× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 418bb26b95608538e43bc505c0a4ebd136b2309dce2c4b13b47fb56bf1335434
File name: 1.apk
Detection ratio: 30 / 56
Analysis date: 2015-10-08 07:07:35 UTC ( 7 months, 3 weeks ago )
Antivirus Result Update
AVG Android/Deng.CWJ 20151008
AVware Trojan.AndroidOS.Generic.A 20151008
Ad-Aware Android.Trojan.Telman.A 20151008
AegisLab Agent 20151007
Alibaba A.H.Rem.Phonecmd.B 20151008
Antiy-AVL Trojan[Spy]/AndroidOS.Agent.g 20151008
Arcabit Android.Trojan.Telman.A 20151008
Avast Android:Telman-D [Spy] 20151008
Avira (no cloud) ANDROID/Spy.Agent.AE.Gen 20151008
BitDefender Android.Trojan.Telman.A 20151008
CAT-QuickHeal Android.Wroba.A 20151007
Comodo UnclassifiedMalware 20151008
Cyren AndroidOS/GenBl.6ED56031!Olympus 20151008
ESET-NOD32 Linux/Spy.Agent.AN.Gen 20151008
Emsisoft Android.Trojan.Telman.A (B) 20151008
F-Prot AndroidOS/Telman.A 20151008
F-Secure Trojan:Android/WroBa.E 20151008
Fortinet Android/Agent.AE!tr 20151008
GData Android.Trojan.Telman.A 20151008
Ikarus AndroidOS.SpyAgent.AF 20151008
K7GW Trojan ( 004942501 ) 20151008
Kaspersky HEUR:Trojan-Spy.AndroidOS.Agent.g 20151008
Kingsoft Android.Troj.kaka.ya.(kcloud) 20151008
McAfee Artemis!6ED5603171A0 20151008
eScan Android.Trojan.Telman.A 20151008
NANO-Antivirus Trojan.Android.Agent.cufbve 20151008
Qihoo-360 Win32/Trojan.Spy.203 20151008
Sophos Andr/FakeBank-B 20151008
Tencent Dos.Trojan-spy.Agent.Wtxt 20151008
VIPRE Trojan.AndroidOS.Generic.A 20151008
ALYac 20151008
Yandex 20151004
AhnLab-V3 20151008
Baidu-International 20151007
Bkav 20151007
ByteHero 20151008
CMC 20151008
ClamAV 20151007
DrWeb 20151008
Jiangmin 20151005
K7AntiVirus 20151008
Malwarebytes 20151008
McAfee-GW-Edition 20151008
Microsoft 20151008
Panda 20151007
Rising 20151007
SUPERAntiSpyware 20151008
Symantec 20151006
TheHacker 20151006
TrendMicro 20151008
TrendMicro-HouseCall 20151008
VBA32 20151007
ViRobot 20151008
Zillya 20151007
Zoner 20151008
nProtect 20151007
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.google.android.ebk.hana.palsspack. The internal version number of the application is 1. The displayed version string of the application is 1.2. The minimum Android API level for the application to run (MinSDKVersion) is 8. The target Android API level for the application to run (TargetSDKVersion) is 18.
Risk summary
The studied DEX file makes use of API reflection
The studied DEX file makes use of cryptographic functions
Permissions that allow the application to manipulate SMS
Permissions that allow the application to perform calls
Permissions that allow the application to perform payments
Permissions that allow the application to access Internet
Permissions that allow the application to access private information
Other permissions that could be considered as dangerous in certain scenarios
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.VIBRATE (control vibrator)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.SEND_SMS (send SMS messages)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.PROCESS_OUTGOING_CALLS (intercept outgoing calls)
android.permission.WRITE_CALL_LOG (write (but not read) the user's contacts data.)
android.permission.GET_TASKS (retrieve running applications)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.READ_CONTACTS (read contact data)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS (mount and unmount file systems)
android.permission.INTERNET (full Internet access)
android.permission.READ_SMS (read SMS or MMS)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.READ_CALL_LOG (read the user's call log.)
Permission-related API calls
WRITE_SETTINGS
GET_TASKS
ACCESS_NETWORK_STATE
INTERNET
SEND_SMS
VIBRATE
WAKE_LOCK
CHANGE_COMPONENT_ENABLED_STATE
READ_PHONE_STATE
Main Activity
com.google.android.ebk.hana.kakao.MainActivity
Activities
com.google.android.ebk.hana.kakao.MainActivity
com.google.android.ebk.hana.kakao.BKMain
Services
com.google.android.ebk.hana.kakao.service.SmsService
com.google.android.ebk.hana.kakao.service.ContactsService
com.google.android.ebk.hana.kakao.service.ProcessRemoteCmdService
com.google.android.ebk.hana.kakao.service.ClientService
com.google.android.ebk.hana.kakao.service.CallService
Receivers
com.google.android.ebk.hana.kakao.receiver.SystemReceiver
com.google.android.ebk.hana.kakao.receiver.LockReceiver
Activity-related intent filters
com.google.android.ebk.hana.kakao.MainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.google.android.ebk.hana.kakao.receiver.SystemReceiver
actions: android.intent.action.BOOT_COMPLETED, android.intent.action.ACTION_SHUTDOWN, android.intent.action.USER_PRESENT, net.piao.mobile.MYBROADCAST
Application certificate information
Application bundle files
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
29
Uncompressed size
1377015
Highest datetime
2014-01-22 14:18:18
Lowest datetime
2014-01-16 00:46:24
Contained files by extension
png
12
xml
10
dex
1
MF
1
RSA
1
jpg
1
SF
1
Contained files by type
PNG
12
XML
10
unknown
5
DEX
1
JPG
1
File identification
MD5 6ed5603171a02d51d81948fec7bf50c2
SHA1 2cd8ce8e53150f930659087e97619f5506c04c85
SHA256 418bb26b95608538e43bc505c0a4ebd136b2309dce2c4b13b47fb56bf1335434
ssdeep
12288:7p/HhiRXe8CJjltVWC5eNAzACfYphGXm7EhO5T9E821c/MV:l/8RXe8CJjltLbfccW7rSLB

File size 673.1 KB ( 689254 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android

VirusTotal metadata
First submission 2014-01-24 09:14:10 UTC ( 2 years, 4 months ago )
Last submission 2015-10-08 07:07:35 UTC ( 7 months, 3 weeks ago )
File names 1.apk
25.txt
3615383
20140122_163641.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Opened files
/mnt/sdcard
Accessed files
/data/data/com.google.android.ebk.hana.palsspack/files
/data/data/com.google.android.ebk.hana.palsspack/files/config.properties
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.