Analysis Result

The # of rules for each confidence

100% 35
80% 8
60% 15
40% 82
20% 62
0% 2

Sample Information

File name
Ahmyth.apk
MD5
893e05aabd8754236ea70d3da8363d52
File size
0.26 Mb
Labels

Select lables to see max confidence in radare chart

The labels with 100% confidence crimes

Rule No. Crime Description Confidence

00019

Find a method from given class name, usually for reflection

100%

00058

Connect to the specific WIFI network

20%

00166

Get SMS message body and retrieve a string from it (possibly PIN / mTAN)

20%

00023

Start another application from current application

20%

00189

Get the content of a SMS message

100%

00131

Get location of the current GSM and put it into JSON

40%

00074

Get IMSI and the ISO country code

20%

00127

Monitor the broadcast action events (BOOT_COMPLETED, etc)

20%

00062

Query WiFi information and WiFi Mac Address

20%

00170

Get installed applications and put the list in shared preferences

20%

00035

Query the list of the installed packages

40%

00042

Query WiFi BSSID and scan results

20%

00107

Write the IMSI number into a file

20%

00015

Put buffer stream (data) to JSON object

80%

00150

Send IMSI over Internet

40%

00003

Put the compressed bitmap data into JSON object

80%

00146

Get the network operator name and IMSI

20%

00054

Install other APKs from file

20%

00111

Get the sender address of the SMS

20%

00185

Start capturing camera preview frames to the screen

100%

00097

Get the sender address of the SMS and put it into JSON

40%

00078

Get the network operator name

40%

00202

Make a phone call

20%

00081

Get declared method from given method name

40%

00039

Start a web server

20%

00193

Send a SMS message

100%

00038

Query the phone number

40%

00192

Get messages in the SMS inbox

100%

00080

Save recorded audio/video to a file

40%

00203

Put a phone number into an intent

40%

00096

Connect to a URL and set request method

60%

00079

Hide the current app's icon

40%

00184

Set camera preview texture

40%

00055

Query the SMS content and the source of the phone number

20%

00110

Query the ICCID number

20%

00002

Open the camera and take picture

100%

00147

Get the time of current location

40%

00014

Read file into a stream and put it into a JSON object

80%

00151

Send phone number over Internet

40%

00043

Calculate WiFi signal strength

20%

00106

Get the currently formatted WiFi IP address

20%

00171

Compare network operator with a string

40%

00034

Query the current data network type

40%

00126

Read sensitive data(SMS, CALLLOG, etc)

40%

00063

Implicit intent(view a web page, make a phone call, etc.)

40%

00130

Get the current WIFI information

40%

00075

Get location of the device

80%

00167

Use accessibility service to perform action getting root in active window

20%

00022

Open a file from given absolute path of the file

60%

00188

Get the address of a SMS message

100%

00059

Query the SIM card status

40%

00018

Get JSON object prepared and fill in location info

60%

00044

Query the last time this package's activity was used

20%

00101

Initialize recorder

40%

00013

Read file and put it into a stream

100%

00156

Acquire lock on Power Manager

20%

00005

Get absolute path of file and put it to JSON object

100%

00140

Write the phone number into a file

20%

00052

Deletes media specified by a content URI(SMS, CALL_LOG, File, etc.)

40%

00117

Get the IMSI and network operator name

20%

00183

Get current camera paremeters and change the setting.

20%

00029

Initialize class object dynamically

100%

00091

Retrieve data from broadcast

20%

00204

Get the default ringtone

20%

00087

Check the current network type

40%

00068

Executes the specified string Linux command

20%

00195

Set the output path of the recorded file

100%

00048

Query the SMS contents

20%

00009

Put data in cursor to JSON object

100%

00160

Use accessibility service to perform action getting node info by View Id

20%

00025

Monitor the general action to be performed

40%

00137

Get last known location of the device

40%

00072

Write HTTP input stream into a file

40%

00121

Create a directory

40%

00064

Monitor incoming call status

40%

00176

Send sms to a contact of contact list

40%

00199

Stop recording and release recording resources

80%

00033

Query the IMEI number

40%

00177

Check if permission is granted and request it

20%

00198

Initialize the recorder and start recording

100%

00032

Load external class

40%

00120

Append the sender's address to the string

40%

00065

Get the country code of the SIM card provider

40%

00136

Stop recording

40%

00073

Write the SIM card information into a file

20%

00161

Perfom accessibility service action on accessibility node info

20%

00024

Write file after Base64 decoding

20%

00008

Check if successfully sending out SMS

100%

00049

Query the phone number from SMS sender

20%

00194

Set the audio source (MIC) and recorded file format

100%

00086

Check if the device is in data roaming mode

40%

00069

Run shell script programmably

20%

00090

Set recroded audio/video file format

40%

00182

Open camera.

100%

00028

Read file from assets directory

40%

00053

Monitor data identified by a given content URI changes(SMS, MMS, etc.)

40%

00116

Get the current WiFi MAC address and put it into JSON

40%

00004

Get filename and put it to JSON object

100%

00141

Load class from given class name

40%

00012

Read data and put it into a buffer stream

100%

00157

Instantiate new object using reflection, possibly used for dexClassLoader

100%

00045

Query the name of currently running application

20%

00100

Check the network capabilities

40%

00197

Set the audio encoder and initialize the recorder

100%

00178

Execute Linux commands via ProcessBuilder

20%

00085

Get the ISO country code and put it into JSON

40%

00139

Get the current WiFi id

40%

00093

Get the content of SMS and forward it to others via SMS

40%

00181

Load native libraries(.so) via System.load (60% means caught)

20%

00115

Get last known location of the device

100%

00050

Query the SMS service centre timestamp

20%

00142

Get calendar information

40%

00007

Use absolute path of directory for the output media file path

100%

00154

Connect hostname to TCP or UDP socket using KryoNet

20%

00011

Query data from URI (SMS, CALLLOGS)

100%

00103

Check the active network type

40%

00046

Method reflection

60%

00031

Check the list of currently running applications

20%

00174

Get all accounts by type and put them in a JSON object

40%

00066

Query the ICCID number

40%

00123

Save the response to JSON after connecting to the remote server

40%

00089

Connect to a URL and receive input stream from the server

60%

00070

Get sender's address and send SMS

40%

00135

Get the current WiFi id and put it into JSON.

40%

00027

Get specific method from other Dex files

40%

00162

Create InetSocketAddress object and connecting to it

20%

00119

Write the IMEI number into a file

20%

00158

Connect to a URL and send sensitive data got from resolver

60%

00159

Use accessibility service to perform action getting node info by text

20%

00118

Check if the content of SMS contains given string

40%

00026

Method reflection

100%

00163

Create new Socket and connecting to it

20%

00071

Write the ISO country code of the current network operator into a file

20%

00134

Get the current WiFi IP address

40%

00067

Query the IMSI number

40%

00122

Check if the sender address of SMS contains the given string

40%

00088

Create a secure socket connection to the given host address

60%

00030

Connect to the remote server through the given URL

40%

00175

Get notification manager and cancel notifications

40%

00102

Set the phone speaker on

40%

00047

Query the local IP address

40%

00155

Execute commands on shell using DataOutputStream object

20%

00010

Read sensitive data(SMS, CALLLOG) and put it into JSON object

100%

00143

Get external class from given path or file name

40%

00006

Scheduling recording task

80%

00114

Create a secure socket connection to the proxy address

60%

00051

Implicit intent(view a web page, make a phone call, etc.) via setData

40%

00180

Load native libraries(.so) via System.loadLibrary (60% means caught)

20%

00138

Set the audio source (MIC)

40%

00092

Send broadcast

20%

00084

Get the ISO country code and IMSI

20%

00196

Set the recorded file format and output path

100%

00179

Send Location via SMS

0%

00037

Send notification

20%

00172

Check Admin permissions to (probably) get them

0%

00060

Query the network operator name

40%

00125

Check if the given file path exist

40%

00076

Get the current WiFi information and put it into JSON

40%

00099

Get location of the current GSM and put it into JSON

40%

00133

Start recording

40%

00021

Load additional DEX files dynamically

40%

00164

Get SMS address and send it through http

40%

00148

Create a socket connection to the given host address

60%

00109

Connect to a URL and get the response code

60%

00191

Get messages in the SMS inbox

100%

00083

Query the IMEI number

20%

00129

Get the content of SMS

20%

00200

Query data from the contact list

100%

00095

Write the ICCID of device into a file

20%

00187

Query a URI and check the result

100%

00168

Use accessibility service to perform global action getting node info by text

20%

00113

Get location and put it into JSON

60%

00056

Modify voice volume

20%

00144

Write SIM card serial number into a file

20%

00001

Initialize bitmap object and compress data (e.g. JPEG) into bitmap object

100%

00152

Get data from HTTP and send SMS

60%

00017

Get Location of the device and append this info to a string

100%

00105

Append the sender's address to the string

40%

00040

Send SMS

20%

00104

Check if the given path is directory

40%

00041

Save recorded audio/video to file

40%

00153

Send binary data over HTTP

40%

00016

Get location info of the device and put it to JSON object

60%

00145

Create a socket connection to the proxy address

60%

00112

Get the date of the calendar event

40%

00057

Return the DHCP-assigned addresses from the last successful DHCP request

40%

00186

Control camera to take picture

100%

00169

Use accessibility service to perform global action getting node info by View Id

20%

00094

Connect to a URL and read data from it

60%

00201

Query data from the call log

100%

00082

Get the current WiFi MAC address

40%

00128

Query user account information

20%

00190

Query a URI and append the result into a string

80%

00108

Read the input stream from given URL

100%

00149

Unpack an asset, possibly decrypt it and load it as DEX

20%

00020

Get absolute path of the file and store in string

80%

00165

Get SMS message body and send it through http

40%

00077

Read sensitive data(SMS, CALLLOG, etc)

100%

00098

Check if the network is connected

40%

00132

Query The ISO country code

40%

00061

Return dynamic information about the current Wi-Fi connection

40%

00124

Check the current active network type

40%

00036

Get resource file from res/raw directory

40%

00173

Get bounds in screen of an AccessibilityNodeInfo and perform action

20%