× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 71c2b8d8c24ad928fc0227fa57112fa165d24e990c6034d2709d92ebae544216
File name: xa844278.apk
Detection ratio: 23 / 62
Analysis date: 2018-09-21 02:26:47 UTC ( 8 months ago ) View latest
Antivirus Result Update
Ad-Aware Android.Riskware.SmsPay.ADR 20180921
AhnLab-V3 Android-PUP/SmsPay.ae5ae 20180921
Arcabit Android.Riskware.SmsPay.ADR 20180921
Avira (no cloud) ANDROID/Trojan.Agent.AMAM.Gen 20180920
Baidu Android.Trojan.Fadeb.c 20180914
BitDefender Android.Riskware.SmsPay.ADR 20180921
CAT-QuickHeal Android.SmsPay.GEN7302 (PUP) 20180918
Cyren ZIP/Trojan.CYLE-0 20180921
Emsisoft Android.Riskware.SmsPay.ADR (B) 20180921
ESET-NOD32 a variant of Android/Fadeb.K 20180921
F-Secure Android.Riskware.SmsPay 20180921
Fortinet Android/Agent.AYL!tr 20180921
GData Android.Riskware.SmsPay.ADR 20180921
Ikarus Trojan.AndroidOS.Fadeb 20180920
K7GW Trojan ( 0053c40b1 ) 20180920
Kaspersky not-a-virus:HEUR:RiskTool.AndroidOS.Dnotua.acgn 20180921
MAX malware (ai score=76) 20180921
McAfee Artemis!02FFAB413959 20180921
eScan Android.Riskware.SmsPay.ADR 20180921
NANO-Antivirus Trojan.Android.Agent.dqfsll 20180920
Sophos AV Andr/Rootnik-AI 20180921
TrendMicro-HouseCall Suspicious_GEN.F47V0920 20180920
ZoneAlarm by Check Point not-a-virus:HEUR:RiskTool.AndroidOS.Dnotua.acgn 20180921
AegisLab 20180921
Alibaba 20180912
ALYac 20180921
Antiy-AVL 20180920
Avast 20180921
Avast-Mobile 20180920
AVG 20180921
AVware 20180920
Babable 20180918
Bkav 20180919
ClamAV 20180921
CMC 20180920
Comodo 20180921
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180921
DrWeb 20180921
eGambit 20180921
Endgame 20180730
F-Prot 20180921
Sophos ML 20180717
Jiangmin 20180921
K7AntiVirus 20180920
Kingsoft 20180921
Malwarebytes 20180921
McAfee-GW-Edition 20180921
Microsoft 20180921
Palo Alto Networks (Known Signatures) 20180921
Panda 20180920
Qihoo-360 20180921
Rising 20180921
SentinelOne (Static ML) 20180830
SUPERAntiSpyware 20180907
Symantec 20180920
Symantec Mobile Insight 20180918
TACHYON 20180921
Tencent 20180921
TheHacker 20180920
TotalDefense 20180920
TrendMicro 20180920
Trustlook 20180921
VBA32 20180920
VIPRE 20180920
ViRobot 20180920
Webroot 20180921
Yandex 20180920
Zillya 20180920
Zoner 20180920
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.folwdlhm.ydmprufr. The internal version number of the application is 5585536. The displayed version string of the application is 3.17. The minimum Android API level for the application to run (MinSDKVersion) is 11. The target Android API level for the application to run (TargetSDKVersion) is 19.
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.DISABLE_KEYGUARD (disable key lock)
android.permission.READ_USER_DICTIONARY (read user-defined dictionary)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.INTERNET (full Internet access)
android.permission.CHANGE_CONFIGURATION (change your UI settings)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.INTERACT_ACROSS_USERS_FULL ()
android.permission.UPDATE_APP_OPS_STATS (Unknown permission from android reference)
com.android.launcher.permission.INSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.RECEIVE_WAP_PUSH (receive WAP)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.GET_TASKS (retrieve running applications)
android.permission.READ_CALL_LOG (read the user's call log.)
android.permission.READ_SETTINGS (Unknown permission from android reference)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.MEDIA_CONTENT_CONTROL (Unknown permission from android reference)
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.ACCESS_MTK_MMHW (Unknown permission from android reference)
android.permission.BROADCAST_STICKY (send sticky broadcast)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS (mount and unmount file systems)
android.permission.SAMSUNG_TUNTAP (Unknown permission from android reference)
android.permission.READ_SMS (read SMS or MMS)
android.permission.VIBRATE (control vibrator)
android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)
android.permission.READ_INTERNAL_STORAGE (Unknown permission from android reference)
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS (access extra location provider commands)
android.permission.CAMERA (take pictures and videos)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.READ_CONTACTS (read contact data)
android.permission.RUN_INSTRUMENTATION (Unknown permission from android reference)
android.permission.MODIFY_AUDIO_SETTINGS (change your audio settings)
android.permission.WRITE_INTERNAL_STORAGE (Unknown permission from android reference)
android.permission.GET_ACCOUNTS (discover known accounts)
Activities
com.baidu.go.MainActivity
com.baidu.go.MhDeActivity
com.baidu.go.MhReadActivity
com.baidu.go.MbActivity
com.baidu.go.SPVideoActivity
com.baidu.go.zp.SW_VWebViewActivity
com.baidu.go.WelcomeActivity
com.nys.go.view.gallery.ImagePagerActivity
com.nys.go.novel.ReadActivity
com.nys.go.novel.CataActivity
Services
com.jy.ll.wx.LL_TpService
com.y.t.jar.pay.UpdateServices
com.inter.china.fplay.service.LlcServoceOne
com.a.w.p.M
Receivers
com.y.t.jar.pay.InNoticeReceiver
com.inter.china.fplay.service.LlcReceiverOne
com.wchen.jzf.jrever.JzRever
com.zxhy.zf.r.D
com.a.w.p.B
Activity-related intent filters
com.baidu.go.WelcomeActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.inter.china.fplay.service.LlcReceiverOne
actions: android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.BATTERY_CHANGED, android.intent.action.USER_PRESENT, android.net.wifi.supplicant.CONNECTION_CHANGE, android.intent.action.ACTION_POWER_CONNECTED, android.intent.action.ACTION_POWER_DISCONNECTED
com.a.w.p.B
actions: android.provider.Telephony.SMS_RECEIVED, android.intent.action.USER_PRESENT, android.intent.action.ACTION_SHUTDOWN, android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.SIM_STATE_CHANGED, android.intent.action.SERVICE_STATE, android.bluetooth.adapter.action.STATE_CHANGED, android.net.wifi.WIFI_STATE_CHANGED, android.intent.action.ANY_DATA_STATE, android.net.wifi.STATE_CHANGE, android.intent.action.BOOT_COMPLETED, android.intent.action.MEDIA_MOUNTED, android.intent.action.MEDIA_EJECT
categories: android.intent.category.DEFAULT, android.intent.category.LAUNCHER
com.y.t.jar.pay.InNoticeReceiver
actions: android.provider.Telephony.SMS_DELIVER, android.provider.Telephony.SMS_RECEIVED
com.wchen.jzf.jrever.JzRever
actions: android.provider.Telephony.SMS_DELIVER, android.provider.Telephony.SMS_RECEIVED
com.zxhy.zf.r.D
actions: android.provider.Telephony.SMS_RECEIVED
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
130
Uncompressed size
3951505
Highest datetime
2018-09-21 09:37:14
Lowest datetime
2018-09-21 09:30:14
Contained files by extension
xml
64
png
50
so
6
jpg
2
dex
1
MF
1
cf
1
RSA
1
SF
1
Contained files by type
XML
63
PNG
50
unknown
8
ELF
6
JPG
2
DEX
1
File identification
MD5 557fe8a65441f703e6248887ba5252dc
SHA1 0d0098a44f84d55f680209b07b7a0b587459ae90
SHA256 71c2b8d8c24ad928fc0227fa57112fa165d24e990c6034d2709d92ebae544216
ssdeep
49152:ftltdlG9G4kXoBEiI/my/5ZZngyyrIAns+glXGfBKq8uwp:LtdlG9BkXoBVSnZngbrdnp5f9A

File size 2.2 MB ( 2304142 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (63.6%)
Java Archive (17.5%)
Sweet Home 3D design (generic) (12.7%)
ZIP compressed archive (4.8%)
PrintFox/Pagefox bitmap (var. P) (1.2%)
Tags
apk android contains-elf

VirusTotal metadata
First submission 2018-09-21 02:26:47 UTC ( 8 months ago )
Last submission 2018-09-26 03:11:26 UTC ( 7 months, 3 weeks ago )
File names output.113820401.txt
污污大全44278.apk
output.113856360.txt
xa844278.apk
output.113855666.txt
output.113855951.txt
output.113820079.txt
output.113857010.txt
output.113820723.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!