diff --git a/mvt/android/modules/adb/dumpsys_accessibility.py b/mvt/android/modules/adb/dumpsys_accessibility.py
index 6dcdb48..e3dc232 100644
--- a/mvt/android/modules/adb/dumpsys_accessibility.py
+++ b/mvt/android/modules/adb/dumpsys_accessibility.py
@@ -20,6 +20,14 @@ class DumpsysAccessibility(AndroidExtraction):
                          output_folder=output_folder, fast_mode=fast_mode,
                          log=log, results=results)
 
+    def check_indicators(self):
+        for result in self.results:
+            ioc = self.indicators.check_app_id(result["package"])
+            if ioc:
+                result["matched_indicators"] = ioc
+                self.detected.append(result)
+                continue
+
     def run(self):
         self._adb_connect()
 
@@ -40,7 +48,10 @@ class DumpsysAccessibility(AndroidExtraction):
             service = line.split(":")[1].strip()
             log.info("Found installed accessibility service \"%s\"", service)
 
-            self.results.append(service)
+            self.results.append({
+                "package": service.split("/")[0],
+                "service": service,
+            })
 
         log.info("Identified a total of %d accessibility services", len(self.results))
 
diff --git a/mvt/android/modules/adb/dumpsys_activities.py b/mvt/android/modules/adb/dumpsys_activities.py
index 14c092a..2c7cdaf 100644
--- a/mvt/android/modules/adb/dumpsys_activities.py
+++ b/mvt/android/modules/adb/dumpsys_activities.py
@@ -21,6 +21,15 @@ class DumpsysActivities(AndroidExtraction):
 
         self.results = results if results else {}
 
+    def check_indicators(self):
+        for intent, activities in self.results.items():
+            for activity in activities:
+                ioc = self.indicators.check_app_id(activity["package"])
+                if ioc:
+                    activity["matched_indicators"] = ioc
+                    self.detected.append({intent: activity})
+                    continue
+
     def parse_activity_resolver_table(self, data):
         """Parse output of dumpsys package.
 
@@ -72,10 +81,10 @@ class DumpsysActivities(AndroidExtraction):
             # If we got this far, we are processing receivers for the
             # activities we are interested in.
             activity = line.strip().split(" ")[1]
-            package_name = activity.split("/")[0]
+            package = activity.split("/")[0]
 
             self.results[intent].append({
-                "package_name": package_name,
+                "package": package,
                 "activity": activity,
             })
 
diff --git a/mvt/android/modules/adb/dumpsys_receivers.py b/mvt/android/modules/adb/dumpsys_receivers.py
index 5d35ce7..99ca8a6 100644
--- a/mvt/android/modules/adb/dumpsys_receivers.py
+++ b/mvt/android/modules/adb/dumpsys_receivers.py
@@ -46,6 +46,12 @@ class DumpsysReceivers(AndroidExtraction):
                     self.log.info("Found a receiver monitoring outgoing calls: \"%s\"",
                                   receiver["receiver"])
 
+            ioc = self.indicators.check_app_id(receiver["package"])
+            if ioc:
+                receiver["matched_indicators"] = ioc
+                self.detected.append({intent: receiver})
+                continue
+
     def parse_receiver_resolver_table(self, data):
         """Parse output of dumpsys package.
 
@@ -96,10 +102,10 @@ class DumpsysReceivers(AndroidExtraction):
             # If we got this far, we are processing receivers for the
             # activities we are interested in.
             receiver = line.strip().split(" ")[1]
-            package_name = receiver.split("/")[0]
+            package = receiver.split("/")[0]
 
             self.results[intent].append({
-                "package_name": package_name,
+                "package": package,
                 "receiver": receiver,
             })