× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2622d686b4c4f1bfb16d080a53f858c17511f25c3aa33e725fe6b10aa7fc9585
File name: xa844278.apk
Detection ratio: 26 / 62
Analysis date: 2018-09-19 02:21:20 UTC ( 8 months, 1 week ago )
Antivirus Result Update
Ad-Aware Android.Riskware.SmsPay.ADR 20180917
AhnLab-V3 Android-PUP/SmsPay.ae5ae 20180918
Alibaba A.H.Pay.Qnmrkz 20180713
Arcabit Android.Riskware.SmsPay.ADR 20180919
Avira (no cloud) ANDROID/Trojan.Agent.AMAM.Gen 20180919
Baidu Android.Trojan.Fadeb.c 20180914
BitDefender Android.Riskware.SmsPay.ADR 20180919
CAT-QuickHeal Android.SmsPay.GEN7302 (PUP) 20180918
Cyren ZIP/Trojan.CYLE-0 20180919
DrWeb Android.Xiny.1513 20180919
Emsisoft Android.Riskware.SmsPay.ADR (B) 20180919
ESET-NOD32 a variant of Android/Fadeb.K 20180919
F-Secure Android.Riskware.SmsPay 20180919
Fortinet Android/Agent.AYL!tr 20180919
GData Android.Riskware.SmsPay.ADR 20180919
Ikarus Trojan.AndroidOS.Fadeb 20180918
K7GW Trojan ( 0053c40b1 ) 20180918
Kaspersky not-a-virus:HEUR:RiskTool.AndroidOS.Dnotua.acgn 20180919
MAX malware (ai score=78) 20180919
McAfee Artemis!1F1292C6CD23 20180919
eScan Android.Riskware.SmsPay.ADR 20180919
NANO-Antivirus Trojan.Android.Agent.dqfsll 20180919
Sophos AV Andr/Rootnik-AI 20180919
TrendMicro-HouseCall Suspicious_GEN.F47V0918 20180919
ZoneAlarm by Check Point not-a-virus:HEUR:RiskTool.AndroidOS.Dnotua.acgn 20180919
Zoner Trojan.AndroidOS.SmsPay.C 20180918
AegisLab 20180919
ALYac 20180919
Antiy-AVL 20180919
Avast 20180919
Avast-Mobile 20180918
AVG 20180919
AVware 20180919
Babable 20180918
Bkav 20180918
ClamAV 20180919
CMC 20180918
Comodo 20180919
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180919
eGambit 20180919
Endgame 20180730
F-Prot 20180919
Sophos ML 20180717
Jiangmin 20180919
K7AntiVirus 20180918
Kingsoft 20180919
Malwarebytes 20180919
McAfee-GW-Edition 20180919
Microsoft 20180918
Palo Alto Networks (Known Signatures) 20180919
Panda 20180918
Qihoo-360 20180919
Rising 20180919
SentinelOne (Static ML) 20180830
SUPERAntiSpyware 20180907
Symantec 20180918
Symantec Mobile Insight 20180918
TACHYON 20180919
Tencent 20180919
TheHacker 20180918
TotalDefense 20180918
TrendMicro 20180919
Trustlook 20180919
VBA32 20180918
VIPRE 20180919
ViRobot 20180918
Webroot 20180919
Yandex 20180917
Zillya 20180918
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.xlxndpec.uqrltpaf. The internal version number of the application is 6196229. The displayed version string of the application is 3.16. The minimum Android API level for the application to run (MinSDKVersion) is 11. The target Android API level for the application to run (TargetSDKVersion) is 19.
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.DISABLE_KEYGUARD (disable key lock)
android.permission.READ_USER_DICTIONARY (read user-defined dictionary)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.CAMERA (take pictures and videos)
android.permission.INTERNET (full Internet access)
android.permission.CHANGE_CONFIGURATION (change your UI settings)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.INTERACT_ACROSS_USERS_FULL ()
android.permission.UPDATE_APP_OPS_STATS (Unknown permission from android reference)
com.android.launcher.permission.INSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.RECEIVE_WAP_PUSH (receive WAP)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.GET_TASKS (retrieve running applications)
android.permission.READ_CALL_LOG (read the user's call log.)
android.permission.READ_SETTINGS (Unknown permission from android reference)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.MEDIA_CONTENT_CONTROL (Unknown permission from android reference)
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.ACCESS_MTK_MMHW (Unknown permission from android reference)
android.permission.BROADCAST_STICKY (send sticky broadcast)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.MODIFY_AUDIO_SETTINGS (change your audio settings)
android.permission.SAMSUNG_TUNTAP (Unknown permission from android reference)
android.permission.READ_SMS (read SMS or MMS)
android.permission.VIBRATE (control vibrator)
android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)
android.permission.READ_INTERNAL_STORAGE (Unknown permission from android reference)
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS (access extra location provider commands)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.READ_CONTACTS (read contact data)
android.permission.RUN_INSTRUMENTATION (Unknown permission from android reference)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS (mount and unmount file systems)
android.permission.WRITE_INTERNAL_STORAGE (Unknown permission from android reference)
android.permission.GET_ACCOUNTS (discover known accounts)
Activities
com.baidu.go.MainActivity
com.baidu.go.MhDeActivity
com.baidu.go.MhReadActivity
com.baidu.go.MbActivity
com.baidu.go.SPVideoActivity
com.baidu.go.zp.SW_VWebViewActivity
com.baidu.go.WelcomeActivity
com.nys.go.view.gallery.ImagePagerActivity
com.nys.go.novel.ReadActivity
com.nys.go.novel.CataActivity
Services
com.jy.ll.wx.LL_TpService
com.y.t.jar.pay.UpdateServices
com.inter.china.fplay.service.LlcServoceOne
com.a.w.p.M
Receivers
com.y.t.jar.pay.InNoticeReceiver
com.inter.china.fplay.service.LlcReceiverOne
com.wchen.jzf.jrever.JzRever
com.zxhy.zf.r.D
com.a.w.p.B
Activity-related intent filters
com.baidu.go.WelcomeActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.inter.china.fplay.service.LlcReceiverOne
actions: android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.BATTERY_CHANGED, android.intent.action.USER_PRESENT, android.net.wifi.supplicant.CONNECTION_CHANGE, android.intent.action.ACTION_POWER_CONNECTED, android.intent.action.ACTION_POWER_DISCONNECTED
com.zxhy.zf.r.D
actions: android.provider.Telephony.SMS_RECEIVED
com.a.w.p.B
actions: android.provider.Telephony.SMS_RECEIVED, android.intent.action.USER_PRESENT, android.intent.action.ACTION_SHUTDOWN, android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.SIM_STATE_CHANGED, android.intent.action.SERVICE_STATE, android.bluetooth.adapter.action.STATE_CHANGED, android.net.wifi.WIFI_STATE_CHANGED, android.intent.action.ANY_DATA_STATE, android.net.wifi.STATE_CHANGE, android.intent.action.BOOT_COMPLETED, android.intent.action.MEDIA_MOUNTED, android.intent.action.MEDIA_EJECT
categories: android.intent.category.DEFAULT, android.intent.category.LAUNCHER
com.wchen.jzf.jrever.JzRever
actions: android.provider.Telephony.SMS_DELIVER, android.provider.Telephony.SMS_RECEIVED
com.y.t.jar.pay.InNoticeReceiver
actions: android.provider.Telephony.SMS_DELIVER, android.provider.Telephony.SMS_RECEIVED
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
129
Uncompressed size
3596673
Highest datetime
2018-09-19 09:35:06
Lowest datetime
2018-09-19 09:28:12
Contained files by extension
xml
64
png
50
so
4
jpg
2
dex
1
MF
1
cf
1
RSA
1
dat
1
SF
1
Contained files by type
XML
63
PNG
50
unknown
9
ELF
4
JPG
2
DEX
1
File identification
MD5 d467451fbf09d1817dfc2bf02dd12b31
SHA1 cf9ca28510e07528e02b3bb0b281aa361d0afd33
SHA256 2622d686b4c4f1bfb16d080a53f858c17511f25c3aa33e725fe6b10aa7fc9585
ssdeep
49152:xQ3e/tPd6gzrmtR9tGemuw3HyWfHn7yTnqIglpGFBKq8uwR:q3e2Um9muw3SUn7Qn9HF9I

File size 2.1 MB ( 2213048 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (72.9%)
Java Archive (20.1%)
ZIP compressed archive (5.5%)
PrintFox/Pagefox bitmap (var. P) (1.3%)
Tags
apk android contains-elf

VirusTotal metadata
First submission 2018-09-19 02:21:20 UTC ( 8 months, 1 week ago )
Last submission 2018-09-19 02:21:20 UTC ( 8 months, 1 week ago )
File names xa844278.apk
污污大全44278.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!