IOS STATIC ANALYSIS REPORT

 Banco Antigua (1.0.0)

File Name: banco_antigua.ipa

Identifier: universales.bancoAntigua

Scan Date: May 15, 2023, 4:03 p.m.

App Security Score: 44/100 (MEDIUM RISK)

Grade:
B
 FINDINGS SEVERITY

 HIGH  MEDIUM  INFO  SECURE  HOTSPOT

2 2 0 1 0

 FILE INFORMATION
File Name: banco_antigua.ipa
Size: 15.64MB
MD5: 024f89ba2c9b826be585a40b95e475a1
SHA1: 792a6081e396948ab91d302632ae8d7607e0a53e
SHA256: fde454e9bbcf4e27db300f24c629358e7a41e9f8d4bc54e2c61267cc3720817b

 APP INFORMATION
App Name: Banco Antigua
App Type: Swift
Identifier: universales.bancoAntigua
SDK Name: iphoneos16.4
Version: 1.0.0
Build: 1
Platform Version: 16.4
Min OS Version: 11.0
Supported Platforms: iPhoneOS,
 BINARY INFORMATION
Arch: ARM64
Sub Arch: CPU_SUBTYPE_ARM64_ALL
Bit: 64-bit
Endian: <

 APP TRANSPORT SECURITY (ATS)

NO ISSUE SEVERITY DESCRIPTION

 IPA BINARY CODE ANALYSIS

HIGH: 2 | WARNING: 0 | INFO: 0 | SECURE: 0 | SUPPRESSED: 0

NO ISSUE SEVERITY STANDARDS DESCRIPTION

CWE: CWE-676: Use of Potentially Dangerous

Binary makes use of insecure Function The binary may contain the following insecure API(s)
1 high
API(s) OWASP Top 10: M7: Client Code Quality _strlen
OWASP MASVS: MSTG-CODE-8

CWE: CWE-789: Uncontrolled Memory

Binary makes use of malloc Allocation The binary may use _malloc function instead of
2 high
function OWASP Top 10: M7: Client Code Quality calloc
OWASP MASVS: MSTG-CODE-8
 IPA BINARY ANALYSIS

PROTECTION STATUS SEVERITY DESCRIPTION

The binary has NX bit set. This marks a memory page non-executable making attacker injected shellcode non-
NX True info
executable.

The binary is build with -fPIC flag which enables Position independent code. This makes Return Oriented
PIE True info
Programming (ROP) attacks much more difficult to execute reliably.

STACK CANARY False warning This binary has symbols stripped. We cannot identify whether stack canary is enabled or not.

The binary is compiled with Automatic Reference Counting (ARC) flag. ARC is a compiler feature that provides
ARC True info automatic memory management of Objective-C objects and is an exploit mitigation mechanism against memory
corruption vulnerabilities.

The binary has Runpath Search Path (@rpath) set. In certain cases an attacker can abuse this feature to run
RPATH True warning arbitrary executable for code execution and privilege escalation. Remove the compiler option -rpath to remove
@rpath.

CODE
True info This binary has a code signature.
SIGNATURE

ENCRYPTED False warning This binary is not encrypted.

SYMBOLS
True info Symbols are stripped
STRIPPED

 CODE ANALYSIS
NO ISSUE SEVERITY STANDARDS FILES

 DOMAIN MALWARE CHECK

DOMAIN STATUS GEOLOCATION

IP: 17.253.39.202
Country: Sweden
Region: Stockholms lan
certs.apple.com ok City: Stockholm
Latitude: 59.332581
Longitude: 18.064899
View: Google Map

IP: 17.253.39.205
Country: Sweden
Region: Stockholms lan
ocsp.apple.com ok City: Stockholm
Latitude: 59.332581
Longitude: 18.064899
View: Google Map

IP: 17.253.39.202
Country: Sweden
Region: Stockholms lan
crl.apple.com ok City: Stockholm
Latitude: 59.332581
Longitude: 18.064899
View: Google Map
 DOMAIN STATUS GEOLOCATION

IP: 184.51.229.152
Country: Finland
Region: Uusimaa
www.apple.com ok City: Helsinki
Latitude: 60.169521
Longitude: 24.935450
View: Google Map

Report Generated by - MobSF v3.6.6 Beta

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment
framework capable of performing static and dynamic analysis.

© 2023 Mobile Security Framework - MobSF | Ajin Abraham | OpenSecurity.