× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 05436586dce6f0e2ac7c9efc6e532a33922be22ae4ccf397b90f802dde9f554e
File name: xb7TV44278.apk
Detection ratio: 23 / 62
Analysis date: 2018-09-10 02:35:45 UTC ( 8 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Android.Riskware.SmsPay.ADR 20180910
AhnLab-V3 Android-PUP/SmsPay.ae5ae 20180909
Alibaba A.H.Pay.Qnmrkz 20180713
Arcabit Android.Riskware.SmsPay.ADR 20180910
Avira (no cloud) ANDROID/Trojan.Agent.AMAM.Gen 20180909
BitDefender Android.Riskware.SmsPay.ADR 20180910
CAT-QuickHeal Android.SmsPay.GEN7302 (PUP) 20180909
Cyren ZIP/Trojan.CYLE-0 20180910
DrWeb Android.Xiny.1513 20180910
Emsisoft Android.Riskware.SmsPay.ADR (B) 20180910
ESET-NOD32 a variant of Android/Agent.AYL 20180909
F-Secure Android.Riskware.SmsPay 20180910
Fortinet Android/Generic.Z.2E1983!tr 20180910
GData Android.Riskware.SmsPay.ADR 20180910
Ikarus PUA.AndroidOS.SMSreg 20180909
Kaspersky not-a-virus:HEUR:RiskTool.AndroidOS.Dnotua.acgn 20180910
MAX malware (ai score=74) 20180910
McAfee Artemis!16560DF80C3F 20180910
eScan Android.Riskware.SmsPay.ADR 20180910
NANO-Antivirus Trojan.Android.Agent.dqfsll 20180909
Sophos AV Andr/Rootnik-AI 20180910
TrendMicro-HouseCall Suspicious_GEN.F47V0720 20180910
ZoneAlarm by Check Point not-a-virus:HEUR:RiskTool.AndroidOS.Dnotua.acgn 20180910
AegisLab 20180910
ALYac 20180910
Antiy-AVL 20180906
Avast 20180910
Avast-Mobile 20180909
AVG 20180910
AVware 20180910
Babable 20180907
Baidu 20180906
Bkav 20180906
ClamAV 20180910
CMC 20180910
Comodo 20180909
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180910
eGambit 20180910
Endgame 20180730
F-Prot 20180910
Sophos ML 20180717
Jiangmin 20180909
K7AntiVirus 20180909
K7GW 20180909
Kingsoft 20180910
Malwarebytes 20180910
McAfee-GW-Edition 20180909
Microsoft 20180910
Palo Alto Networks (Known Signatures) 20180910
Panda 20180909
Qihoo-360 20180910
Rising 20180909
SentinelOne (Static ML) 20180830
SUPERAntiSpyware 20180907
Symantec 20180909
Symantec Mobile Insight 20180905
TACHYON 20180909
Tencent 20180910
TheHacker 20180907
TotalDefense 20180909
TrendMicro 20180909
Trustlook 20180910
VBA32 20180907
VIPRE 20180910
ViRobot 20180909
Webroot 20180910
Yandex 20180908
Zillya 20180908
Zoner 20180909
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.gczmjopw.xumtqfdv. The internal version number of the application is 1812164. The displayed version string of the application is 3.08. The minimum Android API level for the application to run (MinSDKVersion) is 11. The target Android API level for the application to run (TargetSDKVersion) is 19.
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.DISABLE_KEYGUARD (disable key lock)
android.permission.READ_USER_DICTIONARY (read user-defined dictionary)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.INTERNET (full Internet access)
android.permission.CHANGE_CONFIGURATION (change your UI settings)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.INTERACT_ACROSS_USERS_FULL ()
android.permission.UPDATE_APP_OPS_STATS (Unknown permission from android reference)
com.android.launcher.permission.INSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.RECEIVE_WAP_PUSH (receive WAP)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.GET_TASKS (retrieve running applications)
android.permission.READ_CALL_LOG (read the user's call log.)
android.permission.READ_SETTINGS (Unknown permission from android reference)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.MEDIA_CONTENT_CONTROL (Unknown permission from android reference)
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.ACCESS_MTK_MMHW (Unknown permission from android reference)
android.permission.BROADCAST_STICKY (send sticky broadcast)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS (mount and unmount file systems)
android.permission.SAMSUNG_TUNTAP (Unknown permission from android reference)
android.permission.READ_SMS (read SMS or MMS)
android.permission.VIBRATE (control vibrator)
android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)
android.permission.READ_INTERNAL_STORAGE (Unknown permission from android reference)
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS (access extra location provider commands)
android.permission.CAMERA (take pictures and videos)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.READ_CONTACTS (read contact data)
android.permission.RUN_INSTRUMENTATION (Unknown permission from android reference)
android.permission.MODIFY_AUDIO_SETTINGS (change your audio settings)
android.permission.WRITE_INTERNAL_STORAGE (Unknown permission from android reference)
android.permission.GET_ACCOUNTS (discover known accounts)
Activities
com.baidu.go.MainActivity
com.baidu.go.MbActivity
com.baidu.go.SPVideoActivity
com.baidu.go.zp.SW_VWebViewActivity
com.baidu.go.WelcomeActivity
com.nys.go.view.gallery.ImagePagerActivity
com.nys.go.novel.ReadActivity
com.nys.go.novel.CataActivity
Services
com.y.t.jar.pay.UpdateServices
com.inter.china.fplay.service.LlcServoceOne
com.a.w.p.M
Receivers
com.y.t.jar.pay.InNoticeReceiver
com.inter.china.fplay.service.LlcReceiverOne
com.wchen.jzf.jrever.JzRever
com.zxhy.zf.r.D
com.a.w.p.B
Activity-related intent filters
com.baidu.go.WelcomeActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.inter.china.fplay.service.LlcReceiverOne
actions: android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.BATTERY_CHANGED, android.intent.action.USER_PRESENT, android.net.wifi.supplicant.CONNECTION_CHANGE, android.intent.action.ACTION_POWER_CONNECTED, android.intent.action.ACTION_POWER_DISCONNECTED
com.a.w.p.B
actions: android.provider.Telephony.SMS_RECEIVED, android.intent.action.USER_PRESENT, android.intent.action.ACTION_SHUTDOWN, android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.SIM_STATE_CHANGED, android.intent.action.SERVICE_STATE, android.bluetooth.adapter.action.STATE_CHANGED, android.net.wifi.WIFI_STATE_CHANGED, android.intent.action.ANY_DATA_STATE, android.net.wifi.STATE_CHANGE, android.intent.action.BOOT_COMPLETED, android.intent.action.MEDIA_MOUNTED, android.intent.action.MEDIA_EJECT
categories: android.intent.category.DEFAULT, android.intent.category.LAUNCHER
com.y.t.jar.pay.InNoticeReceiver
actions: android.provider.Telephony.SMS_DELIVER, android.provider.Telephony.SMS_RECEIVED
com.wchen.jzf.jrever.JzRever
actions: android.provider.Telephony.SMS_DELIVER, android.provider.Telephony.SMS_RECEIVED
com.zxhy.zf.r.D
actions: android.provider.Telephony.SMS_RECEIVED
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
104
Uncompressed size
2582893
Highest datetime
2018-09-10 10:19:30
Lowest datetime
2018-09-10 10:13:10
Contained files by extension
xml
49
png
42
jpg
2
so
2
dex
1
MF
1
cf
1
RSA
1
dat
1
SF
1
Contained files by type
XML
48
PNG
42
unknown
9
ELF
2
JPG
2
DEX
1
File identification
MD5 54e7de3bf86200ef2288421e1cf222d7
SHA1 d7a1b3694668a0b4da9e6ef46cc4bc1fccff28a1
SHA256 05436586dce6f0e2ac7c9efc6e532a33922be22ae4ccf397b90f802dde9f554e
ssdeep
24576:P39QunieY+tOIHC7kFAB8ILxDFzVhFTXyT8fbnvXnvPhmpSwybsRBT2/w:v9Q3eTt9GkW8IHXFuIbnPn3h+TN

File size 1.5 MB ( 1584405 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (72.9%)
Java Archive (20.1%)
ZIP compressed archive (5.5%)
PrintFox/Pagefox bitmap (var. P) (1.3%)
Tags
apk android contains-elf

VirusTotal metadata
First submission 2018-09-10 02:35:45 UTC ( 8 months, 1 week ago )
Last submission 2018-09-10 21:03:23 UTC ( 8 months, 1 week ago )
File names xb7TV44278.apk
宅男TV44278.apk
output.113820079.txt
output.113820553.txt
output.113819917.txt
output.113820285.txt
output.113820717.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!