Index

ANDROID STATIC ANALYSIS REPORT
 Massar Moutamadris (1.0.7)
File Name: 1.0.7_‫_ﻣﺴﺎرﻣﺘﻤﺪرس‬apkcombo.com.apk

Package Name: ma.gov.men.massar.eleve
Scan Date: March 27, 2023, 2:13 p.m.
App Security Score: 46/100 (MEDIUM RISK)
Grade:
B
Trackers Detection: 2/428
 FINDINGS SEVERITY
 HIGH  MEDIUM  INFO  SECURE  HOTSPOT
1 12 3 0 1
 FILE INFORMATION
File Name: 1.0.7_‫_ ﻣﺴﺎرﻣﺘﻤﺪرس‬apkcombo.com.apk
Size: 13.83MB
MD5: 33135923c8cfcdd50abb2c8c48849b7c
SHA1: 769e62e1937ee66efbfc8e011a02279328a188ec
SHA256: ff4e15495a564b3a04f1a302667c259abd2c66ba671170d133fdef936db3e130
 APP INFORMATION
App Name: Massar Moutamadris
Package Name: ma.gov.men.massar.eleve
Main Activity: ma.gov.men.massar.ui.activities.SplashActivity
Target SDK: 30
Min SDK: 17
Max SDK:
Android Version Name: 1.0.7
Android Version Code: 47
 APP COMPONENTS
Activities: 21
Services: 11
Receivers: 11
Providers: 5
Exported Activities: 0
Exported Services: 1
Exported Receivers: 1
Exported Providers: 0
 CERTIFICATE INFORMATION
APK is signed
v1 signature: True
v2 signature: True
v3 signature: True
Found 1 unique certificates
Subject: C=US, ST=California, L=Mountain View, O=Google Inc., OU=Android, CN=Android
Signature Algorithm: rsassa_pkcs1v15
Valid From: 2020-04-23 14:47:34+00:00
Valid To: 2050-04-23 14:47:34+00:00
Issuer: C=US, ST=California, L=Mountain View, O=Google Inc., OU=Android, CN=Android
Serial Number: 0xadf45c818877c223ab6e6e9113607d34b714083a
Hash Algorithm: sha256
md5: 0ac5a0911a21be7dccd440744af12ece
sha1: c053df1245e0d10caf4e5e64393234eab3759e67
sha256: c64671b8be1331da0a04e98203e465253b6786277506dd379b916c5becbe3c0e
sha512: 1ce5c3b9bc9ae78a843a2d83d6d2c4c337ea01972b1080e823f8819399cf1b15ba411ad990a1728458b7f3a3bfd800aa6295cd15458f7fe7d25896cd00dcdc9b
PublicKey Algorithm: rsa
Bit Size: 4096
Fingerprint: e956125a20fd7f8dc64d52bc5e72699a65fad5b166901b82ebe7626e717f3b8e
 APPLICATION PERMISSIONS
PERMISSION STATUS INFO DESCRIPTION
full Internet
android.permission.INTERNET normal Allows an application to create network sockets.
access
PERMISSION STATUS INFO DESCRIPTION
view network
android.permission.ACCESS_NETWORK_STATE normal Allows an application to view the status of all networks.
status
read external
android.permission.READ_EXTERNAL_STORAGE dangerous storage Allows an application to read from external storage.
contents
prevent
Allows an application to prevent the phone from going to
android.permission.WAKE_LOCK normal phone from
sleep.
sleeping
C2DM
com.google.android.c2dm.permission.RECEIVE signature Permission for cloud to device messaging.
permissions
Unknown
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE unknown Unknown permission from android reference
permission
Allows an application to start itself as soon as the system has

automatically finished booting. This can make it take longer to start the
android.permission.RECEIVE_BOOT_COMPLETED normal
start at boot phone and allow the application to slow down the overall
phone by always running.
android.permission.FOREGROUND_SERVICE normal Allows a regular application to use Service.startForeground.
view Wi-Fi Allows an application to view the information about the

android.permission.ACCESS_WIFI_STATE normal
status status of Wi-Fi.
android.permission.RECORD_AUDIO dangerous record audio Allows application to access the audio record path.
 APKID ANALYSIS
FILE DETAILS
FINDINGS DETAILS
Build.FINGERPRINT check
Build.MODEL check
Build.MANUFACTURER check
Anti-VM Code
Build.PRODUCT check
classes.dex
Build.TAGS check
possible VM check
Anti Debug Code Debug.isDebuggerConnected() check
Compiler r8
FINDINGS DETAILS
classes2.dex
Compiler r8 without marker (suspicious)
 NETWORK SECURITY
NO SCOPE SEVERITY DESCRIPTION
 CERTIFICATE ANALYSIS
TITLE SEVERITY DESCRIPTION
Signed Application info Application is signed with a code signing certificate
Application vulnerable Application is signed with v1 signature scheme, making it vulnerable to Janus vulnerability on Android 5.0-8.0, if signed only with v1
warning
to Janus Vulnerability signature scheme. Applications running on Android 5.0-7.0 signed with v1, and v2/v3 scheme is also vulnerable.
 MANIFEST ANALYSIS
NO ISSUE SEVERITY DESCRIPTION
This application can be installed on an older version of android that has multiple
App can be installed on a vulnerable Android version
1 warning unfixed vulnerabilities. Support an Android version > 8, API 26 to receive
[minSdk=17]
reasonable security updates.
The app intends to use cleartext network traffic, such as cleartext HTTP, FTP stacks,
DownloadManager, and MediaPlayer. The default value for apps that target API
Clear text traffic is Enabled For App level 27 or lower is "true". Apps that target API level 28 or higher default to "false".
2 high
[android:usesCleartextTraffic=true] The key reason for avoiding cleartext traffic is the lack of confidentiality,
authenticity, and protections against tampering; a network attacker can eavesdrop
on transmitted data and also modify it without being detected.
The Network Security Configuration feature lets apps customize their network
App has a Network Security Configuration
3 info security settings in a safe, declarative configuration file without modifying app
[android:networkSecurityConfig=@xml/network_security_config]
code. These settings can be configured for specific domains and for a specific app.
A Broadcast Receiver is found to be shared with other apps on the device

Broadcast Receiver therefore leaving it accessible to any other application on the device. It is
(com.google.firebase.iid.FirebaseInstanceIdReceiver) is protected by a permission which is not defined in the analysed application. As a
Protected by a permission, but the protection level of the result, the protection level of the permission should be checked where it is
4 warning
permission should be checked. defined. If it is set to normal or dangerous, a malicious application can request
Permission: com.google.android.c2dm.permission.SEND and obtain the permission and interact with the component. If it is set to
[android:exported=true] signature, only applications signed with the same certificate can obtain the
permission.
NO ISSUE SEVERITY DESCRIPTION
A Service is found to be shared with other apps on the device therefore leaving it
Service
accessible to any other application on the device. It is protected by a permission
(androidx.work.impl.background.systemjob.SystemJobService)
which is not defined in the analysed application. As a result, the protection level of
is Protected by a permission, but the protection level of the
5 warning the permission should be checked where it is defined. If it is set to normal or
permission should be checked.
dangerous, a malicious application can request and obtain the permission and
Permission: android.permission.BIND_JOB_SERVICE
interact with the component. If it is set to signature, only applications signed with
[android:exported=true]
the same certificate can obtain the permission.
 CODE ANALYSIS
NO ISSUE SEVERITY STANDARDS FILES
butterknife/ButterKnife.java
com/bumptech/glide/load/engine/Glid
eException.java
com/github/mikephil/charting/data/Pi
eEntry.java
com/makeramen/roundedimageview/
RoundedImageView.java
i/b/k/h.java
i/b/k/k.java
i/b/l/a/a.java
i/b/p/j/j.java
i/b/q/g0.java
i/b/q/h0.java
i/b/q/j0.java
i/b/q/p.java
i/b/q/y.java
i/c0/e.java
i/c0/l.java
i/i/e/b.java
i/i/e/d.java
i/i/e/e.java
i/i/e/i.java
i/i/e/j.java
i/i/e/m.java
i/i/e/m.java
i/i/f/a.java
i/i/f/c/a.java
i/i/f/c/b.java
i/i/f/c/f.java
i/i/g/c.java
i/i/g/g.java
i/i/g/k.java
i/i/g/l/a.java
i/i/g/l/e.java
i/i/k/c.java
i/i/m/b.java
i/i/n/c.java
i/i/o/b.java
i/i/o/c0.java
i/i/o/d0/c.java
i/i/o/f.java
i/i/o/h.java
i/i/o/t.java
i/i/o/u.java
i/i/o/x.java
i/i/p/c.java
i/i/p/h.java
i/i/p/i.java
The App logs information. Sensitive CWE: CWE-532: Insertion of Sensitive Information into Log File i/k/a/c.java
1 info
information should never be logged. OWASP MASVS: MSTG-STORAGE-3 i/r/a.java
i/r/b.java
i/t/l.java
i/t/q.java
i/x/f0.java
i/x/h.java
i/x/p0.java
k/a/a/y/c.java
k/b/a.java
k/b/e/a.java
k/b/g/g.java
k/d/a/m/d.java
k/d/a/m/e.java
k/d/a/o/m/b.java
k/d/a/o/m/j.java
k/d/a/o/m/l.java
k/d/a/o/m/o/e.java
k/d/a/o/n/a0/i.java
k/d/a/o/n/b0/a.java
k/d/a/o/n/b0/b.java
k/d/a/o/n/b0/b.java
NO ISSUE SEVERITY STANDARDS k/d/a/o/n/z/j.java
FILES
k/d/a/o/n/z/k.java
k/d/a/o/o/c.java
k/d/a/o/o/t.java
k/d/a/o/p/d/l.java
k/d/a/o/p/d/o.java
k/d/a/o/p/d/s.java
k/d/a/o/p/d/y.java
k/d/a/p/e.java
k/d/a/p/f.java
k/d/a/p/m.java
k/d/a/q/e.java
k/d/a/s/j/i.java
k/d/a/t/b.java
k/d/a/u/l/a.java
k/f/b/a/k/i.java
k/f/c/a/a/f/d.java
k/i/a/b.java
ma/gov/men/massar/ui/activities/Cho
oseLanguageActivity.java
net/sqlcipher/AbstractCursor.java
net/sqlcipher/database/SqliteWrapper.
java
q/a/a/a/f/l/m0.java
q/a/a/a/f/n/r1.java
q/a/a/a/i/c/j/d.java
q/a/a/a/j/t.java
q/a/a/a/j/x.java
App can read/write to External Storage. CWE: CWE-276: Incorrect Default Permissions
2 Any App can read data written to warning OWASP Top 10: M2: Insecure Data Storage i/i/f/a.java
External Storage. OWASP MASVS: MSTG-STORAGE-2
i/b/p/j/g.java
k/c/a/i/b/i.java
k/d/a/o/g.java
k/d/a/o/n/d.java
Files may contain hardcoded sensitive CWE: CWE-312: Cleartext Storage of Sensitive Information
k/d/a/o/n/p.java
3 information like usernames, passwords, warning OWASP Top 10: M9: Reverse Engineering
k/d/a/o/n/w.java
keys etc. OWASP MASVS: MSTG-STORAGE-14
ma/gov/men/massar/data/modelhelpe
rs/LoginInputData.java
q/a/a/a/f/m/l.java
q/a/a/a/f/m/r.java
CWE: CWE-330: Use of Insufficiently Random Values o/v/a.java

The App uses an insecure Random
4 warning OWASP Top 10: M5: Insufficient Cryptography o/v/b.java
Number Generator.
OWASP MASVS: MSTG-CRYPTO-6 o/v/d/a.java
App uses SQLite Database and execute

raw SQL query. Untrusted user input in
CWE: CWE-89: Improper Neutralization of Special Elements
raw SQL queries can cause SQL
5 warning used in an SQL Command ('SQL Injection') k/b/c/a/b.java
Injection. Also sensitive information
OWASP Top 10: M7: Client Code Quality
should be encrypted and written to the
database.
CWE: CWE-327: Use of a Broken or Risky Cryptographic

MD5 is a weak hash known to have hash Algorithm
6 warning q/a/a/a/j/r.java
collisions. OWASP Top 10: M5: Insufficient Cryptography
OWASP MASVS: MSTG-CRYPTO-4
This App uses SQL Cipher. SQLCipher

net/sqlcipher/database/SupportHelper.
7 provides 256-bit AES encryption to sqlite info
OWASP MASVS: MSTG-CRYPTO-1 java
database files.
App creates temp file. Sensitive CWE: CWE-276: Incorrect Default Permissions
i/r/b.java
8 information should never be written into warning OWASP Top 10: M2: Insecure Data Storage
i/t/q.java
a temp file. OWASP MASVS: MSTG-STORAGE-2
App can write to App Directory. Sensitive CWE: CWE-276: Incorrect Default Permissions k/l/a/e.java
9 info
Information should be encrypted. OWASP MASVS: MSTG-STORAGE-14 k/p/a/a.java
 SHARED LIBRARY BINARY ANALYSIS
STACK SYMBOLS
NO SHARED OBJECT NX RPATH RUNPATH FORTIFY
CANARY STRIPPED
STACK SYMBOLS
CANARY STRIPPED
True True None None False True

info info info info warning info
The shared This shared The The shared The shared object Symbols are
object has object has shared object does does not have any stripped.
NX bit set. a stack object not have fortified functions.
This marks canary does not RUNPATH Fortified functions
a memory value have set. provides buffer
page non- added to run-time overflow checks
executable the stack search against glibc's
making so that it path or commons insecure
attacker will be RPATH functions like strcpy,
injected overwritten set. gets etc. Use the
shellcode by a stack compiler option -
non- buffer that D_FORTIFY_SOURCE=2
1 lib/armeabi-v7a/libRSSupport.so
executable. overflows to fortify functions.
the return
address.
This allows
detection
of
overflows
by verifying
the
integrity of
the canary
before
function
return.
STACK SYMBOLS
CANARY STRIPPED

2 lib/armeabi-v7a/libsqlcipher.so
the return
address.
This allows
detection
of
overflows
by verifying
the
integrity of
the canary
before
function
return.
STACK SYMBOLS
CANARY STRIPPED
True True None None True True

info info info info info info
The shared This shared The The shared The shared object has Symbols are
object has object has shared object does the following fortified stripped.
NX bit set. a stack object not have functions:
This marks canary does not RUNPATH ['__vsnprintf_chk',
a memory value have set. '__memmove_chk']
page non- added to run-time
executable the stack search
making so that it path or
attacker will be RPATH
injected overwritten set.
shellcode by a stack
lib/armeabi- non- buffer that
3
v7a/libMicrosoft.CognitiveServices.Speech.extension.kws.so executable. overflows
the return
address.
This allows
detection
of
overflows
by verifying
the
integrity of
the canary
before
function
return.
STACK SYMBOLS
CANARY STRIPPED

This marks canary does not RUNPATH ['__vsnprintf_chk',
a memory value have set. '__memmove_chk']
page non- added to run-time
executable the stack search
making so that it path or
attacker will be RPATH
injected overwritten set.
shellcode by a stack
lib/armeabi- non- buffer that
4
v7a/libMicrosoft.CognitiveServices.Speech.extension.codec.so executable. overflows
the return
address.
This allows
detection
of
overflows
by verifying
the
integrity of
the canary
before
function
return.
STACK SYMBOLS
CANARY STRIPPED

lib/armeabi- non- buffer that D_FORTIFY_SOURCE=2
5
v7a/libMicrosoft.CognitiveServices.Speech.java.bindings.so executable. overflows to fortify functions.
the return
address.
This allows
detection
of
overflows
by verifying
the
integrity of
the canary
before
function
return.
STACK SYMBOLS
CANARY STRIPPED

6 lib/armeabi-v7a/librsjni_androidx.so
the return
address.
This allows
detection
of
overflows
by verifying
the
integrity of
the canary
before
function
return.
STACK SYMBOLS
CANARY STRIPPED

7 lib/armeabi-v7a/librsjni.so
the return
address.
This allows
detection
of
overflows
by verifying
the
integrity of
the canary
before
function
return.
STACK SYMBOLS
CANARY STRIPPED

This marks canary does not RUNPATH ['__memmove_chk',
a memory value have set. '__fgets_chk',
page non- added to run-time '__vsnprintf_chk',
executable the stack search '__memcpy_chk',
making so that it path or '__vsprintf_chk',
attacker will be RPATH '__strcpy_chk',
injected overwritten set. '__strlen_chk',
shellcode by a stack '__strchr_chk',
lib/armeabi- non- buffer that '__memset_chk',
8
v7a/libMicrosoft.CognitiveServices.Speech.core.so executable. overflows '__strcat_chk']
the return
address.
This allows
detection
of
overflows
by verifying
the
integrity of
the canary
before
function
return.
 NIAP ANALYSIS v1.3

NO IDENTIFIER REQUIREMENT FEATURE DESCRIPTION
Security Functional Random Bit

The application invoke platform-provided DRBG functionality for its cryptographic
1 FCS_RBG_EXT.1.1 Requirements Generation
operations.
Services
Security Functional Storage of

2 FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Requirements Credentials
Cryptographic
Security Functional
3 FCS_CKM_EXT.1.1 Key Generation The application implement asymmetric key generation.
Requirements
Services
Access to
Security Functional
4 FDP_DEC_EXT.1.1 Platform The application has access to ['network connectivity', 'microphone'].
Requirements
Resources
Access to
Security Functional
5 FDP_DEC_EXT.1.2 Platform The application has access to no sensitive information repositories.
Requirements
Resources
Security Functional Network

6 FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Requirements Communications
Encryption Of
Security Functional The application implement functionality to encrypt sensitive data in non-volatile
7 FDP_DAR_EXT.1.1 Sensitive
Requirements memory.
Application Data
Supported
Security Functional The application invoke the mechanisms recommended by the platform vendor for
8 FMT_MEC_EXT.1.1 Configuration
Requirements storing and setting configuration options.
Mechanism
Security Functional Protection of The application does encrypt some transmitted data with HTTPS/TLS/SSH between
9 FTP_DIT_EXT.1.1
Requirements Data in Transit itself and another trusted IT product.
The application perform all deterministic random bit generation (DRBG) services in
accordance with NIST Special Publication 800-90A using Hash_DRBG. The
Selection-Based Random Bit
deterministic RBG is seeded by an entropy source that accumulates entropy from a
10 FCS_RBG_EXT.2.1,FCS_RBG_EXT.2.2 Security Functional Generation from
platform-based DRBG and a software-based noise source, with a minimum of 256
Requirements Application
bits of entropy at least equal to the greatest security strength (according to NIST SP
800-57) of the keys and hashes that it will generate.
Selection-Based Cryptographic The application generate asymmetric cryptographic keys in accordance with a
11 FCS_CKM.1.1(1) Security Functional Asymmetric Key specified cryptographic key generation algorithm RSA schemes using cryptographic
Requirements Generation key sizes of 2048-bit or greater.
Selection-Based Cryptographic
The application perform cryptographic hashing services not in accordance with
12 FCS_COP.1.1(2) Security Functional Operation -
FCS_COP.1.1(2) and uses the cryptographic algorithm RC2/RC4/MD4/MD5.
Requirements Hashing
Selection-Based
13 FCS_HTTPS_EXT.1.1 Security Functional HTTPS Protocol The application implement the HTTPS protocol that complies with RFC 2818.
Requirements
Selection-Based
14 FCS_HTTPS_EXT.1.2 Security Functional HTTPS Protocol The application implement HTTPS using TLS.
Requirements
Selection-Based The application notify the user and not establish the connection or request
15 FCS_HTTPS_EXT.1.3 Security Functional HTTPS Protocol application authorization to establish the connection if the peer certificate is
Requirements deemed invalid.
Selection-Based The application invoked platform-provided functionality to validate certificates in

X.509 Certificate
16 FIA_X509_EXT.1.1 Security Functional accordance with the following rules: ['The certificate path must terminate with a
Validation
Requirements trusted CA certificate'].
Selection-Based
X.509 Certificate The application use X.509v3 certificates as defined by RFC 5280 to support
17 FIA_X509_EXT.2.1 Security Functional
Authentication authentication for HTTPS , TLS.
Requirements
Selection-Based Integrity for

The application shall be distributed using the format of the platform-supported
18 FPT_TUD_EXT.2.1 Security Functional Installation and
package manager.
Requirements Update
 DOMAIN MALWARE CHECK
DOMAIN STATUS GEOLOCATION
IP: 104.18.23.19
Country: United States of America
Region: California
www.w3.org ok City: San Francisco
Latitude: 37.775700
Longitude: -122.395203
View: Google Map
schemas.android.com ok No Geolocation information available.
IP: 140.82.121.3
Region: California
github.com ok City: San Francisco
Latitude: 37.775700
View: Google Map
IP: 52.85.49.117
Country: Finland
Region: Uusimaa
www.zetetic.net ok City: Helsinki
Latitude: 60.169521
Longitude: 24.935450
View: Google Map
IP: 196.200.143.196
Country: Morocco
Region: Rabat-Sale-Kenitra
massarservice.men.gov.ma ok City: Rabat
Latitude: 34.013248
View: Google Map
IP: 34.120.160.131
Region: Missouri
massar-enseignant.firebaseio.com ok City: Kansas City
Latitude: 39.099731
View: Google Map
IP: 196.200.143.116
Country: Morocco
www.men.gov.ma ok City: Rabat
Latitude: 34.013248
View: Google Map
IP: 196.200.143.157
Country: Morocco
prod.men.gov.ma ok City: Rabat
Latitude: 34.013248
View: Google Map
 FIREBASE DATABASES
FIREBASE URL DETAILS
info
https://massar-enseignant.firebaseio.com
App talks to a Firebase Database.
 TRACKERS
TRACKER CATEGORIES URL
Google CrashLytics Crash reporting https://reports.exodus-privacy.eu.org/trackers/27
Google Firebase Analytics Analytics https://reports.exodus-privacy.eu.org/trackers/49
 HARDCODED SECRETS
POSSIBLE SECRETS
"firebase_database_url" : "https://massar-enseignant.firebaseio.com"
"google_api_key" : "AIzaSyBlkWjLcysRIe3Pdl02Hmy9i_eUJCAZJwc"
"google_crash_reporting_api_key" : "AIzaSyBlkWjLcysRIe3Pdl02Hmy9i_eUJCAZJwc"
"library_android_database_sqlcipher_authorWebsite" : "https://www.zetetic.net/sqlcipher/"
"library_roundedimageview_authorWebsite" : "https://github.com/vinc3m1"
"session" : "Semestre"
"session" : "‫"اﻟﺪورة‬
 PLAYSTORE INFORMATION
Title: Massar Moutamadris
Score: 3.6666667 Installs: 500,000+ Price: 0 Android Version Support: Category: Education Play Store URL: ma.gov.men.massar.eleve
Developer Details: Ministère de l'Education Nationale du Maroc, Minist%C3%A8re+de+l'Education+Nationale+du+Maroc, None, https://www.men.gov.ma/, massar@men.gov.ma,
Release Date: None Privacy Policy: Privacy link
Description:
L’application lancée par le ministère de l'éducation nationale, permet aux élèves de faire un suivi en temps réel de leurs activités de classe, leur permet de consulter : les absences,
les devoirs, les dates des contrôles continus, les Notes, les résultats … et permet de consulter le parcours scolaire. L’application permet aussi de recevoir une notification en cas
d’absence, de Devoirs à rendre, d'une nouvelle note saisie ou de la programmation d'un contrôle continu. -Accès: Après téléchargement de l’application, il faudra utiliser le compte
codemassar@Taalim.ma et le mot de passe que vous utilisez pour accéder à l’espace « Moutamadris » afin de bénéficier des services de l’application. Si vous ne possédez pas le mot
de passe initial d’activation de votre compte taalim.ma, vous pouvez vous adresser à l’administration de votre établissement scolaire pour vous le fournir et vous connecter à ‫اﻟﺘﻔﻌﻴﻞ‬
‫ "اﻷوﻟﻲ ﻟﻠﺤﺴﺎب‬de l’espace « Moutamadris » à travers le lien : https://massarservice.men.gov.ma/moutamadris. Consulter Nos Guides et FAQ :
https://www.men.gov.ma/Fr/Pages/Apps-MMobile.aspx
Report Generated by - MobSF v3.6.3 Beta
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework
capable of performing static and dynamic analysis.
© 2023 Mobile Security Framework - MobSF | Ajin Abraham | OpenSecurity.

Index

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Index

Uploaded by

Copyright:

Available Formats

ANDROID STATIC ANALYSIS REPORT

 Massar Moutamadris (1.0.7)

File Name: 1.0.7_‫_ﻣﺴﺎرﻣﺘﻤﺪرس‬apkcombo.com.apk

Scan Date: March 27, 2023, 2:13 p.m.

App Security Score: 46/100 (MEDIUM RISK)

 HIGH  MEDIUM  INFO  SECURE  HOTSPOT

PERMISSION STATUS INFO DESCRIPTION

Allows an application to start itself as soon as the system has

android.permission.FOREGROUND_SERVICE normal Allows a regular application to use Service.startForeground.

view Wi-Fi Allows an application to view the information about the

Anti Debug Code Debug.isDebuggerConnected() check

Compiler r8 without marker (suspicious)

NO SCOPE SEVERITY DESCRIPTION

Signed Application info Application is signed with a code signing certificate

NO ISSUE SEVERITY DESCRIPTION

A Broadcast Receiver is found to be shared with other apps on the device

NO ISSUE SEVERITY STANDARDS FILES

CWE: CWE-330: Use of Insufficiently Random Values o/v/a.java

App uses SQLite Database and execute

CWE: CWE-327: Use of a Broken or Risky Cryptographic

This App uses SQL Cipher. SQLCipher

 SHARED LIBRARY BINARY ANALYSIS

True True None None False True

True True None None False True

True True None None True True

True True None None True True

True True None None False True

True True None None False True

True True None None False True

True True None None True True

 NIAP ANALYSIS v1.3

Security Functional Random Bit

Security Functional Storage of

Security Functional Network

Selection-Based The application invoked platform-provided functionality to validate certificates in

Selection-Based Integrity for

 DOMAIN MALWARE CHECK

DOMAIN STATUS GEOLOCATION

schemas.android.com ok No Geolocation information available.

FIREBASE URL DETAILS

TRACKER CATEGORIES URL

Google CrashLytics Crash reporting https://reports.exodus-privacy.eu.org/trackers/27

Google Firebase Analytics Analytics https://reports.exodus-privacy.eu.org/trackers/49

Release Date: None Privacy Policy: Privacy link

© 2023 Mobile Security Framework - MobSF | Ajin Abraham | OpenSecurity.

You might also like