× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 064dcb4d096d9e70db526e342d750169b9d5248d4442e27fd287db904ba3c31f
File name: 064DCB4D096D9E70DB526E342D750169B9D5248D4442E27FD287DB904BA3C31F.dat
Detection ratio: 20 / 61
Analysis date: 2018-09-21 00:51:00 UTC ( 1 month, 3 weeks ago )
Antivirus Result Update
AegisLab Trojan.AndroidOS.Generic.4!c 20180921
Antiy-AVL Trojan/Android.TSGeneric 20180920
Arcabit Android.Trojan.BgServ.AX 20180921
Avast-Mobile APK:RepMalware [Trj] 20180920
AVware Trojan.AndroidOS.Generic.A 20180920
BitDefender Android.Trojan.BgServ.AX 20180921
CAT-QuickHeal Android.Bgserv.GEN74 20180918
Cyren AndroidOS/GenBl.AF311EAA!Olympus 20180921
Emsisoft Android.Trojan.BgServ.AX (B) 20180921
ESET-NOD32 a variant of Android/Bgserv.K 20180921
GData Android.Trojan.BgServ.AX 20180921
K7GW Trojan ( 004c70281 ) 20180920
MAX malware (ai score=81) 20180921
McAfee Artemis!AF311EAA2AF1 20180921
McAfee-GW-Edition Artemis 20180920
eScan Android.Trojan.BgServ.AX 20180921
Symantec Trojan.Gen.2 20180920
Tencent Android.Trojan.Bgserv.Lohl 20180921
Zillya Trojan.Bgserv.Android.15 20180920
Zoner Trojan.AndroidOS.BGServ.D 20180920
Ad-Aware 20180921
AhnLab-V3 20180920
Alibaba 20180912
ALYac 20180921
Avast 20180921
AVG 20180921
Avira (no cloud) 20180920
Babable 20180918
Baidu 20180914
Bkav 20180919
ClamAV 20180921
CMC 20180920
Comodo 20180921
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180921
DrWeb 20180921
eGambit 20180921
Endgame 20180730
F-Prot 20180921
F-Secure 20180921
Fortinet 20180921
Sophos ML 20180717
Jiangmin 20180921
K7AntiVirus 20180920
Kaspersky 20180921
Kingsoft 20180921
Malwarebytes 20180921
Microsoft 20180921
NANO-Antivirus 20180920
Palo Alto Networks (Known Signatures) 20180921
Panda 20180920
Qihoo-360 20180921
Rising 20180921
SentinelOne (Static ML) 20180830
Sophos AV 20180920
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20180918
TACHYON 20180921
TheHacker 20180920
TotalDefense 20180920
TrendMicro 20180920
TrendMicro-HouseCall 20180920
Trustlook 20180921
VBA32 20180920
VIPRE 20180921
ViRobot 20180920
Webroot 20180921
Yandex 20180920
ZoneAlarm by Check Point 20180921
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.android.vending.sectool.v1. The internal version number of the application is 15. The displayed version string of the application is 2.5. The minimum Android API level for the application to run (MinSDKVersion) is 3.
Required permissions
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
com.google.android.providers.gsf.permission.READ_GSERVICES (Unknown permission from android reference)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.INTERNET (full Internet access)
com.google.android.googleapps.permission.GOOGLE_AUTH (Unknown permission from android reference)
Services
com.android.vending.sectool.v1.GoogleSecurityToolActivity
Receivers
com.android.vending.sectool.v1.GoogleSecurityToolReceiver
Receiver-related intent filters
com.android.vending.sectool.v1.GoogleSecurityToolReceiver
actions: android.intent.action.PACKAGE_ADDED, android.intent.action.PACKAGE_CHANGED, android.intent.action.PACKAGE_REMOVED, android.intent.action.BOOT_COMPLETED, com.android.vending.INSTALL_REFERRER, android.intent.action.GTALK_CONNECTED
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
8
Uncompressed size
135842
Highest datetime
2008-12-01 22:07:58
Lowest datetime
2008-12-01 22:07:58
Contained files by extension
xml
1
dex
1
MF
1
RSA
1
SF
1
png
1
Contained files by type
unknown
4
XML
1
DEX
1
ELF
1
PNG
1
File identification
MD5 af311eaa2af1342ba0e39028cf4f99fb
SHA1 163f11924b3bf364662762dc8d596726948a0846
SHA256 064dcb4d096d9e70db526e342d750169b9d5248d4442e27fd287db904ba3c31f
ssdeep
1536:4y1EadHHdEVSaaAFaL50Oz41xSDS34wqOxGcqIVuYgMZn:4udJqSJGBdq4xqyulW

File size 77.3 KB ( 79118 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (91.3%)
ZIP compressed archive (6.9%)
PrintFox/Pagefox bitmap (var. P) (1.7%)
Tags
apk android contains-elf

VirusTotal metadata
First submission 2012-11-22 01:37:24 UTC ( 5 years, 11 months ago )
Last submission 2015-06-26 08:59:54 UTC ( 3 years, 4 months ago )
File names af311eaa2af1342ba0e39028cf4f99fb.apk
com.android.vending.sectool.v1-2.apk
064DCB4D096D9E70DB526E342D750169B9D5248D4442E27FD287DB904BA3C31F.dat
af311eaa2af1342ba0e39028cf4f99fb.log
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!