× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 51f1672f7b1eea5d10baae53f04f4a27c5e1549da01d549c7faaac539f059328
File name: dfa7849c185f129a0ce643caa8b61ed71fb3c3ff.apk
Detection ratio: 35 / 51
Analysis date: 2014-06-06 08:24:50 UTC ( 3 years, 6 months ago )
Antivirus Result Update
Ad-Aware Android.Trojan.DroidKungFu.L 20140606
AegisLab SUSPICIOUS 20140606
AhnLab-V3 Android-Malicious/Kungfu 20140605
AntiVir Android/Malmix2.3 20140606
Avast ELF:KungFu-C [Trj] 20140606
AVG Android/Kungf 20140606
Baidu-International Trojan.Android.DroidKungFu.bAT 20140606
BitDefender Android.Trojan.DroidKungFu.L 20140606
CAT-QuickHeal Exploit.DroidKungFu.C3 20140606
ClamAV Andr.KungFu-8 20140606
Commtouch AndroidOS/GenBl.0C58CF56!Olympus 20140606
DrWeb Android.Gongfu.6 20140606
Emsisoft Android.Trojan.DroidKungFu.L (B) 20140606
ESET-NOD32 Android/DroidKungFu.C 20140606
F-Secure Trojan:Android/DroidKungFu.A 20140606
Fortinet Android/DroidKungFu.AW!tr.bdr 20140606
GData Android.Trojan.DroidKungFu.L 20140606
Ikarus ELF.KungFu 20140606
K7GW Spyware ( 0048d7b81 ) 20140605
Kaspersky Backdoor.AndroidOS.KungFu.z 20140606
Kingsoft Android.Troj.Kongfu.op.(kcloud) 20140606
McAfee Artemis!0C58CF56D614 20140606
McAfee-GW-Edition Artemis!0C58CF56D614 20140606
Microsoft Trojan:Linux/DroidKrungFu.A 20140606
eScan Android.Trojan.DroidKungFu.L 20140606
NANO-Antivirus Trojan.KungFu.bfnfgi 20140606
Qihoo-360 Trojan.Generic 20140606
Rising DEX:System.Fokonge!1.9DA8 20140605
Sophos AV Andr/KongFu-A 20140606
Symantec Android.Gonfu 20140606
Tencent Dos.Backdoor.Kungfu.Gls 20140606
TrendMicro AndroidOS_DroidKungFu.SMA 20140606
TrendMicro-HouseCall TROJ_GEN.F47V0523 20140606
VIPRE Trojan.AndroidOS.DroidKungFu.a 20140606
ViRobot Trojan.Linux.A.EX-Lotoor.7032 20140606
Yandex 20140605
Antiy-AVL 20140606
Bkav 20140604
ByteHero 20140606
CMC 20140606
Comodo 20140606
F-Prot 20140606
K7AntiVirus 20140605
Malwarebytes 20140606
Norman 20140606
nProtect 20140605
Panda 20140606
SUPERAntiSpyware 20140606
TheHacker 20140606
TotalDefense 20140605
VBA32 20140606
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.tutusw.fingerscanner. The internal version number of the application is 5. The displayed version string of the application is 1.5.2. The minimum Android API level for the application to run (MinSDKVersion) is 3.
Risk summary
The studied DEX file makes use of cryptographic functions
The APK package studied contains ELF executable files
Permissions that allow the application to access Internet
Permissions that allow the application to access private information
Other permissions that could be considered as dangerous in certain scenarios
Required permissions
android.permission.VIBRATE (control vibrator)
android.permission.DISABLE_KEYGUARD (disable key lock)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.INTERNET (full Internet access)
Permission-related API calls
INTERNET
READ_LOGS
VIBRATE
ACCESS_WIFI_STATE
DISABLE_KEYGUARD
READ_PHONE_STATE
WAKE_LOCK
Main Activity
com.tutusw.fingerscanner.SettingsActivity
Activities
com.tutusw.fingerscanner.SettingsActivity
com.tutusw.fingerscanner.FingerprintActivity
com.tutusw.fingerscanner.HelpActivity
com.eguan.state.Dialog
Services
com.eguan.state.StateService
com.tutusw.fingerscanner.SleepService
Receivers
com.eguan.state.Receiver
com.tutusw.fingerscanner.BootReceiver
Activity-related intent filters
com.tutusw.fingerscanner.SettingsActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.tutusw.fingerscanner.BootReceiver
actions: android.intent.action.BOOT_COMPLETED
com.eguan.state.Receiver
actions: android.intent.action.BATTERY_CHANGED_ACTION, android.intent.action.SIG_STR, android.intent.action.BOOT_COMPLETED
Application certificate information
Application bundle files
Interesting strings
File identification
MD5 0c58cf56d614e1b33f0d3ef2cb40e70d
SHA1 5ddd8f319b04d2e155ccb948107ab6e96ec98bf1
SHA256 51f1672f7b1eea5d10baae53f04f4a27c5e1549da01d549c7faaac539f059328
ssdeep
12288:E4Z3c4+PzL54huVvPt4qNz43wbDzomFim5A5qNW2hY/kao4DtEvtZS+EwQ5heYHM:z+P5amvPyqZU8F/IqAm7CWO+zuw

File size 719.8 KB ( 737043 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android zip

VirusTotal metadata
First submission 2014-05-23 21:46:26 UTC ( 3 years, 6 months ago )
Last submission 2014-06-06 08:24:50 UTC ( 3 years, 6 months ago )
File names dfa7849c185f129a0ce643caa8b61ed71fb3c3ff.apk
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x0d6d58dd

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
2698

ZipCompressedSize
1201

FileAccessDate
2014:06:06 09:31:44+01:00

ZipFileName
META-INF/MANIFEST.MF

ZipBitFlag
0x0808

FileCreateDate
2014:06:06 09:31:44+01:00

ZipModifyDate
2014:05:24 00:44:11

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Started services
#Intent;component=com.tutusw.fingerscanner/com.eguan.state.StateService;end
Accessed files
/data/data/com.tutusw.fingerscanner/shared_prefs/permission.xml