× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 22278cc82c79d1ea4328d633b9f935db3020e626ade7c77a889d36e1b3b19fce
File name: obnovlenie_brauzera.apk
Detection ratio: 26 / 48
Analysis date: 2014-02-11 13:45:10 UTC ( 2 months ago )
Antivirus Result Update
AVG Android/Generic 20140211
Ad-Aware Android.Trojan.SmsSpy.E 20140211
AntiVir Android/HtmlApp.A.Gen 20140211
Avast Android:Stealer-S [PUP] 20140211
Baidu-International Trojan.AndroidOS.Stealer.AzA 20140211
BitDefender Android.Trojan.SmsSpy.E 20140211
CAT-QuickHeal Android.Stealer.B 20140211
Commtouch AndroidOS/SMSSpy.F.gen!Eldorado 20140211
Comodo UnclassifiedMalware 20140211
DrWeb Android.SmsBot.19.origin 20140211
ESET-NOD32 a variant of Android/TrojanSMS.Stealer.L 20140211
Emsisoft Android.Trojan.SmsSpy.E (B) 20140211
F-Secure Trojan:Android/Fakeinst.FY 20140211
Fortinet Android/SMSStealer.G!tr 20140211
GData Android.Trojan.SmsSpy.E 20140211
Ikarus Trojan-SMS.AndroidOS.Agent 20140211
K7GW Trojan ( 004942b81 ) 20140210
Kaspersky HEUR:Trojan-SMS.AndroidOS.Stealer.a 20140211
McAfee Artemis!A4B7BE4C2AD7 20140211
McAfee-GW-Edition Artemis!A4B7BE4C2AD7 20140211
MicroWorld-eScan Android.Trojan.SmsSpy.E 20140211
Sophos Andr/FakeIns-D 20140211
Symantec Android.Premiumtext 20140211
TotalDefense AndroidOS/Tnega.JWTHGTD 20140211
TrendMicro-HouseCall TROJ_GEN.F47V1204 20140211
VIPRE Trojan.AndroidOS.Generic.A 20140211
Agnitum 20140211
AhnLab-V3 20140211
Bkav 20140211
ByteHero 20140211
CMC 20140211
ClamAV 20140211
F-Prot 20140211
Jiangmin 20140211
K7AntiVirus 20140210
Kingsoft 20130829
Malwarebytes 20140211
Microsoft 20140211
NANO-Antivirus 20140211
Norman 20140211
Panda 20140210
Qihoo-360 20140211
Rising 20140211
SUPERAntiSpyware 20140211
TheHacker 20140208
TrendMicro 20140211
VBA32 20140211
ViRobot 20140211
nProtect 20140211
The file being studied is Android related! APK Android file more specifically. The application's main package name is obnovleniebrauzera.html.app. The internal version number of the application is 1. The displayed version string of the application is 1.0.
Risk summary
Permissions that allow the application to manipulate SMS
Permissions that allow the application to manipulate your location
Permissions that allow the application to perform payments
Permissions that allow the application to access Internet
Permissions that allow the application to access private information
Other permissions that could be considered as dangerous in certain scenarios
Required permissions
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.INSTALL_PACKAGES (directly install applications)
com.android.launcher.permission.INSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.GET_TASKS (retrieve running applications)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.DELETE_PACKAGES (delete applications)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.INTERNET (full Internet access)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.READ_CONTACTS (read contact data)
Main Activity
html.app.MainActivity
Activities
html.app.MainActivity
Services
system.service.MainService
system.service.HideService
Receivers
html.app.AlarmReceiver
html.app.SmsReciver
system.service.AlarmReceiver
system.service.AutorunReceiver
system.service.SReciver
Activity-related intent filters
html.app.MainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
html.app.SmsReciver
actions: android.provider.Telephony.SMS_RECEIVED
system.service.SReciver
actions: android.provider.Telephony.SMS_RECEIVED
system.service.AutorunReceiver
actions: android.intent.action.BOOT_COMPLETED, android.intent.action.USER_PRESENT, android.intent.action.PHONE_STATE
Code-related observations
The application does not load any code dynamically
The application does not contain reflection code
The application does not contain native code
The application does not contain cryptographic code
Application certificate information
Application bundle files
Interesting strings
File identification
MD5 a4b7be4c2ad757a5a41e6172b450b617
SHA1 22cdb4df895c36f20ed6a15273b545b85b2b18c4
SHA256 22278cc82c79d1ea4328d633b9f935db3020e626ade7c77a889d36e1b3b19fce
ssdeep
6144:1o0jTUbrfmv3JGXosp1C89mJo8wlzn1ynhqzjbLXzdVyvwT:auTU3fm/kfxlhyqPXzryva

File size 329.7 KB ( 337633 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
apk android

VirusTotal metadata
First submission 2013-12-04 16:58:34 UTC ( 4 months, 2 weeks ago )
Last submission 2013-12-04 16:58:34 UTC ( 4 months, 2 weeks ago )
File names obnovlenie_brauzera.apk
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x293efe03

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
3053

ZipCompressedSize
1283

FileAccessDate
2014:02:11 14:45:21+01:00

ZipFileName
META-INF/MANIFEST.MF

ZipBitFlag
0x0008

FileCreateDate
2014:02:11 14:45:21+01:00

ZipModifyDate
2013:12:04 20:10:16

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!