× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 37e7d0fe9c07720ba5f153c98a5505b23a8cfeaa4e18f06ccc11dab2ea7574f0
File name: backdoor.apk
Detection ratio: 33 / 54
Analysis date: 2016-02-11 17:59:03 UTC ( 2 years, 9 months ago )
Antivirus Result Update
Ad-Aware Android.Riskware.AndroRat.A 20160211
AegisLab Androrat_1 20160211
AhnLab-V3 Android-Spyware/Androrat.2f84 20160211
Alibaba A.L.Rog.Androrat 20160204
Antiy-AVL Trojan[Backdoor:HEUR]/Android.Climap.1 20160211
Arcabit Android.Riskware.AndroRat.A 20160211
Avast Android:Androrat-I [Trj] 20160211
AVG Android/SpyAgent 20160211
Avira (no cloud) ANDROID/AndroRAT.A.Gen 20160211
Baidu-International Trojan.Android.AndroRAT.D 20160211
BitDefender Android.Riskware.AndroRat.A 20160211
CAT-QuickHeal Android.AndroRAT.A (PUP) 20160211
ClamAV Andr.Trojan.Androrat 20160211
Cyren AndroidOS/AndroRAT.A 20160211
DrWeb Program.Androrat.1.origin 20160211
ESET-NOD32 a variant of Android/Spy.AndroRAT.A 20160211
F-Prot AndroidOS/AndroRAT.A 20160211
F-Secure Monitoring-Tool:Android/AndroRat.B 20160211
Fortinet Android/AndroRat.A!tr 20160211
GData Android.Riskware.AndroRat.A 20160211
Ikarus Trojan-Spy.AndroidOS.Androrat 20160211
K7GW Trojan ( 0048d4dc1 ) 20160211
Kaspersky HEUR:Backdoor.AndroidOS.Climap.a 20160211
McAfee Artemis!12BC278438E7 20160211
McAfee-GW-Edition Artemis!PUP 20160211
Microsoft MonitoringTool:AndroidOS/AndroRat 20160211
eScan Android.Riskware.AndroRat.A 20160211
NANO-Antivirus Trojan.Android.Siggen.dzzhxe 20160211
Qihoo-360 Trojan.Android.Gen 20160211
Rising APK:Trojan.Generic(AndrCity)!7.1762 [F] 20160211
Sophos AV Andr/AndroRat-C 20160211
Tencent Trojan.Android.Agent.C6985C26 20160211
VIPRE Trojan.AndroidOS.Generic.A 20160211
Yandex 20160210
Bkav 20160204
ByteHero 20160211
CMC 20160205
Comodo 20160211
Emsisoft 20160211
Jiangmin 20160211
K7AntiVirus 20160211
Malwarebytes 20160211
nProtect 20160205
Panda 20160210
SUPERAntiSpyware 20160211
Symantec 20160211
TheHacker 20160210
TotalDefense 20160211
TrendMicro 20160211
TrendMicro-HouseCall 20160211
VBA32 20160211
ViRobot 20160211
Zillya 20160210
Zoner 20160211
The file being studied is Android related! APK Android file more specifically. The application's main package name is my.app.client. The internal version number of the application is 1. The displayed version string of the application is 1.0. The minimum Android API level for the application to run (MinSDKVersion) is 8.
Risk summary
Permissions that allow the application to manipulate SMS
Permissions that allow the application to perform calls
Permissions that allow the application to manipulate your location
Permissions that allow the application to perform payments
Permissions that allow the application to access Internet
Permissions that allow the application to access private information
Other permissions that could be considered as dangerous in certain scenarios
Required permissions
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.VIBRATE (control vibrator)
android.permission.PROCESS_OUTGOING_CALLS (intercept outgoing calls)
android.permission.CAMERA (take pictures and videos)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.INTERNET (full Internet access)
android.permission.READ_SMS (read SMS or MMS)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.READ_CONTACTS (read contact data)
android.permission.RECORD_AUDIO (record audio)
Permission-related API calls
ACCESS_NETWORK_STATE
RECORD_AUDIO
SEND_SMS
VIBRATE
CAMERA
INTERNET
READ_CONTACTS
READ_PHONE_STATE
ACCESS_FINE_LOCATION
Main Activity
my.app.client.LauncherActivity
Activities
my.app.client.LauncherActivity
my.app.alt.PhotoActivity
Services
my.app.client.Client
Receivers
my.app.client.BootReceiver
my.app.client.AlarmListener
Service-related intent filters
my.app.client.Client
actions: .Client
Activity-related intent filters
my.app.client.LauncherActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
my.app.client.BootReceiver
actions: android.intent.action.BOOT_COMPLETED
categories: android.intent.category.HOME
Application certificate information
Application bundle files
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
12
Uncompressed size
118708
Highest datetime
2015-09-20 21:07:36
Lowest datetime
2015-09-20 21:07:36
Contained files by extension
png
4
xml
3
dex
1
MF
1
RSA
1
SF
1
Contained files by type
unknown
4
PNG
4
XML
3
DEX
1
File identification
MD5 12bc278438e73ca56a352f262f6b16a5
SHA1 94d66978a9ad2a4e1561adf2fff9f8aff74d461a
SHA256 37e7d0fe9c07720ba5f153c98a5505b23a8cfeaa4e18f06ccc11dab2ea7574f0
ssdeep
1536:Vu/b3HhM+jfKWKIS1HBtb/oZ9l8nz7TMyk51GbGOMQ8/:Vu7BM+jfXKh1fW9igyUL/

File size 67.1 KB ( 68660 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (92.9%)
ZIP compressed archive (7.0%)
Tags
apk android

VirusTotal metadata
First submission 2015-09-21 15:12:38 UTC ( 3 years, 1 month ago )
Last submission 2015-09-21 15:12:38 UTC ( 3 years, 1 month ago )
File names backdoor.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!