diff --git a/demoapp/www/css/index.css b/demoapp/www/css/index.css
index 359c611..99cf2e7 100644
--- a/demoapp/www/css/index.css
+++ b/demoapp/www/css/index.css
@@ -177,6 +177,11 @@ h1 {
grid-column: 2;
grid-row: 2;
}
+.threat-flags {
+ font-size: 8px;
+ grid-column: 2;
+ grid-row: 3;
+}
.threat-malware {
color: #ac0b2a;
}
diff --git a/demoapp/www/js/index.js b/demoapp/www/js/index.js
index 20fef02..488a608 100644
--- a/demoapp/www/js/index.js
+++ b/demoapp/www/js/index.js
@@ -780,6 +780,11 @@ var demoApp = {
else {
icon = "
";
}
+ var flagsDiv = "";
+ if (apk.flags.length > 0) {
+ var flStr = apk.flags.map(function (fl) { return fl.type + ": " + fl.name; });
+ flagsDiv = "
".concat(flStr.join('; '), "
");
+ }
var threatCls = "";
switch (apk.threatIndex) {
case "MALWARE":
@@ -792,7 +797,7 @@ var demoApp = {
threatCls = "threat-dangerous";
break;
}
- node.innerHTML = "".concat(icon, "
").concat(apkInfo.label || apk.packageName, "
").concat(apk.threatIndex, "
");
+ node.innerHTML = "".concat(icon, "
").concat(apkInfo.label || apk.packageName, "
").concat(apk.threatIndex, "
").concat(flagsDiv, "
");
appList.appendChild(node);
});
return [3, 7];
diff --git a/demoapp/www/js/index.ts b/demoapp/www/js/index.ts
index bbb7e68..289a6b7 100644
--- a/demoapp/www/js/index.ts
+++ b/demoapp/www/js/index.ts
@@ -324,6 +324,11 @@ var demoApp = {
} else {
icon = `
`
}
+ var flagsDiv = "";
+ if (apk.flags.length > 0) {
+ let flStr = apk.flags.map(fl => fl.type + ": " + fl.name)
+ flagsDiv = `${flStr.join('; ')}
`
+ }
var threatCls = ""
switch (apk.threatIndex) {
case "MALWARE":
@@ -336,7 +341,7 @@ var demoApp = {
threatCls = "threat-dangerous";
break;
}
- node.innerHTML = `${icon}
${apkInfo.label || apk.packageName}
${apk.threatIndex}
`;
+ node.innerHTML = `${icon}
${apkInfo.label || apk.packageName}
${apk.threatIndex}
${flagsDiv}
`;
appList.appendChild(node);
});
} catch(e) {
diff --git a/docs/Release-Notes.md b/docs/Release-Notes.md
index a364897..ebe0ce9 100644
--- a/docs/Release-Notes.md
+++ b/docs/Release-Notes.md
@@ -5,6 +5,7 @@
### Release 5.1.1-dev
- Update Malwarelytics for Android to 1.1.0 (#87)
+- Update ApkThreat with flags (#89)
## Previous Releases
diff --git a/scripts/android/model/apkThreat/ApkThreat.ts b/scripts/android/model/apkThreat/ApkThreat.ts
index de1afd9..3a90c3c 100644
--- a/scripts/android/model/apkThreat/ApkThreat.ts
+++ b/scripts/android/model/apkThreat/ApkThreat.ts
@@ -6,20 +6,45 @@
interface ApkThreat {
/** Package name (application Id) of the app posing a threat to the current app. */
- packageName: string;
+ readonly packageName: string;
/** Threat index indicating severity of the threat. */
- threatIndex: ThreatIndex;
+ readonly threatIndex: ThreatIndex;
+
+ /** Evaluated threat index indicating severity of the threat. */
+ readonly evaluatedThreatIndex: ThreatIndex
+
+ /** Suggested threat index. If the value is `UNKNOWN` then there's no suggestion. */
+ readonly suggestedThreatIndex: ThreatIndex
/** Optional name of malware detection. This is not bound to the thratIndex, can appear independently. */
- malwareDetectionName?: string;
+ readonly malwareDetectionName?: string;
/** Set of recommended mitigations for handling the threat. */
- mitigations: ThreatMitigation[];
+ readonly mitigations: ThreatMitigation[];
/** Evaluated threat reasons marking what is dangerous about the app. */
- reasons: ThreatReason[];
+ readonly reasons: ThreatReason[];
/** Store the app was installed from (for example google play). */
- threatInstaller: ThreatInstaller;
+ readonly threatInstaller?: ThreatInstaller;
+
+ /** List of malware flags - malware types and malware families. */
+ readonly flags: MalwareFlag[];
+}
+
+/** Flag designating malware info. */
+interface MalwareFlag {
+ readonly name: string;
+ readonly type: MalwareFlagType;
+}
+
+/** Type of MalwareFlag. */
+enum MalwareFlagType {
+ /** Unknown type of malware flag. */
+ UNKNOWN = "UNKNOWN",
+ /** Name of the malware family. */
+ MALWARE_FAMILY = "MALWARE_FAMILY",
+ /** Type of the malware, relates with used attack techniques. */
+ MALWARE_TYPE = "MALWARE_TYPE"
}
\ No newline at end of file
diff --git a/www/MalwarelyticsPlugin.d.ts b/www/MalwarelyticsPlugin.d.ts
index e3bd628..72cfb6f 100644
--- a/www/MalwarelyticsPlugin.d.ts
+++ b/www/MalwarelyticsPlugin.d.ts
@@ -818,17 +818,37 @@ interface SmartProtectionResult {
*/
interface ApkThreat {
/** Package name (application Id) of the app posing a threat to the current app. */
- packageName: string;
+ readonly packageName: string;
/** Threat index indicating severity of the threat. */
- threatIndex: ThreatIndex;
+ readonly threatIndex: ThreatIndex;
+ /** Evaluated threat index indicating severity of the threat. */
+ readonly evaluatedThreatIndex: ThreatIndex;
+ /** Suggested threat index. If the value is `UNKNOWN` then there's no suggestion. */
+ readonly suggestedThreatIndex: ThreatIndex;
/** Optional name of malware detection. This is not bound to the thratIndex, can appear independently. */
- malwareDetectionName?: string;
+ readonly malwareDetectionName?: string;
/** Set of recommended mitigations for handling the threat. */
- mitigations: ThreatMitigation[];
+ readonly mitigations: ThreatMitigation[];
/** Evaluated threat reasons marking what is dangerous about the app. */
- reasons: ThreatReason[];
+ readonly reasons: ThreatReason[];
/** Store the app was installed from (for example google play). */
- threatInstaller: ThreatInstaller;
+ readonly threatInstaller?: ThreatInstaller;
+ /** List of malware flags - malware types and malware families. */
+ readonly flags: MalwareFlag[];
+}
+/** Flag designating malware info. */
+interface MalwareFlag {
+ readonly name: string;
+ readonly type: MalwareFlagType;
+}
+/** Type of MalwareFlag. */
+declare enum MalwareFlagType {
+ /** Unknown type of malware flag. */
+ UNKNOWN = "UNKNOWN",
+ /** Name of the malware family. */
+ MALWARE_FAMILY = "MALWARE_FAMILY",
+ /** Type of the malware, relates with used attack techniques. */
+ MALWARE_TYPE = "MALWARE_TYPE"
}
/**
* A threat level that is posed by an app.
diff --git a/www/MalwarelyticsPlugin.js b/www/MalwarelyticsPlugin.js
index 6d03f1c..60e53c8 100644
--- a/www/MalwarelyticsPlugin.js
+++ b/www/MalwarelyticsPlugin.js
@@ -1061,6 +1061,16 @@ var InitializationResult;
InitializationResult["TEMPORARY_OFFLINE_MODE"] = "TEMPORARY_OFFLINE_MODE";
InitializationResult["PERMANENT_OFFLINE_MODE"] = "PERMANENT_OFFLINE_MODE";
})(InitializationResult || (InitializationResult = {}));
+/** Type of MalwareFlag. */
+var MalwareFlagType;
+(function (MalwareFlagType) {
+ /** Unknown type of malware flag. */
+ MalwareFlagType["UNKNOWN"] = "UNKNOWN";
+ /** Name of the malware family. */
+ MalwareFlagType["MALWARE_FAMILY"] = "MALWARE_FAMILY";
+ /** Type of the malware, relates with used attack techniques. */
+ MalwareFlagType["MALWARE_TYPE"] = "MALWARE_TYPE";
+})(MalwareFlagType || (MalwareFlagType = {}));
/** Result of an update. */
var UpdateResult;
(function (UpdateResult) {
diff --git a/www/MalwarelyticsPlugin.module.d.ts b/www/MalwarelyticsPlugin.module.d.ts
index 9b761a4..4801e20 100644
--- a/www/MalwarelyticsPlugin.module.d.ts
+++ b/www/MalwarelyticsPlugin.module.d.ts
@@ -818,17 +818,37 @@ export interface SmartProtectionResult {
*/
export interface ApkThreat {
/** Package name (application Id) of the app posing a threat to the current app. */
- packageName: string;
+ readonly packageName: string;
/** Threat index indicating severity of the threat. */
- threatIndex: ThreatIndex;
+ readonly threatIndex: ThreatIndex;
+ /** Evaluated threat index indicating severity of the threat. */
+ readonly evaluatedThreatIndex: ThreatIndex;
+ /** Suggested threat index. If the value is `UNKNOWN` then there's no suggestion. */
+ readonly suggestedThreatIndex: ThreatIndex;
/** Optional name of malware detection. This is not bound to the thratIndex, can appear independently. */
- malwareDetectionName?: string;
+ readonly malwareDetectionName?: string;
/** Set of recommended mitigations for handling the threat. */
- mitigations: ThreatMitigation[];
+ readonly mitigations: ThreatMitigation[];
/** Evaluated threat reasons marking what is dangerous about the app. */
- reasons: ThreatReason[];
+ readonly reasons: ThreatReason[];
/** Store the app was installed from (for example google play). */
- threatInstaller: ThreatInstaller;
+ readonly threatInstaller?: ThreatInstaller;
+ /** List of malware flags - malware types and malware families. */
+ readonly flags: MalwareFlag[];
+}
+/** Flag designating malware info. */
+export interface MalwareFlag {
+ readonly name: string;
+ readonly type: MalwareFlagType;
+}
+/** Type of MalwareFlag. */
+export declare enum MalwareFlagType {
+ /** Unknown type of malware flag. */
+ UNKNOWN = "UNKNOWN",
+ /** Name of the malware family. */
+ MALWARE_FAMILY = "MALWARE_FAMILY",
+ /** Type of the malware, relates with used attack techniques. */
+ MALWARE_TYPE = "MALWARE_TYPE"
}
/**
* A threat level that is posed by an app.