× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4d76a06ba2e30d096f75d839d9bc2a5686b66e717dd55f3c450948bbcc7a6e88
File name: com.cisco.anyconnect.vpn.android.avf-4.0.05041-APK4Fun.com.apk
Detection ratio: 0 / 51
Analysis date: 2016-07-11 18:16:07 UTC ( 2 years, 6 months ago ) View latest
Antivirus Result Update
Ad-Aware 20160711
AhnLab-V3 20160711
Alibaba 20160711
ALYac 20160711
Antiy-AVL 20160711
Arcabit 20160711
Avast 20160711
AVG 20160711
AVware 20160711
Baidu 20160711
BitDefender 20160711
Bkav 20160711
CAT-QuickHeal 20160711
ClamAV 20160711
CMC 20160711
Comodo 20160711
Cyren 20160711
DrWeb 20160711
Emsisoft 20160711
ESET-NOD32 20160711
F-Prot 20160711
F-Secure 20160711
Fortinet 20160711
GData 20160711
Ikarus 20160711
Jiangmin 20160711
K7AntiVirus 20160711
K7GW 20160711
Kaspersky 20160711
Kingsoft 20160711
Malwarebytes 20160711
McAfee 20160711
McAfee-GW-Edition 20160711
Microsoft 20160711
eScan 20160711
NANO-Antivirus 20160711
nProtect 20160711
Panda 20160711
Qihoo-360 20160711
Sophos AV 20160711
SUPERAntiSpyware 20160711
Symantec 20160711
Tencent 20160711
TheHacker 20160709
TrendMicro 20160711
TrendMicro-HouseCall 20160711
VBA32 20160711
VIPRE 20160711
ViRobot 20160711
Zillya 20160711
Zoner 20160711
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.cisco.anyconnect.vpn.android.avf. The internal version number of the application is 317. The displayed version string of the application is @7F0B000D. The minimum Android API level for the application to run (MinSDKVersion) is 14. The target Android API level for the application to run (TargetSDKVersion) is 21.
Required permissions
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.READ_PHONE_STATE (read phone state and identity)
com.cisco.anyconnect.vpn.android.permission.INTERNAL_VPN_STATE (Unknown permission from android reference)
android.permission.READ_LOGS (read sensitive log data)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.BROADCAST_STICKY (send sticky broadcast)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.INTERNET (full Internet access)
Activities
com.cisco.anyconnect.vpn.android.ui.URIHandlerActivity
com.cisco.anyconnect.vpn.android.ui.ConnectionEditorActivity
com.cisco.anyconnect.vpn.android.ui.CertificateEditorActivity
com.cisco.anyconnect.vpn.android.ui.CertificateSummaryActivity
com.cisco.anyconnect.vpn.android.ui.StatsDetailsActivity
com.cisco.anyconnect.vpn.android.ui.ConnectionSummaryActivity
com.cisco.anyconnect.vpn.android.ui.LoggingActivity
com.cisco.anyconnect.vpn.android.ui.LoggingUserInputActivity
com.cisco.anyconnect.vpn.android.ui.AboutActivity
com.cisco.anyconnect.vpn.android.ui.CredentialActivity
com.cisco.anyconnect.vpn.android.ui.BannerActivity
com.cisco.anyconnect.vpn.android.ui.CertWarningActivity
com.cisco.android.nchs.NCHSProxyActivity
com.cisco.android.nchs.ComponentStatusActivity
com.cisco.anyconnect.vpn.android.ui.PopupActivity
com.cisco.anyconnect.vpn.android.ui.FilePickerActivity
com.cisco.anyconnect.vpn.android.ui.SettingsActivity
com.cisco.anyconnect.vpn.android.ui.DiagnosticsActivity
com.cisco.anyconnect.vpn.android.ui.CertificateManagementActivity
com.cisco.anyconnect.vpn.android.ui.ProfileManagementActivity
com.cisco.anyconnect.vpn.android.ui.LocalizationManagementActivity
com.cisco.anyconnect.vpn.android.ui.PopupWithHideActivity
com.cisco.anyconnect.vpn.android.ui.LocalizationServerImportActivity
com.cisco.anyconnect.vpn.android.ui.ProfileUriImportActivity
com.cisco.anyconnect.vpn.android.ui.CertificateUriImportActivity
com.cisco.anyconnect.vpn.android.ui.ImportCertificateActivity
com.cisco.android.nchs.ImportCertFromSystemActivity
com.cisco.android.nchs.ImportCertToSystemActivity
com.cisco.anyconnect.vpn.android.ui.AdvancedConnectionEditorActivity
com.cisco.anyconnect.vpn.android.ui.ConnectionSelectorActivity
com.cisco.anyconnect.vpn.android.ui.HelpActivity
com.cisco.anyconnect.ui.PrimaryActivity
Services
com.cisco.anyconnect.vpn.android.service.VpnService
com.cisco.android.nchs.NetworkComponentHostService
com.cisco.android.nchs.support.ics.ICSSupportService
com.cisco.anyconnect.vpn.android.apptunnel.KnoxInteractionService
Receivers
com.cisco.anyconnect.vpn.android.ui.helpers.NetworkChangeReceiver
com.cisco.anyconnect.vpn.android.ui.helpers.PackageUpdateReceiver
com.cisco.anyconnect.vpn.android.widgets.MediumWidget
com.cisco.anyconnect.vpn.android.widgets.SmallWidget
com.cisco.android.nchs.receivers.BootCompleteReceiver
Providers
android.support.v4.content.FileProvider
Service-related intent filters
com.cisco.anyconnect.vpn.android.service.VpnService
actions: android.net.VpnService, com.cisco.anyconnect.vpn.android.service.IVpnService, com.cisco.anyconnect.vpn.android.PER_APP_APPS_ACTION
com.cisco.anyconnect.vpn.android.apptunnel.KnoxInteractionService
actions: com.cisco.anyconnect.vpn.android.avf.BIND_SERVICE, com.cisco.anyconnect.vpn.android.KNOX_INTERACTION_BIND_SERVICE
com.cisco.android.nchs.NetworkComponentHostService
actions: com.cisco.android.nchs.aidl.INetworkComponentHostService, com.cisco.android.nchs.aidl.INetworkComponentSupportService
com.cisco.android.nchs.support.ics.ICSSupportService
actions: android.net.VpnService, com.cisco.anyconnect.vpn.android.support.ics.ICSSupportService
Activity-related intent filters
com.cisco.anyconnect.vpn.android.ui.AdvancedConnectionEditorActivity
actions: com.cisco.anyconnect.vpn.android.CONNECTION_EDITOR_ADVANCED_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.ConnectionSelectorActivity
actions: com.cisco.anyconnect.vpn.android.CONNECTION_SELECTOR_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.HelpActivity
actions: com.cisco.anyconnect.vpn.android.HELP_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.CertificateUriImportActivity
actions: com.cisco.anyconnect.vpn.android.CERTIFICATE_URI_IMPORT_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.ConnectionSummaryActivity
actions: com.cisco.anyconnect.vpn.android.CONNECTION_SUMMARY_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.ConnectionEditorActivity
actions: com.cisco.anyconnect.vpn.android.CONNECTION_EDITOR_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.CertificateEditorActivity
actions: com.cisco.anyconnect.vpn.android.CERTIFICATE_EDITOR_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.LoggingUserInputActivity
actions: com.cisco.anyconnect.vpn.android.LOGGING_PROBLEM_STEPS_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.ProfileUriImportActivity
actions: com.cisco.anyconnect.vpn.android.PROFILE_URI_IMPORT_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.SettingsActivity
actions: com.cisco.anyconnect.vpn.android.SETTINGS_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.PopupActivity
actions: com.cisco.anyconnect.vpn.android.ACTION_SHOW_POPUP
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.DiagnosticsActivity
actions: com.cisco.anyconnect.vpn.android.DIAGNOSTICS_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.StatsDetailsActivity
actions: com.cisco.anyconnect.vpn.android.DETAILED_STATS_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.FilePickerActivity
actions: com.cisco.anyconnect.vpn.android.FILE_PICKER_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.ProfileManagementActivity
actions: com.cisco.anyconnect.vpn.android.PROFILE_MANAGEMENT_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.LoggingActivity
actions: com.cisco.anyconnect.vpn.android.LOGGING_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.LocalizationManagementActivity
actions: com.cisco.anyconnect.vpn.android.LOCALIZATION_MANAGEMENT_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.CertificateManagementActivity
actions: com.cisco.anyconnect.vpn.android.CERTIFICATE_MANAGEMENT_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.AboutActivity
actions: com.cisco.anyconnect.vpn.android.ABOUT_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.PopupWithHideActivity
actions: com.cisco.anyconnect.vpn.android.POPUP_WITH_HIDE_ACTIVITY_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.LocalizationServerImportActivity
actions: com.cisco.anyconnect.vpn.android.LOCALIZATION_SERVER_IMPORT_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.URIHandlerActivity
actions: android.intent.action.VIEW
categories: android.intent.category.DEFAULT, android.intent.category.BROWSABLE
com.cisco.anyconnect.vpn.android.ui.CertWarningActivity
actions: com.cisco.anyconnect.vpn.android.CERT_WARNING_ACTIVITY_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.CredentialActivity
actions: com.cisco.anyconnect.vpn.android.AUTHENTICATION_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.ui.PrimaryActivity
actions: android.intent.action.MAIN, com.cisco.anyconnect.vpn.android.PRIMARY_ACTIVITY_SHOW_INTENT, com.cisco.anyconnect.vpn.android.PRIMARY_ACTIVITY_ACTION_CONNECT_INTENT, com.cisco.anyconnect.vpn.android.PRIMARY_ACTIVITY_SHOW_MMS_IMPACT_WARNING, com.cisco.anyconnect.vpn.android.PRIMARY_ACTIVITY_EXIT_APPLICATION
categories: android.intent.category.LAUNCHER, android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.ImportCertificateActivity
actions: com.cisco.anyconnect.vpn.android.IMPORT_CERTIFICATE_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.BannerActivity
actions: com.cisco.anyconnect.vpn.android.BANNER_ACTIVITY_SHOW_INTENT
categories: android.intent.category.DEFAULT
com.cisco.anyconnect.vpn.android.ui.CertificateSummaryActivity
actions: com.cisco.anyconnect.vpn.android.CERTIFICATE_SUMMARY_SHOW_INTENT
categories: android.intent.category.DEFAULT
Receiver-related intent filters
com.cisco.android.nchs.receivers.BootCompleteReceiver
actions: android.intent.action.BOOT_COMPLETED
com.cisco.anyconnect.vpn.android.ui.helpers.PackageUpdateReceiver
actions: android.intent.action.MY_PACKAGE_REPLACED
com.cisco.anyconnect.vpn.android.widgets.MediumWidget
actions: android.appwidget.action.APPWIDGET_UPDATE, com.cisco.anyconnect.vpn.android.UPDATE_STATE, com.cisco.anyconnect.vpn.android.UPDATE_ACTIVE_CONNECTION, com.cisco.anyconnect.vpn.android.UPDATE_CONNECT_IN_PROGRESS, com.cisco.anyconnect.vpn.android.UPDATE_DISCONNECT_IN_PROGRESS, com.cisco.anyconnect.vpn.android.UPDATE_STATS, com.cisco.anyconnect.vpn.android.UPDATE_WIDGET_CONFIG_CHANGED, com.cisco.anyconnect.vpn.android.NATIVE_COMPONENT_INSTALL_COMPLETE
com.cisco.anyconnect.vpn.android.widgets.SmallWidget
actions: android.appwidget.action.APPWIDGET_UPDATE, com.cisco.anyconnect.vpn.android.UPDATE_STATE, com.cisco.anyconnect.vpn.android.UPDATE_CONNECT_IN_PROGRESS, com.cisco.anyconnect.vpn.android.UPDATE_DISCONNECT_IN_PROGRESS, com.cisco.anyconnect.vpn.android.NATIVE_COMPONENT_INSTALL_COMPLETE
com.cisco.anyconnect.vpn.android.ui.helpers.NetworkChangeReceiver
actions: android.net.conn.CONNECTIVITY_CHANGE
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
561
Uncompressed size
25862031
Highest datetime
2016-06-13 15:24:26
Lowest datetime
2016-06-13 14:00:10
Contained files by extension
png
371
xml
150
so
24
zip
5
dex
1
MF
1
der
1
RSA
1
SF
1
Contained files by type
PNG
371
XML
150
ELF
24
unknown
10
ZIP
5
DEX
1
File identification
MD5 d56644c76edfdfe8f8aea3c001b375ab
SHA1 39a4e5a00da23114d54f5556e92c8a9d2850d16a
SHA256 4d76a06ba2e30d096f75d839d9bc2a5686b66e717dd55f3c450948bbcc7a6e88
ssdeep
196608:0/RTpE2QekfZwG+Nq6Nj0EfiEpwHj5YqvJXeM3tqtLanFJEisqVvbz4jpFSBlFS2:0Gek2GMtNxpQkEKWnFWfyHEpePSVkJ

File size 12.7 MB ( 13272301 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (72.9%)
Java Archive (20.1%)
ZIP compressed archive (5.5%)
PrintFox/Pagefox bitmap (var. P) (1.3%)
Tags
ext-prg contains-elf apk dyn-calls via-tor android

VirusTotal metadata
First submission 2016-06-29 19:05:42 UTC ( 2 years, 6 months ago )
Last submission 2018-09-17 07:22:01 UTC ( 4 months ago )
File names com.cisco.anyconnect.vpn.android.avf-4.0.05041-APK4Fun.com.apk
anyconnect-ics-4-0-05041.apk
1461070f42c06a22900ae7b4e4759c91cfe9de84addb0f5541ed2e11d024950d045ba2567d81c471abe9c5014f3d6762cbb9aae39de3095b407ef0e4319f9b74
343842478.apk
PfG1NJPsi4T743LJFioc20180815-31199-anbad6
d56644c76edfdfe8f8aea3c001b375ab
anyconnect-ics.apk
421198239.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Permissions checked
com.cisco.permission.CISCO_VPN_ACCESS:com.cisco.anyconnect.vpn.android.avf
android.permission.VPN:com.cisco.anyconnect.vpn.android.avf
android.permission.NET_ADMIN:com.cisco.anyconnect.vpn.android.avf
android.permission.NET_RAW:com.cisco.anyconnect.vpn.android.avf
cisco.permission.VPN:com.cisco.anyconnect.vpn.android.avf
cisco.permission.NET_ADMIN:com.cisco.anyconnect.vpn.android.avf
cisco.permission.NET_RAW:com.cisco.anyconnect.vpn.android.avf
com.htc.framework.permission.VPN:com.cisco.anyconnect.vpn.android.avf
com.htc.framework.permission.NET_ADMIN:com.cisco.anyconnect.vpn.android.avf
com.htc.framework.permission.NET_RAW:com.cisco.anyconnect.vpn.android.avf
android.permission.INTERACT_ACROSS_USERS_FULL:com.cisco.anyconnect.vpn.android.avf
Started services
#Intent;component=com.cisco.anyconnect.vpn.android.avf/com.cisco.android.nchs.NetworkComponentHostService;end
Started receivers
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.LOCALE_CHANGED
com.cisco.android.nchs.VPN_REVOKED
android.os.action.POWER_SAVE_MODE_CHANGED
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_FIRST_LAUNCH
android.intent.action.PACKAGE_REMOVED
android.intent.action.PACKAGE_REPLACED
External programs launched
/system/bin/chmod 711 /data/data/com.cisco.anyconnect.vpn.android.avf/files/com.cisco.anyconnect.vpn.android.avf
Opened files
/data/data/com.cisco.anyconnect.vpn.android.avf/files/logs
/data/data/com.cisco.anyconnect.vpn.android.avf/files/anyconnect_native_component.zip
/data/data/com.cisco.anyconnect.vpn.android.avf/files/anyconnect_native_component.sign
/data/data/com.cisco.anyconnect.vpn.android.avf/files
/data/data/com.cisco.anyconnect.vpn.android.avf/files/cert
/data/data/com.cisco.anyconnect.vpn.android.avf/files/temp
/data/data/com.cisco.anyconnect.vpn.android.avf/files/script
/data/data/com.cisco.anyconnect.vpn.android.avf/files/l10n
/data/data/com.cisco.anyconnect.vpn.android.avf/files/profiles
/data/data/com.cisco.anyconnect.vpn.android.avf/files/cisco
/data/data/com.cisco.anyconnect.vpn.android.avf/files/com.cisco.anyconnect.vpn.android.avf/bin
APP_ASSETS/codeSign.der
APP_ASSETS/armeabi/NativeComponentArchives/vpnagentd/anyconnect_native_component.zip
APP_ASSETS/armeabi/NativeComponentArchives/vpnagentd/anyconnect_native_component.sign
/data/data/com.cisco.anyconnect.vpn.android.avf/files/com.cisco.anyconnect.vpn.android.avf
/system/bin/chmod
Accessed files
/data/data/com.cisco.anyconnect.vpn.android.avf/files
/data/data/com.cisco.anyconnect.vpn.android.avf/files/launchatboot
/data/data/com.cisco.anyconnect.vpn.android.avf/files/cert/services.xml
/data/data/com.cisco.anyconnect.vpn.android.avf/files/temp/services.xml
/data/data/com.cisco.anyconnect.vpn.android.avf/files/script/services.xml
/data/data/com.cisco.anyconnect.vpn.android.avf/files/l10n/services.xml
/data/data/com.cisco.anyconnect.vpn.android.avf/files/profiles/services.xml
/data/data/com.cisco.anyconnect.vpn.android.avf/files/cisco/services.xml
/data/data/com.cisco.anyconnect.vpn.android.avf/files/anyconnect_trusted_certs.bks
/data/data/com.cisco.anyconnect.vpn.android.avf/files/anyconnect_client_certs.bks
/data/data/com.cisco.anyconnect.vpn.android.avf/files/com.cisco.anyconnect.vpn.android.avf/services.xml
/data/data/com.cisco.anyconnect.vpn.android.avf/files/anyconnect_native_component.zip
/data/data/com.cisco.anyconnect.vpn.android.avf/files/anyconnect_native_component.sign
/data/data/com.cisco.anyconnect.vpn.android.avf/files/com.cisco.anyconnect.vpn.android.avf
/system/bin/chmod
/data/data/com.cisco.anyconnect.vpn.android.avf/files/com.cisco.anyconnect.vpn.android.avf/bin
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Dynamically called methods
android.os.SystemProperties.get 1 argument.
u'ro.product.cpu.abi'
android.os.SystemProperties.get 1 argument.
u'vpn.anyconnect.deviceuniqueid'