Low Risk

Threat level

org.zywx.wbpalmstar.widgetone.uexaaabu10002

北燃移动门户

Analyzed on 2021-10-20T10:50:22.496282

54

permissions

112

activities

17

services

18

receivers

6

domains

File sums

MD5 f1b6f4658276f65d85908e5bb2b0e6a1
SHA1 5f3767a8ec8caf503c45e9ff4f86479f8e85ef39
SHA256 f5281aac5ad393522d57ddcde3880ee5436103d78669c14f789ea4fedb26c8f9
Size 64.63MB

APKiD

Information computed with APKiD.

/tmp/tmp90j79z4x
packer
  • Ijiami
/tmp/tmp90j79z4x!assets/ijm_lib/armeabi/libexec.so
packer
  • UPX (unknown, modified)
/tmp/tmp90j79z4x!assets/ijm_lib/armeabi/libexecmain.so
packer
  • UPX (unknown, modified)
/tmp/tmp90j79z4x!assets/libijmDataEncryption.so
packer
  • UPX (unknown, modified)
/tmp/tmp90j79z4x!classes.dex
compiler
  • dexlib 2.x
/tmp/tmp90j79z4x!lib/armeabi-v7a/libAMapSDK_MAP_v6_5_0.so
packer
  • sharelib UPX
/tmp/tmp90j79z4x!lib/armeabi-v7a/libappcan.so
packer
  • UPX (unknown, modified)

SSdeep

Information computed with ssdeep.

APK file 1572864:kAa1vGdkns3go5b8f9FSPfCONgKqKkkxwsPY9FFPEDQ:kA6otH5b8fjuhSALPYdYQ
Manifest 768:j5TrgSTAdnyF/R8XbH/5iSbyHUQtu1TYo9OegLoi3SEC13ynYlZGAtu+mQTsQoch:…
classes.dex 192:fMlsSgJiNXLxr14gPoos/glsPRnFf20wQLt:f6sSVlh9lsPVF2Y

Dexofuzzy

Information computed with Dexofuzzy.

APK file 12:NopcO7WCBdOXSj1vnBSE2+iZru80hj7gtOPpVqrz+:2pcOjOXSBYEviZru80Z7mOV
classes.dex 12:NopcO7WCBdOXSj1vnBSE2+iZru80hj7gtOPpVqrz+:2pcOjOXSBYEviZru80Z7mOV

APK details

Information computed with AndroGuard and Pithus.

Package org.zywx.wbpalmstar.widgetone.uexaaabu10002
App name 北燃移动门户
Version name 01.00.0100
Version code 712
SDK 22 - 28
UAID accb1cc65787c94e30f7d990bb6423973631f67e
Signature Signature V1 Signature V2
Frosting Not frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown

Certificate details

Information computed with AndroGuard.

MD5 5c63b1591d691faeb2091a4411264e20
SHA1 d8e57c5d29dfa7038d0bca0e006c5d71d3833fc8
SHA256 3edb08d952ecd6f249b5345a542ce2d4f9100155bfb5cdf2efde2a3f9e1f0d74
Issuer Common Name: bjgas, Organizational Unit: bjgas, Organization: bjgas, Locality: BeiJing, State/Province: BeiJing, Country: CN
Not before 2018-09-18T05:43:55+00:00
Not after 2028-09-15T05:43:55+00:00

File Analysis

Information computed with MobSF.

Findings Files
Hardcoded Keystore found. assets/hmsrootcas.bks

Manifest analysis

Information computed with MobSF.

Low App has a Network Security Configuration[android:networkSecurityConfig=@xml/network_security_config]
The Network Security Configuration feature lets apps customize their network security settings in a safe, declarative configuration file without modifying app code. These settings can be configured for specific domains and for a specific app.
High Activity (org.zywx.wbpalmstar.engine.EBrowserActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (cn.rongcloud.rce.ui.MainActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (cn.rongcloud.rce.ui.chat.ChatActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Broadcast Receiver (io.rong.push.platform.meizu.MeiZuReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Broadcast Receiver (org.zywx.wbpalmstar.platform.push.PushBroadCastReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Service (com.meizu.cloud.pushsdk.NotificationService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (io.rong.sight.player.SightPlayerActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High TaskAffinity is set for Activity
(cn.rongcloud.rce.ui.contact.OrganizationActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Activity (cn.rongcloud.rce.ui.forward.ForwardActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (cn.rongcloud.rce.share.SharedReceiverActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High TaskAffinity is set for Activity
(cn.rongcloud.rce.ui.contact.OtherCompanyActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High TaskAffinity is set for Activity
(cn.rongcloud.rce.ui.contact.ContactLabelActivity)
If taskAffinity is set, then other application could read the Intents sent to Activities belonging to another task. Always use the default setting keeping the affinity as the package name in order to prevent sensitive information inside sent or received Intents from being read by another application.
High Broadcast Receiver (cn.rongcloud.rce.RcePushReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.coloros.mcssdk.PushService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.coloros.mcs.permission.SEND_MCS_MESSAGE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.vivo.push.sdk.service.CommandClientService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (io.rong.push.platform.vivo.VivoPushMessageReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Service (com.xiaomi.mipush.sdk.PushMessageHandler) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.xiaomi.push.service.receivers.NetworkStatusReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (io.rong.push.platform.mi.MiMessageReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (io.rong.push.platform.hms.HMSReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Broadcast Receiver (com.huawei.hms.support.api.push.PushEventReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Service (io.rong.imlib.ipc.RongService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (io.rong.imlib.ConnectChangeReceiver) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (io.rong.push.rongpush.PushService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (io.rong.push.rongpush.PushReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.

Browsable activities

Information computed with MobSF.

org.zywx.wbpalmstar.engine.EBrowserActivity

Schemes: appcanaaabu10002://

Main Activity

Information computed with AndroGuard.

org.zywx.wbpalmstar.engine.LoadingActivity

Activities

Information computed with AndroGuard.

org.zywx.wbpalmstar.engine.EBrowserActivity
org.zywx.wbpalmstar.engine.TempActivity
org.zywx.wbpalmstar.engine.LoadingActivity
org.zywx.wbpalmstar.plugin.ueximage.crop.CropImageActivity
org.zywx.wbpalmstar.plugin.ueximage.deletebrowser.PreviewDetailActivity
org.zywx.wbpalmstar.plugin.uexappstoremgr.applistView.CategoryAppListActivity
org.zywx.wbpalmstar.plugin.uexappstoremgr.applistView.AppSearchActivity
org.zywx.wbpalmstar.plugin.uexfilemgr.FilexplorerActivity
com.tencent.smtt.sdk.VideoActivity
com.google.zxing.client.android.CaptureActivity
org.zywx.wbpalmstar.plugin.uexcamera.CustomCameraActivity
org.zywx.wbpalmstar.plugin.uexcamera.ViewCamera.SecondActivity
cn.rongcloud.rce.ui.MainActivity
cn.rongcloud.rce.ui.chat.ChatActivity
com.gstar.android.GstarCadFilesActivity
org.zywx.wbpalmstar.plugin.uexvideo.VideoPlayerActivity
org.zywx.wbpalmstar.plugin.uexvideo.VideoPlayerActivityForViewToWeb
org.zywx.wbpalmstar.plugin.uexvideo.lib.VideoCaptureActivity
com.android.print.demo.BluetoothDeviceList
org.zywx.wbpalmstar.plugin.uexbcepass.lib.GestureLockActivity
cn.rongcloud.contactcard.activities.ContactListActivity
cn.rongcloud.contactcard.activities.ContactDetailActivity
io.rong.sight.player.SightPlayerActivity
io.rong.sight.player.SightListActivity
io.rong.sight.record.SightRecordActivity
io.rong.imkit.plugin.location.AMapLocationActivity
io.rong.imkit.plugin.location.AMapPreviewActivity
io.rong.imkit.plugin.location.AMapRealTimeActivity
io.rong.imkit.activity.FileManagerActivity
io.rong.imkit.activity.FileListActivity
cn.rongcloud.rce.ui.login.LoginActivity
cn.rongcloud.rce.ui.login.FirstLoginResetPwdActivity
cn.rongcloud.rce.qrcode.barcodescanner.CaptureActivity
cn.rongcloud.rce.ui.file.CollectionFileListActivity
cn.rongcloud.rce.ui.contact.OrganizationActivity
cn.rongcloud.rce.ui.contact.MyGroupActivity
cn.rongcloud.rce.ui.group.SetGroupInfoActivity
cn.rongcloud.rce.ui.group.CreateGroupActivity
cn.rongcloud.rce.ui.group.AddGroupMemberActivity
cn.rongcloud.rce.ui.contact.UserDetailActivity
cn.rongcloud.rce.ui.contact.UserResumeActivity
cn.rongcloud.rce.ui.chat.PrivateChatDetailActivity
cn.rongcloud.rce.ui.chat.PrivateChatAddMemberActivity
cn.rongcloud.rce.ui.chat.GroupChatDetailActivity
cn.rongcloud.rce.ui.chat.PublicServiceChatDetailActivity
cn.rongcloud.rce.ui.setting.SetUserProfileActivity
cn.rongcloud.rce.ui.search.SearchActivity
cn.rongcloud.rce.ui.search.SearchSelectContactActivity
cn.rongcloud.rce.ui.group.SelectedContactActivity
cn.rongcloud.rce.ui.group.GroupMemberDetailActivity
cn.rongcloud.rce.ui.group.ChangeGroupNameActivity
cn.rongcloud.rce.ui.login.ResetPasswordActivity
cn.rongcloud.rce.ui.setting.SetAliasActivity
cn.rongcloud.rce.ui.chat.ReadReceiptDetailActivity
cn.rongcloud.rce.ui.forward.ForwardSelectGroupActivity
cn.rongcloud.rce.ui.forward.ForwardActivity
cn.rongcloud.rce.ui.forward.ForwardSelectContactActivity
cn.rongcloud.rce.ui.forward.ForwardSelectedDetailActivity
cn.rongcloud.rce.ui.file.FileListActivity
cn.rongcloud.rce.ui.contact.UserBigPortraitActivity
cn.rongcloud.rce.ui.chat.ChatMentionActivity
cn.rongcloud.rce.ui.login.LoginToComputerActivity
cn.rongcloud.rce.ui.login.MoreDevicesManagerActivity
cn.rongcloud.rce.qrcode.QRCodeGenerateActivity
cn.rongcloud.rce.ui.register.RegisterActivity
cn.rongcloud.rce.share.SharedReceiverActivity
cn.rongcloud.rce.ui.register.SelectCountryActivity
cn.rongcloud.rce.ui.oa.RceWebViewActivity
cn.rongcloud.rce.ui.contact.MyFriendsListActivity
cn.rongcloud.rce.ui.contact.NewFriendsListActivity
cn.rongcloud.rce.ui.contact.SelectFriendActivity
cn.rongcloud.rce.ui.contact.InviteFriendActivity
cn.rongcloud.rce.ui.file.RceFilePreviewActivity
cn.rongcloud.rce.ui.contact.ContactListActivity
cn.rongcloud.rce.ui.chat.MessageZoomActivity
cn.rongcloud.rce.qrcode.QRCodeResultActivity
cn.rongcloud.rce.ui.RceWebActivity
cn.rongcloud.rce.ui.group.SelectContactActivity
cn.rongcloud.rce.ui.preview.ConversationPicturesPagerActivity
cn.rongcloud.rce.ui.preview.ConversationPicturesPreviewActivity
cn.rongcloud.rce.ui.group.GroupNoticeActivity
cn.rongcloud.rce.ui.group.GroupNoticeEditActivity
cn.rongcloud.rce.ui.group.ChooseNewOwnerActivity
cn.rongcloud.rce.ui.group.UpdateGroupAliasActivity
cn.rongcloud.rce.ui.group.GroupManagementActivity
cn.rongcloud.rce.ui.group.GroupMuteActivity
cn.rongcloud.rce.ui.group.GroupMemberMuteSelectActivity
cn.rongcloud.rce.ui.group.SelectedMuteContactActivity
cn.rongcloud.rce.ui.group.GroupJoinApprovalListActivity
cn.rongcloud.rce.ui.contact.OtherCompanyActivity
cn.rongcloud.rce.ui.contact.ContactLabelActivity
cn.rongcloud.rce.ui.contact.RobotDetailActivity
cn.rongcloud.rce.ui.login.RCEMultiClientActivity
com.vivo.push.sdk.LinkProxyClientActivity
com.huawei.hms.activity.BridgeActivity
io.rong.push.platform.hms.common.HMSAgentActivity
com.xylink.sdk.sample.XyCallActivity
io.rong.imkit.plugin.image.PictureSelectorActivity
io.rong.imkit.plugin.image.PicturePreviewActivity
io.rong.imkit.tools.RongWebviewActivity
io.rong.imkit.tools.CombineWebViewActivity
io.rong.imkit.widget.provider.TakingPicturesActivity
io.rong.imkit.activity.PicturePagerActivity
io.rong.imkit.mention.MemberMentionedActivity
io.rong.imkit.activity.FilePreviewActivity
io.rong.imkit.activity.WebFilePreviewActivity
io.rong.imkit.activity.CSLeaveMessageActivity
io.rong.imkit.activity.GIFPreviewActivity
io.rong.imkit.activity.SelectConversationActivity
com.zhihu.matisse.ui.MatisseActivity
com.zhihu.matisse.internal.ui.AlbumPreviewActivity
com.zhihu.matisse.internal.ui.SelectedPreviewActivity

Receivers

Information computed with AndroGuard.

org.zywx.wbpalmstar.platform.push.PushRecieveMsgReceiver
org.zywx.wbpalmstar.plugin.uexappstoremgr.BroadcastReciver.EmmStartUpReceiver
org.zywx.wbpalmstar.plugin.uexLocalNotification.EAlarmReceiver
org.zywx.wbpalmstar.plugin.ueximex.imwrapper.acmain.ACPushHandlerReceiver
io.rong.push.platform.meizu.MeiZuReceiver
org.zywx.wbpalmstar.plugin.uexshortcutBadger.BadgePushReserver
org.zywx.wbpalmstar.platform.push.PushBroadCastReceiver
com.meizu.cloud.pushsdk.SystemReceiver
cn.rongcloud.rce.RcePushReceiver
io.rong.push.platform.vivo.VivoPushMessageReceiver
com.xiaomi.push.service.receivers.NetworkStatusReceiver
com.xiaomi.push.service.receivers.PingReceiver
io.rong.push.platform.mi.MiMessageReceiver
io.rong.push.platform.hms.HMSReceiver
com.huawei.hms.support.api.push.PushEventReceiver
io.rong.imlib.ConnectChangeReceiver
io.rong.imlib.HeartbeatReceiver
io.rong.push.rongpush.PushReceiver

Services

Information computed with AndroGuard.

org.zywx.wbpalmstar.base.DebugService
org.zywx.wbpalmstar.base.killSelfService
com.baidu.location.f
org.zywx.wbpalmstar.platform.push.PushService
com.meizu.cloud.pushsdk.NotificationService
cn.rongcloud.rce.update.UpdateService
com.coloros.mcssdk.PushService
com.vivo.push.sdk.service.CommandClientService
com.xiaomi.push.service.XMPushService
com.xiaomi.mipush.sdk.PushMessageHandler
com.xiaomi.mipush.sdk.MessageHandleService
com.xiaomi.push.service.XMJobService
io.rong.imlib.ipc.RongService
io.rong.push.rongpush.PushService
com.xylink.sdk.sample.IncomingCallService
com.xylink.sdk.sample.share.screen.RecordService
com.xylink.sdk.sample.BackgroundCallService

NIAP analysis

Information computed with MobSF.

FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['USB', 'network connectivity', 'camera', 'location', 'bluetooth', 'microphone'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to ['system logs', 'address book'].
Access to Platform Resources
FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Network Communications
FDP_DAR_EXT.1.1 The application does not encrypt files in non-volatile memory.
Encryption Of Sensitive Application Data
FTP_DIT_EXT.1.1 The application does not encrypt any data in traffic or does not transmit any data between itself and another trusted IT product.
Protection of Data in Transit
Pygal China: 400 United States: 100

Map computed by Pithus.

Network analysis

Information computed with MobSF.

High Base config is insecurely configured to permit clear text traffic to all domains.
Scope: ['*']
Medium Base config is configured to trust system certificates.
Scope: ['*']

Domains analysis

Information computed with MobSF.

CN appjk.bjgas.com 114.242.137.69
ns.adobe.com
CN web.gstarcad.com 60.205.177.199
US freeimage.sourceforge.net 204.68.111.100
CN rongcloud.cn 119.147.4.33
CN mcsdk.gstarcad.com 182.92.64.73

URL analysis

Information computed with MobSF.

https://appjk.bjgas.com/analyIn/4.0/service/
https://appjk.bjgas.com/v4/
https://appjk.bjgas.com/gateway/
http://rongcloud.cn/
Defined in Android String Resource
https://appjk.bjgas.com/analyIn/4.0/service/
https://appjk.bjgas.com/v4/
https://appjk.bjgas.com/gateway/
http://rongcloud.cn/
Defined in Android String Resource
https://appjk.bjgas.com/analyIn/4.0/service/
https://appjk.bjgas.com/v4/
https://appjk.bjgas.com/gateway/
http://rongcloud.cn/
Defined in Android String Resource
https://appjk.bjgas.com/analyIn/4.0/service/
https://appjk.bjgas.com/v4/
https://appjk.bjgas.com/gateway/
http://rongcloud.cn/
Defined in Android String Resource
http://mcsdk.gstarcad.com/r/m/c/checksdk
http://web.gstarcad.com/App/login/
http://freeimage.sourceforge.net
http://ns.adobe.com/xap/1.0/
ftp://%s:%s@%s
Defined in lib/armeabi-v7a/libgstarcadmc.so
http://mcsdk.gstarcad.com/r/m/c/checksdk
http://web.gstarcad.com/App/login/
http://freeimage.sourceforge.net
http://ns.adobe.com/xap/1.0/
ftp://%s:%s@%s
Defined in lib/armeabi-v7a/libgstarcadmc.so
http://mcsdk.gstarcad.com/r/m/c/checksdk
http://web.gstarcad.com/App/login/
http://freeimage.sourceforge.net
http://ns.adobe.com/xap/1.0/
ftp://%s:%s@%s
Defined in lib/armeabi-v7a/libgstarcadmc.so
http://mcsdk.gstarcad.com/r/m/c/checksdk
http://web.gstarcad.com/App/login/
http://freeimage.sourceforge.net
http://ns.adobe.com/xap/1.0/
ftp://%s:%s@%s
Defined in lib/armeabi-v7a/libgstarcadmc.so

Permissions analysis

Information computed with MobSF.

High android.permission.ACCESS_COARSE_LOCATION coarse (network-based) location
Access coarse location sources, such as the mobile network database, to determine an approximate phone location, where available. Malicious applications can use this to determine approximately where you are.
High android.permission.WRITE_EXTERNAL_STORAGE read/modify/delete external storage contents
Allows an application to write to external storage.
High android.permission.READ_PHONE_STATE read phone state and identity
Allows the application to access the phone features of the device. An application with this permission can determine the phone number and serial number of this phone, whether a call is active, the number that call is connected to and so on.
High android.permission.READ_LOGS read sensitive log data
Allows an application to read from the system's various log files. This allows it to discover general information about what you are doing with the phone, potentially including personal or private information.
High android.permission.REQUEST_INSTALL_PACKAGES Allows an application to request installing packages.
Malicious applications can use this to try and trick users into installing additional malicious packages.
High android.permission.CAMERA take pictures and videos
Allows application to take pictures and videos with the camera. This allows the application to collect images that the camera is seeing at any time.
High android.permission.READ_EXTERNAL_STORAGE read external storage contents
Allows an application to read from external storage.
High android.permission.WRITE_SETTINGS modify global system settings
Allows an application to modify the system's settings data. Malicious applications can corrupt your system's configuration.
High android.permission.ACCESS_FINE_LOCATION fine (GPS) location
Access fine location sources, such as the Global Positioning System on the phone, where available. Malicious applications can use this to determine where you are and may consume additional battery power.
High android.permission.MOUNT_UNMOUNT_FILESYSTEMS mount and unmount file systems
Allows the application to mount and unmount file systems for removable storage.
High android.permission.GET_TASKS retrieve running applications
Allows application to retrieve information about currently and recently running tasks. May allow malicious applications to discover private information about other applications.
High android.permission.RECORD_AUDIO record audio
Allows application to access the audio record path.
High android.permission.SYSTEM_ALERT_WINDOW display system-level alerts
Allows an application to show system-alert windows. Malicious applications can take over the entire screen of the phone.
High android.permission.READ_CONTACTS read contact data
Allows an application to read all of the contact (address) data stored on your phone. Malicious applications can use this to send your data to other people.
High android.permission.WRITE_CONTACTS write contact data
Allows an application to modify the contact (address) data stored on your phone. Malicious applications can use this to erase or modify your contact data.
Low android.permission.INTERNET full Internet access
Allows an application to create network sockets.
Low android.permission.ACCESS_WIFI_STATE view Wi-Fi status
Allows an application to view the information about the status of Wi-Fi.
Low android.permission.CHANGE_WIFI_STATE change Wi-Fi status
Allows an application to connect to and disconnect from Wi-Fi access points and to make changes to configured Wi-Fi networks.
Low android.permission.ACCESS_NETWORK_STATE view network status
Allows an application to view the status of all networks.
Low android.permission.RECEIVE_BOOT_COMPLETED automatically start at boot
Allows an application to start itself as soon as the system has finished booting. This can make it take longer to start the phone and allow the application to slow down the overall phone by always running.
Low android.permission.WAKE_LOCK prevent phone from sleeping
Allows an application to prevent the phone from going to sleep.
Low android.permission.VIBRATE control vibrator
Allows the application to control the vibrator.
Low android.permission.MODIFY_AUDIO_SETTINGS change your audio settings
Allows application to modify global audio settings, such as volume and routing.
Low android.permission.BLUETOOTH create Bluetooth connections
Allows applications to connect to paired bluetooth devices.
Low android.permission.BLUETOOTH_ADMIN bluetooth administration
Allows applications to discover and pair bluetooth devices.
Low android.permission.FOREGROUND_SERVICE Allows a regular application to use Service.startForeground
Low android.permission.FLASHLIGHT control flashlight
Allows the application to control the flashlight.
Low android.permission.REORDER_TASKS reorder applications running
Allows an application to move tasks to the foreground and background. Malicious applications can force themselves to the front without your control.
Low android.permission.USE_FINGERPRINT allow use of fingerprint
This constant was deprecated in API level 28. Applications should request USE_BIOMETRIC instead
Low android.permission.USE_BIOMETRIC Allows an app to use device supported biometric modalities.
org.zywx.wbpalmstar.widgetone.uexaaabu10002.uexdevice.permission Unknown permission
Unknown permission from android reference
android.permission.READ_SETTINGS Unknown permission
Unknown permission from android reference
com.meizu.flyme.push.permission.RECEIVE Unknown permission
Unknown permission from android reference
org.zywx.wbpalmstar.widgetone.uexaaabu10002.push.permission.MESSAGE Unknown permission
Unknown permission from android reference
com.meizu.c2dm.permission.RECEIVE Unknown permission
Unknown permission from android reference
org.zywx.wbpalmstar.widgetone.uexaaabu10002.permission.MIPUSH_RECEIVE Unknown permission
Unknown permission from android reference
android.hardware.usb.host Unknown permission
Unknown permission from android reference
com.sec.android.provider.badge.permission.READ Unknown permission
Unknown permission from android reference
com.sec.android.provider.badge.permission.WRITE Unknown permission
Unknown permission from android reference
com.htc.launcher.permission.READ_SETTINGS Unknown permission
Unknown permission from android reference
com.htc.launcher.permission.UPDATE_SHORTCUT Unknown permission
Unknown permission from android reference
com.sonyericsson.home.permission.BROADCAST_BADGE Unknown permission
Unknown permission from android reference
com.sonymobile.home.permission.PROVIDER_INSERT_BADGE Unknown permission
Unknown permission from android reference
com.anddoes.launcher.permission.UPDATE_COUNT Unknown permission
Unknown permission from android reference
com.majeur.launcher.permission.UPDATE_BADGE Unknown permission
Unknown permission from android reference
com.huawei.android.launcher.permission.CHANGE_BADGE Unknown permission
Unknown permission from android reference
com.huawei.android.launcher.permission.READ_SETTINGS Unknown permission
Unknown permission from android reference
com.huawei.android.launcher.permission.WRITE_SETTINGS Unknown permission
Unknown permission from android reference
android.permission.READ_APP_BADGE Unknown permission
Unknown permission from android reference
com.oppo.launcher.permission.READ_SETTINGS Unknown permission
Unknown permission from android reference
com.oppo.launcher.permission.WRITE_SETTINGS Unknown permission
Unknown permission from android reference
com.coloros.mcs.permission.RECIEVE_MCS_MESSAGE Unknown permission
Unknown permission from android reference
android.permission.SYSTEM_OVERLAY_WINDOW Unknown permission
Unknown permission from android reference
android.permission.INTERACT_ACROSS_USERS_FULL Unknown permission
Unknown permission from android reference

Threat analysis

Information computed with Quark-Engine.

Confidence:
80%
Read file and put it into a stream
Confidence:
80%
Open a file from given absolute path of the file
Confidence:
80%
Read file from assets directory
Confidence:
80%
Load additional DEX files dynamically
Confidence:
80%
Executes the specified string Linux command

Behavior analysis

Information computed with MobSF.

Content provider
       s/h/e/l/l/A.java
Execute os command
       s/h/e/l/l/S.java
Inter process communication
       s/h/e/l/l/A.java
Loading native code (shared library)
       s/h/e/l/l/N.java