apk - decompilers

Uncpack

unpack apk

apktool d app.apk
unzip app.apk -d app_raw

convert dex to jar

d2j-dex2jar classes.dex

jd-gui

jd-gui classes-dex2jar.jar &

jadx-gui

jadx-gui

sudo $ pip3 install apkleaks
apkleaks -f dynatrace.apk

apkid

sudo pip3 install apkid
apkid app.apk

The output "anti_vm: Build.FINGERPRINT check, Build.HARDWARE check, Build.MANUFACTURER check, Build.TAGS check, SIM operator check, network operator name check" indicates that the Android application is using anti-VM techniques to detect whether it is running in a virtual environment.

mobsf

docker run -it --rm -p 8000:8000 opensecurity/mobile-security-framework-mobsf:latest

mariana-trench

sudo pip3 install mariana-trench
mariana-trench --apk-path app.apk --output-directory mariana-tmp