Androlyzer

Know more about your apps

App description

Facebook

com.facebook.katana
Rating:
(4.0)
Downloads: 1,000,000,000 - 5,000,000,000
Version: 106.0.0.26.68 (45904170)
by Facebook

Keeping up with friends is faster and easier than ever. Share updates and photos, engage with friends and Pages, and stay connected to communities important to you. Features on the Facebook app include:* Connect with friends and family and meet new people on your social media network* Set status updates & use Facebook emoji to help relay what’s going on in your world* Share photos, videos, and your favorite memories.* Get notifications when friends like and comment on your posts* Find local social events, and make plans to meet up with friends* Play games with any of your Facebook friends* Backup photos by saving them in albums* Follow your favorite artists, websites, and companies to get their latest news* Look up local businesses to see reviews, operation hours, and pictures* Buy and sell items and services* Watch live videos on the goThe Facebook app does more than help you stay connected with your friends and interests. It's also your personal organizer for storing, saving and sharing photos. It's easy to share photos straight from your Android camera, and you have full control over your photos and privacy settings. You can choose when to keep individual photos private or even set up a secret photo album to control who sees it.Facebook also helps you keep up with the latest news and current events around the world. Subscribe to your favorite celebrities, brands, news sources, artists, or sports teams to follow their newsfeeds, watch live streaming videos and be caught up on the latest happenings no matter where you are!The most important desktop features of Facebook are also available on the app, such as writing on timelines, liking photos, browsing for people, and editing your profile and groups. Now you can get early access to the next version of Facebook for Android by becoming a beta tester. Learn how to sign up, give feedback and leave the program in our Help Center: http://on.fb.me/133NwuP Sign up directly here: http://play.google.com/apps/testing/com.facebook.katanaProblems downloading or installing the app? See http://bit.ly/GPDownload1Still need help? Please tell us more about the issue. http://bit.ly/invalidpackageFacebook is only available for users age 13 and over.Terms of Service: http://m.facebook.com/terms.php.

Analysis results

Malicious code

  • Sideload APK

Privacy leaks

  • Bluetooth MAC address to HTTP Header
  • Bluetooth MAC address to HTTP upload
  • Bluetooth MAC address to Network
  • Bluetooth MAC address to Outgoing SMS
  • Bluetooth MAC address to Socket
  • Calendar to HTTP Header
  • Calendar to HTTP upload
  • Calendar to Network
  • Calendar to Outgoing SMS
  • Calendar to Socket
  • Call logs to HTTP Header
  • Call logs to HTTP upload
  • Call logs to Network
  • Call logs to Outgoing SMS
  • Call logs to Socket
  • Call number
  • Camera hardware to HTTP Header
  • Camera hardware to HTTP upload
  • Camera hardware to Network
  • Camera hardware to Outgoing SMS
  • Camera hardware to Socket
  • Contacts to HTTP Header
  • Contacts to HTTP upload
  • Contacts to Network
  • Contacts to Outgoing SMS
  • Contacts to Socket
  • Current Wifi info to HTTP Header
  • Current Wifi info to HTTP upload
  • Current Wifi info to Network
  • Current Wifi info to Outgoing SMS
  • Current Wifi info to Socket
  • IMSI to HTTP Header
  • IMSI to HTTP upload
  • IMSI to Network
  • IMSI to Outgoing SMS
  • IMSI to Socket
  • Local images to HTTP Header
  • Local images to HTTP upload
  • Local images to Network
  • Local images to Outgoing SMS
  • Local images to Socket
  • Location to HTTP Header
  • Location to HTTP upload
  • Location to Network
  • Location to Outgoing SMS
  • Location to Socket
  • Photo to HTTP Header
  • Photo to HTTP upload
  • Photo to Network
  • Photo to Outgoing SMS
  • Photo to Socket
  • SIM ID to HTTP Header
  • SIM ID to HTTP upload
  • SIM ID to Network
  • SIM ID to Outgoing SMS
  • SIM ID to Socket
  • SMS to HTTP Header
  • SMS to HTTP upload
  • SMS to Network
  • SMS to Outgoing SMS
  • SMS to Socket
  • Telephone number to HTTP Header
  • Telephone number to HTTP upload
  • Telephone number to Network
  • Telephone number to Outgoing SMS
  • Telephone number to Socket
  • User Input to HTTP Header
  • User Input to HTTP upload
  • User Input to Network
  • User Input to Outgoing SMS
  • User Input to Socket
  • User profiles to HTTP Header
  • User profiles to HTTP upload
  • User profiles to Network
  • User profiles to Outgoing SMS
  • User profiles to Socket

Confidential sources

  • Bluetooth MAC address
  • Calendar
  • Call logs
  • Camera hardware
  • Contacts
  • Current Wifi info
  • IMEI
  • IMSI
  • Local images
  • Location
  • Photo
  • SIM ID
  • SMS
  • Screenshot
  • Telephone number
  • User Input
  • User profiles

Suspicious functions

  • Make Call
  • Obfuscation
  • Record audio
  • Start Media Recorder

Permissions

  • android.permission.ACCESS_COARSE_LOCATION
  • android.permission.ACCESS_FINE_LOCATION
  • android.permission.ACCESS_NETWORK_STATE
  • android.permission.ACCESS_WIFI_STATE
  • android.permission.AUTHENTICATE_ACCOUNTS
  • android.permission.BATTERY_STATS
  • android.permission.BROADCAST_STICKY
  • android.permission.CAMERA
  • android.permission.CHANGE_NETWORK_STATE
  • android.permission.CHANGE_WIFI_STATE
  • android.permission.DOWNLOAD_WITHOUT_NOTIFICATION
  • android.permission.GET_ACCOUNTS
  • android.permission.GET_TASKS
  • android.permission.INTERNET
  • android.permission.MANAGE_ACCOUNTS
  • android.permission.READ_CALENDAR
  • android.permission.READ_CONTACTS
  • android.permission.READ_EXTERNAL_STORAGE
  • android.permission.READ_PHONE_STATE
  • android.permission.READ_PROFILE
  • android.permission.READ_SMS
  • android.permission.READ_SYNC_SETTINGS
  • android.permission.RECEIVE_BOOT_COMPLETED
  • android.permission.RECORD_AUDIO
  • android.permission.REQUEST_INSTALL_PACKAGES
  • android.permission.SYSTEM_ALERT_WINDOW
  • android.permission.VIBRATE
  • android.permission.WAKE_LOCK
  • android.permission.WRITE_CALENDAR
  • android.permission.WRITE_CONTACTS
  • android.permission.WRITE_EXTERNAL_STORAGE
  • android.permission.WRITE_SYNC_SETTINGS
  • com.amazon.device.messaging.permission.RECEIVE
  • com.android.launcher.permission.INSTALL_SHORTCUT
  • com.facebook.home.permission.WRITE_BADGES
  • com.facebook.katana.permission.C2D_MESSAGE
  • com.facebook.katana.permission.CROSS_PROCESS_BROADCAST_MANAGER
  • com.facebook.katana.permission.RECEIVE_ADM_MESSAGE
  • com.facebook.katana.provider.ACCESS
  • com.facebook.mlite.provider.ACCESS
  • com.facebook.orca.provider.ACCESS
  • com.facebook.pages.app.provider.ACCESS
  • com.facebook.permission.prod.FB_APP_COMMUNICATION
  • com.facebook.permission.prod.SYSTEM_COMMUNICATION
  • com.facebook.receiver.permission.ACCESS
  • com.google.android.c2dm.permission.RECEIVE
  • com.google.android.providers.gsf.permission.READ_GSERVICES
  • com.htc.launcher.permission.READ_SETTINGS
  • com.htc.launcher.permission.UPDATE_SHORTCUT
  • com.nokia.pushnotifications.permission.RECEIVE
  • com.sec.android.provider.badge.permission.READ
  • com.sec.android.provider.badge.permission.WRITE
  • com.sonyericsson.home.permission.BROADCAST_BADGE

Features used

  • android.hardware.bluetooth
  • android.hardware.bluetooth_le
  • android.hardware.camera
  • android.hardware.camera.autofocus
  • android.hardware.camera.flash
  • android.hardware.location
  • android.hardware.location.gps
  • android.hardware.location.network
  • android.hardware.microphone
  • android.hardware.telephony

URLs

Other URLs

  • http://1.base.maps.cit.api.here.com
  • http://api.giphy.com
  • http://api.tiles.mapbox.com
  • http://b-www.facebook.com
  • http://cdn8.staztic.com
  • http://facebook.com
  • http://h.*
  • http://h.fb.com
  • http://instagram.com
  • http://java.sun.com
  • http://m.*/
  • http://m.facebook.com
  • http://maps.google.com
  • http://media-channel.nationalgeographic.com
  • http://pcautivo.telcel.com
  • http://plus.google.com
  • http://pm1.narvii.com
  • http://portal.fb.com
  • http://schemas.android.com
  • http://scontent-*.xx.fbcdn.net/?rand=%d
  • http://share.here.com
  • http://vignette1.wikia.nocookie.net
  • http://vignette4.wikia.nocookie.net
  • http://www.*/images/emoji/unicode/
  • http://www.android.com
  • http://www.facebook.com
  • http://www.gstatic.com
  • http://www.nytimes.com
  • http://www.xn--v8jxj3d1dzdz08w.com
  • http://xmlpull.org
  • https://173.252.112.83
  • https://accounts.spotify.com
  • https://android.googleapis.com
  • https://api-read.*/restserver.php
  • https://api-video.*/restserver.php
  • https://api.*/
  • https://api.*/method/logging.clientevent
  • https://api.*/restserver.php
  • https://api.amazon.com
  • https://b-api.*/method/logging.clientevent
  • https://b-api.*/restserver.php
  • https://b-api.facebook.com
  • https://b-graph.facebook.com
  • https://b-graph.secure.facebook.com
  • https://b-www.facebook.com
  • https://broken.facebook.com
  • https://connect.facebook.net
  • https://cx.atdmt.com
  • https://dev503.prn2.facebook.com
  • https://facebook.com
  • https://fbcdn-sphotos-e-a.akamaihd.net
  • https://graph-video.*
  • https://graph-video.*/
  • https://graph.*
  • https://graph.*.facebook.com/network_ads_common/
  • https://graph.*/
  • https://graph.facebook.com
  • https://image.maps.api.here.com
  • https://lh3.googleusercontent.com
  • https://lithium.facebook.com
  • https://logger.instagram.com
  • https://lookaside.facebook.com
  • https://m.*
  • https://m.*/
  • https://m.*/auth.php
  • https://m.*/dialog/oauth
  • https://m.*/js_dialog_resources/dialog_descriptions_android.json
  • https://m.*/promotion.php
  • https://m.*/root.php
  • https://m.facebook.com
  • https://m.facebook.com/p2p/verify/?id=*&source=orca_android&ts=%d&seed=*
  • https://market.android.com
  • https://mts1.google.com
  • https://nnapi.ovi.com
  • https://our.intern.facebook.com
  • https://play.google.com
  • https://rupload.facebook.com
  • https://s-static.intern.facebook.com
  • https://secure.m.facebook.com
  • https://static.xx.fbcdn.net
  • https://sync.liverail.com
  • https://upload.wikimedia.org
  • https://www.*.facebook.com
  • https://www.*/ai.php
  • https://www.*/impression.php
  • https://www.*/mobile/android_beta_crash_logs/
  • https://www.*/mobile/android_crash_logs/
  • https://www.facebook.com
  • https://www.googleapis.com
  • https://www.instagram.com

Version info

APK hash: ca2e0cbce0789afeb1cbf6ddb5ab9cc95cf36e1c
Other versions:
69169423/ff6211eeb18b68859bb1d9afac3f12a595060d96
56891628/93577cda9025b0e1f2dacfa75371f122320c1e5b
50985600/5470e03e08689cde7fa06546fe19d3867b16d609
47807796/9380b03a01ced92bd042d33e137d771d71d17483
45904150/5936c428f334a4037663e7fcecc08b1d0b66ebab
44377488/b27b281bbce409bee44b2722b9a1bb759fd6c511
44377487/98be802e5abedc34ef8758b5b01fd34ca54b5c14
43868207/fa58c95a52f2410bb5f2652dfa469a58a2dd73b4
43392002/9d87f92cdde80762b2f38d7b232d327ca179fa6d
42812593/168b71534b731f43ceb37fba55471355e567d06f
42288923/8d972e2f5c56d67f0ab0519f7a09cad4fddbbd77
41803389/695e43bb135fa8010bb100e42ba80e9ddd9a396d
41803389/695e43bb135fa8010bb100e42ba80e9ddd9a396d
41212276/4fd6a17beb18579f73dd1ba95c457708749fc064
40050084/b9897b11de2071822893b5c901418f2b41f54bd1

Source structure


Used libraries

    • Utility

    JavaX Annotations

    Metadata Facility for the Java Programming Language
    Show details ⇓
    • Open source
    • Utility

    Android support library

    Simplify your development by offering more APIs that you can bundle with your application so you can worry less about platform versions
    Show details ⇓
    • Open source
    • Utility

    Guava

    The Guava project contains several of Google's core libraries: collections, caching, primitives support, concurrency libraries, common annotations, string processing, I/O, etc.
    Show details ⇓
    • Open source
    • Utility

    FasterXML Jackson

    Multi-purpose Java library for processing JSON data format.
    Show details ⇓
    • Private service binding

    Google Play services

    Google Play services binding library.
    Show details ⇓
    • Public service binding
    • Open source

    Facebook API

    SDK for Facebook integration.
    Show details ⇓
    • Utility
    • Hack

    google-guice

    lightweight dependency injection framework
    Show details ⇓

APIs used

  • junit.framework
  • javax.microedition.khronos.egl
  • java.nio
  • java.sql
  • android.content.pm
  • org.apache.http.impl.client
  • android.os
  • android.media.audiofx
  • android.location
  • android.widget
  • org.xml.sax
  • android.text.util
  • org.apache.http.impl
  • android.view.accessibility
  • org.w3c.dom.ls
  • android.preference
  • android.app
  • android.opengl
  • android.telephony.gsm
  • java.math
  • org.json
  • java.security.spec
  • android.hardware.display
  • java.util.concurrent
  • android.animation
  • javax.xml.datatype
  • android.text.format
  • android.content
  • org.apache.http.conn.ssl
  • java.lang.annotation
  • org.apache.http.client.utils
  • android.net.wifi
  • java.util.logging
  • android.webkit
  • org.apache.http.client.entity
  • android.app.admin
  • javax.net.ssl
  • android.net.http
  • android.net
  • android.hardware.camera2
  • org.w3c.dom
  • android.content.res
  • android.view.animation
  • javax.crypto.spec
  • android.transition
  • org.apache.http.util
  • java.util.zip
  • java.util.regex
  • java.util
  • android.text.method
  • android.telephony
  • android.view.inputmethod
  • javax.crypto
  • android.provider
  • org.apache.http.conn
  • android.database.sqlite
  • android.view
  • java.net
  • javax.xml.namespace
  • android.hardware
  • android.drm
  • java.util.concurrent.locks
  • org.apache.http.client.methods
  • android.graphics
  • com.android.internal.util
  • android.telephony.cdma
  • javax.security.auth.x500
  • org.apache.http.entity
  • android.system
  • org.apache.http.impl.conn.tsccm
  • android.graphics.drawable.shapes
  • java.util.concurrent.atomic
  • org.apache.http.impl.conn
  • android.accessibilityservice
  • android.graphics.drawable
  • org.apache.http.protocol
  • javax.net
  • android.accounts
  • org.apache.http.message
  • android.media
  • javax.microedition.khronos.opengles
  • org.apache.http
  • javax.xml.parsers
  • java.lang.reflect
  • org.xml.sax.helpers
  • android.database
  • java.lang.ref
  • java.nio.channels
  • java.io
  • android.bluetooth
  • android.util
  • java.security
  • java.text
  • dalvik.system
  • java.util.jar
  • java.lang
  • android.net.nsd
  • org.xmlpull.v1
  • org.apache.http.conn.scheme
  • java.security.cert
  • org.apache.http.client.params
  • org.apache.http.params
  • android.text
  • org.apache.http.client
  • java.nio.charset
  • org.apache.http.cookie
  • android.text.style
  • android.renderscript
  • android.hardware.camera2.params
  • android.app.job

Other packages

  • X
  • android_src.mmsv2
  • bolts
  • com.google.android.exoplayer
  • com.google.android.exoplayer.audio
  • com.google.android.exoplayer.chunk
  • com.google.android.exoplayer.dash
  • com.google.android.exoplayer.ext.opus
  • com.google.android.exoplayer.extractor
  • com.google.android.exoplayer.extractor.flv
  • com.google.android.exoplayer.extractor.mp3
  • com.google.android.exoplayer.extractor.mp4
  • com.google.android.exoplayer.extractor.ogg
  • com.google.android.exoplayer.extractor.ts
  • com.google.android.exoplayer.extractor.wav
  • com.google.android.exoplayer.extractor.webm
  • com.google.android.exoplayer.hls
  • com.google.android.exoplayer.upstream
  • com.google.android.exoplayer.upstream.cache
  • com.google.android.exoplayer.util
  • com.google.android.exoplayer.util.extensions
  • com.google.j2objc.annotations
  • com.instagram.common.guavalite.annotations
  • com.instagram.common.json.annotation
  • com.mediatek.hotknot
  • generated_declarative_autorequire_module
  • generated_rootmodule
  • gifdrawable.pl.droidsonroids.gif
  • injector_autorequire_modules
  • it.sephiroth.android.library.widget
  • javax.inject
  • me.msqrd.sdk.android.tracking
  • me.msqrd.sdk.android.util
  • me.msqrd.sdk.nativecalls.effectsframework
  • okhttp3
  • okhttp3.internal
  • okhttp3.internal.framed
  • okhttp3.internal.ws
  • okio
  • org.codehaus.mojo.animal_sniffer
  • org.webrtc.videoengine
  • org.webrtc.voiceengine
  • org.whispersystems.curve25519
  • preconnector
  • rx.annotations
  • rx.internal.schedulers
  • rx.schedulers
  • secondary.dex01
  • secondary.dex02
  • secondary.dex03
  • secondary.dex04
  • secondary.dex05
  • secondary.dex06
  • secondary.dex07
  • secondary.dex08
  • secondary.dex09
  • secondary.dex10
  • secondary.dex11
  • secondary.dex12