× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 72f3834e9c8ee164b7e82383415da822579ffb23fbfa7f55ac650a22b2386ee0
File name: WhoViewsYourProfile.apk
Detection ratio: 13 / 48
Analysis date: 2013-12-03 22:07:00 UTC ( 3 years, 5 months ago ) View latest
Antivirus Result Update
AntiVir Adware/ANDR.Airpush.G.Gen 20131203
AVG Android/Airpus 20131203
Baidu-International Adware.Android.AirPush.G 20131203
Bkav MW.Clod30a.Trojan.e9f1 20131129
Comodo ApplicUnwnt 20131203
DrWeb Adware.Airpush.21.origin 20131203
ESET-NOD32 a variant of Android/Adware.AirPush.G 20131203
Fortinet Adware/AirPush!Android 20131203
Ikarus AdWare.ANDR 20131203
NANO-Antivirus Trojan.Airpush.colrpj 20131203
Sophos Android Airpush 20131203
TrendMicro-HouseCall TROJ_GEN.F47V1124 20131203
VIPRE Trojan.AndroidOS.Generic.A 20131203
Ad-Aware 20131203
Yandex 20131203
AhnLab-V3 20131203
Antiy-AVL 20131129
Avast 20131203
BitDefender 20131203
ByteHero 20131127
CAT-QuickHeal 20131202
ClamAV 20131203
Commtouch 20131203
Emsisoft 20131203
F-Prot 20131203
F-Secure 20131203
GData 20131203
Jiangmin 20131203
K7AntiVirus 20131203
K7GW 20131203
Kaspersky 20131203
Kingsoft 20130829
Malwarebytes 20131203
McAfee 20131203
McAfee-GW-Edition 20131203
Microsoft 20131203
eScan 20131203
Norman 20131203
nProtect 20131203
Panda 20131203
Rising 20131203
SUPERAntiSpyware 20131203
Symantec 20131203
TheHacker 20131203
TotalDefense 20131203
TrendMicro 20131203
VBA32 20131203
ViRobot 20131203
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.whodidthat. The internal version number of the application is 1. The displayed version string of the application is 1.0. The minimum Android API level for the application to run (MinSDKVersion) is 8. The target Android API level for the application to run (TargetSDKVersion) is 18.
Required permissions
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.READ_PHONE_STATE (read phone state and identity)
com.android.launcher.permission.INSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.INTERNET (full Internet access)
com.android.browser.permission.READ_HISTORY_BOOKMARKS (read Browser's history and bookmarks)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.GET_ACCOUNTS (discover known accounts)
Activities
com.whodidthat.MainActivity
com.iyubax.pbyyrq162843.SmartWallActivity
com.iyubax.pbyyrq162843.BrowserActivity
com.iyubax.pbyyrq162843.VideoAdActivity
Services
com.iyubax.pbyyrq162843.PushService
Receivers
com.iyubax.pbyyrq162843.BootReceiver
Activity-related intent filters
com.whodidthat.MainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.iyubax.pbyyrq162843.BootReceiver
actions: android.intent.action.BOOT_COMPLETED
categories: android.intent.category.HOME
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
13
Uncompressed size
1312712
Highest datetime
2013-11-01 02:45:00
Lowest datetime
2013-11-01 02:44:58
Contained files by extension
xml
4
png
4
dex
1
MF
1
RSA
1
SF
1
Contained files by type
XML
4
unknown
4
PNG
4
DEX
1
File identification
MD5 f2459b6bde1d662399a3df725bf8891b
SHA1 05eef9a2b8fcb1045df5f90c4b9cb27cf7e977b8
SHA256 72f3834e9c8ee164b7e82383415da822579ffb23fbfa7f55ac650a22b2386ee0
ssdeep
12288:nbiuWaEKosfQtTNx12rRnpkTOOFskqFF72Wkg6klthN2gs:nRN5aN32JpkTnFsJ6L0D4

File size 398.1 KB ( 407675 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk checks-gps android

VirusTotal metadata
First submission 2013-11-24 21:27:03 UTC ( 3 years, 6 months ago )
Last submission 2014-12-31 04:33:08 UTC ( 2 years, 4 months ago )
File names 4a9dffc7a23c3cae39ba0c76d70351a1e5601bb6
WhoViewsYourProfile.apk
vti-rescan
72f3834e9c8ee164b7e82383415da822579ffb23fbfa7f55ac650a22b2386ee0
72f3834e9c8ee164b7e82383415da822579ffb23fbfa7f55ac650a22b2386ee0.log
05eef9a2b8fcb1045df5f90c4b9cb27cf7e977b8
f2459b6bde1d662399a3df725bf8891b.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Permissions checked
android.permission.ACCESS_COARSE_LOCATION:com.whodidthat
android.permission.ACCESS_FINE_LOCATION:com.whodidthat
Started activities
#Intent;launchFlags=0x30800000;component=com.whodidthat/com.iyubax.pbyyrq162843.SmartWallActivity;end
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Calls APIs that provide access to the system location services. These services allow applications to obtain periodic updates of the device's geographical location, or to fire an application-specified Intent when the device enters the proximity of a given geographical location.
Contacted URLs
http://api.airpush.com/bannerads/handle_events.php/apcd=eyJ3aWZpIjowLCJhcHB1aWQiOiIxNjI4NDMiLCJzZGt2ZXJzaW9uIjoiNi4xIiwibHAiOiI0NTA5MDQifQ==&guid=926e8704b4002818b7568d487d0ba9c1&event=14&sd=hgib6xv3ZJhwHxvpYxIkaXVQ/6nmDGnfpFgWfmI9lIR1ofI3q9PcXgwuiHHvP7Rcmx8n2SpTZY0CJKqL8JAlyIi7pKbQlnWWulZfkww+u3r4V+OoHGnX8Ts4fL0FJhiwo2nnSp7o/5yRKbcuWz+cztHcpEEeXvZc9HSM4HNh9xkxS5d9YRLPfwInipMk7DFyhrzp1OLAoc+PBhngk/jDXNo5tkZJKQSkLD+V1JvYMrJ4WyBmApeJdBphzgqyYesY
https://api.airpush.com/inappads/inappadcall.php
62616E6E65725F747970653D696E617070616426737570706F7274733D253742253232696E6C696E65566964656F2532322533417472756525324325323273746F7265506963747572657325323225334174727565253243253232736D732532322533417472756525324325323263616C656E64617225323225334166616C736525324325323274656C2532322533417472756525374426706C6163656D656E745F747970653D6E756C6C2663616E53686F774D523D66616C7365264150494B45593D313338313531393931393136323834333734332661707049643D31383233313226696D65693D6265613834613734336266633337626538336466363039...