× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f0d19d696e3b767fb9c230bda12edc815276f1535daa6cdae349299f04956d2e
File name: 27.txt
Detection ratio: 26 / 50
Analysis date: 2014-04-03 07:56:58 UTC ( 1 year ago )
Antivirus Result Update
AVG Android/SpyAgent 20140403
Ad-Aware Android.Trojan.Telman.A 20140403
AegisLab Agent 20140403
AntiVir Android/Spy.Agent.AE.Gen 20140403
Avast Android:Telman-D [Spy] 20140403
Baidu-International Trojan.AndroidOS.Agent.AQcE 20140403
BitDefender Android.Trojan.Telman.A 20140403
CAT-QuickHeal Android.Wroba.G 20140403
Commtouch AndroidOS/GenBl.0F19BF7E!Olympus 20140403
Comodo UnclassifiedMalware 20140403
DrWeb Android.Spy.73 20140403
ESET-NOD32 Linux/Spy.Agent.AN.Gen 20140403
Emsisoft Android.Trojan.Telman.A (B) 20140403
F-Prot AndroidOS/Telman.A 20140403
F-Secure Trojan:Android/TelMan.A 20140403
GData Android.Trojan.Telman.A 20140403
Ikarus Spy.AndroidOS 20140403
Kingsoft Android.Troj.at_kaka.a.(kcloud) 20140403
McAfee Artemis!0F19BF7E21B7 20140403
McAfee-GW-Edition Artemis!0F19BF7E21B7 20140403
MicroWorld-eScan Android.Trojan.Telman.A 20140403
Qihoo-360 Trojan.Generic 20140403
Sophos Andr/FakeKRB-H 20140403
Symantec Android.Mobilespy 20140403
TrendMicro-HouseCall TROJ_GEN.F47V0101 20140403
VIPRE Trojan.AndroidOS.Generic.A 20140403
Agnitum 20140402
AhnLab-V3 20140403
Antiy-AVL 20140403
Bkav 20140402
ByteHero 20140403
CMC 20140331
ClamAV 20140403
Fortinet 20140402
Jiangmin 20140403
K7AntiVirus 20140402
K7GW 20140402
Malwarebytes 20140403
Microsoft 20140403
NANO-Antivirus 20140403
Norman 20140403
Panda 20140402
Rising 20140402
SUPERAntiSpyware 20140403
TheHacker 20140402
TotalDefense 20140402
TrendMicro 20140403
VBA32 20140402
ViRobot 20140403
nProtect 20140402
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.google.android.ebk.hana.nowadays. The internal version number of the application is 1. The displayed version string of the application is 1.2. The minimum Android API level for the application to run (MinSDKVersion) is 8. The target Android API level for the application to run (TargetSDKVersion) is 18.
Risk summary
The studied DEX file makes use of API reflection
The studied DEX file makes use of cryptographic functions
Permissions that allow the application to manipulate SMS
Permissions that allow the application to perform calls
Permissions that allow the application to perform payments
Permissions that allow the application to access Internet
Permissions that allow the application to access private information
Other permissions that could be considered as dangerous in certain scenarios
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.VIBRATE (control vibrator)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.READ_CONTACTS (read contact data)
android.permission.SEND_SMS (send SMS messages)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.PROCESS_OUTGOING_CALLS (intercept outgoing calls)
android.permission.WRITE_CALL_LOG (write (but not read) the user's contacts data.)
android.permission.GET_TASKS (retrieve running applications)
android.permission.READ_CALL_LOG (read the user's call log.)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS (mount and unmount file systems)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.INTERNET (full Internet access)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.READ_SMS (read SMS or MMS)
Permission-related API calls
WRITE_SETTINGS
GET_TASKS
ACCESS_NETWORK_STATE
WAKE_LOCK
SEND_SMS
VIBRATE
INTERNET
CHANGE_COMPONENT_ENABLED_STATE
READ_PHONE_STATE
Main Activity
com.google.android.ebk.hana.kakao.MainActivity
Activities
com.google.android.ebk.hana.kakao.MainActivity
com.google.android.ebk.hana.kakao.BKMain
Services
com.google.android.ebk.hana.kakao.service.SmsService
com.google.android.ebk.hana.kakao.service.ContactsService
com.google.android.ebk.hana.kakao.service.ProcessRemoteCmdService
com.google.android.ebk.hana.kakao.service.ClientService
com.google.android.ebk.hana.kakao.service.CallService
Receivers
com.google.android.ebk.hana.kakao.receiver.SystemReceiver
com.google.android.ebk.hana.kakao.receiver.LockReceiver
Activity-related intent filters
com.google.android.ebk.hana.kakao.MainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.google.android.ebk.hana.kakao.receiver.SystemReceiver
actions: android.intent.action.BOOT_COMPLETED, android.intent.action.ACTION_SHUTDOWN, android.intent.action.USER_PRESENT, net.piao.mobile.MYBROADCAST
Code-related observations
The application does not load any code dynamically
The application contains reflection code
The application does not contain native code
The application contains cryptographic code
Application certificate information
Application bundle files
Interesting strings
File identification
MD5 0f19bf7e21b7c9f72daadbb4f16debaa
SHA1 8c15e305560f18c707a78405a3edbc7a55392f55
SHA256 f0d19d696e3b767fb9c230bda12edc815276f1535daa6cdae349299f04956d2e
ssdeep
24576:3KW/IXRFTNSXQ7PX9XT1aIK9uRZ4n8CJjll:3Ky0TSXMPXh/KUMJzl

File size 857.2 KB ( 877769 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (92.9%)
ZIP compressed archive (7.0%)
Tags
apk android

VirusTotal metadata
First submission 2014-01-01 03:21:40 UTC ( 1 year, 3 months ago )
Last submission 2014-03-27 08:22:29 UTC ( 1 year, 1 month ago )
File names 27.txt
3584813
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x9b6b9406

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
2058

ZipCompressedSize
875

FileAccessDate
2014:04:03 09:00:06+01:00

ZipFileName
META-INF/MANIFEST.MF

ZipBitFlag
0x0808

FileCreateDate
2014:04:03 09:00:06+01:00

ZipModifyDate
2013:12:31 13:09:21

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!