× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 80b020e2df1a266f2500edee837a2287ed42dd7987aeed76bef5535a52cc0263
File name: M141.apk
Detection ratio: 32 / 57
Analysis date: 2015-02-13 00:10:32 UTC ( 1 month, 2 weeks ago )
Antivirus Result Update
AVG Android/Deng.C 20150212
AVware Trojan.AndroidOS.Generic.A 20150212
Ad-Aware Android.Trojan.Pincer.A 20150212
AegisLab Pincer 20150212
AhnLab-V3 Android-Malicious/Diver 20150212
Alibaba A.H.Pri.Pincer 20150213
Avast Android:SecCert-D [Trj] 20150212
Avira Android/SecCert.A.2 20150212
Baidu-International Backdoor.AndroidOS.Pincer.aBeP 20150212
BitDefender Android.Trojan.Pincer.A 20150212
CAT-QuickHeal Android.Pincer.A 20150212
ClamAV Andr.Trojan.Pincer 20150212
Comodo UnclassifiedMalware 20150212
Cyren AndroidOS/AndSpy.A.gen!Eldorado 20150212
DrWeb Android.Pincer.1.origin 20150212
ESET-NOD32 Android/SecCert.A 20150212
Emsisoft Android.Trojan.Pincer.A (B) 20150212
F-Secure Trojan:Android/Pincer.A 20150212
Fortinet Android/Pincer.A!tr.spy 20150212
GData Android.Trojan.Pincer.A 20150212
Ikarus AndroidOS.SecCert.A 20150212
K7AntiVirus Trojan ( 0001140e1 ) 20150212
K7GW Trojan ( 0001140e1 ) 20150212
Kaspersky HEUR:Backdoor.AndroidOS.Pincer.a 20150212
Kingsoft Android.Troj.at_Pincer.a.(kcloud) 20150213
McAfee Artemis!F9CBEE9D395A 20150212
MicroWorld-eScan Android.Trojan.Pincer.A 20150212
Qihoo-360 Trojan.Generic 20150213
Sophos Andr/Pincer-A 20150212
Symantec Trojan.Gen.2 20150212
Tencent Dos.Backdoor.Pincer.Egel 20150213
VIPRE Trojan.AndroidOS.Generic.A 20150212
ALYac 20150212
Agnitum 20150212
Antiy-AVL 20150212
Bkav 20150212
ByteHero 20150213
CMC 20150211
F-Prot 20150212
Jiangmin 20150212
Malwarebytes 20150212
McAfee-GW-Edition 20150212
Microsoft 20150212
NANO-Antivirus 20150212
Norman 20150212
Panda 20150212
Rising 20150212
SUPERAntiSpyware 20150212
TheHacker 20150212
TotalDefense 20150213
TrendMicro 20150212
TrendMicro-HouseCall 20150212
VBA32 20150211
ViRobot 20150212
Zillya 20150212
Zoner 20150211
nProtect 20150212
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.senneco.diverter. The internal version number of the application is 4. The displayed version string of the application is 4.6. The minimum Android API level for the application to run (MinSDKVersion) is 8. The target Android API level for the application to run (TargetSDKVersion) is 15.
Risk summary
The studied DEX file makes use of API reflection
Permissions that allow the application to manipulate SMS
Permissions that allow the application to perform calls
Permissions that allow the application to perform payments
Permissions that allow the application to access Internet
Permissions that allow the application to access private information
Other permissions that could be considered as dangerous in certain scenarios
Required permissions
android.permission.SEND_SMS (send SMS messages)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.READ_LOGS (read sensitive log data)
android.permission.CALL_PRIVILEGED (directly call any phone numbers)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.INTERNET (full Internet access)
android.permission.MODIFY_PHONE_STATE (modify phone status)
Permission-related API calls
CHANGE_COMPONENT_ENABLED_STATE
READ_PHONE_STATE
SEND_SMS
INTERNET
READ_LOGS
Main Activity
com.senneco.diverter.ui.MainActivity
Activities
com.senneco.diverter.ui.MainActivity
com.senneco.diverter.ui.UssdActivity
com.senneco.diverter.ui.MessageDialogActivity
Services
com.senneco.diverter.services.CheckCommandsService
com.senneco.diverter.services.CheckQueueService
com.senneco.diverter.services.USSDDumbExtendedNetworkService
Receivers
com.senneco.diverter.services.ReCheckCommandReceiver
com.senneco.diverter.services.ReSendQueueReceiver
com.senneco.diverter.services.SmsSentReceiver
com.senneco.diverter.services.SmsReceiver
com.senneco.diverter.services.PhoneCallReceiver
com.senneco.diverter.services.OnBootReceiver
Service-related intent filters
com.senneco.diverter.services.USSDDumbExtendedNetworkService
actions: com.android.ussd.IExtendedNetworkService
categories: android.intent.category.DEFAULT
Activity-related intent filters
com.senneco.diverter.ui.MainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.senneco.diverter.services.ReSendQueueReceiver
actions: android.intent.action.RE_SEND_QUEUE
com.senneco.diverter.services.SmsSentReceiver
actions: android.intent.action.SMS_SENT
com.senneco.diverter.services.OnBootReceiver
actions: android.intent.action.BOOT_COMPLETED
com.senneco.diverter.services.ReCheckCommandReceiver
actions: android.intent.action.RE_CHECK_COMMAND
com.senneco.diverter.services.PhoneCallReceiver
actions: android.intent.action.PHONE_STATE
com.senneco.diverter.services.SmsReceiver
actions: android.provider.Telephony.SMS_RECEIVED
Code-related observations
The application does not load any code dynamically
The application contains reflection code
The application does not contain native code
The application does not contain cryptographic code
Application certificate information
Application bundle files
Interesting strings
File identification
MD5 f9cbee9d395ae6e044298c75919f10fb
SHA1 60e1cd1191e0553f8d02289b96804e4ab48953b3
SHA256 80b020e2df1a266f2500edee837a2287ed42dd7987aeed76bef5535a52cc0263
ssdeep
1536:t/nRPDX5i6T3kJYuZDx9nfCGR9M2Y4qFzyJNQUaCAmEHc0:t/RPDX5i6roYuZlc29TY4q5yJ+UaCAms

File size 81.0 KB ( 82972 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android ext-prg

VirusTotal metadata
First submission 2013-03-19 20:07:00 UTC ( 2 years ago )
Last submission 2015-02-13 00:10:32 UTC ( 1 month, 2 weeks ago )
File names 1403189705.24.log
Recent29-c.apk
N106.apk
80b020e2df1a266f2500edee837a2287ed42dd7987aeed76bef5535a52cc0263
f9cbee9d395ae6e044298c75919f10fb_1.apk
Recent29-c.apk
80B020E2DF1A266F2500EDEE837A2287ED42DD7987AEED76BEF5535A52CC0263.APK.log
N106.apk
vti-rescan
f9cbee9d395ae6e044298c75919f10fb.60e1cd1191e0553f8d02289b96804e4ab48953b3
J150.apk
M141.apk
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x4cde7fc4

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
828

ZipCompressedSize
378

FileAccessDate
2015:02:13 00:10:47+00:00

ZipFileName
res/layout/enter_user_id_dialog.xml

ZipBitFlag
0x0808

FileCreateDate
2015:02:13 00:10:47+00:00

ZipModifyDate
2013:02:22 21:37:06

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Started services
#Intent;component=com.senneco.diverter/.services.CheckCommandsService;end
#Intent;component=com.senneco.diverter/.services.CheckQueueService;end
External programs launched
logcat -d USSDDumbExtendedNetworkService:I *:S
Accessed files
/system/app/Superuser.apk
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Calls APIs that manage SMS operations such as sending data, text, and pdu SMS messages.