× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 40ad2444b83f6a1c25dd153214a1a16bcaa2640ebaf7735d6f1ee2591989e58e
File name: Adobe_Flash_2017.apk
Detection ratio: 29 / 62
Analysis date: 2018-01-16 16:56:19 UTC ( 4 months ago )
Antivirus Result Update
AegisLab Troj.Banker.Androidos!c 20180116
AhnLab-V3 Android-Trojan/Banker.76e04 20180116
Alibaba A.H.Ste.BankBot.B 20180116
Antiy-AVL Trojan[Banker]/Android.Asacub 20180116
Avast Android:Banker-SZ [Trj] 20180116
Avast-Mobile APK:RepSandbox [Trj] 20180116
AVG Android:Banker-SZ [Trj] 20180116
Avira (no cloud) ANDROID/Spy.Banker.YD.Gen 20180116
CAT-QuickHeal Android.banker.A2f8a 20180116
Cyren AndroidOS/GenBl.29CF5CC3!Olympus 20180116
DrWeb Android.BankBot.250.origin 20180116
ESET-NOD32 a variant of Android/Spy.Banker.RM 20180116
Fortinet Android/Banker.RM!tr.spy 20180116
Ikarus Trojan-Banker.AndroidOS.RuBank 20180116
K7GW Trojan ( 000027101 ) 20180116
Kaspersky HEUR:Trojan-Banker.AndroidOS.Asacub.bd 20180116
McAfee Artemis!29CF5CC309C2 20180116
NANO-Antivirus Trojan.Android.BankBot.evthxr 20180116
Qihoo-360 Trojan.Android.Gen 20180116
Sophos AV Andr/Banker-GUZ 20180116
Symantec Trojan.Gen.2 20180116
Symantec Mobile Insight Other:Android.Reputation.2 20180116
Tencent a.privacy.spiderbank.f 20180116
TrendMicro TROJ_FRS.0NA003A518 20180116
TrendMicro-HouseCall TROJ_FRS.0NA003A518 20180116
Trustlook Android.Malware.General 20180116
WhiteArmor Malware.HighConfidence 20180110
ZoneAlarm by Check Point HEUR:Trojan-Banker.AndroidOS.Asacub.bd 20180116
Zoner Trojan.AndroidOS.Banker.A 20180116
Ad-Aware 20180116
ALYac 20180116
Arcabit 20180116
AVware 20180103
Baidu 20180116
BitDefender 20180116
Bkav 20180116
ClamAV 20180116
CMC 20180116
Comodo 20180116
CrowdStrike Falcon (ML) 20171016
Cybereason None
Cylance 20180116
eGambit 20180116
Emsisoft 20180116
Endgame 20171130
F-Prot 20180116
F-Secure 20180116
GData 20180116
Sophos ML 20170914
Jiangmin 20180116
K7AntiVirus 20180116
Kingsoft 20180116
Malwarebytes 20180116
MAX 20180116
McAfee-GW-Edition 20180116
Microsoft 20180116
eScan 20180116
nProtect 20180116
Palo Alto Networks (Known Signatures) 20180116
Panda 20180116
Rising 20180116
SentinelOne (Static ML) 20180115
SUPERAntiSpyware 20180116
TheHacker 20180115
VBA32 20180116
VIPRE 20180116
ViRobot 20180116
Webroot 20180116
Yandex 20180112
Zillya 20180116
The file being studied is Android related! APK Android file more specifically. The application's main package name is yqyJqWdtdf.UOaOrquyRDgLFgGueha. The internal version number of the application is 1. The displayed version string of the application is 1.0. The minimum Android API level for the application to run (MinSDKVersion) is 9. The target Android API level for the application to run (TargetSDKVersion) is 22.
Required permissions
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.GET_TASKS (retrieve running applications)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.INTERNET (full Internet access)
android.permission.PACKAGE_USAGE_STATS (update component usage statistics)
android.permission.READ_CONTACTS (read contact data)
android.permission.READ_SMS (read SMS or MMS)
Activities
yqyJqWdtdf.UOaOrquyRDgLFgGueha.MainActivity
yqyJqWdtdf.UOaOrquyRDgLFgGueha.SendSms
yqyJqWdtdf.UOaOrquyRDgLFgGueha.ActivityFISH
yqyJqWdtdf.UOaOrquyRDgLFgGueha.admky
yqyJqWdtdf.UOaOrquyRDgLFgGueha.getnum
yqyJqWdtdf.UOaOrquyRDgLFgGueha.Alert
yqyJqWdtdf.UOaOrquyRDgLFgGueha.getsws
yqyJqWdtdf.UOaOrquyRDgLFgGueha.usage_access_settings
yqyJqWdtdf.UOaOrquyRDgLFgGueha.StartUSSD
yqyJqWdtdf.UOaOrquyRDgLFgGueha.ActivityPushFISH
yqyJqWdtdf.UOaOrquyRDgLFgGueha.DAR$mainActivity
Services
yqyJqWdtdf.UOaOrquyRDgLFgGueha.HeadlessSmsSendService
yqyJqWdtdf.UOaOrquyRDgLFgGueha.commands
yqyJqWdtdf.UOaOrquyRDgLFgGueha.StartWhile
yqyJqWdtdf.UOaOrquyRDgLFgGueha.apiproc
yqyJqWdtdf.UOaOrquyRDgLFgGueha.NETWORK
yqyJqWdtdf.UOaOrquyRDgLFgGueha.GPS
yqyJqWdtdf.UOaOrquyRDgLFgGueha.dsws
yqyJqWdtdf.UOaOrquyRDgLFgGueha.ModuleNotification
Receivers
yqyJqWdtdf.UOaOrquyRDgLFgGueha.MmsReceiver
yqyJqWdtdf.UOaOrquyRDgLFgGueha.PushServiceReciever
yqyJqWdtdf.UOaOrquyRDgLFgGueha.resiverboot
yqyJqWdtdf.UOaOrquyRDgLFgGueha.DAR
yqyJqWdtdf.UOaOrquyRDgLFgGueha.Alarm
Service-related intent filters
yqyJqWdtdf.UOaOrquyRDgLFgGueha.HeadlessSmsSendService
actions: android.intent.action.RESPOND_VIA_MESSAGE
categories: android.intent.category.DEFAULT
Activity-related intent filters
yqyJqWdtdf.UOaOrquyRDgLFgGueha.SendSms
actions: android.intent.action.SEND, android.intent.action.SENDTO
categories: android.intent.category.DEFAULT, android.intent.category.BROWSABLE
yqyJqWdtdf.UOaOrquyRDgLFgGueha.MainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
yqyJqWdtdf.UOaOrquyRDgLFgGueha.resiverboot
actions: android.intent.action.BOOT_COMPLETED, android.intent.action.QUICKBOOT_POWERON, com.htc.intent.action.QUICKBOOT_POWERON, android.intent.action.USER_PRESENT, android.intent.action.PACKAGE_ADDED, android.intent.action.PACKAGE_REMOVED, android.provider.Telephony.SMS_RECEIVED, android.intent.action.SCREEN_ON, android.intent.action.EXTERNAL_APPLICATIONS_AVAILABLE, android.net.conn.CONNECTIVITY_CHANGE, android.net.wifi.WIFI_STATE_CHANGED, android.intent.action.DREAMING_STOPPED
categories: android.intent.category.HOME
yqyJqWdtdf.UOaOrquyRDgLFgGueha.MmsReceiver
actions: android.provider.Telephony.SMS_DELIVER
yqyJqWdtdf.UOaOrquyRDgLFgGueha.PushServiceReciever
actions: android.provider.Telephony.WAP_PUSH_DELIVER
yqyJqWdtdf.UOaOrquyRDgLFgGueha.DAR
actions: android.app.action.DEVICE_ADMIN_DISABLED, android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED, android.app.action.DEVICE_ADMIN_ENABLED
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
23
Uncompressed size
192564
Highest datetime
1980-00-00 00:00:00
Lowest datetime
1980-00-00 00:00:00
Contained files by extension
xml
13
png
5
dex
1
MF
1
RSA
1
SF
1
Contained files by type
XML
13
PNG
5
unknown
4
DEX
1
File identification
MD5 29cf5cc309c2e29b6afd63eb5ab8fbd2
SHA1 aabeb81d16024a79d38307a0d8aaf680896bb237
SHA256 40ad2444b83f6a1c25dd153214a1a16bcaa2640ebaf7735d6f1ee2591989e58e
ssdeep
3072:SGpcle3D8OoVeH5MnWm6G9JqIZQBWOKDWew0ymiQt:SGGITVowZIj9UC4KFic

File size 114.1 KB ( 116875 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Java Archive (78.3%)
ZIP compressed archive (21.6%)
Tags
apk android

VirusTotal metadata
First submission 2017-12-04 12:32:52 UTC ( 5 months, 2 weeks ago )
Last submission 2018-01-16 16:56:19 UTC ( 4 months ago )
File names Adobe_Flash_2017.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!