× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 63149fe9e2efd94d666402d637d921a6ca4dd73dcda318a7fcc82c274175d19a
File name: FindAndCall 1.1.ipa
Detection ratio: 33 / 58
Analysis date: 2017-03-23 04:53:18 UTC ( 1 day, 7 hours ago )
Antivirus Result Update
Ad-Aware Trojan.IOS.FindCall.A 20170323
AegisLab Troj.Iphoneos.Fidall!c 20170323
ALYac MAC.IOS.Trojan.FindCall.A 20170323
Arcabit Trojan.IOS.FindCall.A 20170323
Avast IOS:Fidall-A [Trj] 20170323
AVG IOS/Fidal.A 20170323
Avira (no cloud) OSX/Fidall.A 20170322
BitDefender Trojan.IOS.FindCall.A 20170323
CAT-QuickHeal Trojan.IOS.Fidall.A 20170322
ClamAV Win.Trojan.iOS-1 20170323
Comodo UnclassifiedMalware 20170322
DrWeb IPhoneOS.Fidall.1 20170323
Emsisoft Trojan.IOS.FindCall.A (B) 20170323
ESET-NOD32 iOS/Fidall.A 20170323
F-Secure MAC.IOS.Trojan.FindCall.A 20170323
Fortinet iOS/FindCall.A!tr.spy 20170323
GData Trojan.IOS.FindCall.A 20170323
Ikarus Trojan.IphoneOS 20170322
K7AntiVirus Trojan ( 003e33021 ) 20170323
K7GW Trojan ( 003e33021 ) 20170323
Kaspersky Trojan.IphoneOS.Fidall.a 20170323
McAfee OSX/Generic.am 20170323
McAfee-GW-Edition OSX/Generic.am 20170323
Microsoft Trojan:iOS/Fidall.A 20170323
eScan Trojan.IOS.FindCall.A 20170323
NANO-Antivirus Trojan.Mac.IPhoneOS.bcoucu 20170323
Sophos iPh/FndNCll-A 20170323
Symantec Trojan.Gen.8!cloud 20170322
Tencent Win32.Trojan.Fidall.Pgdl 20170323
TrendMicro-HouseCall IOS_INFOLKCONTACTS.A 20170323
VBA32 Riskware.iPhoneOS.Fidall 20170322
Zillya Trojan.Fidall..1 20170322
ZoneAlarm by Check Point Trojan.IphoneOS.Fidall.a 20170323
AhnLab-V3 20170323
Alibaba 20170323
Antiy-AVL 20170323
AVware 20170323
Baidu 20170323
Bkav 20170322
CMC 20170317
CrowdStrike Falcon (ML) 20170130
Cyren 20170323
Endgame 20170317
F-Prot 20170323
Invincea 20170203
Jiangmin 20170323
Kingsoft 20170323
Malwarebytes 20170323
nProtect 20170323
Palo Alto Networks (Known Signatures) 20170323
Panda 20170322
Qihoo-360 20170323
Rising 20170323
SentinelOne (Static ML) 20170315
SUPERAntiSpyware 20170323
Symantec Mobile Insight 20170322
TheHacker 20170321
TotalDefense 20170323
Trustlook 20170323
VIPRE 20170323
ViRobot 20170323
Webroot 20170323
WhiteArmor 20170315
Yandex 20170321
Zoner 20170323
The file being studied is an IPA file! An .ipa file is an iPhone iOS application archive file which stores an iOS app.
File signature
Identifier ru.findandcall.app
Format bundle with Mach-O universal (armv6 armv7)
CDHash 97b5235672771943f204bd59223e6742888c7ddf
Signature size 3582
Authority Apple iPhone OS Application Signing
Authority Apple iPhone Certification Authority
Authority Apple Root CA
Signed Time Jun 13, 2012, 9:16:37 AM
Info.plist entries 26
TeamIdentifier not set
Signers
[+] Apple Inc.
Status NotTrusted
Issuer Apple Inc.
Valid from 02:04 AM 05/21/2008
Valid to 02:04 AM 05/21/2020
Valid usage Digital Signature, Code Signing
Algorithm sha1WithRSAEncryption
Thumbprint 8E79150674FF5BAEC48F9CE26DAE34B9E8487C66
Serial number 1E
[+] Apple Inc.
Status Valid
Issuer Apple Inc.
Valid from 05:43 PM 04/12/2007
Valid to 05:43 PM 04/12/2022
Valid usage Digital Signature, Certificate Sign, CRL Sign
Algorithm sha1WithRSAEncryption
Thumbprint BA0434994FF3085990E37FCEF496B8570D8ED1B4
Serial number 17
[+] Apple Inc.
Status Valid
Issuer Apple Inc.
Valid from 09:40 PM 04/25/2006
Valid to 09:40 PM 02/09/2035
Valid usage Certificate Sign, CRL Sign
Algorithm sha1WithRSAEncryption
Thumbprint 611E5B662C593A08FF58D14AE22452D198DF6C60
Serial number 2
Property list configuration information
CFBundleInfoDictionaryVersion 6.0
DTXcodeBuild 10M2423
CFBundleIdentifier ru.findandcall.app
CFBundleResourceSpecification ResourceRules.plist
DTSDKName iphoneos4.2
CFBundleShortVersionString 1.1
CFBundleDisplayName FindAndCall
CFBundleExecutable FindAndCall
MinimumOSVersion 3.0
CFBundleVersion 6801
CFBundleIconFile Icon.png
DTPlatformBuild 8C134
NSMainNibFile MainWindow
DTXcode 0325
CFBundleDevelopmentRegion English
DTPlatformName iphoneos
DTCompiler 4.2
CFBundleSignature ????
DTPlatformVersion 4.2 Seed 2
CFBundleName FindAndCall
CFBundlePackageType APPL
iOS Mach-O executables
The executable portion of this app contains 2 Mach-O files, details about the files follow.
File header
File type executable file
Magic 0xfeedface
Required architecture ARM
Sub-architecture ARM_V6
Load commands 31
Load commands size 3864
Flags DYLDLINK
NOUNDEFS
TWOLEVEL
File segments
Shared libraries
Load commands
File header
File type executable file
Magic 0xfeedface
Required architecture ARM
Sub-architecture ARM_V7
Load commands 31
Load commands size 3864
Flags DYLDLINK
NOUNDEFS
TWOLEVEL
File segments
Shared libraries
Load commands
File identification
MD5 4d99379ec9f2ca9a33bfe9841a931a80
SHA1 6522afd2f568ae73a996026efe11ec6ac38c52a5
SHA256 63149fe9e2efd94d666402d637d921a6ca4dd73dcda318a7fcc82c274175d19a
ssdeep
49152:jJZniQrvAhAFFIq4/ubyeEqioKafd3y0iq4/m+feEqtoKa0d3y5mwQZL7GpFobuK:jJZiQDX4mFZaybEw

File size 2.8 MB ( 2940485 bytes )
File type iPhone
Magic literal
Zip archive data, at least v1.0 to extract

TrID iOS Application (90.3%)
ZIP compressed archive (9.6%)
Tags
arm iphone

VirusTotal metadata
First submission 2012-07-10 21:03:47 UTC ( 4 years, 8 months ago )
Last submission 2016-05-19 09:22:12 UTC ( 10 months, 1 week ago )
File names test.ipa
file-4245479_ipa
63149fe9e2efd94d666402d637d921a6ca4dd73dcda318a7fcc82c274175d19a.log
8.txt
vti-rescan
MAC.IOS.Trojan.FindCall.A.ipa
FindAndCall 1
FindAndCall 1.1.ipa
test.txt
FindAndCall 1.1.ipa
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!