× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 72a522d0d3dcd0dc026b02ab9535e87a9f5664bc5587fd33bb4a48094bce0537
File name: 72a522d0d3dcd0dc026b02ab9535e87a9f5664bc5587fd33bb4a48094bce0537.apk
Detection ratio: 37 / 55
Analysis date: 2016-07-13 22:00:21 UTC ( 1 week, 3 days ago )
Antivirus Result Update
ALYac Android.Monitor.FinSpy.B 20160713
AVG Android/Finfis 20160713
AVware Trojan.AndroidOS.FinSpy.c 20160713
Ad-Aware Android.Monitor.FinSpy.B 20160713
AegisLab FinFisher 20160713
AhnLab-V3 Android-Trojan/FinSpy.1d01 20160713
Alibaba A.H.Pri.Tracking 20160713
Antiy-AVL RiskWare[Monitor]/AndroidOS.FinSpy.a 20160713
Arcabit Android.Monitor.FinSpy.A 20160713
Avast Android:CardServ-AU [Trj] 20160713
Avira (no cloud) ANDROID/FinFisherA.A.1 20160713
BitDefender Android.Monitor.FinSpy.B 20160713
CAT-QuickHeal Android.FinSpy.A (PUP) 20160713
Comodo UnclassifiedMalware 20160713
Cyren AndroidOS/GenBl.08CFFA8F!Olympus 20160713
DrWeb Android.Finspy.origin 20160713
ESET-NOD32 Android/Belesak.A 20160712
Emsisoft Android.Monitor.FinSpy.B (B) 20160713
F-Prot AndroidOS/FinSpy.A 20160713
F-Secure Android.Monitor.FinSpy.B 20160713
Fortinet Android/FinSpy.A!tr.spy 20160713
GData Android.Monitor.FinSpy.B 20160713
Ikarus Trojan.AndroidOS.FinSpy 20160713
K7AntiVirus Trojan ( 0001140e1 ) 20160713
K7GW Trojan ( 0001140e1 ) 20160713
Kaspersky not-a-virus:HEUR:Monitor.AndroidOS.FinSpy.a 20160713
Kingsoft Android.Troj.FinFisher.a.(kcloud) 20160713
McAfee Artemis!08CFFA8F55BE 20160713
eScan Android.Monitor.FinSpy.B 20160713
NANO-Antivirus Trojan.Android.Finspy.bdoxek 20160713
Qihoo-360 Trojan.Android.Gen 20160713
Sophos Andr/FinSpy-A 20160713
Symantec Android.Finfish 20160713
Tencent a.privacy.tracking 20160713
TrendMicro ANDROIDOS_FINSPY.HQT 20160713
TrendMicro-HouseCall ANDROIDOS_FINSPY.HQT 20160713
Zillya Downloader.OpenConnection.JS.119042 20160713
Baidu 20160713
Bkav 20160713
CMC 20160711
ClamAV 20160713
Jiangmin 20160713
Malwarebytes 20160713
McAfee-GW-Edition 20160713
Microsoft 20160713
Panda 20160713
SUPERAntiSpyware 20160713
TheHacker 20160712
TotalDefense 20160713
VBA32 20160713
VIPRE 20160713
ViRobot 20160713
Yandex 20160713
Zoner 20160713
nProtect 20160713
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.android.services. The internal version number of the application is 351. The displayed version string of the application is 1.0. The minimum Android API level for the application to run (MinSDKVersion) is 7.
Required permissions
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.MODIFY_PHONE_STATE (modify phone status)
android.permission.RECEIVE_WAP_PUSH (receive WAP)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.PROCESS_OUTGOING_CALLS (intercept outgoing calls)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.BLUETOOTH (create Bluetooth connections)
android.permission.INTERNET (full Internet access)
android.permission.RECEIVE_MMS (receive MMS)
android.permission.READ_CONTACTS (read contact data)
android.permission.READ_SMS (read SMS or MMS)
Activities
com.android.services.HiddenActivity
Services
com.android.services.Services
com.android.services.EventBasedService
com.android.services.sms.SmsHandlerIntentServices
com.android.time.based.RemovalAtServices
com.android.tracking.TrackingService
Receivers
com.android.services.sms.SMSReceiver
com.android.services.ReceiverStartApp
com.android.services.ReceiverStartBoot
com.android.events.based.ReceiverLowBattery
com.android.events.based.ReceiverLowSpace
com.android.events.based.ReceiverFlightMode
com.android.events.based.ReceiverCalls
com.android.events.based.ReceiverWifi
com.android.events.based.ReceiverLocationChanged
com.android.tracking.TReceiverLocationChanged
com.android.events.based.DataLinkReceiver
com.android.events.based.NetworkChangedReceiver
com.android.services.ReceiverPackageReplaced
Receiver-related intent filters
com.android.services.ReceiverStartApp
actions: android.net.conn.CONNECTIVITY_CHANGE, android.net.wifi.STATE_CHANGE, android.bluetooth.adapter.action.STATE_CHANGED, android.intent.action.PHONE_STATE, android.intent.action.NEW_OUTGOING_CALL, android.provider.Telephony.SMS_RECEIVED
com.android.events.based.ReceiverLowBattery
actions: android.intent.action.BATTERY_LOW, android.intent.action.BATTERY_OKAY
com.android.events.based.ReceiverWifi
actions: android.net.wifi.STATE_CHANGE
com.android.events.based.NetworkChangedReceiver
actions: android.net.conn.CONNECTIVITY_CHANGE
com.android.events.based.ReceiverFlightMode
actions: android.intent.action.AIRPLANE_MODE
com.android.events.based.ReceiverLowSpace
actions: android.intent.action.DEVICE_STORAGE_LOW, android.intent.action.DEVICE_STORAGE_OK
com.android.services.ReceiverPackageReplaced
actions: android.intent.action.PACKAGE_REPLACED
com.android.events.based.DataLinkReceiver
actions: android.net.conn.CONNECTIVITY_CHANGE
com.android.services.ReceiverStartBoot
actions: android.intent.action.BOOT_COMPLETED
com.android.events.based.ReceiverCalls
actions: android.intent.action.PHONE_STATE, android.intent.action.NEW_OUTGOING_CALL
com.android.services.sms.SMSReceiver
actions: android.provider.Telephony.SMS_RECEIVED
Application certificate information
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
213
Uncompressed size
322104
Highest datetime
2012-03-15 13:36:20
Lowest datetime
2011-12-14 10:01:28
Contained files by extension
dat
200
xml
5
png
3
dex
1
MF
1
RSA
1
SF
1
Contained files by type
unknown
204
XML
5
PNG
3
DEX
1
File identification
MD5 08cffa8f55be4bbed2704395876b618f
SHA1 80596efa05837f6de70bdfd153af96cec098f93a
SHA256 72a522d0d3dcd0dc026b02ab9535e87a9f5664bc5587fd33bb4a48094bce0537
ssdeep
3072:/v2+MMiyjBhcEzeeXqXAm/C6bLoHSvMcDGW88Lr7niUNXH+aAMN8+HXNsWeCY86D:/vxRZjIEv6RbLoyvMZj

File size 139.5 KB ( 142822 bytes )
File type Android
Magic literal
Zip archive data, at least v1.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android

VirusTotal metadata
First submission 2012-09-05 10:29:07 UTC ( 3 years, 10 months ago )
Last submission 2016-07-13 22:00:21 UTC ( 1 week, 3 days ago )
File names file-7718520_
18_67075_157985FF7FCF1CA30F5B026D1B897F1F.apk
08CFFA8F55BE4BBED2704395876B618F
08CFFA8F55BE4BBED2704395876B618F.VIR
08cffa8f55be4bbed2704395876b618f.zip
N142.apk
vti-rescan
72A522D0D3DCD0DC026B02AB9535E87A9F5664BC5587FD33BB4A48094BCE0537.APK.log
110000160700801701.apk
80596efa05837f6de70bdfd153af96cec098f93a.apk
08cffa8f55be4bbed2704395876b618f_1.apk
72a522d0d3dcd0dc026b02ab9535e87a9f5664bc5587fd33bb4a48094bce0537
08CFFA8F55BE4BBED2704395876B618F.txt
72a522d0d3dcd0dc026b02ab9535e87a9f5664bc5587fd33bb4a48094bce0537.apk
08cffa8f55be4bbed2704395876b618f.apk
08CFFA8F55BE4BBED2704395876B618vq F
Andriod.apk
Recent50-a.apk
08CFFA8F55BE4BBED2704395876B618F.apk
72a522d0d3dcd0dc026b02ab9535e87a9f5664bc5587fd33bb4a48094bce0537
Recent50-a.apk
80596efa05837f6de70bdfd153af96cec098f93a
72a522d0d3dcd0dc026b02ab9535e87a9f5664bc5587fd33bb4a48094bce0537.log
08CFFA8F55BE4BBED2704395876B618F
08cffa8f55be4bbed2704395876b618f.virus
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Started services
#Intent;component=com.android.services/.Services;S.CheckSim=boot;end
Opened files
/data/data/com.android.services/files
Accessed files
/data/data/com.android.services/files
/data/data/com.android.services/files/rFile
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Calls APIs that manage SMS operations such as sending data, text, and pdu SMS messages.