The Static Analysis tab is available only for objects that were executed in the mobile (Android) operating system environment.
Kaspersky Threat Intelligence Portal provides the object's static analysis results.
The results are displayed in separate tables. Each table contains up to 10 entries.
Static analysis results
Table name |
Description |
Table fields |
Comments |
|---|---|---|---|
Manifest |
Android app manifest in XML format. |
— |
The displayed version of a file is recovered from the application and may differ from the original file. |
Modules |
Android app modules detected through static analysis. |
Path—Path to the app module. Description—Description of the app module. |
Items in the table are listed in the order in which they were received. You can filter items in this table by specifying search criteria in the Search field below the table name. |
Permissions |
Android app permissions detected by using the static analysis. |
Status—Status (danger level) of the permission. Severity—Severity of the permission's danger. Permission—Permission value. Description—Detailed description of the permission. |
Items in the table are listed in the order in which they were received. You can filter items in this table by specifying search criteria in the Search field below the table name. |
Component |
Android app components detected through static analysis. |
Status—Status (danger level) of the component. Severity—Severity of the component's danger. Component—Component name. Description—Detailed description of the component. Intent filters—List of filters applied to the component. You can click the link to view the component's filters. The pane that opens displays the following data for each filter: priorities, actions, and categories. |
Items in the table are listed in the order in which they were received. You can filter items in this table by specifying search criteria in the Search field below the table name. |
Bundle |
Android App Bundle (APK). |
Type—File type (Module, Icon, or Picture). Path—File path and name. Size—File size. MD5—MD5 hash of the file. Each item in the list is clickable—you can click it to navigate to the Threat Lookup results page, which has investigation results for the file detected by the MD5 hash. Investigation results are available only if you have a valid Threat Lookup license and have not exceeded your quota for object investigation. If you requested this hash in the past 24 hours, the Threat Lookup quota for your group is not affected. Investigation results for certain hashes in this section may be unavailable on the Threat Lookup results page.
|
— |
Bundle images |
Android App Bundle images. |
— |
— |