× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8dd0236cfde54b69f38de7a7db6180d97b1e5ad0d0a4d0587f9eda2e71338b77
File name: xa844278.apk
Detection ratio: 24 / 62
Analysis date: 2018-09-13 02:21:15 UTC ( 8 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Android.Riskware.SmsPay.ADR 20180912
AhnLab-V3 Android-PUP/SmsPay.ae5ae 20180912
Alibaba A.H.Pay.Qnmrkz 20180713
Arcabit Android.Riskware.SmsPay.ADR 20180913
Avira (no cloud) ANDROID/Trojan.Agent.AMAM.Gen 20180912
Baidu Android.Trojan.Fadeb.c 20180912
BitDefender Android.Riskware.SmsPay.ADR 20180913
CAT-QuickHeal Android.SmsPay.GEN7302 (PUP) 20180912
Cyren ZIP/Trojan.CYLE-0 20180913
DrWeb Android.Xiny.1513 20180913
Emsisoft Android.Riskware.SmsPay.ADR (B) 20180913
ESET-NOD32 a variant of Android/Fadeb.K 20180913
F-Secure Android.Riskware.SmsPay 20180912
Fortinet Android/Agent.AUT!tr 20180913
GData Android.Riskware.SmsPay.ADR 20180913
Ikarus Trojan.AndroidOS.Fadeb 20180912
K7GW Trojan ( 0053c40b1 ) 20180912
Kaspersky not-a-virus:HEUR:RiskTool.AndroidOS.Dnotua.acgn 20180912
MAX malware (ai score=79) 20180913
eScan Android.Riskware.SmsPay.ADR 20180913
NANO-Antivirus Trojan.Android.Agent.dqfsll 20180912
Sophos AV Andr/Rootnik-AI 20180912
TrendMicro-HouseCall Suspicious_GEN.F47V0720 20180913
ZoneAlarm by Check Point not-a-virus:HEUR:RiskTool.AndroidOS.Dnotua.acgn 20180913
AegisLab 20180912
ALYac 20180913
Antiy-AVL 20180913
Avast 20180913
Avast-Mobile 20180912
AVG 20180913
AVware 20180913
Babable 20180907
Bkav 20180912
ClamAV 20180912
CMC 20180912
Comodo 20180912
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180913
eGambit 20180913
Endgame 20180730
F-Prot 20180913
Sophos ML 20180717
Jiangmin 20180912
K7AntiVirus 20180912
Kingsoft 20180913
Malwarebytes 20180912
McAfee 20180912
McAfee-GW-Edition 20180912
Microsoft 20180912
Palo Alto Networks (Known Signatures) 20180913
Panda 20180912
Qihoo-360 20180913
Rising 20180913
SentinelOne (Static ML) 20180830
SUPERAntiSpyware 20180907
Symantec 20180912
Symantec Mobile Insight 20180911
TACHYON 20180912
Tencent 20180913
TheHacker 20180907
TotalDefense 20180912
TrendMicro 20180913
Trustlook 20180913
VBA32 20180912
VIPRE 20180913
ViRobot 20180912
Webroot 20180913
Yandex 20180912
Zillya 20180912
Zoner 20180912
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.ebkkwiao.zxrfaela. The internal version number of the application is 1527490. The displayed version string of the application is 3.10. The minimum Android API level for the application to run (MinSDKVersion) is 11. The target Android API level for the application to run (TargetSDKVersion) is 19.
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.DISABLE_KEYGUARD (disable key lock)
android.permission.READ_USER_DICTIONARY (read user-defined dictionary)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.CAMERA (take pictures and videos)
android.permission.INTERNET (full Internet access)
android.permission.CHANGE_CONFIGURATION (change your UI settings)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.INTERACT_ACROSS_USERS_FULL ()
android.permission.UPDATE_APP_OPS_STATS (Unknown permission from android reference)
com.android.launcher.permission.INSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.RECEIVE_WAP_PUSH (receive WAP)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.GET_TASKS (retrieve running applications)
android.permission.READ_CALL_LOG (read the user's call log.)
android.permission.READ_SETTINGS (Unknown permission from android reference)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.MEDIA_CONTENT_CONTROL (Unknown permission from android reference)
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.ACCESS_MTK_MMHW (Unknown permission from android reference)
android.permission.BROADCAST_STICKY (send sticky broadcast)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.MODIFY_AUDIO_SETTINGS (change your audio settings)
android.permission.SAMSUNG_TUNTAP (Unknown permission from android reference)
android.permission.READ_SMS (read SMS or MMS)
android.permission.VIBRATE (control vibrator)
android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)
android.permission.READ_INTERNAL_STORAGE (Unknown permission from android reference)
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS (access extra location provider commands)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.READ_CONTACTS (read contact data)
android.permission.RUN_INSTRUMENTATION (Unknown permission from android reference)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS (mount and unmount file systems)
android.permission.WRITE_INTERNAL_STORAGE (Unknown permission from android reference)
android.permission.GET_ACCOUNTS (discover known accounts)
Activities
com.baidu.go.MainActivity
com.baidu.go.MhDeActivity
com.baidu.go.MhReadActivity
com.baidu.go.MbActivity
com.baidu.go.SPVideoActivity
com.baidu.go.zp.SW_VWebViewActivity
com.baidu.go.WelcomeActivity
com.nys.go.view.gallery.ImagePagerActivity
com.nys.go.novel.ReadActivity
com.nys.go.novel.CataActivity
Services
com.y.t.jar.pay.UpdateServices
com.inter.china.fplay.service.LlcServoceOne
com.a.w.p.M
Receivers
com.y.t.jar.pay.InNoticeReceiver
com.inter.china.fplay.service.LlcReceiverOne
com.wchen.jzf.jrever.JzRever
com.zxhy.zf.r.D
com.a.w.p.B
Activity-related intent filters
com.baidu.go.WelcomeActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.inter.china.fplay.service.LlcReceiverOne
actions: android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.BATTERY_CHANGED, android.intent.action.USER_PRESENT, android.net.wifi.supplicant.CONNECTION_CHANGE, android.intent.action.ACTION_POWER_CONNECTED, android.intent.action.ACTION_POWER_DISCONNECTED
com.zxhy.zf.r.D
actions: android.provider.Telephony.SMS_RECEIVED
com.a.w.p.B
actions: android.provider.Telephony.SMS_RECEIVED, android.intent.action.USER_PRESENT, android.intent.action.ACTION_SHUTDOWN, android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.SIM_STATE_CHANGED, android.intent.action.SERVICE_STATE, android.bluetooth.adapter.action.STATE_CHANGED, android.net.wifi.WIFI_STATE_CHANGED, android.intent.action.ANY_DATA_STATE, android.net.wifi.STATE_CHANGE, android.intent.action.BOOT_COMPLETED, android.intent.action.MEDIA_MOUNTED, android.intent.action.MEDIA_EJECT
categories: android.intent.category.DEFAULT, android.intent.category.LAUNCHER
com.wchen.jzf.jrever.JzRever
actions: android.provider.Telephony.SMS_DELIVER, android.provider.Telephony.SMS_RECEIVED
com.y.t.jar.pay.InNoticeReceiver
actions: android.provider.Telephony.SMS_DELIVER, android.provider.Telephony.SMS_RECEIVED
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
121
Uncompressed size
3292741
Highest datetime
2018-09-13 10:10:10
Lowest datetime
2018-09-13 10:03:44
Contained files by extension
xml
58
png
47
so
4
jpg
3
dex
1
MF
1
cf
1
RSA
1
dat
1
SF
1
Contained files by type
XML
57
PNG
47
unknown
9
ELF
4
JPG
3
DEX
1
File identification
MD5 15f4ddc2158f15869ef507a01a1c2c66
SHA1 5c07080a9f3ad35c50d20e2917afa309bb56c2cd
SHA256 8dd0236cfde54b69f38de7a7db6180d97b1e5ad0d0a4d0587f9eda2e71338b77
ssdeep
49152:QQ3eetBL6R161+oZoSyVI9wLdnRyxnHJgliGbl3Sx5:/3ek6R47ZoSyVnnRGnpUxSx5

File size 1.8 MB ( 1934247 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (54.6%)
Java Archive (15.1%)
BlueEyes Animation (14.0%)
Sweet Home 3D design (generic) (10.9%)
ZIP compressed archive (4.1%)
Tags
apk android contains-elf

VirusTotal metadata
First submission 2018-09-13 02:21:15 UTC ( 8 months, 2 weeks ago )
Last submission 2018-11-21 08:01:26 UTC ( 6 months, 1 week ago )
File names output.113930794.txt
VirusShare_Family_201810_15f4ddc2158f15869ef507a01a1c2c66.apk
VirusShare_15f4ddc2158f15869ef507a01a1c2c66
xa844278.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!