| SHA256: | 72f3834e9c8ee164b7e82383415da822579ffb23fbfa7f55ac650a22b2386ee0 |
| File name: | WhoViewsYourProfile.apk |
| Detection ratio: | 13 / 48 |
| Analysis date: | 2013-12-03 22:07:00 UTC ( 4 years, 6 months ago ) View latest |
| Antivirus | Result | Update |
|---|---|---|
| AntiVir | Adware/ANDR.Airpush.G.Gen | 20131203 |
| AVG | Android/Airpus | 20131203 |
| Baidu-International | Adware.Android.AirPush.G | 20131203 |
| Bkav | MW.Clod30a.Trojan.e9f1 | 20131129 |
| Comodo | ApplicUnwnt | 20131203 |
| DrWeb | Adware.Airpush.21.origin | 20131203 |
| ESET-NOD32 | a variant of Android/Adware.AirPush.G | 20131203 |
| Fortinet | Adware/AirPush!Android | 20131203 |
| Ikarus | AdWare.ANDR | 20131203 |
| NANO-Antivirus | Trojan.Airpush.colrpj | 20131203 |
| Sophos AV | Android Airpush | 20131203 |
| TrendMicro-HouseCall | TROJ_GEN.F47V1124 | 20131203 |
| VIPRE | Trojan.AndroidOS.Generic.A | 20131203 |
| Ad-Aware | 20131203 | |
| Yandex | 20131203 | |
| AhnLab-V3 | 20131203 | |
| Antiy-AVL | 20131129 | |
| Avast | 20131203 | |
| BitDefender | 20131203 | |
| ByteHero | 20131127 | |
| CAT-QuickHeal | 20131202 | |
| ClamAV | 20131203 | |
| Commtouch | 20131203 | |
| Emsisoft | 20131203 | |
| F-Prot | 20131203 | |
| F-Secure | 20131203 | |
| GData | 20131203 | |
| Jiangmin | 20131203 | |
| K7AntiVirus | 20131203 | |
| K7GW | 20131203 | |
| Kaspersky | 20131203 | |
| Kingsoft | 20130829 | |
| Malwarebytes | 20131203 | |
| McAfee | 20131203 | |
| McAfee-GW-Edition | 20131203 | |
| Microsoft | 20131203 | |
| eScan | 20131203 | |
| Norman | 20131203 | |
| nProtect | 20131203 | |
| Panda | 20131203 | |
| Rising | 20131203 | |
| SUPERAntiSpyware | 20131203 | |
| Symantec | 20131203 | |
| TheHacker | 20131203 | |
| TotalDefense | 20131203 | |
| TrendMicro | 20131203 | |
| VBA32 | 20131203 | |
| ViRobot | 20131203 |
The file being studied is Android related!
APK Android file more specifically.
The application's main package name is
com.whodidthat.
The internal version number of the application is
1.
The displayed version string of the application is
1.0.
The minimum Android API level for the application to run (MinSDKVersion) is
8.
The target Android API level for the application to run (TargetSDKVersion) is
18.
Required permissions
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.READ_PHONE_STATE (read phone state and identity)
com.android.launcher.permission.INSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.INTERNET (full Internet access)
com.android.browser.permission.READ_HISTORY_BOOKMARKS (read Browser's history and bookmarks)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.GET_ACCOUNTS (discover known accounts)
Activities
com.whodidthat.MainActivity
com.iyubax.pbyyrq162843.SmartWallActivity
com.iyubax.pbyyrq162843.BrowserActivity
com.iyubax.pbyyrq162843.VideoAdActivity
Services
com.iyubax.pbyyrq162843.PushService
Receivers
com.iyubax.pbyyrq162843.BootReceiver
Activity-related intent filters
com.whodidthat.MainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.iyubax.pbyyrq162843.BootReceiver
actions: android.intent.action.BOOT_COMPLETED
categories: android.intent.category.HOME
actions: android.intent.action.BOOT_COMPLETED
categories: android.intent.category.HOME
Application certificate information
Interesting strings
The file being studied is a compressed stream!
Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
13
Uncompressed size
1312712
Highest datetime
2013-11-01 02:45:00
Lowest datetime
2013-11-01 02:44:58
Contained files by extension
xml
4
png
4
dex
1
MF
1
RSA
1
SF
1
Contained files by type
XML
4
unknown
4
PNG
4
DEX
1
File identification
MD5 f2459b6bde1d662399a3df725bf8891b
SHA1 05eef9a2b8fcb1045df5f90c4b9cb27cf7e977b8
SHA256 72f3834e9c8ee164b7e82383415da822579ffb23fbfa7f55ac650a22b2386ee0
ssdeep
12288:nbiuWaEKosfQtTNx12rRnpkTOOFskqFF72Wkg6klthN2gs:nRN5aN32JpkTnFsJ6L0D4
File size
398.1 KB ( 407675 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract
| TrID |
Android Package (73.9%) Java Archive (20.4%) ZIP compressed archive (5.6%) |
Tags
apk
checks-gps
android
VirusTotal metadata
First submission
2013-11-24 21:27:03 UTC ( 4 years, 7 months ago )
Last submission
2014-12-31 04:33:08 UTC ( 3 years, 5 months ago )
| File names |
WhoViewsYourProfile.apk 72f3834e9c8ee164b7e82383415da822579ffb23fbfa7f55ac650a22b2386ee0.log vti-rescan 72f3834e9c8ee164b7e82383415da822579ffb23fbfa7f55ac650a22b2386ee0 4a9dffc7a23c3cae39ba0c76d70351a1e5601bb6 05eef9a2b8fcb1045df5f90c4b9cb27cf7e977b8 f2459b6bde1d662399a3df725bf8891b.apk |
No comments.
No VirusTotal Community member has commented on this item yet, be the first one to do so!
You have not signed in. Only registered users can leave comments, sign in and have a voice!
No votes.
No one has voted on this item yet, be the first one to do so!
Permissions checked
android.permission.ACCESS_COARSE_LOCATION:com.whodidthat
android.permission.ACCESS_FINE_LOCATION:com.whodidthat
Started activities
#Intent;launchFlags=0x30800000;component=com.whodidthat/com.iyubax.pbyyrq162843.SmartWallActivity;end
Interesting calls
Calls APIs that provide access to information about the
telephony services on the device. Applications can use such methods to
determine telephony services and states, as well as to access some types of
subscriber information.
Calls APIs that provide access to the system location
services. These services allow applications to obtain periodic updates of the
device's geographical location, or to fire an application-specified Intent
when the device enters the proximity of a given geographical location.
Contacted URLs
http://api.airpush.com/bannerads/handle_events.php/apcd=eyJ3aWZpIjowLCJhcHB1aWQiOiIxNjI4NDMiLCJzZGt2ZXJzaW9uIjoiNi4xIiwibHAiOiI0NTA5MDQifQ==&guid=926e8704b4002818b7568d487d0ba9c1&event=14&sd=hgib6xv3ZJhwHxvpYxIkaXVQ/6nmDGnfpFgWfmI9lIR1ofI3q9PcXgwuiHHvP7Rcmx8n2SpTZY0CJKqL8JAlyIi7pKbQlnWWulZfkww+u3r4V+OoHGnX8Ts4fL0FJhiwo2nnSp7o/5yRKbcuWz+cztHcpEEeXvZc9HSM4HNh9xkxS5d9YRLPfwInipMk7DFyhrzp1OLAoc+PBhngk/jDXNo5tkZJKQSkLD+V1JvYMrJ4WyBmApeJdBphzgqyYesY
https://api.airpush.com/inappads/inappadcall.php
62616E6E65725F747970653D696E617070616426737570706F7274733D253742253232696E6C696E65566964656F2532322533417472756525324325323273746F7265506963747572657325323225334174727565253243253232736D732532322533417472756525324325323263616C656E64617225323225334166616C736525324325323274656C2532322533417472756525374426706C6163656D656E745F747970653D6E756C6C2663616E53686F774D523D66616C7365264150494B45593D313338313531393931393136323834333734332661707049643D31383233313226696D65693D6265613834613734336266633337626538336466363039...
62616E6E65725F747970653D696E617070616426737570706F7274733D253742253232696E6C696E65566964656F2532322533417472756525324325323273746F7265506963747572657325323225334174727565253243253232736D732532322533417472756525324325323263616C656E64617225323225334166616C736525324325323274656C2532322533417472756525374426706C6163656D656E745F747970653D6E756C6C2663616E53686F774D523D66616C7365264150494B45593D313338313531393931393136323834333734332661707049643D31383233313226696D65693D6265613834613734336266633337626538336466363039...