Loading ...

Play interactive tourEdit tour

Analysis Report SM-Covid-19_it.softmining.projects.covid19.savelifestyle_V51.apk

Overview

General Information

Sample Name:SM-Covid-19_it.softmining.projects.covid19.savelifestyle_V51.apk
Analysis ID:432085
MD5:7f1873c2eb896783c84cc7e2dec41a20
SHA1:a4608ec1539d97bd72dd12ee774e916a0a8b492d
SHA256:b5728080de8a6a1bdb8c3a2ff52ab88f81438415e0ea83b6c56c5b49bdec419e
Infos:

Most interesting Screenshot:

Detection

Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Drops a new APK file
Requests to ignore battery optimizations
Aborts a broadcast event (this is often done to hide phone events such as incoming SMS)
Accesses /proc
Accesses android OS build fields
Checks an internet connection is available
Checks if debugger is running
Checks if phone is rooted (checks for Superuser.apk)
Checks if phone is rooted (checks for su binary)
Checks if phone is rooted (checks for test-keys build tags)
Detected TCP or UDP traffic on non-standard ports
Executes native commands
Found suspicious command strings (may be related to BOT commands)
Found very long method strings
Has functionalty to add an overlay to other apps
Has permission to draw over other applications or user interfaces
Has permission to execute code after phone reboot
Has permission to use bluetooth to discover and pair with other devices
Installs a new wake lock (to get activate on phone screen on)
Kills/terminates processes
Lists and deletes files in the same context
May access the Android keyguard (lock screen)
May dial phone number
May use Google Cloud Messaging (GCM) or Google's Cloud to Device Messaging (C2DM) services
Obfuscates method names
Opens an internet connection
Performs DNS lookups (Java API)
Queries a list of installed applications
Queries list of running processes/tasks
Queries several sensitive phone informations
Queries stored mail and application accounts (e.g. Gmail or Whatsup)
Queries the network operator name
Queries the phones location (GPS)
Queries the unique operating system id (ANDROID_ID)
Requests potentially dangerous permissions
Requests root access
Starts/registers a service/receiver on phone boot (autostart)
Uses reflection

Classification

Yara Overview

No yara matches

Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

barindex
Antivirus / Scanner detection for submitted sampleShow sources
Source: SM-Covid-19_it.softmining.projects.covid19.savelifestyle_V51.apkAvira: detected
Source: it.softmining.projects.covid19.savelifestyle.PingFromAuthority$a;->onClick:42API Call: android.location.Location.getLatitude
Source: it.softmining.projects.covid19.savelifestyle.PingFromAuthority$a;->onClick:46API Call: android.location.Location.getLongitude
Source: it.softmining.projects.covid19.savelifestyle.SendRiskActivity$a;->onClick:39API Call: android.location.Location.getLatitude
Source: it.softmining.projects.covid19.savelifestyle.SendRiskActivity$a;->onClick:43API Call: android.location.Location.getLongitude
Source: d.d.a0;->b:40API Call: android.location.Location.getLatitude
Source: d.d.a0;->b:46API Call: android.location.Location.getLongitude
Source: d.d.a0;->b:51API Call: android.location.Location.getLatitude
Source: d.d.a0;->b:53API Call: android.location.Location.getLongitude
Source: c.b.k.k$h;->c:29API Call: android.location.Location.getLatitude
Source: c.b.k.k$h;->c:30API Call: android.location.Location.getLongitude
Source: c.b.k.k$h;->c:32API Call: android.location.Location.getLatitude
Source: c.b.k.k$h;->c:33API Call: android.location.Location.getLongitude
Source: c.b.k.k$h;->c:35API Call: android.location.Location.getLatitude
Source: c.b.k.k$h;->c:36API Call: android.location.Location.getLongitude
Source: c.b.k.s;->a:6API Call: android.location.LocationManager.getLastKnownLocation
Source: g.a.a.a.a.r.a;->a:57API Call: android.location.Location.getLatitude
Source: g.a.a.a.a.r.a;->a:61API Call: android.location.Location.getLongitude
Source: g.a.a.a.a.r.a;->a:257API Call: android.location.Location.getLatitude
Source: g.a.a.a.a.r.a;->a:261API Call: android.location.Location.getLongitude
Source: Ld/b/c/n/e/k/g;->s(Landroid/content/Context;)ZMethod string: "/system/xbin/su"
Source: unknownHTTPS traffic detected: 172.217.22.234:443 -> 192.168.2.30:49924 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.217.23.42:443 -> 192.168.2.30:44320 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.36.227:443 -> 192.168.2.30:58396 version: TLS 1.2
Source: d.b.c.v.e0;->run:103API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: d.b.c.v.e0;->run:103API Call: android.net.NetworkInfo.isConnected
Source: g.a.a.a.a.h;->e:371API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: g.a.a.a.a.h;->e:372API Call: android.net.NetworkInfo.isConnectedOrConnecting
Source: d.b.a.b.i.b.f4;->w:24API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: d.b.a.b.i.b.f4;->w:25API Call: android.net.NetworkInfo.isConnected
Source: d.b.a.b.i.b.m6;->run:47API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: d.b.a.b.i.b.m6;->run:48API Call: android.net.NetworkInfo.isConnected
Source: d.d.b2;->e:137API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: d.b.a.a.j.s.h.g;->run:13API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: d.b.a.a.j.s.h.g;->run:14API Call: android.net.NetworkInfo.isConnected
Source: d.b.a.a.i.e;->a:15API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: d.b.c.s.i0.h$b;->onReceive:4API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: d.b.c.s.i0.h$b;->onReceive:5API Call: android.net.NetworkInfo.isConnected
Source: f.a.i1.a$b$d;->onReceive:4API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: f.a.i1.a$b$d;->onReceive:5API Call: android.net.NetworkInfo.isConnected
Source: d.b.c.n.e.k.g;->b:10API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: d.b.c.n.e.k.g;->b:11API Call: android.net.NetworkInfo.isConnectedOrConnecting
Source: d.b.c.v.e0;->b:15API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: d.b.c.v.e0;->b:16API Call: android.net.NetworkInfo.isConnected
Source: d.b.c.z.w;->c:41API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: d.b.c.z.w;->c:42API Call: android.net.NetworkInfo.isConnected
Source: global trafficTCP traffic: 192.168.2.30:56068 -> 8.8.4.4:853
Source: d.b.c.x.p.c;->b:49API Call: java.net.URL.openConnection
Source: j.i0.i.a;->g:66API Call: java.net.Socket.connect("10000")
Source: d.b.a.b.a.a.b;->run:17API Call: java.net.URL.openConnection (not executed)
Source: d.b.a.b.i.b.f4;->u:9API Call: java.net.URL.openConnection (not executed)
Source: d.b.a.b.i.b.h7;->u:9API Call: java.net.URL.openConnection (not executed)
Source: d.d.f3;->run:25API Call: java.net.URL.openConnection (not executed)
Source: d.d.q;->h:387API Call: java.net.URL.openConnection (not executed)
Source: d.b.a.a.i.c;->a:8API Call: java.net.URL.openConnection (not executed)
Source: j.i0.i.f;->g:28API Call: java.net.Socket.connect (not executed)
Source: l.a.a.n.g;->doInBackground:41API Call: java.net.URL.openConnection (not executed)
Source: d.a.b.w.f;->a:60API Call: java.net.URL.openConnection (not executed)
Source: d.b.c.z.r;->call:14API Call: java.net.URL.openConnection (not executed)
Source: f.a.j1.f0;->h:151API Call: java.net.InetAddress.getAllByName (URL: "firestore.googleapis.com")
Source: j.i0.e.g;->d:91API Call: java.net.InetAddress.getAllByName (URL: "firebase-settings.crashlytics.com")
Source: f.a.j1.h1$b;->a:48API Call: java.net.InetAddress.getAllByName (not executed)
Source: f.a.j1.j2;->a:53API Call: java.net.InetAddress.getByName (not executed)
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.170
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.170
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.170
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.170
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.42
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.140.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.140.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.140.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.140.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.140.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.140.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.140.188
Source: unknownTCP traffic detected without corresponding DNS query: 74.125.140.188
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.20.238
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.170
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.20.238
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.20.238
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.20.238
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.20.238
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.20.238
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.20.238
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.20.238
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.20.238
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.20.238
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.22.234
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.22.234
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.22.234
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.22.234
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.22.234
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.22.234
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.22.234
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.22.234
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.22.234
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.22.234
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.22.234
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.22.234
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.22.234
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.22.234
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.23.42
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.23.42
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.23.42
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.23.42
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.23.42
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.23.42
Source: unknownTCP traffic detected without corresponding DNS query: 172.217.23.42
Source: avd_show_password.xmlString found in binary or memory: http://schemas.android.com/aapt
Source: activity_stats_newversion.xml, comfortaa.xml, activity_credits.xml, onboarding_layout.xml, mtrl_picker_header_fullscreen.xml, androidString found in binary or memory: http://schemas.android.com/apk/res-auto
Source: abc_screen_simple.xml, test_mtrl_calendar_day.xml, activity_stats_newversion.xml, avd_show_password.xml, test_reflow_chipgroup.xml, mtrl_fab_transformation_sheet_expand_spec.xml, abc_btn_check_material_anim.xml, text_view_without_line_height.xml, abc_btn_colored_material.xml, abc_ic_arrow_drop_right_black_24dp.xml, btn_checkbox_checked_to_unchecked_mtrl_animation.xml, btn_checkbox_to_checked_box_outer_merged_animation.xml, abc_alert_dialog_button_bar_material.xml, design_text_input_start_icon.xml, activity_credits.xml, mtrl_calendar_month.xml, peers_list_item.xml, onboarding_layout.xml, mtrl_picker_header_fullscreen.xml, test_toolbar.xml, androidString found in binary or memory: http://schemas.android.com/apk/res/android
Source: androidString found in binary or memory: http://www.governo.it/it/approfondimento/coronavirus-la-normativa/14252
Source: circularstdbook.ttfString found in binary or memory: http://www.lineto.com
Source: circularstdbook.ttfString found in binary or memory: http://www.lineto.com/Lineto.com/Font
Source: circularstdbook.ttfString found in binary or memory: http://www.lineto.com/The
Source: circularstdbook.ttfString found in binary or memory: http://www.lineto.comhttp://www.lineto.comhttp://www.lineto.com/The
Source: androidString found in binary or memory: http://www.salute.gov.it/imgs/C_17_opuscoliPoster_444_allegato.pdf
Source: androidString found in binary or memory: http://www.salute.gov.it/portale/nuovocoronavirus/dettaglioContenutiNuovoCoronavirus.jsp?lingua=ital
Source: androidString found in binary or memory: https://%1$s-%2$s.cloudfunctions.net/%3$s
Source: androidString found in binary or memory: https://api.onesignal.com/
Source: androidString found in binary or memory: https://app-measurement.com/a
Source: androidString found in binary or memory: https://covid19-99fe6.firebaseio.com
Source: androidString found in binary or memory: https://developer.android.com/reference/com/google/android/play/core/assetpacks/model/AssetPackError
Source: source_context.protoString found in binary or memory: https://developers.google.com/protocol-buffers/
Source: androidString found in binary or memory: https://firebase-settings.crashlytics.com/
Source: androidString found in binary or memory: https://firebase-settings.crashlytics.com/spi/v2/platforms/android/gmp/%s/settings
Source: androidString found in binary or memory: https://firebase-settings.crashlytics.com/spi/v2/platforms/android/gmp/1:702408125253:android:e54201
Source: androidString found in binary or memory: https://firebase.google.com/support/guides/disable-analytics
Source: androidString found in binary or memory: https://firebase.google.com/support/privacy/init-options.
Source: androidString found in binary or memory: https://firebaseinstallations.googleapis.com/v1/projects/covid19-99fe6/installations
Source: androidString found in binary or memory: https://github.com/grpc/grpc-java/issues/5015
Source: androidString found in binary or memory: https://goo.gl/J1sWQy
Source: androidString found in binary or memory: https://goo.gl/NAOOOI
Source: androidString found in binary or memory: https://goo.gl/NAOOOI.
Source: androidString found in binary or memory: https://google.com/search?
Source: androidString found in binary or memory: https://onesignal.com/android_frame.html
Source: androidString found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=gmob-apps
Source: androidString found in binary or memory: https://play.google.com/store/apps/details?id=it.softmining.projects.covid19.savelifestyle
Source: androidString found in binary or memory: https://plus.google.com/
Source: androidString found in binary or memory: https://raw.githubusercontent.com/pcm-dpc/COVID-19/master/dati-json/dpc-covid19-ita-andamento-nazion
Source: androidString found in binary or memory: https://raw.githubusercontent.com/pcm-dpc/COVID-19/master/dati-json/dpc-covid19-ita-regioni-latest.j
Source: androidString found in binary or memory: https://reports.crashlytics.com/sdk-api/v1/platforms/android/apps/%s/minidumps
Source: androidString found in binary or memory: https://reports.crashlytics.com/spi/v1/platforms/android/apps/%s/reports
Source: androidString found in binary or memory: https://s3.amazonaws.com/android-beacon-library/android-distance.json
Source: androidString found in binary or memory: https://update.crashlytics.com/spi/v1/platforms/android/apps
Source: androidString found in binary or memory: https://update.crashlytics.com/spi/v1/platforms/android/apps/%s
Source: androidString found in binary or memory: https://www.google.com
Source: androidString found in binary or memory: https://www.googleadservices.com/pagead/conversion/app/deeplink?id_type=adid&sdk_version=%s&rdid=%s&
Source: androidString found in binary or memory: https://www.smcovid19.org/lindice-dei-contatti/
Source: androidString found in binary or memory: https://www.smcovid19.org/privacy/
Source: androidString found in binary or memory: https://www.smcovid19.org/team/
Source: androidString found in binary or memory: https://www.softmining.it/index.php/sm-covid19-app/
Source: d.b.a.b.i.b.j4;->run:37API Call: java.net.HttpURLConnection.connect
Source: unknownNetwork traffic detected: HTTP traffic on port 49924 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 39602 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 44320
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54604
Source: unknownNetwork traffic detected: HTTP traffic on port 50870 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55630
Source: unknownNetwork traffic detected: HTTP traffic on port 55630 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58396
Source: unknownNetwork traffic detected: HTTP traffic on port 58396 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49924
Source: unknownNetwork traffic detected: HTTP traffic on port 54604 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50458 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 44320 -> 443
Source: unknownHTTPS traffic detected: 172.217.22.234:443 -> 192.168.2.30:49924 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.217.23.42:443 -> 192.168.2.30:44320 version: TLS 1.2
Source: unknownHTTPS traffic detected: 142.251.36.227:443 -> 192.168.2.30:58396 version: TLS 1.2
Source: c.b.k.k;->G:139API Call: WindowManager.addView
Source: c.b.p.z0;->d:106API Call: WindowManager.addView
Source: it.softmining.projects.covid19.savelifestyle.UtilityNumbers;->v:5API Call: android.net.Uri.parse("tel:1500")
Source: it.softmining.projects.covid19.savelifestyle.UtilityNumbers;->w:11API Call: android.net.Uri.parse("tel:112")
Source: submitted apkRequest permission: it.softmining.projects.covid19.savelifestyle.permission.C2D_MESSAGE
Source: d.b.c.n.e.o.g;->q:73API Calls in same method context: File.listFiles,File.delete
Source: d.b.c.n.e.k.c0;->call:41API Calls in same method context: File.listFiles,File.delete
Source: d.b.a.d.a.a.a0;->j:38API Calls in same method context: File.listFiles,File.delete
Source: d.b.a.d.a.a.u1;->b:10API Calls in same method context: File.listFiles,File.delete
Source: d.b.c.n.e.k.a1;->g:46API Calls in same method context: File.listFiles,File.delete
Source: d.b.c.n.e.k.t;->f:619API Calls in same method context: File.listFiles,File.delete
Source: d.a.b.d;->run:102API Calls in same method context: File.listFiles,File.delete
Source: androidString found in binary or memory: keyguard
Source: it.softmining.projects.covid19.savelifestyle.Softmining_Covid19;->onCreate:190API Call: android.os.PowerManager$WakeLock.acquire
Source: c.n.a.a;->b:32API Call: android.os.PowerManager$WakeLock.acquire
Source: g.a.a.a.a.h;->l:469API Call: android.os.PowerManager$WakeLock.acquire
Source: c.i.e.e$c;->a:27API Call: android.os.PowerManager$WakeLock.acquire
Source: c.i.e.e$c;->c:29API Call: android.os.PowerManager$WakeLock.acquire
Source: c.i.e.e$c;->d:33API Call: android.os.PowerManager$WakeLock.acquire
Source: g.a.a.a.a.i.a;->d:109API Call: android.os.PowerManager$WakeLock.acquire
Source: g.a.a.a.a.i.a;->e:184API Call: android.os.PowerManager$WakeLock.acquire
Source: d.b.a.b.l.a;->a:89API Call: android.os.PowerManager$WakeLock.acquire
Source: com.onesignal.JobIntentService$CompatWorkEnqueuer;->enqueueWork:27API Call: android.os.PowerManager$WakeLock.acquire
Source: com.onesignal.JobIntentService$CompatWorkEnqueuer;->serviceProcessingFinished:29API Call: android.os.PowerManager$WakeLock.acquire
Source: com.onesignal.JobIntentService$CompatWorkEnqueuer;->serviceProcessingStarted:33API Call: android.os.PowerManager$WakeLock.acquire
Source: d.b.c.v.e0;->run:87API Call: android.os.PowerManager$WakeLock.acquire
Source: d.b.c.z.w;->run:48API Call: android.os.PowerManager$WakeLock.acquire

System Summary:

barindex
Requests to ignore battery optimizationsShow sources
Source: Lit/softmining/projects/covid19/savelifestyle/AppConfig/Whitelist_Setting$a;->onClick(Landroid/view/View;)VMethod string: "android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS"
Source: com.onesignal.shortcutbadger.impl.OPPOHomeBader;->e:68API Call: java.lang.Runtime.exec
Source: it.softmining.projects.covid19.savelifestyle.AppConfig.DataProtectionConsent$c;->onClick:5API Call: android.os.Process.killProcess
Source: submitted apkRequest permission: android.permission.ACCESS_COARSE_LOCATION
Source: submitted apkRequest permission: android.permission.ACCESS_FINE_LOCATION
Source: submitted apkRequest permission: android.permission.BLUETOOTH
Source: submitted apkRequest permission: android.permission.BLUETOOTH_ADMIN
Source: submitted apkRequest permission: android.permission.INTERNET
Source: submitted apkRequest permission: android.permission.SYSTEM_ALERT_WINDOW
Source: submitted apkRequest permission: android.permission.WAKE_LOCK
Source: submitted apkRequest permission: android.permission.WRITE_EXTERNAL_STORAGE
Source: classification engineClassification label: mal56.andAPK@0/255@0/0
Source: d.d.x2;->D:157API Call: android.database.sqlite.SQLiteDatabase.execSQL
Source: d.d.x2;->B:49API Call: android.database.sqlite.SQLiteDatabase.execSQL
Source: d.b.c.s.f0.x1;->run:17API Call: android.database.sqlite.SQLiteDatabase.execSQL
Source: d.b.a.a.j.s.i.u;->a:19API Call: android.database.sqlite.SQLiteDatabase.execSQL
Source: d.d.x2;->onCreate:188API Call: android.database.sqlite.SQLiteDatabase.execSQL
Source: g.a.a.a.a.d.a;->a:13API Call: android.database.sqlite.SQLiteDatabase.execSQL
Source: d.b.c.s.f0.v1;->run:11API Call: android.database.sqlite.SQLiteDatabase.execSQL
Source: d.b.a.a.j.s.i.u;->m:33API Call: android.database.sqlite.SQLiteDatabase.execSQL
Source: c.u.h;->c:87API Call: android.database.sqlite.SQLiteDatabase.execSQL
Source: d.b.c.s.f0.c2;->run:5API Call: android.database.sqlite.SQLiteDatabase.execSQL
Source: d.b.c.s.f0.y1;->run:5API Call: android.database.sqlite.SQLiteDatabase.execSQL
Source: com.google.firebase.auth.FirebaseAuth;-><init>:30API Call: "com.google.firebase.auth.FIREBASE_USER": null
Source: com.google.firebase.auth.FirebaseAuth;-><init>:59API Call: "firebaseAppName":
Source: com.google.firebase.iid.FirebaseInstanceId;->l:140API Call: "|T|702408125253|*": null
Source: d.b.c.z.u;->a:7API Call: "topic_operation_queue":
Source: d.b.c.x.f;->n:216API Call: "|S|id": null
Source: d.b.c.x.o.b;->a:26API Call: "|S||P|": null
Source: d.b.c.n.e.s.d;->d:55API Call: "existing_instance_identifier":
Source: d.b.c.v.b0;->c:63API Call: "W0RFRkFVTFRd+MTo3MDI0MDgxMjUyNTM6YW5kcm9pZDplNTQyMDE5NjEyZTE2NWRjMjdhYzJj|S|cre": 1623254225393
Source: d.b.c.n.e.k.r0;->b:37API Call: "firebase.installation.id": null
Source: d.b.c.n.e.k.r0;->b:42API Call: "crashlytics.installation.id": null
Source: d.b.a.b.i.b.i5;->run:154API Call: "gmp_app_id": null
Source: d.b.a.b.i.b.i5;->run:162API Call: "admob_app_id": null
Source: d.b.a.b.i.b.u4;->a:6API Call: "app_instance_id": null
Source: d.b.a.b.i.b.u4;->a:6API Call: "firebase_feature_rollouts": null
Source: d.b.a.b.i.b.k6;->K:593API Call: "previous_os_version": null
Source: d.b.a.b.b.a.a.a.a;->c:34API Call: android.content.SharedPreferences.getString
Source: d.b.a.b.a.a.a;->b:19API Call: android.content.SharedPreferences.getString
Source: d.b.a.b.a.a.c;->a:10API Call: android.content.SharedPreferences.getBoolean
Source: g.a.a.a.a.h;->u:557API Call: android.content.SharedPreferences.getBoolean
Source: g.a.a.a.a.h;->w:562API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.auth.FirebaseAuth;-><init>:45API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.auth.FirebaseAuth;-><init>:68API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.auth.FirebaseAuth;-><init>:74API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.auth.FirebaseAuth;-><init>:76API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.auth.FirebaseAuth;-><init>:79API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.auth.FirebaseAuth;-><init>:225API Call: android.content.SharedPreferences.getString
Source: d.b.a.b.i.b.b4;->H:118API Call: android.content.SharedPreferences.getString
Source: d.b.a.b.i.b.o4;->o:52API Call: android.content.SharedPreferences.getBoolean
Source: d.b.a.b.i.b.o4;->z:120API Call: android.content.SharedPreferences.getBoolean
Source: d.b.a.b.i.b.p4;->a:7API Call: android.content.SharedPreferences.getString
Source: d.b.a.b.i.b.q4;->b:12API Call: android.content.SharedPreferences.getBoolean
Source: d.b.a.b.i.b.t7;->A:133API Call: android.content.SharedPreferences.getBoolean
Source: d.b.a.b.i.b.t7;->K:438API Call: android.content.SharedPreferences.getBoolean
Source: d.d.z2;->a:25API Call: android.content.SharedPreferences.getString
Source: d.d.z2;->a:28API Call: android.content.SharedPreferences.getBoolean
Source: d.b.a.b.g.g.h;->d:53API Call: android.content.SharedPreferences.getBoolean
Source: com.google.firebase.iid.FirebaseInstanceId$a;->c:35API Call: android.content.SharedPreferences.getBoolean
Source: d.b.c.n.e.k.m0;-><init>:13API Call: android.content.SharedPreferences.getBoolean
Source: d.b.c.n.e.k.r0;->b:55API Call: android.content.SharedPreferences.getString
Source: com.google.firebase.messaging.FirebaseMessagingService;->b:97API Call: android.content.SharedPreferences.getBoolean
Source: d.b.c.x.f;->o:236API Call: android.content.SharedPreferences.getString
Source: d.b.c.y.a;-><init>:14API Call: android.content.SharedPreferences.getBoolean
Source: Ld/b/a/b/d/d0;->N0()[BMethod string: 0\u0082\u0004\u00a80\u0082\u0003\u0090\u00a0\u0003\u0002\u0001\u0002\u0002\t\u0000\u00d5\u0085\u00b8l}\u00d3N\u00f50\r\u0006\t*\u0086H\u0086\u00f7\r\u0001\u0001\u0004\u0005\u00000\u0081\u00941\u000b0\t\u0006\u0003U\u0004\u0006\u0013\u0002US1\u00130\u0011\ Length: 4395
Source: SM-Covid-19_it.softmining.projects.covid19.savelifestyle_V51.apkTotal valid method names: 28%
Source: d.b.c.l.d0.a.e;-><init>:2API Call: Real call: public static java.lang.String android.os.SystemProperties.get(java.lang.String)
Source: d.b.c.l.d0.a.e;-><init>:4API Call: Real call: public static java.lang.String android.os.SystemProperties.get(java.lang.String)
Source: com.google.android.gms.dynamite.DynamiteModule;->a:25API Call: Real call: public static final java.lang.String com.google.android.gms.dynamite.descriptors.com.google.android.gms.measurement.dynamite.ModuleDescriptor.MODULE_ID
Source: com.google.android.gms.dynamite.DynamiteModule;->d:133API Call: Real call: public static java.lang.ClassLoader com.google.android.gms.dynamite.DynamiteModule$DynamiteLoaderClassLoader.sClassLoader
Source: d.b.f.d1;->b:53API Call: Real call: java.lang.reflect.Field@d263dcc
Source: d.b.f.d1;->b:53API Call: Real call: java.lang.reflect.Field@522c4cd
Source: f.a.j1.r0$c;->a:10API Call: java.util.concurrent.ScheduledThreadPoolExecutor.setRemoveOnCancelPolicy
Source: f.a.j1.r0$c;->a:10API Call: Real call: public void java.util.concurrent.ScheduledThreadPoolExecutor.setRemoveOnCancelPolicy(boolean)
Source: f.a.j1.r0;->d:59API Call: java.net.InetSocketAddress.getHostString
Source: f.a.j1.r0;->d:59API Call: Real call: public final java.lang.String java.net.InetSocketAddress.getHostString()
Source: f.a.k1.p.e;->c:15API Call: com.android.org.conscrypt.OpenSSLSocketImpl.getAlpnSelectedProtocol
Source: f.a.k1.p.e;->c:15API Call: Real call: public final byte[] com.android.org.conscrypt.OpenSSLSocketImpl.getAlpnSelectedProtocol()
Source: f.a.k1.p.e;->c:15API Call: com.android.org.conscrypt.OpenSSLSocketImpl.getNpnSelectedProtocol
Source: f.a.k1.p.e;->d:34API Call: com.android.org.conscrypt.OpenSSLSocketImpl.setUseSessionTickets
Source: f.a.k1.p.e;->d:34API Call: Real call: public abstract void com.android.org.conscrypt.OpenSSLSocketImpl.setUseSessionTickets(boolean)
Source: f.a.k1.p.e;->d:34API Call: com.android.org.conscrypt.OpenSSLSocketImpl.setHostname
Source: f.a.k1.p.e;->c:15API Call: com.android.org.conscrypt.OpenSSLSocketImpl.setAlpnProtocols
Source: f.a.k1.p.e;->c:15API Call: com.android.org.conscrypt.OpenSSLSocketImpl.setNpnProtocols
Source: f.a.k1.p.e;->c:15API Call: com.android.org.conscrypt.OpenSSLSocketImpl.getAlpnSelectedProtocol
Source: f.a.k1.p.e;->c:15API Call: Real call: public final byte[] com.android.org.conscrypt.OpenSSLSocketImpl.getAlpnSelectedProtocol()
Source: j.i0.i.a;->j:88API Call: Real call: null
Source: j.i0.i.a;->j:88API Call: Real call: public static dalvik.system.CloseGuard dalvik.system.CloseGuard.get()
Source: j.i0.i.a;->j:90API Call: dalvik.system.CloseGuard.open
Source: j.i0.i.a;->j:90API Call: Real call: public void dalvik.system.CloseGuard.open(java.lang.String)
Source: j.i0.i.e;->c:30API Call: com.android.org.conscrypt.Java8FileDescriptorSocket.setUseSessionTickets
Source: j.i0.i.e;->c:30API Call: Real call: public final void com.android.org.conscrypt.ConscryptFileDescriptorSocket.setUseSessionTickets(boolean)
Source: j.i0.i.e;->c:30API Call: com.android.org.conscrypt.Java8FileDescriptorSocket.setHostname
Source: j.i0.i.e;->b:11API Call: com.android.org.conscrypt.Java8FileDescriptorSocket.setAlpnProtocols
Source: j.i0.i.e;->b:11API Call: com.android.org.conscrypt.Java8FileDescriptorSocket.getAlpnSelectedProtocol
Source: j.i0.i.e;->b:11API Call: Real call: public final byte[] com.android.org.conscrypt.OpenSSLSocketImpl.getAlpnSelectedProtocol()
Source: d.b.a.b.i.b.ka;->h:61API Call: Real call: null
Source: d.b.a.b.i.b.ka;->h:61API Call: Real call: public static java.lang.String android.os.SystemProperties.get(java.lang.String,java.lang.String)
Source: d.b.a.b.i.b.t7;->A:97API Call: Real call: null
Source: d.b.a.b.i.b.t7;->A:97API Call: Real call: public static com.google.firebase.analytics.FirebaseAnalytics com.google.firebase.analytics.FirebaseAnalytics.getInstance(android.content.Context)
Source: d.b.a.b.i.b.t7;->A:100API Call: com.google.firebase.analytics.FirebaseAnalytics.getFirebaseInstanceId
Source: d.b.a.b.i.b.t7;->A:100API Call: Real call: public final java.lang.String com.google.firebase.analytics.FirebaseAnalytics.getFirebaseInstanceId()
Source: it.softmining.projects.covid19.savelifestyle.Softmining_Covid19$c;->run:81API Call: java.lang.reflect.Method.invoke
Source: d.b.b.a.i;-><clinit>:10API Call: java.lang.reflect.Method.invoke
Source: d.b.b.a.i;->a:15API Call: java.lang.reflect.Method.invoke
Source: d.b.c.l.d0.a.e;->a:10API Call: java.lang.reflect.Method.invoke
Source: androidx.activity.ImmLeaksCleaner;->d:16API Call: java.lang.reflect.Field.get
Source: androidx.activity.ImmLeaksCleaner;->d:18API Call: java.lang.reflect.Field.get
Source: kotlinx.coroutines.android.AndroidExceptionPreHandler;->handleException:19API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.app.AppCompatViewInflater$a;->onClick:38API Call: java.lang.reflect.Method.invoke
Source: d.b.a.b.i.b.k6;->C:54API Call: java.lang.reflect.Method.invoke
Source: a.a.b.b.a;->A:9API Call: java.lang.reflect.Field.get
Source: a.a.b.b.a;->C:28API Call: java.lang.reflect.Method.invoke
Source: a.a.b.b.a;->j0:854API Call: java.lang.reflect.Method.invoke
Source: a.a.b.b.a;->t0:1043API Call: java.lang.reflect.Method.invoke
Source: a.a.b.b.a;->z:1293API Call: java.lang.reflect.Field.get
Source: d.b.a.d.a.c.w;-><clinit>:5API Call: java.lang.reflect.Field.get
Source: com.google.android.material.chip.Chip;->dispatchHoverEvent:213API Call: java.lang.reflect.Field.get
Source: com.google.android.material.chip.Chip;->dispatchHoverEvent:221API Call: java.lang.reflect.Method.invoke
Source: d.d.a;->a:67API Call: java.lang.reflect.Method.invoke
Source: d.d.b4;-><init>:6API Call: java.lang.reflect.Method.invoke
Source: d.d.b4;-><init>:13API Call: java.lang.reflect.Field.get
Source: d.d.b4;->a:22API Call: java.lang.reflect.Field.get
Source: d.d.c4;->b:27API Call: java.lang.reflect.Method.invoke
Source: d.d.d4$a;->onServiceConnected:8API Call: java.lang.reflect.Method.invoke
Source: d.d.d4;->a:34API Call: java.lang.reflect.Method.invoke
Source: d.d.e4;->run:20API Call: java.lang.reflect.Method.invoke
Source: d.d.e2;->t:605API Call: java.lang.reflect.Method.invoke
Source: d.d.e2;->u:668API Call: java.lang.reflect.Method.invoke
Source: d.d.l1$a;->run:5API Call: java.lang.reflect.Method.invoke
Source: d.d.l1;->a:15API Call: java.lang.reflect.Method.invoke
Source: d.d.o;->c:8API Call: java.lang.reflect.Method.invoke
Source: d.d.o;->j:71API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.IconCompat;->c:40API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.IconCompat;->d:56API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.IconCompat;->e:74API Call: java.lang.reflect.Method.invoke
Source: com.google.android.gms.dynamite.DynamiteModule;->a:27API Call: java.lang.reflect.Field.get
Source: d.b.a.b.e.b;->j:9API Call: java.lang.reflect.Field.get
Source: d.b.a.b.g.e.f;-><clinit>:5API Call: java.lang.reflect.Field.get
Source: j.i0.e.c;->c:63API Call: java.lang.reflect.Method.invoke
Source: c.i.e.b$c;->onActivityPaused:5API Call: java.lang.reflect.Field.get
Source: c.i.e.b$c;->onActivityPaused:7API Call: java.lang.reflect.Field.get
Source: c.i.e.c;->run:8API Call: java.lang.reflect.Method.invoke
Source: c.i.e.c;->run:13API Call: java.lang.reflect.Method.invoke
Source: c.i.e.b;->b:35API Call: java.lang.reflect.Field.get
Source: c.i.e.b;->b:37API Call: java.lang.reflect.Field.get
Source: c.i.e.b;->b:50API Call: java.lang.reflect.Method.invoke
Source: c.i.e.g;-><init>:10API Call: java.lang.reflect.Method.invoke
Source: c.i.e.p;->a:25API Call: java.lang.reflect.Field.get
Source: c.i.e.p;->a:29API Call: java.lang.reflect.Method.invoke
Source: d.b.f.k0;-><init>:7API Call: java.lang.reflect.Method.invoke
Source: d.b.f.q;->a:11API Call: java.lang.reflect.Method.invoke
Source: d.b.f.t1$a;->a:4API Call: java.lang.reflect.Field.get
Source: d.b.f.y;->u:22API Call: java.lang.reflect.Method.invoke
Source: d.b.a.b.g.g.b5;->a:19API Call: java.lang.reflect.Method.invoke
Source: d.b.a.b.g.g.b5;->a:27API Call: java.lang.reflect.Method.invoke
Source: d.b.a.b.g.g.i4;-><clinit>:5API Call: java.lang.reflect.Field.get
Source: d.b.a.b.g.g.n8;->run:4API Call: java.lang.reflect.Field.get
Source: d.b.a.b.g.g.w6;-><init>:7API Call: java.lang.reflect.Method.invoke
Source: d.b.a.b.g.g.x5;->b:48API Call: java.lang.reflect.Method.invoke
Source: d.b.a.b.g.g.y5;->o:22API Call: java.lang.reflect.Method.invoke
Source: c.i.g.e;->g:6API Call: java.lang.reflect.Method.invoke
Source: c.i.g.f;->g:22API Call: java.lang.reflect.Method.invoke
Source: c.i.g.f;->h:28API Call: java.lang.reflect.Method.invoke
Source: c.i.g.e;->a:41API Call: java.lang.reflect.Method.invoke
Source: c.i.g.h;->k:9API Call: java.lang.reflect.Method.invoke
Source: c.i.g.g;->b:56API Call: java.lang.reflect.Method.invoke
Source: c.i.g.g;->i:71API Call: java.lang.reflect.Method.invoke
Source: c.i.g.g;->j:79API Call: java.lang.reflect.Method.invoke
Source: c.i.g.g;->k:87API Call: java.lang.reflect.Method.invoke
Source: c.i.g.g;->l:89API Call: java.lang.reflect.Method.invoke
Source: d.b.a.c.g0.h;->c:979API Call: java.lang.reflect.Field.get
Source: d.b.a.c.g0.h;->c:984API Call: java.lang.reflect.Field.get
Source: d.b.a.c.g0.h;->c:988API Call: java.lang.reflect.Field.get
Source: d.b.a.c.g0.h;->c:992API Call: java.lang.reflect.Field.get
Source: j.i0.i.a$b;->a:4API Call: java.lang.reflect.Method.invoke
Source: j.i0.i.a$a;->a:7API Call: java.lang.reflect.Method.invoke
Source: j.i0.i.c;->f:12API Call: java.lang.reflect.Method.invoke
Source: j.i0.i.c;->i:17API Call: java.lang.reflect.Method.invoke
Source: j.i0.i.d$a;->invoke:30API Call: java.lang.reflect.Method.invoke
Source: j.i0.i.a;->k:95API Call: java.lang.reflect.Method.invoke
Source: j.i0.i.d;->a:18API Call: java.lang.reflect.Method.invoke
Source: j.i0.i.a;->m:113API Call: java.lang.reflect.Method.invoke
Source: j.i0.i.a;->n:117API Call: java.lang.reflect.Method.invoke
Source: j.i0.i.d;->f:28API Call: java.lang.reflect.Method.invoke
Source: j.i0.i.a;->n:120API Call: java.lang.reflect.Method.invoke
Source: j.i0.i.d;->i:32API Call: java.lang.reflect.Method.invoke
Source: c.b.o.i.d;->w:187API Call: java.lang.reflect.Method.invoke
Source: com.onesignal.shortcutbadger.impl.OPPOHomeBader;->a:19API Call: java.lang.reflect.Method.invoke
Source: com.onesignal.shortcutbadger.impl.XiaomiHomeBadger;->a:56API Call: java.lang.reflect.Field.get
Source: com.onesignal.shortcutbadger.impl.XiaomiHomeBadger;->a:62API Call: java.lang.reflect.Method.invoke
Source: d.b.a.b.j.a;->a:37API Call: java.lang.reflect.Method.invoke
Source: d.b.c.s.j0.k;->b:65API Call: java.lang.reflect.Method.invoke
Source: d.b.c.s.j0.k;->b:70API Call: java.lang.reflect.Field.get
Source: f.a.j1.b;->a:60API Call: java.lang.reflect.Method.invoke
Source: f.a.j1.b;->a:68API Call: java.lang.reflect.Method.invoke
Source: f.a.j1.n2;->a:27API Call: java.lang.reflect.Method.invoke
Source: c.i.g.k.d;->isProjected:18API Call: java.lang.reflect.Method.invoke
Source: c.b.k.k;->q:442API Call: java.lang.reflect.Field.get
Source: c.b.k.k;->q:451API Call: java.lang.reflect.Field.get
Source: c.b.k.k;->q:461API Call: java.lang.reflect.Field.get
Source: c.b.k.k;->q:468API Call: java.lang.reflect.Field.get
Source: d.b.a.b.l.a;-><init>:37API Call: java.lang.reflect.Method.invoke
Source: d.b.a.b.l.a;-><init>:40API Call: java.lang.reflect.Method.invoke
Source: c.i.m.d;->a:11API Call: java.lang.reflect.Method.invoke
Source: c.i.m.d;->a:22API Call: java.lang.reflect.Field.get
Source: c.i.m.q;->a:7API Call: java.lang.reflect.Method.invoke
Source: c.i.m.v$a;-><init>:8API Call: java.lang.reflect.Field.get
Source: c.i.m.m;->g:229API Call: java.lang.reflect.Field.get
Source: com.google.android.gms.measurement.AppMeasurement;->getInstance:11API Call: java.lang.reflect.Method.invoke
Source: c.i.n.d;->onPrepareActionMode:30API Call: java.lang.reflect.Method.invoke
Source: c.o.a$a;->a:18API Call: java.lang.reflect.Method.invoke
Source: c.o.a$a;->a:20API Call: java.lang.reflect.Method.invoke
Source: c.o.a$a;->a:22API Call: java.lang.reflect.Method.invoke
Source: c.b.o.f$a;->onMenuItemClick:18API Call: java.lang.reflect.Method.invoke
Source: c.b.o.f$a;->onMenuItemClick:22API Call: java.lang.reflect.Method.invoke
Source: c.b.o.f$b;->c:52API Call: java.lang.reflect.Method.invoke
Source: f.a.k1.p.i$b;->c:14API Call: java.lang.reflect.Method.invoke
Source: f.a.k1.p.i$b;->d:19API Call: java.lang.reflect.Method.invoke
Source: f.a.k1.p.i$c;->a:3API Call: java.lang.reflect.Method.invoke
Source: f.a.k1.p.i$c;->c:18API Call: java.lang.reflect.Method.invoke
Source: f.a.k1.p.i$c;->d:22API Call: java.lang.reflect.Method.invoke
Source: f.a.k1.p.i$d;->invoke:30API Call: java.lang.reflect.Method.invoke
Source: f.a.k1.p.i;-><clinit>:70API Call: java.lang.reflect.Method.invoke
Source: c.b.p.c1;->a:10API Call: java.lang.reflect.Method.invoke
Source: c.b.p.c1;->c:21API Call: java.lang.reflect.Method.invoke
Source: c.b.p.j0;->f:79API Call: java.lang.reflect.Method.invoke
Source: c.b.p.j0;->f:134API Call: java.lang.reflect.Method.invoke
Source: c.b.p.j0;->f:149API Call: java.lang.reflect.Method.invoke
Source: c.b.p.z;->e:22API Call: java.lang.reflect.Method.invoke
Source: c.b.p.z;->f:164API Call: java.lang.reflect.Method.invoke
Source: d.b.a.b.d.s.h;->a:30API Call: java.lang.reflect.Method.invoke
Source: d.b.a.b.d.s.h;->a:37API Call: java.lang.reflect.Method.invoke
Source: org.altbeacon.beacon.service.BeaconService;->onCreate:79API Call: java.lang.reflect.Field.get
Source: androidx.appcompat.widget.SearchView$SearchAutoComplete;->onWindowFocusChanged:48API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.SearchView;->C:176API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.SearchView;->t:458API Call: java.lang.reflect.Method.invoke
Source: androidx.appcompat.widget.SearchView;->t:462API Call: java.lang.reflect.Method.invoke
Source: c.x.c0;->d:17API Call: java.lang.reflect.Method.invoke
Source: c.z.a;->k:52API Call: java.lang.reflect.Method.invoke
Source: c.z.a;->o:79API Call: java.lang.reflect.Method.invoke

Persistence and Installation Behavior:

barindex
Drops a new APK fileShow sources
Source: Android AppFile dump: /data/app/it.softmining.projects.covid19.savelifestyle-zcBxyg0PT6Gq20Ahp-doRA==/base.apkJump to dropped file
Source: d.b.c.n.e.s.d$a;->a:52API Call: java.io.FileWriter.<init>
Source: submitted apkRequest permission: android.permission.RECEIVE_BOOT_COMPLETED
Source: it.softmining.projects.covid19.savelifestyle.Softmining_Covid19;->onCreate:188API Call: android.os.PowerManager.newWakeLock
Source: c.n.a.a;->b:30API Call: android.os.PowerManager.newWakeLock
Source: g.a.a.a.a.h;->l:466API Call: android.os.PowerManager.newWakeLock
Source: c.i.e.e$c;-><init>:11API Call: android.os.PowerManager.newWakeLock
Source: c.i.e.e$c;-><init>:19API Call: android.os.PowerManager.newWakeLock
Source: g.a.a.a.a.i.a;->d:106API Call: android.os.PowerManager.newWakeLock
Source: g.a.a.a.a.i.a;->e:181API Call: android.os.PowerManager.newWakeLock
Source: d.b.a.b.l.a;-><init>:21API Call: android.os.PowerManager.newWakeLock
Source: com.onesignal.JobIntentService$CompatWorkEnqueuer;-><init>:11API Call: android.os.PowerManager.newWakeLock
Source: com.onesignal.JobIntentService$CompatWorkEnqueuer;-><init>:19API Call: android.os.PowerManager.newWakeLock
Source: d.b.c.v.e0;-><init>:6API Call: android.os.PowerManager.newWakeLock
Source: d.b.c.z.w;-><init>:6API Call: android.os.PowerManager.newWakeLock
Source: it.softmining.projects.covid19.savelifestyle.DeviceBootLoader.OnBootReceiver;->onReceive:23API Call: android.content.Context.startService (not executed)
Source: it.softmining.projects.covid19.savelifestyle.DeviceBootLoader.OnBootReceiver;->onReceive:27API Call: android.content.Context.startService (not executed)
Source: com.onesignal.GcmBroadcastReceiver;->onReceive:63API Call: android.content.BroadcastReceiver.abortBroadcast
Source: com.onesignal.GcmBroadcastReceiver;->onReceive:68API Call: android.content.BroadcastReceiver.abortBroadcast
Source: submitted apkRequest permission: android.permission.SYSTEM_ALERT_WINDOW
Source: submitted apkRequest permission: android.permission.BLUETOOTH_ADMIN
Source: l.a.a.f;-><init>:11API Call: android.app.ActivityManager.getRunningAppProcesses
Source: l.a.a.f;-><init>:23API Call: android.app.ActivityManager.getRunningAppProcesses
Source: d.b.c.n.e.k.g;->h:61API Call: android.app.ActivityManager.getRunningAppProcesses
Source: org.altbeacon.beacon.service.BeaconService;->onCreate:47API Call: android.app.ActivityManager.getRunningAppProcesses
Source: org.altbeacon.beacon.service.ScanJob;->b:41API Call: android.app.ActivityManager.getRunningAppProcesses
Source: d.b.c.z.e;->a:13API Call: android.app.ActivityManager.getRunningAppProcesses
Source: d.b.c.n.e.k.g;->t:156API Call: java.security.MessageDigest.getInstance
Source: d.b.c.n.e.k.g;->t:157API Call: java.security.MessageDigest.update
Source: d.b.c.n.e.k.g;->e:35API Call: java.security.MessageDigest.digest
Source: d.b.c.v.c1;->b:47API Call: java.security.MessageDigest.getInstance
Source: d.b.c.v.c1;->b:49API Call: java.security.MessageDigest.digest
Source: d.b.a.b.d.s.a;->a:1API Call: java.security.MessageDigest.getInstance
Source: d.b.c.x.p.c;->b:93API Call: java.security.MessageDigest.digest
Source: d.b.c.n.e.k.g;->t:157API Call: java.security.MessageDigest.update
Source: d.b.c.n.e.k.f;-><init>:20API Call: java.security.MessageDigest.digest
Source: d.b.c.x.p.c;->b:93API Call: java.security.MessageDigest.digest
Source: d.b.c.x.p.c;->b:93API Call: java.security.MessageDigest.digest
Source: d.b.a.b.i.b.w9;->A0:8API Call: java.security.MessageDigest.getInstance
Source: d.b.a.b.i.b.t7;->A:61API Call: java.security.MessageDigest.digest
Source: d.b.c.x.p.c;->b:93API Call: java.security.MessageDigest.digest
Source: d.b.c.x.p.c;->b:93API Call: java.security.MessageDigest.digest
Source: d.b.c.x.p.c;->b:93API Call: java.security.MessageDigest.digest
Source: d.b.c.x.p.c;->b:93API Call: java.security.MessageDigest.digest
Source: d.b.c.v.c1;->b:49API Call: java.security.MessageDigest.digest
Source: d.b.c.x.p.c;->b:93API Call: java.security.MessageDigest.digest
Source: d.b.c.x.p.c;->b:93API Call: java.security.MessageDigest.digest
Source: d.b.c.v.c1;->b:49API Call: java.security.MessageDigest.digest
Source: d.b.c.x.p.c;->b:93API Call: java.security.MessageDigest.digest
Source: d.b.c.x.p.c;->b:93API Call: java.security.MessageDigest.digest
Source: d.b.c.v.c1;->b:49API Call: java.security.MessageDigest.digest
Source: d.b.c.x.p.c;->b:93API Call: java.security.MessageDigest.digest
Source: d.b.c.x.p.c;->b:93API Call: java.security.MessageDigest.digest
Source: d.b.a.b.i.b.o4;->w:97API Call: java.security.MessageDigest.digest
Source: d.b.a.b.i.b.t9;->v:688API Call: java.security.MessageDigest.digest
Source: d.b.a.d.a.c.m;->a:9API Call: java.security.MessageDigest.getInstance
Source: d.b.a.d.a.c.m;->a:10API Call: java.security.MessageDigest.update
Source: d.b.a.d.a.c.m;->a:11API Call: java.security.MessageDigest.digest
Source: d.b.a.b.d.x;->call:10API Call: java.security.MessageDigest.digest
Source: d.b.a.c.g0.h;->h:1161API Call: java.security.MessageDigest.getInstance
Source: d.b.a.c.g0.h;->h:1167API Call: java.security.MessageDigest.update
Source: d.b.a.c.g0.h;->h:1172API Call: java.security.MessageDigest.digest
Source: d.b.c.n.e.k.g;->t:158API Call: java.security.MessageDigest.digest
Source: k.i;->k:51API Call: java.security.MessageDigest.getInstance
Source: k.i;->k:53API Call: java.security.MessageDigest.digest
Source: d.b.c.x.o.b;->a:41API Call: java.security.MessageDigest.getInstance
Source: d.b.c.x.o.b;->a:42API Call: java.security.MessageDigest.digest
Source: Ld/b/a/b/d/s/f;->a()Ljava/lang/String;Method string: "/proc/"
Source: d.b.a.b.g.g.d2;->a:4Field Access: android.os.Build.TYPE
Source: d.b.a.b.g.g.d2;->a:5Field Access: android.os.Build.TAGS
Source: d.b.c.n.e.k.g;->q:137Field Access: android.os.Build.PRODUCT
Source: d.b.c.n.e.k.g;->q:140Field Access: android.os.Build.PRODUCT
Source: d.b.c.n.e.k.g;->s:145Field Access: android.os.Build.TAGS
Source: it.softmining.projects.covid19.savelifestyle.AppConfig.Permissions_Setting$c;->onClick:14Field Access: android.os.Build.BRAND
Source: it.softmining.projects.covid19.savelifestyle.RealtimeContactsViewer;->onCreate:33Field Access: android.os.Build.BRAND
Source: it.softmining.projects.covid19.savelifestyle.RealtimeContactsViewer;->onCreate:40Field Access: android.os.Build.MODEL
Source: g.a.a.a.a.k;->c:153Field Access: android.os.Build.BRAND
Source: g.a.a.a.a.k;->c:156Field Access: android.os.Build.MODEL
Source: g.a.a.a.a.h;->g:376Field Access: android.os.Build.BRAND
Source: g.a.a.a.a.h;->g:379Field Access: android.os.Build.BRAND
Source: g.a.a.a.a.h;->g:382Field Access: android.os.Build.BRAND
Source: g.a.a.a.a.h;->g:385Field Access: android.os.Build.BRAND
Source: d.b.a.b.i.b.k6;->K:606Field Access: android.os.Build$VERSION.RELEASE
Source: d.b.a.b.i.b.l9;->C:693Field Access: android.os.Build.MODEL
Source: d.b.a.b.i.b.l9;->C:698Field Access: android.os.Build$VERSION.RELEASE
Source: d.b.a.d.a.c.m;->a:16Field Access: android.os.Build.TAGS
Source: d.b.a.d.a.c.m;->a:19Field Access: android.os.Build.TAGS
Source: d.d.e2;->b:207Field Access: android.os.Build$VERSION.RELEASE
Source: d.d.e2;->b:229Field Access: android.os.Build.MODEL
Source: d.b.a.b.d.j;->e:38Field Access: android.os.Build.TYPE
Source: d.b.a.a.i.e;->a:21Field Access: android.os.Build.MODEL
Source: d.b.a.a.i.e;->a:29Field Access: android.os.Build.DEVICE
Source: d.b.a.a.i.e;->a:33Field Access: android.os.Build.PRODUCT
Source: d.b.a.a.i.e;->a:37Field Access: android.os.Build.ID
Source: d.b.a.a.i.e;->a:41Field Access: android.os.Build.MANUFACTURER
Source: d.b.a.a.i.e;->a:45Field Access: android.os.Build.FINGERPRINT
Source: com.onesignal.shortcutbadger.impl.XiaomiHomeBadger;->a:33Field Access: android.os.Build.MANUFACTURER
Source: d.b.c.n.e.k.t;->b:111Field Access: android.os.Build$VERSION.RELEASE
Source: d.b.c.n.e.k.t;->b:125Field Access: android.os.Build.CPU_ABI
Source: d.b.c.n.e.k.t;->b:135Field Access: android.os.Build.MODEL
Source: d.b.c.n.e.k.t;->b:143Field Access: android.os.Build.MANUFACTURER
Source: d.b.c.n.e.k.t;->b:144Field Access: android.os.Build.PRODUCT
Source: d.b.c.n.e.k.t;->b:181Field Access: android.os.Build$VERSION.RELEASE
Source: d.b.c.n.e.k.t;->b:196Field Access: android.os.Build.CPU_ABI
Source: d.b.c.n.e.k.t;->b:212Field Access: android.os.Build.MANUFACTURER
Source: d.b.c.n.e.k.t;->b:213Field Access: android.os.Build.PRODUCT
Source: d.b.c.n.e.k.t;->b:216Field Access: android.os.Build.MODEL
Source: l.a.a.n.f;-><init>:1Field Access: android.os.Build$VERSION.RELEASE
Source: l.a.a.n.f;-><init>:2Field Access: android.os.Build.ID
Source: l.a.a.n.f;-><init>:3Field Access: android.os.Build.MODEL
Source: l.a.a.n.f;-><init>:4Field Access: android.os.Build.MANUFACTURER
Source: l.a.a.n.g;-><init>:16Field Access: android.os.Build$VERSION.RELEASE
Source: l.a.a.n.g;-><init>:17Field Access: android.os.Build.ID
Source: l.a.a.n.g;-><init>:18Field Access: android.os.Build.MODEL
Source: l.a.a.n.g;-><init>:19Field Access: android.os.Build.MANUFACTURER
Source: d.b.c.n.b;->a:98Field Access: android.os.Build.MANUFACTURER
Source: d.b.c.n.b;->a:100Field Access: android.os.Build.MODEL
Source: d.b.c.n.b;->a:106Field Access: android.os.Build$VERSION.RELEASE
Source: l.a.a.p.r.g;->o:58Field Access: android.os.Build.MANUFACTURER
Source: l.a.a.p.r.g;->o:67Field Access: android.os.Build.MANUFACTURER
Source: org.altbeacon.beacon.service.BeaconService;->onTaskRemoved:129Field Access: android.os.Build$VERSION.RELEASE
Source: org.altbeacon.beacon.service.BeaconService;->onTaskRemoved:132Field Access: android.os.Build$VERSION.RELEASE
Source: org.altbeacon.beacon.service.BeaconService;->onTaskRemoved:135Field Access: android.os.Build$VERSION.RELEASE
Source: com.google.android.material.textfield.TextInputEditText;->onAttachedToWindow:12Field Access: android.os.Build.MANUFACTURER
Source: d.d.x4.c;->a:59Field Access: android.os.Build.MANUFACTURER
Source: d.d.x4.c;->a:63Field Access: android.os.Build.MANUFACTURER
Source: d.d.x4.c;->a:67Field Access: android.os.Build.MANUFACTURER
Source: Ld/b/c/n/e/m/a$h;->a(Ljava/lang/Object;Ljava/lang/Object;)VMethod string: "os"
Source: Ld/d/r0$c;-><init>()VMethod string: "android"
Source: Ld/b/c/n/e/m/a$q;->a(Ljava/lang/Object;Ljava/lang/Object;)VMethod string: "type"
Source: Ld/b/a/b/d/d;->toString()Ljava/lang/String;Method string: "version"
Source: Ld/b/a/a/i/b/b$a;->a(Ljava/lang/Object;Ljava/lang/Object;)VMethod string: "manufacturer"
Source: Ld/b/c/l/z;->j()Lorg/json/JSONObject;Method string: "phone"
Source: Ld/b/c/x/p/c;->f(Ljava/net/HttpURLConnection;Ljava/lang/String;Ljava/lang/String;)VMethod string: "appid"
Source: Ld/b/a/a/i/b/b$a;->a(Ljava/lang/Object;Ljava/lang/Object;)VMethod string: "model"
Source: Ld/b/c/u/c$a;-><clinit>()VMethod string: "sdk"
Source: Lf/a/j1/n;-><init>(Lf/a/j1/o;Lf/a/j1/b3;)VMethod string: "time"
Source: Lc/q/a/a;->c(Landroid/content/Intent;)ZMethod string: "category"
Source: Lg/a/a/a/a/k;->c(Ll/a/a/c;)VMethod string: "brand"
Source: d.b.a.b.i.b.l9;->C:672API Call: android.provider.Settings$Secure.getString
Source: l.a.a.n.g;-><init>:13API Call: android.provider.Settings$Secure.getString
Source: androidBinary or memory string: {"sdkVersion":"17.1.1","gmpAppId":"1:702408125253:android:e542019612e165dc27ac2c","platform":4,"installationUuid":"172580e7b18549679fa79f80d2e2ebef","buildVersion":"35","displayVersion":"5.1","session":{"generator":"Crashlytics Android SDK/17.1.1","identifier":"NjBDMEU0RDIwMTgwMDAwMTE3RjE5NkJFNUE1QkQ3MUY=","startedAt":1623254226,"crashed":false,"app":{"identifier":"it.softmining.projects.covid19.savelifestyle","version":"35","displayVersion":"5.1","installationUuid":"172580e7b18549679fa79f80d2e2ebef"},"os":{"platform":3,"version":"9","buildVersion":"REL","jailbroken":false},"device":{"arch":0,"model":"VMware Virtual Platform","cores":2,"ram":2114998272,"diskSpace":10498347008,"simulator":false,"state":0,"manufacturer":"VMware, Inc.","modelClass":"android_x86"},"generatorType":3}}
Source: d.b.c.n.e.k.g;->j:77API Call: android.os.Debug.isDebuggerConnected
Source: d.b.c.n.e.k.g;->s:149API Call: java.io.File.<init>("/system/app/Superuser.apk")
Source: Ld/d/e2;->b()VMethod string: "/sbin/", "su" and API call "File.exists" in same context
Source: d.b.a.d.a.c.m;->a:21API Call: java.lang.String.contains("test-keys")
Source: d.b.a.b.g.g.d2;->a:13API Call: java.lang.String.contains("test-keys")
Source: d.b.c.n.e.k.g;->s:147API Call: java.lang.String.contains("test-keys")
Source: d.d.e2;->b:243API Call: android.telephony.TelephonyManager.getNetworkOperatorName
Source: d.c.a.a;->b:44API Call: android.content.pm.PackageManager.getInstalledApplications
Source: d.c.a.a;->c:56API Call: android.content.pm.PackageManager.getInstalledApplications
Source: d.b.a.b.k.b.a;->r:64API Call: android.accounts.Account.name
Source: submitted apkRequest permission: android.permission.ACCESS_COARSE_LOCATION
Source: submitted apkRequest permission: android.permission.ACCESS_FINE_LOCATION
Source: Landroidx/recyclerview/widget/RecyclerView$v;->i(Landroidx/recyclerview/widget/RecyclerView$d0;)VMethod string: "trying to recycle an ignored view holder. you should first call stopignoringview(view) before calling recycle."
Source: Landroidx/recyclerview/widget/GridLayoutManager;->B1(Z)VMethod string: "gridlayoutmanager does not support stack from end. consider using reverse layout"
Source: Ld/d/e2$f;-><clinit>()VMethod string: "app_open"
Source: Lf/a/j1/p;->j(Lf/a/f$a;Lf/a/n0;)VMethod string: "clientcall started after deadline exceeded: "
Source: Ld/b/a/b/i/b/e6;-><clinit>()VMethod string: "app_update"
Source: Landroidx/recyclerview/widget/RecyclerView$v;->i(Landroidx/recyclerview/widget/RecyclerView$d0;)VInstruction: "const-string v0, "trying to recycle an ignored view holder. you should first call stopignoringview(view) before calling recycle.""
Source: Lc/b/m/a/a$e;->b()VInstruction: "landroid/animation/objectanimator;->reverse()v"
Source: Ld/d/e2$f;-><clinit>()VInstruction: "const-string v1, "app_open""
Source: Lf/a/j1/p;->j(Lf/a/f$a;Lf/a/n0;)VInstruction: "const-string v4, "clientcall started after deadline exceeded: ""
Source: Ld/b/a/b/i/b/e6;-><clinit>()VInstruction: "const-string v6, "app_update""

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Management InstrumentationPath InterceptionPath InterceptionApplication Discovery1Access Stored Application Data1System Network Connections Discovery1Remote ServicesLocation Tracking11Exfiltration Over Other Network MediumEncrypted Channel1Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationDelete Device Data1
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsObfuscated Files or Information1LSASS MemorySecurity Software Discovery1Remote Desktop ProtocolNetwork Information Discovery2Exfiltration Over BluetoothNon-Standard Port1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerLocation Tracking11SMB/Windows Admin SharesAccess Stored Application Data1Automated ExfiltrationApplication Layer Protocol1Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Binary PaddingNTDSApplication Discovery1Distributed Component Object ModelInput CaptureScheduled TransferProtocol ImpersonationSIM Card SwapCarrier Billing Fraud
Cloud AccountsCronNetwork Logon ScriptNetwork Logon ScriptSoftware PackingLSA SecretsSystem Information Discovery1SSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
Replication Through Removable MediaLaunchdRc.commonRc.commonSteganographyCached Domain CredentialsProcess Discovery1VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.