× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6e1e5354982dbf1b73ca4e5d46aafca8286304463e37dce3f61545ec137b08df
File name: d7f1a309528e4ffb16d1160dffe0b511.APK
Detection ratio: 32 / 55
Analysis date: 2016-09-07 18:27:07 UTC ( 2 years, 2 months ago )
Antivirus Result Update
Ad-Aware Android.Trojan.SLocker.BC 20160907
AegisLab Android.Troj.Slocker!c 20160907
AhnLab-V3 Android-Trojan/Slocker.e94d 20160907
Alibaba A.W.Rog.RiskApp 20160907
Antiy-AVL Trojan[Ransom:HEUR]/AndroidOS.Fusob.5 20160907
Arcabit Android.Trojan.SLocker.BC 20160907
Avast Android:Agent-JVQ [Trj] 20160907
AVG Android/G2P.DG.4C55B1CDDA5B 20160907
Avira (no cloud) ANDROID/Locker.AT.Gen 20160907
Baidu Android.Trojan.Locker.dx 20160907
BitDefender Android.Trojan.SLocker.BC 20160907
CAT-QuickHeal Android.Fusob.D 20160907
Comodo UnclassifiedMalware 20160907
Cyren AndroidOS/GenBl.D7F1A309!Olympus 20160907
DrWeb Android.Locker.75.origin 20160907
Emsisoft Android.Trojan.SLocker.BC (B) 20160907
ESET-NOD32 a variant of Android/Locker.BW 20160907
F-Secure Trojan:Android/SLocker.BI 20160907
Fortinet Android/SLocker.EB!tr 20160907
GData Android.Trojan.SLocker.BC 20160907
Ikarus Trojan.AndroidOS.Locker 20160907
K7GW Trojan ( 004c11d91 ) 20160907
Kaspersky HEUR:Trojan-Ransom.AndroidOS.Fusob.e 20160907
McAfee Artemis!D7F1A309528E 20160907
McAfee-GW-Edition Artemis!Trojan 20160907
eScan Android.Trojan.SLocker.BC 20160907
NANO-Antivirus Trojan.Android.Ransom.drlfnd 20160907
Qihoo-360 Android mobile malware 20160907
Rising Ransom.Fusob/Android!8.3FF-OLKuS8AQ0VD (cloud) 20160907
Sophos AV Andr/PornLock-A 20160907
Tencent SH.!Android.GenA.11d2 20160907
Zoner Trojan.AndroidOS.Locker.A 20160907
AVware 20160907
Bkav 20160907
ClamAV 20160907
CMC 20160907
F-Prot 20160907
Jiangmin 20160907
K7AntiVirus 20160907
Kingsoft 20160907
Malwarebytes 20160907
Microsoft 20160907
nProtect 20160907
Panda 20160907
SUPERAntiSpyware 20160907
Symantec 20160907
TheHacker 20160905
TotalDefense 20160907
TrendMicro 20160907
TrendMicro-HouseCall 20160907
VBA32 20160905
VIPRE 20160907
ViRobot 20160907
Yandex 20160907
Zillya 20160907
The file being studied is Android related! APK Android file more specifically. The application's main package name is net.revamped. The internal version number of the application is 1. The displayed version string of the application is 1.0. The minimum Android API level for the application to run (MinSDKVersion) is 8. The target Android API level for the application to run (TargetSDKVersion) is 16.
Required permissions
android.permission.WRITE_CONTACTS (write contact data)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)
android.permission.PROCESS_OUTGOING_CALLS (intercept outgoing calls)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.GET_TASKS (retrieve running applications)
android.permission.READ_CALL_LOG (read the user's call log.)
android.permission.ACCESS_COARSE_UPDATES (Unknown permission from android reference)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.CAMERA (take pictures and videos)
android.permission.INTERNET (full Internet access)
android.permission.READ_PROFILE (read the user's personal profile data)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.READ_CONTACTS (read contact data)
Activities
net.revamped.RejectionActivity
net.revamped.WattleActivity
net.revamped.BlossomingActivity
net.revamped.AfterthoughtActivity
net.revamped.ToldActivity
Services
net.revamped.PuppetsService
net.revamped.SnuggledService
Receivers
net.revamped.Jouster
net.revamped.Aerosol
Activity-related intent filters
net.revamped.RejectionActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
net.revamped.Aerosol
actions: android.app.action.DEVICE_ADMIN_ENABLED
net.revamped.Jouster
actions: android.intent.action.BOOT_COMPLETED, android.intent.action.USER_PRESENT, android.intent.action.SCREEN_ON, android.intent.action.NEW_OUTGOING_CALL, android.intent.action.PHONE_STATE
Application certificate information
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
10
Uncompressed size
93559
Highest datetime
2015-05-03 23:15:00
Lowest datetime
2015-05-03 23:14:52
Contained files by extension
xml
3
dex
1
MF
1
RSA
1
SF
1
png
1
Contained files by type
unknown
4
XML
3
DEX
1
HTML
1
PNG
1
File identification
MD5 d7f1a309528e4ffb16d1160dffe0b511
SHA1 43df5613336ea4e0a208bfa4fc305bff6420ce0f
SHA256 6e1e5354982dbf1b73ca4e5d46aafca8286304463e37dce3f61545ec137b08df
ssdeep
768:d1Abh7ngGWnc11/ztF6cGBMZWtGvVHCPybZubYoQa1hlFK5rBIFgnbQ5NaElMaoC:ryngLYvF6cGeUtGyybZCQa1h+59zbQ5H

File size 41.6 KB ( 42602 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android

VirusTotal metadata
First submission 2015-05-05 21:36:55 UTC ( 3 years, 6 months ago )
Last submission 2016-09-07 18:27:07 UTC ( 2 years, 2 months ago )
File names d7f1a309528e4ffb16d1160dffe0b511.APK
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Started activities
#Intent;launchFlags=0x30000000;component=net.revamped/.BlossomingActivity;end
Started services
#Intent;component=net.revamped/.SnuggledService;end
#Intent;action=android.intent.action.BOOT_COMPLETED;component=net.revamped/.SnuggledService;end
Started receivers
android.intent.action.SCREEN_ON
android.intent.action.SCREEN_OFF
Opened files
/mnt/sdcard/Download
/data/data/net.revamped/files/bigotry.html
Accessed files
/data/data/net.revamped/files
/data/data/net.revamped/files/patrol.jpg
/data/data/net.revamped/files/wondrously.apk
/data/data/net.revamped/files/bigotry.html
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Contacted URLs
http://azureloop.in
646174613D6762447671454A38337054753343444E42463156664472714D4C6F6C41575967677A386D67306F5A504E51363552554E474E7455544559735A6D4D786C75616A56746D38654D61477646426E657A7A4A696F5F6445766C58505775504F5044653533774E534C7A417543385552417632504B4B5477627049394537636F696B74416B4D3051774E5947714B5347705441547A72486833557444617A425778756246324C4338327039316661526D396C4267724C38696977426C464D73554C5058636850756E347957393773505874665A52514F65673544634E524E37766E584D4F5568586179716A4979714B7671315165526B4262505566335465...
http://azureloop.in
7265706F72743D657949784D434936496C526F636D56685A4330344D794973496A457A496A6F695957526B496977694E6A41694F6E73694D544D694F6A45314C4349784E434936496A51754D433430496977694D5445694F694A6F5A584A796157356E496977694D5449694F694A7A62327031496977694D794936496D59345A47566C5A545A68596A517A4D44466A4D4755694C434979496A6F694F44646B596A46684D6D55744E7A67304D4330305A44566C4C574A6A4D7A67744D6A51304E6A51334E54497A4D325A6D496977694D5441694F694A6A636D567A634738694C434978496A6F694E533431496977694D434936496A457A496977694E79493649...
http://pornigy.biz
646174613D6762447671454A38337054753343444E42463156664472714D4C6F6C41575967677A386D67306F5A504E51363552554E474E7455544559735A6D4D786C75616A56746D38654D61477646426E657A7A4A696F5F6445766C58505775504F5044653533774E534C7A417543385552417632504B4B5477627049394537636F696B74416B4D3051774E5947714B5347705441547A72486833557444617A425778756246324C4338327039316661526D396C4267724C38696977426C464D73554C5058636850756E347957393773505874665A52514F65673544634E524E37766E584D4F5568586179716A4979714B7671315165526B4262505566335465...
http://azureloop.in
646174613D364C4C48504F47756E467A7761756353747071704C555F4152714D784A38575F542D6D6D6B4238584B79784D7031526D4C7470517739584E305A35535F6D32787737484E70624A31527156587A506B654D774B45554A374D5F4579676876315A71565075714E4E614F4F466A657372746F795F5A6D576872653532316848504B4A7177684C734C365444336A36757A463056565A49776869444B6F385F425A7877556E6967566E486B474C524D33644161325F757053375A6D56684B70785A6264687A39474E4F556B6C6D685F644B436E6E6C63396E7A2D627A7977464A4C6A63635148537672646D4A39485F594C316D32476F7347303748354E...
http://pornigy.biz
646174613D364C4C48504F47756E467A7761756353747071704C555F4152714D784A38575F542D6D6D6B4238584B79784D7031526D4C7470517739584E305A35535F6D32787737484E70624A31527156587A506B654D774B45554A374D5F4579676876315A71565075714E4E614F4F466A657372746F795F5A6D576872653532316848504B4A7177684C734C365444336A36757A463056565A49776869444B6F385F425A7877556E6967566E486B474C524D33644161325F757053375A6D56684B70785A6264687A39474E4F556B6C6D685F644B436E6E6C63396E7A2D627A7977464A4C6A63635148537672646D4A39485F594C316D32476F7347303748354E...