Malicious
7
/61

Threat

COM.Bangso.FitMiss

减肥小秘书

Analyzed on 2022-02-07T09:32:09.544532

28

permissions

188

activities

23

services

12

receivers

5

domains

File sums

MD5 4ff5ae5619a98f8850aca96172b6a45d
SHA1 7923cb5a2f95e9fd2c415fb5433830a29df9f43d
SHA256 d4d31cdcec81a7ba9f465012f7506b70cfa8397269a323035e79f84e8b0395cf
Size 24.85MB

APKiD

Information computed with APKiD.

/tmp/tmp7ds_yjwj
packer
  • Jiagu
/tmp/tmp7ds_yjwj!classes.dex
compiler
  • dexlib 2.x

SSdeep

Information computed with ssdeep.

APK file 393216:5dFGIwpBCYFmNHL1Wx1P0qzgix4uatsBrHqpra52FpGNNYDYVWAn4R0vGNnQe:5dFGIaNQNHL1q2uoUqaYpsNY871vk1
Manifest 768:t1WiT7Sw5yeievmmtKGv8mA5+261/VE6reBecfy5g2XM7Jtna760aT0FUq2DDeP4:…
classes.dex 98304:0kWarp9fHryo7u6ZDhnK4PF91QmmQidtEzICoiFe/fWxX/F8LXpgzJA:0krrp9G…

Dexofuzzy

Information computed with Dexofuzzy.

APK file 12:RWm3r6Pik154IZFUofyVzODqXEUPbGMo3E:RWm3rYNZGoaVzHEMGMoU
classes.dex 12:RWm3r6Pik154IZFUofyVzODqXEUPbGMo3E:RWm3rYNZGoaVzHEMGMoU

APK details

Information computed with AndroGuard and Pithus.

Package COM.Bangso.FitMiss
App name 减肥小秘书
Version name 6.4.2
Version code 642
SDK 25 - 28
UAID 01f2b24bdeea02f2ca1e40df8f7e538e20dcd202
Signature Signature V1 Signature V2
Frosting Not frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown
  • 0x42726577: Verity padding

Certificate details

Information computed with AndroGuard.

MD5 47625dcd4d0797251cc6b70a1a6b98c9
SHA1 41dbaab3ce7d606c12904652392e723391ef07a7
SHA256 7942c69021c3740719964ebea8059c678d62cf7166a73bd1c6f9babd3a6faa8a
Issuer Common Name: BillPeng, Organizational Unit: Bangso, Organization: Bangso, Locality: Shanghai, State/Province: Shanghai, Country: cn
Not before 2011-05-17T01:56:14+00:00
Not after 2038-10-02T01:56:14+00:00

File Analysis

Information computed with MobSF.

Findings Files
Certificate/Key files hardcoded inside the app. assets/.appkey
assets/ag_sdk_cbg_root.cer
assets/geo_global_ca.cer
Findings Files
Hardcoded Keystore found. assets/grs_sp.bks
assets/hmsincas.bks
assets/hmsrootcas.bks
assets/updatesdkcas.bks

Manifest analysis

Information computed with MobSF.

High Clear text traffic is Enabled For App[android:usesCleartextTraffic=true]
The app intends to use cleartext network traffic, such as cleartext HTTP, FTP stacks, DownloadManager, and MediaPlayer. The default value for apps that target API level 27 or lower is "true". Apps that target API level 28 or higher default to "false". The key reason for avoiding cleartext traffic is the lack of confidentiality, authenticity, and protections against tampering; a network attacker can eavesdrop on transmitted data and also modify it without being detected.
Low App has a Network Security Configuration[android:networkSecurityConfig=@xml/network_security_config]
The Network Security Configuration feature lets apps customize their network security settings in a safe, declarative configuration file without modifying app code. These settings can be configured for specific domains and for a specific app.
Medium Application Data can be Backed up[android:allowBackup=true]
This flag allows anyone to backup your application data via adb. It allows users who have enabled USB debugging to copy application data off of the device.
High Activity (COM.Bangso.FitMiss.activity.MipushTestActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (COM.Bangso.FitMiss.wxapi.WXEntryActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (COM.Bangso.FitMiss.wxapi.WXPayEntryActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (COM.Bangso.FitMiss.receiver.BootBroadcastReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Activity (com.tencent.tauth.AuthActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (COM.Bangso.FitMiss.activity.MfrMessageActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.taobao.accs.ChannelService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.taobao.accs.data.MsgDistributeService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.taobao.accs.EventReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Broadcast Receiver (com.taobao.accs.ServiceReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Service (org.android.agoo.accs.AgooService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.umeng.message.UmengIntentService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.umeng.message.XiaomiIntentService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.taobao.agoo.AgooCommondReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.umeng.message.UmengMessageIntentReceiverService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High TaskAffinity is set for Activity
(com.umeng.message.notify.UPushMessageNotifyActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High TaskAffinity is set for Activity
(com.umeng.message.UMessageNotifyActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity-Alias (com.umeng.message.UMessageNotifyActivity) is not Protected. [android:exported=true]
An Activity-Alias is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.xiaomi.mipush.sdk.PushMessageHandler) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.xiaomi.push.service.receivers.NetworkStatusReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (org.android.agoo.xiaomi.MiPushBroadcastReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.huawei.hms.support.api.push.service.HmsMsgService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
Low Broadcast Receiver (com.huawei.hms.support.api.push.PushMsgReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: COM.Bangso.FitMiss.permission.PROCESS_PUSH_MSG
protectionLevel: signatureOrSystem [android:exported=true]
A Broadcast Receiver is found to be exported, but is protected by a permission. However, the protection level of the permission is set to signatureOrSystem. It is recommended that signature level is used instead. Signature level should suffice for most purposes, and does not depend on where the applications are installed on the device.
Low Broadcast Receiver (com.huawei.hms.support.api.push.PushReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: COM.Bangso.FitMiss.permission.PROCESS_PUSH_MSG
protectionLevel: signatureOrSystem [android:exported=true]
A Broadcast Receiver is found to be exported, but is protected by a permission. However, the protection level of the permission is set to signatureOrSystem. It is recommended that signature level is used instead. Signature level should suffice for most purposes, and does not depend on where the applications are installed on the device.
Low Content Provider (com.huawei.hms.support.api.push.PushProvider) is Protected by a permission, but the protection level of the permission should be checked.
Permission: COM.Bangso.FitMiss.permission.PUSH_PROVIDER
protectionLevel: signatureOrSystem [android:exported=true]
A Content Provider is found to be exported, but is protected by a permission. However, the protection level of the permission is set to signatureOrSystem. It is recommended that signature level is used instead. Signature level should suffice for most purposes, and does not depend on where the applications are installed on the device.
High Service (com.heytap.msp.push.service.CompatibleDataMessageCallbackService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.coloros.mcs.permission.SEND_MCS_MESSAGE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.heytap.msp.push.service.DataMessageCallbackService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.heytap.mcs.permission.SEND_PUSH_MESSAGE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.vivo.push.sdk.service.CommandClientService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (org.android.agoo.vivo.PushMessageReceiverImpl) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Activity (com.sina.weibo.sdk.share.ShareResultActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.

Browsable activities

Information computed with MobSF.

com.tencent.tauth.AuthActivity

Schemes: tencent100735893:// tencentqqappid://

COM.Bangso.FitMiss.activity.MfrMessageActivity

Hosts: COM.Bangso.FitMiss

Schemes: agoo://

Main Activity

Information computed with AndroGuard.

COM.Bangso.FitMiss.activity.init.SplashScreenActivity

Activities

Information computed with AndroGuard.

COM.Bangso.FitMiss.activity.init.SplashScreenActivity
COM.Bangso.FitMiss.activity.MainActivity
COM.Bangso.FitMiss.activity.ImagePagerActivity
COM.Bangso.FitMiss.activity.TestLayoutActivity
COM.Bangso.FitMiss.activity.KTestLayoutActivity
COM.Bangso.FitMiss.activity.InviteFriendActivity
COM.Bangso.FitMiss.activity.MipushTestActivity
COM.Bangso.FitMiss.activity.UMengPushJumpActivity
COM.Bangso.FitMiss.activity.WebViewActivity
COM.Bangso.FitMiss.wxapi.WXEntryActivity
COM.Bangso.FitMiss.wxapi.WXPayEntryActivity
com.alipay.sdk.app.H5PayActivity
COM.Bangso.FitMiss.activity.init.LoginActivity
COM.Bangso.FitMiss.activity.init.FindPasswordActivity
COM.Bangso.FitMiss.activity.init.FindPasswordPhoneVerificationActivity
COM.Bangso.FitMiss.activity.init.RegisterSexActivity
COM.Bangso.FitMiss.activity.init.RegisterWeightActivity
COM.Bangso.FitMiss.activity.init.RegisterGoalWeightActivity
COM.Bangso.FitMiss.activity.init.FindPasswordUsernameActivity
COM.Bangso.FitMiss.activity.init.AccountLoginActivity
COM.Bangso.FitMiss.activity.init.RegisterBirthActivity
COM.Bangso.FitMiss.activity.init.RegisterLocationActivity
COM.Bangso.FitMiss.activity.init.RegisterHeightActivity
COM.Bangso.FitMiss.activity.init.WelcomeActivity
COM.Bangso.FitMiss.activity.init.TogetherLoseWeightActivity
COM.Bangso.FitMiss.activity.homepage.PlayActivity
COM.Bangso.FitMiss.activity.homepage.ModifyFrontPagePartActivity
COM.Bangso.FitMiss.activity.homepage.MessageIndexActivity
COM.Bangso.FitMiss.activity.homepage.EnhancedEditionActivity
COM.Bangso.FitMiss.activity.homepage.TaskArrangeDetailActivity
COM.Bangso.FitMiss.activity.homepage.SetDrinkWaterTimeActivity
COM.Bangso.FitMiss.activity.homepage.RecipeRefActivity
COM.Bangso.FitMiss.activity.homepage.UpdateClockActivity
COM.Bangso.FitMiss.activity.homepage.SelectLossMethodActivity
COM.Bangso.FitMiss.activity.homepage.LetvVideoActivity
COM.Bangso.FitMiss.activity.homepage.TaskChooseInfoActivity
COM.Bangso.FitMiss.activity.homepage.NewMainLossMethodActivity
COM.Bangso.FitMiss.activity.homepage.AtMeActivity
COM.Bangso.FitMiss.activity.homepage.WeiBoLikeActivity
COM.Bangso.FitMiss.activity.homepage.SystemMessageActivity
COM.Bangso.FitMiss.activity.homepage.SystemMessageDetailActivity
COM.Bangso.FitMiss.activity.homepage.MyPrivateMessageActivity
COM.Bangso.FitMiss.activity.homepage.MyPrivateMessageDetailActivity
COM.Bangso.FitMiss.activity.homepage.SetRepeatClockActivity
COM.Bangso.FitMiss.activity.homepage.SetClockTimeActivity
COM.Bangso.FitMiss.activity.homepage.SetSystemClockActivity
COM.Bangso.FitMiss.activity.homepage.RecipeClickActivity
COM.Bangso.FitMiss.activity.society.KnowledgeDetailActivity
COM.Bangso.FitMiss.activity.society.CounselorDetailActivity
COM.Bangso.FitMiss.activity.society.KnowledgeListActivity
COM.Bangso.FitMiss.activity.society.DRShareListActivity
COM.Bangso.FitMiss.activity.society.CounselorListActivity
COM.Bangso.FitMiss.activity.society.SocietySearchActivity
COM.Bangso.FitMiss.activity.society.DRShareWriteActivity
COM.Bangso.FitMiss.activity.society.DRShareDetailMainActivity
COM.Bangso.FitMiss.activity.society.HotTopicMainActivity
COM.Bangso.FitMiss.activity.society.TopicDetailActivity
COM.Bangso.FitMiss.activity.society.ReportActivity
COM.Bangso.FitMiss.activity.society.WeiBoLikeListActivity
COM.Bangso.FitMiss.activity.society.FindFightFriendActivity
COM.Bangso.FitMiss.activity.society.MultiSelectImageActivity
COM.Bangso.FitMiss.activity.society.UserWeiBoDetailActivity
COM.Bangso.FitMiss.activity.society.WeiboSendContentActivity
COM.Bangso.FitMiss.activity.society.WeiboReviewContentActivity
COM.Bangso.FitMiss.activity.society.FollowUserActivity
COM.Bangso.FitMiss.activity.society.WeiboTopicSelectActivity
COM.Bangso.FitMiss.activity.society.WeiboTopicListActivity
COM.Bangso.FitMiss.activity.society.JRDKActivity
COM.Bangso.FitMiss.activity.society.ReviewAtActivity
COM.Bangso.FitMiss.activity.society.SearchWeiboResultActivity
COM.Bangso.FitMiss.activity.society.SelectWeiboFansActivity
COM.Bangso.FitMiss.activity.knowledge.KnowledgeClassMainActivity
COM.Bangso.FitMiss.activity.knowledge.KPayClassAudioPlayActivity
COM.Bangso.FitMiss.activity.knowledge.KPayClassDetailActivity
COM.Bangso.FitMiss.activity.knowledge.KPayClassMineListActivity
COM.Bangso.FitMiss.activity.knowledge.KPayClassRecListActivity
COM.Bangso.FitMiss.activity.knowledge.KPayClassTextViewActivity
COM.Bangso.FitMiss.activity.knowledge.KPayClassVideoPlayActivity
COM.Bangso.FitMiss.activity.knowledge.KPayClassMCoinActivity
COM.Bangso.FitMiss.activity.knowledge.KPayClassMCoinRechargeActivity
COM.Bangso.FitMiss.activity.knowledge.KPayClassSubscribeHistoryActivity
COM.Bangso.FitMiss.activity.knowledge.KPayClassMCoinRechargeConfirmActivity
COM.Bangso.FitMiss.activity.coach.CoachIsWhatActivity
COM.Bangso.FitMiss.activity.coach.CoachManageStudentActivity
COM.Bangso.FitMiss.activity.coach.CoachSpaceActivity
COM.Bangso.FitMiss.activity.coach.CoachModifyPersonalInfoActivity
COM.Bangso.FitMiss.activity.coach.CoachSearchingActivity
COM.Bangso.FitMiss.activity.mall.MallInfoActivity
COM.Bangso.FitMiss.activity.mall.ShoppingCartActivity
COM.Bangso.FitMiss.activity.mall.MallChildGoodsActivity
COM.Bangso.FitMiss.activity.mall.CouponUseIndexActivity
COM.Bangso.FitMiss.activity.mall.FillOrderActivity
COM.Bangso.FitMiss.activity.mall.MyOrderActivity
COM.Bangso.FitMiss.activity.mall.MallIndexActivity
COM.Bangso.FitMiss.activity.mall.OrderDetailActivity
COM.Bangso.FitMiss.activity.mall.ExpressTrackActivity
COM.Bangso.FitMiss.activity.tool.BindDeviceActivity
COM.Bangso.FitMiss.activity.tool.SmartWeighterActivity
COM.Bangso.FitMiss.activity.tool.FoodBankActivity
COM.Bangso.FitMiss.activity.tool.FoodListActivity
COM.Bangso.FitMiss.activity.tool.FoodAdd4KLLActivity
COM.Bangso.FitMiss.activity.tool.FoodDetailActivity
COM.Bangso.FitMiss.activity.tool.FoodAddActivity
COM.Bangso.FitMiss.activity.tool.FoodCustomAddActivity
COM.Bangso.FitMiss.activity.tool.CalRecordHistoryActivity
COM.Bangso.FitMiss.activity.tool.DoubleQuxianActivity
COM.Bangso.FitMiss.activity.tool.SportListActivity
COM.Bangso.FitMiss.activity.tool.SportAddActivity
COM.Bangso.FitMiss.activity.tool.SportCustomAddActivity
COM.Bangso.FitMiss.activity.tool.RecordMainActivity
COM.Bangso.FitMiss.activity.tool.KLLExChangeActivity
COM.Bangso.FitMiss.activity.tool.KLLExChange4SportActivity
COM.Bangso.FitMiss.activity.tool.Calculator4BMIActivity
COM.Bangso.FitMiss.activity.tool.Calculator4BMRActivity
COM.Bangso.FitMiss.activity.tool.Calculator4HeatUnitActivity
COM.Bangso.FitMiss.activity.tool.YueJingHelperActivity
COM.Bangso.FitMiss.activity.tool.KLLCalculatorActivity
COM.Bangso.FitMiss.activity.tool.CopyBeforeActivity
COM.Bangso.FitMiss.activity.tool.RecordWeightMainActivity
COM.Bangso.FitMiss.activity.tool.WeightRiLiActivity
COM.Bangso.FitMiss.activity.tool.RecordSanWeiActivity
COM.Bangso.FitMiss.activity.tool.WeightListActivity
COM.Bangso.FitMiss.activity.tool.WeightChartActivity
COM.Bangso.FitMiss.activity.tool.FoodSearchFirstActivity
COM.Bangso.FitMiss.activity.tool.SportSearchFirstActivity
COM.Bangso.FitMiss.activity.tool.FoodSearchActivity
COM.Bangso.FitMiss.activity.tool.SportListSearchActivity
COM.Bangso.FitMiss.activity.tool.CreateCustomFoodActivity
COM.Bangso.FitMiss.activity.tool.CreateCustomSportActivity
COM.Bangso.FitMiss.activity.tool.FoodCustomDetailActivity
COM.Bangso.FitMiss.activity.aboutme.HealthTestReportActivity
COM.Bangso.FitMiss.activity.aboutme.OldTaskInfoActivity
COM.Bangso.FitMiss.activity.aboutme.SetNoticeActivity
COM.Bangso.FitMiss.activity.aboutme.SetNormalActivity
COM.Bangso.FitMiss.activity.aboutme.VipPrivilegeActivity
COM.Bangso.FitMiss.activity.aboutme.HowToActivity
COM.Bangso.FitMiss.activity.aboutme.WeiBoBgPreviewActivity
COM.Bangso.FitMiss.activity.aboutme.HistoryWayActivity
COM.Bangso.FitMiss.activity.aboutme.UpdateNickNameActivity
COM.Bangso.FitMiss.activity.aboutme.VipCenterActivity
COM.Bangso.FitMiss.activity.aboutme.ScoreFillOrderActivity
COM.Bangso.FitMiss.activity.aboutme.ScoreGetMoreWayActivity
COM.Bangso.FitMiss.activity.aboutme.ScoreGoodsActivity
COM.Bangso.FitMiss.activity.aboutme.ScoreExchangeRecordActivity
COM.Bangso.FitMiss.activity.aboutme.JFMallMainActivity
COM.Bangso.FitMiss.activity.aboutme.WeiBoFavListActivity
COM.Bangso.FitMiss.activity.aboutme.MyCommentListActivity
COM.Bangso.FitMiss.activity.aboutme.UserZoneActivity
COM.Bangso.FitMiss.activity.society.SomeoneAllWeiBoActivity
COM.Bangso.FitMiss.activity.aboutme.SettingActivity
COM.Bangso.FitMiss.activity.aboutme.AboutUsActivity
COM.Bangso.FitMiss.activity.aboutme.AboutAppActivity
COM.Bangso.FitMiss.activity.aboutme.SolveQuestionActivity
COM.Bangso.FitMiss.activity.aboutme.FansAndFollowActivity
COM.Bangso.FitMiss.activity.aboutme.UpdateInformationActivity
COM.Bangso.FitMiss.activity.aboutme.AccountSafeActivity
COM.Bangso.FitMiss.activity.aboutme.AbandonAccountActivity
COM.Bangso.FitMiss.activity.aboutme.UpdatePasswordActivity
COM.Bangso.FitMiss.activity.aboutme.UpdatePasswordPhoneActivity
COM.Bangso.FitMiss.activity.aboutme.BindEmailActivity
COM.Bangso.FitMiss.activity.aboutme.BindPhoneActivity
COM.Bangso.FitMiss.activity.aboutme.FindFriendsActivity
COM.Bangso.FitMiss.activity.aboutme.FindFriendByNameActivity
COM.Bangso.FitMiss.activity.aboutme.CouponAllIndexActivity
COM.Bangso.FitMiss.activity.aboutme.FillAddressActivity
COM.Bangso.FitMiss.activity.aboutme.ReceiveAddressActivity
com.tencent.tauth.AuthActivity
com.tencent.connect.common.AssistActivity
COM.Bangso.FitMiss.activity.MfrMessageActivity
com.umeng.message.notify.UPushMessageNotifyActivity
com.yanzhenjie.permission.bridge.BridgeActivity
com.sina.weibo.sdk.web.WebActivity
com.sina.weibo.sdk.share.ShareTransActivity
com.sina.weibo.sdk.share.ShareStoryActivity
com.sina.weibo.sdk.share.ShareChatActivity
com.sina.weibo.sdk.share.ShareResultActivity
com.meiqia.meiqiasdk.activity.MQConversationActivity
com.meiqia.meiqiasdk.activity.MQPhotoPreviewActivity
com.meiqia.meiqiasdk.activity.MQPhotoPickerActivity
com.meiqia.meiqiasdk.activity.MQPhotoPickerPreviewActivity
com.meiqia.meiqiasdk.activity.MQMessageFormActivity
com.meiqia.meiqiasdk.activity.MQWebViewActivity
com.meiqia.meiqiasdk.activity.MQInquiryFormActivity
com.meiqia.meiqiasdk.activity.MQCollectInfoActivity
com.huawei.updatesdk.service.otaupdate.AppUpdateActivity
com.huawei.updatesdk.support.pm.PackageInstallerActivity
com.huawei.hms.activity.BridgeActivity
com.huawei.hms.activity.EnableServiceActivity

Receivers

Information computed with AndroGuard.

COM.Bangso.FitMiss.receiver.AlarmReceiver
COM.Bangso.FitMiss.receiver.BootBroadcastReceiver
com.taobao.accs.EventReceiver
com.taobao.accs.ServiceReceiver
com.taobao.agoo.AgooCommondReceiver
com.umeng.message.NotificationProxyBroadcastReceiver
com.xiaomi.push.service.receivers.NetworkStatusReceiver
com.xiaomi.push.service.receivers.PingReceiver
org.android.agoo.xiaomi.MiPushBroadcastReceiver
com.huawei.hms.support.api.push.PushMsgReceiver
com.huawei.hms.support.api.push.PushReceiver
org.android.agoo.vivo.PushMessageReceiverImpl

Services

Information computed with AndroGuard.

COM.Bangso.FitMiss.service.BootService
com.taobao.accs.ChannelService
com.taobao.accs.data.MsgDistributeService
com.taobao.accs.internal.AccsJobService
com.taobao.accs.ChannelService$KernelService
org.android.agoo.accs.AgooService
com.umeng.message.UmengIntentService
com.umeng.message.XiaomiIntentService
com.umeng.message.UmengMessageIntentReceiverService
com.umeng.message.UmengMessageCallbackHandlerService
com.umeng.message.UmengDownloadResourceService
com.xiaomi.push.service.XMPushService
com.xiaomi.push.service.XMJobService
com.xiaomi.mipush.sdk.PushMessageHandler
com.xiaomi.mipush.sdk.MessageHandleService
com.huawei.hms.support.api.push.service.HmsMsgService
org.android.agoo.huawei.HuaweiPushMessageService
com.heytap.msp.push.service.CompatibleDataMessageCallbackService
com.heytap.msp.push.service.DataMessageCallbackService
com.vivo.push.sdk.service.CommandClientService
com.yanzhenjie.permission.bridge.BridgeService
com.meiqia.core.MeiQiaService
com.huawei.agconnect.core.ServiceDiscovery

Sample timeline

Oldest file found in APK Jan. 1, 1981, 1:01 a.m.
Certificate valid not before May 17, 2011, 1:56 a.m.
Latest file found in APK Nov. 8, 2021, 2:26 p.m.
First submission on VT Nov. 9, 2021, 11:23 a.m.
Last submission on VT Jan. 14, 2022, 2:58 p.m.
Upload on Pithus Feb. 7, 2022, 9:32 a.m.
Certificate valid not after Oct. 2, 2038, 1:56 a.m.

VirusTotal

Score 7/61
Report https://www.virustotal.com/gui/file/d4d31cdcec81a7ba9f465012f7506b70cfa8397269a323035e79f84e8b0395cf/detection

Most Popular AV Detections

Provided by VirusTotal

Threat name: jiagu Identified 2 times

NIAP analysis

Information computed with MobSF.

FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['camera', 'network connectivity', 'microphone'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to no sensitive information repositories.
Access to Platform Resources
FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Network Communications
FDP_DAR_EXT.1.1 The application does not encrypt files in non-volatile memory.
Encryption Of Sensitive Application Data
FTP_DIT_EXT.1.1 The application does not encrypt any data in traffic or does not transmit any data between itself and another trusted IT product.
Protection of Data in Transit
Pygal China: 100 Germany: 200 Hong Kong: 100 United States: 100

Map computed by Pithus.

Network analysis

Information computed with MobSF.

High Base config is insecurely configured to permit clear text traffic to all domains.
Scope: ['*']

Domains analysis

Information computed with MobSF.

US play.google.com 142.250.185.110
CN errlog.umeng.com 111.63.137.73
DE store.hispace.hicloud.com 160.44.202.202
HK errlogos.umeng.com 47.246.110.18
DE appgallery.cloud.huawei.com 80.158.41.227

URL analysis

Information computed with MobSF.

https://play.google.com/store/apps/details?id=
https://appgallery.cloud.huawei.com
https://store.hispace.hicloud.com/hwmarket/api/
Defined in Android String Resource
https://play.google.com/store/apps/details?id=
https://appgallery.cloud.huawei.com
https://store.hispace.hicloud.com/hwmarket/api/
Defined in Android String Resource
https://play.google.com/store/apps/details?id=
https://appgallery.cloud.huawei.com
https://store.hispace.hicloud.com/hwmarket/api/
Defined in Android String Resource
https://errlog.umeng.com/api/crashsdk/logcollect
https://errlogos.umeng.com/api/crashsdk/logcollect
https://errlog.umeng.com
https://errlogos.umeng.com
Defined in lib/armeabi-v7a/libcrashsdk.so
https://errlog.umeng.com/api/crashsdk/logcollect
https://errlogos.umeng.com/api/crashsdk/logcollect
https://errlog.umeng.com
https://errlogos.umeng.com
Defined in lib/armeabi-v7a/libcrashsdk.so
https://errlog.umeng.com/api/crashsdk/logcollect
https://errlogos.umeng.com/api/crashsdk/logcollect
https://errlog.umeng.com
https://errlogos.umeng.com
Defined in lib/armeabi-v7a/libcrashsdk.so
https://errlog.umeng.com/api/crashsdk/logcollect
https://errlogos.umeng.com/api/crashsdk/logcollect
https://errlog.umeng.com
https://errlogos.umeng.com
Defined in lib/armeabi-v7a/libcrashsdk.so
https://errlog.umeng.com/api/crashsdk/logcollect
https://errlogos.umeng.com/api/crashsdk/logcollect
https://errlog.umeng.com
https://errlogos.umeng.com
Defined in lib/armeabi/libcrashsdk.so
https://errlog.umeng.com/api/crashsdk/logcollect
https://errlogos.umeng.com/api/crashsdk/logcollect
https://errlog.umeng.com
https://errlogos.umeng.com
Defined in lib/armeabi/libcrashsdk.so
https://errlog.umeng.com/api/crashsdk/logcollect
https://errlogos.umeng.com/api/crashsdk/logcollect
https://errlog.umeng.com
https://errlogos.umeng.com
Defined in lib/armeabi/libcrashsdk.so
https://errlog.umeng.com/api/crashsdk/logcollect
https://errlogos.umeng.com/api/crashsdk/logcollect
https://errlog.umeng.com
https://errlogos.umeng.com
Defined in lib/armeabi/libcrashsdk.so
https://errlog.umeng.com/api/crashsdk/logcollect
https://errlogos.umeng.com/api/crashsdk/logcollect
https://errlog.umeng.com
https://errlogos.umeng.com
Defined in lib/arm64-v8a/libcrashsdk.so
https://errlog.umeng.com/api/crashsdk/logcollect
https://errlogos.umeng.com/api/crashsdk/logcollect
https://errlog.umeng.com
https://errlogos.umeng.com
Defined in lib/arm64-v8a/libcrashsdk.so
https://errlog.umeng.com/api/crashsdk/logcollect
https://errlogos.umeng.com/api/crashsdk/logcollect
https://errlog.umeng.com
https://errlogos.umeng.com
Defined in lib/arm64-v8a/libcrashsdk.so
https://errlog.umeng.com/api/crashsdk/logcollect
https://errlogos.umeng.com/api/crashsdk/logcollect
https://errlog.umeng.com
https://errlogos.umeng.com
Defined in lib/arm64-v8a/libcrashsdk.so

Permissions analysis

Information computed with MobSF.

High android.permission.CAMERA take pictures and videos
Allows application to take pictures and videos with the camera. This allows the application to collect images that the camera is seeing at any time.
High android.permission.READ_PHONE_STATE read phone state and identity
Allows the application to access the phone features of the device. An application with this permission can determine the phone number and serial number of this phone, whether a call is active, the number that call is connected to and so on.
High android.permission.WRITE_EXTERNAL_STORAGE read/modify/delete external storage contents
Allows an application to write to external storage.
High android.permission.READ_EXTERNAL_STORAGE read external storage contents
Allows an application to read from external storage.
High android.permission.READ_PROFILE read the user's personal profile data
Allows an application to read the user's personal profile data.
High android.permission.REQUEST_INSTALL_PACKAGES Allows an application to request installing packages.
Malicious applications can use this to try and trick users into installing additional malicious packages.
High android.permission.GET_TASKS retrieve running applications
Allows application to retrieve information about currently and recently running tasks. May allow malicious applications to discover private information about other applications.
High android.permission.RECORD_AUDIO record audio
Allows application to access the audio record path.
Low android.permission.ACCESS_NETWORK_STATE view network status
Allows an application to view the status of all networks.
Low android.permission.INTERNET full Internet access
Allows an application to create network sockets.
Low android.permission.ACCESS_WIFI_STATE view Wi-Fi status
Allows an application to view the information about the status of Wi-Fi.
Low android.permission.WAKE_LOCK prevent phone from sleeping
Allows an application to prevent the phone from going to sleep.
Low android.permission.RECEIVE_BOOT_COMPLETED automatically start at boot
Allows an application to start itself as soon as the system has finished booting. This can make it take longer to start the phone and allow the application to slow down the overall phone by always running.
Low android.permission.VIBRATE control vibrator
Allows the application to control the vibrator.
Low android.permission.FOREGROUND_SERVICE Allows a regular application to use Service.startForeground.
com.android.alarm.permission.SET_ALARM Unknown permission
Unknown permission from android reference
android.permission.BROADCAST_PACKAGE_ADDED Unknown permission
Unknown permission from android reference
android.permission.BROADCAST_PACKAGE_CHANGED Unknown permission
Unknown permission from android reference
android.permission.BROADCAST_PACKAGE_INSTALL Unknown permission
Unknown permission from android reference
android.permission.BROADCAST_PACKAGE_REPLACED Unknown permission
Unknown permission from android reference
COM.Bangso.FitMiss.permission.MIPUSH_RECEIVE Unknown permission
Unknown permission from android reference
COM.Bangso.FitMiss.permission.PROCESS_PUSH_MSG Unknown permission
Unknown permission from android reference
COM.Bangso.FitMiss.permission.PUSH_PROVIDER Unknown permission
Unknown permission from android reference
com.coloros.mcs.permission.RECIEVE_MCS_MESSAGE Unknown permission
Unknown permission from android reference
com.heytap.mcs.permission.RECIEVE_MCS_MESSAGE Unknown permission
Unknown permission from android reference
com.vivo.notification.permission.BADGE_ICON Unknown permission
Unknown permission from android reference
COM.Bangso.FitMiss.andpermission.bridge Unknown permission
Unknown permission from android reference
com.huawei.appmarket.service.commondata.permission.GET_COMMON_DATA Unknown permission
Unknown permission from android reference

Threat analysis

Information computed with Quark-Engine.

Confidence:
100%
Read file from assets directory
Confidence:
100%
Method reflection
Confidence:
80%
Read data and put it into a buffer stream
Confidence:
80%
Read file and put it into a stream
Confidence:
80%
Open a file from given absolute path of the file
Confidence:
80%
Get absolute path of the file and store in string

Behavior analysis

Information computed with MobSF.

Java reflection
       com/qihoo/util/c.java
com/stub/StubApp.java
Load and manipulate dex files
       com/stub/StubApp.java
Loading native code (shared library)
       com/stub/StubApp.java

Control flow graphs analysis

Information computed by Pithus.

The application probably dynamically loads code