× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 05e16a68a7393c90334cf98c4c390db67f2316126014df1508cc8170025ce150
File name: d777a9f9ace08ebd86a12f410deaed97_1.apk
Detection ratio: 31 / 54
Analysis date: 2016-01-03 10:29:26 UTC ( 7 months, 3 weeks ago )
Antivirus Result Update
AVG Android/Deng.FEC 20160103
AVware Trojan.AndroidOS.Generic.A 20160103
Ad-Aware Android.Trojan.Tramp.A 20151224
AegisLab Tramp 20160103
AhnLab-V3 Android-Spyware/Tmphone.f65c 20160102
Alibaba A.H.Pri.Tramp 20151208
Antiy-AVL Trojan[Spy]/AndroidOS.Tramp.a 20160103
Arcabit Android.Trojan.Tramp.A 20160103
Avast Android:Tramp-E [Trj] 20160103
Avira (no cloud) ANDROID/Spy.Tramp.A.Gen 20160102
Baidu-International Trojan.AndroidOS.Tramp.a 20160103
BitDefender Android.Trojan.Tramp.A 20160103
CAT-QuickHeal Android.Tramp.A 20160102
Comodo UnclassifiedMalware 20160103
Cyren AndroidOS/GenBl.D777A9F9!Olympus 20160101
ESET-NOD32 a variant of Android/Spy.Tramp.B 20151231
Emsisoft Android.Trojan.Tramp.A (B) 20160103
F-Prot AndroidOS/TrampSpy.A 20160103
F-Secure Trojan-Spy:Android/Tramp.A 20160102
GData Android.Trojan.Tramp.A 20160103
Ikarus Trojan-Spy.AndroidOS.Tramp 20151231
K7GW Spyware ( 0048d7c41 ) 20160103
Kaspersky HEUR:Trojan-Spy.AndroidOS.Tramp.a 20160103
McAfee Artemis!D777A9F9ACE0 20160103
eScan Android.Trojan.Tramp.A 20160103
NANO-Antivirus Trojan.Android.Tramp.cwzgmw 20160103
Rising APK:Trojan.Tramp.a/Android!7.10E7 [F] 20160103
Sophos Andr/TraMp-A 20160103
Symantec Android.Mobilespy 20160102
Tencent Dos.Trojan-spy.Tramp.Wrqd 20160103
VIPRE Trojan.AndroidOS.Generic.A 20160102
Yandex 20160101
Bkav 20151231
ByteHero 20160103
CMC 20151231
ClamAV 20160103
DrWeb 20160103
Fortinet 20160103
Jiangmin 20160103
K7AntiVirus 20160103
Malwarebytes 20160103
McAfee-GW-Edition 20160103
Microsoft 20160103
Panda 20160103
SUPERAntiSpyware 20160103
TheHacker 20160103
TotalDefense 20160103
TrendMicro 20160103
TrendMicro-HouseCall 20160103
VBA32 20160102
ViRobot 20160103
Zillya 20151231
Zoner 20160103
nProtect 20151231
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.android.services. The internal version number of the application is 1. The displayed version string of the application is 1.4. The minimum Android API level for the application to run (MinSDKVersion) is 8. The target Android API level for the application to run (TargetSDKVersion) is 16.
Required permissions
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.READ_OWNER_DATA (Unknown permission from android reference)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.ACCESS_MOCK_LOCATION (mock location sources for testing)
android.permission.VIBRATE (control vibrator)
android.permission.WRITE_OWNER_DATA (Unknown permission from android reference)
com.android.services.permission.C2D_MESSAGE (C2DM permission.)
com.google.android.c2dm.permission.RECEIVE (Unknown permission from android reference)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.INTERNET (full Internet access)
android.permission.WRITE_CALL_LOG (write (but not read) the user's contacts data.)
android.permission.RECEIVE_MMS (receive MMS)
android.permission.READ_CONTACTS (read contact data)
android.permission.GET_ACCOUNTS (discover known accounts)
android.permission.READ_SMS (read SMS or MMS)
Services
com.android.services.GCMIntentService
com.android.services.GoogleServices
Receivers
com.android.services.SMSBroadcastReceiver
com.google.android.gcm.GCMBroadcastReceiver
Receiver-related intent filters
com.android.services.SMSBroadcastReceiver
actions: android.intent.action.PHONE_STATE, android.provider.Telephony.SMS_RECEIVED, com.android.services.UPDATE_CLOUDMESSAGEID
com.google.android.gcm.GCMBroadcastReceiver
actions: com.google.android.c2dm.intent.RECEIVE, com.google.android.c2dm.intent.REGISTRATION
categories: com.android.services
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
17
Uncompressed size
297804
Highest datetime
2013-09-12 08:18:00
Lowest datetime
2013-07-09 10:06:00
Contained files by extension
png
9
xml
2
dex
1
MF
1
RSA
1
SF
1
Contained files by type
PNG
9
unknown
4
XML
2
DEX
1
ELF
1
File identification
MD5 d777a9f9ace08ebd86a12f410deaed97
SHA1 7db2e39efaced8d90385e9b4dbe5b1c43cec1953
SHA256 05e16a68a7393c90334cf98c4c390db67f2316126014df1508cc8170025ce150
ssdeep
3072:r/MyQEHV5KMFcU8pU80FHgk5zD3z6RFknf8Pi+9x4iY5IhBMszxaqd4tTnoLao0a:r/0EH2MZFHg6z6R6fWiwFpMszxPdSnWj

File size 173.2 KB ( 177356 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android contains-elf

VirusTotal metadata
First submission 2013-09-12 01:16:51 UTC ( 2 years, 11 months ago )
Last submission 2014-12-21 06:34:28 UTC ( 1 year, 8 months ago )
File names 2573622
d777a9f9ace08ebd86a12f410deaed97.apk
d777a9f9ace08ebd86a12f410deaed97_1.apk
05E16A68A7393C90334CF98C4C390DB67F2316126014DF1508CC8170025CE150.apk.log
13.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!