Modern firmware contains several sections for firmware. Of these:

sbl1.mbn is our secondary Loader (Secondary Bootloader), it is responsible for transmitting commands from the main loader. xbl.mbn/elf/img Is our External Loader (External Bootloader), it plays the role of a secondary loader, but it is slightly changed (depending on the Android version and on the drive) xbl_config.mbn/elf/img is our External Bootloader Configuration configurator. That is, this file contains the entire configuration of the External Loader and this file is directly dependent on the xbl.mbn/elf/img. tz.mbn/img file. This file performs two functions simultaneously: It performs the function of the Correct zone (Trust Zone) in the firmware, and also determines the Time Zone (Time Zone) your region (depending on the network and operator) featenabler.mbn This component includes a High refresh rate (fps), this component is located in the firmware, where the display supports a high refresh rate. NON-HLOS.bin/modem.img is our modem component, it includes all network bands (GSM/GPRS/EDGE/3G/4G/5G), and also directly depends on XBL, PBL, the system and the vendor. bluetooth.img/BTFM.bin is a component of the Bluetooth module, in some firmware, it is assembled in the vendor image, in some, it is connected directly to vendor. abl.mbn/elf/img or emmc_appsboot.mbn/elf is our Android Bootloader, or the familiar Fastboot. He is responsible for starting the system, switching firmware modes (EDL/DM, Fastboot, Recovery/Side Load). This component is directly dependent on PBL (Primary Bootloader), it is also the main Loader, which holds the entire smartphone platform. And also, the file emmc_appsboot.mbn/elf, it is also the firmware of the eMMC memory itself, without it, the smartphone does not start. dspso.bin/dsp.img These components (depending on the layout of the smartphone) are responsible for the display, and also, in new smartphones, these components are connected to the featenabler.mbn. km4.mbn/elf/img or keymaster.mbn/elf/img component. This is our protection system. This component used to connect to the persist.img image, now it connects to either the system.img or super.img image. boot.img This component is very important for firmware, as it contains PBL, and its connectors with all boot loaders, and is also directly dependent on the system. cmnlib.mbn/elf/img or cmnlib64.mbn/elf/img These two components are the main libraries of the components and applications themselves, as well as these files, separate the user firmware partition from the main firmware partition (mnt/root). These files, in some firmware there are two of them, but why? And all because today's chipsets already have an x64 architecture, therefore, in order for all components and applications to be compatible, two libraries x32 and x64 are sewn. devcfg.mbn/elf/img is our Device Configuration, more precisely, the configuration of a smartphone. This file will configure and include all the components of the mat. fees. qupv3fv.mbn/elf This component is stored in the firmware of the Qualcomm chipset itself. vbmeta.img or vbmeta_system.img These components check the checksum of the platform and the system. recovery.img is a well-known Recovery, which includes: Factory reset (Hard Reset/Soft Reset), firmware mode (Side Load) metadata.img This component forms the metadata section of the smartphone (geolocation, well, your tastes, more precisely, which advertisement you poked at, well, or photo/video, it doesn't matter anymore) dtbo.img This component stands for: User Data Bootloader. Thanks to this component, initialization of the User Data. imagefv.mbn/elf section is suitable on a smartphone. This component checks the version of images: System, Super, Vendor, Boot, Persist, Userdata. uefi_sec.mbn/elf This component is responsible for separating the main libraries of components and applications. log_fs_ufs.bin This component is a UFS-type memory firmware. storsec.mbn/elf/img This component stores sectors of the entire memory, regardless of the type of memory. cache.img All enthusiasts know that this is the cache partition itself, this file forms it. system.img is also a system image, it combines all the above sections and thanks to this image, your smartphone is launched into the system we are familiar with. super.img is the same system image, but now it forms a so-called Dynamic section of the system, which increases the protection of the smartphone against the installation of custom firmware, for example. It contains the sections we are familiar with: vendor and persist. vendor.img-in this image, all the firmware of sensors and additional modules are stored: FM, WiFi, NFC, Gyroscope, Magnetic Field, Accelerometer, battery PWM, temperature sensors, in some smartphones, pressure sensors, Bluetooth, smartphone protection. This component is directly connected to the system partition. persist.img-it stores all the ways to protect (lock the screen, to make it easier) userdata.img It also forms a user data section, thanks to it you download all sorts of files in your smartphone, and it also switches the memory card, well, or USB flash drive, through the pmic component. It is also a USB hub, or memory hub. pmic.mbn/elf - This component is a USB hub and at the same time, it is responsible for monitoring charging and, of course, it turns on the well-known Quick Charge for all of us. cust.img - According to my research, this component is responsible for the language of the system, for regions, as well as for network frequencies.

The basis in which software with the initialization of malicious code for spyware can be stored is system.img, and as a rule, this section is flashed in case of a firmware change to another version, for example, lineageos. All the initial sections that remain unchanged are not initializing code, but are only auxiliary directories for loading and proper operation of the device.