Figuring out where to start when you are performing static analysis can be daunting. The items listed below will help to enumerate what you may be able to infer about the application and its capabilities.

Requested Permissions: These are the permissions that an application is granted by the user (1) during installation or (2) upon execution/runtime. These will be included in the AndroidManifest.xml file.¹

Activities: Main application components that the user interacts with directly. Applications are often comprised of one or more activities that the user can navigate to and from and interact with directly through the User Interface (UI).²

Services: The components are integrated with the application for handling tasks that often happen in the background. The user isn’t usually directly interacting with the services. Some examples of a service-related activity include a file download that happens in the background, music playing during a game application, or calculations that are kicked off and running in the background.³

Broadcast Receivers: This facilitates the exchange of information for applications. Information can be delivered between app components or between entirely different applications using broadcast receivers. Applications can be programmed to “listen” for events, and these events are then delivered to the broadcast receivers by using Intents.⁴

Content Providers: How information is stored within an application and shared between multiple applications. An example of a Content Provider is the contact database often used by many native and third-party applications. The code would call the ContentResolver that passes on the request to the proper Content Provider.⁵

References:

[1] https://for585.com/permissions

[2] https://for585.com/activities

[3] https://for585.com/services

[4] https://for585.com/broadcastreceivers

[5] https://for585.com/contentprovider