× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 65bb64a9e651ea785d2ba92c2ab8bd02f6353ae472bf2bc5f917b79bfdf67a10
File name: 1e1f57f6c8c9fb39da8965275548174f.apk
Detection ratio: 31 / 56
Analysis date: 2016-03-27 04:40:42 UTC ( 1 year ago )
Antivirus Result Update
Ad-Aware Android.Trojan.FakeInst.HE 20160326
AhnLab-V3 Android-Trojan/FakeInst.51f7 20160326
Alibaba A.H.Pay.Erop.Y 20160323
Antiy-AVL Trojan[SMS:HEUR]/Android.FakeInst.a1 20160327
Arcabit Android.Trojan.FakeInst.HE 20160326
Avast Android:Agent-BCX [Trj] 20160327
AVG Android/Deng.CCU 20160327
Baidu-International Trojan.Android.Agent.SD 20160326
BitDefender Android.Trojan.FakeInst.HE 20160327
CAT-QuickHeal Android.FakeInst.BH 20160326
Comodo UnclassifiedMalware 20160327
Cyren AndroidOS/GenBl.1E1F57F6!Olympus 20160327
DrWeb Android.SmsSend.809.origin 20160327
Emsisoft Android.Trojan.FakeInst.HE (B) 20160327
ESET-NOD32 a variant of Android/TrojanSMS.Agent.SD 20160327
F-Prot AndroidOS/SMSSend.BL 20160327
F-Secure Trojan:Android/Fakeinst.FU 20160327
Fortinet Android/RuSms.AL 20160327
GData Android.Trojan.FakeInst.HE 20160327
Ikarus Trojan-SMS.AndroidOS.Agent 20160326
K7GW Trojan ( 0048d9c51 ) 20160323
Kaspersky HEUR:Trojan-SMS.AndroidOS.FakeInst.fe 20160327
Kingsoft Android.Troj.FakeFlash.c.(kcloud) 20160327
McAfee Artemis!1E1F57F6C8C9 20160327
eScan Android.Trojan.FakeInst.HE 20160327
NANO-Antivirus Trojan.Android.FakeInst.cuehze 20160327
Qihoo-360 Trojan.Android.Gen 20160327
Sophos Andr/RuSms-AL 20160327
Symantec Android.Premiumtext 20160327
Tencent a.expense.fakeinstall.y 20160327
VIPRE Trojan.AndroidOS.Generic.A 20160326
AegisLab 20160327
Yandex 20160316
Avira (no cloud) 20160326
Baidu 20160325
Bkav 20160327
ByteHero 20160327
ClamAV 20160326
CMC 20160322
Jiangmin 20160327
K7AntiVirus 20160326
Malwarebytes 20160327
McAfee-GW-Edition 20160327
Microsoft 20160327
nProtect 20160325
Panda 20160326
Rising 20160327
SUPERAntiSpyware 20160326
TheHacker 20160325
TotalDefense 20160327
TrendMicro 20160327
TrendMicro-HouseCall 20160327
VBA32 20160326
ViRobot 20160327
Zillya 20160326
Zoner 20160327
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.example.service. The internal version number of the application is 1. The displayed version string of the application is 1.0. The minimum Android API level for the application to run (MinSDKVersion) is 10.
Required permissions
android.permission.BATTERY_STATS (modify battery statistics)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.INTERNET (full Internet access)
android.permission.SEND_SMS (send SMS messages)
android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.SIM_STATE_READY (Unknown permission from android reference)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.READ_CONTACTS (read contact data)
android.permission.READ_SMS (read SMS or MMS)
Activities
com.example.service.updateActivity
com.example.service.install
Services
com.example.service.MyService
Receivers
com.example.service.SmsReceiver
com.example.service.BootUpReceiver
Activity-related intent filters
com.example.service.updateActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.example.service.BootUpReceiver
actions: android.intent.action.BOOT_COMPLETED
categories: android.intent.category.DEFAULT
com.example.service.SmsReceiver
actions: android.provider.Telephony.SMS_RECEIVED
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
12
Uncompressed size
717093
Highest datetime
2013-10-23 19:16:36
Lowest datetime
2013-08-16 13:23:50
Contained files by extension
png
5
xml
2
dex
1
MF
1
RSA
1
SF
1
Contained files by type
PNG
5
unknown
4
XML
2
DEX
1
File identification
MD5 1e1f57f6c8c9fb39da8965275548174f
SHA1 a2a118743083c186c76059924d276051f843fc29
SHA256 65bb64a9e651ea785d2ba92c2ab8bd02f6353ae472bf2bc5f917b79bfdf67a10
ssdeep
6144:n1vrl/+ea6X5mGFc07dSoga9+2u5okHESivpyT3:n9MeabRtE+22o4

File size 250.0 KB ( 255963 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Java Archive (78.3%)
ZIP compressed archive (21.6%)
Tags
apk android

VirusTotal metadata
First submission 2013-10-24 12:14:53 UTC ( 3 years, 5 months ago )
Last submission 2014-12-21 13:14:20 UTC ( 2 years, 3 months ago )
File names 65bb64a9e651ea785d2ba92c2ab8bd02f6353ae472bf2bc5f917b79bfdf67a10.log
1E1F57F6C8C9FB39DA8965275548174F.apk
65bb64a9e651ea785d2ba92c2ab8bd02f6353ae472bf2bc5f917b79bfdf67a10
6391279778f113a4ca14821a7d8a58b0f254c2d0
1e1f57f6c8c9fb39da8965275548174f.apk
1e1f57f6c8c9fb39da8965275548174f_INFF947.tmp
service_update.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Started services
#Intent;component=com.example.service/.MyService;end
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Calls APIs that manage SMS operations such as sending data, text, and pdu SMS messages.
Contacted URLs
http://dlsdcncnew.net/install3_traf.php?op=26&ver=4.0.4&traf=7