Low Risk

Threat level

com.lc.zpyh

悟小小

Analyzed on 2022-01-14T08:22:35.885434

36

permissions

79

activities

20

services

10

receivers

3

domains

File sums

MD5 2c1f4b5a28133d3386a808b68347b4db
SHA1 333aff905e61bfc0c423ff604dfd73e1f4d639af
SHA256 e39672fd54bbb298a09633925645fea50189bc3733e6d4b1362afc8e140f5f80
Size 15.19MB

APKiD

Information computed with APKiD.

/tmp/tmpchfiqq2h
packer
  • Jiagu
/tmp/tmpchfiqq2h!classes.dex
compiler
  • dexlib 2.x

SSdeep

Information computed with ssdeep.

APK file 196608:K8cBnUEwoJqR8KLyUJZyThYSMRhYA9Mj2uxI0BmpyClLX30XFJNpbyqcSQUAtQye:/Ewo4RbyUc2SkxW28bALX34NpotQp7ld
Manifest 768:yCY2kSfOGyn7h071JzsezhSeGj3c39hxzrIrMoX0jBMLY4khf5AbxTTTiwiHSn/P:…
classes.dex 98304:Qrtiqo9SODEdTd9lkUZYENCEu7idtBK4swsDVhOeaPUr60PoRo:Iq9Srh93ZY3r…

Dexofuzzy

Information computed with Dexofuzzy.

APK file 12:VL1r6Pik154IZFUofyVzODqXEUPbGMo3E:VL1rYNZGoaVzHEMGMoU
classes.dex 12:VL1r6Pik154IZFUofyVzODqXEUPbGMo3E:VL1rYNZGoaVzHEMGMoU

APK details

Information computed with AndroGuard and Pithus.

Package com.lc.zpyh
App name 悟小小
Version name 1.0.2
Version code 3
SDK 21 - 30
UAID 2e8552c6926872240c10b8a5ccb044896f2d0a70
Signature Signature V1 Signature V2
Frosting Not frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown
  • 0x42726577: Verity padding

Certificate details

Information computed with AndroGuard.

MD5 caf635b1fd2771e1b8d45726809cc461
SHA1 70580bb05113f2f197fab8c807f987861e495918
SHA256 d066a2a6e726266be621eee0b4c73d5dc97add59a0900db27c247066becc6ba9
Issuer Common Name: key0, Organizational Unit: key0, Organization: key0, Locality: key0, State/Province: key0, Country: key0
Not before 2021-07-16T01:02:27+00:00
Not after 2046-07-10T01:02:27+00:00

File Analysis

Information computed with MobSF.

Findings Files
Certificate/Key files hardcoded inside the app. assets/.appkey
Findings Files
Hardcoded Keystore found. assets/grs_sp.bks
assets/updatesdkcas.bks

Manifest analysis

Information computed with MobSF.

High Clear text traffic is Enabled For App[android:usesCleartextTraffic=true]
The app intends to use cleartext network traffic, such as cleartext HTTP, FTP stacks, DownloadManager, and MediaPlayer. The default value for apps that target API level 27 or lower is "true". Apps that target API level 28 or higher default to "false". The key reason for avoiding cleartext traffic is the lack of confidentiality, authenticity, and protections against tampering; a network attacker can eavesdrop on transmitted data and also modify it without being detected.
Low App has a Network Security Configuration[android:networkSecurityConfig=@xml/network_security_config]
The Network Security Configuration feature lets apps customize their network security settings in a safe, declarative configuration file without modifying app code. These settings can be configured for specific domains and for a specific app.
High TaskAffinity is set for Activity
(com.lc.zpyh.wxapi.WXEntryActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.lc.zpyh.wxapi.WXEntryActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High TaskAffinity is set for Activity
(com.lc.zpyh.wxapi.WXPayEntryActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (com.lc.zpyh.wxapi.WXPayEntryActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.tencent.tauth.AuthActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (com.mob.guard.MobTranPullUpActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.mob.id.MobIDActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.mob.guard.MobTranPullLockActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.mob.id.MobIDSYActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.mob.guard.MobGuardPullUpService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.mob.id.MobIDService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.mob.MobACService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
Low Broadcast Receiver (com.huawei.hms.support.api.push.PushMsgReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.lc.zpyh.permission.PROCESS_PUSH_MSG
protectionLevel: signatureOrSystem [android:exported=true]
A Broadcast Receiver is found to be exported, but is protected by a permission. However, the protection level of the permission is set to signatureOrSystem. It is recommended that signature level is used instead. Signature level should suffice for most purposes, and does not depend on where the applications are installed on the device.
Low Broadcast Receiver (com.huawei.hms.support.api.push.PushReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.lc.zpyh.permission.PROCESS_PUSH_MSG
protectionLevel: signatureOrSystem [android:exported=true]
A Broadcast Receiver is found to be exported, but is protected by a permission. However, the protection level of the permission is set to signatureOrSystem. It is recommended that signature level is used instead. Signature level should suffice for most purposes, and does not depend on where the applications are installed on the device.
High Service (com.huawei.hms.support.api.push.service.HmsMsgService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
Low Content Provider (com.huawei.hms.support.api.push.PushProvider) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.lc.zpyh.permission.PUSH_PROVIDER
protectionLevel: signatureOrSystem [android:exported=true]
A Content Provider is found to be exported, but is protected by a permission. However, the protection level of the permission is set to signatureOrSystem. It is recommended that signature level is used instead. Signature level should suffice for most purposes, and does not depend on where the applications are installed on the device.
High Service (com.meizu.cloud.pushsdk.NotificationService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.google.firebase.iid.FirebaseInstanceIdReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.google.android.c2dm.permission.SEND [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.mob.pushsdk.plugins.fcm.FCMFirebaseInstanceIdService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.heytap.msp.push.service.CompatibleDataMessageCallbackService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.coloros.mcs.permission.SEND_MCS_MESSAGE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.heytap.msp.push.service.DataMessageCallbackService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.heytap.mcs.permission.SEND_PUSH_MESSAGE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.vivo.push.sdk.service.CommandClientService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.mob.pushsdk.plugins.fcm.FCMFireMessagingReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.google.android.c2dm.permission.SEND [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High TaskAffinity is set for Activity
(com.mob.pushsdk.component.MobPushActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Service (com.xiaomi.mipush.sdk.PushMessageHandler) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.xiaomi.mipush.sdk.MessageHandleService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.xiaomi.push.service.receivers.NetworkStatusReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.mob.pushsdk.plugins.xiaomi.PushXiaoMiRevicer) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.mob.pushsdk.plugins.meizu.PushMeiZuRevicer) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.mob.pushsdk.plugins.fcm.FCMFirebaseMessagingService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.vivo.push.sdk.service.CommandClientService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.mob.pushsdk.plugins.vivo.PushVivoReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.

Browsable activities

Information computed with MobSF.

com.tencent.tauth.AuthActivity

Schemes: tencent101957521://

Main Activity

Information computed with AndroGuard.

com.lc.zpyh.ui.activity.SplashActivity

Activities

Information computed with AndroGuard.

com.lc.zpyh.wxapi.WXEntryActivity
com.lc.zpyh.ui.activity.SplashActivity
com.lc.zpyh.ui.activity.GuideActivity
com.lc.zpyh.ui.activity.MainActivity
com.lc.zpyh.ui.activity.CrashActivity
com.lc.zpyh.ui.activity.RestartActivity
com.lc.zpyh.ui.activity.PasswordForgetActivity
com.lc.zpyh.ui.activity.PasswordResetActivity
com.lc.zpyh.ui.activity.AboutActivity
com.lc.zpyh.ui.activity.BrowserActivity
com.lc.zpyh.ui.activity.CameraActivity
com.lc.zpyh.ui.activity.ImageSelectActivity
com.lc.zpyh.ui.activity.ImagePreviewActivity
com.lc.zpyh.ui.activity.mine.CooperateActivity
com.lc.zpyh.ui.activity.mine.SystemActivity
com.lc.zpyh.ui.activity.mine.MineAddressManagementActivity
com.lc.zpyh.ui.activity.mine.PersonalCenterActivity
com.lc.zpyh.ui.activity.mine.AccountSafetActivity
com.lc.zpyh.ui.activity.mine.AboutMineActivity
com.lc.zpyh.ui.activity.mine.ChangePhoneActivity
com.lc.zpyh.ui.activity.mine.CouponActivity
com.lc.zpyh.ui.activity.mine.ShopFollowActivity
com.lc.zpyh.ui.activity.mine.CollectionActivity
com.lc.zpyh.ui.activity.home.SearchActivity
com.lc.zpyh.ui.activity.home.SearchGoodsActivity
com.lc.zpyh.ui.activity.mine.MyEvaluateActivity
com.lc.zpyh.ui.activity.mine.FeedbackActivity
com.lc.zpyh.ui.activity.mine.FeedbackSecondaryActivity
com.lc.zpyh.ui.activity.supermarket.BusinessActivity
com.lc.zpyh.ui.activity.mine.AddAddressActivity
com.lc.zpyh.ui.activity.home.FoodNewsActivity
com.lc.zpyh.ui.activity.mine.LoginCodeActivity
com.lc.zpyh.ui.activity.mine.InvitationCodeActivity
com.lc.zpyh.ui.activity.mine.FootPrintActivity
com.lc.zpyh.ui.activity.home.AddressSearchActivity
com.lc.zpyh.ui.activity.supermarket.DangAnActivity
com.lc.zpyh.ui.activity.supermarket.ShopDetailsActivity
com.lc.zpyh.ui.activity.supermarket.ConfirmOrderActivity
com.lc.zpyh.ui.activity.supermarket.RemarksActivity
com.lc.zpyh.ui.activity.supermarket.PayActivity
com.lc.zpyh.ui.activity.supermarket.PayStautsActivity
com.lc.zpyh.ui.activity.order.OrderDetailsActivity
com.lc.zpyh.ui.activity.order.OrderServedDetailsActivty
com.lc.zpyh.ui.activity.order.ShopCommentActivity
com.lc.zpyh.ui.activity.order.CommentSuccessfActivity
com.lc.zpyh.ui.activity.home.ArticleDetailsActivity
com.lc.zpyh.ui.activity.home.InviteFriendsActivity
com.lc.zpyh.ui.activity.home.MyFansActivity
com.lc.zpyh.zxing.activity.MipcaActivityCapture
com.lc.zpyh.ui.activity.BindMobilePhoneNumberActivity
com.lc.zpyh.ui.activity.order.OrderTakeMealActivity
com.lc.zpyh.ui.activity.mine.RechargeActivity
com.lc.zpyh.ui.activity.mine.XieYiActivity
com.lc.zpyh.ui.activity.home.NoticeDeatailActivity
com.lc.zpyh.ui.activity.home.SelectMerchantsFlActivity
com.lc.zpyh.adapter.MainActivityDemo
com.lc.zpyh.ui.activity.supermarket.BusinessSearchActivity
com.lc.zpyh.ui.activity.AgreementActivity
com.lc.zpyh.ui.activity.home.MessageDeatailsActivity
com.lc.zpyh.ui.activity.mine.ForgetPassWordActivity
com.lc.zpyh.ui.activity.ShopCarActivity
com.lc.zpyh.wxapi.WXPayEntryActivity
com.tencent.tauth.AuthActivity
com.tencent.connect.common.AssistActivity
com.mob.guard.MobTranPullUpActivity
com.mob.id.MobIDActivity
com.mob.guard.MobTranPullLockActivity
com.mob.id.MobIDSYActivity
com.mob.secverify.login.impl.cmcc.CmccOAuthProxyActivity
cn.com.chinatelecom.account.sdk.ui.AuthActivity
com.mob.tools.MobUIShell
com.mob.pushsdk.component.MobPushActivity
com.huawei.hms.activity.BridgeActivity
com.huawei.hms.activity.EnableServiceActivity
com.huawei.updatesdk.service.otaupdate.AppUpdateActivity
com.huawei.updatesdk.support.pm.PackageInstallerActivity
com.mob.secverify.login.impl.cmcc.CmccOAuthProxyActivity
cn.com.chinatelecom.account.sdk.ui.AuthActivity
com.vivo.push.sdk.LinkProxyClientActivity

Receivers

Information computed with AndroGuard.

com.huawei.hms.support.api.push.PushMsgReceiver
com.huawei.hms.support.api.push.PushReceiver
com.meizu.cloud.pushsdk.MzPushSystemReceiver
com.google.firebase.iid.FirebaseInstanceIdReceiver
com.mob.pushsdk.plugins.fcm.FCMFireMessagingReceiver
com.google.android.datatransport.runtime.scheduling.jobscheduling.AlarmManagerSchedulerBroadcastReceiver
com.xiaomi.push.service.receivers.NetworkStatusReceiver
com.mob.pushsdk.plugins.xiaomi.PushXiaoMiRevicer
com.mob.pushsdk.plugins.meizu.PushMeiZuRevicer
com.mob.pushsdk.plugins.vivo.PushVivoReceiver

Services

Information computed with AndroGuard.

com.mob.guard.MobGuardPullUpService
com.mob.id.MobIDService
com.mob.MobACService
com.huawei.hms.support.api.push.service.HmsMsgService
com.mob.pushsdk.plugins.huawei.HuaweiPushService
com.meizu.cloud.pushsdk.NotificationService
com.google.firebase.messaging.FirebaseMessagingService
com.google.firebase.components.ComponentDiscoveryService
com.mob.pushsdk.plugins.fcm.FCMFirebaseInstanceIdService
com.heytap.msp.push.service.CompatibleDataMessageCallbackService
com.heytap.msp.push.service.DataMessageCallbackService
com.vivo.push.sdk.service.CommandClientService
com.mob.pushsdk.impl.MobPushJobService
com.google.android.datatransport.runtime.backends.TransportBackendDiscovery
com.google.android.datatransport.runtime.scheduling.jobscheduling.JobInfoSchedulerService
com.huawei.agconnect.core.ServiceDiscovery
com.xiaomi.mipush.sdk.PushMessageHandler
com.xiaomi.mipush.sdk.MessageHandleService
com.mob.pushsdk.plugins.fcm.FCMFirebaseMessagingService
com.vivo.push.sdk.service.CommandClientService

NIAP analysis

Information computed with MobSF.

FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['location', 'network connectivity', 'camera'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to no sensitive information repositories.
Access to Platform Resources
FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Network Communications
FDP_DAR_EXT.1.1 The application does not encrypt files in non-volatile memory.
Encryption Of Sensitive Application Data
FTP_DIT_EXT.1.1 The application does not encrypt any data in traffic or does not transmit any data between itself and another trusted IT product.
Protection of Data in Transit
Pygal Germany: 200 United States: 100

Map computed by Pithus.

Network analysis

Information computed with MobSF.

High Base config is insecurely configured to permit clear text traffic to all domains.
Scope: ['*']

Domains analysis

Information computed with MobSF.

DE appgallery.cloud.huawei.com 80.158.19.46
US play.google.com 142.250.184.206
DE store.hispace.hicloud.com 80.158.2.135

URL analysis

Information computed with MobSF.

https://play.google.com/store
https://appgallery.cloud.huawei.com/app/
https://play.google.com/store/apps/details?id=
https://appgallery.cloud.huawei.com
https://store.hispace.hicloud.com/hwmarket/api/
Defined in Android String Resource
https://play.google.com/store
https://appgallery.cloud.huawei.com/app/
https://play.google.com/store/apps/details?id=
https://appgallery.cloud.huawei.com
https://store.hispace.hicloud.com/hwmarket/api/
Defined in Android String Resource
https://play.google.com/store
https://appgallery.cloud.huawei.com/app/
https://play.google.com/store/apps/details?id=
https://appgallery.cloud.huawei.com
https://store.hispace.hicloud.com/hwmarket/api/
Defined in Android String Resource
https://play.google.com/store
https://appgallery.cloud.huawei.com/app/
https://play.google.com/store/apps/details?id=
https://appgallery.cloud.huawei.com
https://store.hispace.hicloud.com/hwmarket/api/
Defined in Android String Resource
https://play.google.com/store
https://appgallery.cloud.huawei.com/app/
https://play.google.com/store/apps/details?id=
https://appgallery.cloud.huawei.com
https://store.hispace.hicloud.com/hwmarket/api/
Defined in Android String Resource

Permissions analysis

Information computed with MobSF.

High android.permission.READ_EXTERNAL_STORAGE read external storage contents
Allows an application to read from external storage.
High android.permission.WRITE_EXTERNAL_STORAGE read/modify/delete external storage contents
Allows an application to write to external storage.
High android.permission.MANAGE_EXTERNAL_STORAGE Allows an application a broad access to external storage in scoped storage
Allows an application a broad access to external storage in scoped storage. Intended to be used by few apps that need to manage files on behalf of the users.
High android.permission.CAMERA take pictures and videos
Allows application to take pictures and videos with the camera. This allows the application to collect images that the camera is seeing at any time.
High android.permission.REQUEST_INSTALL_PACKAGES Allows an application to request installing packages.
Malicious applications can use this to try and trick users into installing additional malicious packages.
High android.permission.ACCESS_FINE_LOCATION fine (GPS) location
Access fine location sources, such as the Global Positioning System on the phone, where available. Malicious applications can use this to determine where you are and may consume additional battery power.
High android.permission.ACCESS_COARSE_LOCATION coarse (network-based) location
Access coarse location sources, such as the mobile network database, to determine an approximate phone location, where available. Malicious applications can use this to determine approximately where you are.
High android.permission.READ_PHONE_STATE read phone state and identity
Allows the application to access the phone features of the device. An application with this permission can determine the phone number and serial number of this phone, whether a call is active, the number that call is connected to and so on.
Low android.permission.ACCESS_NETWORK_STATE view network status
Allows an application to view the status of all networks.
Low android.permission.ACCESS_WIFI_STATE view Wi-Fi status
Allows an application to view the information about the status of Wi-Fi.
Low android.permission.INTERNET full Internet access
Allows an application to create network sockets.
Low android.permission.VIBRATE control vibrator
Allows the application to control the vibrator.
Low android.permission.CHANGE_NETWORK_STATE change network connectivity
Allows applications to change network connectivity state.
Low android.permission.CHANGE_WIFI_STATE change Wi-Fi status
Allows an application to connect to and disconnect from Wi-Fi access points and to make changes to configured Wi-Fi networks.
Low android.permission.WAKE_LOCK prevent phone from sleeping
Allows an application to prevent the phone from going to sleep.
Low android.permission.QUERY_ALL_PACKAGES Allows query of any normal app on the device, regardless of manifest declarations.
Medium com.google.android.c2dm.permission.RECEIVE C2DM permissions
Permission for cloud to device messaging.
com.lc.zpyh.permission.PROCESS_PUSH_MSG Unknown permission
Unknown permission from android reference
com.lc.zpyh.permission.PUSH_PROVIDER Unknown permission
Unknown permission from android reference
com.meizu.flyme.permission.PUSH Unknown permission
Unknown permission from android reference
com.coloros.mcs.permission.RECIEVE_MCS_MESSAGE Unknown permission
Unknown permission from android reference
com.huawei.appmarket.service.commondata.permission.GET_COMMON_DATA Unknown permission
Unknown permission from android reference
com.lc.zpyh.permission.MIPUSH_RECEIVE Unknown permission
Unknown permission from android reference
com.meizu.flyme.push.permission.RECEIVE Unknown permission
Unknown permission from android reference
com.lc.zpyh.push.permission.MESSAGE Unknown permission
Unknown permission from android reference
com.meizu.c2dm.permission.RECEIVE Unknown permission
Unknown permission from android reference
com.lc.zpyh.permission.C2D_MESSAGE Unknown permission
Unknown permission from android reference
com.huawei.android.launcher.permission.CHANGE_BADGE Unknown permission
Unknown permission from android reference
android.permission.READ_APP_BADGE Unknown permission
Unknown permission from android reference
com.sonymobile.home.permission.PROVIDER_INSERT_BADGE Unknown permission
Unknown permission from android reference
com.sonyericsson.home.permission.BROADCAST_BADGE Unknown permission
Unknown permission from android reference
com.sonyericsson.home.action.UPDATE_BADGE Unknown permission
Unknown permission from android reference
com.sec.android.provider.badge.permission.READ Unknown permission
Unknown permission from android reference
com.sec.android.provider.badge.permission.WRITE Unknown permission
Unknown permission from android reference
com.htc.launcher.permission.READ_SETTINGS Unknown permission
Unknown permission from android reference
com.htc.launcher.permission.UPDATE_SHORTCUT Unknown permission
Unknown permission from android reference

Threat analysis

Information computed with Quark-Engine.

Confidence:
100%
Read file from assets directory
Confidence:
100%
Method reflection
Confidence:
80%
Read data and put it into a buffer stream
Confidence:
80%
Read file and put it into a stream
Confidence:
80%
Open a file from given absolute path of the file
Confidence:
80%
Get absolute path of the file and store in string

Behavior analysis

Information computed with MobSF.

Java reflection
       com/qihoo/util/c.java
com/stub/StubApp.java
Load and manipulate dex files
       com/stub/StubApp.java
com/qihoo/util/QHClassLoader.java
Loading native code (shared library)
       com/stub/StubApp.java

Control flow graphs analysis

Information computed by Pithus.

The application probably dynamically loads code