× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3ebc0b93e82d7b94a9441458950dfa89641931ce6799ab34fad12e6fc69fc25a
File name: 3EBC0B93E82D7B94A9441458950DFA89641931CE6799AB34FAD12E6FC69FC25A
Detection ratio: 24 / 60
Analysis date: 2018-09-28 04:16:46 UTC ( 8 months ago )
Antivirus Result Update
Ad-Aware Android.Riskware.SmsPay.ADR 20180928
AhnLab-V3 Android-PUP/SmsPay.ae5ae 20180927
Arcabit Android.Riskware.SmsPay.ADR 20180928
Avira (no cloud) ANDROID/Trojan.Agent.AMAM.Gen 20180928
Baidu Android.Trojan.Fadeb.c 20180927
BitDefender Android.Riskware.SmsPay.ADR 20180928
CAT-QuickHeal Android.SmsPay.GEN7302 (PUP) 20180927
Cyren ZIP/Trojan.CYLE-0 20180928
Emsisoft Android.Riskware.SmsPay.ADR (B) 20180928
ESET-NOD32 a variant of Android/Fadeb.K 20180928
F-Secure Android.Riskware.SmsPay 20180928
Fortinet Android/Agent.AYL!tr 20180928
GData Android.Riskware.SmsPay.ADR 20180928
Ikarus PUA.AndroidOS.SMSPay 20180927
K7GW Trojan ( 0053c40b1 ) 20180927
Kaspersky not-a-virus:HEUR:RiskTool.AndroidOS.Dnotua.acgn 20180928
MAX malware (ai score=91) 20180928
McAfee Artemis!6DC3FB5D880E 20180928
McAfee-GW-Edition RDN/Generic.com 20180928
eScan Android.Riskware.SmsPay.ADR 20180928
NANO-Antivirus Trojan.Android.Agent.dqfsll 20180928
Sophos AV Andr/Rootnik-AI 20180928
TrendMicro-HouseCall TROJ_GEN.R002H06IR18 20180928
ZoneAlarm by Check Point not-a-virus:HEUR:RiskTool.AndroidOS.Dnotua.acgn 20180925
AegisLab 20180928
Alibaba 20180921
ALYac 20180928
Antiy-AVL 20180928
Avast 20180927
Avast-Mobile 20180927
AVG 20180927
AVware 20180925
Babable 20180918
Bkav 20180927
ClamAV 20180928
CMC 20180928
Comodo 20180928
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180928
DrWeb 20180928
eGambit 20180928
Endgame 20180730
F-Prot 20180928
Sophos ML 20180717
Jiangmin 20180928
K7AntiVirus 20180927
Kingsoft 20180928
Malwarebytes 20180928
Microsoft 20180928
Palo Alto Networks (Known Signatures) 20180928
Panda 20180927
Qihoo-360 20180928
Rising 20180928
SentinelOne (Static ML) 20180926
SUPERAntiSpyware 20180907
Symantec 20180928
Symantec Mobile Insight 20180924
TACHYON 20180928
Tencent 20180928
TheHacker 20180927
TotalDefense 20180925
TrendMicro 20180928
Trustlook 20180928
VBA32 20180927
VIPRE 20180928
ViRobot 20180927
Webroot 20180928
Yandex 20180927
Zillya 20180927
Zoner 20180927
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.tkmdazbk.wbckxcbu. The internal version number of the application is 1314144. The displayed version string of the application is 3.18. The minimum Android API level for the application to run (MinSDKVersion) is 11. The target Android API level for the application to run (TargetSDKVersion) is 19.
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.DISABLE_KEYGUARD (disable key lock)
android.permission.READ_USER_DICTIONARY (read user-defined dictionary)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.CAMERA (take pictures and videos)
android.permission.INTERNET (full Internet access)
android.permission.CHANGE_CONFIGURATION (change your UI settings)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.INTERACT_ACROSS_USERS_FULL ()
android.permission.UPDATE_APP_OPS_STATS (Unknown permission from android reference)
com.android.launcher.permission.INSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.RECEIVE_WAP_PUSH (receive WAP)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.GET_TASKS (retrieve running applications)
android.permission.READ_CALL_LOG (read the user's call log.)
android.permission.READ_SETTINGS (Unknown permission from android reference)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.MEDIA_CONTENT_CONTROL (Unknown permission from android reference)
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.ACCESS_MTK_MMHW (Unknown permission from android reference)
android.permission.BROADCAST_STICKY (send sticky broadcast)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.MODIFY_AUDIO_SETTINGS (change your audio settings)
android.permission.SAMSUNG_TUNTAP (Unknown permission from android reference)
android.permission.READ_SMS (read SMS or MMS)
android.permission.VIBRATE (control vibrator)
android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)
android.permission.READ_INTERNAL_STORAGE (Unknown permission from android reference)
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS (access extra location provider commands)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.READ_CONTACTS (read contact data)
android.permission.RUN_INSTRUMENTATION (Unknown permission from android reference)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS (mount and unmount file systems)
android.permission.WRITE_INTERNAL_STORAGE (Unknown permission from android reference)
android.permission.GET_ACCOUNTS (discover known accounts)
Activities
com.baidu.go.MainActivity
com.baidu.go.MhDeActivity
com.baidu.go.MhReadActivity
com.baidu.go.MbActivity
com.baidu.go.SPVideoActivity
com.baidu.go.zp.SW_VWebViewActivity
com.baidu.go.WelcomeActivity
com.nys.go.view.gallery.ImagePagerActivity
com.nys.go.novel.ReadActivity
com.nys.go.novel.CataActivity
Services
com.jy.ll.wx.LL_TpService
com.y.t.jar.pay.UpdateServices
com.inter.china.fplay.service.LlcServoceOne
com.a.w.p.M
Receivers
com.y.t.jar.pay.InNoticeReceiver
com.inter.china.fplay.service.LlcReceiverOne
com.wchen.jzf.jrever.JzRever
com.zxhy.zf.r.D
com.a.w.p.B
Activity-related intent filters
com.baidu.go.WelcomeActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.inter.china.fplay.service.LlcReceiverOne
actions: android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.BATTERY_CHANGED, android.intent.action.USER_PRESENT, android.net.wifi.supplicant.CONNECTION_CHANGE, android.intent.action.ACTION_POWER_CONNECTED, android.intent.action.ACTION_POWER_DISCONNECTED
com.zxhy.zf.r.D
actions: android.provider.Telephony.SMS_RECEIVED
com.a.w.p.B
actions: android.provider.Telephony.SMS_RECEIVED, android.intent.action.USER_PRESENT, android.intent.action.ACTION_SHUTDOWN, android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.SIM_STATE_CHANGED, android.intent.action.SERVICE_STATE, android.bluetooth.adapter.action.STATE_CHANGED, android.net.wifi.WIFI_STATE_CHANGED, android.intent.action.ANY_DATA_STATE, android.net.wifi.STATE_CHANGE, android.intent.action.BOOT_COMPLETED, android.intent.action.MEDIA_MOUNTED, android.intent.action.MEDIA_EJECT
categories: android.intent.category.DEFAULT, android.intent.category.LAUNCHER
com.wchen.jzf.jrever.JzRever
actions: android.provider.Telephony.SMS_DELIVER, android.provider.Telephony.SMS_RECEIVED
com.y.t.jar.pay.InNoticeReceiver
actions: android.provider.Telephony.SMS_DELIVER, android.provider.Telephony.SMS_RECEIVED
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
130
Uncompressed size
3944485
Highest datetime
2018-09-28 11:39:06
Lowest datetime
2018-09-28 11:32:16
Contained files by extension
xml
64
png
50
so
6
jpg
2
dex
1
MF
1
cf
1
RSA
1
SF
1
Contained files by type
XML
63
PNG
50
unknown
8
ELF
6
JPG
2
DEX
1
File identification
MD5 5de07f33b569f428d8599591b1c05b8a
SHA1 a7f29f5576295d184e60f26a76c0e99d1338e572
SHA256 3ebc0b93e82d7b94a9441458950dfa89641931ce6799ab34fad12e6fc69fc25a
ssdeep
49152:tt4h93OJGC4uu/8WBR9WxUUc5Z/5ZQnLyZrIVn3FglCGsBKq8uws:VMf5/8WBTPLnQnLYronVcs9X

File size 2.2 MB ( 2300534 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (72.9%)
Java Archive (20.1%)
ZIP compressed archive (5.5%)
PrintFox/Pagefox bitmap (var. P) (1.3%)
Tags
apk android contains-elf

VirusTotal metadata
First submission 2018-09-28 04:16:46 UTC ( 8 months ago )
Last submission 2018-09-28 04:16:46 UTC ( 8 months ago )
File names xa844278.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!