Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
26 views15 pages

Union Bank Static Analysis

The static analysis report for the UNION BANK app indicates a low risk with an app security score of 67/100. It highlights three medium severity findings and one informational finding, including the use of an insecure random number generator and logging of sensitive information. The report also notes issues with extracting the AndroidManifest.xml and the presence of potentially abused permissions.

Uploaded by

ashwanis10112000
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
26 views15 pages

Union Bank Static Analysis

The static analysis report for the UNION BANK app indicates a low risk with an app security score of 67/100. It highlights three medium severity findings and one informational finding, including the use of an insecure random number generator and logging of sensitive information. The report also notes issues with extracting the AndroidManifest.xml and the presence of potentially abused permissions.

Uploaded by

ashwanis10112000
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 15

ANDROID STATIC ANALYSIS REPORT

 UNION BANK (Failed)


File Name: UNIONBANK.apk

Package Name: Failed

Scan Date: June 10, 2025, 6:47 a.m.

App Security Score: 67/100 (LOW RISK)

Grade:
A
 FINDINGS SEVERITY

 HIGH  MEDIUM  INFO  SECURE  HOTSPOT

0 3 1 1 1

 FILE INFORMATION
File Name: UNIONBANK.apk
Size: 12.74MB
MD5: b6208b0d14da5e88f984fc2216f29d2a
SHA1: 346c62986ddbd0e55d385f40089e94c5d6587ef9
SHA256: 1db95c374e60915263fc8031dcf9339c3392c16a0ea0b699353e52d3bc313105

 APP INFORMATION
App Name: UNION BANK
Package Name: Failed
Main Activity: com.kingmaster566e.sunter23.PSiqy5ZZ7RS04Fk8s1
Target SDK:
Min SDK:
Max SDK:
Android Version Name: Failed
Android Version Code: Failed
 APP COMPONENTS
Activities: 0
Services: 0
Receivers: 0
Providers: 0
Exported Activities: 0
Exported Services: 0
Exported Receivers: 0
Exported Providers: 0

 CERTIFICATE INFORMATION
Binary is signed
v1 signature: False
v2 signature: True
v3 signature: True
v4 signature: False
X.509 Subject: C= , ST= , L= , O=np, OU=np, CN=np
Signature Algorithm: rsassa_pkcs1v15
Valid From: 2021-04-25 09:03:56+00:00
Valid To: 3020-08-26 09:03:56+00:00
Issuer: C= , ST= , L= , O=np, OU=np, CN=np
Serial Number: 0x45ff9a3
Hash Algorithm: sha512
md5: 68170b6b26e52338bc07ae665303cc36
sha1: 26b02d233509f4aecf56980032343456ceab722a
sha256: 492682f877607ee99df2ddd2bd5953fd727bdf6e19d397de9dbbafd582bcad75
sha512: 763b51023083622bb9f06465082814259210ea0b60d32b81d46f324fce73d0a9cd7397dc4392aa27933d74b4ac2a8ee5c3b51dc0877f30386321209eeeed355a
PublicKey Algorithm: rsa
Bit Size: 2048
Fingerprint: cd58737fe1197c47782434eb7f19c6746d03fc4622e5d358dcf20f512bbcd4a9
Found 1 unique certificates
 APPLICATION PERMISSIONS

PERMISSION STATUS INFO DESCRIPTION

view network Allows an application to view the status


android.permission.ACCESS_NETWORK_STATE normal
status of all networks.

Allows an
Malicious applications can use this to
application to
android.permission.REQUEST_INSTALL_PACKAGES dangerous try and trick users into installing
request installing
additional malicious packages.
packages.

enables querying Allows query of any normal app on the


android.permission.QUERY_ALL_PACKAGES normal any normal app on device, regardless of manifest
the device. declarations.

Unknown Unknown permission from android


com.kingmaster566e.sunter23.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION unknown
permission reference

 APKID ANALYSIS

FILE DETAILS

FINDINGS DETAILS
classes.dex

Compiler dexlib 2.x


FILE DETAILS

FINDINGS DETAILS

classes2.dex Compiler dexlib 2.x

FINDINGS DETAILS
classes3.dex

Compiler dexlib 2.x

FINDINGS DETAILS
classes4.dex

Compiler dexlib 2.x

FINDINGS DETAILS
classes5.dex

Compiler dexlib 2.x

FINDINGS DETAILS

classes6.dex Anti-VM Code Build.MANUFACTURER check

Compiler dexlib 2.x


FILE DETAILS

FINDINGS DETAILS
classes7.dex

Compiler dexlib 2.x

FINDINGS DETAILS
classes8.dex
Compiler dexlib 2.x

FINDINGS DETAILS

classes9.dex Anti Debug Code Debug.isDebuggerConnected() check

Compiler dexlib 2.x

FINDINGS DETAILS
classes10.dex

Compiler dexlib 2.x

 NETWORK SECURITY
NO SCOPE SEVERITY DESCRIPTION

 CERTIFICATE ANALYSIS
HIGH: 0 | WARNING: 0 | INFO: 1

TITLE SEVERITY DESCRIPTION

Signed Application info Application is signed with a code signing certificate

 MANIFEST ANALYSIS
HIGH: 0 | WARNING: 0 | INFO: 0 | SUPPRESSED: 0

NO ISSUE SEVERITY DESCRIPTION

 CODE ANALYSIS
HIGH: 0 | WARNING: 2 | INFO: 1 | SECURE: 0 | SUPPRESSED: 0

NO ISSUE SEVERITY STANDARDS FILES


NO ISSUE SEVERITY STANDARDS FILES

defpackage/Bs.java
defpackage/C0747lc.java
defpackage/Cs.java
CWE: CWE-330: Use of Insufficiently Random Values defpackage/Ds.java
The App uses an insecure Random
1 warning OWASP Top 10: M5: Insufficient Cryptography defpackage/Sh.java
Number Generator.
OWASP MASVS: MSTG-CRYPTO-6 defpackage/U4.java
defpackage/Vt.java
defpackage/Z4.java
defpackage/r.java

App creates temp file. Sensitive CWE: CWE-276: Incorrect Default Permissions
defpackage/C0077Bc.java
2 information should never be written warning OWASP Top 10: M2: Insecure Data Storage
defpackage/C1246ws.java
into a temp file. OWASP MASVS: MSTG-STORAGE-2

The App logs information. Sensitive CWE: CWE-532: Insertion of Sensitive Information into Log File defpackage/A0.java
3 info
information should never be logged. OWASP MASVS: MSTG-STORAGE-3 defpackage/L6.java

 NIAP ANALYSIS v1.3

NO IDENTIFIER REQUIREMENT FEATURE DESCRIPTION

 BEHAVIOUR ANALYSIS

RULE ID BEHAVIOUR LABEL FILES

defpackage/C0077Bc.java
00013 Read file and put it into a stream file
defpackage/C1362zc.java
RULE ID BEHAVIOUR LABEL FILES

Open a file from given absolute path


00022 file com/kingmaster566e/sunter23/PSiqy5ZZ7RS04Fk8s1.java
of the file

 ABUSED PERMISSIONS

TYPE MATCHES PERMISSIONS

Malware Permissions 2/25 android.permission.ACCESS_NETWORK_STATE, android.permission.REQUEST_INSTALL_PACKAGES

Other Common Permissions 0/44

Malware Permissions:
Top permissions that are widely abused by known malware.
Other Common Permissions:
Permissions that are commonly abused by known malware.

 HARDCODED SECRETS

POSSIBLE SECRETS

wjEyL8w2MnPKMSI4zSt4PMArPzLNcQYc4BQXGuYAFxnnGhI=

XyME11QkXItaKE7XVC9Oi0M2RdZeIgTMVTVexFcqT9c=

ZvsX1WT8B9V39QepEu4lnkPXKp0=
POSSIBLE SECRETS

zDlw65cvZLeBI2e3hStg9JArb/3MOXw=

dD56gy8obt83JGHfNyRhkwQgYpw3ImCvPyhhhTwScpU2OC2DNA==

vQ8c3b0DVtrhOVfJuQ9A9q4EU9yqGA==

 SCAN LOGS

Timestamp Event Error

2025-06-10
Generating Hashes OK
06:47:37

2025-06-10
Extracting APK OK
06:47:37

2025-06-10
Unzipping OK
06:47:37

2025-06-10
Parsing APK with androguard OK
06:47:38

2025-06-10 AttributeError("'NoneType' object has no attribute


Failed to parse AndroidManifest.xml with androguard
06:47:38 'get_xml'")
2025-06-10 OK
Extracting APK features using aapt/aapt2
06:47:38

2025-06-10
Getting Hardcoded Certificates/Keystores OK
06:47:38

2025-06-10 Failed to extract AndroidManifest.xml from APK with apktool and


apktool and androguard failed
06:47:39 androguard

2025-06-10
Extracting Manifest Data OK
06:47:39

2025-06-10
Manifest Analysis Started OK
06:47:39

2025-06-10
Performing Static Analysis on: UNION BANK (Failed) OK
06:47:39

2025-06-10
Fetching Details from Play Store: Failed OK
06:47:39

2025-06-10
Checking for Malware Permissions OK
06:47:39

2025-06-10
Fetching icon path OK
06:47:40

2025-06-10
Library Binary Analysis Started OK
06:47:40
2025-06-10
Reading Code Signing Certificate OK
06:47:40

2025-06-10
Running APKiD 2.1.5 OK
06:47:40

2025-06-10
Updating Trackers Database.... OK
06:47:44

2025-06-10
Detecting Trackers OK
06:47:44

2025-06-10
Decompiling APK to Java with JADX OK
06:47:50

2025-06-10
Converting DEX to Smali OK
06:48:27

2025-06-10
Code Analysis Started on - java_source OK
06:48:28

2025-06-10
Android SBOM Analysis Completed OK
06:48:31

2025-06-10
Android SAST Completed OK
06:48:50

2025-06-10
Android API Analysis Started OK
06:48:50

2025-06-10
Android API Analysis Completed OK
06:48:56
2025-06-10
Android Permission Mapping Started OK
06:48:57

2025-06-10
Android Permission Mapping Completed OK
06:49:01

2025-06-10
Android Behaviour Analysis Started OK
06:49:02

2025-06-10
Android Behaviour Analysis Completed OK
06:49:09

2025-06-10
Extracting Emails and URLs from Source Code OK
06:49:09

2025-06-10
Email and URL Extraction Completed OK
06:49:13

2025-06-10
Extracting String data from APK OK
06:49:13

2025-06-10
Extracting String data from Code OK
06:49:13

2025-06-10
Extracting String values and entropies from Code OK
06:49:13

2025-06-10
Performing Malware check on extracted domains OK
06:49:16

2025-06-10
Saving to Database OK
06:49:16
2025-06-10 Failed to extract AndroidManifest.xml from APK with apktool and
apktool and androguard failed
06:53:58 androguard

Report Generated by - MobSF v4.3.3


Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment
framework capable of performing static and dynamic analysis.

© 2025 Mobile Security Framework - MobSF | Ajin Abraham | OpenSecurity.

You might also like