Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Android Analysis Report
Cliente m#U00f3vil @firma 1.7.2 1.7.2.apk

Overview

General Information

Sample Name:Cliente m#U00f3vil @firma 1.7.2 1.7.2.apk
Analysis ID:764028
MD5:5a9163b46f5c743ed3a84224c195defb
SHA1:595d00ab197ef314f5872fd5c251727825836238
SHA256:2b4f1d122c8171dccd799e0356b52dcafefba647c72e5652835e2317425f6094
Infos:

Detection

Score:8
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Opens an internet connection
May access the Android keyguard (lock screen)
Lists and deletes files in the same context
Detected TCP or UDP traffic on non-standard ports
Has functionality to send UDP packets
Installs a new wake lock (to get activate on phone screen on)
Checks an internet connection is available
Accesses android OS build fields
Executes native commands
Installs an application shortcut on the screen
Performs DNS lookups (Java API)
Requests potentially dangerous permissions
Queries several sensitive phone informations
Potential date aware sample found
May take a camera picture
Uses reflection

Classification

Yara Signatures

No yara matches

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: es.gob.afirma.android.FileChooserActivity;->onCreate:80API Call: android.os.Environment.getExternalStorageState
Source: es.gob.afirma.android.FileChooserActivity;->onCreate:83API Call: android.os.Environment.getExternalStorageDirectory
Source: es.gob.afirma.android.SaveDataActivity;->onCreate:110API Call: android.os.Environment.getExternalStorageState
Source: es.gob.afirma.android.SaveDataActivity;->onCreate:113API Call: android.os.Environment.getExternalStorageDirectory
Source: androidx.core.content.FileProvider;->parsePathStrategy:63API Call: android.os.Environment.getExternalStorageDirectory
Source: androidx.core.os.EnvironmentCompat;->getStorageState:2API Call: android.os.Environment.getExternalStorageState
Source: androidx.core.os.EnvironmentCompat;->getStorageState:5API Call: android.os.Environment.getExternalStorageDirectory
Source: androidx.core.os.EnvironmentCompat;->getStorageState:8API Call: android.os.Environment.getExternalStorageState
Source: es.gob.afirma.android.crypto.AndroidHttpManager;->readUrl:37API Call: java.net.URL.openConnection (not executed)
Source: es.gob.afirma.core.misc.http.UrlHttpManagerImpl;->readUrl:176API Call: java.net.URL.openConnection (not executed)
Source: es.gob.afirma.core.misc.http.UrlHttpManagerImpl;->readUrl:178API Call: java.net.URL.openConnection (not executed)
Source: es.gob.afirma.signers.tsp.pkcs7.CMSTimestamper;->prepareConnection:197API Call: java.net.URL.openConnection (not executed)
Source: org.spongycastle.x509.PKIXCertPathReviewer;->getCRL:616API Call: java.net.URL.openConnection (not executed)
Source: global trafficTCP traffic: 192.168.2.30:56068 -> 8.8.4.4:853
Source: androidx.core.net.ConnectivityManagerCompat;->getNetworkInfoFromBroadcast:5API Call: android.net.ConnectivityManager.getNetworkInfo
Source: androidx.core.net.ConnectivityManagerCompat;->isActiveNetworkMetered:8API Call: android.net.ConnectivityManager.getActiveNetworkInfo
Source: es.gob.afirma.core.misc.http.UrlHttpManagerImpl;->isLocal:71API Call: java.net.InetAddress.getByName (not executed)
Source: es.gob.afirma.core.misc.http.URLName;->getHostAddress:55API Call: java.net.InetAddress.getByName (not executed)
Source: org.spongycastle.est.jcajce.JsseDefaultHostnameAuthorizer;->verify:56API Call: java.net.InetAddress.getByName (not executed)
Source: org.spongycastle.est.jcajce.JsseDefaultHostnameAuthorizer;->verify:59API Call: java.net.InetAddress.getByName (not executed)
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 47664
Source: unknownNetwork traffic detected: HTTP traffic on port 39602 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54604
Source: unknownNetwork traffic detected: HTTP traffic on port 47664 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50870 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 54604 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50458 -> 443
Source: es.gob.afirma.android.crypto.AndroidHttpManager;->readUrl:52API Call: java.net.HttpURLConnection.connect
Source: es.gob.afirma.core.misc.http.UrlHttpManagerImpl;->readUrl:236API Call: java.net.HttpURLConnection.connect
Source: org.spongycastle.x509.PKIXCertPathReviewer;->getCRL:619API Call: java.net.HttpURLConnection.connect
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.170
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.170
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.170
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.170
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.42
Source: unknownTCP traffic detected without corresponding DNS query: 108.177.126.188
Source: unknownTCP traffic detected without corresponding DNS query: 108.177.126.188
Source: unknownTCP traffic detected without corresponding DNS query: 108.177.126.188
Source: unknownTCP traffic detected without corresponding DNS query: 108.177.126.188
Source: unknownTCP traffic detected without corresponding DNS query: 108.177.126.188
Source: unknownTCP traffic detected without corresponding DNS query: 108.177.126.188
Source: unknownTCP traffic detected without corresponding DNS query: 108.177.126.188
Source: unknownTCP traffic detected without corresponding DNS query: 108.177.126.188
Source: unknownTCP traffic detected without corresponding DNS query: 108.177.126.188
Source: unknownTCP traffic detected without corresponding DNS query: 108.177.126.188
Source: unknownTCP traffic detected without corresponding DNS query: 108.177.126.188
Source: unknownTCP traffic detected without corresponding DNS query: 108.177.126.188
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.209.46
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.209.46
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.209.46
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.209.46
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.209.46
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.209.46
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.209.46
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.209.46
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.209.46
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.209.46
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.209.46
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.209.46
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.209.46
Source: unknownTCP traffic detected without corresponding DNS query: 216.58.212.170
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.163
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.138
Source: X9.crtString found in binary or memory: http://crl.acabogacia.org/crl/aca_arl.crl0
Source: zH.cer, Bp.cerString found in binary or memory: http://crl.firmaprofesional.com/caroot.crt0
Source: zH.cer, Bp.cerString found in binary or memory: http://crl.firmaprofesional.com/fproot.crl0
Source: 83.cerString found in binary or memory: http://crl.logalty.es/logaltyCARoot.crl0
Source: aU.cerString found in binary or memory: http://crl1.logalty.es/logaltyCARoot03.crl00
Source: aU.cerString found in binary or memory: http://crl2.logalty.es/logaltyCARoot03.crl0
Source: aU.cerString found in binary or memory: http://crt.logalty.es/certificateauthority/LogaltyCAROOT03.cacert.crt0#
Source: Jb.crt, GM.crt, Yo.crtString found in binary or memory: http://ocsp.accv.es0
Source: zH.cer, Bp.cerString found in binary or memory: http://ocsp.firmaprofesional.com0
Source: X9.crtString found in binary or memory: http://ocsp.redabogacia.org0?
Source: aU.cerString found in binary or memory: http://ocsp1.logalty.es0J
Source: ZT.cerString found in binary or memory: http://ocspfnmtrcmca.cert.fnmt.es/ocspfnmtrcmca/OcspResponder0;
Source: qf.cerString found in binary or memory: http://ocspfnmtssr.cert.fnmt.es/ocspssr/OcspResponder0E
Source: qy1.xml, AndroidManifest.xml, androidString found in binary or memory: http://schemas.android.com/apk/res/android
Source: X9.crtString found in binary or memory: http://www.acabogacia.org/certificados/aca_root.crt0
Source: X9.crtString found in binary or memory: http://www.acabogacia.org/crl/aca_arl.crl
Source: X9.crt, lx.crtString found in binary or memory: http://www.acabogacia.org/doc0
Source: lx.crtString found in binary or memory: http://www.acabogacia.org0
Source: Jb.crtString found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1.crt0
Source: Jb.crt, GM.crt, Yo.crtString found in binary or memory: http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl0
Source: Jb.crt, GM.crt, Yo.crtString found in binary or memory: http://www.accv.es/legislacion_c.htm0U
Source: Jb.crt, GM.crt, Yo.crtString found in binary or memory: http://www.accv.es00
Source: classes.dex, androidString found in binary or memory: http://www.aiim.org/pdfa/ns/id/
Source: classes.dex, androidString found in binary or memory: http://www.bouncycastle.org)
Source: ZT.cerString found in binary or memory: http://www.cert.fnmt.es/certs/ACRAIZFNMTRCM.crt0
Source: qf.cerString found in binary or memory: http://www.cert.fnmt.es/certs/ACRAIZSERVIDORESSEGUROS.crt0F
Source: ZT.cerString found in binary or memory: http://www.cert.fnmt.es/crls/ARLFNMTRCM.crl0
Source: qf.cerString found in binary or memory: http://www.cert.fnmt.es/crls/ARLSERVIDORESSEGUROS.crl0
Source: h3.cer, ZT.cerString found in binary or memory: http://www.cert.fnmt.es/dpcs/0
Source: classes.dex, androidString found in binary or memory: http://www.color.org
Source: ACRAIZ-SHA2.crtString found in binary or memory: http://www.dnie.es/dpc0
Source: 3S.cer, U9.crtString found in binary or memory: http://www.firmaprofesional.com/cps0
Source: zH.cer, Bp.cerString found in binary or memory: http://www.firmaprofesional.com/cps0/
Source: zH.cer, Bp.cerString found in binary or memory: http://www.firmaprofesional.com/cps0;
Source: classes.dex, androidString found in binary or memory: http://www.xfa.org/schema/xfa-data/1.0/
Source: resources.arsc, androidString found in binary or memory: https://administracion.gob.es/pag_Home/politicaDePrivacidad.html
Source: policy.propertiesString found in binary or memory: https://sede.administracion.gob.es/PAG_Sede/dam/jcr:b0de3f91-5171-48e2-81f3-5c2407d9c091/politica_fi
Source: policy.propertiesString found in binary or memory: https://sede.administracion.gob.es/politica_de_firma_anexo_1.pdf
Source: aU.cerString found in binary or memory: https://www.logalty.es/PKI/documentacion/0m
Source: unknownHTTP traffic detected: POST /c2dm/register3 HTTP/1.1Authorization: AidLogin 3976102378291501644:1184905049225720946app: com.google.android.gmsgcm_ver: 210214031User-Agent: Android-GCM/1.5 (x86 PI)content-length: 477content-type: application/x-www-form-urlencodedHost: android.clients.google.comConnection: Keep-AliveAccept-Encoding: gzip
Source: org.spongycastle.crypto.tls.UDPTransport;->send:17API Call: java.net.DatagramSocket.send
Source: org.junit.rules.TemporaryFolder;->recursiveDelete:10API Calls in same method context: File.listFiles,File.delete
Source: androidx.multidex.MultiDex;->clearOldDexDir:58API Calls in same method context: File.listFiles,File.delete
Source: androidx.multidex.MultiDexExtractor;->clearDexDir:66API Calls in same method context: File.listFiles,File.delete
Source: classes.dexString found in binary or memory: Landroid/app/KeyguardManager;
Source: classes.dexString found in binary or memory: keyguard
Source: androidString found in binary or memory: keyguard
Source: androidx.core.app.JobIntentService$CompatWorkEnqueuer;->enqueueWork:27API Call: android.os.PowerManager$WakeLock.acquire
Source: androidx.core.app.JobIntentService$CompatWorkEnqueuer;->serviceProcessingFinished:29API Call: android.os.PowerManager$WakeLock.acquire
Source: androidx.core.app.JobIntentService$CompatWorkEnqueuer;->serviceProcessingStarted:33API Call: android.os.PowerManager$WakeLock.acquire
Source: es.gob.afirma.keystores.KeyStoreUtilities;->getWindowsShortName:296API Call: java.lang.ProcessBuilder.start
Source: submitted apkRequest permission: android.permission.INTERNET
Source: submitted apkRequest permission: android.permission.USE_CREDENTIALS
Source: submitted apkRequest permission: android.permission.WRITE_EXTERNAL_STORAGE
Source: es.gob.afirma.android.gui.AppConfig;->getPreference:4API Call: android.content.SharedPreferences.getBoolean
Source: androidx.core.app.AppLaunchChecker;->hasStartedFromLauncher:5API Call: android.content.SharedPreferences.getBoolean
Source: androidx.core.app.AppLaunchChecker;->onActivityCreate:9API Call: android.content.SharedPreferences.getBoolean
Source: org.apache.harmony.awt.Utils$2;->run:3API Call: java.lang.System.loadLibrary
Source: classification engineClassification label: clean8.andAPK@0/251@0/0
Source: es.gob.afirma.android.crypto.KeyStoreManagerFactory;->initKeyStoreManager:88API Call: java.lang.reflect.Field.get
Source: es.gob.afirma.android.crypto.KeyStoreManagerFactory;->initKeyStoreManager:90API Call: java.lang.reflect.Method.invoke
Source: es.gob.afirma.android.crypto.KeyStoreManagerFactory;->initKeyStoreManager:91API Call: java.lang.reflect.Field.get
Source: es.gob.afirma.android.crypto.KeyStoreManagerFactory;->initKeyStoreManager:97API Call: java.lang.reflect.Field.get
Source: es.gob.afirma.android.crypto.KeyStoreManagerFactory;->initKeyStoreManager:102API Call: java.lang.reflect.Field.get
Source: es.gob.afirma.android.crypto.KeyStoreManagerFactory;->initKeyStoreManager:104API Call: java.lang.reflect.Method.invoke
Source: es.gob.afirma.android.crypto.KeyStoreManagerFactory;->initKeyStoreManager:109API Call: java.lang.reflect.Method.invoke
Source: es.gob.afirma.ui.core.jse.AWTUIManager;->getLoadFiles:15API Call: java.lang.reflect.Method.invoke
Source: es.gob.afirma.ui.core.jse.AWTUIManager;->getLoadFiles:53API Call: java.lang.reflect.Method.invoke
Source: es.gob.afirma.ui.core.jse.JSEUIManager;->showCertificateSelectionDialog:241API Call: java.lang.reflect.Method.invoke
Source: es.gob.afirma.keystores.AOKeyStoreManagerHelperPkcs11;->getP11ProviderJava9:59API Call: java.lang.reflect.Method.invoke
Source: es.gob.afirma.keystores.CAPIKeyStoreManager;->cleanCAPIDuplicateAliases:9API Call: java.lang.reflect.Field.get
Source: es.gob.afirma.keystores.CAPIKeyStoreManager;->cleanCAPIDuplicateAliases:19API Call: java.lang.reflect.Field.get
Source: es.gob.afirma.keystores.CAPIKeyStoreManager;->cleanCAPIDuplicateAliases:20API Call: java.lang.reflect.Field.get
Source: es.gob.afirma.keystores.CAPIKeyStoreManager;->cleanCAPIDuplicateAliases:28API Call: java.lang.reflect.Field.get
Source: es.gob.afirma.keystores.CAPIKeyStoreManager;->cleanCAPIDuplicateAliases:35API Call: java.lang.reflect.Field.get
Source: es.gob.afirma.core.misc.MimeHelper;-><init>:9API Call: java.lang.reflect.Method.invoke
Source: es.gob.afirma.core.misc.MimeHelper;-><init>:14API Call: java.lang.reflect.Method.invoke
Source: es.gob.afirma.core.misc.MimeHelper;-><init>:21API Call: java.lang.reflect.Method.invoke
Source: es.gob.afirma.core.misc.MimeHelper;-><init>:27API Call: java.lang.reflect.Method.invoke
Source: es.gob.afirma.signers.tsp.pkcs7.CMSTimestamper;->configureHttpsConnection:103API Call: java.lang.reflect.Method.invoke
Source: es.gob.afirma.core.signers.ExtraParamsProcessor;->configAutoFormat:11API Call: java.lang.reflect.Method.invoke
Source: androidx.activity.ImmLeaksCleaner;->onStateChanged:17API Call: java.lang.reflect.Field.get
Source: androidx.activity.ImmLeaksCleaner;->onStateChanged:19API Call: java.lang.reflect.Field.get
Source: androidx.core.app.ActivityRecreator$3;->run:8API Call: java.lang.reflect.Method.invoke
Source: androidx.core.app.ActivityRecreator$3;->run:13API Call: java.lang.reflect.Method.invoke
Source: androidx.core.app.ActivityRecreator;->queueOnStopIfNecessary:35API Call: java.lang.reflect.Field.get
Source: androidx.core.app.ActivityRecreator;->queueOnStopIfNecessary:37API Call: java.lang.reflect.Field.get
Source: androidx.core.app.ActivityRecreator;->recreate:50API Call: java.lang.reflect.Field.get
Source: androidx.core.app.ActivityRecreator;->recreate:52API Call: java.lang.reflect.Field.get
Source: androidx.core.app.ActivityRecreator;->recreate:65API Call: java.lang.reflect.Method.invoke
Source: androidx.core.app.BundleCompat$BundleCompatBaseImpl;->getBinder:9API Call: java.lang.reflect.Method.invoke
Source: androidx.core.app.BundleCompat$BundleCompatBaseImpl;->putBinder:19API Call: java.lang.reflect.Method.invoke
Source: androidx.core.app.NotificationCompatJellybean;->getAction:52API Call: java.lang.reflect.Field.get
Source: androidx.core.app.NotificationCompatJellybean;->getAction:54API Call: java.lang.reflect.Field.get
Source: androidx.core.app.NotificationCompatJellybean;->getActionObjectsLocked:86API Call: java.lang.reflect.Field.get
Source: androidx.core.app.NotificationCompatJellybean;->getExtras:133API Call: java.lang.reflect.Field.get
Source: androidx.core.app.NotificationManagerCompat;->areNotificationsEnabled:49API Call: java.lang.reflect.Field.get
Source: androidx.core.app.NotificationManagerCompat;->areNotificationsEnabled:53API Call: java.lang.reflect.Method.invoke
Source: es.gob.jmulticard.card.dnie.DnieNFC;->getPaceConnection:46API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.DrawableCompat;->getLayoutDirection:25API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.DrawableCompat;->setLayoutDirection:46API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.IconCompat;->getResId:113API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.IconCompat;->getResPackage:124API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.IconCompat;->getType:144API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.WrappedDrawableApi21;->isProjected:19API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.drawable.IconCompat;->getUri:167API Call: java.lang.reflect.Method.invoke
Source: junit.framework.TestCase;->runTest:75API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi21Impl;->addFontWeightStyle:6API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi21Impl;->createFromFamiliesWithDefault:14API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi24Impl;->addFontWeightStyle:22API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi24Impl;->createFromFamiliesWithDefault:28API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi26Impl;->abortCreation:19API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi26Impl;->addFontFromAssetManager:27API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi26Impl;->addFontFromBuffer:33API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi26Impl;->freeze:36API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi26Impl;->createFromFamiliesWithDefault:51API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatApi28Impl;->createFromFamiliesWithDefault:9API Call: java.lang.reflect.Method.invoke
Source: androidx.core.graphics.TypefaceCompatBaseImpl;->getUniqueKey:18API Call: java.lang.reflect.Field.get
Source: es.gob.jmulticard.ui.passwordcallback.gui.DnieCallbackHandler;->handle:31API Call: java.lang.reflect.Method.invoke
Source: es.gob.jmulticard.ui.passwordcallback.gui.DnieCacheCallbackHandler;->handle:65API Call: java.lang.reflect.Method.invoke
Source: org.junit.experimental.theories.internal.AllMembersSupplier;->getStaticFieldValue:74API Call: java.lang.reflect.Field.get
Source: net.sf.jmimemagic.MagicMatcher;->testDetector:74API Call: java.lang.reflect.Method.invoke
Source: net.sf.jmimemagic.MagicMatcher;->getDetectorExtensions:206API Call: java.lang.reflect.Method.invoke
Source: androidx.lifecycle.ClassesInfoCache$MethodReference;->invokeCallback:12API Call: java.lang.reflect.Method.invoke
Source: androidx.lifecycle.ClassesInfoCache$MethodReference;->invokeCallback:14API Call: java.lang.reflect.Method.invoke
Source: androidx.lifecycle.ClassesInfoCache$MethodReference;->invokeCallback:16API Call: java.lang.reflect.Method.invoke
Source: org.junit.runners.model.FrameworkField;->get:5API Call: java.lang.reflect.Field.get
Source: org.junit.runners.model.FrameworkMethod$1;->runReflectiveCall:6API Call: java.lang.reflect.Method.invoke
Source: androidx.multidex.MultiDex$V14;->install:9API Call: java.lang.reflect.Field.get
Source: androidx.multidex.MultiDex$V19;->install:4API Call: java.lang.reflect.Field.get
Source: androidx.multidex.MultiDex$V19;->install:19API Call: java.lang.reflect.Field.get
Source: androidx.multidex.MultiDex$V4;->install:5API Call: java.lang.reflect.Field.get
Source: androidx.multidex.MultiDex$V19;->makeDexElements:33API Call: java.lang.reflect.Method.invoke
Source: androidx.multidex.MultiDex;->expandFieldArray:120API Call: java.lang.reflect.Field.get
Source: es.gob.jmulticard.android.nfc.NFCWatchdogRefresher$WatchdogRefresher;->run:13API Call: java.lang.reflect.Method.invoke
Source: es.gob.jmulticard.android.nfc.NFCWatchdogRefresher$WatchdogRefresher;->run:16API Call: java.lang.reflect.Method.invoke
Source: es.gob.jmulticard.android.nfc.NFCWatchdogRefresher$WatchdogRefresher;->run:23API Call: java.lang.reflect.Method.invoke
Source: androidx.core.os.TraceCompat;->beginAsyncSection:27API Call: java.lang.reflect.Method.invoke
Source: androidx.core.os.TraceCompat;->endAsyncSection:36API Call: java.lang.reflect.Method.invoke
Source: androidx.core.os.TraceCompat;->isEnabled:44API Call: java.lang.reflect.Method.invoke
Source: androidx.core.os.TraceCompat;->setCounter:53API Call: java.lang.reflect.Method.invoke
Source: com.aowagie.text.pdf.MappedRandomAccessFile$1;->run:9API Call: java.lang.reflect.Method.invoke
Source: com.aowagie.text.pdf.MappedRandomAccessFile$1;->run:13API Call: java.lang.reflect.Method.invoke
Source: com.aowagie.text.pdf.PdfName;-><clinit>:878API Call: java.lang.reflect.Field.get
Source: androidx.core.content.pm.ShortcutManagerCompat;->getShortcutInfoSaverInstance:38API Call: java.lang.reflect.Method.invoke
Source: junit.runner.BaseTestRunner;->getTest:97API Call: java.lang.reflect.Method.invoke
Source: org.junit.internal.runners.ClassRoadie;->runAfters:7API Call: java.lang.reflect.Method.invoke
Source: org.junit.internal.runners.ClassRoadie;->runBefores:16API Call: java.lang.reflect.Method.invoke
Source: org.junit.internal.runners.MethodRoadie;->runAfters:8API Call: java.lang.reflect.Method.invoke
Source: org.junit.internal.runners.MethodRoadie;->runBefores:18API Call: java.lang.reflect.Method.invoke
Source: org.junit.internal.runners.SuiteMethod;->testFromSuiteMethod:7API Call: java.lang.reflect.Method.invoke
Source: org.junit.internal.runners.TestMethod;->invoke:15API Call: java.lang.reflect.Method.invoke
Source: org.spongycastle.jcajce.provider.symmetric.GcmSpecUtil;->extractGcmParameters:9API Call: java.lang.reflect.Method.invoke
Source: org.spongycastle.jcajce.provider.symmetric.GcmSpecUtil;->extractGcmParameters:10API Call: java.lang.reflect.Method.invoke
Source: androidx.core.text.ICUCompat;->addLikelySubtags:16API Call: java.lang.reflect.Method.invoke
Source: androidx.core.text.ICUCompat;->getScript:21API Call: java.lang.reflect.Method.invoke
Source: androidx.core.text.ICUCompat;->maximizeAndGetScript:29API Call: java.lang.reflect.Method.invoke
Source: androidx.tracing.Trace;->beginAsyncSectionFallback:13API Call: java.lang.reflect.Method.invoke
Source: androidx.tracing.Trace;->endAsyncSectionFallback:27API Call: java.lang.reflect.Method.invoke
Source: androidx.tracing.Trace;->isEnabledFallback:53API Call: java.lang.reflect.Method.invoke
Source: androidx.tracing.Trace;->setCounterFallback:67API Call: java.lang.reflect.Method.invoke
Source: org.spongycastle.jcajce.provider.symmetric.util.BaseMac;->engineInit:95API Call: java.lang.reflect.Method.invoke
Source: org.spongycastle.jcajce.provider.symmetric.util.BaseMac;->engineInit:97API Call: java.lang.reflect.Method.invoke
Source: org.spongycastle.jcajce.provider.symmetric.util.BaseBlockCipher;->engineInit:303API Call: java.lang.reflect.Method.invoke
Source: org.spongycastle.jcajce.provider.symmetric.util.BaseBlockCipher;->engineInit:305API Call: java.lang.reflect.Method.invoke
Source: androidx.versionedparcelable.VersionedParcel;->readFromParcel:194API Call: java.lang.reflect.Method.invoke
Source: androidx.versionedparcelable.VersionedParcel;->writeToParcel:401API Call: java.lang.reflect.Method.invoke
Source: androidx.core.view.KeyEventDispatcher;->actionBarOnMenuKeyEventPre28:6API Call: java.lang.reflect.Method.invoke
Source: androidx.core.view.KeyEventDispatcher;->getDialogKeyListenerPre28:38API Call: java.lang.reflect.Field.get
Source: androidx.core.view.ViewCompat;->dispatchFinishTemporaryDetach:63API Call: java.lang.reflect.Method.invoke
Source: androidx.core.view.ViewCompat;->dispatchStartTemporaryDetach:85API Call: java.lang.reflect.Method.invoke
Source: androidx.core.view.ViewConfigurationCompat;->getLegacyScrollFactor:8API Call: java.lang.reflect.Method.invoke
Source: androidx.core.view.ViewCompat;->getAccessibilityDelegateThroughReflection:109API Call: java.lang.reflect.Field.get
Source: androidx.core.view.ViewCompat;->getMinimumHeight:159API Call: java.lang.reflect.Field.get
Source: androidx.core.view.ViewCompat;->getMinimumWidth:166API Call: java.lang.reflect.Field.get
Source: androidx.core.view.ViewCompat;->setChildrenDrawingOrderEnabled:396API Call: java.lang.reflect.Method.invoke
Source: androidx.core.widget.CompoundButtonCompat;->getButtonDrawable:10API Call: java.lang.reflect.Field.get
Source: androidx.core.widget.PopupWindowCompat;->getOverlapAnchor:10API Call: java.lang.reflect.Field.get
Source: androidx.core.widget.PopupWindowCompat;->getWindowLayoutType:19API Call: java.lang.reflect.Method.invoke
Source: androidx.core.widget.PopupWindowCompat;->setWindowLayoutType:40API Call: java.lang.reflect.Method.invoke
Source: androidx.core.widget.TextViewCompat$OreoCallback;->recomputeProcessTextMenuItems:58API Call: java.lang.reflect.Method.invoke
Source: com.aowagie.text.xml.SAXiTextHandler;->handleStartingTags:360API Call: java.lang.reflect.Field.get
Source: androidx.core.content.pm.ShortcutInfoCompat;->addToIntent:32API Call: android.content.Intent.putExtra android.intent.extra.shortcut.INTENT
Source: androidx.core.app.JobIntentService$CompatWorkEnqueuer;-><init>:11API Call: android.os.PowerManager.newWakeLock
Source: androidx.core.app.JobIntentService$CompatWorkEnqueuer;-><init>:19API Call: android.os.PowerManager.newWakeLock
Source: es.gob.afirma.signers.multi.cades.CAdESCoSigner;->coSigner:26API Call: java.security.MessageDigest.getInstance
Source: es.gob.afirma.signers.multi.cades.CAdESCoSigner;->coSigner:27API Call: java.security.MessageDigest.digest
Source: es.gob.afirma.signers.cades.CAdESParameters;->load:24API Call: java.security.MessageDigest.getInstance
Source: es.gob.afirma.signers.cades.CAdESParameters;->load:25API Call: java.security.MessageDigest.digest
Source: es.gob.afirma.signers.cades.CAdESUtils;->generateSignedAttributes:16API Call: java.security.MessageDigest.getInstance
Source: es.gob.afirma.signers.cades.CAdESUtils;->generateSignedAttributes:18API Call: java.security.MessageDigest.digest
Source: es.gob.afirma.signers.cades.CAdESUtils;->getSigningCertificateV1:161API Call: java.security.MessageDigest.getInstance
Source: es.gob.afirma.signers.cades.CAdESUtils;->getSigningCertificateV1:163API Call: java.security.MessageDigest.digest
Source: es.gob.afirma.signers.cades.CAdESUtils;->getSigningCertificateV2:188API Call: java.security.MessageDigest.getInstance
Source: es.gob.afirma.signers.cades.CAdESUtils;->getSigningCertificateV2:190API Call: java.security.MessageDigest.digest
Source: es.gob.afirma.android.crypto.CipherDataManager;->cipher:3API Call: javax.crypto.Cipher.getInstance
Source: es.gob.afirma.android.crypto.CipherDataManager;->cipher:6API Call: javax.crypto.Cipher.init
Source: es.gob.afirma.android.crypto.CipherDataManager;->cipher:8API Call: javax.crypto.Cipher.doFinal
Source: es.gob.afirma.android.crypto.CipherDataManager;->decipher:24API Call: javax.crypto.Cipher.getInstance
Source: es.gob.afirma.android.crypto.CipherDataManager;->decipher:27API Call: javax.crypto.Cipher.init
Source: es.gob.afirma.android.crypto.CipherDataManager;->decipher:28API Call: javax.crypto.Cipher.doFinal
Source: es.gob.afirma.keystores.AOKeyStoreManager;->cleanDeactivatedAliases:9API Call: java.security.MessageDigest.getInstance
Source: es.gob.afirma.keystores.AOKeyStoreManager;->cleanDeactivatedAliases:12API Call: java.security.MessageDigest.digest
Source: es.gob.afirma.keystores.AggregatedKeyStoreManager;->addKeyStoreManager:13API Call: java.security.MessageDigest.getInstance
Source: es.gob.afirma.keystores.AggregatedKeyStoreManager;->addKeyStoreManager:23API Call: java.security.MessageDigest.digest
Source: es.gob.afirma.signers.pades.PAdESTriPhaseSigner;->preSign:82API Call: java.security.MessageDigest.getInstance
Source: es.gob.afirma.signers.pades.PAdESTriPhaseSigner;->preSign:83API Call: java.security.MessageDigest.digest
Source: es.gob.afirma.signers.pades.PdfTimestamper;->getTspToken:7API Call: java.security.MessageDigest.getInstance
Source: es.gob.afirma.signers.pades.PdfTimestamper;->getTspToken:8API Call: java.security.MessageDigest.digest
Source: es.gob.afirma.signers.tsp.pkcs7.CMSTimestamper;->addTimestamp:236API Call: java.security.MessageDigest.getInstance
Source: es.gob.afirma.signers.tsp.pkcs7.CMSTimestamper;->addTimestamp:238API Call: java.security.MessageDigest.digest
Source: es.gob.afirma.core.signers.AdESPolicy;->setValues:27API Call: java.security.MessageDigest.getInstance
Source: es.gob.afirma.core.signers.AdESPolicy;->setValues:31API Call: java.security.MessageDigest.digest
Source: org.spongycastle.jcajce.provider.keystore.bc.BcKeyStoreSpi;->makePBECipher:247API Call: javax.crypto.Cipher.init
Source: org.spongycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi;->decryptData:95API Call: javax.crypto.Cipher.getInstance
Source: org.spongycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi;->decryptData:97API Call: javax.crypto.Cipher.getInstance
Source: org.spongycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi;->decryptData:106API Call: javax.crypto.Cipher.init
Source: org.spongycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi;->decryptData:107API Call: javax.crypto.Cipher.doFinal
Source: org.spongycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi;->engineSetKeyEntry:429API Call: javax.crypto.Cipher.getInstance
Source: org.spongycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi;->engineSetKeyEntry:430API Call: javax.crypto.Cipher.getInstance
Source: org.spongycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi;->engineSetKeyEntry:432API Call: javax.crypto.Cipher.init
Source: org.spongycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi;->engineSetKeyEntry:433API Call: javax.crypto.Cipher.doFinal
Source: org.spongycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi;->engineSetKeyEntry:462API Call: javax.crypto.Cipher.getInstance
Source: org.spongycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi;->engineSetKeyEntry:463API Call: javax.crypto.Cipher.getInstance
Source: org.spongycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi;->engineSetKeyEntry:465API Call: javax.crypto.Cipher.init
Source: org.spongycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi;->engineSetKeyEntry:472API Call: javax.crypto.Cipher.doFinal
Source: org.spongycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi;->engineSetKeyEntry:477API Call: javax.crypto.Cipher.doFinal
Source: org.spongycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi;->engineStore:559API Call: javax.crypto.Cipher.getInstance
Source: org.spongycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi;->engineStore:560API Call: javax.crypto.Cipher.getInstance
Source: org.spongycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi;->engineStore:563API Call: javax.crypto.Cipher.init
Source: org.spongycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi;->engineStore:565API Call: javax.crypto.Cipher.doFinal
Source: es.gob.jmulticard.de.tsenger.androsmex.crypto.Crypto;->computeMAC:11API Call: javax.crypto.Cipher.getInstance
Source: es.gob.jmulticard.de.tsenger.androsmex.crypto.Crypto;->computeMAC:12API Call: javax.crypto.Cipher.init
Source: es.gob.jmulticard.de.tsenger.androsmex.crypto.Crypto;->computeMAC:14API Call: javax.crypto.Cipher.getInstance
Source: es.gob.jmulticard.de.tsenger.androsmex.crypto.Crypto;->computeMAC:15API Call: javax.crypto.Cipher.init
Source: es.gob.jmulticard.de.tsenger.androsmex.crypto.Crypto;->computeMAC:17API Call: javax.crypto.Cipher.init
Source: es.gob.jmulticard.de.tsenger.androsmex.crypto.Crypto;->computeMAC:18API Call: javax.crypto.Cipher.doFinal
Source: org.spongycastle.jcajce.io.CipherInputStream;->finaliseCipher:3API Call: javax.crypto.Cipher.doFinal
Source: org.spongycastle.jcajce.io.CipherOutputStream;->close:3API Call: javax.crypto.Cipher.doFinal
Source: org.spongycastle.cert.crmf.jcajce.CRMFHelper$1;->doInJCE:16API Call: javax.crypto.Cipher.init
Source: org.spongycastle.cert.crmf.jcajce.CRMFHelper$1;->doInJCE:33API Call: javax.crypto.Cipher.init
Source: org.spongycastle.cert.crmf.jcajce.CRMFHelper$1;->doInJCE:41API Call: javax.crypto.Cipher.init
Source: org.spongycastle.cert.crmf.jcajce.CRMFHelper$1;->doInJCE:44API Call: javax.crypto.Cipher.init
Source: org.spongycastle.cert.crmf.jcajce.JceCRMFEncryptorBuilder$CRMFOutputEncryptor;-><init>:11API Call: javax.crypto.KeyGenerator.generateKey
Source: org.spongycastle.cert.crmf.jcajce.JceCRMFEncryptorBuilder$CRMFOutputEncryptor;-><init>:17API Call: javax.crypto.Cipher.init
Source: org.spongycastle.cert.crmf.jcajce.JcePKMACValuesCalculator;->calculateDigest:5API Call: java.security.MessageDigest.digest
Source: org.spongycastle.cert.jcajce.JcaX509ExtensionUtils$SHA1DigestCalculator;->getDigest:8API Call: java.security.MessageDigest.digest
Source: org.spongycastle.cert.jcajce.JcaX509ExtensionUtils;-><init>:2API Call: java.security.MessageDigest.getInstance
Source: org.spongycastle.cms.jcajce.EnvelopedDataHelper$1;->doInJCE:18API Call: javax.crypto.Cipher.init
Source: org.spongycastle.cms.jcajce.EnvelopedDataHelper$1;->doInJCE:35API Call: javax.crypto.Cipher.init
Source: org.spongycastle.cms.jcajce.EnvelopedDataHelper$1;->doInJCE:45API Call: javax.crypto.Cipher.init
Source: org.spongycastle.cms.jcajce.EnvelopedDataHelper$1;->doInJCE:48API Call: javax.crypto.Cipher.init
Source: org.spongycastle.cms.jcajce.JceCMSContentEncryptorBuilder$CMSOutputEncryptor;-><init>:9API Call: javax.crypto.KeyGenerator.generateKey
Source: org.spongycastle.cms.jcajce.JceCMSContentEncryptorBuilder$CMSOutputEncryptor;-><init>:15API Call: javax.crypto.Cipher.init
Source: org.spongycastle.cms.jcajce.JceCMSMacCalculatorBuilder$CMSMacCalculator;-><init>:7API Call: javax.crypto.KeyGenerator.generateKey
Source: org.spongycastle.cms.jcajce.JceKeyAgreeRecipient;->unwrapSessionKey:79API Call: javax.crypto.Cipher.init
Source: org.spongycastle.cms.jcajce.JceKeyAgreeRecipient;->extractSecretKey:113API Call: javax.crypto.Cipher.init
Source: org.spongycastle.cms.jcajce.JceKeyAgreeRecipientInfoGenerator;->generateRecipientEncryptedKeys:98API Call: javax.crypto.Cipher.init
Source: org.spongycastle.cms.jcajce.JceKeyAgreeRecipientInfoGenerator;->generateRecipientEncryptedKeys:106API Call: javax.crypto.Cipher.init
Source: org.spongycastle.cms.jcajce.JceKeyTransRecipient;->extractSecretKey:33API Call: javax.crypto.Cipher.init
Source: org.spongycastle.cms.jcajce.JcePasswordRecipient;->extractSecretKey:16API Call: javax.crypto.Cipher.init
Source: org.spongycastle.cms.jcajce.JcePasswordRecipientInfoGenerator;->generateEncryptedBytes:18API Call: javax.crypto.Cipher.init
Source: org.spongycastle.pkcs.jcajce.JcePKCSPBEInputDecryptorProviderBuilder$1;->get:20API Call: javax.crypto.Cipher.init
Source: org.spongycastle.pkcs.jcajce.JcePKCSPBEInputDecryptorProviderBuilder$1;->get:70API Call: javax.crypto.Cipher.init
Source: org.spongycastle.pkcs.jcajce.JcePKCSPBEInputDecryptorProviderBuilder$1;->get:76API Call: javax.crypto.Cipher.init
Source: org.spongycastle.pkcs.jcajce.JcePKCSPBEOutputEncryptorBuilder;->build:29API Call: javax.crypto.Cipher.init
Source: org.spongycastle.pkcs.jcajce.JcePKCSPBEOutputEncryptorBuilder;->build:57API Call: javax.crypto.Cipher.init
Source: org.spongycastle.pkcs.jcajce.JcePKCSPBEInputDecryptorProviderBuilder$1;->get:102API Call: javax.crypto.Cipher.init
Source: org.spongycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder$DigestOutputStream;->getDigest:3API Call: java.security.MessageDigest.digest
Source: org.spongycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder$DigestOutputStream;->write:5API Call: java.security.MessageDigest.update
Source: org.spongycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder$DigestOutputStream;->write:7API Call: java.security.MessageDigest.update
Source: org.spongycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder$DigestOutputStream;->write:9API Call: java.security.MessageDigest.update
Source: org.spongycastle.operator.jcajce.JceAsymmetricKeyUnwrapper;->generateUnwrappedKey:14API Call: javax.crypto.Cipher.init
Source: org.spongycastle.operator.jcajce.JceAsymmetricKeyUnwrapper;->generateUnwrappedKey:16API Call: javax.crypto.Cipher.init
Source: org.spongycastle.operator.jcajce.JceAsymmetricKeyUnwrapper;->generateUnwrappedKey:23API Call: javax.crypto.Cipher.init
Source: org.spongycastle.operator.jcajce.JceAsymmetricKeyUnwrapper;->generateUnwrappedKey:24API Call: javax.crypto.Cipher.doFinal
Source: org.spongycastle.operator.jcajce.JceKTSKeyUnwrapper;->generateUnwrappedKey:35API Call: javax.crypto.Cipher.init
Source: org.spongycastle.operator.jcajce.JceKTSKeyWrapper;->generateWrappedKey:36API Call: javax.crypto.Cipher.init
Source: org.spongycastle.operator.jcajce.JceSymmetricKeyUnwrapper;->generateUnwrappedKey:9API Call: javax.crypto.Cipher.init
Source: org.spongycastle.operator.jcajce.JceSymmetricKeyWrapper;->generateWrappedKey:50API Call: javax.crypto.Cipher.init
Source: org.spongycastle.operator.jcajce.JceAsymmetricKeyWrapper;->generateWrappedKey:161API Call: javax.crypto.Cipher.init
Source: org.spongycastle.operator.jcajce.JceAsymmetricKeyWrapper;->generateWrappedKey:164API Call: javax.crypto.Cipher.init
Source: org.spongycastle.operator.jcajce.JceAsymmetricKeyWrapper;->generateWrappedKey:169API Call: javax.crypto.Cipher.init
Source: org.spongycastle.operator.jcajce.JceAsymmetricKeyWrapper;->generateWrappedKey:172API Call: javax.crypto.Cipher.doFinal
Source: org.spongycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder$1;->get:36API Call: javax.crypto.Cipher.init
Source: org.spongycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder$1;->get:51API Call: javax.crypto.Cipher.init
Source: org.spongycastle.openssl.jcajce.JceOpenSSLPKCS8EncryptorBuilder;->build:83API Call: javax.crypto.Cipher.init
Source: org.spongycastle.openssl.jcajce.JceOpenSSLPKCS8EncryptorBuilder;->build:106API Call: javax.crypto.Cipher.init
Source: org.spongycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder$1;->get:67API Call: javax.crypto.Cipher.init
Source: org.spongycastle.openssl.jcajce.PEMUtilities;->crypt:183API Call: javax.crypto.Cipher.init
Source: org.spongycastle.openssl.jcajce.PEMUtilities;->crypt:184API Call: javax.crypto.Cipher.init
Source: org.spongycastle.openssl.jcajce.PEMUtilities;->crypt:185API Call: javax.crypto.Cipher.doFinal
Source: es.gob.jmulticard.JseCryptoHelper;->aesCrypt:9API Call: javax.crypto.Cipher.getInstance
Source: es.gob.jmulticard.JseCryptoHelper;->aesCrypt:23API Call: javax.crypto.Cipher.init
Source: es.gob.jmulticard.JseCryptoHelper;->aesCrypt:24API Call: javax.crypto.Cipher.doFinal
Source: es.gob.jmulticard.JseCryptoHelper;->doDes:58API Call: javax.crypto.Cipher.getInstance
Source: es.gob.jmulticard.JseCryptoHelper;->doDes:61API Call: javax.crypto.Cipher.init
Source: es.gob.jmulticard.JseCryptoHelper;->doDes:62API Call: javax.crypto.Cipher.doFinal
Source: es.gob.jmulticard.JseCryptoHelper;->doDesede:81API Call: javax.crypto.Cipher.getInstance
Source: es.gob.jmulticard.JseCryptoHelper;->doDesede:83API Call: javax.crypto.Cipher.init
Source: es.gob.jmulticard.JseCryptoHelper;->doDesede:84API Call: javax.crypto.Cipher.doFinal
Source: es.gob.jmulticard.JseCryptoHelper;->doRsa:92API Call: javax.crypto.Cipher.getInstance
Source: es.gob.jmulticard.JseCryptoHelper;->doRsa:93API Call: javax.crypto.Cipher.init
Source: es.gob.jmulticard.JseCryptoHelper;->doRsa:94API Call: javax.crypto.Cipher.doFinal
Source: es.gob.jmulticard.JseCryptoHelper;->digest:215API Call: java.security.MessageDigest.getInstance
Source: es.gob.jmulticard.JseCryptoHelper;->digest:216API Call: java.security.MessageDigest.digest
Source: com.aowagie.text.pdf.PdfEncryption;-><init>:5API Call: java.security.MessageDigest.getInstance
Source: com.aowagie.text.pdf.PdfEncryption;->computeOwnerKey:19API Call: java.security.MessageDigest.digest
Source: com.aowagie.text.pdf.PdfEncryption;->computeOwnerKey:25API Call: java.security.MessageDigest.digest
Source: com.aowagie.text.pdf.PdfEncryption;->createDocumentId:33API Call: java.security.MessageDigest.getInstance
Source: com.aowagie.text.pdf.PdfEncryption;->createDocumentId:46API Call: java.security.MessageDigest.digest
Source: com.aowagie.text.pdf.PdfEncryption;->setupGlobalEncryptionKey:74API Call: java.security.MessageDigest.update
Source: com.aowagie.text.pdf.PdfEncryption;->setupGlobalEncryptionKey:76API Call: java.security.MessageDigest.update
Source: com.aowagie.text.pdf.PdfEncryption;->setupGlobalEncryptionKey:78API Call: java.security.MessageDigest.update
Source: com.aowagie.text.pdf.PdfEncryption;->setupGlobalEncryptionKey:80API Call: java.security.MessageDigest.update
Source: com.aowagie.text.pdf.PdfEncryption;->setupGlobalEncryptionKey:83API Call: java.security.MessageDigest.update
Source: com.aowagie.text.pdf.PdfEncryption;->setupGlobalEncryptionKey:86API Call: java.security.MessageDigest.digest
Source: com.aowagie.text.pdf.PdfEncryption;->setupGlobalEncryptionKey:90API Call: java.security.MessageDigest.digest
Source: com.aowagie.text.pdf.PdfEncryption;->setupUserKey:104API Call: java.security.MessageDigest.update
Source: com.aowagie.text.pdf.PdfEncryption;->setupUserKey:107API Call: java.security.MessageDigest.digest
Source: com.aowagie.text.pdf.PdfEncryption;->getEncryptionDictionary:209API Call: java.security.MessageDigest.getInstance
Source: com.aowagie.text.pdf.PdfEncryption;->getEncryptionDictionary:212API Call: java.security.MessageDigest.update
Source: com.aowagie.text.pdf.PdfEncryption;->getEncryptionDictionary:217API Call: java.security.MessageDigest.update
Source: com.aowagie.text.pdf.PdfEncryption;->getEncryptionDictionary:218API Call: java.security.MessageDigest.update
Source: com.aowagie.text.pdf.PdfEncryption;->getEncryptionDictionary:219API Call: java.security.MessageDigest.digest
Source: com.aowagie.text.pdf.PdfEncryption;->setHashKey:310API Call: java.security.MessageDigest.update
Source: com.aowagie.text.pdf.PdfEncryption;->setHashKey:313API Call: java.security.MessageDigest.update
Source: com.aowagie.text.pdf.PdfEncryption;->setHashKey:316API Call: java.security.MessageDigest.update
Source: com.aowagie.text.pdf.PdfEncryption;->setHashKey:318API Call: java.security.MessageDigest.digest
Source: com.aowagie.text.pdf.PdfEncryption;->setupAllKeys:322API Call: java.security.MessageDigest.digest
Source: com.aowagie.text.pdf.PdfPublicKeySecurityHandler;-><init>:6API Call: javax.crypto.KeyGenerator.generateKey
Source: com.aowagie.text.pdf.PdfPublicKeySecurityHandler;->computeRecipientInfo:25API Call: javax.crypto.Cipher.getInstance
Source: com.aowagie.text.pdf.PdfPublicKeySecurityHandler;->computeRecipientInfo:26API Call: javax.crypto.Cipher.init
Source: com.aowagie.text.pdf.PdfPublicKeySecurityHandler;->computeRecipientInfo:27API Call: javax.crypto.Cipher.doFinal
Source: com.aowagie.text.pdf.PdfPublicKeySecurityHandler;->createDERForRecipient:41API Call: javax.crypto.KeyGenerator.generateKey
Source: com.aowagie.text.pdf.PdfPublicKeySecurityHandler;->createDERForRecipient:42API Call: javax.crypto.Cipher.getInstance
Source: com.aowagie.text.pdf.PdfPublicKeySecurityHandler;->createDERForRecipient:43API Call: javax.crypto.Cipher.init
Source: com.aowagie.text.pdf.PdfPublicKeySecurityHandler;->createDERForRecipient:44API Call: javax.crypto.Cipher.doFinal
Source: com.aowagie.text.pdf.PdfPKCS7;-><init>:199API Call: java.security.MessageDigest.getInstance
Source: com.aowagie.text.pdf.PdfPKCS7;-><init>:201API Call: java.security.MessageDigest.getInstance
Source: com.aowagie.text.pdf.PdfPKCS7;-><init>:330API Call: java.security.MessageDigest.getInstance
Source: com.aowagie.text.pdf.PdfPKCS7;-><init>:333API Call: java.security.MessageDigest.getInstance
Source: com.aowagie.text.pdf.PdfReader;->readDecryptedDocObj:650API Call: java.security.MessageDigest.getInstance
Source: com.aowagie.text.pdf.PdfReader;->readDecryptedDocObj:651API Call: java.security.MessageDigest.update
Source: com.aowagie.text.pdf.PdfReader;->readDecryptedDocObj:655API Call: java.security.MessageDigest.update
Source: com.aowagie.text.pdf.PdfReader;->readDecryptedDocObj:656API Call: java.security.MessageDigest.update
Source: com.aowagie.text.pdf.PdfReader;->readDecryptedDocObj:657API Call: java.security.MessageDigest.digest
Source: com.aowagie.text.pdf.PdfPKCS7;->getEncodedPKCS7:580API Call: java.security.MessageDigest.digest
Source: com.aowagie.text.pdf.PdfPKCS7;->getEncodedPKCS7:654API Call: java.security.MessageDigest.getInstance
Source: com.aowagie.text.pdf.PdfPKCS7;->getEncodedPKCS7:656API Call: java.security.MessageDigest.digest
Source: com.aowagie.text.pdf.PdfPKCS7;->update:827API Call: java.security.MessageDigest.update
Source: com.aowagie.text.pdf.PdfPKCS7;->verify:833API Call: java.security.MessageDigest.digest
Source: com.aowagie.text.pdf.PdfPKCS7;->verify:835API Call: java.security.MessageDigest.update
Source: com.aowagie.text.pdf.PdfPKCS7;->verify:837API Call: java.security.MessageDigest.digest
Source: com.aowagie.text.pdf.PdfPKCS7;->verify:846API Call: java.security.MessageDigest.digest
Source: org.spongycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi;->createCipher:63API Call: javax.crypto.Cipher.getInstance
Source: org.spongycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi;->createCipher:69API Call: javax.crypto.Cipher.init
Source: org.spongycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi;->createCipher:74API Call: javax.crypto.Cipher.init
Source: org.spongycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi;->cryptData:402API Call: javax.crypto.Cipher.init
Source: org.spongycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi;->cryptData:403API Call: javax.crypto.Cipher.doFinal
Source: org.spongycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi;->cryptData:413API Call: javax.crypto.Cipher.doFinal
Source: org.spongycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi;->unwrapKey:934API Call: javax.crypto.Cipher.init
Source: org.spongycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi;->wrapKey:963API Call: javax.crypto.Cipher.init
Source: es.gob.jmulticard.jse.provider.rsacipher.RSAPadding;-><init>:28API Call: java.security.MessageDigest.getInstance
Source: es.gob.jmulticard.jse.provider.rsacipher.RSAPadding;-><init>:29API Call: java.security.MessageDigest.getInstance
Source: es.gob.jmulticard.jse.provider.rsacipher.RSAPadding;->getInitialHash:63API Call: java.security.MessageDigest.digest
Source: es.gob.jmulticard.jse.provider.rsacipher.RSAPadding;->getInitialHash:67API Call: java.security.MessageDigest.digest
Source: es.gob.jmulticard.jse.provider.rsacipher.RSAPadding;->mgf1:74API Call: java.security.MessageDigest.update
Source: es.gob.jmulticard.jse.provider.rsacipher.RSAPadding;->mgf1:76API Call: java.security.MessageDigest.update
Source: es.gob.jmulticard.jse.provider.rsacipher.RSAPadding;->mgf1:78API Call: java.security.MessageDigest.digest
Source: com.aowagie.text.ImgJBIG2;-><init>:8API Call: java.security.MessageDigest.getInstance
Source: com.aowagie.text.ImgJBIG2;-><init>:10API Call: java.security.MessageDigest.update
Source: com.aowagie.text.ImgJBIG2;-><init>:11API Call: java.security.MessageDigest.digest
Source: org.spongycastle.jcajce.util.DefaultJcaJceHelper;->createCipher:5API Call: javax.crypto.Cipher.getInstance
Source: org.spongycastle.jcajce.util.DefaultJcaJceHelper;->createDigest:6API Call: java.security.MessageDigest.getInstance
Source: org.spongycastle.jcajce.util.NamedJcaJceHelper;->createCipher:9API Call: javax.crypto.Cipher.getInstance
Source: org.spongycastle.jcajce.util.NamedJcaJceHelper;->createDigest:11API Call: java.security.MessageDigest.getInstance
Source: org.spongycastle.jcajce.util.ProviderJcaJceHelper;->createCipher:9API Call: javax.crypto.Cipher.getInstance
Source: org.spongycastle.jcajce.util.ProviderJcaJceHelper;->createDigest:11API Call: java.security.MessageDigest.getInstance
Source: org.spongycastle.x509.AttributeCertificateHolder;->match:135API Call: java.security.MessageDigest.getInstance
Source: org.spongycastle.x509.AttributeCertificateHolder;->match:138API Call: java.security.MessageDigest.update
Source: org.spongycastle.x509.AttributeCertificateHolder;->match:141API Call: java.security.MessageDigest.update
Source: org.spongycastle.x509.AttributeCertificateHolder;->match:142API Call: java.security.MessageDigest.digest
Source: es.gob.afirma.android.SignFragmentActivity;->keySelected:59Field Access: android.os.Build$VERSION.RELEASE
Source: es.gob.afirma.android.SignFragmentActivity;->keySelected:62Field Access: android.os.Build$VERSION.RELEASE
Source: es.gob.afirma.android.SignFragmentActivity;->keySelected:65Field Access: android.os.Build$VERSION.RELEASE
Source: es.gob.afirma.android.SignFragmentActivity;->keySelected:81Field Access: android.os.Build$VERSION.RELEASE
Source: es.gob.afirma.android.WebSelectCertificateActivity;->certificateSelected:92Field Access: android.os.Build$VERSION.RELEASE
Source: es.gob.afirma.android.WebSelectCertificateActivity;->certificateSelected:95Field Access: android.os.Build$VERSION.RELEASE
Source: es.gob.afirma.android.WebSelectCertificateActivity;->certificateSelected:98Field Access: android.os.Build$VERSION.RELEASE
Source: es.gob.afirma.android.WebSelectCertificateActivity;->certificateSelected:114Field Access: android.os.Build$VERSION.RELEASE
Source: Les/gob/afirma/android/FileSystemConstants;-><clinit>()VMethod string: "android"
Source: Lnet/sf/jmimemagic/MagicParser;->startElement(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Lorg/xml/sax/Attributes;)VMethod string: "type"
Source: Lcom/aowagie/text/pdf/CFFFont;-><clinit>()VMethod string: "version"
Source: Lcom/aowagie/text/pdf/PdfName;-><clinit>()VMethod string: "category"
Source: org.spongycastle.cert.X509AttributeCertificateHolder;->isValidOn:135API Call: java.util.Date.after
Source: org.spongycastle.cert.X509CertificateHolder;->isValidOn:102API Call: java.util.Date.after
Source: org.spongycastle.jce.provider.PKIXCRLUtil;->findCRLs:23API Call: java.util.Date.after
Source: org.spongycastle.x509.PKIXCRLUtil;->findCRLs:36API Call: java.util.Date.after
Source: org.spongycastle.x509.X509V2AttributeCertificate;->checkValidity:40API Call: java.util.Date.after
Source: MANIFEST.MFBinary or memory string: SHA-256-Digest: vxZzXGe11HnDVH1Nqa/9H5iInQEmuU/4LExWsAvy7xg=
Source: androidx.activity.result.contract.ActivityResultContracts$TakePicture;->createIntent:3API Call: android.content.Intent.<init>("android.media.action.IMAGE_CAPTURE")
Source: androidx.activity.result.contract.ActivityResultContracts$TakePicturePreview;->createIntent:4API Call: android.content.Intent.<init>("android.media.action.IMAGE_CAPTURE")

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Management InstrumentationPath InterceptionPath InterceptionDirect Volume AccessOS Credential Dumping1
System Network Connections Discovery		Remote Services1
Network Information Discovery		Exfiltration Over Other Network Medium1
Encrypted Channel		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without Authorization1
Delete Device Data
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS Memory1
Security Software Discovery		Remote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth1
Non-Standard Port		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account Manager1
System Information Discovery		SMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration1
Non-Application Layer Protocol		Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Binary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureScheduled Transfer2
Application Layer Protocol		SIM Card SwapCarrier Billing Fraud

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.