× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 051b8b227eda8469e2ccca56a7df585d50f8b3367807dd0b5e007cf29bd59071
File name: output.114214685.txt
Detection ratio: 25 / 61
Analysis date: 2018-09-30 19:13:40 UTC ( 7 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Android.Riskware.SmsPay.ADR 20180930
AhnLab-V3 Android-PUP/SmsPay.ae5ae 20180930
Avira (no cloud) ANDROID/Trojan.Agent.AMAM.Gen 20180930
Baidu Android.Trojan.Fadeb.c 20180930
BitDefender Android.Riskware.SmsPay.ADR 20180930
CAT-QuickHeal Android.SmsPay.GEN7302 (PUP) 20180930
Cyren ZIP/Trojan.CYLE-0 20180930
Emsisoft Android.Riskware.SmsPay.ADR (B) 20180930
ESET-NOD32 a variant of Android/Fadeb.K 20180930
F-Secure Android.Riskware.SmsPay 20180930
Fortinet Android/Agent.AYL!tr 20180930
GData Android.Riskware.SmsPay.ADR 20180930
Ikarus PUA.AndroidOS.SMSPay 20180930
Jiangmin Trojan.AndroidOS.flar 20180930
K7GW Trojan ( 0053c40b1 ) 20180930
Kaspersky not-a-virus:HEUR:RiskTool.AndroidOS.Dnotua.acgn 20180930
MAX malware (ai score=99) 20180930
McAfee Artemis!F442AD12F108 20180930
McAfee-GW-Edition RDN/Generic.com 20180930
eScan Android.Riskware.SmsPay.ADR 20180930
NANO-Antivirus Trojan.Android.Agent.dqfsll 20180930
Qihoo-360 Trojan.Android.Gen 20180930
Sophos AV Andr/Rootnik-AI 20180930
Symantec Dialer.Generic 20180930
ZoneAlarm by Check Point not-a-virus:HEUR:RiskTool.AndroidOS.Dnotua.acgn 20180925
AegisLab 20180930
Alibaba 20180921
ALYac 20180930
Antiy-AVL 20180930
Arcabit 20180930
Avast 20180930
Avast-Mobile 20180928
AVG 20180930
AVware 20180925
Babable 20180918
Bkav 20180928
ClamAV 20180930
CMC 20180930
Comodo 20180930
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180930
DrWeb 20180930
eGambit 20180930
Endgame 20180730
F-Prot 20180930
Sophos ML 20180717
K7AntiVirus 20180930
Kingsoft 20180930
Malwarebytes 20180930
Microsoft 20180930
Palo Alto Networks (Known Signatures) 20180930
Panda 20180930
Rising 20180930
SentinelOne (Static ML) 20180926
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20180924
TACHYON 20180930
Tencent 20180930
TheHacker 20180927
TotalDefense 20180930
TrendMicro 20180930
TrendMicro-HouseCall 20180930
Trustlook 20180930
VBA32 20180928
VIPRE 20180930
ViRobot 20180930
Webroot 20180930
Yandex 20180927
Zillya 20180928
Zoner 20180927
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.cgppohzr.exftccjw. The internal version number of the application is 9368530. The displayed version string of the application is 3.19. The minimum Android API level for the application to run (MinSDKVersion) is 11. The target Android API level for the application to run (TargetSDKVersion) is 19.
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.DISABLE_KEYGUARD (disable key lock)
android.permission.READ_USER_DICTIONARY (read user-defined dictionary)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.CAMERA (take pictures and videos)
android.permission.INTERNET (full Internet access)
android.permission.CHANGE_CONFIGURATION (change your UI settings)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.INTERACT_ACROSS_USERS_FULL ()
android.permission.UPDATE_APP_OPS_STATS (Unknown permission from android reference)
com.android.launcher.permission.INSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.RECEIVE_WAP_PUSH (receive WAP)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.GET_TASKS (retrieve running applications)
android.permission.READ_CALL_LOG (read the user's call log.)
android.permission.READ_SETTINGS (Unknown permission from android reference)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.MEDIA_CONTENT_CONTROL (Unknown permission from android reference)
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.ACCESS_MTK_MMHW (Unknown permission from android reference)
android.permission.BROADCAST_STICKY (send sticky broadcast)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.MODIFY_AUDIO_SETTINGS (change your audio settings)
android.permission.SAMSUNG_TUNTAP (Unknown permission from android reference)
android.permission.READ_SMS (read SMS or MMS)
android.permission.VIBRATE (control vibrator)
android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)
android.permission.READ_INTERNAL_STORAGE (Unknown permission from android reference)
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS (access extra location provider commands)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.READ_CONTACTS (read contact data)
android.permission.RUN_INSTRUMENTATION (Unknown permission from android reference)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS (mount and unmount file systems)
android.permission.WRITE_INTERNAL_STORAGE (Unknown permission from android reference)
android.permission.GET_ACCOUNTS (discover known accounts)
Activities
com.baidu.go.MainActivity
com.baidu.go.MhDeActivity
com.baidu.go.MhReadActivity
com.baidu.go.MbActivity
com.baidu.go.SPVideoActivity
com.baidu.go.zp.SW_VWebViewActivity
com.baidu.go.WelcomeActivity
com.nys.go.view.gallery.ImagePagerActivity
com.nys.go.novel.ReadActivity
com.nys.go.novel.CataActivity
Services
com.jy.ll.wx.LL_TpService
com.y.t.jar.pay.UpdateServices
com.inter.china.fplay.service.LlcServoceOne
com.a.w.p.M
Receivers
com.y.t.jar.pay.InNoticeReceiver
com.inter.china.fplay.service.LlcReceiverOne
com.wchen.jzf.jrever.JzRever
com.zxhy.zf.r.D
com.a.w.p.B
Activity-related intent filters
com.baidu.go.WelcomeActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.inter.china.fplay.service.LlcReceiverOne
actions: android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.BATTERY_CHANGED, android.intent.action.USER_PRESENT, android.net.wifi.supplicant.CONNECTION_CHANGE, android.intent.action.ACTION_POWER_CONNECTED, android.intent.action.ACTION_POWER_DISCONNECTED
com.zxhy.zf.r.D
actions: android.provider.Telephony.SMS_RECEIVED
com.a.w.p.B
actions: android.provider.Telephony.SMS_RECEIVED, android.intent.action.USER_PRESENT, android.intent.action.ACTION_SHUTDOWN, android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.SIM_STATE_CHANGED, android.intent.action.SERVICE_STATE, android.bluetooth.adapter.action.STATE_CHANGED, android.net.wifi.WIFI_STATE_CHANGED, android.intent.action.ANY_DATA_STATE, android.net.wifi.STATE_CHANGE, android.intent.action.BOOT_COMPLETED, android.intent.action.MEDIA_MOUNTED, android.intent.action.MEDIA_EJECT
categories: android.intent.category.DEFAULT, android.intent.category.LAUNCHER
com.wchen.jzf.jrever.JzRever
actions: android.provider.Telephony.SMS_DELIVER, android.provider.Telephony.SMS_RECEIVED
com.y.t.jar.pay.InNoticeReceiver
actions: android.provider.Telephony.SMS_DELIVER, android.provider.Telephony.SMS_RECEIVED
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
130
Uncompressed size
3944517
Highest datetime
2018-09-30 16:00:48
Lowest datetime
2018-09-30 15:53:44
Contained files by extension
xml
64
png
50
so
6
jpg
2
dex
1
MF
1
cf
1
RSA
1
SF
1
Contained files by type
XML
63
PNG
50
unknown
8
ELF
6
JPG
2
DEX
1
File identification
MD5 f442ad12f108acd69fcf4b427851e681
SHA1 a15eee021bd1bee05f552028b74f6a526be0bf09
SHA256 051b8b227eda8469e2ccca56a7df585d50f8b3367807dd0b5e007cf29bd59071
ssdeep
49152:Ht5earIpW/FTzWlD4uO9f/5ZSntyzrIHnusglFGRBKq8uwL:uakpWNTzG7qnSntirOnFzR9i

File size 2.2 MB ( 2300556 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (63.6%)
Java Archive (17.5%)
Sweet Home 3D design (generic) (12.7%)
ZIP compressed archive (4.8%)
PrintFox/Pagefox bitmap (var. P) (1.2%)
Tags
apk android contains-elf

VirusTotal metadata
First submission 2018-09-30 08:20:18 UTC ( 7 months, 3 weeks ago )
Last submission 2019-03-13 10:43:55 UTC ( 2 months, 1 week ago )
File names output.114290153.txt
output.114336427.txt
output.114290650.txt
output.114292447.txt
output.114289891.txt
output.114499562.txt
output.114296777.txt
output.114290351.txt
output.114290617.txt
VirusShare_Family_201810_f442ad12f108acd69fcf4b427851e681.apk
output.114291810.txt
output.114296275.txt
output.114295968.txt
output.114296408.txt
output.114291921.txt
output.114297143.txt
output.114437469.txt
output.114296430.txt
output.114290752.txt
output.114333839.txt
output.115159069.txt
output.114216500.txt
output.114290717.txt
output.114445828.txt
output.114234164.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!