READ_PHONE_STATE read phone state and identity
Allows the application to access the phone features of the device. An application with this permission can determine the phone number and serial number of this phone, whether a call is active, the number that call is connected to and so on.
High android.permission.USE_CREDENTIALS use the authentication credentials of an account
Allows an application to request authentication tokens.
High android.permission.PROCESS_OUTGOING_CALLS intercept outgoing calls
Allows application to process outgoing calls and change the number to be dialled. Malicious applications may monitor, redirect or prevent outgoing calls.
High android.permission.READ_LOGS read sensitive log data
Allows an application to read from the system's various log files. This allows it to discover general information about what you are doing with the phone, potentially including personal or private information.
High android.permission.GET_TASKS retrieve running applications
Allows application to retrieve information about currently and recently running tasks. May allow malicious applications to discover private information about other applications.
High android.permission.RECEIVE_MMS receive MMS
Allows application to receive and process MMS messages. Malicious applications may monitor your messages or delete them without showing them to you.
Low android.permission.CHANGE_WIFI_STATE change Wi-Fi status
Allows an application to connect to and disconnect from Wi-Fi access points and to make changes to configured Wi-Fi networks.
Low android.permission.WAKE_LOCK prevent phone from sleeping
Allows an application to prevent the phone from going to sleep.
Low android.permission.INTERNET full Internet access
Allows an application to create network sockets.
Low android.permission.VIBRATE control vibrator
Allows the application to control the vibrator.
Low android.permission.RECEIVE_BOOT_COMPLETED automatically start at boot
Allows an application to start itself as soon as the system has finished booting. This can make it take longer to start the phone and allow the application to slow down the overall phone by always running.
Low android.permission.ACCESS_NETWORK_STATE view network status
Allows an application to view the status of all networks.
Low android.permission.ACCESS_WIFI_STATE view Wi-Fi status
Allows an application to view the information about the status of Wi-Fi.
Low android.permission.MODIFY_AUDIO_SETTINGS change your audio settings
Allows application to modify global audio settings, such as volume and routing.
Low android.permission.BROADCAST_STICKY send sticky broadcast
Allows an application to send sticky broadcasts, which remain after the broadcast ends. Malicious applications can make the phone slow or unstable by causing it to use too much memory.
Low android.permission.GET_PACKAGE_SIZE measure application storage space
Allows an application to find out the space used by any package.
Low android.permission.CHANGE_NETWORK_STATE change network connectivity
Allows applications to change network connectivity state.
Low android.permission.READ_SYNC_STATS read sync statistics
Allows an application to read the sync stats; e.g. the history of syncs that have occurred.
Low android.permission.READ_SYNC_SETTINGS read sync settings
Allows an application to read the sync settings, such as whether sync is enabled for Contacts.
Low android.permission.WRITE_SYNC_SETTINGS write sync settings
Allows an application to modify the sync settings, such as whether sync is enabled for Contacts.
Low android.permission.CHANGE_WIFI_MULTICAST_STATE allow Wi-Fi Multicast reception
Allows an application to receive packets not directly addressed to your device. This can be useful when discovering services offered nearby. It uses more power than the non-multicast mode.
Low android.permission.DISABLE_KEYGUARD Allows applications to disable the keyguard if it is not secure.
Low android.permission.BLUETOOTH create Bluetooth connections
Allows applications to connect to paired bluetooth devices.
Low android.permission.KILL_BACKGROUND_PROCESSES kill background processes
Allows an application to kill background processes of other applications, even if memory is not low.
Medium android.permission.BATTERY_STATS modify battery statistics
Allows the modification of collected battery statistics. Not for use by common applications.
Medium android.permission.CHANGE_CONFIGURATION change your UI settings
Allows an application to change the current configuration, such as the locale or overall font size.
com.android.launcher.permission.READ_SETTINGS Unknown permission
Unknown permission from android reference
android.permission.INSTALL_DRM Unknown permission
Unknown permission from android reference
android.permission.WRITE_OWNER_DATA Unknown permission
Unknown permission from android reference
com.android.launcher.permission.INSTALL_SHORTCUT Unknown permission
Unknown permission from android reference
com.android.launcher.permission.UNINSTALL_SHORTCUT Unknown permission
Unknown permission from android reference
android.permission.SYSTEM_OVERLAY_WINDOW Unknown permission
Unknown permission from android reference
android.permission.INTERACT_ACROSS_USERS_FULL Unknown permission
Unknown permission from android reference
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION Unknown permission
Unknown permission from android reference
com.sec.android.provider.badge.permission.READ Unknown permission
Unknown permission from android reference
com.sec.android.provider.badge.permission.WRITE Unknown permission
Unknown permission from android reference
com.sonyericsson.home.permission.BROADCAST_BADGE Unknown permission
Unknown permission from android reference
com.htc.launcher.permission.READ_SETTINGS Unknown permission
Unknown permission from android reference
com.htc.launcher.permission.UPDATE_SHORTCUT Unknown permission
Unknown permission from android reference
com.android.launcher.permission.WRITE_SETTINGS Unknown permission
Unknown permission from android reference
com.sonymobile.home.permission.PROVIDER_INSERT_BADGE Unknown permission
Unknown permission from android reference
com.anddoes.launcher.permission.UPDATE_COUNT Unknown permission
Unknown permission from android reference
com.majeur.launcher.permission.UPDATE_BADGE Unknown permission
Unknown permission from android reference
com.huawei.android.launcher.permission.CHANGE_BADGE Unknown permission
Unknown permission from android reference
com.huawei.android.launcher.permission.READ_SETTINGS Unknown permission
Unknown permission from android reference
com.huawei.android.launcher.permission.WRITE_SETTINGS Unknown permission
Unknown permission from android reference
android.permission.READ_APP_BADGE Unknown permission
Unknown permission from android reference
com.oppo.launcher.permission.READ_SETTINGS Unknown permission
Unknown permission from android reference
com.oppo.launcher.permission.WRITE_SETTINGS Unknown permission
Unknown permission from android reference

Threat analysis

Information computed with Quark-Engine.

Confidence:
100%
Read file from assets directory
Confidence:
100%
Method reflection
Confidence:
80%
Read data and put it into a buffer stream
Confidence:
80%
Read file and put it into a stream
Confidence:
80%
Open a file from given absolute path of the file
Confidence:
80%
Get absolute path of the file and store in string

Behavior analysis

Information computed with MobSF.

Java reflection 
       com/stub/StubApp.java
       com/qihoo/util/C0002.java
Load and manipulate dex files 
       com/stub/StubApp.java
Loading native code (shared library) 
       com/stub/StubApp.java