× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3bbeaba123aab26ce8cd1ab5e3032010e349444e8ec5e186a3e4ae85669bcd4e
File name: goolink.apk
Detection ratio: 6 / 61
Analysis date: 2018-12-12 18:05:24 UTC ( 5 months, 2 weeks ago ) View latest
Antivirus Result Update
CAT-QuickHeal Android.Jiagu.A (PUP) 20181212
Cyren AndroidOS/Trojan.XTML-13 20181212
ESET-NOD32 a variant of Android/Packed.Jiagu.A potentially unsafe 20181212
Ikarus AdWare.AndroidOS.Jiagu 20181212
K7GW Trojan ( 005259891 ) 20181212
Symantec Mobile Insight AppRisk:Generisk 20181207
Ad-Aware 20181212
AegisLab 20181212
AhnLab-V3 20181212
Alibaba 20180921
ALYac 20181212
Antiy-AVL 20181212
Arcabit 20181212
Avast 20181212
Avast-Mobile 20181212
AVG 20181212
Avira (no cloud) 20181212
Babable 20180918
Baidu 20181207
BitDefender 20181212
Bkav 20181212
ClamAV 20181212
CMC 20181212
Comodo 20181212
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181212
DrWeb 20181212
eGambit 20181212
Emsisoft 20181212
Endgame 20181108
F-Prot 20181212
F-Secure 20181212
Fortinet 20181212
GData 20181212
Sophos ML 20181128
Jiangmin 20181212
K7AntiVirus 20181212
Kaspersky 20181212
Kingsoft 20181212
Malwarebytes 20181212
MAX 20181212
McAfee 20181212
McAfee-GW-Edition 20181212
Microsoft 20181212
eScan 20181212
NANO-Antivirus 20181212
Palo Alto Networks (Known Signatures) 20181212
Panda 20181212
Qihoo-360 20181212
Rising 20181212
SentinelOne (Static ML) 20181011
Sophos AV 20181212
SUPERAntiSpyware 20181212
Symantec 20181212
TACHYON 20181212
Tencent 20181212
TheHacker 20181210
TotalDefense 20181212
Trapmine 20181205
TrendMicro 20181212
TrendMicro-HouseCall 20181212
Trustlook 20181212
VBA32 20181212
VIPRE 20181212
ViRobot 20181212
Webroot 20181212
Yandex 20181212
Zillya 20181211
ZoneAlarm by Check Point 20181212
Zoner 20181212
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.gooclient.def. The internal version number of the application is 1467974849. The displayed version string of the application is 2.5.0. The minimum Android API level for the application to run (MinSDKVersion) is 9.
Required permissions
android.permission.VIBRATE (control vibrator)
com.android.launcher.permission.UNINSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.CAMERA (take pictures and videos)
android.permission.FLASHLIGHT (control flashlight)
com.android.launcher.permission.INSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.CHANGE_WIFI_MULTICAST_STATE (allow Wi-Fi Multicast reception)
com.android.launcher.permission.READ_SETTINGS (Unknown permission from android reference)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.GET_TASKS (retrieve running applications)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS (mount and unmount file systems)
android.permission.android.permission.MODIFY_AUDIO_SETTINGS (change your audio settings)
android.permission.INTERNET (full Internet access)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.RESTART_PACKAGES (kill background processes)
android.permission.RECORD_AUDIO (record audio)
Activities
com.gooclient.def.LoadingActivity
com.qihoo.util.StartActivity
com.qihoo.util.appupdate.AppUpdateActivity
com.google.android.gms.ads.AdActivity
com.gooclient.def.MainActivity
com.gooclient.def.ListActivity
com.gooclient.def.SoftSetting
com.gooclient.def.FileManagerActivity
com.gooclient.def.Image
com.gooclient.def.HelpAndFeedbackActivity
com.gooclient.def.HelpActivity
com.gooclient.def.FeedbackActivity
com.gooclient.def.RecordPlay
com.gooclient.def.SearchPage
com.gooclient.def.GooLinkAdd
com.gooclient.def.DSetTimeSyncActivity
com.gooclient.def.CaptureGalleryActivity
com.gooclient.def.MessageActivity
com.zxing.activity.CaptureActivity
com.umeng.update.UpdateDialogActivity
Services
com.gooclient.def.PushService
com.umeng.update.net.DownloadingService
Receivers
com.testService.TServiceBroadcastReceiver
com.testService.ConnectionChangeReceiver
com.testService.LocaleChangeReceiver
Activity-related intent filters
com.qihoo.util.StartActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
com.gooclient.def.LoadingActivity
actions: android.intent.action.MAIN, android.intent.action.VIEW
categories: android.intent.category.DEFAULT, android.intent.category.BROWSABLE
Receiver-related intent filters
com.testService.ConnectionChangeReceiver
actions: android.net.conn.CONNECTIVITY_CHANGE
com.testService.TServiceBroadcastReceiver
actions: android.intent.action.BOOT_COMPLETED
com.testService.LocaleChangeReceiver
actions: android.intent.action.LOCALE_CHANGED
Application certificate information
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
503
Uncompressed size
12337888
Highest datetime
2016-07-08 19:09:42
Lowest datetime
2014-10-27 16:00:54
Contained files by extension
png
317
xml
149
so
15
map
3
dex
1
mf
1
RSA
1
MF
1
mp3
1
ogg
1
SF
1
Contained files by type
PNG
317
XML
149
unknown
18
ELF
15
DEX
1
MP3
1
directory
1
OGG
1
Execution parents
File identification
MD5 b3d36740eb1b19d1390f3a6323b3c943
SHA1 795668c3cadda69ed7476af4434447759253ef8b
SHA256 3bbeaba123aab26ce8cd1ab5e3032010e349444e8ec5e186a3e4ae85669bcd4e
ssdeep
196608:x72WrW8uxqJk+9LwJrdC0aGP+SXxag54rdOKvQoMOL0VHqzJAf:Q0W8u2ZLqs02SBkZ9ooMsFzCf

File size 9.2 MB ( 9601427 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (63.6%)
Java Archive (17.5%)
Sweet Home 3D design (generic) (12.7%)
ZIP compressed archive (4.8%)
PrintFox/Pagefox bitmap (var. P) (1.2%)
Tags
apk android ext-prg contains-elf

VirusTotal metadata
First submission 2016-07-09 12:00:50 UTC ( 2 years, 10 months ago )
Last submission 2018-12-12 18:05:24 UTC ( 5 months, 2 weeks ago )
File names b3d36740eb1b19d1390f3a6323b3c943
goolink.apk
goolink.apk

6adcad1ff49b2d85eb3ec6a504cbd1bc31ad16ab4a7936ed2c928d3be07855bd742f76c86deb2e0d032b3ce0148b3c491ce64c29d12f8e4debd62908788145fb
goolink.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
External programs launched
chmod 755 /data/data/com.gooclient.def/files/libjiagu.so
Opened files
APP_ASSETS/libjiagu.so
/data/data/com.gooclient.def/files
Accessed files
/data/data/com.gooclient.def/files
/data/data/com.gooclient.def/files/libjiagu.so