× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 80e402bcc0b6cf5a1c54a252b9825cf1ed3230124b65d134c4d7f7828d310e0f
File name: ead1a96f2a240987027e7935d3dfaef6_1.apk
Detection ratio: 38 / 56
Analysis date: 2016-01-17 11:54:56 UTC ( 7 months, 2 weeks ago )
Antivirus Result Update
AVG Developer 20160117
AVware Trojan.AndroidOS.Generic.A 20160111
Ad-Aware Android.Trojan.SmsSpy.E 20160117
AegisLab FakeInst 20160117
AhnLab-V3 Android-Trojan/FakeInst.1fce 20160117
Alibaba A.W.Rog.EvilCert.A0 20160115
Antiy-AVL Trojan[SMS]/AndroidOS.FakeInst.eg 20160117
Arcabit Android.Trojan.SmsSpy.E 20160117
Avast Android:FakeInst-AMO [Trj] 20160117
Avira (no cloud) ANDROID/SmsAgent.LE.Gen 20160117
Baidu-International Trojan.Android.Agent.BO 20160117
BitDefender Android.Trojan.SmsSpy.E 20160117
CAT-QuickHeal Android.SendSms.B 20160116
Comodo UnclassifiedMalware 20160117
Cyren AndroidOS/SmsSpy.A 20160117
DrWeb Android.SmsSend.385.origin 20160117
ESET-NOD32 Android/TrojanSMS.Agent.BO 20160117
Emsisoft Android.Trojan.SmsSpy.E (B) 20160117
F-Prot AndroidOS/SmsSpy.A 20160117
F-Secure Trojan:Android/Fakeinst.T 20160116
Fortinet Android/SmsAgent.BO!tr 20160117
GData Android.Trojan.SmsSpy.E 20160117
Ikarus Trojan.AndroidOS.FakeToken 20160117
Jiangmin Trojan/AndroidOS.jpt 20160117
K7GW Trojan ( 0048d8471 ) 20160117
Kaspersky HEUR:Trojan-SMS.AndroidOS.FakeInst.eg 20160117
McAfee Artemis!EAD1A96F2A24 20160117
McAfee-GW-Edition Artemis!Trojan 20160117
eScan Android.Trojan.SmsSpy.E 20160117
NANO-Antivirus Trojan.Android.Agent.cujubj 20160117
Qihoo-360 Trojan.Android.Gen 20160117
Rising APK:Trojan.FakeInst.f/Android!7.8DA [F] 20160117
Sophos Andr/FakeIns-B 20160117
Symantec Trojan.Gen.2 20160117
Tencent SH.!Android.MExtra.Gen.549 20160117
VIPRE Trojan.AndroidOS.Generic.A 20160117
Zillya Trojan.Agent..12025 20160117
Zoner Trojan.AndroidOS.FakeInst.A 20160117
ALYac 20160117
Yandex 20160117
Bkav 20160116
ByteHero 20160117
CMC 20160111
ClamAV 20160117
K7AntiVirus 20160117
Malwarebytes 20160117
Microsoft 20160117
Panda 20160117
SUPERAntiSpyware 20160117
TheHacker 20160116
TotalDefense 20160117
TrendMicro 20160117
TrendMicro-HouseCall 20160117
VBA32 20160117
ViRobot 20160117
nProtect 20160115
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.load.wap. The internal version number of the application is 1. The displayed version string of the application is 1.0. The minimum Android API level for the application to run (MinSDKVersion) is 4.
Required permissions
android.permission.SEND_SMS (send SMS messages)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.INTERNET (full Internet access)
android.permission.INSTALL_PACKAGES (directly install applications)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.DELETE_PACKAGES (delete applications)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.READ_CONTACTS (read contact data)
Activities
com.load.wap.MainActivity
Services
com.load.wap.MainService
Receivers
com.load.wap.AlarmReceiver
com.load.wap.AutorunReceiver
com.load.wap.SmsReciver
Activity-related intent filters
com.load.wap.MainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.load.wap.AutorunReceiver
actions: android.intent.action.BOOT_COMPLETED, android.intent.action.USER_PRESENT, android.intent.action.PHONE_STATE
com.load.wap.SmsReciver
actions: android.provider.Telephony.SMS_RECEIVED
Application certificate information
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
15
Uncompressed size
94444
Highest datetime
2013-04-01 03:39:58
Lowest datetime
2012-03-22 04:24:00
Contained files by extension
xml
6
png
4
dex
1
MF
1
RSA
1
SF
1
Contained files by type
unknown
6
XML
5
PNG
3
DEX
1
File identification
MD5 ead1a96f2a240987027e7935d3dfaef6
SHA1 d5843181714d7109672f15cce8068270e8a619c9
SHA256 80e402bcc0b6cf5a1c54a252b9825cf1ed3230124b65d134c4d7f7828d310e0f
ssdeep
768:am4mdOXsx+IGYG16w5hQCh/4I1Rlnpv4kbfhQE0b6Wc4GWR4uLBiMPeWn:am43Xm+IGYQt5hQ24wlpvhbP0beStdVj

File size 45.3 KB ( 46404 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Java Archive (78.3%)
ZIP compressed archive (21.6%)
Tags
apk android sends-sms

VirusTotal metadata
First submission 2013-04-03 12:50:29 UTC ( 3 years, 4 months ago )
Last submission 2015-02-04 13:18:16 UTC ( 1 year, 6 months ago )
File names ead1a96f2a240987027e7935d3dfaef6_1.apk
output.8543649.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Started services
#Intent;component=com.load.wap/.MainService;S.key=alarm;i.android.intent.extra.ALARM_COUNT=1;end
Opened files
/data/data/com.load.wap/files/settings
/res/raw/start.xml
/res/raw/main.xml
/res/raw/license.xml
/res/raw/sms.xml
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Calls APIs that manage SMS operations such as sending data, text, and pdu SMS messages.
SMS sent
Destination number: 82300
neo6 DEF4538 2013-04-01 03:39:58 JN
Contacted URLs
http://mob-in-portal.mobi/indexb.php