Loading ...

General Information

Joe Sandbox Version:29.0.0 Ocean Jasper
Analysis ID:234170
Start date:29.05.2020
Start time:13:18:35
Joe Sandbox Product:CloudBasic
Overall analysis duration:0h 9m 7s
Hypervisor based Inspection enabled:false
Report type:full
Sample file name:Apturi Covid_lv.spkc.gov.apturicovid.apk
Cookbook file name:defaultandroidfilecookbook.jbs
Analysis system description:Android 6.0
APK Instrumentation enabled:true
Detection:MAL
Classification:mal48.evad.andAPK@0/251@0/0
Warnings:
Show All
  • An application runtime error occurred
  • Excluded IPs from analysis (whitelisted): 216.58.205.227, 216.58.212.168, 172.217.16.170, 74.125.140.188, 172.217.22.40, 216.58.210.10, 216.58.207.78, 216.58.210.14, 172.217.16.174, 172.217.18.110, 172.217.23.110, 216.58.212.142, 172.217.22.46, 172.217.22.78, 172.217.22.110, 172.217.21.238, 216.58.212.174, 216.58.205.238, 216.58.206.14, 172.217.18.14, 172.217.18.174
  • Excluded domains from analysis (whitelisted): connectivitycheck.gstatic.com, ssl.google-analytics.com, android.clients.google.com, android.l.google.com, firebaseinstallations.googleapis.com, ssl-google-analytics.l.google.com, mobile-gtalk.l.google.com, mtalk.google.com
  • No dynamic data available
  • No interacted views
  • No simulation commands forwarded to apk
  • Not all non-executed APIs are in report
  • Not all resource files were parsed
  • Not all resource strings were parsed
  • Report size exceeded maximum capacity and may have missing behavior information.
  • Report size exceeded maximum capacity and may have missing disassembly code.
  • Report size exceeded maximum capacity and may have missing dynamic data code.

Detection

StrategyScoreRangeReportingWhitelistedDetection
Threshold480 - 100falsemalicious

Confidence

StrategyScoreRangeFurther Analysis Required?Confidence
Threshold50 - 5false
ConfidenceConfidence


Classification Spiderchart

Analysis Advice




Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Remote ManagementWinlogon Helper DLLPort MonitorsObfuscated Files or Information1Access Stored Application Data1System Network Connections Discovery1Application Deployment SoftwareLocation Tracking1Data CompressedData ObfuscationEavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationDelete Device Data1
Replication Through Removable MediaService ExecutionPort MonitorsAccessibility FeaturesBinary PaddingNetwork SniffingLocation Tracking1Remote ServicesAccess Stored Application Data1Exfiltration Over Other Network MediumFallback ChannelsExploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
External Remote ServicesWindows Management InstrumentationAccessibility FeaturesPath InterceptionRootkitInput CaptureSystem Information Discovery1Windows Remote ManagementNetwork Information Discovery1Automated ExfiltrationCustom Cryptographic ProtocolExploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
Drive-by CompromiseScheduled TaskSystem FirmwareDLL Search Order HijackingObfuscated Files or InformationCredentials in FilesProcess Discovery1Logon ScriptsInput CaptureData EncryptedMultiband CommunicationSIM Card SwapPremium SMS Toll Fraud

Signature Overview

Click to jump to signature section


Location Tracking:

barindex
Queries the phones location (GPS)Show sources
Source: androidx.appcompat.app.TwilightManager;->getLastKnownLocationForProvider:24API Call: android.location.LocationManager.getLastKnownLocation
Source: androidx.appcompat.app.TwilightManager;->updateState:33API Call: android.location.Location.getLatitude
Source: androidx.appcompat.app.TwilightManager;->updateState:34API Call: android.location.Location.getLongitude
Source: androidx.appcompat.app.TwilightManager;->updateState:36API Call: android.location.Location.getLatitude
Source: androidx.appcompat.app.TwilightManager;->updateState:37API Call: android.location.Location.getLongitude
Source: androidx.appcompat.app.TwilightManager;->updateState:39API Call: android.location.Location.getLatitude
Source: androidx.appcompat.app.TwilightManager;->updateState:40API Call: android.location.Location.getLongitude
Source: androidx.core.location.LocationKt;->component1:3API Call: android.location.Location.getLatitude
Source: androidx.core.location.LocationKt;->component2:6API Call: android.location.Location.getLongitude
Source: androidx.exifinterface.media.ExifInterface;->setGpsInfo:1844API Call: android.location.Location.getLatitude
Source: androidx.exifinterface.media.ExifInterface;->setGpsInfo:1845API Call: android.location.Location.getLongitude

Spreading:

barindex
Accesses external storage locationShow sources
Source: androidx.core.content.FileProvider;->parsePathStrategy:63API Call: android.os.Environment.getExternalStorageDirectory
Source: androidx.core.os.EnvironmentCompat;->getStorageState:2API Call: android.os.Environment.getExternalStorageState
Source: androidx.core.os.EnvironmentCompat;->getStorageState:5API Call: android.os.Environment.getExternalStorageDirectory
Source: androidx.core.os.EnvironmentCompat;->getStorageState:8API Call: android.os.Environment.getExternalStorageState
Source: com.google.firebase.crashlytics.internal.persistence.FileStoreImpl;->isExternalStorageAvailable:12API Call: android.os.Environment.getExternalStorageState

Networking:

barindex
Checks an internet connection is availableShow sources
Source: com.google.android.datatransport.cct.zzc;->decorate:109API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.google.firebase.crashlytics.internal.common.CommonUtils;->canTryConnection:15API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.google.firebase.crashlytics.internal.common.CommonUtils;->canTryConnection:16API Call: android.net.NetworkInfo.isConnectedOrConnecting
Source: com.google.firebase.iid.zzbb;->zzb:138API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.google.firebase.iid.zzbb;->zzb:139API Call: android.net.NetworkInfo.isConnected
Source: com.google.android.gms.measurement.internal.zzfa;->zzf:30API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.google.android.gms.measurement.internal.zzfa;->zzf:31API Call: android.net.NetworkInfo.isConnected
Source: com.google.android.gms.measurement.internal.zzic;->zzg:29API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.google.android.gms.measurement.internal.zzic;->zzg:30API Call: android.net.NetworkInfo.isConnected
Source: com.google.android.datatransport.runtime.scheduling.jobscheduling.Uploader;->isNetworkAvailable:42API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.google.android.datatransport.runtime.scheduling.jobscheduling.Uploader;->isNetworkAvailable:43API Call: android.net.NetworkInfo.isConnected
Source: com.bumptech.glide.manager.DefaultConnectivityMonitor;->isConnected:21API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: com.bumptech.glide.manager.DefaultConnectivityMonitor;->isConnected:22API Call: android.net.NetworkInfo.isConnected
Source: androidx.core.net.ConnectivityManagerCompat;->getNetworkInfoFromBroadcast:5API Call: android.net.ConnectivityManager.getNetworkInfo
Source: androidx.core.net.ConnectivityManagerCompat;->isActiveNetworkMetered:8API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: androidx.work.impl.constraints.trackers.NetworkStateTracker;->getActiveNetworkState:16API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: androidx.work.impl.constraints.trackers.NetworkStateTracker;->getActiveNetworkState:17API Call: android.net.NetworkInfo.isConnected
Opens an internet connectionShow sources
Source: com.google.android.datatransport.cct.zzc;->zza:22API Call: java.net.URL.openConnection (not executed)
Source: com.bumptech.glide.load.data.HttpUrlFetcher$DefaultHttpUrlConnectionFactory;->build:2API Call: java.net.URL.openConnection (not executed)
Source: com.google.android.gms.ads.identifier.zza;->run:18API Call: java.net.URL.openConnection (not executed)
Source: com.google.android.gms.auth.api.signin.internal.zzc;->run:20API Call: java.net.URL.openConnection (not executed)
Source: com.google.android.gms.measurement.internal.zzfa;->zza:12API Call: java.net.URL.openConnection (not executed)
Source: com.google.android.gms.measurement.internal.zzic;->zza:11API Call: java.net.URL.openConnection (not executed)
Source: com.google.android.gms.measurement.internal.zzkq;->connect:9API Call: javax.net.ssl.SSLSocket.connect (not executed)
Source: com.google.android.gms.measurement.internal.zzkq;->connect:11API Call: javax.net.ssl.SSLSocket.connect (not executed)
Source: okhttp3.internal.platform.AndroidPlatform;->connectSocket:61API Call: java.net.Socket.connect (not executed)
Source: okhttp3.internal.platform.Platform;->connectSocket:33API Call: java.net.Socket.connect (not executed)
Source: com.google.firebase.installations.remote.FirebaseInstallationServiceClient;->openHttpURLConnection:46API Call: java.net.URL.openConnection (not executed)
Performs DNS lookups (Java API)Show sources
Source: com.google.gson.internal.bind.TypeAdapters$23;->read:7API Call: java.net.InetAddress.getByName (not executed)
Source: okhttp3.Dns$Companion$DnsSystem;->lookup:4API Call: java.net.InetAddress.getAllByName (not executed)
Source: lv.spkc.apturicovid.ui.AppStatusViewModel;->isInternetAvailable:23API Call: java.net.InetAddress.getByName (not executed)
Source: lv.spkc.apturicovid.utils.NetworkUtils$isInternetAvailable$2;->invokeSuspend:11API Call: java.net.InetAddress.getByName (not executed)
Connects to IPs without corresponding DNS lookupsShow sources
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Source: unknownTCP traffic detected without corresponding DNS query: 64.233.167.188
Found strings which match to known social media urlsShow sources
Source: androidString found in binary or memory: https://www.facebook.com equals www.facebook.com (Facebook)
Urls found in memory or binary dataShow sources
Source: $avd_hide_password__0.xmlString found in binary or memory: http://schemas.android.com/aapt
Source: standalone_badge_gravity_top_start.xml, mtrl_picker_header_title_text.xml, nav_main.xml, fragment_bottom_nav.xml, androidString found in binary or memory: http://schemas.android.com/apk/res-auto
Source: abc_background_cache_hint_selector_material_dark.xml, $avd_hide_password__0.xml, bg_share_button.xml, abc_btn_radio_material_anim.xml, abc_slide_in_top.xml, mtrl_picker_header_title_text.xml, text_view_without_line_height.xml, mtrl_calendar_month.xml, mtrl_alert_dialog_actions.xml, design_layout_snackbar_include.xml, abc_activity_chooser_view.xml, abc_screen_content_include.xml, btn_checkbox_unchecked_to_checked_mtrl_animation.xml, abc_seekbar_track_material.xml, btn_checkbox_to_checked_box_outer_merged_animation.xml, abc_action_menu_item_layout.xml, test_toolbar_custom_background.xml, design_fab_show_motion_spec.xml, abc_alert_dialog_title_material.xml, fragment_bottom_nav.xml, ic_launcher.xml, androidString found in binary or memory: http://schemas.android.com/apk/res/android
Source: nav_main.xmlString found in binary or memory: http://schemas.android.com/apk/res/android22lv.spkc.apturicovid.ui.bottomnav.BottomNavFragment--lv.s
Source: androidString found in binary or memory: https://accounts.google.com
Source: androidString found in binary or memory: https://accounts.google.com/o/oauth2/revoke?token=
Source: androidString found in binary or memory: https://app-measurement.com/a
Source: androidString found in binary or memory: https://apturicovid-api.spkc.gov.lv/api/
Source: androidString found in binary or memory: https://apturicovid-files.spkc.gov.lv/dkfs/v1/index.txt
Source: androidString found in binary or memory: https://apturicovid-files.spkc.gov.lv/exposure_configurations/v1/android.json
Source: androidString found in binary or memory: https://apturicovid-files.spkc.gov.lv/stats/v1/covid-stats.json
Source: androidString found in binary or memory: https://apturicovid.firebaseio.com
Source: androidString found in binary or memory: https://apturicovid.lv/lietosanas-noteikumi
Source: androidString found in binary or memory: https://apturicovid.lv/lietosanas-noteikumi/#en
Source: androidString found in binary or memory: https://apturicovid.lv/lietosanas-noteikumi/#ru
Source: androidString found in binary or memory: https://apturicovid.lv/privatuma-politika
Source: androidString found in binary or memory: https://apturicovid.lv/privatuma-politika/#en
Source: androidString found in binary or memory: https://apturicovid.lv/privatuma-politika/#ru
Source: androidString found in binary or memory: https://arkartassituacija.gov.lv/
Source: androidString found in binary or memory: https://firebase-settings.crashlytics.com/spi/v2/platforms/android/gmp/%s/settings
Source: androidString found in binary or memory: https://firebase.google.com/support/guides/disable-analytics
Source: androidString found in binary or memory: https://github.com/ReactiveX/RxJava/wiki/Error-Handling
Source: androidString found in binary or memory: https://github.com/ReactiveX/RxJava/wiki/Plugins
Source: androidString found in binary or memory: https://github.com/ReactiveX/RxJava/wiki/What
Source: androidString found in binary or memory: https://goo.gl/J1sWQy
Source: androidString found in binary or memory: https://goo.gl/NAOOOI
Source: androidString found in binary or memory: https://goo.gl/NAOOOI.
Source: androidString found in binary or memory: https://google.com/search?
Source: androidString found in binary or memory: https://issuetracker.google.com/issues/116541301
Source: androidString found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=gmob-apps
Source: androidString found in binary or memory: https://plus.google.com/
Source: androidString found in binary or memory: https://reports.crashlytics.com/sdk-api/v1/platforms/android/apps/%s/minidumps
Source: androidString found in binary or memory: https://reports.crashlytics.com/spi/v1/platforms/android/apps/%s/reports
Source: androidString found in binary or memory: https://update.crashlytics.com/spi/v1/platforms/android/apps
Source: androidString found in binary or memory: https://update.crashlytics.com/spi/v1/platforms/android/apps/%s
Source: androidString found in binary or memory: https://www.apturicovid.lv/
Source: androidString found in binary or memory: https://www.google.com
Source: androidString found in binary or memory: https://www.googleadservices.com/pagead/conversion/app/deeplink?id_type=adid&sdk_version=%s&rdid=%s&
Source: androidString found in binary or memory: https://www.googleapis.com/auth/games
Source: androidString found in binary or memory: https://www.googleapis.com/auth/games_lite
Uses HTTP for connecting to the internetShow sources
Source: com.bumptech.glide.load.data.HttpUrlFetcher;->loadDataWithRedirects:47API Call: java.net.HttpURLConnection.connect
Source: com.google.android.gms.measurement.internal.zzfe;->run:36API Call: java.net.HttpURLConnection.connect

E-Banking Fraud:

barindex
Has functionalty to add an overlay to other appsShow sources
Source: androidx.appcompat.app.AppCompatDelegateImpl;->openPanel:323API Call: WindowManager.addView
Source: androidx.appcompat.widget.TooltipPopup;->show:92API Call: WindowManager.addView

Operating System Destruction:

barindex
Lists and deletes files in the same contextShow sources
Source: androidx.documentfile.provider.RawDocumentFile;->deleteContents:5API Calls in same method context: File.listFiles,File.delete
Source: okhttp3.internal.io.FileSystem$Companion$SYSTEM$1;->deleteContents:25API Calls in same method context: File.listFiles,File.delete
Source: com.google.firebase.crashlytics.internal.persistence.CrashlyticsReportPersistence;->recursiveDelete:133API Calls in same method context: File.listFiles,File.delete
Source: com.bumptech.glide.disklrucache.Util;->deleteContents:10API Calls in same method context: File.listFiles,File.delete
Source: com.google.firebase.crashlytics.internal.common.Utils;->recursiveDelete:49API Calls in same method context: File.listFiles,File.delete
Source: com.google.firebase.crashlytics.internal.log.LogFileManager;->discardOldLogFiles:27API Calls in same method context: File.listFiles,File.delete

Change of System Appearance:

barindex
May access the Android keyguard (lock screen)Show sources
Source: androidString found in binary or memory: keyguard
Acquires a wake lockShow sources
Source: androidx.core.app.JobIntentService$CompatWorkEnqueuer;->enqueueWork:27API Call: android.os.PowerManager$WakeLock.acquire
Source: androidx.core.app.JobIntentService$CompatWorkEnqueuer;->serviceProcessingFinished:29API Call: android.os.PowerManager$WakeLock.acquire
Source: androidx.core.app.JobIntentService$CompatWorkEnqueuer;->serviceProcessingStarted:33API Call: android.os.PowerManager$WakeLock.acquire
Source: androidx.legacy.content.WakefulBroadcastReceiver;->startWakefulService:32API Call: android.os.PowerManager$WakeLock.acquire
Source: com.google.firebase.iid.zzbb;->run:75API Call: android.os.PowerManager$WakeLock.acquire
Source: androidx.work.impl.Processor;->startForeground:86API Call: android.os.PowerManager$WakeLock.acquire
Source: com.google.android.gms.stats.WakeLock;->acquire:88API Call: android.os.PowerManager$WakeLock.acquire
Source: androidx.work.impl.background.systemalarm.DelayMetCommandHandler;->handleProcessWork:84API Call: android.os.PowerManager$WakeLock.acquire
Source: androidx.work.impl.background.systemalarm.SystemAlarmDispatcher$1;->run:36API Call: android.os.PowerManager$WakeLock.acquire
Source: androidx.work.impl.background.systemalarm.SystemAlarmDispatcher;->processCommand:36API Call: android.os.PowerManager$WakeLock.acquire

System Summary:

barindex
Requests potentially dangerous permissionsShow sources
Source: submitted apkRequest permission: android.permission.BLUETOOTH
Source: submitted apkRequest permission: android.permission.INTERNET
Source: submitted apkRequest permission: android.permission.WAKE_LOCK
Classification labelShow sources
Source: classification engineClassification label: mal48.evad.andAPK@0/251@0/0
Loads native librariesShow sources
Source: com.google.android.gms.internal.vision.zzm;->zza:14API Call: java.lang.System.loadLibrary
Reads shares settingsShow sources
Source: androidx.core.app.AppLaunchChecker;->hasStartedFromLauncher:5API Call: android.content.SharedPreferences.getBoolean
Source: androidx.core.app.AppLaunchChecker;->onActivityCreate:9API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.internal.clearcut.zzaj;->zzb:3API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.internal.clearcut.zzak;->zzc:3API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.internal.clearcut.zzal;->zza:5API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.crashlytics.internal.common.DataCollectionArbiter;-><init>:11API Call: android.content.SharedPreferences.getBoolean
Source: com.google.firebase.crashlytics.internal.common.IdManager;->getCrashlyticsInstallId:63API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.crashlytics.internal.common.IdManager;->getCrashlyticsInstallId:67API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.crashlytics.internal.common.IdManager;->getCrashlyticsInstallId:80API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.ads.identifier.zzb;->getBoolean:10API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.ads.identifier.zzb;->getString:22API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.iid.FirebaseInstanceId$zza;->zzc:15API Call: android.content.SharedPreferences.getBoolean
Source: com.google.firebase.iid.zzaz;->zzd:57API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.iid.zzaz;->zza:65API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.flags.impl.zzc;->call:6API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.flags.impl.zzi;->call:5API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.auth.api.signin.internal.Storage;->zaf:50API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.measurement.internal.zzeq;->zza:79API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.measurement.internal.zzfh;->zza:12API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.measurement.internal.zzff;->f_:53API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.measurement.internal.zzfk;->zza:39API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.measurement.internal.zzff;->zzh:144API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.measurement.internal.zzff;->zzi:148API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.measurement.internal.zzff;->zzj:154API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.measurement.internal.zzff;->zzv:169API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.measurement.internal.zzff;->zzw:174API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.measurement.internal.zzfl;->zza:6API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.measurement.internal.zzfm;->zza:47API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.internal.DataCollectionConfigStorage;->readAutoDataCollectionEnabled:17API Call: android.content.SharedPreferences.getBoolean
Source: com.google.firebase.installations.local.IidStore;->readInstanceIdFromLocalStorage:56API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.installations.local.IidStore;->readPublicKeyFromLocalStorageAndCalculateInstanceId:60API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.installations.local.IidStore;->readToken:71API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.internal.measurement.zzac;->zzi:102API Call: android.content.SharedPreferences.getBoolean
Source: com.google.android.gms.internal.measurement.zzac;->zzi:105API Call: android.content.SharedPreferences.getBoolean
Source: lv.spkc.apturicovid.persistance.SharedPreferenceStorage;->getObjectAllowDiskAccess:11API Call: android.content.SharedPreferences.getString
Source: com.google.android.gms.phenotype.zzs;->zzb:3API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.crashlytics.internal.settings.SettingsController;->getStoredBuildInstanceIdentifier:65API Call: android.content.SharedPreferences.getString
Source: androidx.work.impl.utils.PreferenceUtils;->migrateLegacyPreferences:10API Call: android.content.SharedPreferences.getBoolean

Data Obfuscation:

barindex
Obfuscates method namesShow sources
Source: Apturi Covid_lv.spkc.gov.apturicovid.apkTotal valid method names: 69%
Uses reflectionShow sources
Source: androidx.activity.ImmLeaksCleaner;->onStateChanged:17API Call: java.lang.reflect.Field.get
Source: androidx.activity.ImmLeaksCleaner;->onStateChanged:19API Call: java.lang.reflect.Field.get
Source: kotlinx.coroutines.android.AndroidExceptionPreHandler;->handleException:22API Call: java.lang.reflect.Method.invoke
Source: kotlinx.coroutines.android.HandlerDispatcherKt;->asHandler:19API Call: java.lang.reflect.Method.invoke
Source: okhttp3.internal.platform.android.AndroidSocketAdapter;->configureTlsExtensions:26API Call: java.lang.reflect.Method.invoke
Source: okhttp3.internal.platform.android.AndroidSocketAdapter;->configureTlsExtensions:28API Call: java.lang.reflect.Method.invoke
Source: okhttp3.internal.platform.android.AndroidSocketAdapter;->configureTlsExtensions:32API Call: java.lang.reflect.Method.invoke
Source: okhttp3.internal.platform.android.AndroidSocketAdapter;->getSelectedProtocol:39API Call: java.lang.reflect.Method.invoke
Source: okhttp3.internal.platform.android.CloseGuard;->createAndOpen:6API Call: java.lang.reflect.Method.invoke
Source: okhttp3.internal.platform.android.CloseGuard;->createAndOpen:9API Call: java.lang.reflect.Method.invoke
Source: okhttp3.internal.platform.android.CloseGuard;->warnIfOpen:12API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.common.api.GoogleApi;->zaa:85API Call: java.lang.reflect.Method.invoke
Source: androidx.core.app.ActivityRecreator$3;->run:8API Call: java.lang.reflect.Method.invoke
Source: androidx.core.app.ActivityRecreator$3;->run:13API Call: java.lang.reflect.Method.invoke
Source: androidx.core.app.ActivityRecreator;->queueOnStopIfNecessary:38API Call: java.lang.reflect.Field.get
Source: androidx.core.app.ActivityRecreator;->queueOnStopIfNecessary:40API Call: java.lang.reflect.Field.get
Source: androidx.core.app.ActivityRecreator;->recreate:53API Call: java.lang.reflect.Field.get
Source: androidx.core.app.ActivityRecreator;->recreate:55API Call: java.lang.reflect.Field.get
Source: androidx.core.app.ActivityRecreator;->recreate:68API Call: java.lang.reflect.Method.invoke
Source: androidx.core.app.BundleCompat$BundleCompatBaseImpl;->getBinder:9API Call: java.lang.reflect.Method.invoke
Source: androidx.core.app.BundleCompat$BundleCompatBaseImpl;->putBinder:19API Call: java.lang.reflect.Method.invoke
Source: androidx.core.app.NotificationCompatJellybean;->getAction:52API Call: java.lang.reflect.Field.get
Source: androidx.core.app.NotificationCompatJellybean;->getAction:54API Call: java.lang.reflect.Field.get
Source: androidx.core.app.NotificationCompatJellybean;->getActionObjectsLocked:86API Call: java.lang.reflect.Field.get
Source: androidx.core.app.NotificationCompatJellybean;->getExtras:133API Call: java.lang.reflect.Field.get
Source: androidx.core.app.NotificationManagerCompat;->areNotificationsEnabled:49API Call: java.lang.reflect.Field.get
Source: androidx.core.app.NotificationManagerCompat;->areNotificationsEnabled:53API Call: java.lang.reflect.Method.invoke
Source: androidx.legacy.app.ActionBarDrawerToggle;->setActionBarDescription:41API Call: java.lang.reflect.Method.invoke
Source: androidx.legacy.app.ActionBarDrawerToggle;->setActionBarUpIndicator:63API Call: java.lang.reflect.Method.invoke
Source: androidx.legacy.app.ActionBarDrawerToggle;->setActionBarUpIndicator:67API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.app.ActionBarDrawerToggleHoneycomb;->setActionBarDescription:11API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.app.ActionBarDrawerToggleHoneycomb;->setActionBarUpIndicator:22API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.app.ActionBarDrawerToggleHoneycomb;->setActionBarUpIndicator:25API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.app.AppCompatViewInflater$DeclaredOnClickListener;->onClick:41API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.app.ResourcesFlusher;->flushLollipops:12API Call: java.lang.reflect.Field.get
Source: androidx.appcompat.app.ResourcesFlusher;->flushMarshmallows:23API Call: java.lang.reflect.Field.get
Source: androidx.appcompat.app.ResourcesFlusher;->flushNougats:34API Call: java.lang.reflect.Field.get
Source: androidx.appcompat.app.ResourcesFlusher;->flushNougats:44API Call: java.lang.reflect.Field.get
Source: androidx.appcompat.app.ResourcesFlusher;->flushThemedResourcesCache:60API Call: java.lang.reflect.Field.get
Source: com.google.common.base.FinalizableReferenceQueue;-><init>:14API Call: java.lang.reflect.Method.invoke
Source: com.google.common.base.Throwables;->getJLA:29API Call: java.lang.reflect.Method.invoke
Source: com.google.common.base.Throwables;->getSizeMethod:41API Call: java.lang.reflect.Method.invoke
Source: com.google.common.base.Throwables;->invokeAccessibleNonThrowingMethod:46API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.internal.bind.ReflectiveTypeAdapterFactory$1;->write:7API Call: java.lang.reflect.Field.get
Source: com.google.gson.internal.bind.ReflectiveTypeAdapterFactory$1;->writeField:16API Call: java.lang.reflect.Field.get
Source: com.google.common.cache.Striped64$1;->run:5API Call: java.lang.reflect.Field.get
Source: com.google.android.material.chip.Chip;->handleAccessibilityExit:77API Call: java.lang.reflect.Field.get
Source: com.google.android.material.chip.Chip;->handleAccessibilityExit:85API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.clearcut.zzbs;->zzal:7API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.clearcut.zzcg;->zza:23API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.clearcut.zzdd;->zzby:14API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.clearcut.zzfe;->run:4API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.internal.clearcut.zzga;->zza:35API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.internal.clearcut.zzga;->zza:54API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.clearcut.zzga;->zza:62API Call: java.lang.reflect.Method.invoke
Source: com.google.common.util.concurrent.AbstractFuture$UnsafeAtomicHelper$1;->run:5API Call: java.lang.reflect.Field.get
Source: com.google.common.util.concurrent.MoreExecutors;->isAppEngine:52API Call: java.lang.reflect.Method.invoke
Source: com.google.common.util.concurrent.MoreExecutors;->platformThreadFactory:69API Call: java.lang.reflect.Method.invoke
Source: com.google.common.util.concurrent.SimpleTimeLimiter$1$1;->call:6API Call: java.lang.reflect.Method.invoke
Source: kotlinx.coroutines.CommonPool;->createPool:28API Call: java.lang.reflect.Method.invoke
Source: kotlinx.coroutines.CommonPool;->isGoodCommonPool$kotlinx_coroutines_core:73API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.DrawableCompat;->getLayoutDirection:25API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.DrawableCompat;->setLayoutDirection:46API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.IconCompat;->getResId:113API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.IconCompat;->getResPackage:124API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.IconCompat;->getType:144API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.IconCompat;->getUri:167API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.WrappedDrawableApi21;->isProjected:19API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.dynamic.ObjectWrapper;->unwrap:9API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.dynamite.DynamiteModule;->getLocalVersion:29API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.dynamite.DynamiteModule;->getLocalVersion:31API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.dynamite.DynamiteModule;->zza:152API Call: java.lang.reflect.Field.get
Source: com.google.common.eventbus.Subscriber;->invokeSubscriberMethod:31API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.firebase_messaging.zzm;->zza:28API Call: java.lang.reflect.Field.get
Source: androidx.core.graphics.TypefaceCompatApi21Impl;->addFontWeightStyle:6API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi21Impl;->createFromFamiliesWithDefault:14API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi24Impl;->addFontWeightStyle:22API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi24Impl;->createFromFamiliesWithDefault:28API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi26Impl;->abortCreation:19API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi28Impl;->createFromFamiliesWithDefault:9API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi26Impl;->addFontFromAssetManager:27API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi26Impl;->addFontFromBuffer:33API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi26Impl;->freeze:36API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi26Impl;->createFromFamiliesWithDefault:51API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatBaseImpl;->getUniqueKey:18API Call: java.lang.reflect.Field.get
Source: com.google.gson.FieldAttributes;->get:4API Call: java.lang.reflect.Field.get
Source: com.google.common.hash.LittleEndianByteArray$UnsafeByteArray$3;->run:5API Call: java.lang.reflect.Field.get
Source: com.google.common.hash.Striped64$1;->run:5API Call: java.lang.reflect.Field.get
Source: kotlinx.coroutines.internal.ConcurrentKt;->removeFutureOnCancel:12API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.measurement.internal.zzaa;->zza:7API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.measurement.internal.zzeq;->zzai:17API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.measurement.internal.zzeq;->zzai:20API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.measurement.internal.zzhc;->zza:445API Call: java.lang.reflect.Method.invoke
Source: com.google.common.base.internal.Finalizer;->cleanUp:10API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.internal.UnsafeAllocator$1;->newInstance:5API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.internal.UnsafeAllocator$2;->newInstance:5API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.internal.UnsafeAllocator$3;->newInstance:4API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.internal.UnsafeAllocator;->create:25API Call: java.lang.reflect.Field.get
Source: com.google.gson.internal.UnsafeAllocator;->create:32API Call: java.lang.reflect.Method.invoke
Source: kotlin.coroutines.jvm.internal.DebugMetadataKt;->getLabel:21API Call: java.lang.reflect.Field.get
Source: kotlin.coroutines.jvm.internal.ModuleNameRetriever;->getModuleName:27API Call: java.lang.reflect.Method.invoke
Source: kotlin.coroutines.jvm.internal.ModuleNameRetriever;->getModuleName:29API Call: java.lang.reflect.Method.invoke
Source: kotlin.coroutines.jvm.internal.ModuleNameRetriever;->getModuleName:31API Call: java.lang.reflect.Method.invoke
Source: okhttp3.internal.Util;->readFieldOrNull:314API Call: java.lang.reflect.Field.get
Source: kotlin.internal.PlatformImplementations;->addSuppressed:7API Call: java.lang.reflect.Method.invoke
Source: com.google.common.io.Closer$SuppressingSuppressor;->suppress:8API Call: java.lang.reflect.Method.invoke
Source: androidx.lifecycle.ClassesInfoCache$MethodReference;->invokeCallback:14API Call: java.lang.reflect.Method.invoke
Source: androidx.lifecycle.ClassesInfoCache$MethodReference;->invokeCallback:16API Call: java.lang.reflect.Method.invoke
Source: androidx.lifecycle.ClassesInfoCache$MethodReference;->invokeCallback:18API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.measurement.AppMeasurement;->zzb:24API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.measurement.zzac;->zzb:67API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.measurement.zzdl;->zza:28API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.internal.measurement.zzfg;->zza:49API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.measurement.zzfi;->zza:23API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.measurement.zzgg;->zza:13API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.measurement.zzh;->zza:7API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.measurement.zzh;->zzc:36API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.measurement.zzii;->run:4API Call: java.lang.reflect.Field.get
Source: androidx.media.AudioAttributesImplApi21;->getLegacyStreamType:30API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.view.menu.MenuItemWrapperICS;->setExclusiveCheckable:98API Call: java.lang.reflect.Method.invoke
Source: androidx.navigation.NavArgsLazy;->getValue:23API Call: java.lang.reflect.Method.invoke
Source: androidx.core.os.TraceCompat;->beginAsyncSection:27API Call: java.lang.reflect.Method.invoke
Source: androidx.core.os.TraceCompat;->endAsyncSection:36API Call: java.lang.reflect.Method.invoke
Source: androidx.core.os.TraceCompat;->isEnabled:44API Call: java.lang.reflect.Method.invoke
Source: androidx.core.os.TraceCompat;->setCounter:53API Call: java.lang.reflect.Method.invoke
Source: okhttp3.internal.platform.AndroidPlatform$CustomTrustRootIndex;->findByIssuerAndSignature:26API Call: java.lang.reflect.Method.invoke
Source: okhttp3.internal.platform.Jdk8WithJettyBootPlatform$AlpnProvider;->invoke:44API Call: java.lang.reflect.Method.invoke
Source: okhttp3.internal.platform.Jdk8WithJettyBootPlatform;->afterHandshake:17API Call: java.lang.reflect.Method.invoke
Source: okhttp3.internal.platform.Jdk8WithJettyBootPlatform;->configureTlsExtensions:33API Call: java.lang.reflect.Method.invoke
Source: okhttp3.internal.platform.Jdk8WithJettyBootPlatform;->getSelectedProtocol:40API Call: java.lang.reflect.Method.invoke
Source: androidx.core.content.pm.ShortcutManagerCompat;->getShortcutInfoSaverInstance:38API Call: java.lang.reflect.Method.invoke
Source: com.google.common.primitives.UnsignedBytes$LexicographicalComparatorHolder$UnsafeComparator$1;->run:5API Call: java.lang.reflect.Field.get
Source: com.google.common.reflect.Invokable$MethodInvokable;->invokeInternal:13API Call: java.lang.reflect.Method.invoke
Source: com.google.common.reflect.Types$JavaVersion$3;->typeName:6API Call: java.lang.reflect.Method.invoke
Source: com.google.common.reflect.Types$TypeVariableInvocationHandler;->invoke:15API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.internal.reflect.UnsafeReflectionAccessor;->getUnsafeInstance:11API Call: java.lang.reflect.Field.get
Source: com.google.gson.internal.reflect.UnsafeReflectionAccessor;->makeAccessibleWithUnsafe:29API Call: java.lang.reflect.Method.invoke
Source: com.google.gson.internal.reflect.UnsafeReflectionAccessor;->makeAccessibleWithUnsafe:39API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.common.server.response.FastJsonResponse;->getFieldValue:75API Call: java.lang.reflect.Method.invoke
Source: retrofit2.Retrofit$1;->invoke:4API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.security.ProviderInstaller;->installIfNeeded:18API Call: java.lang.reflect.Method.invoke
Source: androidx.core.text.ICUCompat;->addLikelySubtags:17API Call: java.lang.reflect.Method.invoke
Source: androidx.core.text.ICUCompat;->getScript:23API Call: java.lang.reflect.Method.invoke
Source: androidx.core.text.ICUCompat;->maximizeAndGetScript:31API Call: java.lang.reflect.Method.invoke
Source: org.joda.time.DateTimeUtils;->getDateFormatSymbols:44API Call: java.lang.reflect.Method.invoke
Source: androidx.transition.CanvasUtils;->enableZ:12API Call: java.lang.reflect.Method.invoke
Source: androidx.transition.CanvasUtils;->enableZ:15API Call: java.lang.reflect.Method.invoke
Source: androidx.transition.GhostViewPlatform;->addGhost:4API Call: java.lang.reflect.Method.invoke
Source: androidx.transition.GhostViewPlatform;->removeGhost:31API Call: java.lang.reflect.Method.invoke
Source: androidx.transition.ImageViewUtils;->animateTransform:19API Call: java.lang.reflect.Field.get
Source: androidx.transition.ViewGroupUtils;->getChildDrawingOrder:12API Call: java.lang.reflect.Method.invoke
Source: androidx.transition.ViewGroupUtilsApi14;->cancelLayoutTransition:9API Call: java.lang.reflect.Method.invoke
Source: androidx.transition.ViewOverlayApi14$OverlayViewGroup;->invalidateChildInParentFast:78API Call: java.lang.reflect.Method.invoke
Source: androidx.transition.ViewUtilsBase;->setLeftTopRightBottom:50API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.common.util.WorkSourceUtil;->fromPackageAndModuleExperimentalPi:33API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.common.util.WorkSourceUtil;->fromPackageAndModuleExperimentalPi:36API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.common.util.WorkSourceUtil;->fromPackageAndModuleExperimentalPi:39API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.common.util.WorkSourceUtil;->zza:57API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.common.util.WorkSourceUtil;->zza:66API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.common.util.WorkSourceUtil;->zza:76API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.common.util.WorkSourceUtil;->zza:80API Call: java.lang.reflect.Method.invoke
Source: androidx.versionedparcelable.VersionedParcel;->readFromParcel:194API Call: java.lang.reflect.Method.invoke
Source: androidx.versionedparcelable.VersionedParcel;->writeToParcel:401API Call: java.lang.reflect.Method.invoke
Source: androidx.core.view.KeyEventDispatcher;->actionBarOnMenuKeyEventPre28:6API Call: java.lang.reflect.Method.invoke
Source: androidx.core.view.KeyEventDispatcher;->getDialogKeyListenerPre28:38API Call: java.lang.reflect.Field.get
Source: androidx.core.view.ViewCompat;->dispatchFinishTemporaryDetach:63API Call: java.lang.reflect.Method.invoke
Source: androidx.core.view.ViewConfigurationCompat;->getLegacyScrollFactor:8API Call: java.lang.reflect.Method.invoke
Source: androidx.core.view.ViewCompat;->dispatchStartTemporaryDetach:85API Call: java.lang.reflect.Method.invoke
Source: androidx.core.view.ViewCompat;->getAccessibilityDelegateThroughReflection:110API Call: java.lang.reflect.Field.get
Source: androidx.core.view.ViewCompat;->getMinimumHeight:160API Call: java.lang.reflect.Field.get
Source: androidx.core.view.ViewCompat;->getMinimumWidth:167API Call: java.lang.reflect.Field.get
Source: androidx.core.view.ViewCompat;->setChildrenDrawingOrderEnabled:397API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.view.SupportMenuInflater$InflatedOnMenuItemClickListener;->onMenuItemClick:21API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.view.SupportMenuInflater$InflatedOnMenuItemClickListener;->onMenuItemClick:25API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.vision.zzds;->zzci:32API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.internal.vision.zzgr;->zzc:49API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.vision.zzgs;->zza:29API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.vision.zzhp;->zzhb:14API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.internal.vision.zzjr;->run:4API Call: java.lang.reflect.Field.get
Source: androidx.core.widget.CompoundButtonCompat;->getButtonDrawable:10API Call: java.lang.reflect.Field.get
Source: androidx.core.widget.PopupWindowCompat;->getOverlapAnchor:10API Call: java.lang.reflect.Field.get
Source: androidx.core.widget.PopupWindowCompat;->getWindowLayoutType:19API Call: java.lang.reflect.Method.invoke
Source: androidx.core.widget.PopupWindowCompat;->setWindowLayoutType:40API Call: java.lang.reflect.Method.invoke
Source: androidx.core.widget.TextViewCompat$OreoCallback;->recomputeProcessTextMenuItems:58API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.motion.widget.Debug;->dumpLayoutParams:32API Call: java.lang.reflect.Field.get
Source: androidx.constraintlayout.motion.widget.Debug;->dumpLayoutParams:96API Call: java.lang.reflect.Field.get
Source: androidx.constraintlayout.motion.widget.Debug;->dumpPoc:142API Call: java.lang.reflect.Field.get
Source: androidx.constraintlayout.motion.widget.KeyCycleOscillator$ProgressSet;->setProperty:12API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.motion.widget.KeyTrigger;->conditionallyFire:53API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.motion.widget.KeyTrigger;->conditionallyFire:86API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.motion.widget.KeyTrigger;->conditionallyFire:119API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.motion.widget.SplineSet$ProgressSet;->setProperty:12API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.motion.widget.TimeCycleSplineSet$ProgressSet;->setProperty:12API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.widget.ConstraintAttribute;->extractAttributes:28API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.widget.ConstraintAttribute;->setAttributes:97API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.widget.ConstraintAttribute;->setAttributes:101API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.widget.ConstraintAttribute;->setAttributes:104API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.widget.ConstraintAttribute;->setAttributes:108API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.widget.ConstraintAttribute;->setAttributes:112API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.widget.ConstraintAttribute;->setAttributes:116API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.widget.ConstraintAttribute;->setAttributes:120API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.widget.ConstraintAttribute;->setInterpolatedValue:197API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.widget.ConstraintAttribute;->setInterpolatedValue:201API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.widget.ConstraintAttribute;->setInterpolatedValue:212API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.widget.ConstraintAttribute;->setInterpolatedValue:216API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.widget.ConstraintAttribute;->setInterpolatedValue:227API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.widget.ConstraintAttribute;->setInterpolatedValue:238API Call: java.lang.reflect.Method.invoke
Source: androidx.constraintlayout.widget.ConstraintSet$Layout;->dump:124API Call: java.lang.reflect.Field.get
Source: androidx.appcompat.widget.AppCompatTextViewAutoSizeHelper;->accessAndReturnWithDefault:7API Call: java.lang.reflect.Field.get
Source: androidx.appcompat.widget.DrawableUtils;->getOpticalBounds:32API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.AppCompatTextViewAutoSizeHelper;->invokeAndReturnWithDefault:119API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.AppCompatTextViewAutoSizeHelper;->setRawTextSize:142API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.ListPopupWindow;->getMaxAvailableHeight:123API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.ListPopupWindow;->setPopupClipToScreenEnabled:139API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.ListPopupWindow;->show:327API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.MenuPopupWindow;->setTouchModal:21API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.SearchView$AutoCompleteTextViewReflector;->doAfterTextChanged:13API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.SearchView$AutoCompleteTextViewReflector;->doBeforeTextChanged:15API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.SearchView$AutoCompleteTextViewReflector;->ensureImeVisible:18API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.ViewUtils;->computeFitSystemWindows:11API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.ViewUtils;->makeOptionalFitsSystemWindows:23API Call: java.lang.reflect.Method.invoke
Source: androidx.slidingpanelayout.widget.SlidingPaneLayout;->invalidateChildRegion:130API Call: java.lang.reflect.Method.invoke

Persistence and Installation Behavior:

barindex
Installs an application shortcut on the screenShow sources
Source: androidx.core.content.pm.ShortcutInfoCompat;->addToIntent:32API Call: android.content.Intent.putExtra android.intent.extra.shortcut.INTENT
Creates filesShow sources
Source: com.google.firebase.crashlytics.internal.settings.CachedSettingsIo;->writeCachedSettings:32API Call: java.io.FileWriter.<init>

Boot Survival:

barindex
Has permission to execute code after phone rebootShow sources
Source: submitted apkRequest permission: android.permission.RECEIVE_BOOT_COMPLETED
Installs a new wake lock (to get activate on phone screen on)Show sources
Source: androidx.core.app.JobIntentService$CompatWorkEnqueuer;-><init>:11API Call: android.os.PowerManager.newWakeLock
Source: androidx.core.app.JobIntentService$CompatWorkEnqueuer;-><init>:19API Call: android.os.PowerManager.newWakeLock
Source: androidx.legacy.content.WakefulBroadcastReceiver;->startWakefulService:30API Call: android.os.PowerManager.newWakeLock
Source: com.google.firebase.iid.zzbb;-><init>:6API Call: android.os.PowerManager.newWakeLock
Source: com.google.android.gms.stats.WakeLock;-><init>:25API Call: android.os.PowerManager.newWakeLock
Source: androidx.work.impl.utils.WakeLocks;->newWakeLock:28API Call: android.os.PowerManager.newWakeLock
Starts/registers a service/receiver on phone boot (autostart)Show sources
Source: androidx.work.impl.background.systemalarm.RescheduleReceiver;->onReceive:17API Call: android.content.Context.startService (not executed)

Hooking and other Techniques for Hiding and Protection:

barindex
Removes its application launcher (likely to stay hidden)Show sources
Source: androidx.work.impl.utils.PackageManagerHelper;->setComponentEnabled:14API Call: android.content.pm.PackageManager.setComponentEnabledSetting
Queries list of running processes/tasksShow sources
Source: com.google.firebase.crashlytics.internal.common.CommonUtils;->getAppProcessInfo:96API Call: android.app.ActivityManager.getRunningAppProcesses
Source: androidx.work.impl.background.greedy.GreedyScheduler;->getProcessName:14API Call: android.app.ActivityManager.getRunningAppProcesses
Uses Crypto APIsShow sources
Source: com.bumptech.glide.load.resource.bitmap.CenterCrop;->updateDiskCacheKey:7API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.CenterInside;->updateDiskCacheKey:7API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.CircleCrop;->updateDiskCacheKey:7API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.FitCenter;->updateDiskCacheKey:7API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.GranularRoundedCorners;->updateDiskCacheKey:12API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.GranularRoundedCorners;->updateDiskCacheKey:19API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.Rotate;->updateDiskCacheKey:9API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.Rotate;->updateDiskCacheKey:13API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.RoundedCorners;->updateDiskCacheKey:11API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.RoundedCorners;->updateDiskCacheKey:15API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.VideoDecoder$1;->update:3API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.VideoDecoder$1;->update:11API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.VideoDecoder$2;->update:3API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.resource.bitmap.VideoDecoder$2;->update:11API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.engine.cache.SafeKeyGenerator$1;->create:3API Call: java.security.MessageDigest.getInstance
Source: com.bumptech.glide.load.engine.cache.SafeKeyGenerator;->calculateHexStringDigest:11API Call: java.security.MessageDigest.digest
Source: com.google.android.gms.common.zzl;->zzc:11API Call: java.security.MessageDigest.digest
Source: com.google.firebase.crashlytics.internal.common.CommonUtils;->hash:176API Call: java.security.MessageDigest.getInstance
Source: com.google.firebase.crashlytics.internal.common.CommonUtils;->hash:178API Call: java.security.MessageDigest.update
Source: com.google.firebase.crashlytics.internal.common.CommonUtils;->hash:179API Call: java.security.MessageDigest.digest
Source: com.google.firebase.crashlytics.internal.common.CommonUtils;->hash:187API Call: java.security.MessageDigest.getInstance
Source: com.google.firebase.crashlytics.internal.common.CommonUtils;->hash:188API Call: java.security.MessageDigest.update
Source: com.google.firebase.crashlytics.internal.common.CommonUtils;->hash:189API Call: java.security.MessageDigest.digest
Source: com.bumptech.glide.load.engine.ResourceCacheKey;->updateDiskCacheKey:78API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.load.engine.ResourceCacheKey;->updateDiskCacheKey:84API Call: java.security.MessageDigest.update
Source: com.google.common.hash.MessageDigestHashFunction$MessageDigestHasher;->hash:9API Call: java.security.MessageDigest.digest
Source: com.google.common.hash.MessageDigestHashFunction$MessageDigestHasher;->hash:12API Call: java.security.MessageDigest.digest
Source: com.google.common.hash.MessageDigestHashFunction$MessageDigestHasher;->update:17API Call: java.security.MessageDigest.update
Source: com.google.common.hash.MessageDigestHashFunction$MessageDigestHasher;->update:20API Call: java.security.MessageDigest.update
Source: com.google.common.hash.MessageDigestHashFunction$MessageDigestHasher;->update:23API Call: java.security.MessageDigest.update
Source: com.google.common.hash.MessageDigestHashFunction;->getMessageDigest:15API Call: java.security.MessageDigest.getInstance
Source: com.google.firebase.iid.zzt;->zza:16API Call: java.security.MessageDigest.getInstance
Source: com.google.firebase.iid.zzt;->zza:18API Call: java.security.MessageDigest.digest
Source: com.google.android.gms.measurement.internal.zzff;->zzb:105API Call: java.security.MessageDigest.digest
Source: com.google.android.gms.measurement.internal.zzkk;->zza:287API Call: java.security.MessageDigest.digest
Source: com.google.android.gms.measurement.internal.zzko;->zzi:348API Call: java.security.MessageDigest.getInstance
Source: com.google.android.gms.measurement.internal.zzko;->zza:392API Call: java.security.MessageDigest.digest
Source: com.google.firebase.installations.local.IidStore;->getIdFromPublicKey:32API Call: java.security.MessageDigest.getInstance
Source: com.google.firebase.installations.local.IidStore;->getIdFromPublicKey:33API Call: java.security.MessageDigest.digest
Source: com.bumptech.glide.load.model.GlideUrl;->updateDiskCacheKey:50API Call: java.security.MessageDigest.update
Source: okio.Buffer;->digest:5API Call: java.security.MessageDigest.getInstance
Source: okio.Buffer;->digest:8API Call: java.security.MessageDigest.update
Source: okio.Buffer;->digest:12API Call: java.security.MessageDigest.update
Source: okio.Buffer;->digest:15API Call: java.security.MessageDigest.digest
Source: okio.ByteString;->digest$okio:76API Call: java.security.MessageDigest.getInstance
Source: okio.ByteString;->digest$okio:78API Call: java.security.MessageDigest.digest
Source: okio.HashingSink;-><init>:7API Call: java.security.MessageDigest.getInstance
Source: okio.HashingSink;->hash:36API Call: java.security.MessageDigest.digest
Source: okio.HashingSink;->write:52API Call: java.security.MessageDigest.update
Source: okio.HashingSource;-><init>:7API Call: java.security.MessageDigest.getInstance
Source: okio.HashingSource;->hash:36API Call: java.security.MessageDigest.digest
Source: okio.HashingSource;->read:55API Call: java.security.MessageDigest.update
Source: okio.SegmentedByteString;->digest$okio:24API Call: java.security.MessageDigest.getInstance
Source: okio.SegmentedByteString;->digest$okio:29API Call: java.security.MessageDigest.update
Source: okio.SegmentedByteString;->digest$okio:30API Call: java.security.MessageDigest.digest
Source: com.bumptech.glide.signature.AndroidResourceSignature;->updateDiskCacheKey:16API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.signature.MediaStoreSignature;->updateDiskCacheKey:14API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.signature.MediaStoreSignature;->updateDiskCacheKey:18API Call: java.security.MessageDigest.update
Source: com.bumptech.glide.signature.ObjectKey;->updateDiskCacheKey:19API Call: java.security.MessageDigest.update
Source: com.google.android.gms.common.util.AndroidUtilsLight;->getPackageCertificateHashBytes:12API Call: java.security.MessageDigest.digest
Source: com.google.android.gms.common.util.AndroidUtilsLight;->zzj:13API Call: java.security.MessageDigest.getInstance
Source: lv.spkc.apturicovid.utils.AESUtils;->decrypt:10API Call: javax.crypto.Cipher.getInstance
Source: lv.spkc.apturicovid.utils.AESUtils;->decrypt:11API Call: javax.crypto.Cipher.init
Source: lv.spkc.apturicovid.utils.AESUtils;->decrypt:12API Call: javax.crypto.Cipher.doFinal
Source: lv.spkc.apturicovid.utils.AESUtils;->encrypt:17API Call: javax.crypto.Cipher.getInstance
Source: lv.spkc.apturicovid.utils.AESUtils;->encrypt:18API Call: javax.crypto.Cipher.init
Source: lv.spkc.apturicovid.utils.AESUtils;->encrypt:19API Call: javax.crypto.Cipher.doFinal

Malware Analysis System Evasion:

barindex
Accesses android OS build fieldsShow sources
Source: com.bumptech.glide.load.resource.bitmap.HardwareConfigState;->isHardwareConfigAllowedByDeviceModel:23Field Access: android.os.Build.MODEL
Source: com.bumptech.glide.load.resource.bitmap.HardwareConfigState;->isHardwareConfigAllowedByDeviceModel:24Field Access: android.os.Build.MODEL
Source: com.bumptech.glide.load.resource.bitmap.HardwareConfigState;->isHardwareConfigAllowedByDeviceModel:26Field Access: android.os.Build.MODEL
Source: com.bumptech.glide.load.resource.bitmap.TransformationUtils;-><clinit>:34Field Access: android.os.Build.MODEL
Source: com.google.android.datatransport.cct.zzc;->decorate:113Field Access: android.os.Build.MODEL
Source: com.google.android.datatransport.cct.zzc;->decorate:119Field Access: android.os.Build.DEVICE
Source: com.google.android.datatransport.cct.zzc;->decorate:122Field Access: android.os.Build.PRODUCT
Source: com.google.android.datatransport.cct.zzc;->decorate:125Field Access: android.os.Build.ID
Source: com.google.android.datatransport.cct.zzc;->decorate:128Field Access: android.os.Build.MANUFACTURER
Source: com.google.android.datatransport.cct.zzc;->decorate:131Field Access: android.os.Build.FINGERPRINT
Source: com.google.firebase.crashlytics.internal.common.CommonUtils$Architecture;->getValue:47Field Access: android.os.Build.CPU_ABI
Source: com.google.firebase.crashlytics.internal.common.CommonUtils;->isEmulator:219Field Access: android.os.Build.PRODUCT
Source: com.google.firebase.crashlytics.internal.common.CommonUtils;->isEmulator:222Field Access: android.os.Build.PRODUCT
Source: com.google.firebase.crashlytics.internal.common.CommonUtils;->isRooted:227Field Access: android.os.Build.TAGS
Source: com.google.firebase.crashlytics.internal.common.CrashlyticsController;->writeSessionDevice:567Field Access: android.os.Build.MODEL
Source: com.google.firebase.crashlytics.internal.common.CrashlyticsController;->writeSessionDevice:575Field Access: android.os.Build.MANUFACTURER
Source: com.google.firebase.crashlytics.internal.common.CrashlyticsController;->writeSessionDevice:576Field Access: android.os.Build.PRODUCT
Source: com.google.firebase.crashlytics.internal.common.CrashlyticsController;->writeSessionOS:627Field Access: android.os.Build$VERSION.RELEASE
Source: com.google.firebase.crashlytics.internal.common.CrashlyticsReportDataCapture;->getDeviceArchitecture:42Field Access: android.os.Build.CPU_ABI
Source: com.google.firebase.crashlytics.internal.common.CrashlyticsReportDataCapture;->populateSessionDeviceData:187Field Access: android.os.Build.MANUFACTURER
Source: com.google.firebase.crashlytics.internal.common.CrashlyticsReportDataCapture;->populateSessionDeviceData:188Field Access: android.os.Build.PRODUCT
Source: com.google.firebase.crashlytics.internal.common.CrashlyticsReportDataCapture;->populateSessionDeviceData:191Field Access: android.os.Build.MODEL
Source: com.google.firebase.crashlytics.internal.common.CrashlyticsReportDataCapture;->populateSessionOperatingSystemData:203Field Access: android.os.Build$VERSION.RELEASE
Source: com.google.firebase.crashlytics.internal.common.IdManager;->getModelName:97Field Access: android.os.Build.MANUFACTURER
Source: com.google.firebase.crashlytics.internal.common.IdManager;->getModelName:99Field Access: android.os.Build.MODEL
Source: com.google.firebase.crashlytics.internal.common.IdManager;->getOsDisplayVersionString:105Field Access: android.os.Build$VERSION.RELEASE
Source: com.google.android.gms.measurement.internal.zzff;->zzw:177Field Access: android.os.Build$VERSION.RELEASE
Source: com.google.android.gms.measurement.internal.zzig;->zza:127Field Access: android.os.Build.MODEL
Source: com.google.android.gms.measurement.internal.zzig;->zza:131Field Access: android.os.Build$VERSION.RELEASE
Source: com.google.android.gms.measurement.internal.zzhc;->zzai:854Field Access: android.os.Build$VERSION.RELEASE
Source: com.google.android.gms.measurement.internal.zzkg;->zzb:1769Field Access: android.os.Build.MODEL
Source: com.google.android.gms.measurement.internal.zzkg;->zzb:1774Field Access: android.os.Build$VERSION.RELEASE
Source: com.google.android.material.internal.ManufacturerUtils;->isSamsungDevice:2Field Access: android.os.Build.MANUFACTURER
Source: com.google.android.gms.internal.measurement.zzcp;->zza:37Field Access: android.os.Build.TYPE
Source: com.google.android.gms.internal.measurement.zzcp;->zza:38Field Access: android.os.Build.TAGS
Source: com.google.android.material.textfield.TextInputEditText;->onAttachedToWindow:16Field Access: android.os.Build.MANUFACTURER
Source: com.google.android.gms.common.util.DeviceProperties;->isUserBuild:43Field Access: android.os.Build.TYPE
Source: com.google.android.gms.common.util.PlatformVersion;->isAtLeastR:16Field Access: android.os.Build.BRAND
Source: com.google.android.gms.internal.vision.zzaz;->zzf:37Field Access: android.os.Build.TYPE
Source: com.google.android.gms.internal.vision.zzaz;->zzf:38Field Access: android.os.Build.TAGS
Checks CPU detailsShow sources
Source: Lcom/bumptech/glide/load/engine/executor/RuntimeCompat;->getCoreCountPre17()IMethod string: "/sys/devices/system/cpu/"
Queries several sensitive phone informationsShow sources
Source: Landroidx/core/view/ViewConfigurationCompat;->shouldShowMenuShortcutsWhenKeyboardPresent(Landroid/view/ViewConfiguration;Landroid/content/Context;)ZMethod string: "android"
Source: Lkotlin/reflect/KTypeProjection$Companion;->invariant(Lkotlin/reflect/KType;)Lkotlin/reflect/KTypeProjection;Method string: "type"
Source: Llv/spkc/apturicovid/persistance/SharedPreferenceManager;->setPhone(Ljava/lang/String;)VMethod string: "phone"
Source: Landroidx/exifinterface/media/ExifInterface;->readImageFileDirectory(Landroidx/exifinterface/media/ExifInterface$ByteOrderedDataInputStream;I)VMethod string: "model"
Source: Lorg/joda/time/PeriodType;->time()Lorg/joda/time/PeriodType;Method string: "time"
Source: Landroidx/localbroadcastmanager/content/LocalBroadcastManager;->sendBroadcast(Landroid/content/Intent;)ZMethod string: "category"
Queries the unique operating system id (ANDROID_ID)Show sources
Source: com.google.firebase.crashlytics.internal.common.CommonUtils;->isEmulator:218API Call: android.provider.Settings$Secure.getString
Source: com.google.android.gms.measurement.internal.zzkg;->zzb:1748API Call: android.provider.Settings$Secure.getString

Anti Debugging:

barindex
Checks if debugger is runningShow sources
Source: com.google.firebase.crashlytics.internal.common.CommonUtils;->isDebuggerAttached:214API Call: android.os.Debug.isDebuggerConnected

Language, Device and Operating System Detection:

barindex
Checks if phone is rooted (checks for Superuser.apk)Show sources
Source: com.google.firebase.crashlytics.internal.common.CommonUtils;->isRooted:231API Call: java.io.File.<init>("/system/app/Superuser.apk")
Checks if phone is rooted (checks for test-keys build tags)Show sources
Source: com.google.firebase.crashlytics.internal.common.CommonUtils;->isRooted:229API Call: java.lang.String.contains("test-keys")
Source: com.google.android.gms.internal.measurement.zzcp;->zza:53API Call: java.lang.String.contains("test-keys")
Source: com.google.android.gms.internal.vision.zzaz;->zzf:53API Call: java.lang.String.contains("test-keys")

Stealing of Sensitive Information:

barindex
Uses accessibility services (likely to control other applications)Show sources
Source: androidx.core.view.accessibility.AccessibilityNodeInfoCompat;->findAccessibilityNodeInfosByText:162API Call: android.view.accessibility.AccessibilityNodeInfo.findAccessibilityNodeInfosByText
Queries camera informationShow sources
Source: com.google.android.gms.vision.CameraSource;->zza:6API Call: android.hardware.Camera.getNumberOfCameras
Source: com.google.android.gms.vision.CameraSource;->zza:7API Call: android.hardware.Camera.getCameraInfo
Source: com.google.android.gms.vision.CameraSource;->zza:8API Call: android.hardware.Camera.open
Source: com.google.android.gms.vision.CameraSource;->zza:70API Call: android.hardware.Camera.getCameraInfo
Queries stored mail and application accounts (e.g. Gmail or Whatsup)Show sources
Source: com.google.android.gms.auth.zzd;->zzb:124API Call: android.accounts.Account.name
Source: com.google.android.gms.auth.zzd;->zzb:127API Call: android.accounts.Account.type
Source: com.google.android.gms.auth.api.credentials.IdentityProviders;->getIdentityProviderForAccount:4API Call: android.accounts.Account.type
Source: com.google.android.gms.auth.api.credentials.IdentityProviders;->getIdentityProviderForAccount:8API Call: android.accounts.Account.type
Source: com.google.android.gms.common.internal.ClientSettings;->getAccountName:20API Call: android.accounts.Account.name
Source: com.google.android.gms.signin.internal.SignInClientImpl;->zaa:77API Call: android.accounts.Account.name
Source: com.google.android.gms.auth.api.signin.GoogleSignInAccount;->createDefault:9API Call: android.accounts.Account.name
Source: com.google.android.gms.auth.api.signin.GoogleSignInAccount;->createDefault:11API Call: android.accounts.Account.name
Source: com.google.android.gms.auth.api.signin.GoogleSignInOptions;->zad:78API Call: android.accounts.Account.name

Remote Access Functionality:

barindex
Found suspicious command strings (may be related to BOT commands)Show sources
Source: Landroidx/recyclerview/widget/RecyclerView$Recycler;->recycleViewHolderInternal(Landroidx/recyclerview/widget/RecyclerView$ViewHolder;)VMethod string: "trying to recycle an ignored view holder. you should first call stopignoringview(view) before calling recycle."
Source: Lkotlin/ranges/RangesKt___RangesKt;->reversed(Lkotlin/ranges/LongProgression;)Lkotlin/ranges/LongProgression;Method string: "$this$reversed"
Source: Landroidx/recyclerview/widget/RecyclerView$Recycler;->recycleViewHolderInternal(Landroidx/recyclerview/widget/RecyclerView$ViewHolder;)VInstruction: "const-string v1, "trying to recycle an ignored view holder. you should first call stopignoringview(view) before calling recycle.""
Source: Lkotlin/collections/ArraysKt___ArraysKt;->sortDescending([S)VInstruction: "lkotlin/collections/arrayskt;->reverse([s)v"
Source: Llv/spkc/apturicovid/ui/sms/SmsRetrievalViewModel$sendNumber$1;->create(Ljava/lang/Object;Lkotlin/coroutines/Continuation;)Lkotlin/coroutines/Continuation;Instruction: "iput-object p1, v0, llv/spkc/apturicovid/ui/sms/smsretrievalviewmodel$sendnumber$1;->p$:lkotlinx/coroutines/coroutinescope;"

Malware Configuration

No configs have been found

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
Apturi Covid_lv.spkc.gov.apturicovid.apk0%VirustotalBrowse
Apturi Covid_lv.spkc.gov.apturicovid.apk2%ReversingLabs

Dropped Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://apturicovid-files.spkc.gov.lv/dkfs/v1/index.txt0%Avira URL Cloudsafe
https://apturicovid.lv/lietosanas-noteikumi/#ru0%Avira URL Cloudsafe
https://app-measurement.com/a1%VirustotalBrowse
https://app-measurement.com/a0%Avira URL Cloudsafe
https://apturicovid.lv/lietosanas-noteikumi0%Avira URL Cloudsafe
https://apturicovid.lv/privatuma-politika/#ru0%Avira URL Cloudsafe
https://apturicovid.lv/lietosanas-noteikumi/#en0%Avira URL Cloudsafe
https://apturicovid.lv/privatuma-politika0%Avira URL Cloudsafe
https://apturicovid-api.spkc.gov.lv/api/0%Avira URL Cloudsafe
https://arkartassituacija.gov.lv/0%VirustotalBrowse
https://arkartassituacija.gov.lv/0%Avira URL Cloudsafe
https://apturicovid.lv/privatuma-politika/#en0%Avira URL Cloudsafe
https://www.apturicovid.lv/0%Avira URL Cloudsafe
https://apturicovid-files.spkc.gov.lv/stats/v1/covid-stats.json0%Avira URL Cloudsafe

Yara Overview

Initial Sample

No yara matches

PCAP (Network Traffic)

No yara matches

Dropped Files

No yara matches

Sigma Overview

No Sigma rule has matched

Joe Sandbox View / Context

IPs

MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
64.233.167.188r7ca6HVpcwGet hashmaliciousBrowse
    app-debug.apkGet hashmaliciousBrowse
      fubang.apkGet hashmaliciousBrowse
        com.imeichanger.activationlock_12_apkplz.net.apkGet hashmaliciousBrowse
          CoronaVirus-apps.apkGet hashmaliciousBrowse
            wxoxsdskdtbypbsuosalbycawl.xeoljzmrwlgdcrgltaghwsoiqfc.rhrunsudjuaipzjkhcnxuapGet hashmaliciousBrowse
              org.qtproject.example.navamessenger.fl.apkGet hashmaliciousBrowse
                com.guoshi.httpcanary_3.2.5.apkGet hashmaliciousBrowse
                  BK2hq02nbO.apkGet hashmaliciousBrowse
                    testandroid.apkGet hashmaliciousBrowse
                      jaWv3eJqR1Get hashmaliciousBrowse
                        com.tdo.showbox_v5.08-115_Android-4.0.apkGet hashmaliciousBrowse
                          FindNow_v0.5.3_apkpure.com.apkGet hashmaliciousBrowse
                            xL0JdXvd4RGet hashmaliciousBrowse
                              Advanced Battery Saver_9.1.1_1apk.co.apkGet hashmaliciousBrowse
                                oTHZdy4O1N.apkGet hashmaliciousBrowse
                                  20180601163315433.apkGet hashmaliciousBrowse
                                    mominis.Generic_Android.Ninja_Chicken_Beach_2015_2018-06-05.apkGet hashmaliciousBrowse
                                      install.apkGet hashmaliciousBrowse
                                        file.apkGet hashmaliciousBrowse

                                          Domains

                                          No context

                                          ASN

                                          MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                          unknowneRATaikAiZ.apkGet hashmaliciousBrowse
                                          • 74.125.140.188
                                          https://gvq-my.sharepoint.com/:o:/g/personal/mlessard_gvq_ca/EoW3ZmKki2dBpTruZ_uXdMoB4FpsyeZiiktot0Ua0lI4zQ?e=5HBETzGet hashmaliciousBrowse
                                          • 162.241.115.33
                                          https://us10.campaign-archive.com/?u=57f154ea2e6418d58423943af&id=f547c7ddd2Get hashmaliciousBrowse
                                          • 151.101.60.193
                                          QblHtSF8pJ.pptGet hashmaliciousBrowse
                                          • 104.18.54.192
                                          jus_TRF635.exeGet hashmaliciousBrowse
                                          • 104.16.203.237
                                          Factura 0023230119.exeGet hashmaliciousBrowse
                                          • 104.16.203.237
                                          order_900000000000000.exeGet hashmaliciousBrowse
                                          • 185.51.202.58
                                          order_403_img.exeGet hashmaliciousBrowse
                                          • 185.51.202.58
                                          8kqdrsxMSs.apkGet hashmaliciousBrowse
                                          • 216.58.206.14
                                          det__9270466.xlsGet hashmaliciousBrowse
                                          • 104.27.167.217
                                          det__9270466.xlsGet hashmaliciousBrowse
                                          • 104.27.167.217
                                          w0Ku4mr4HN.exeGet hashmaliciousBrowse
                                          • 104.18.58.83
                                          w0Ku4mr4HN.exeGet hashmaliciousBrowse
                                          • 52.216.101.205
                                          https://www.google.com/url?rct=j&sa=t&url=http://cp.centrumzklimatem.pl/beoutq-tv-live.html&ct=ga&cd=CAEYACoTMTM3NDA5MTUzNzMzODkyNzE5MzIbNDI3ZjJmNmVjNjRlMmUzZDpmcjpmcjpGUjpM&usg=AFQjCNGQ1_-MLhC-3IKZ7Fw0BB8rB52vmgGet hashmaliciousBrowse
                                          • 62.138.18.107
                                          00a21_faktura_52.xlsmGet hashmaliciousBrowse
                                          • 37.228.116.200
                                          http://model-18.comGet hashmaliciousBrowse
                                          • 104.26.2.114
                                          thVZVGY6Or.apkGet hashmaliciousBrowse
                                          • 204.48.26.131
                                          http://help-m2c.eccang.comGet hashmaliciousBrowse
                                          • 85.25.208.132
                                          Order_80000000000_img.exeGet hashmaliciousBrowse
                                          • 185.51.202.58
                                          https://maestrica.com/admin/FBGGet hashmaliciousBrowse
                                          • 192.185.162.76

                                          JA3 Fingerprints

                                          No context

                                          Dropped Files

                                          No context

                                          Screenshots

                                          Thumbnails

                                          This section contains all screenshots as thumbnails, including those not shown in the slideshow.