× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 54d92f4bba9a7aa77e3e9b1fa489b23d1412d31a2fab5bff63babb21f2fa9108
File name: 54D92F4BBA9A7AA77E3E9B1FA489B23D
Detection ratio: 26 / 56
Analysis date: 2015-10-03 07:47:21 UTC ( 3 years, 2 months ago )
Antivirus Result Update
Ad-Aware Android.Trojan.AndroRAT.E 20151003
AegisLab Androrat_1 20151002
Alibaba A.H.Rem.Climap 20150927
Arcabit Android.Trojan.AndroRAT.E 20151003
Avast Android:Androrat-I [Trj] 20151003
AVG Android/AndroRAT 20151003
Avira (no cloud) ANDROID/AndroRat.D.Gen 20151003
BitDefender Android.Trojan.AndroRAT.E 20151003
CAT-QuickHeal Android.Climap.A 20151002
ClamAV Andr.Trojan.Androrat 20151002
Cyren AndroidOS/AndroRAT.A 20151003
DrWeb Android.Spy.178.origin 20151003
Emsisoft Android.Trojan.AndroRAT.E (B) 20151003
ESET-NOD32 a variant of Android/Spy.AndroRAT.D 20151003
F-Prot AndroidOS/AndroRAT.A 20150929
F-Secure Monitoring-Tool:Android/AndroRat.B 20151003
Fortinet Android/Sandr.C!tr 20151003
GData Android.Trojan.AndroRAT.E 20151003
Ikarus Trojan-Spy.AndroidOS.Androrat 20151003
Kaspersky HEUR:Backdoor.AndroidOS.Climap.a 20151003
McAfee Artemis!13C68F4F1D6D 20151003
McAfee-GW-Edition Artemis!PUP 20151002
Microsoft MonitoringTool:AndroidOS/AndroRat 20151003
eScan Android.Trojan.AndroRAT.E 20151003
NANO-Antivirus Trojan.Android.Zerat.dekxmy 20151003
Sophos AV Andr/SandRat-C 20151003
Yandex 20150930
AhnLab-V3 20151002
ALYac 20151003
Antiy-AVL 20151003
AVware 20151003
Baidu-International 20151002
Bkav 20151002
ByteHero 20151003
CMC 20151002
Comodo 20151003
Jiangmin 20151001
K7AntiVirus 20151003
K7GW 20151003
Kingsoft 20151003
Malwarebytes 20151003
nProtect 20151002
Panda 20151002
Qihoo-360 20151003
Rising 20151002
SUPERAntiSpyware 20151003
Symantec 20151002
TheHacker 20151002
TotalDefense 20151003
TrendMicro 20151003
TrendMicro-HouseCall 20151003
VBA32 20151003
VIPRE 20151003
ViRobot 20151003
Zillya 20151002
Zoner 20151003
The file being studied is Android related! APK Android file more specifically. The application's main package name is my.app.client. The internal version number of the application is 1. The displayed version string of the application is 1.0. The minimum Android API level for the application to run (MinSDKVersion) is 8.
Risk summary
The studied DEX file makes use of API reflection
The studied DEX file makes use of cryptographic functions
Permissions that allow the application to manipulate SMS
Permissions that allow the application to perform calls
Permissions that allow the application to manipulate your location
Permissions that allow the application to perform payments
Permissions that allow the application to access Internet
Permissions that allow the application to access private information
Other permissions that could be considered as dangerous in certain scenarios
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.PROCESS_OUTGOING_CALLS (intercept outgoing calls)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.INTERNET (full Internet access)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.WRITE_CALL_LOG (write (but not read) the user's contacts data.)
android.permission.GET_TASKS (retrieve running applications)
android.permission.READ_CALL_LOG (read the user's call log.)
com.android.browser.permission.READ_HISTORY_BOOKMARKS (read Browser's history and bookmarks)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.WRITE_CONTACTS (write contact data)
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.READ_SMS (read SMS or MMS)
android.permission.VIBRATE (control vibrator)
android.permission.CAMERA (take pictures and videos)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECORD_AUDIO (record audio)
android.permission.READ_CONTACTS (read contact data)
Permission-related API calls
FACTORY_TEST
GET_TASKS
ACCESS_NETWORK_STATE
RECORD_AUDIO
INTERNET
SEND_SMS
VIBRATE
ACCESS_WIFI_STATE
CAMERA
READ_LOGS
READ_CONTACTS
CHANGE_COMPONENT_ENABLED_STATE
READ_PHONE_STATE
WRITE_HISTORY_BOOKMARKS
ACCESS_FINE_LOCATION
WAKE_LOCK
Main Activity
my.app.client.LauncherActivity
Activities
my.app.client.LauncherActivity
my.app.alt.PhotoActivity
net.droidjack.server.CamSnapDJ
net.droidjack.server.VideoCapDJ
Services
my.app.client.Client
net.droidjack.server.Controller
net.droidjack.server.GPSLocation
net.droidjack.server.Toaster
Receivers
my.app.client.BootReceiver
my.app.client.AlarmListener
net.droidjack.server.Connector
net.droidjack.server.CallListener
Service-related intent filters
my.app.client.Client
actions: .Client
Activity-related intent filters
net.droidjack.server.VideoCapDJ
actions: android.intent.action.VIDEOCAPDJ
categories: android.intent.category.DEFAULT
my.app.client.LauncherActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
net.droidjack.server.CamSnapDJ
actions: android.intent.action.CAMSNAPDJ
categories: android.intent.category.DEFAULT
Receiver-related intent filters
net.droidjack.server.Connector
actions: android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.BOOT_COMPLETED
net.droidjack.server.CallListener
actions: android.intent.action.PHONE_STATE
my.app.client.BootReceiver
actions: android.intent.action.BOOT_COMPLETED
categories: android.intent.category.HOME
Application certificate information
Application bundle files
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
14
Uncompressed size
422931
Highest datetime
2015-09-18 16:04:14
Lowest datetime
2015-09-18 16:04:14
Contained files by extension
xml
5
png
4
dex
1
MF
1
RSA
1
SF
1
Contained files by type
XML
5
unknown
4
PNG
4
DEX
1
File identification
MD5 13c68f4f1d6d45915f44b0a8a31464de
SHA1 07518989b27a1d2930ebb1ce7c5ae6e6282275a3
SHA256 54d92f4bba9a7aa77e3e9b1fa489b23d1412d31a2fab5bff63babb21f2fa9108
ssdeep
3072:qR6E6PnFFpXI9CHcbWmFMZ+tm2B7U9SkMVRkX9MJN+ewdA4U5WpeTi8KAVSRV5aj:qRFej49CHeM1yYUoX9Mf+ewaKAESHD

File size 172.7 KB ( 176819 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
apk android

VirusTotal metadata
First submission 2015-10-03 07:47:21 UTC ( 3 years, 2 months ago )
Last submission 2015-10-03 07:47:21 UTC ( 3 years, 2 months ago )
File names 54D92F4BBA9A7AA77E3E9B1FA489B23D
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Started services
#Intent;action=BootReceiver;component=my.app.client/.Client;end
#Intent;component=my.app.client/net.droidjack.server.Controller;end