× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 52dfd24ce2af44c37f5cb8cd7ed37bc0c62bff5148293b891cc5ef558fdc5369
File name: b40aebc327e1bc6aabe5ccb4f18e8ea4_1.apk
Detection ratio: 31 / 56
Analysis date: 2014-12-20 13:50:00 UTC ( 2 years, 5 months ago )
Antivirus Result Update
Ad-Aware Android.Trojan.FakeInst.FW 20141220
AegisLab SUSPICIOUS 20141220
AhnLab-V3 Android-Malicious/FakeInst 20141220
Avast Android:FakeIns-AF [Trj] 20141220
AVG Android/SMSAgent.K 20141220
Avira (no cloud) Android/SmsAgent.AK.Gen 20141220
AVware Trojan.AndroidOS.Generic.A 20141220
Baidu-International Trojan.AndroidOS.FakeInst.Adgd 20141220
BitDefender Android.Trojan.FakeInst.FW 20141220
CAT-QuickHeal Android.FakeInst.BH 20141219
Comodo UnclassifiedMalware 20141220
Cyren AndroidOS/GenBl.B40AEBC3!Olympus 20141220
DrWeb Android.SmsSend.809.origin 20141220
Emsisoft Android.Trojan.FakeInst.FW (B) 20141220
ESET-NOD32 a variant of Android/TrojanSMS.Agent.SD 20141220
F-Secure Trojan:Android/Fakeinst.EQ 20141220
Fortinet Android/FakeIns.AZ 20141220
GData Android.Trojan.FakeInst.FW 20141220
Ikarus Trojan-SMS.AndroidOS.Agent 20141220
K7GW Trojan ( 0048d9c51 ) 20141220
Kaspersky HEUR:Trojan-SMS.AndroidOS.FakeInst.fe 20141220
Kingsoft Android.Troj.at_FakeFlashPlayer.c.(kcloud) 20141220
McAfee Artemis!B40AEBC327E1 20141220
eScan Android.Trojan.FakeInst.FW 20141220
NANO-Antivirus Trojan.Android.FakeInst.cuehze 20141220
Qihoo-360 Trojan.Generic 20141220
Sophos Andr/RuSms-AL 20141220
Symantec Trojan.Gen.2 20141220
Tencent a.expense.fakeinstall.y 20141220
VIPRE Trojan.AndroidOS.Generic.A 20141220
Zoner Trojan.AndroidOS.Agent.A 20141219
Yandex 20141219
ALYac 20141220
Antiy-AVL 20141220
Bkav 20141220
ByteHero 20141220
ClamAV 20141220
CMC 20141218
F-Prot 20141220
Jiangmin 20141219
K7AntiVirus 20141219
Malwarebytes 20141220
McAfee-GW-Edition 20141220
Microsoft 20141220
Norman 20141220
nProtect 20141219
Panda 20141220
Rising 20141218
SUPERAntiSpyware 20141220
TheHacker 20141219
TotalDefense 20141219
TrendMicro 20141220
TrendMicro-HouseCall 20141220
VBA32 20141219
ViRobot 20141220
Zillya 20141220
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.update.servicev2. The internal version number of the application is 1. The displayed version string of the application is 1.0. The minimum Android API level for the application to run (MinSDKVersion) is 10.
Risk summary
The studied DEX file makes use of API reflection
Permissions that allow the application to manipulate SMS
Permissions that allow the application to perform payments
Permissions that allow the application to access Internet
Permissions that allow the application to access private information
Other permissions that could be considered as dangerous in certain scenarios
Required permissions
android.permission.BATTERY_STATS (modify battery statistics)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.INTERNET (full Internet access)
android.permission.SEND_SMS (send SMS messages)
android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.SIM_STATE_READY (Unknown permission from android reference)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.READ_SMS (read SMS or MMS)
Permission-related API calls
ACCESS_NETWORK_STATE
INTERNET
SEND_SMS
VIBRATE
WAKE_LOCK
READ_PHONE_STATE
Main Activity
com.update.servicev2.Service_updateActivity
Activities
com.update.servicev2.Service_updateActivity
com.update.servicev2.install
Services
com.update.servicev2.MyService
Receivers
com.update.servicev2.SmsReceiver
com.update.servicev2.BootUpReceiver
Activity-related intent filters
com.update.servicev2.Service_updateActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.update.servicev2.BootUpReceiver
actions: android.intent.action.BOOT_COMPLETED
categories: android.intent.category.DEFAULT
com.update.servicev2.SmsReceiver
actions: android.provider.Telephony.SMS_RECEIVED
Application certificate information
Application bundle files
Interesting strings
File identification
MD5 b40aebc327e1bc6aabe5ccb4f18e8ea4
SHA1 3168570dc932b13c2a63fa35143fd0c7886c83cc
SHA256 52dfd24ce2af44c37f5cb8cd7ed37bc0c62bff5148293b891cc5ef558fdc5369
ssdeep
6144:YVGJ3PpdjowfV+f8wVv9lUJPJY9O3C7sn4C/9IUhdnzod:YVGJ3PDowNImJxYg3QIBzC

File size 248.5 KB ( 254417 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Java Archive (78.3%)
ZIP compressed archive (21.6%)
Tags
apk android

VirusTotal metadata
First submission 2013-08-31 20:26:12 UTC ( 3 years, 8 months ago )
Last submission 2014-12-20 13:50:00 UTC ( 2 years, 5 months ago )
File names 52DFD24CE2AF44C37F5CB8CD7ED37BC0C62BFF5148293B891CC5EF558FDC5369.APK.log
b40aebc327e1bc6aabe5ccb4f18e8ea4_1.apk
1a0e4f9efb4715f9fb00b74a50bcf0fa32c257c2
output.14656876.txt
52dfd24ce2af44c37f5cb8cd7ed37bc0c62bff5148293b891cc5ef558fdc5369
service_update_v2.apk
14656876
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0xb814ba1e

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
2392

ZipCompressedSize
763

FileAccessDate
2014:12:20 14:49:57+01:00

ZipFileName
res/layout/main.xml

ZipBitFlag
0x0808

FileCreateDate
2014:12:20 14:49:57+01:00

ZipModifyDate
2013:08:31 09:52:00

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Started services
#Intent;component=com.update.servicev2/.MyService;end
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Calls APIs that manage SMS operations such as sending data, text, and pdu SMS messages.