× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 22278cc82c79d1ea4328d633b9f935db3020e626ade7c77a889d36e1b3b19fce
File name: a4b7be4c2ad757a5a41e6172b450b617.apk
Detection ratio: 32 / 55
Analysis date: 2015-01-06 17:08:13 UTC ( 6 months ago )
Antivirus Result Update
AVG Android/SMSStealer 20150106
AVware Trojan.AndroidOS.Generic.A 20150105
Ad-Aware Android.Trojan.SmsSpy.E 20150106
AegisLab Stealer 20150106
AhnLab-V3 Android-Malicious/SMSAgent 20150106
Avast Android:Stealer-AC [Trj] 20150106
Avira Android/HtmlApp.A.Gen 20150106
Baidu-International Trojan.AndroidOS.Stealer.ahCX 20150106
BitDefender Android.Trojan.SmsSpy.E 20150106
CAT-QuickHeal Android.Stealer.B 20150106
Comodo UnclassifiedMalware 20150106
Cyren AndroidOS/Agent.FY 20150106
DrWeb Android.SmsSend.552 20150106
ESET-NOD32 a variant of Android/TrojanSMS.Stealer.L 20150106
F-Prot AndroidOS/Agent.FY 20150106
F-Secure Trojan:Android/SmsSpy.AN 20150106
Fortinet Android/SMSStealer.G!tr 20150105
GData Android.Trojan.SmsSpy.E 20150106
Ikarus Trojan-SMS.AndroidOS.Stealer 20150106
K7GW Trojan ( 0049497c1 ) 20150106
Kaspersky HEUR:Trojan-SMS.AndroidOS.Stealer.a 20150106
Kingsoft Android.Troj.Stealer.ya.(kcloud) 20150106
McAfee Artemis!A4B7BE4C2AD7 20150106
MicroWorld-eScan Android.Trojan.SmsSpy.E 20150106
NANO-Antivirus Trojan.Android.Stealer.cwhxiy 20150106
Qihoo-360 Trojan.Generic 20150106
Sophos Andr/FakeIns-D 20150106
Symantec Android.Premiumtext 20150106
Tencent Trojan.Android.Agent.309A9382 20150106
TotalDefense AndroidOS/Tnega.JWTHGTD 20150106
VIPRE Trojan.AndroidOS.Generic.A 20150106
Zoner Trojan.AndroidOS.Fjcon.C 20141228
ALYac 20150106
Agnitum 20150105
Antiy-AVL 20150106
Bkav 20150106
ByteHero 20150106
CMC 20150104
ClamAV 20150106
Jiangmin 20150105
K7AntiVirus 20150106
Malwarebytes 20150106
McAfee-GW-Edition 20150106
Microsoft 20150106
Norman 20150106
Panda 20150106
Rising 20141231
SUPERAntiSpyware 20150106
TheHacker 20150106
TrendMicro 20150106
TrendMicro-HouseCall 20150106
VBA32 20150106
ViRobot 20150106
Zillya 20150106
nProtect 20150106
The file being studied is Android related! APK Android file more specifically. The application's main package name is obnovleniebrauzera.html.app. The internal version number of the application is 1. The displayed version string of the application is 1.0.
Risk summary
Permissions that allow the application to manipulate SMS
Permissions that allow the application to manipulate your location
Permissions that allow the application to perform payments
Permissions that allow the application to access Internet
Permissions that allow the application to access private information
Other permissions that could be considered as dangerous in certain scenarios
Required permissions
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.INTERNET (full Internet access)
android.permission.INSTALL_PACKAGES (directly install applications)
com.android.launcher.permission.INSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.GET_TASKS (retrieve running applications)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.DELETE_PACKAGES (delete applications)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.READ_CONTACTS (read contact data)
Main Activity
html.app.MainActivity
Activities
html.app.MainActivity
Services
system.service.MainService
system.service.HideService
Receivers
html.app.AlarmReceiver
html.app.SmsReciver
system.service.AlarmReceiver
system.service.AutorunReceiver
system.service.SReciver
Activity-related intent filters
html.app.MainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
system.service.SReciver
actions: android.provider.Telephony.SMS_RECEIVED
html.app.SmsReciver
actions: android.provider.Telephony.SMS_RECEIVED
system.service.AutorunReceiver
actions: android.intent.action.BOOT_COMPLETED, android.intent.action.USER_PRESENT, android.intent.action.PHONE_STATE
Code-related observations
The application does not load any code dynamically
The application does not contain reflection code
The application does not contain native code
The application does not contain cryptographic code
Application certificate information
Application bundle files
Interesting strings
File identification
MD5 a4b7be4c2ad757a5a41e6172b450b617
SHA1 22cdb4df895c36f20ed6a15273b545b85b2b18c4
SHA256 22278cc82c79d1ea4328d633b9f935db3020e626ade7c77a889d36e1b3b19fce
ssdeep
6144:1o0jTUbrfmv3JGXosp1C89mJo8wlzn1ynhqzjbLXzdVyvwT:auTU3fm/kfxlhyqPXzryva

File size 329.7 KB ( 337633 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
apk android

VirusTotal metadata
First submission 2013-12-04 16:58:34 UTC ( 1 year, 7 months ago )
Last submission 2015-01-06 17:08:13 UTC ( 6 months ago )
File names a4b7be4c2ad757a5a41e6172b450b617.apk
obnovlenie_brauzera.apk
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x293efe03

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
3053

ZipCompressedSize
1283

FileAccessDate
2015:01:06 18:08:18+01:00

ZipFileName
META-INF/MANIFEST.MF

ZipBitFlag
0x0008

FileCreateDate
2015:01:06 18:08:18+01:00

ZipModifyDate
2013:12:04 20:10:16

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!