× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7e7528e5a1f2328c8e5167ad51c4cda8791f5b213cd85a436bdd83681b8ad7f6
File name: VirusShare_b0f597636859b7f5b2c1574d7a8bbbbb
Detection ratio: 37 / 58
Analysis date: 2016-12-20 14:52:36 UTC ( 6 months, 1 week ago )
Antivirus Result Update
Ad-Aware Android.Trojan.FakeInst.HE 20161220
AegisLab FakeInst 20161220
AhnLab-V3 Android-Trojan/FakeInst.51f7 20161220
Alibaba A.H.Pay.Erop.Y 20161220
Antiy-AVL Trojan[SMS]/AndroidOS.FakeInst.fe 20161220
Arcabit Android.Trojan.FakeInst.HE 20161220
Avast Android:Agent-BCX [Trj] 20161220
AVG Android/FakeInst.M 20161220
Avira (no cloud) ANDROID/TrojanSMS.Agent.SD.Gen 20161220
AVware Trojan.AndroidOS.Generic.A 20161220
Baidu Android.Trojan.Agent.anz 20161207
BitDefender Android.Trojan.FakeInst.HE 20161220
Bkav Android.Trojan.SMS.FakeInst.950A 20161220
CAT-QuickHeal Android.FakeInst.BH 20161220
Comodo UnclassifiedMalware 20161220
Cyren AndroidOS/GenBl.B0F59763!Olympus 20161220
DrWeb Android.SmsSend.1133.origin 20161220
Emsisoft Android.Trojan.FakeInst.HE (B) 20161220
ESET-NOD32 a variant of Android/TrojanSMS.Agent.SD 20161220
F-Prot AndroidOS/SMSSend.BL 20161220
F-Secure Trojan:Android/Fakeinst.FU 20161220
Fortinet Android/FakeInst.HX!tr 20161220
GData Android.Trojan.FakeInst.HE 20161220
Ikarus Trojan-SMS.AndroidOS.Agent 20161220
K7GW Trojan ( 0048d9c51 ) 20161220
Kaspersky HEUR:Trojan-SMS.AndroidOS.FakeInst.fe 20161220
McAfee Artemis!B0F597636859 20161220
eScan Android.Trojan.FakeInst.HE 20161220
NANO-Antivirus Trojan.Android.FakeInst.cuehze 20161220
Qihoo-360 Trojan.Android.Gen 20161220
Rising Trojan.FakeInst/Android!8.3C9-O7XEkblAE0K (cloud) 20161220
Sophos Andr/RuSms-AL 20161220
Symantec Android.Premiumtext 20161220
Tencent a.expense.fakeinstall.y 20161220
Trustlook Android.Trojan.Fakeflashplayer 20161220
WhiteArmor Android-Malware.SN-Sure.2633034104135149324039.[Trojan] 20161212
Zoner Trojan.AndroidOS.Agent.E 20161220
ALYac 20161220
ClamAV 20161220
CMC 20161220
CrowdStrike Falcon (ML) 20161024
Invincea 20161216
Jiangmin 20161220
K7AntiVirus 20161220
Kingsoft 20161220
Malwarebytes 20161220
McAfee-GW-Edition 20161220
Microsoft 20161220
nProtect 20161220
Panda 20161220
SUPERAntiSpyware 20161220
TheHacker 20161219
TotalDefense 20161220
TrendMicro 20161220
TrendMicro-HouseCall 20161220
VBA32 20161220
VIPRE 20161220
ViRobot 20161220
Yandex 20161220
Zillya 20161220
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.example.service. The internal version number of the application is 1. The displayed version string of the application is 1.0. The minimum Android API level for the application to run (MinSDKVersion) is 10.
Required permissions
android.permission.BATTERY_STATS (modify battery statistics)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)
android.permission.SEND_SMS (send SMS messages)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.INTERNET (full Internet access)
android.permission.SIM_STATE_READY (Unknown permission from android reference)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.READ_CONTACTS (read contact data)
android.permission.READ_SMS (read SMS or MMS)
Activities
com.example.service.updateActivity
com.example.service.install
Services
com.example.service.MyService
Receivers
com.example.service.SmsReceiver
com.example.service.BootUpReceiver
Activity-related intent filters
com.example.service.updateActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.example.service.BootUpReceiver
actions: android.intent.action.BOOT_COMPLETED
categories: android.intent.category.DEFAULT
com.example.service.SmsReceiver
actions: android.provider.Telephony.SMS_RECEIVED
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
12
Uncompressed size
717093
Highest datetime
2013-10-23 17:17:48
Lowest datetime
2013-08-16 13:23:50
Contained files by extension
png
5
xml
2
dex
1
MF
1
RSA
1
SF
1
Contained files by type
PNG
5
unknown
4
XML
2
DEX
1
File identification
MD5 b0f597636859b7f5b2c1574d7a8bbbbb
SHA1 40d562625ec964ddad23a44b6356b4ca44303b62
SHA256 7e7528e5a1f2328c8e5167ad51c4cda8791f5b213cd85a436bdd83681b8ad7f6
ssdeep
3072:KivPAra33mmSHvy/8LGPwATZqdF+kP9knsjWac5xR/vJvNlyXiHdCrVIabh47xGQ:KUPMKkiPxqP9ksia6xR/hvbyrrVI7xGQ

File size 250.0 KB ( 255981 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Java Archive (78.3%)
ZIP compressed archive (21.6%)
Tags
apk android

VirusTotal metadata
First submission 2013-10-24 07:31:00 UTC ( 3 years, 8 months ago )
Last submission 2016-11-24 14:55:24 UTC ( 7 months ago )
File names 16366931
b0f597636859b7f5b2c1574d7a8bbbbb.apk
aa
b0f597636859b7f5b2c1574d7a8bbbbb_INF804.tmp
000f2119a5222cfb6636d95062cdd741bc52e0a3
7e7528e5a1f2328c8e5167ad51c4cda8791f5b213cd85a436bdd83681b8ad7f6.log
service_update.apk
VirusShare_b0f597636859b7f5b2c1574d7a8bbbbb
output.16366931.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Started services
#Intent;component=com.example.service/.MyService;end
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Calls APIs that manage SMS operations such as sending data, text, and pdu SMS messages.