× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 418bb26b95608538e43bc505c0a4ebd136b2309dce2c4b13b47fb56bf1335434
File name: 25.txt
Detection ratio: 31 / 56
Analysis date: 2015-01-04 14:04:40 UTC ( 4 months, 3 weeks ago )
Antivirus Result Update
AVG Android/Deng.YH 20150104
AVware Trojan.AndroidOS.Generic.A 20150104
Ad-Aware Android.Trojan.Telman.A 20150104
AegisLab Agent 20150104
AhnLab-V3 Android-Malicious/Meteor 20150104
Avast Android:Telman-D [Spy] 20150104
Avira Android/Spy.Agent.AE.Gen 20150104
Baidu-International Trojan.AndroidOS.Agent.aS 20150104
BitDefender Android.Trojan.Telman.A 20150104
CAT-QuickHeal Android.Wroba.G 20150102
Comodo UnclassifiedMalware 20150104
Cyren AndroidOS/GenBl.6ED56031!Olympus 20150104
DrWeb Android.Banker.40.origin 20150104
ESET-NOD32 Linux/Spy.Agent.AN.Gen 20150104
Emsisoft Android.Trojan.Telman.A (B) 20150104
F-Prot AndroidOS/Telman.A 20150104
F-Secure Trojan:Android/WroBa.E 20150104
Fortinet Android/Agent.AE!tr 20150104
GData Android.Trojan.Telman.A 20150104
Ikarus AndroidOS.SpyAgent.AF 20150104
K7GW Trojan ( 004942501 ) 20150102
Kaspersky HEUR:Trojan-Spy.AndroidOS.Agent.g 20150104
Kingsoft Android.Troj.kaka.ya.(kcloud) 20150104
McAfee Artemis!6ED5603171A0 20150104
MicroWorld-eScan Android.Trojan.Telman.A 20150104
NANO-Antivirus Trojan.Android.Agent.cufbve 20150104
Qihoo-360 Trojan.Generic 20150104
Sophos Andr/FakeKRB-H 20150104
Symantec Android.Mobilespy 20150104
VIPRE Trojan.AndroidOS.Generic.A 20150104
Zoner Spyware.AndroidOS.Agent.A 20141228
ALYac 20150104
Agnitum 20150103
Antiy-AVL 20150104
Bkav 20141230
ByteHero 20150104
CMC 20150102
ClamAV 20150104
Jiangmin 20150103
K7AntiVirus 20150102
Malwarebytes 20150104
McAfee-GW-Edition 20150104
Microsoft 20150104
Norman 20150104
Panda 20150104
Rising 20141231
SUPERAntiSpyware 20150103
Tencent 20150104
TheHacker 20150103
TotalDefense 20150104
TrendMicro 20150104
TrendMicro-HouseCall 20150104
VBA32 20150102
ViRobot 20150104
Zillya 20150103
nProtect 20150102
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.google.android.ebk.hana.palsspack. The internal version number of the application is 1. The displayed version string of the application is 1.2. The minimum Android API level for the application to run (MinSDKVersion) is 8. The target Android API level for the application to run (TargetSDKVersion) is 18.
Risk summary
The studied DEX file makes use of API reflection
The studied DEX file makes use of cryptographic functions
Permissions that allow the application to manipulate SMS
Permissions that allow the application to perform calls
Permissions that allow the application to perform payments
Permissions that allow the application to access Internet
Permissions that allow the application to access private information
Other permissions that could be considered as dangerous in certain scenarios
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.VIBRATE (control vibrator)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.READ_CONTACTS (read contact data)
android.permission.SEND_SMS (send SMS messages)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.PROCESS_OUTGOING_CALLS (intercept outgoing calls)
android.permission.WRITE_CALL_LOG (write (but not read) the user's contacts data.)
android.permission.GET_TASKS (retrieve running applications)
android.permission.READ_CALL_LOG (read the user's call log.)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS (mount and unmount file systems)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.INTERNET (full Internet access)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.READ_SMS (read SMS or MMS)
Permission-related API calls
WRITE_SETTINGS
GET_TASKS
ACCESS_NETWORK_STATE
WAKE_LOCK
SEND_SMS
VIBRATE
INTERNET
CHANGE_COMPONENT_ENABLED_STATE
READ_PHONE_STATE
Main Activity
com.google.android.ebk.hana.kakao.MainActivity
Activities
com.google.android.ebk.hana.kakao.MainActivity
com.google.android.ebk.hana.kakao.BKMain
Services
com.google.android.ebk.hana.kakao.service.SmsService
com.google.android.ebk.hana.kakao.service.ContactsService
com.google.android.ebk.hana.kakao.service.ProcessRemoteCmdService
com.google.android.ebk.hana.kakao.service.ClientService
com.google.android.ebk.hana.kakao.service.CallService
Receivers
com.google.android.ebk.hana.kakao.receiver.SystemReceiver
com.google.android.ebk.hana.kakao.receiver.LockReceiver
Activity-related intent filters
com.google.android.ebk.hana.kakao.MainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.google.android.ebk.hana.kakao.receiver.SystemReceiver
actions: android.intent.action.BOOT_COMPLETED, android.intent.action.ACTION_SHUTDOWN, android.intent.action.USER_PRESENT, net.piao.mobile.MYBROADCAST
Code-related observations
The application does not load any code dynamically
The application contains reflection code
The application does not contain native code
The application contains cryptographic code
Application certificate information
Application bundle files
Interesting strings
File identification
MD5 6ed5603171a02d51d81948fec7bf50c2
SHA1 2cd8ce8e53150f930659087e97619f5506c04c85
SHA256 418bb26b95608538e43bc505c0a4ebd136b2309dce2c4b13b47fb56bf1335434
ssdeep
12288:7p/HhiRXe8CJjltVWC5eNAzACfYphGXm7EhO5T9E821c/MV:l/8RXe8CJjltLbfccW7rSLB

File size 673.1 KB ( 689254 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android

VirusTotal metadata
First submission 2014-01-24 09:14:10 UTC ( 1 year, 4 months ago )
Last submission 2014-03-27 08:22:15 UTC ( 1 year, 2 months ago )
File names 25.txt
3615383
20140122_163641.apk
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0xf2b1b6fd

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
536

ZipCompressedSize
278

FileAccessDate
2015:01:04 15:00:54+01:00

ZipFileName
res/layout/activity_main.xml

ZipBitFlag
0x0808

FileCreateDate
2015:01:04 15:00:54+01:00

ZipModifyDate
2014:01:22 14:18:09

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Opened files
/mnt/sdcard
Accessed files
/data/data/com.google.android.ebk.hana.palsspack/files
/data/data/com.google.android.ebk.hana.palsspack/files/config.properties
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.