Malicious
18
/61

Threat

com.my.newproject

android Update

Analyzed on 2022-06-13T06:34:01.493582

107

permissions

4

activities

0

services

0

receivers

0

domains

File sums

MD5 e87dfb160bc5b48e4edde52845321c6b
SHA1 902b96817762215a8eac6a98b0c431ef685e9d6f
SHA256 f873385a6dbf5c6d6b814a741755cf8dfc6caaf2d2c4d1a2aac5946e409ba545
Size 4.33MB

APKiD

Information computed with APKiD.

/tmp/tmpn73keyud!classes.dex
compiler
  • dx
/tmp/tmpn73keyud!classes10.dex
compiler
  • dx
/tmp/tmpn73keyud!classes11.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes12.dex
compiler
  • dx
/tmp/tmpn73keyud!classes13.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes14.dex
compiler
  • dx
/tmp/tmpn73keyud!classes15.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes16.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes17.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes18.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes19.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes2.dex
compiler
  • dx
/tmp/tmpn73keyud!classes20.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes21.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes22.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes23.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes24.dex
compiler
  • dx
/tmp/tmpn73keyud!classes25.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes26.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes27.dex
compiler
  • r8 without marker (suspicious)
/tmp/tmpn73keyud!classes28.dex
compiler
  • dx
/tmp/tmpn73keyud!classes29.dex
compiler
  • r8
/tmp/tmpn73keyud!classes3.dex
compiler
  • dx
/tmp/tmpn73keyud!classes30.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes31.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes32.dex
compiler
  • dx
/tmp/tmpn73keyud!classes33.dex
compiler
  • dx
/tmp/tmpn73keyud!classes34.dex
compiler
  • dx
/tmp/tmpn73keyud!classes35.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes36.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes37.dex
compiler
  • dx
/tmp/tmpn73keyud!classes38.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes39.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes4.dex
anti_vm
  • Build.MANUFACTURER check
compiler
  • dx
/tmp/tmpn73keyud!classes40.dex
compiler
  • dx
/tmp/tmpn73keyud!classes41.dex
compiler
  • dx
/tmp/tmpn73keyud!classes42.dex
compiler
  • r8 without marker (suspicious)
/tmp/tmpn73keyud!classes43.dex
compiler
  • dx
/tmp/tmpn73keyud!classes44.dex
compiler
  • dx
/tmp/tmpn73keyud!classes45.dex
compiler
  • dx
/tmp/tmpn73keyud!classes46.dex
compiler
  • dx
/tmp/tmpn73keyud!classes47.dex
compiler
  • unknown (please file detection issue!)
/tmp/tmpn73keyud!classes48.dex
compiler
  • dx
/tmp/tmpn73keyud!classes5.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes6.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes7.dex
compiler
  • dexlib 1.x
/tmp/tmpn73keyud!classes8.dex
compiler
  • dx
/tmp/tmpn73keyud!classes9.dex
compiler
  • dexlib 1.x

SSdeep

Information computed with ssdeep.

APK file 98304:DPGAPY+1oI8UofrLDmVojhkUWMrPI+7rh6XKihXqZ7EuBiIl3:D+++BbhkUrDkKt3
Manifest 384:2hTe5Tt+j0GzQQHIiaRpgXbxjAtpZq1nwVjomvDdZP33M02P+0HNtNPquZu7gx0A:…
classes.dex 3072:4M7H9V4NcSNWVcXbrvaS8K0yrk+Ck/0L4z3TLnc33BDQH9n:HHjbmPaHK3rk+Ck/…
classes10.dex 192:+O0fmTxV+M7b6CfAQ58J8liW9qr6Thtb9uOdWDwWM6Quq6kJf66nfZ6TWE3Y06y9:…
classes11.dex 3072:Tb4mTP9VnQPRcS6ACgS+zhYV7lMe5asBVFe9qn50echbOu8PypKa6hn8UDSsbwek…
classes12.dex 1536:rLTa6oEbvJjFapXtyH55ZYBuGpj27WuKQKe:ryYvJjspIH2ucq6u3F
classes13.dex 768:sP8KemJR6E0PzyQoKUHEPqPQfSH5fpxuVTqGZ:s+mJQPPFoKYElSH5Roh9Z
classes14.dex 768:BVdc2PwB0GTcbnNdT1njfs9zdx2dxQZ9sk9IN3MikKDkfq:BDbPwL9zdx2dxQZ9sK…
classes15.dex 192:NBUtz6UJAPA5wl9o6QiGuCkmF+B3hm886nYm:NytQAezTGuCxF+B3E886nYm
classes16.dex 96:7HDcfOHArR62WFe6bNVY2sRaaIBJiFbnn4oH68fgQZgljuyHXY43ca0:7HDcfOcWFz…
classes17.dex 96:/QmwDBaKJOWm2GADYmSBRuwt9e7YdUIzzCV1YbfKXhcLD6izwiqM8TYHCzRMlolZ:4…
classes18.dex 192:FwQYh0pB9b36loh5E0xxx7qtu9XnOv5HDk0nKoHEg/ZNw/964muNmu5y/:FwQYyp6…
classes19.dex 768:HLq8Cb5vrDBVyUsQp7dNa3J2YQjxaZYJsiwF6nzCekZG:HhWVl7dk4LS6nuekZG
classes2.dex 6144:i2pSK8eGIe9b/kjO9SWgPuF7s+Y/tIjVR8EuGoTlC1xKXHcYHNAwpWFvdgw0BJne…
classes20.dex 192:Sc9UFqUne4BakIPqjsH0QOnlmhkZNPmWV6i3F8x0mkiGZt:SpFqGe4YkIPKs5On9d…
classes21.dex 1536:HcN48Im3YJZV8VESrABn6NFZsb7IFmqCTavs4:8uBE4RSrAleI3TYs4
classes22.dex 768:DP6HHFFk7U9A6AlefspBe8PKf5ZDL7wxaTGBpQR4LwGUb86NZpJ2:el9QG4iD3vjG…
classes23.dex 768:I79paMk/mMUyfYZZq0QRGv5RSixpstyeeK:I79MMk+zyfYZZq0Ci5RVpstJeK
classes24.dex 96:bVFz4wVWQElaOtcTX5NZIu/DT5NowCdx4tmABwsV5g:pewVUl0XI0tjC36S
classes25.dex 384:aVUHr3+bnoThJvJs4W9uNhKO1+yksDCH6f6O+Ox2UDKOd+u4nleCtgWV3xCpntnb:…
classes26.dex 768:1F545mRMUPyp+k2gUkD0oAGIOFQLJ6sm2Ra58o+Q1v2JeLHROqAAw:1CkPG+k2gU1…
classes27.dex 12288:sinJAsbPWSmVvA3Sjf2co1knHNuJpGoctbtA/TjfFbXsPLaIWZ68QdnNWkzbovb…
classes28.dex 384:u3xX3ZuI1+qhcH2u0oz8DUcdjaFFWwPyYY2dmHDzWG0+AeiZc:u3V3ZVEwukw0OFF…
classes29.dex 6144:PRJpRuZGcbrFjKQDlFePtcPG5PQXP7GXnVLWZrQWcDrrYgYxrjIG5NaqhLtfz:sL…
classes3.dex 96:VDQgeMXQbUmP6ecTCX9ehpfE0a/JbozAhbN3p1C/lTSXnVVUJ463WrVUrzhjwx+G:e…
classes30.dex 384:4BtJdc+nBv/2d+7/jUXyH+5+qsxUtA0EmQrF4nrntSb+51eeGY+qf2uIp5yZ60vL:…
classes31.dex 96:ADFrmqcEmaPJgh92GOD2nx6BsqfbSCQcuNCtxjPFrKFEp+r2mmoyv/M/:s6ahgh92r…
classes32.dex 6144:hjGegjXRSjh22xJPLS8iz+Mam7KjtOgRr3bChKtaEiVSSs2OtA//:hXmR6izLayK…
classes33.dex 192:NCJTiZcAQkm4ha4grp11QqlugUalVMyVfVRs4ygLLI5/:ND7m4w3KqJOy/x5LLI5/
classes34.dex 48:HvI1LlX0uql+/Cw57ifaIpaRd4m9DnGxqWU/eY4MW+cOEJ:iBETl4Td4mlnQO/eeEJ
classes35.dex 192:saudydr+G8zWplRsAjlnwQclov1ssh12gqogVW3evb7M4VruaLONTvsA7hQTQ:fGW…
classes36.dex 192:AtWq3jssFTebmzetpMyD8GrHrNH4/5WQiNOa2zu0+0uVQL7rsjhxsyj9Lv+u97SU:…
classes37.dex 384:GcnJSJD7irbSHUVQB+2neupjLmn5+5mZFPBBdTkF8hCYt:JYN7aS0V+mnM5anpU8M0
classes38.dex 384:aX9mL5Do/6JyNgGf5oKubjtdWJXhbCrGZB5iGwypUbpIXY3/Hjbr8fyP0byHeUn2:…
classes39.dex 768:wC4sX3R9JjqSucByhgb0nZDrhri63wmJhDtJIwhUoe2kSlCkMz6:wCruS2+oBtXwm…
classes4.dex 24576:NXi7mSzuoGrhRGKXAXQXUXEKnAz8BMPr4:piJQK62EIpBM0
classes40.dex 96:vM/fsrjURZPmSI3i5n0Z9bROQnJrC/3aDk/obKLVkqrE6SZr08:0/fs3URZP4yhiv4…
classes41.dex 3072:58qq/+67cGPyo7QLJjfzptwcnJLPVes7RRFRWJnB88fzJmrZbR:58vL79X7QdHxP…
classes42.dex 1536:+6RoHk2RDB3ZUWAfe9QspWlNe5JqvQoaC+Jk:9RGk+DNZUwJqvhaC+Jk
classes43.dex 3072:jow9VapvrtLvHaL9aggrvEAuLuZyn0cqcxAM9PMPL2H7:0MV8vrtLvIwggrvF2uZ…
classes44.dex 6144:d7cnDVUA43SiAMQPjdCDvqneb8Opjh0x9fixM8SBA67LN+gUK:dMVYynmx0SzKQg…
classes45.dex 1536:GCqgcrqiW4gHYlchE34bD+yErk67eJULwPlOzhAtEL5fNp6ES9F1HG7n9eBgrZXl…
classes46.dex 1536:BU+g2HfOFbBLexKaLdaCsQfccE+3DO3ktOrSDWmpW0D9cszCCoOosSzn/z/UEEp8…
classes47.dex 12288:8WIdFhOWIU8dBuThmxLpNmpngSYroviv05qfv2cPn2T5acyQmgmdve3L0gmBL:H…
classes48.dex 12288:4RzhgLuaFCeaj44Do2te4Gq9M+Hui5BepNm29N8cyQm+ndve3L0F5B/:4RFEbJa…
classes5.dex 192:kC/Cb9R8q08lAG1E0T5uXzP+1fSXaHXAgmwGvQg5z3eKo1Yd++r+dOxl:kgC0ZGC3…
classes6.dex 384:a1yKRkRb6KeoXZDwWIz7GwzbjU8Zwi23jT8jt9Wh:aMakRb6wLIz7Y8ZwDH8jfa
classes7.dex 192:dPyUv9lAvUW5kSciAWcAPc01koymcK4sTbxrH7lWGsWXnZX6sJN:lys0SScccUkoy…
classes8.dex 768:Aqn8Y2vMAN2I9hEGNj4rU3DhKkK0lx8Fsp:AQLurN2I9uGNjGU3lu0l+Kp
classes9.dex 768:bgSVozluUNXY51OrQPHzQt3QS3PgM47mEXyYQvG5l4RGApsg:bFVILNXY59fzQt3Q…

Dexofuzzy

Information computed with Dexofuzzy.

APK file 6144:yLpgZZNuTX8zcuCgL8MONPPF9iEBpTL/7kugRTPt5tb5zifw:yLyuD8z4NPdgSpT…
classes.dex 24:XF4dHHHH8TS8lDvH1T11GAygZIZM11110E111o5k111h11111111111111111B1d:g…
classes10.dex 6:EIEPRfktUlMvt0/jb4MgTIqwaw/eo0PdN2dt5kBD9kqK2FGKAGiAGiaDkBx/RiEw:hE…
classes11.dex 384:i0e0DsGFDRSawzs+PcaBX1O9uwv7sosEmsDoz8PZJxK0D:xe0DpFNSagFcuO9uU7f…
classes12.dex 48:aBvE2GQv4XGZ7EmrphWVkUzwcZlCxmmZhaXDdB0h+meMfFUb8gO53fSYgCgDssRq:h…
classes13.dex 48:YELTtR7d5bw59TSosEoBuX96EaHgy8toMqTw0wm0:VTLbwr+osvBuXkTAhv0wm0
classes14.dex 24:LIi0gwnIiIkIiIkIHRqXWQrR3xUYWYi0N9v/o1irvMiNR3wvt66CYDtg4DlnY5S5:L…
classes15.dex 6:A4UXaQOxglz2RFYAbI5+vwL0A+vwLa4O3CkDJQXLPH0vAfTLn4u2jDOKOr:A4UXus2g…
classes16.dex 6:IDiZhiZK20htZAoiRfd9/w98zH2suBoBXuPIvG00nquJ3:2iZhiZt0hQdG9eRkuXyAj…
classes17.dex 12:/Q9OzTkANmNi2wG+DNsNh/Drwr+L+wkN262NcF2y12NqwriYc:/QYnNwd+qn/D8r+S…
classes18.dex 12:0Yg9tUOJ4npTtwCeKKylCR2yA2fc8sDnAsnX1KTTIfEM:0YgvUj0C7ly2KfLkAGFKm
classes19.dex 48:45xbrgvlE86KfvlQU0k0xYBozoH4MCpSfSr7zoB8m5zcqfA8o6P5dkck0W/r:45xPo…
classes2.dex 768:W5PkkB00t9u0zNuoehbH7x4xS7VRp+Y07n4Xo7chZFF0AsSw:Wsk5uQNu7B7x44VL…
classes20.dex 6:TPwYgGW8Jldfvf8Htnp22JI/v5aMJuaWOwq98XzhPxQQW03qsnmTI8O2rTnM:TU8Jld…
classes21.dex 96:TB5+IOOcKfsiKEkeC8ZZE/J/UriqcIR3CeYpKo9IGXTmbyA3kgTc:T74K0iVm9/J/U…
classes22.dex 48:OTVAY1NrMQo00c6VMMMbAjPk6Q7bA67rl3:OTnr600c6q4PjQHA67d
classes23.dex 48:fGHgzUXOui6OHC/mLIhTBgCAdGy07CXYu0pO33nd0:eM36kC/kIh9sGdCXb0pOHd0
classes24.dex 3:xqv46T3kutCzK5:8gWwo
classes25.dex 48:ZYzfEWkTzolFsfStD4Z9UD4G73aPeVknEUatPSPVdU/3nyyftT6TWnkuqn8CcaPI:K…
classes26.dex 48:KlA4WSJ2Mt1oF4q3zxNRkE6kT2PTJNHALmlr6aJG0S:XWFIRzLy11VnLw0S
classes27.dex 1536:tfFGVjgN51i7Mh9v/kCk84FSjHy8Hq57/iiZ6lTtlKh:YgLv8CDu7CTtlKh
classes28.dex 24:oN9ywPLH0byhLQlUJqf9FMYRvDiZ1QemoqUb/MmfCiUl6da:o6buCYqf8yLaQbRUIm…
classes29.dex 384:zFTOXd1R5KdVcgj+ncb2CPdq8kkPZEtWTaPymKypajyz6YyLeqns184l04pM99Jc:…
classes3.dex 3:+LzzDNAJXnKWZwwhOq/jfzzDdJX6wwhOn:izIKQwUOizbX6wUOn
classes30.dex 48:9KHm/irYFx0pVefOpVeOOOOOkDWvqisxHsx7xXZOCOC/uJIvf9+NPNkVR98:9eyirY…
classes31.dex 3:79z9whOq659whOn:79RUO7bUOn
classes32.dex 384:6uQ3UCZnC9LHPIETnIi1VweMZ8lGNzevfJgqyJQNKcn5dz/oxpjJ0T4VQR:6b3zCB…
classes33.dex 6:9JkfZpC9RhkyNVZxbEV2rihVnpwW36hDWOAJ7xYk0I9OjQKINyavM5QIhgXO/94e:rk…
classes34.dex 3:h4+6zRrIQzuIM9rcmn:GTrsI8rcm
classes35.dex 24:D/mlZSzyLwHMBufCfYyilfqbqdlzIdjjqRhalDKMj2DvZojQ6:zOEzyLwHB4ARUWvZg
classes36.dex 12:qK7wUnFffbYzMX18Lz4RLsQSdL9mTQ4Xjq6pzS3gODZxecuZeZlrRvRSNq:qMX0MX6…
classes37.dex 12:D9flvHpU76q2Zd37gHbxSoUlObNVdNA19qHKEDxEJbuV9VeaEd0J0IAn:DvHpUmR37…
classes38.dex 24:f6MWVHk3NMQi1K5zoltZ72beS3vnNIVB+of2HBhOAChpsSRNOPrYyntOmZDPNYy3:y…
classes39.dex 48:caZxfEC5L5os+CW4Rb8kgSpppUhcWNXpEzollikyip6QTa8Jv0GNhPg44VguLH:9F5…
classes4.dex 768:MiISBcv4SUVYvoPKJ6x5k+00cr1GqcpOAbwogM02NVV1oGLpm:MC6vbUG8x5kJ0cr…
classes40.dex 3:RSht6QVdsR90+hK0uyRuFIqwRlUD3X82+xDv+ASOUk:0ht1Vc0+E0uyRuFtEODn8r+A…
classes41.dex 192:KkCFPKkHmVOu3fVJObGjdwS22a+WSi7sdzgT4yqlKS:KkCFCkC7P9r22a+WSi7sdj…
classes42.dex 48:5sy+Bq8JDoCtpepIQO+U6u7w5UpFt70KIYc6:5sy0JDotHOWW0Ot70T6
classes43.dex 192:EddvSwZ392jgv4X54On5RcwZ4EYy/pQZCo+UZpw8s:E7N2D5RcwZ4R+E+UZTs
classes44.dex 384:5FxG9r2ija9AiaDw8Uf44q+E9O32koGonWAniD6:PqrTmA/k3MGYniD6
classes45.dex 192:83k3T3nGzV/4wNBSZLyUGMJcB5K6TX3Vizl/nko9obikh:1Gx/3NBI/lcbKf/Gikh
classes46.dex 96:7/ZrwZzCsszx9p+lhZrJJyS00KtHY6ewIfxIHIHItAQQn:7RrObszx9pm/DXK5Y6ew…
classes47.dex 24:rLLLLLLLLLLLG563ALLLLLLLLLLLLLLLG563ALLLLLLLLLLLLLLLG563ALLLLLLS:B…
classes48.dex 48:l3k3S3S3S3P2GzqqU71UUQtNxIVdMoDdiv889884hGnUW3hW+cCpW0Bs:lY++++RyP…
classes5.dex 12:FfEDrRqB2fxruh1wlnNhARP7h1wezU5lheu/YMgHRRARRRtWjMvH5+bSjORw:O8i0K…
classes6.dex 24:XNQc65N/8z9QkFfseV6Ku/H6vD5666XTYYY3HytJ+tx496vATqJwS2zGGXGra61:XN…
classes7.dex 12:tENGpMJt6sjE5Y4CWqislnF51+ItTRK2MkRf6LOJGzjLo8aLqJOwuo1mn3tgkL:tYU…
classes8.dex 24:VITNwzwvaBSuoTUSL5Bz/ZNtD9g5uKEeZ5j4Y3Lfdx8+N9udwQiMYSaDu:V+YyvH/H…
classes9.dex 96:X72yeN3MAzx2wswhpSudizBgzioIlj4g+rWNCQELicOH4aTSjMqZ:X7SN3MA12wswL…

APK details

Information computed with AndroGuard and Pithus.

Package com.my.newproject
App name android Update
Version name 1.0
Version code 1
SDK 21 - 28
UAID 619da802fa11b216c29bcd3a072f403dc6ec601d
Signature Signature V1 Signature V2 Signature V3
Frosting Not frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown
  • 0xf05368c0: Unknown
  • 0x42726577: Verity padding

Certificate details

Information computed with AndroGuard.

MD5 e89b158e4bcf988ebd09eb83f5378e87
SHA1 61ed377e85d386a8dfee6b864bd85b0bfaa5af81
SHA256 a40da80a59d170caa950cf15c18c454d47a39b26989d8b640ecd745ba71bf5dc
Issuer Email Address: android@android.com, Common Name: Android, Organizational Unit: Android, Organization: Android, Locality: Mountain View, State/Province: California, Country: US
Not before 2008-02-29T01:33:46+00:00
Not after 2035-07-17T01:33:46+00:00

Manifest analysis

Information computed with MobSF.

High Clear text traffic is Enabled For App[android:usesCleartextTraffic=true]
The app intends to use cleartext network traffic, such as cleartext HTTP, FTP stacks, DownloadManager, and MediaPlayer. The default value for apps that target API level 27 or lower is "true". Apps that target API level 28 or higher default to "false". The key reason for avoiding cleartext traffic is the lack of confidentiality, authenticity, and protections against tampering; a network attacker can eavesdrop on transmitted data and also modify it without being detected.
Medium Application Data can be Backed up[android:allowBackup=true]
This flag allows anyone to backup your application data via adb. It allows users who have enabled USB debugging to copy application data off of the device.

Main Activity

Information computed with AndroGuard.

com.my.newproject.MainActivity

Activities

Information computed with AndroGuard.

com.my.newproject.MainActivity
com.my.newproject.HackedActivity
com.my.newproject.DebugActivity
com.facebook.ads.AudienceNetworkActivity

Sample timeline

Oldest file found in APK Jan. 1, 1980, 1 a.m.
Certificate valid not before Feb. 29, 2008, 1:33 a.m.
First submission on VT June 7, 2022, 5:59 p.m.
Last submission on VT June 7, 2022, 5:59 p.m.
Latest file found in APK June 7, 2022, 7:57 p.m.
Upload on Pithus June 13, 2022, 6:34 a.m.
Certificate valid not after July 17, 2035, 1:33 a.m.

VirusTotal

Score 18/61
Report https://www.virustotal.com/gui/file/f873385a6dbf5c6d6b814a741755cf8dfc6caaf2d2c4d1a2aac5946e409ba545/detection

Most Popular AV Detections

Provided by VirusTotal

Threat name: piom Identified 2 times
Threat name: artemis Identified 2 times
Threat name: wiper Identified 2 times

NIAP analysis

Information computed with MobSF.

FCS_RBG_EXT.1.1 The application invoke platform-provided DRBG functionality for its cryptographic operations.
Random Bit Generation Services
FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application generate no asymmetric cryptographic keys.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['location', 'bluetooth', 'camera', 'network connectivity'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to ['address book', 'system logs'].
Access to Platform Resources
FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Network Communications
FDP_DAR_EXT.1.1 The application implement functionality to encrypt sensitive data in non-volatile memory.
Encryption Of Sensitive Application Data
FMT_MEC_EXT.1.1 The application invoke the mechanisms recommended by the platform vendor for storing and setting configuration options.
Supported Configuration Mechanism
FTP_DIT_EXT.1.1 The application does encrypt some transmitted data with HTTPS/TLS/SSH between itself and another trusted IT product.
Protection of Data in Transit
FCS_RBG_EXT.2.1
FCS_RBG_EXT.2.2
The application perform all deterministic random bit generation (DRBG) services in accordance with NIST Special Publication 800-90A using Hash_DRBG. The deterministic RBG is seeded by an entropy source that accumulates entropy from a platform-based DRBG and a software-based noise source, with a minimum of 256 bits of entropy at least equal to the greatest security strength (according to NIST SP 800-57) of the keys and hashes that it will generate.
Random Bit Generation from Application
FCS_HTTPS_EXT.1.2 The application implement HTTPS using TLS.
HTTPS Protocol
FCS_HTTPS_EXT.1.3 The application notify the user and not establish the connection or request application authorization to establish the connection if the peer certificate is deemed invalid.
HTTPS Protocol
FIA_X509_EXT.1.1 The application invoked platform-provided functionality to validate certificates in accordance with the following rules: ['The certificate path must terminate with a trusted CA certificate'].
X.509 Certificate Validation
FIA_X509_EXT.2.1 The application use X.509v3 certificates as defined by RFC 5280 to support authentication for HTTPS , TLS.
X.509 Certificate Authentication

Code analysis

Information computed with MobSF.

Medium
CVSS:7.5
The App uses an insecure Random Number Generator.
MASVS: MSTG-CRYPTO-6
CWE-330 Use of Insufficiently Random Values
M5: Insufficient Cryptography
Files:
 com/my/newproject/MainActivity.java
com/my/newproject/SketchwareUtil.java
com/my/newproject/HackedActivity.java
High
CVSS:5.5
App can read/write to External Storage. Any App can read data written to External Storage.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files:
 com/my/newproject/FileUtil.java

Permissions analysis

Information computed with MobSF.

High android.permission.CAMERA take pictures and videos
Allows application to take pictures and videos with the camera. This allows the application to collect images that the camera is seeing at any time.
High android.permission.READ_EXTERNAL_STORAGE read external storage contents
Allows an application to read from external storage.
High android.permission.WRITE_EXTERNAL_STORAGE read/modify/delete external storage contents
Allows an application to write to external storage.
High android.permission.ACCESS_FINE_LOCATION fine (GPS) location
Access fine location sources, such as the Global Positioning System on the phone, where available. Malicious applications can use this to determine where you are and may consume additional battery power.
High android.permission.READ_SMS read SMS or MMS
Allows application to read SMS messages stored on your phone or SIM card. Malicious applications may read your confidential messages.
High android.permission.RECEIVE_SMS receive SMS
Allows application to receive and process SMS messages. Malicious applications may monitor your messages or delete them without showing them to you.
High android.permission.SEND_SMS send SMS messages
Allows application to send SMS messages. Malicious applications may cost you money by sending messages without your confirmation.
High android.permission.SEND_SMS_NO_CONFIRMATION send SMS messages
send SMS messages via the Messaging app with no user input or confirmation.
High android.permission.ACCEPT_HANDOVER Allows a calling app to continue a call which was started in another app. An example is a video calling app that wants to continue a voice call on the user's mobile network.
High android.permission.ACCESS_BACKGROUND_LOCATION access location in background
Allows an app to access location in the background.
High android.permission.ACCESS_COARSE_LOCATION coarse (network-based) location
Access coarse location sources, such as the mobile network database, to determine an approximate phone location, where available. Malicious applications can use this to determine approximately where you are.
High android.permission.ACCESS_MEDIA_LOCATION access any geographic locations
Allows an application to access any geographic locations persisted in the user's shared collection.
High android.permission.ACCESS_MOCK_LOCATION mock location sources for testing
Create mock location sources for testing. Malicious applications can use this to override the location and/or status returned by real-location sources such as GPS or Network providers.
High android.permission.ACTIVITY_RECOGNITION allow application to recognize physical activity
Allows an application to recognize physical activity.
High android.permission.ANSWER_PHONE_CALLS Allows the app to answer an incoming phone call.
High android.permission.READ_LOGS read sensitive log data
Allows an application to read from the system's various log files. This allows it to discover general information about what you are doing with the phone, potentially including personal or private information.
High android.permission.WRITE_SETTINGS modify global system settings
Allows an application to modify the system's settings data. Malicious applications can corrupt your system's configuration.
High android.permission.WRITE_SMS edit SMS or MMS
Allows application to write to SMS messages stored on your phone or SIM card. Malicious applications may delete your messages.
High android.permission.READ_CONTACTS read contact data
Allows an application to read all of the contact (address) data stored on your phone. Malicious applications can use this to send your data to other people.
High android.permission.GET_TASKS retrieve running applications
Allows application to retrieve information about currently and recently running tasks. May allow malicious applications to discover private information about other applications.
Low android.permission.INTERNET full Internet access
Allows an application to create network sockets.
Low android.permission.ACCESS_NETWORK_STATE view network status
Allows an application to view the status of all networks.
Low android.permission.BLUETOOTH create Bluetooth connections
Allows applications to connect to paired bluetooth devices.
Low android.permission.BLUETOOTH_ADMIN bluetooth administration
Allows applications to discover and pair bluetooth devices.
Low android.permission.ACCESS_LOCATION_EXTRA_COMMANDS access extra location provider commands
Access extra location provider commands. Malicious applications could use this to interfere with the operation of the GPS or other location sources.
Low android.permission.ACCESS_NOTIFICATION_POLICY Marker permission for applications that wish to access notification policy.
Low android.permission.ACCESS_WIFI_STATE view Wi-Fi status
Allows an application to view the information about the status of Wi-Fi.
Low android.permission.BIND_COMPANION_DEVICE_SERVICE Must be required by any CompanionDeviceServices to ensure that only the system can bind to it.
Low android.permission.WRITE_SYNC_SETTINGS write sync settings
Allows an application to modify the sync settings, such as whether sync is enabled for Contacts.
Low android.permission.RECEIVE_BOOT_COMPLETED automatically start at boot
Allows an application to start itself as soon as the system has finished booting. This can make it take longer to start the phone and allow the application to slow down the overall phone by always running.
Low android.permission.WAKE_LOCK prevent phone from sleeping
Allows an application to prevent the phone from going to sleep.
Medium android.permission.BROADCAST_SMS send SMS-received broadcast
Allows an application to broadcast a notification that an SMS message has been received. Malicious applications may use this to forge incoming SMS messages.
Medium android.permission.SMS_FINANCIAL_TRANSACTIONS Allows financial apps to read filtered sms messages
Allows financial apps to read filtered sms messages. Protection level: signature|appop. This constant was deprecated in API level S.
Medium android.permission.ACCESS_SURFACE_FLINGER access SurfaceFlinger
Allows application to use SurfaceFlinger low-level features.
Medium android.permission.ACCOUNT_MANAGER act as the Account Manager Service
Allows an application to make calls to Account Authenticators.
Medium android.permission.BATTERY_STATS modify battery statistics
Allows the modification of collected battery statistics. Not for use by common applications.
Medium android.permission.BIND_ACCESSIBILITY_SERVICE Must be required by an AccessibilityService, to ensure that only the system can bind to it.
Medium android.permission.BIND_AUTOFILL_SERVICE Must be required by a AutofillService, to ensure that only the system can bind to it.
Medium android.permission.BIND_CALL_REDIRECTION_SERVICE Must be required by a CallRedirectionService, to ensure that only the system can bind to it.
Medium android.permission.BIND_CARRIER_MESSAGING_CLIENT_SERVICE A subclass of CarrierMessagingClientService must be protected with this permission.
Medium android.permission.BIND_CARRIER_MESSAGING_SERVICE The system process that is allowed to bind to services in carrier apps will have this permission.
Medium android.permission.BIND_CARRIER_SERVICES The system process that is allowed to bind to services in carrier apps will have this permission. Carrier apps should use this permission to protect their services that only the system is allowed to bind to.
Medium android.permission.BIND_CHOOSER_TARGET_SERVICE Must be required by a ChooserTargetService, to ensure that only the system can bind to it.
Medium android.permission.BIND_CONDITION_PROVIDER_SERVICE Must be required by a ConditionProviderService, to ensure that only the system can bind to it.
Medium android.permission.BIND_DEVICE_ADMIN interact with device admin
Allows the holder to send intents to a device administrator. Should never be needed for common applications.
Medium android.permission.BIND_DREAM_SERVICE Must be required by an DreamService, to ensure that only the system can bind to it.
Medium android.permission.READ_INPUT_STATE record what you type and actions that you take
Allows applications to watch the keys that you press even when interacting with another application (such as entering a password). Should never be needed for common applications.
Medium android.permission.ACCESS_CACHE_FILESYSTEM access the cache file system
Allows an application to read and write the cache file system.
Medium android.permission.ACCESS_CHECKIN_PROPERTIES access check-in properties
Allows read/write access to properties uploaded by the check-in service. Not for use by common applications.
Medium android.permission.BACKUP control system back up and restore
Allows the application to control the system's back-up and restore mechanism. Not for use by common applications.
Medium android.permission.BIND_APPWIDGET choose widgets
Allows the application to tell the system which widgets can be used by which application. With this permission, applications can give access to personal data to other applications. Not for use by common applications.
Medium android.permission.BIND_CONTROLS Allows SystemUI to request third party controls.
Allows SystemUI to request third party controls. Should only be requested by the System and required by ControlsProviderService declarations.
Medium android.permission.WRITE_SECURE_SETTINGS modify secure system settings
Allows an application to modify the system's secure settings data. Not for use by common applications.
Medium android.permission.WRITE_GSERVICES modify the Google services map
Allows an application to modify the Google services map. Not for use by common applications.
android.permission.ACCESS_AMBIENT_LIGHT_STATS Unknown permission
Unknown permission from android reference
android.permission.ACCESS_BLOBS_ACROSS_USERS Unknown permission
Unknown permission from android reference
android.permission.ACCESS_BROADCAST_RADIO Unknown permission
Unknown permission from android reference
android.permission.ACCESS_CONTEXT_HUB Unknown permission
Unknown permission from android reference
android.permission.ACCESS_DRM_CERTIFICATES Unknown permission
Unknown permission from android reference
android.permission.ACCESS_FM_RADIO Unknown permission
Unknown permission from android reference
android.permission.ACCESS_INSTANT_APPS Unknown permission
Unknown permission from android reference
android.permission.ACCESS_LOCUS_ID_USAGE_STATS Unknown permission
Unknown permission from android reference
android.permission.ACCESS_MTP Unknown permission
Unknown permission from android reference
android.permission.ACCESS_NETWORK_CONDITIONS Unknown permission
Unknown permission from android reference
android.permission.ACCESS_NOTIFICATIONS Unknown permission
Unknown permission from android reference
android.permission.ACCESS_RCS_USER_CAPABILITY_EXCHANGE Unknown permission
Unknown permission from android reference
android.permission.ACCESS_SHARED_LIBRARIES Unknown permission
Unknown permission from android reference
android.permission.ACCESS_SHORTCUTS Unknown permission
Unknown permission from android reference
android.permission.ACCESS_TUNED_INFO Unknown permission
Unknown permission from android reference
android.permission.ACCESS_TV_DESCRAMBLER Unknown permission
Unknown permission from android reference
android.permission.ACCESS_TV_TUNER Unknown permission
Unknown permission from android reference
android.permission.ACCESS_VIBRATOR_STATE Unknown permission
Unknown permission from android reference
android.permission.ACTIVITY_EMBEDDING Unknown permission
Unknown permission from android reference
com.samsung.adaptivebrightnessgo.permission.ADAPTIVE_BRIGHTNESS_PERMISSION Unknown permission
Unknown permission from android reference
com.android.voicemail.permission.ADD_VOICEMAIL Unknown permission
Unknown permission from android reference
android.permission.ADJUST_RUNTIME_PERMISSIONS_POLICY Unknown permission
Unknown permission from android reference
android.permission.ALLOCATE_AGGRESSIVE Unknown permission
Unknown permission from android reference
android.permission.ALLOW_ANY_CODEC_FOR_PLAYBACK Unknown permission
Unknown permission from android reference
android.permission.AMBIENT_WALLPAPER Unknown permission
Unknown permission from android reference
android.permission.APPROVE_INCIDENT_REPORTS Unknown permission
Unknown permission from android reference
android.permission.ASSOCIATE_COMPANION_DEVICES Unknown permission
Unknown permission from android reference
android.permission.BACKGROUND_CAMERA Unknown permission
Unknown permission from android reference
android.permission.BATTERY_PREDICTION Unknown permission
Unknown permission from android reference
android.permission.BIND_ATTENTION_SERVICE Unknown permission
Unknown permission from android reference
android.permission.BIND_AUGMENTED_AUTOFILL_SERVICE Unknown permission
Unknown permission from android reference
android.permission.BIND_CALL_DIAGNOSTIC_SERVICE Unknown permission
Unknown permission from android reference
android.permission.BIND_CELL_BROADCAST_SERVICE Unknown permission
Unknown permission from android reference
android.permission.BIND_CONNECTION_SERVICE Unknown permission
Unknown permission from android reference
android.permission.BIND_CONTENT_CAPTURE_SERVICE Unknown permission
Unknown permission from android reference
android.permission.BIND_CONTENT_SUGGESTIONS_SERVICE Unknown permission
Unknown permission from android reference
android.permission.BIND_DIRECTORY_SEARCH Unknown permission
Unknown permission from android reference
android.permission.BIND_DISPLAY_HASHING_SERVICE Unknown permission
Unknown permission from android reference
android.permission.BIND_DOMAIN_VERIFICATION_AGENT Unknown permission
Unknown permission from android reference
android.permission.BIND_EUICC_SERVICE Unknown permission
Unknown permission from android reference
android.permission.READ_INSTALL_SESSIONS Unknown permission
Unknown permission from android reference
android.permission.READ_NETWORK_USAGE_HISTORY Unknown permission
Unknown permission from android reference
android.permission.READ_OEM_UNLOCK_STATE Unknown permission
Unknown permission from android reference
android.permission.READ_PEOPLE_DATA Unknown permission
Unknown permission from android reference
com.android.voicemail.permission.WRITE_VOICEMAIL Unknown permission
Unknown permission from android reference
android.permission.WRITE_OBB Unknown permission
Unknown permission from android reference
android.permission.WRITE_MEDIA_STORAGE Unknown permission
Unknown permission from android reference
android.intent.action.MAIN Unknown permission
Unknown permission from android reference
android.intent.category.LAUNCHER Unknown permission
Unknown permission from android reference
android.intent.action.SEND Unknown permission
Unknown permission from android reference
android.intent.category.DEFAULT Unknown permission
Unknown permission from android reference
com.elite.SMSReceiver Unknown permission
Unknown permission from android reference
Unknown permission
Unknown permission from android reference
android.provider.Telephony.SMS_RECEIVED Unknown permission
Unknown permission from android reference

Tracking analysis

Information computed with Exodus-core.

Facebook Ads https://reports.exodus-privacy.eu.org/fr/trackers/65

Threat analysis

Information computed with Quark-Engine.

Confidence:
100%
Load external class
Confidence:
100%
Find a method from given class name, usually for reflection
Confidence:
100%
Method reflection
Confidence:
100%
Install other APKs from file
Confidence:
100%
Retrieve data from broadcast
Confidence:
100%
Read sensitive data(SMS, CALLLOG, etc)
Confidence:
100%
Open a file from given absolute path of the file
Confidence:
100%
Monitor the broadcast action events (BOOT_COMPLETED)
Confidence:
100%
Get absolute path of the file and store in string
Confidence:
100%
Read file from assets directory
Confidence:
100%
Get last known location of the device
Confidence:
100%
Get calendar information
Confidence:
100%
Get location of the device
Confidence:
100%
Method reflection
Confidence:
100%
Query data from URI (SMS, CALLLOGS)
Confidence:
100%
Get the time of current location
Confidence:
100%
Initialize class object dynamically
Confidence:
100%
Read the input stream from given URL
Confidence:
80%
Connect to a URL and receive input stream from the server
Confidence:
80%
Connect to a URL and read data from it
Confidence:
80%
Read file and put it into a stream
Confidence:
80%
Get declared method from given method name
Confidence:
80%
Connect to the remote server through the given URL
Confidence:
80%
Connect to a URL and set request method
Confidence:
80%
Get resource file from res/raw directory

Behavior analysis

Information computed with MobSF.

Crypto
       okio/HashingSink.java
okio/HashingSource.java
okio/ByteString.java
okio/Buffer.java
Get system service
       com/my/newproject/MainActivity.java
com/my/newproject/SketchApplication.java
com/my/newproject/SketchwareUtil.java
Http connection
       android/net/http/RequestQueue.java
android/net/http/Headers.java
android/net/http/AndroidHttpClient.java
android/net/http/AndroidHttpClientConnection.java
Http requests, connections and sessions
       android/net/http/AndroidHttpClient.java
Inter process communication
       com/my/newproject/MainActivity.java
com/my/newproject/SketchApplication.java
com/my/newproject/DebugActivity.java
com/my/newproject/SketchwareUtil.java
com/my/newproject/BluetoothConnect.java
Java reflection
       okio/ByteString.java
Kill process
       com/my/newproject/SketchApplication.java
Local file i/o operations
       com/my/newproject/MainActivity.java
Message digest
       okio/HashingSink.java
okio/HashingSource.java
okio/ByteString.java
okio/Buffer.java
Starting activity
       com/my/newproject/MainActivity.java
com/my/newproject/SketchwareUtil.java
com/my/newproject/BluetoothConnect.java
Tcp socket
       okio/Okio.java
android/net/http/AndroidHttpClientConnection.java

Control flow graphs analysis

Information computed by Pithus.

The application probably gets the advertising ID for tracking purposes

The application probably gets network interfaces addresses (IP and/or MAC)

The application probably plays sound

The application probably creates an accessibility service

The application probably listens accessibility events