× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 05e16a68a7393c90334cf98c4c390db67f2316126014df1508cc8170025ce150
File name: d777a9f9ace08ebd86a12f410deaed97_1.apk
Detection ratio: 29 / 56
Analysis date: 2014-12-21 06:34:28 UTC ( 8 months, 1 week ago )
Antivirus Result Update
AVG Android/Deng.LH 20141220
AVware Trojan.AndroidOS.Generic.A 20141220
Ad-Aware Android.Trojan.Tramp.A 20141220
AegisLab Tramp 20141220
AhnLab-V3 Android-Malicious/Tmphone 20141220
Avast Android:Tramp-E [Trj] 20141220
Avira Android/Spy.Tramp.A.Gen 20141220
BitDefender Android.Trojan.Tramp.A 20141220
CAT-QuickHeal Android.Tramp.A 20141219
Comodo UnclassifiedMalware 20141220
Cyren AndroidOS/TrampSpy.A 20141220
DrWeb Android.Spy.39.origin 20141220
ESET-NOD32 a variant of Android/Spy.Tramp.C 20141220
Emsisoft Android.Trojan.Tramp.A (B) 20141220
F-Prot AndroidOS/TrampSpy.A 20141220
F-Secure Trojan-Spy:Android/Tramp.A 20141220
Fortinet Android/Tramp.B!tr.spy 20141220
GData Android.Trojan.Tramp.A 20141220
Ikarus Trojan-Spy.AndroidOS.Tramp 20141220
K7GW Spyware ( 0048d7c41 ) 20141220
Kaspersky HEUR:Trojan-Spy.AndroidOS.Tramp.a 20141220
McAfee Artemis!D777A9F9ACE0 20141220
MicroWorld-eScan Android.Trojan.Tramp.A 20141220
NANO-Antivirus Trojan.Android.Tramp.cwzgmw 20141220
Sophos Andr/TraMp-A 20141220
Symantec Android.Mobilespy 20141220
TotalDefense AndroidOS/Tnega.HVfTJe 20141219
VIPRE Trojan.AndroidOS.Generic.A 20141220
Zoner Spyware.AndroidOS.Tramp.A 20141219
ALYac 20141220
Agnitum 20141219
Antiy-AVL 20141220
Baidu-International 20141220
Bkav 20141220
ByteHero 20141221
CMC 20141218
ClamAV 20141220
Jiangmin 20141219
K7AntiVirus 20141219
Kingsoft 20141221
Malwarebytes 20141220
McAfee-GW-Edition 20141220
Microsoft 20141220
Norman 20141220
Panda 20141220
Qihoo-360 20141221
Rising 20141218
SUPERAntiSpyware 20141220
Tencent 20141221
TheHacker 20141219
TrendMicro 20141220
TrendMicro-HouseCall 20141220
VBA32 20141219
ViRobot 20141220
Zillya 20141220
nProtect 20141219
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.android.services. The internal version number of the application is 1. The displayed version string of the application is 1.4. The minimum Android API level for the application to run (MinSDKVersion) is 8. The target Android API level for the application to run (TargetSDKVersion) is 16.
Risk summary
The studied DEX file makes use of API reflection
The APK package studied contains ELF executable files
Permissions that allow the application to manipulate SMS
Permissions that allow the application to manipulate your location
Permissions that allow the application to perform payments
Permissions that allow the application to access Internet
Permissions that allow the application to access private information
Other permissions that could be considered as dangerous in certain scenarios
Required permissions
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.READ_OWNER_DATA (Unknown permission from android reference)
android.permission.INTERNET (full Internet access)
android.permission.ACCESS_MOCK_LOCATION (mock location sources for testing)
android.permission.VIBRATE (control vibrator)
android.permission.WRITE_OWNER_DATA (Unknown permission from android reference)
com.google.android.c2dm.permission.RECEIVE (Unknown permission from android reference)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.READ_SMS (read SMS or MMS)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.WRITE_SETTINGS (modify global system settings)
com.android.services.permission.C2D_MESSAGE (C2DM permission.)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.WRITE_CALL_LOG (write (but not read) the user's contacts data.)
android.permission.RECEIVE_MMS (receive MMS)
android.permission.READ_CONTACTS (read contact data)
android.permission.GET_ACCOUNTS (discover known accounts)
android.permission.RECEIVE_SMS (receive SMS)
Permission-related API calls
ACCESS_FINE_LOCATION
READ_PHONE_STATE
SEND_SMS
WAKE_LOCK
INTERNET
Services
com.android.services.GCMIntentService
com.android.services.GoogleServices
Receivers
com.android.services.SMSBroadcastReceiver
com.google.android.gcm.GCMBroadcastReceiver
Receiver-related intent filters
com.android.services.SMSBroadcastReceiver
actions: android.intent.action.PHONE_STATE, android.provider.Telephony.SMS_RECEIVED, com.android.services.UPDATE_CLOUDMESSAGEID
com.google.android.gcm.GCMBroadcastReceiver
actions: com.google.android.c2dm.intent.RECEIVE, com.google.android.c2dm.intent.REGISTRATION
categories: com.android.services
Code-related observations
The application does not load any code dynamically
The application contains reflection code
The application does not contain native code
The application does not contain cryptographic code
Application certificate information
Application bundle files
Interesting strings
File identification
MD5 d777a9f9ace08ebd86a12f410deaed97
SHA1 7db2e39efaced8d90385e9b4dbe5b1c43cec1953
SHA256 05e16a68a7393c90334cf98c4c390db67f2316126014df1508cc8170025ce150
ssdeep
3072:r/MyQEHV5KMFcU8pU80FHgk5zD3z6RFknf8Pi+9x4iY5IhBMszxaqd4tTnoLao0a:r/0EH2MZFHg6z6R6fWiwFpMszxPdSnWj

File size 173.2 KB ( 177356 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android

VirusTotal metadata
First submission 2013-09-12 01:16:51 UTC ( 1 year, 11 months ago )
Last submission 2014-12-21 06:34:28 UTC ( 8 months, 1 week ago )
File names 2573622
d777a9f9ace08ebd86a12f410deaed97.apk
d777a9f9ace08ebd86a12f410deaed97_1.apk
05E16A68A7393C90334CF98C4C390DB67F2316126014DF1508CC8170025CE150.apk.log
13.txt
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x54577f67

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
624

ZipCompressedSize
314

FileAccessDate
2014:12:21 07:34:46+01:00

ZipFileName
res/layout/activity_track_message.xml

ZipBitFlag
0x0808

FileCreateDate
2014:12:21 07:34:46+01:00

ZipModifyDate
2013:09:12 08:18:00

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!