× Бисквитките са забранени! Този сайт изисква бисквитките да бъдат разрешени, за да работи правилно.
SHA256: 07278c56973d609caa5f9eb2393d9b1eb41964d24e7e9e7a7e7f9fdfb2bb4c31
Име на файла: 60f0c18fae934d1033394d62951d5dc8.apk
Съотношение на разпознаване: 30 / 60
Дата на анализиране: 2017-05-04 08:05:25 UTC (преди 2 месеци, 2 седмици)
Антивирусен софтуер Резултат Версия на обновление
Ad-Aware Android.Trojan.HiddenApp.OU 20170504
AegisLab Android.Troj.Hiddenapp!c 20170504
AhnLab-V3 Android-Trojan/FakeInst.3e91a 20170503
Alibaba A.H.Int.Kgb 20170504
Antiy-AVL Trojan[Spy]/Android.Mekir 20170504
Arcabit Android.Trojan.HiddenApp.OU 20170504
Avast Android:Agent-MOB [Trj] 20170504
Avira (no cloud) ANDROID/HiddenApp.hezjj 20170504
BitDefender Android.Trojan.HiddenApp.OU 20170504
CAT-QuickHeal Android.Mekir.B 20170504
Cyren ZIP/Trojan.YSNH-9 20170504
DrWeb Android.Backdoor.500.origin 20170504
Emsisoft Android.Trojan.HiddenApp.OU (B) 20170504
ESET-NOD32 Android/HiddenApp.BB 20170504
F-Secure Android.Trojan.HiddenApp.OU 20170504
Fortinet Android/Generic.S.4AF341!tr 20170504
GData Android.Trojan.HiddenApp.OU 20170504
Ikarus Trojan.AndroidOS.Hiddenapp 20170503
K7GW Trojan ( 004fa1e81 ) 20170426
Kaspersky HEUR:Trojan-Spy.AndroidOS.Mekir.d 20170504
McAfee Artemis!60F0C18FAE93 20170504
eScan Android.Trojan.HiddenApp.OU 20170504
NANO-Antivirus Trojan.Android.HiddenApp.eikhbb 20170504
Qihoo-360 Android mobile malware 20170504
Sophos AV Andr/HiddenAp-Z 20170504
Symantec Trojan.Gen.2 20170503
Symantec Mobile Insight Trojan:Malapp 20170504
Tencent a.expense.squareup 20170504
WhiteArmor Android-Malware.SN-Sure.2441134153074532264000.[PUA] 20170502
ZoneAlarm by Check Point HEUR:Trojan-Spy.AndroidOS.Mekir.d 20170504
ALYac 20170504
AVG 20170504
AVware 20170504
Baidu 20170503
Bkav 20170503
ClamAV 20170504
CMC 20170503
Comodo 20170504
CrowdStrike Falcon (ML) 20170130
Endgame 20170503
F-Prot 20170504
Sophos ML 20170413
Jiangmin 20170504
K7AntiVirus 20170504
Kingsoft 20170504
Malwarebytes 20170504
McAfee-GW-Edition 20170504
Microsoft 20170504
nProtect 20170504
Palo Alto Networks (Known Signatures) 20170504
Panda 20170503
Rising 20170429
SentinelOne (Static ML) 20170330
SUPERAntiSpyware 20170504
TheHacker 20170504
TotalDefense 20170504
TrendMicro 20170504
TrendMicro-HouseCall 20170504
VBA32 20170503
VIPRE 20170504
ViRobot 20170504
Webroot 20170504
Yandex 20170503
Zillya 20170504
Zoner 20170504
The file being studied is Android related! APK Android file more specifically. The application's main package name is it.phonevoda.androidv1. The internal version number of the application is 1. The displayed version string of the application is 1. The minimum Android API level for the application to run (MinSDKVersion) is 7. The target Android API level for the application to run (TargetSDKVersion) is 19.
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.READ_SYNC_SETTINGS (read sync settings)
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS (access extra location provider commands)
com.android.launcher.permission.UNINSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.ACCESS_MOCK_LOCATION (mock location sources for testing)
android.permission.READ_USER_DICTIONARY (read user-defined dictionary)
android.permission.READ_CALENDAR (read calendar events)
android.permission.READ_LOGS (read sensitive log data)
android.permission.WRITE_PROFILE (write the user's personal profile data)
android.permission.READ_SOCIAL_STREAM (read from the user's social stream)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.UPDATE_DEVICE_STATS (modify battery statistics)
android.permission.READ_SYNC_STATS (read sync statistics)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.BLUETOOTH (create Bluetooth connections)
android.permission.CAMERA (take pictures and videos)
android.permission.INTERNET (full Internet access)
android.permission.SET_WALLPAPER_HINTS (set wallpaper size hints)
android.permission.SET_ANIMATION_SCALE (modify global animation speed)
android.permission.CHANGE_CONFIGURATION (change your UI settings)
android.permission.BLUETOOTH_ADMIN (bluetooth administration)
android.permission.NFC (control Near-Field Communication)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.PERSISTENT_ACTIVITY (make application always run)
android.permission.USE_CREDENTIALS (use the authentication credentials of an account)
com.android.launcher.permission.INSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.WRITE_CALL_LOG (write (but not read) the user's contacts data.)
android.permission.SET_PROCESS_LIMIT (limit number of running processes)
android.permission.READ_CALL_LOG (read the user's call log.)
android.permission.CHANGE_WIFI_MULTICAST_STATE (allow Wi-Fi Multicast reception)
android.permission.WRITE_USER_DICTIONARY (write to user-defined dictionary)
com.android.browser.permission.READ_HISTORY_BOOKMARKS (read Browser's history and bookmarks)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.SUBSCRIBED_FEEDS_READ (read subscribed feeds)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.GET_PACKAGE_SIZE (measure application storage space)
android.permission.RECORD_AUDIO (record audio)
android.permission.WRITE_SOCIAL_STREAM (write the user's social stream)
android.permission.MANAGE_ACCOUNTS (manage the accounts list)
android.permission.WRITE_SYNC_SETTINGS (write sync settings)
android.permission.READ_CONTACTS (read contact data)
android.permission.AUTHENTICATE_ACCOUNTS (act as an account authenticator)
android.permission.SIGNAL_PERSISTENT_PROCESSES (send Linux signals to applications)
android.permission.BROADCAST_STICKY (send sticky broadcast)
android.permission.SET_WALLPAPER (set wallpaper)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.READ_SMS (read SMS or MMS)
android.permission.WRITE_CONTACTS (write contact data)
android.permission.BATTERY_STATS (modify battery statistics)
android.permission.KILL_BACKGROUND_PROCESSES (kill background processes)
android.permission.GET_TASKS (retrieve running applications)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.RECEIVE_MMS (receive MMS)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.SET_ALWAYS_FINISH (make all background applications close)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.MODIFY_PHONE_STATE (modify phone status)
android.permission.MODIFY_AUDIO_SETTINGS (change your audio settings)
android.permission.RESTART_PACKAGES (kill background processes)
android.permission.READ_PROFILE (read the user's personal profile data)
android.permission.USE_SIP (make/receive Internet calls)
android.permission.GET_ACCOUNTS (discover known accounts)
android.permission.WRITE_CALENDAR (add or modify calendar events and send emails to guests)
Activities
com.google.android.system.MainActivity
com.google.android.system.RecActivity
Services
com.google.android.MainService
Receivers
com.google.android.Autostart
com.google.android.PackageChangeReceiver
Activity-related intent filters
com.google.android.system.MainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.google.android.PackageChangeReceiver
actions: android.intent.action.PACKAGE_ADDED, android.intent.action.PACKAGE_REPLACED, android.intent.action.PACKAGE_REMOVED
com.google.android.Autostart
actions: android.intent.action.BOOT_COMPLETED
Application certificate information
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
9
Uncompressed size
486330
Highest datetime
2014-05-20 14:58:52
Lowest datetime
2014-05-20 14:58:52
Contained files by extension
png
3
xml
1
dex
1
MF
1
RSA
1
SF
1
Contained files by type
unknown
4
PNG
3
XML
1
DEX
1
File identification
MD5 60f0c18fae934d1033394d62951d5dc8
SHA1 c0802514739173623a319db4551f88d2ca71bdb2
SHA256 07278c56973d609caa5f9eb2393d9b1eb41964d24e7e9e7a7e7f9fdfb2bb4c31
ssdeep
6144:HgMaUKxo0x5AsEWfTS+8pPFRZd5EuEl6r3k:HgSKx/5IWLSdPWWr0

File size 217.6 KB ( 222799 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android

VirusTotal metadata
First submission 2016-10-07 08:20:29 UTC (преди 9 месеци, 2 седмици)
Last submission 2016-11-22 11:39:41 UTC (преди 8 месеци)
Имена на файла 60f0c18fae934d1033394d62951d5dc8.apk
60f0c18fae934d1033394d62951d5dc8.virus
Няма коментари. Никой не е коментирал това, бъдете първи!

Оставете своя коментар…

?
Публикуване

Не сте влезли в акаунта си. Само регистрирани потребители могат да коментират. Влезте и оставете своя коментар!

Няма гласове. Никой не е гласувал за това все още, бъдете първи!
Started services
#Intent;component=it.phonevoda.androidv1/com.google.android.MainService;end
Started receivers
android.intent.action.SCREEN_ON
android.intent.action.SCREEN_OFF
android.intent.action.USER_PRESENT
android.provider.Telephony.SMS_RECEIVED
Opened files
/data/data/it.phonevoda.androidv1/files/stservice.dat
/data/data/it.phonevoda.androidv1/files/arservice.dat
/data/data/it.phonevoda.androidv1/files/crservice.dat
/data/data/it.phonevoda.androidv1/files/idservice.dat
/mnt/sdcard/Android/data/com.google.android.app/trf
/mnt/sdcard/Android/data/com.google.android.app
/mnt/sdcard
Accessed files
/mnt/sdcard/Android/data/com.google.android.app
/mnt/sdcard/Android/data/com.google.android.app/trf
Interesting calls
Calls APIs that manage SMS operations such as sending data, text, and pdu SMS messages.
Contacted URLs
https://66.232.100.221/UlisseREST/api/actions/RequestActionsToExecute
https://66.232.100.221/UlisseREST/api/log/NotifyLog