× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3d92bd41d8582d1b56c6ae787bae1fa12dd35b30206e8f99d20a989a242b2e1e
File name: 4fdd1a72290b3704c69166fd94191fd1.apk
Detection ratio: 43 / 57
Analysis date: 2015-01-18 08:58:08 UTC ( 2 years, 8 months ago )
Antivirus Result Update
Ad-Aware Linux.CornelGEN.1503 20150118
AegisLab DroidKungFu 20150118
Alibaba A.W.Rog.EvilCert.A2 20150117
ALYac Android.Exploit.Exploid.G 20150118
Antiy-AVL Trojan[Exploit]/Linux.Lotoor 20150118
Avast ELF:KungFu-C [Trj] 20150118
AVG Google Inc. 20150118
Avira (no cloud) TR/Agent.18316 20150117
AVware Trojan.AndroidOS.DroidKungFu.a 20150118
Baidu-International Backdoor.AndroidOS.KungFu.As 20150118
BitDefender Linux.CornelGEN.1503 20150118
CAT-QuickHeal Exploit.DroidKungFu.C5 20150117
ClamAV Andr.Exploit.Exploid 20150118
Comodo UnclassifiedMalware 20150118
Cyren ELF/Andr/KungFu.A 20150118
DrWeb Android.KungFu.1 20150118
Emsisoft Linux.CornelGEN.1503 (B) 20150118
ESET-NOD32 Android/DroidKungFu.F 20150118
F-Prot ELF/Andr/KungFu.A 20150118
F-Secure Trojan:Android/DroidKungFu.M 20150118
Fortinet Android/DroidKungFu.AC!tr 20150118
GData Linux.CornelGEN.1503 20150118
Ikarus Trojan.AndroidOS.DroidKungFu 20150118
Jiangmin Backdoor/AndroidOS.aar 20150116
K7GW Trojan ( 0001140e1 ) 20150117
Kaspersky Backdoor.AndroidOS.KungFu.hb 20150118
Kingsoft Troj.KillAll.a.(kcloud) 20150118
McAfee Artemis!4FDD1A72290B 20150118
Microsoft Trojan:Linux/DroidKrungFu 20150118
eScan Linux.CornelGEN.1503 20150118
NANO-Antivirus Trojan.Android.KungFu.cvxvgj 20150118
nProtect Linux.CornelGEN.1503 20150116
Qihoo-360 Trojan.Generic 20150118
Rising DEX:System.Fokonge!1.9DA8 20150117
Sophos AV Andr/KongFu-A 20150118
Symantec Android.Gonfu 20150118
Tencent a.system.safesys.c.[????] 20150118
TrendMicro AndroidOS_DroidKungFu.SMA 20150118
TrendMicro-HouseCall AndroidOS_DroidKungFu.SMA 20150118
VIPRE Trojan.AndroidOS.DroidKungFu.a 20150118
ViRobot Trojan.Linux.A.EX-Lotoor.7032[h] 20150118
Zillya Trojan.DroidKungFu..1 20150117
Zoner Trojan.AndroidOS.DroidKungFu 20150116
Yandex 20150117
AhnLab-V3 20150117
Bkav 20150117
ByteHero 20150118
CMC 20150116
K7AntiVirus 20150118
Malwarebytes 20150118
McAfee-GW-Edition 20150118
Norman 20150118
Panda 20150117
SUPERAntiSpyware 20150117
TheHacker 20150118
TotalDefense 20150117
VBA32 20150116
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.mediagroup.wcms.view. The internal version number of the application is 6. The displayed version string of the application is 1.1.
Risk summary
The studied DEX file loads a shared library
The studied DEX file makes use of cryptographic functions
The APK package studied contains shared ELF libraries
The APK package studied contains ELF executable files
Permissions that allow the application to manipulate SMS
Permissions that allow the application to manipulate your location
Permissions that allow the application to perform payments
Permissions that allow the application to access Internet
Permissions that allow the application to access private information
Other permissions that could be considered as dangerous in certain scenarios
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.VIBRATE (control vibrator)
android.permission.WRITE_APN_SETTINGS (write Access Point Name settings)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.INTERNET (full Internet access)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS (mount and unmount file systems)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.READ_SMS (read SMS or MMS)
Permission-related API calls
ACCESS_NETWORK_STATE
READ_LOGS
ACCESS_WIFI_STATE
ACCESS_COARSE_LOCATION
INTERNET
ACCESS_FINE_LOCATION
READ_PHONE_STATE
Main Activity
com.mediagroup.wcms.view.SplashActivity
Activities
com.mediagroup.wcms.view.SplashActivity
com.mediagroup.wcms.view.PeriodicalsActivity
com.mediagroup.wcms.view.MagazineActivity
com.mediagroup.wcms.view.NewsListActivity
com.mediagroup.wcms.view.ContextActivity
com.mediagroup.wcms.view.AboutActivity
com.mediagroup.wcms.view.FavoriteActivity
com.mediagroup.wcms.view.SearchActivity
com.mediagroup.wcms.view.OuterUrlActivity
com.eguan.state.Dialog
Services
com.eguan.state.StateService
Receivers
com.eguan.state.Receiver
Activity-related intent filters
com.mediagroup.wcms.view.SplashActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.eguan.state.Receiver
actions: android.intent.action.BATTERY_CHANGED_ACTION, android.intent.action.SIG_STR, android.intent.action.BOOT_COMPLETED
Application certificate information
Application bundle files
Interesting strings
File identification
MD5 4fdd1a72290b3704c69166fd94191fd1
SHA1 785c9d477f9d230ec189b9ca8dc6dafe38ab7f41
SHA256 3d92bd41d8582d1b56c6ae787bae1fa12dd35b30206e8f99d20a989a242b2e1e
ssdeep
12288:3r76f8Xjbm4WsDqC1Pwfd3TE7W6I/exwTkYq+SdIgauFBconyFC6r0NyIQk+bw6x:3/DVWH4Y5g7rown+SbncNAAHZ2letNd

File size 880.0 KB ( 901120 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android

VirusTotal metadata
First submission 2013-02-13 11:13:41 UTC ( 4 years, 7 months ago )
Last submission 2015-01-18 08:58:08 UTC ( 2 years, 8 months ago )
File names 4fdd1a72290b3704c69166fd94191fd1
4fdd1a72290b3704c69166fd94191fd1.apk
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0xa3e5d5b9

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
13296

ZipCompressedSize
4651

FileAccessDate
2015:01:18 10:01:32+01:00

ZipFileName
META-INF/MANIFEST.MF

ZipBitFlag
0x0008

FileCreateDate
2015:01:18 10:01:32+01:00

ZipModifyDate
2011:07:05 22:10:02

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Started services
#Intent;component=com.mediagroup.wcms.view/com.eguan.state.StateService;end
Opened files
/data/data/com.mediagroup.wcms.view/files/company.xml
/data/data/com.mediagroup.wcms.view/files
Accessed files
/data/data/com.mediagroup.wcms.view/files
/data/data/com.mediagroup.wcms.view/shared_prefs/permission.xml
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Calls APIs that provide access to the system location services. These services allow applications to obtain periodic updates of the device's geographical location, or to fire an application-specified Intent when the device enters the proximity of a given geographical location.
Contacted URLs
http://m.cdcmxc.com/mcms/interface/company.jsp?sys=android&model=Nexus%20S&sdk=15&ver=4.0.4&w=480&h=800&imei=044483829933751&tel=15555215554&iccid=89014103211118510720&imsi=168612542066875&aduser=10000036&sv=1.1
Accessed URIs
content://telephony/carriers
content://telephony/carriers/preferapn