Androlyzer

Know more about your apps

App description

Sophos Mobile Security

com.sophos.smsec
Rating:
(4.3)
Downloads: 1,000,000 - 5,000,000
Version: 7.0.2288 (2288)
by Sophos Limited

Winner of the AV-TEST awards Best Android Security 2016 and Best Protection 2015For 14 tests in a row, starting September 2014, Sophos Mobile Security has hit a perfect 100% protection score in AV-TEST’s comparison of the top Android security and antivirus apps.Full features, no advertising, all freeSophos is an IT security leader for companies and governments worldwide. This app comprehensively protects your Android device and your privacy without impacting performance or battery life. With up-to-the-minute intelligence from SophosLabs, apps are automatically scanned for malware to protect you from data loss and unexpected costs. If your device is lost or stolen, you can remotely lock or wipe it to safeguard your data.Malware Protection• Scan apps for malicious or inappropriate content as you install them.• Scan apps and storage media on demand and on schedule.Loss & Theft Protection• Send SMS commands for: Wipe, Lock, Alarm, Locate, Message to finder, Reset passcode.• Receive SMS for: SIM change detection, Locate before battery dies.Web Filtering• Block web sites with malicious, undesirable or illegal content.App Protection• Protect apps with a password.Privacy Advisor• List apps that access your personal data.• List apps that could create costs.Security Advisor• Get advice on how to improve device security.Spam Protection• Block unwanted phone calls.QR Code Scanner• Check URLs for malicious or inappropriate web sites.• Add contacts to your address book.• Set up Wi-Fi connections and warn of insecure encryption.Authenticator• Generate time-based (TOTP, RFC 6238) and counter-based (HOTP, RFC 4226) one-time passwords for multi-factor authentication.Managed ModeManaging the app by Sophos Mobile Control or Sophos Central lets your IT department monitor the health of your device to ensure company-wide protection.Permissions• Permissions are required to monitor incoming data, and to detect and stop threats. See more here: http://sophos.com/kb/117499• This app uses the Device Administrator permission.Battery and data usage• Malware definitions are updated at least once a day to keep you protected. This uses a small amount of data.• The initial full scan of every installed app causes a one-time increase in battery usage.Support Information• Knowledgebase: http://sophos.com/kb/• Moderated support forum: https://community.sophos.com/products/mobile-device-protection/f/18• Use our SDK for premium antivirus in your app: http://www.sophos.com/AndroidSDK

Analysis results

Malicious code

  • Add custom device admin
  • Sideload APK

Privacy leaks

  • Call logs to Network
  • Call logs to Outgoing SMS
  • Camera hardware to Network
  • Camera hardware to Outgoing SMS
  • Contacts to Network
  • Contacts to Outgoing SMS
  • Current Wifi info to Network
  • Current Wifi info to Outgoing SMS
  • IMEI to Network
  • IMEI to Outgoing SMS
  • Location to Outgoing SMS
  • SMS to Network
  • SMS to Outgoing SMS
  • Telephone number to Network
  • Telephone number to Outgoing SMS
  • User Input to Network
  • User Input to Outgoing SMS
  • Wifi MAC address to Network
  • Wifi MAC address to Outgoing SMS

Confidential sources

  • Call logs
  • Camera hardware
  • Contacts
  • Current Wifi info
  • IMEI
  • IMSI
  • Location
  • SMS
  • Screenshot
  • Telephone number
  • User Input
  • Wifi MAC address

Suspicious functions

  • Obfuscation

Permissions

  • android.permission.ACCESS_COARSE_LOCATION
  • android.permission.ACCESS_FINE_LOCATION
  • android.permission.ACCESS_NETWORK_STATE
  • android.permission.ACCESS_WIFI_STATE
  • android.permission.CALL_PHONE
  • android.permission.CAMERA
  • android.permission.CHANGE_WIFI_STATE
  • android.permission.GET_TASKS
  • android.permission.INTERNET
  • android.permission.KILL_BACKGROUND_PROCESSES
  • android.permission.NFC
  • android.permission.PACKAGE_USAGE_STATS
  • android.permission.READ_CALL_LOG
  • android.permission.READ_CONTACTS
  • android.permission.READ_PHONE_STATE
  • android.permission.READ_SMS
  • android.permission.RECEIVE_BOOT_COMPLETED
  • android.permission.RECEIVE_MMS
  • android.permission.RECEIVE_SMS
  • android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
  • android.permission.SEND_SMS
  • android.permission.WAKE_LOCK
  • android.permission.WRITE_CALL_LOG
  • android.permission.WRITE_CONTACTS
  • android.permission.WRITE_EXTERNAL_STORAGE
  • android.permission.WRITE_SMS
  • com.android.browser.permission.READ_HISTORY_BOOKMARKS
  • com.android.browser.permission.WRITE_HISTORY_BOOKMARKS
  • com.google.android.c2dm.permission.RECEIVE
  • com.sophos.appprotectionmonitor.PERMISSION
  • com.sophos.mobilecontrol.client.android.permission.SENDMESSAGE
  • com.sophos.mobilecontrol.client.android.permission.SEND_COMMAND
  • com.sophos.smsdkex.permission.SYNC
  • com.sophos.smsec.PERMISSION

Features used

  • android.hardware.bluetooth
  • android.hardware.camera
  • android.hardware.camera.autofocus
  • android.hardware.camera.flash
  • android.hardware.camera.front
  • android.hardware.location
  • android.hardware.location.gps
  • android.hardware.location.network
  • android.hardware.nfc
  • android.hardware.telephony
  • android.hardware.touchscreen
  • android.hardware.wifi

URLs

Other URLs

  • file:///android_asset/
  • file:///android_asset/EULA_en.html
  • file://package.apk
  • http://dci.sophosupd.com
  • http://dci.sophosupd.net
  • http://plus.google.com
  • http://schemas.android.com
  • http://www.google
  • http://www.google-analytics.com
  • http://www.sophos.com
  • http://xmlpull.org
  • http://zxing.appspot.com
  • https://play.google.com
  • https://ssl.google-analytics.com
  • https://www.googleapis.com
  • https://www.googletagmanager.com
  • https://www.sophos.com
  • ldap://localhost

Version info

APK hash: 27845a1acadaaad9116ac5ef9d91b50f4e176051
Other versions:
2474/27a474d4b69876490a3c0bd8aeb7475520a1d295
2275/d7aec602e07c8d4a27cb849709e22b3a257ef5d0
2201/84bccc6c6b6547f50649ceb3cff59963fc264884
2151/30928dd151a7807cead06d9e1536739261e47d52
1981/2fc1126d9d990e86e9e5a14af858f80e1ffdbec7

Source structure


Used libraries

    • Open source
    • Utility

    Apache Commons IO

    Collection of I/O utilities.
    Show details ⇓
    • Private service binding

    Google Play services

    Google Play services binding library.
    Show details ⇓
    • Open source
    • Utility

    Android support library

    Simplify your development by offering more APIs that you can bundle with your application so you can worry less about platform versions
    Show details ⇓
    • Utility

    zxing

    Multi-format 1D/2D barcode image processing library.
    Show details ⇓
    • Open source
    • Utility

    Apache Commons Codec

    General encoding/decoding algorithms (for example phonetic, base64, URL).
    Show details ⇓

APIs used

  • java.nio
  • java.sql
  • android.content.pm
  • android.os
  • android.location
  • android.widget
  • org.xml.sax
  • android.text.util
  • android.view.accessibility
  • java.security.interfaces
  • javax.security.auth.callback
  • android.preference
  • android.app
  • android.telephony.gsm
  • java.math
  • org.json
  • java.security.spec
  • android.hardware.display
  • java.util.concurrent
  • android.animation
  • android.text.format
  • android.content
  • android.app.backup
  • android.appwidget
  • android.net.wifi
  • android.webkit
  • android.app.admin
  • javax.net.ssl
  • android.security
  • android.net.http
  • android.net
  • org.w3c.dom
  • android.service.media
  • android.content.res
  • android.view.animation
  • javax.crypto.spec
  • android.transition
  • org.apache.http.impl.cookie
  • java.util.zip
  • java.util.regex
  • java.util
  • android.text.method
  • android.media.session
  • android.telephony
  • android.view.inputmethod
  • javax.crypto
  • android.provider
  • android.nfc
  • android.database.sqlite
  • android.view
  • java.net
  • javax.xml.namespace
  • android.hardware
  • android.print.pdf
  • java.util.concurrent.locks
  • org.apache.http.client.methods
  • android.graphics
  • android.telephony.cdma
  • javax.crypto.interfaces
  • javax.security.auth.x500
  • org.apache.http.entity
  • java.lang.annotation
  • android.graphics.drawable.shapes
  • java.util.concurrent.atomic
  • android.accessibilityservice
  • android.graphics.drawable
  • android.accounts
  • org.apache.http.message
  • android.media
  • org.apache.http
  • javax.xml.parsers
  • java.lang.reflect
  • android.graphics.pdf
  • android.database
  • java.lang.ref
  • java.nio.channels
  • java.io
  • android.media.browse
  • android.bluetooth
  • android.util
  • java.security
  • java.text
  • dalvik.system
  • java.util.jar
  • java.lang
  • android.app.usage
  • org.xmlpull.v1
  • java.security.cert
  • org.apache.http.params
  • android.text
  • org.apache.http.client
  • java.nio.charset
  • android.print
  • android.text.style

Other packages

  • a.a.a
  • android.security
  • com.android.internal.telephony
  • com.google.a
  • com.google.android.a
  • com.google.android.a.a
  • com.google.android.apps.common.proguard
  • com.google.android.c2dm
  • com.google.b
  • com.google.b.a
  • com.google.b.b
  • com.google.b.b.a
  • com.google.b.c
  • com.google.b.d
  • com.mikhaellopez.circularprogressbar
  • com.sophos.a
  • com.sophos.appprotectengine
  • com.sophos.appprotectengine.a
  • com.sophos.appprotectengine.service
  • com.sophos.appprotectionmonitorlib
  • com.sophos.b.a
  • com.sophos.b.a.a
  • com.sophos.b.a.b
  • com.sophos.b.a.c
  • com.sophos.b.a.d
  • com.sophos.b.a.e
  • com.sophos.b.a.f
  • com.sophos.b.b
  • com.sophos.b.c
  • com.sophos.c
  • com.sophos.communication
  • com.sophos.communication.exception
  • com.sophos.d
  • com.sophos.e.a.a.a.a
  • com.sophos.e.a.a.b
  • com.sophos.mobile.msgbox
  • com.sophos.mobile.msgbox.ui
  • com.sophos.otp
  • com.sophos.otp.ui
  • com.sophos.otp.widget
  • com.sophos.savi
  • com.sophos.simplesxl31
  • com.sophos.slam
  • com.sophos.smc.communication
  • org.a.a
  • org.a.b
  • org.a.b.a
  • org.a.c
  • org.a.d
  • org.a.e
  • org.a.e.a
  • org.a.e.b
  • org.a.f
  • org.a.g
  • org.acra
  • org.acra.a
  • org.acra.b
  • org.acra.c.a.a.a
  • org.acra.d
  • org.acra.e
  • org.acra.sender
  • org.apache.commons
  • org.apache.commons.lang3
  • org.apache.commons.lang3.builder
  • org.apache.commons.lang3.concurrent
  • org.apache.commons.lang3.event
  • org.apache.commons.lang3.exception
  • org.apache.commons.lang3.math
  • org.apache.commons.lang3.mutable
  • org.apache.commons.lang3.reflect
  • org.apache.commons.lang3.text
  • org.apache.commons.lang3.text.translate
  • org.apache.commons.lang3.time
  • org.apache.commons.lang3.tuple
  • org.simpleframework.xml
  • org.simpleframework.xml.convert
  • org.simpleframework.xml.core
  • org.simpleframework.xml.filter
  • org.simpleframework.xml.strategy
  • org.simpleframework.xml.stream
  • org.simpleframework.xml.transform
  • org.simpleframework.xml.util
  • org.spongycastle
  • org.spongycastle.asn1
  • org.spongycastle.asn1.bc
  • org.spongycastle.asn1.cmp
  • org.spongycastle.asn1.cms
  • org.spongycastle.asn1.cms.ecc
  • org.spongycastle.asn1.crmf
  • org.spongycastle.asn1.cryptopro
  • org.spongycastle.asn1.eac
  • org.spongycastle.asn1.esf
  • org.spongycastle.asn1.ess
  • org.spongycastle.asn1.gnu
  • org.spongycastle.asn1.iana
  • org.spongycastle.asn1.icao
  • org.spongycastle.asn1.isismtt
  • org.spongycastle.asn1.isismtt.ocsp
  • org.spongycastle.asn1.isismtt.x509
  • org.spongycastle.asn1.kisa
  • org.spongycastle.asn1.microsoft
  • org.spongycastle.asn1.misc
  • org.spongycastle.asn1.mozilla
  • org.spongycastle.asn1.nist
  • org.spongycastle.asn1.ntt
  • org.spongycastle.asn1.ocsp
  • org.spongycastle.asn1.oiw
  • org.spongycastle.asn1.pkcs
  • org.spongycastle.asn1.sec
  • org.spongycastle.asn1.smime
  • org.spongycastle.asn1.teletrust
  • org.spongycastle.asn1.tsp
  • org.spongycastle.asn1.util
  • org.spongycastle.asn1.x500
  • org.spongycastle.asn1.x500.style
  • org.spongycastle.asn1.x509
  • org.spongycastle.asn1.x509.qualified
  • org.spongycastle.asn1.x509.sigi
  • org.spongycastle.asn1.x9
  • org.spongycastle.cert
  • org.spongycastle.cert.cmp
  • org.spongycastle.cert.crmf
  • org.spongycastle.cert.crmf.jcajce
  • org.spongycastle.cert.jcajce
  • org.spongycastle.cert.ocsp
  • org.spongycastle.cert.ocsp.jcajce
  • org.spongycastle.cert.selector
  • org.spongycastle.cert.selector.jcajce
  • org.spongycastle.cms
  • org.spongycastle.cms.bc
  • org.spongycastle.cms.jcajce
  • org.spongycastle.crypto
  • org.spongycastle.crypto.agreement
  • org.spongycastle.crypto.agreement.kdf
  • org.spongycastle.crypto.agreement.srp
  • org.spongycastle.crypto.digests
  • org.spongycastle.crypto.encodings
  • org.spongycastle.crypto.engines
  • org.spongycastle.crypto.examples
  • org.spongycastle.crypto.generators
  • org.spongycastle.crypto.io
  • org.spongycastle.crypto.macs
  • org.spongycastle.crypto.modes
  • org.spongycastle.crypto.modes.gcm
  • org.spongycastle.crypto.paddings
  • org.spongycastle.crypto.params
  • org.spongycastle.crypto.prng
  • org.spongycastle.crypto.signers
  • org.spongycastle.crypto.tls
  • org.spongycastle.crypto.util
  • org.spongycastle.eac
  • org.spongycastle.eac.jcajce
  • org.spongycastle.eac.operator
  • org.spongycastle.eac.operator.jcajce
  • org.spongycastle.i18n
  • org.spongycastle.i18n.filter
  • org.spongycastle.jcajce
  • org.spongycastle.jcajce.io
  • org.spongycastle.jcajce.provider.asymmetric
  • org.spongycastle.jcajce.provider.asymmetric.dh
  • org.spongycastle.jcajce.provider.asymmetric.dsa
  • org.spongycastle.jcajce.provider.asymmetric.ec
  • org.spongycastle.jcajce.provider.asymmetric.ecgost
  • org.spongycastle.jcajce.provider.asymmetric.elgamal
  • org.spongycastle.jcajce.provider.asymmetric.gost
  • org.spongycastle.jcajce.provider.asymmetric.rsa
  • org.spongycastle.jcajce.provider.asymmetric.util
  • org.spongycastle.jcajce.provider.asymmetric.x509
  • org.spongycastle.jcajce.provider.config
  • org.spongycastle.jcajce.provider.digest
  • org.spongycastle.jcajce.provider.symmetric
  • org.spongycastle.jcajce.provider.symmetric.util
  • org.spongycastle.jcajce.provider.util
  • org.spongycastle.jce
  • org.spongycastle.jce.examples
  • org.spongycastle.jce.exception
  • org.spongycastle.jce.interfaces
  • org.spongycastle.jce.netscape
  • org.spongycastle.jce.provider
  • org.spongycastle.jce.spec
  • org.spongycastle.math.ec
  • org.spongycastle.math.ntru.euclid
  • org.spongycastle.math.ntru.polynomial
  • org.spongycastle.math.ntru.util
  • org.spongycastle.mozilla
  • org.spongycastle.ocsp
  • org.spongycastle.openssl
  • org.spongycastle.operator
  • org.spongycastle.operator.bc
  • org.spongycastle.operator.jcajce
  • org.spongycastle.pkcs
  • org.spongycastle.pkcs.bc
  • org.spongycastle.pkcs.jcajce
  • org.spongycastle.tsp
  • org.spongycastle.tsp.cms
  • org.spongycastle.util
  • org.spongycastle.util.encoders
  • org.spongycastle.util.io
  • org.spongycastle.util.io.pem
  • org.spongycastle.util.test
  • org.spongycastle.voms
  • org.spongycastle.x509
  • org.spongycastle.x509.examples
  • org.spongycastle.x509.extension
  • org.spongycastle.x509.util