Descripcion del analisis de datos de la aplicacion spotify lite Spotify Lite v1.9.0.42932.pdf

ssuser63dc8e 17 views 14 slides Jul 24, 2024
Slide 1
Slide 1 of 14
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14

About This Presentation

Descripcion del analisis de datos de la aplicacion spotify lite

Size: 107.04 KB
Language: en
Added: Jul 24, 2024
Slides: 14 pages

Slide Content

ANDROID STATIC ANALYSIS REPORT

<>

<>
Spotify Lite
<>
(Failed)
<>

File Name: Spotify Lite v1.9.0.42932 ARM64 @proandroid2.apk
Package Name: Failed
Scan Date: Aug. 31, 2023, 4:06 p.m.
App Security Score: 50/100 (MEDIUM RISK)
Grade:
B
Trackers Detection: 2/428

 FINDINGS SEVERITY
 HIGH
<>
 MEDIUM
<>
 INFO
<>
 SECURE
<>

<>
HOTSPOT
<>
0 2 0 0 0
 FILE INFORMATION
File Name:
<>
Spotify Lite v1.9.0.42932 ARM64 @proandroid2.apk
Size:
<>
15.25MB
MD5:
<>
2b87e802987a7217f717f69f8ebe581e
SHA1:
<>
af148b269dbd6e0e0d99c94c9893366bb288cd90
SHA256:
<>
504ea187d0fbe89a8ce9eabfc2dda90748824502eac340ff7053973b3bc054c5
 APP INFORMATION
App Name:
<>
Spotify Lite
Package Name:
<>
Failed
Main Activity:
<>

Target SDK:
<>

Min SDK:
<>

Max SDK:
<>

Android Version Name:
<>
Failed

Android Version Code:
<>
Failed
 APP COMPONENTS
Activities:
<>
0
Services:
<>
0
Receivers:
<>
0
Providers:
<>
0
Exported Activities:
<>
0
Exported Services:
<>
0
Exported Receivers:
<>
0
Exported Providers:
<>
0
 CERTIFICATE INFORMATION
Binary is signed
v1 signature: True
v2 signature: True
v3 signature: True
v4 signature: Unknown
X.509 Subject: CN=rockz5555 OU=Droid Freedom Unit O=Droid Freedom Inc L=Unknown S=Unknown C=LK
Signature Algorithm: rsassa_pkcs1v15
Valid From: 2014-12-05 00:45:57+00:00
Valid To: 2044-11-27 00:45:57+00:00
Issuer: CN=rockz5555 OU=Droid Freedom Unit O=Droid Freedom Inc L=Unknown S=Unknown C=LK
Serial Number: 0x638fbad3
Hash Algorithm: sha256
md5: a8378db5c589a9a7eaac97e2279e8a8a
sha1: 60c2ca515229da14caa5527a7b8aa86de3bee73c
sha256: 0cfb4663831a0fb8d6973aad44e221a8ba78f7f684bd0b17d3b44bec82316484
sha512: d90f364e20288ebaee378ab9e93b706fda51400919ef74c0121dabd226adc0a1bb936a5bf7f69107573d5c929284ce43c9cfad164ddc764ee0c5bec54e968aaf
PublicKey Algorithm: rsa
Bit Size: 2048
Fingerprint: 975763933fe990774dcb941d427f6fb88741dab692dfdf3a029534a4af3927ad
Found 1 unique certificates

 APKID ANALYSIS
FILE
<>
DETAILS
<>
classes.dex
FINDINGS
<>
DETAILS
<>
Anti-VM Code
Build.FINGERPRINT check
Build.MODEL check
Build.MANUFACTURER check
Build.PRODUCT check
Build.TAGS check
network operator name check
Anti Debug Code Debug.isDebuggerConnected() check
Compiler dexlib 2.x
 NETWORK SECURITY
NO
<>
SCOPE
<>
SEVERITY
<>
DESCRIPTION
<>
 CERTIFICATE ANALYSIS
HIGH: 0
<>
| WARNING: 0
<>
| INFO: 1
<>

TITLE
<>
SEVERITY
<>
DESCRIPTION
<>
Signed Application info Application is signed with a code signing certificate
 MANIFEST ANALYSIS
HIGH: 0
<>
| WARNING: 0
<>
| INFO: 0
<>
| SUPPRESSED: 0
<>

NO
<>
ISSUE
<>
SEVERITY
<>
DESCRIPTION
<>
 CODE ANALYSIS
NO
<>
ISSUE
<>
SEVERITY
<>
STANDARDS
<>
FILES
<>
 SHARED LIBRARY BINARY ANALYSIS
NO
<>
SHARED OBJECT
<>
NX
<>
STACK CANARY
<>
RPATH
<>
RUNPATH
<>
FORTIFY
<>
SYMBOLS
<>
STRIPPED
<>

1
lib/arm64-
v8a/libcrashlytics.so
True
info
The binary
has NX bit
set. This
marks a
memory
page non-
executable
making
attacker
injected
shellcode
non-
executable.
True
info
This binary has a stack
canary value added to
the stack so that it will
be overwritten by a
stack buffer that
overflows the return
address. This allows
detection of overflows
by verifying the integrity
of the canary before
function return.
None
info
The
binary
does not
have
run-time
search
path or
RPATH
set.
None
info
The binary
does not
have
RUNPATH
set.
False
warning
The binary does not have
any fortified functions.
Fortified functions
provides buffer overflow
checks against glibc's
commons insecure
functions like strcpy, gets
etc. Use the compiler
option -
D_FORTIFY_SOURCE=2 to
fortify functions. This
check is not applicable for
Dart/Flutter libraries.
True
info
Symbols are
stripped.
NO
<>
SHARED OBJECT
<>
NX
<>
STACK CANARY
<>
RPATH
<>
RUNPATH
<>
FORTIFY
<>
SYMBOLS
<>
STRIPPED
<>
 NIAP ANALYSIS v1.3
NO
<>
IDENTIFIER
<>
REQUIREMENT
<>
FEATURE
<>
DESCRIPTION
<>
 OFAC SANCTIONED COUNTRIES
This app may communicate with the following OFAC sanctioned list of countries.
DOMAIN
<>
COUNTRY/REGION
<>

 DOMAIN MALWARE CHECK
DOMAIN
<>
STATUS
<>
GEOLOCATION
<>
www.spotify.com ok
IP:
<>
35.186.224.25
Country:
<>
United States of America
Region:
<>
Missouri
City:
<>
Kansas City
Latitude:
<>
39.099731
Longitude:
<>
-94.578568
View:
<>
Google Map
spotify-lite.firebaseio.com ok
IP:
<>
34.120.160.131
Country:
<>
United States of America
Region:
<>
Missouri
City:
<>
Kansas City
Latitude:
<>
39.099731
Longitude:
<>
-94.578568
View:
<>
Google Map
 FIREBASE DATABASES
FIREBASE URL
<>
DETAILS
<>
https://spotify-lite.firebaseio.com
info
App talks to a Firebase Database.
 TRACKERS

TRACKER
<>
CATEGORIES
<>
URL
<>
Facebook Login Identification https://reports.exodus-privacy.eu.org/trackers/67
Google CrashLytics Crash reporting https://reports.exodus-privacy.eu.org/trackers/27
 HARDCODED SECRETS
POSSIBLE SECRETS
<>
"settings_private_subtitle" : ""
"facebook_client_token" : "892e40f54a536e2df0041ee946fc5c7d"
"settings_private_subtitle" : " "
"settings_private" : "Yksityisyysasetukset"
"settings_private_switch_description" : ""
"rounded_auth_button_icon_content_description" : "Todennustapakuvake"
"settings_private" : ""
"settings_account_username" : "Benutzername"
"playlist_ownership_by_user" : " "
"settings_account_username" : " "

"settings_private" : "Privacyinstellingen"
"settings_account_username" : " "
"playlist_ownership_by_user" : "ngawe"
"settings_account_username" : " "
"settings_private" : " "
"playlist_ownership_by_user" : "wako"
"settings_account_username" : "Lietotājvārds"
"playlist_ownership_by_user" : ""
"settings_private_switch_description" : " "
"playlist_ownership_by_user" : ""
"settings_account_username" : "Brukernavn"
"google_crash_reporting_api_key" : "AIzaSyBXtR3HUTrStkgghowegIDK20KgFLyGgnc"
"settings_private" : "Persónuverndarstillingar"
"settings_account_username" : ""
"playlist_ownership_by_user" : ""
POSSIBLE SECRETS
<>

"settings_private_switch_title" : ""
"settings_private_switch_title" : "Privésessie"
"settings_private_subtitle" : ""
"settings_private" : "Privatlivsindstillinger"
"rounded_auth_button_icon_content_description" : ""
"rounded_auth_button_icon_content_description" : ""
"settings_private" : "Privaatheidinstellings"
"playlist_ownership_by_user" : ""
"settings_account_username" : ""
"settings_private_switch_title" : " "
"settings_private_switch_title" : ""
"settings_private" : ""
"settings_private_subtitle" : ""
"settings_account_username" : "Username"
"settings_account_username" : "Käyttäjätunnus"
POSSIBLE SECRETS
<>

"settings_account_username" : "Gebruikersnaam"
"settings_private_switch_description" : ""
"playlist_ownership_by_user" : "tərəfindən"
"settings_private" : "Privaatsussätted"
"settings_private" : "Datenschutz-Einstellungen"
"settings_private_switch_title" : ""
"settings_private" : "Integritetsinställningar"
"firebase_database_url" : "https://spotify-lite.firebaseio.com"
"rounded_auth_button_icon_content_description" : " "
"playlist_ownership_by_user" : "sinult"
"playlist_ownership_by_user" : " "
"rounded_auth_button_icon_content_description" : "Stawingsmetode-ikoon"
"com_facebook_device_auth_instructions" : "<b>facebook.com/device</b>"
"playlist_ownership_by_user" : "vi"
"playlist_ownership_by_user" : " "
POSSIBLE SECRETS
<>

"playlist_ownership_by_user" : "tuya"
"settings_account_username" : "Kasutajanimi"
"settings_private_switch_description" : ""
"playlist_ownership_by_user" : " "
"playlist_ownership_by_user" : "moje"
"playlist_ownership_by_user" : " "
"settings_private" : "Personverninnstillinger"
"settings_account_username" : " "
"settings_account_username" : "Notandanafn"
"settings_account_username" : "Brugernavn"
"settings_account_username" : "Felhasználónév"
"settings_account_username" : ""
"settings_account_username" : " "
"settings_account_username" : " "
"google_api_key" : "AIzaSyBXtR3HUTrStkgghowegIDK20KgFLyGgnc"
POSSIBLE SECRETS
<>

"settings_account_username" : "Användarnamn"
"settings_private" : ""
"settings_account_username" : "Utilisateur"
"settings_account_username" : " "
"rounded_auth_button_icon_content_description" : ""
"playlist_ownership_by_user" : " "
POSSIBLE SECRETS
<>
Report Generated by - MobSF v3.7.7 Beta
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment
framework capable of performing static and dynamic analysis.
© 2023 Mobile Security Framework - MobSF | Ajin Abraham | OpenSecurity.
Tags
Categories
General
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 17
  • Slides 14
  • Age 498 days
Related Slideshows
Pray For The Peace Of Jerusalem and You Will Prosper 22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
32 views
Don_t_Waste_Your_Life_God.....powerpoint 26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
35 views
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf 31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
32 views
Fertility awareness methods for women in the society 14
Fertility awareness methods for women in the society
Isaiah47
30 views
Chapter 5 Arithmetic Functions Computer Organisation and Architecture 35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
29 views
syakira bhasa inggris (1) (1).pptx....... 5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
30 views
View More in This Category