× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3727a7de8da6b71843f32696d666a0f39bd9c2e47703cdf647bbc85507509560
File name: dropped.apk
Detection ratio: 20 / 55
Analysis date: 2015-11-25 06:45:39 UTC ( 1 year, 5 months ago ) View latest
Antivirus Result Update
Ad-Aware Android.Trojan.SLocker.FB 20151125
Alibaba A.H.Rog.Pletor.A 20151125
Arcabit Android.Trojan.SLocker.FB 20151125
Avast Android:Banker-GA [Trj] 20151125
AVG Android/Deng.FVT 20151125
Avira (no cloud) ANDROID/Spy.Banker.AO.Gen 20151125
BitDefender Android.Trojan.SLocker.FB 20151125
CAT-QuickHeal Android.SmForw.BY 20151125
Cyren AndroidOS/Torec.C.gen!Eldorado 20151125
DrWeb Android.Banker.51.origin 20151125
Emsisoft Android.Trojan.SLocker.FB (B) 20151125
ESET-NOD32 a variant of Android/Torec.C 20151125
F-Secure Android.Trojan.SLocker.FB 20151125
Fortinet Android/Torec.H!tr 20151125
GData Android.Trojan.SLocker.FB 20151125
Ikarus Trojan.AndroidOS.Slempo 20151125
Kaspersky HEUR:Trojan-Banker.AndroidOS.Acecard.b 20151125
eScan Android.Trojan.SLocker.FB 20151125
NANO-Antivirus Trojan.Android.Banker.dxaiup 20151125
Sophos Andr/Torec-A 20151125
AegisLab 20151125
Yandex 20151124
AhnLab-V3 20151124
ALYac 20151125
Antiy-AVL 20151125
AVware 20151124
Baidu-International 20151124
Bkav 20151124
ByteHero 20151125
ClamAV 20151125
CMC 20151124
Comodo 20151125
F-Prot 20151125
Jiangmin 20151124
K7AntiVirus 20151124
K7GW 20151125
Malwarebytes 20151125
McAfee 20151125
McAfee-GW-Edition 20151125
Microsoft 20151125
nProtect 20151125
Panda 20151124
Qihoo-360 20151125
Rising 20151124
SUPERAntiSpyware 20151125
Symantec 20151124
Tencent 20151125
TheHacker 20151125
TrendMicro 20151125
TrendMicro-HouseCall 20151125
VBA32 20151124
VIPRE 20151125
ViRobot 20151125
Zillya 20151123
Zoner 20151125
The file being studied is Android related! APK Android file more specifically. The application's main package name is org.slempo.service. The internal version number of the application is 2. The displayed version string of the application is 1.1. The minimum Android API level for the application to run (MinSDKVersion) is 9. The target Android API level for the application to run (TargetSDKVersion) is 22.
Required permissions
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.GET_TASKS (retrieve running applications)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.INTERNET (full Internet access)
android.permission.READ_SMS (read SMS or MMS)
Activities
org.slempo.service.Main
org.slempo.service.DeviceAdminChecker
org.slempo.service.activities.Cards
org.slempo.service.activities.CvcPopup
org.slempo.service.activities.ChangeNumber
org.slempo.service.activities.Commbank
org.slempo.service.activities.Nab
org.slempo.service.activities.Westpack
org.slempo.service.activities.PayPal
org.slempo.service.activities.StGeorge
org.slempo.service.activities.GM
org.slempo.service.activities.Code
org.slempo.service.activities.HTMLDialogs
org.slempo.service.activities.CommonHTML
Services
org.slempo.service.MainService
Receivers
org.slempo.service.ServiceStarter
org.slempo.service.SDCardServiceStarter
org.slempo.service.MyDeviceAdminReceiver
org.slempo.service.MessageReceiver
org.slempo.service.DialogsStarter
org.slempo.service.PulseReceiver
Activity-related intent filters
org.slempo.service.Main
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
org.slempo.service.MessageReceiver
actions: android.provider.Telephony.SMS_RECEIVED
org.slempo.service.ServiceStarter
actions: android.intent.action.BOOT_COMPLETED
org.slempo.service.MyDeviceAdminReceiver
actions: android.app.action.DEVICE_ADMIN_ENABLED
org.slempo.service.SDCardServiceStarter
actions: android.intent.action.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE
org.slempo.service.DialogsStarter
actions: com.slempo.service.activities.HTMLStart
org.slempo.service.PulseReceiver
actions: org.slempo.service.TASK_ALARM_SERVICE_PULSE
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
1002
Uncompressed size
2059787
Highest datetime
2015-10-20 00:30:08
Lowest datetime
2015-10-19 13:12:58
Contained files by extension
png
309
xml
162
dex
1
MF
1
Contained files by type
unknown
528
PNG
309
XML
162
DEX
1
File identification
MD5 1b1acd068461a074be1a49df02b10b09
SHA1 a78521a0c192b2dbb6cdf5a3cb47eab9394a6e10
SHA256 3727a7de8da6b71843f32696d666a0f39bd9c2e47703cdf647bbc85507509560
ssdeep
24576:zAtsYGKFF+QMjQzd4b1yAbgom+eA3IzTZQW2EiTxg:srFVSyggomzA3+T/iTxg

File size 1.4 MB ( 1519474 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android

VirusTotal metadata
First submission 2015-11-25 06:45:39 UTC ( 1 year, 5 months ago )
Last submission 2015-12-13 14:11:40 UTC ( 1 year, 4 months ago )
File names dropped.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Interesting calls
Calls APIs that manage SMS operations such as sending data, text, and pdu SMS messages.
Contacted URLs
http://146.0.72.181/
Accessed URIs
content://sms/inbox
content://sms