× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 34ba5e97b8ecc97bfb891bdb3306bba6144411c28734f556242ffee6d8948035
File name: 08b9622db45cf7a42c2ad8083bf8d951.tmp.13825
Detection ratio: 30 / 57
Analysis date: 2015-08-28 20:51:46 UTC ( 1 week ago )
Antivirus Result Update
AVG Android/Deng.CAN 20150828
AVware Trojan.AndroidOS.Generic.A 20150828
Ad-Aware Android.Riskware.Agent.gXWWW 20150828
AegisLab Lotoor 20150828
AhnLab-V3 Android-AppCare/Framaroot.4aa6 20150828
Antiy-AVL Trojan[Exploit]/AndroidOS.Lotoor.be 20150828
Arcabit Android.Riskware.Agent.gXWWW 20150828
Avast Android:Lootor-AC [PUP] 20150828
Avira ANDROID/Lotoor.be 20150828
Baidu-International Trojan.Android.Lotoor.EF 20150828
BitDefender Android.Riskware.Agent.gXWWW 20150828
CAT-QuickHeal HackTool.Linux59f 20150828
Comodo UnclassifiedMalware 20150828
Cyren AndroidOS/GenBl.08B9622D!Olympus 20150828
DrWeb Tool.Rooter.3 20150828
ESET-NOD32 Android/Exploit.Lotoor.EF 20150828
F-Prot AndroidOS/Lotoor.A 20150828
GData Android.Riskware.Agent.gXWWW 20150828
Ikarus Exploit.AndroidOS.Lotoor 20150828
Kaspersky HEUR:Exploit.AndroidOS.Lotoor.be 20150828
Kingsoft Android.RISKWARE.at_Lotoor.f.(kcloud) 20150828
McAfee Artemis!08B9622DB45C 20150828
MicroWorld-eScan Android.Riskware.Agent.gXWWW 20150828
NANO-Antivirus Trojan.Android.Agent.dcuiwc 20150828
Sophos Andr/DroidRt-R 20150828
Symantec Trojan.Gen.2 20150828
Tencent Android.Trojan.Lotoor.Hfl 20150828
TrendMicro TROJ_FRS.0NA003H315 20150828
TrendMicro-HouseCall TROJ_FRS.0NA003H315 20150828
VIPRE Trojan.AndroidOS.Generic.A 20150828
ALYac 20150828
Agnitum 20150828
Alibaba 20150828
Bkav 20150828
ByteHero 20150828
CMC 20150827
ClamAV 20150828
Emsisoft 20150828
F-Secure 20150828
Fortinet 20150828
Jiangmin 20150827
K7AntiVirus 20150828
K7GW 20150828
Malwarebytes 20150828
McAfee-GW-Edition 20150828
Microsoft 20150828
Panda 20150828
Qihoo-360 20150828
Rising 20150826
SUPERAntiSpyware 20150826
TheHacker 20150828
TotalDefense 20150828
VBA32 20150828
ViRobot 20150828
Zillya 20150828
Zoner 20150828
nProtect 20150828
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.alephzain.framaroot. The internal version number of the application is 1. The displayed version string of the application is 1.9.1. The minimum Android API level for the application to run (MinSDKVersion) is 3. The target Android API level for the application to run (TargetSDKVersion) is 19.
Risk summary
The studied DEX file makes use of API reflection
The studied DEX file loads a shared library
The APK package studied contains shared ELF libraries
Permissions that allow the application to access private information
Other permissions that could be considered as dangerous in certain scenarios
Required permissions
android.permission.ACCESS_MTK_MMHW (Unknown permission from android reference)
android.permission.CAMERA (take pictures and videos)
Permission-related API calls
ACCESS_NETWORK_STATE
VIBRATE
Main Activity
com.alephzain.framaroot.FramaActivity
Activities
com.alephzain.framaroot.FramaActivity
com.alephzain.framaroot.FramaAdbActivity
Activity-related intent filters
com.alephzain.framaroot.FramaActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
com.alephzain.framaroot.FramaAdbActivity
actions: android.intent.action.MAIN
Code-related observations
The application does not load any code dynamically
The application contains reflection code
The application contains native code
The application does not contain cryptographic code
Application certificate information
Application bundle files
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
12
Uncompressed size
2499111
Highest datetime
2014-02-08 09:27:50
Lowest datetime
2014-02-08 09:27:48
Contained files by extension
png
4
xml
2
dex
1
MF
1
RSA
1
so
1
SF
1
Contained files by type
unknown
4
PNG
4
XML
2
DEX
1
ELF
1
Execution parents
Compressed bundles
File identification
MD5 08b9622db45cf7a42c2ad8083bf8d951
SHA1 e3238cf52df1d26e220208640e054ae94ffc2e2c
SHA256 34ba5e97b8ecc97bfb891bdb3306bba6144411c28734f556242ffee6d8948035
ssdeep
24576:tIQ/U5OOWCRV4LjRSLNJbhTfO4RZOFw2QZ3tsSQ0xFxd4pA:yQ/AOOR+RmLbJf3RkwXxxQ0xFxd0A

File size 1.0 MB ( 1082486 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android attachment contains-elf

VirusTotal metadata
First submission 2014-02-08 16:09:44 UTC ( 1 year, 6 months ago )
Last submission 2015-08-28 20:51:46 UTC ( 1 week ago )
File names Framaroot-1.9.1 (1).apk
Framaroot-1.9.1.
Framaroot-1.9.1.apk
195207_79a362_framaroot_1.9.1.apk
output.23869304.txt
34BA5E97B8ECC97BFB891BDB3306BBA6144411C28734F556242FFEE6D8948035.apk
Framaroot 1.9.1.apk
FramaRoot 1.9.1.apk
com.alephzain.framaroot.apk
file-6576800_apk
com-alephzain-framaroot-1-5253520-08b9622db45cf7a42c2ad8083bf8d951.apk
08b9622db45cf7a42c2ad8083bf8d951.tmp.11559
com.alephzain.framaroot_1.9.1_free-www.apkhere.com.apk
framaroot v 1.9.1.apk
framaroot_1.9.1.apk
Framaroot v1.9.1.apk
framaroot-1.9.1.apk
23869304
framaroot_1.9.1(1).apk
1. Framaroot.apk
Framaroot-1.9.1(Aliwix).apk
Framaroot-1.9.1(3).apk
Framaroot_1.9.1_apk-mod.ru.apk
filename
Framaroot-1.9.1.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!