Low Risk

Threat level

com.android.carrierconfig

Analyzed on 2022-06-04T10:47:05.589862

1

permissions

0

activities

1

services

0

receivers

0

domains

File sums

MD5 01c5f5d26ff56a0d65acbf7f660975df
SHA1 96da6a33e137c33024e141ed337da0f0f5546849
SHA256 e28668f755118db29c7dc7bccdd95765d4a7da60877be16c37b40f56ac3dde73
Size 0.34MB

APKiD

Information computed with APKiD.

/tmp/tmp9g4_u5t1!classes.dex
yara_issue
  • yara issue - dex file recognized by apkid but not yara module
compiler
  • unknown (please file detection issue!)

SSdeep

Information computed with ssdeep.

APK file 6144:EUbw0juVLhd0pqO54N4CXBpOF1cLbWL8CWka07vp26Rxl3Gl9tTGnmSzoEryWx3w:EUHVCyqOF1cLbWL87tKNcJ
Manifest 48:E8EvThpmW/eP5vkbnMlGlZelZyDhlIsVZloVPlol098BvJjVTDdVsv20nwlbZFno:y…
classes.dex 96:FcJHI/kze5lYpIziVJ9QVKLsccpDbpmqXWPV/W7j/pgYzLNQA:FWHI/qdaz0kVwcpD…

Dexofuzzy

Information computed with Dexofuzzy.

classes.dex None

APK details

Information computed with AndroGuard and Pithus.

Package com.android.carrierconfig
App name
Version name 1.0.0
Version code 1
SDK 30 - 30
UAID aa6025d141cee62fe07f70e6e274ba28274e0dd1
Signature Signature V1 Signature V2
Frosting Not frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown

Certificate details

Information computed with AndroGuard.

MD5 ac4128120937684f45d2dbc15b9d1bcc
SHA1 29c647cbcc9a5fbd6c0c961e05712bd15352a1f5
SHA256 0a012131b1bdf9e80ef97d37f3b48362be363a464c8445ecf83627ebe8493a1e
Issuer Common Name: Samsung Platform Key for non-Galaxy devices, Organizational Unit: Mobile Communications Business, Organization: Samsung Electronics Co. Ltd., Locality: Suwon City, State/Province: Republic of Korea, Country: KR
Not before 2018-11-13T08:18:31+00:00
Not after 2118-11-12T15:00:00+00:00

File Analysis

Information computed with MobSF.

Findings Files
Certificate/Key files hardcoded inside the app. SEC-INF/buildConfirm.crt

Manifest analysis

Information computed with MobSF.

Low App is direct-boot aware [android:directBootAware=true]
This app can run before the user unlocks the device. If you're using a custom subclass of Application, and if any component inside your application is direct - boot aware, then your entire custom application is considered to be direct - boot aware.During Direct Boot, your application can only access the data that is stored in device protected storage.
High Service (.DefaultCarrierConfigService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_CARRIER_SERVICES [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.

Services

Information computed with AndroGuard.

com.android.carrierconfig.DefaultCarrierConfigService

NIAP analysis

Information computed with MobSF.

FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to no hardware resources.
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to no sensitive information repositories.
Access to Platform Resources
FDP_NET_EXT.1.1 The application has no network communications.
Network Communications
FDP_DAR_EXT.1.1 The application does not encrypt files in non-volatile memory.
Encryption Of Sensitive Application Data
FTP_DIT_EXT.1.1 The application does not encrypt any data in traffic or does not transmit any data between itself and another trusted IT product.
Protection of Data in Transit

Permissions analysis

Information computed with MobSF.

android.permission.READ_PRIVILEGED_PHONE_STATE Unknown permission
Unknown permission from android reference

Threat analysis

Information computed with Quark-Engine.

Control flow graphs analysis

Information computed by Pithus.