× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a707cb76e566321c08b8ba8f5c89cb0cf41125468366f5b8fdad8c6fa526deb4
File name: AndroidVibleaker_a707cb76e566321c08b8ba8f5c89cb0cf41125468366f5b8...
Detection ratio: 32 / 58
Analysis date: 2017-03-19 09:21:51 UTC ( 1 week, 4 days ago )
Antivirus Result Update
Ad-Aware Android.Riskware.Agent.gXZKK 20170319
AegisLab Vibleaker!c 20170319
AhnLab-V3 Android-Trojan/Vibleaker.24ac9 20170318
Arcabit Android.Riskware.Agent.gXZKK 20170319
Avast Android:SpyAgent-WD [Trj] 20170319
AVG Android/R1.CZT.9D258D34571B 20170319
Avira (no cloud) ANDROID/Spy.Vibleaker.4360204 20170318
BitDefender Android.Riskware.Agent.gXZKK 20170319
CAT-QuickHeal Android.Vibleaker.A 20170318
ClamAV Andr.Malware.Agent-1504355 20170318
Cyren AndroidOS/ViberSt.A 20170319
DrWeb Android.Vibleaker.1.origin 20170319
Emsisoft Android.Riskware.Agent.gXZKK (B) 20170319
ESET-NOD32 Android/Spy.Vibleaker.A 20170319
F-Prot AndroidOS/ViberSt.A 20170319
F-Secure Android.Riskware.Agent 20170319
Fortinet Android/Generic.S.1FB30C!tr 20170319
GData Android.Riskware.Agent.gXZKK 20170319
Ikarus Trojan-Spy.AndroidOS.Vibleaker 20170319
K7GW Spyware ( 004f33d01 ) 20170319
Kaspersky HEUR:Trojan-Spy.AndroidOS.Vibleaker.a 20170319
McAfee Artemis!65065B53381E 20170319
eScan Android.Riskware.Agent.gXZKK 20170319
NANO-Antivirus Trojan.Android.Vibleaker.eefksr 20170319
Qihoo-360 Android mobile malware 20170319
Rising Spyware.Vibleaker/Android!8.9C2B (cloud:rS6WSx37S6J) 20170319
Sophos Andr/Spy-AIS 20170319
Symantec Trojan.Gen.2 20170318
TrendMicro ANDROIDOS_VIBLEAKER.A 20170319
Trustlook Android.Trojan.Vibleaker 20170319
WhiteArmor Android-Malware.SN-Sure.5807470141330341533246.[Trojan] 20170315
ZoneAlarm by Check Point HEUR:Trojan-Spy.AndroidOS.Vibleaker.a 20170319
Alibaba 20170228
ALYac 20170319
Antiy-AVL 20170319
AVware 20170319
Baidu 20170318
Bkav 20170318
CMC 20170317
Comodo 20170319
CrowdStrike Falcon (ML) 20170130
Endgame 20170317
Invincea 20170203
Jiangmin 20170319
K7AntiVirus 20170319
Kingsoft 20170319
Malwarebytes 20170319
McAfee-GW-Edition 20170319
Microsoft 20170319
nProtect 20170319
Palo Alto Networks (Known Signatures) 20170319
Panda 20170319
SentinelOne (Static ML) 20170315
SUPERAntiSpyware 20170319
Tencent 20170319
TheHacker 20170318
TotalDefense 20170319
VBA32 20170317
VIPRE 20170319
ViRobot 20170319
Yandex 20170318
Zillya 20170317
Zoner 20170319
The file being studied is Android related! APK Android file more specifically. The application's main package name is gr.georkouk.kastorakiacounter_new. The internal version number of the application is 3. The displayed version string of the application is 1.2. The minimum Android API level for the application to run (MinSDKVersion) is 15. The target Android API level for the application to run (TargetSDKVersion) is 22.
Required permissions
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.INTERNET (full Internet access)
Activities
gr.georkouk.kastorakiacounter_new.ActMain
gr.georkouk.kastorakiacounter_new.ActPlayers
gr.georkouk.kastorakiacounter_new.ActGame
gr.georkouk.kastorakiacounter_new.ActStats
gr.georkouk.kastorakiacounter_new.ActHelp
com.google.android.gms.ads.AdActivity
com.google.android.gms.ads.purchase.InAppPurchaseActivity
Activity-related intent filters
gr.georkouk.kastorakiacounter_new.ActPlayers
actions: gr.georkouk.kastorakiacounter_new.ACTPLAYERS
categories: android.intent.category.DEFAULT
gr.georkouk.kastorakiacounter_new.ActMain
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
gr.georkouk.kastorakiacounter_new.ActStats
actions: gr.georkouk.kastorakiacounter_new.ACTSTATS
categories: android.intent.category.DEFAULT
gr.georkouk.kastorakiacounter_new.ActHelp
actions: gr.georkouk.kastorakiacounter_new.ACTHELP
categories: android.intent.category.DEFAULT
gr.georkouk.kastorakiacounter_new.ActGame
actions: gr.georkouk.kastorakiacounter_new.ACTGAME
categories: android.intent.category.DEFAULT
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
415
Uncompressed size
8180686
Highest datetime
2016-02-28 19:04:02
Lowest datetime
2016-02-28 19:03:42
Contained files by extension
png
271
xml
139
dex
1
MF
1
RSA
1
SF
1
Contained files by type
PNG
271
XML
139
unknown
4
DEX
1
File identification
MD5 65065b53381ebc971160a91ef81dec99
SHA1 433293e2689e8377c890940ed77f8fb9db24a53e
SHA256 a707cb76e566321c08b8ba8f5c89cb0cf41125468366f5b8fdad8c6fa526deb4
ssdeep
98304:gNSYjNJsdy3IA4lQfsf7Xlmzv09xDhFiJYOVhL5fe7IpYXFF+K/K8J+SfKfEHV7i:ghNqqolIsmMrDqJ37528OXFFz/PZKf8O

File size 5.2 MB ( 5424078 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android

VirusTotal metadata
First submission 2016-05-31 01:34:19 UTC ( 10 months ago )
Last submission 2017-03-19 09:21:51 UTC ( 1 week, 4 days ago )
File names 65065b53381ebc971160a91ef81dec99.apk
a707cb76e566321c08b8ba8f5c89cb0cf41125468366f5b8fdad8c6fa526deb4.apk
AndroidVibleaker_a707cb76e566321c08b8ba8f5c89cb0cf41125468366f5b8fdad8c6fa526deb4
65065b53381ebc971160a91ef81dec99.virus
AndroidVibleaker_a707cb76e566321c08b8ba8f5c89cb0cf41125468366f5b8fdad8c6fa526deb4
gr.georkouk.kastorakiacounter_new_1.2.apk
gr.georkouk.kastorakiacounter_new.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Permissions checked
android.permission.ACCESS_FINE_LOCATION:gr.georkouk.kastorakiacounter_new
android.permission.ACCESS_NETWORK_STATE:gr.georkouk.kastorakiacounter_new
Started receivers
android.intent.action.BATTERY_CHANGED
Opened files
/data/data/gr.georkouk.kastorakiacounter_new/files
/data/data/gr.georkouk.kastorakiacounter_new/files/MintSavedData-1-1350889111360.json
/data/data/gr.georkouk.kastorakiacounter_new/files/Mint-lastsavedfile
Accessed files
/data/data/gr.georkouk.kastorakiacounter_new/files
/sbin/su
/system/bin/su
/system/xbin/su
/data/data/gr.georkouk.kastorakiacounter_new/files/.setForceSendPingOnNextStart
/data/data/gr.georkouk.kastorakiacounter_new/files/MintSavedData-1-1350889111360.json
/data/data/gr.georkouk.kastorakiacounter_new/files/Mint-lastsavedfile
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Contacted URLs
https://15beda05.api.splkmobile.com/1.0/15beda05/2af9f2b8e392123d36ff5fb750a96e59/0/1/hash=none
http://myvf.no-ip.biz//app?question=check&appKey=kastorakiaCounter&uid=6CA096E6A47C3DD9122D51C5D1F96999&appVersion=1.2&savedUid=6CA096E6A47C3DD9122D51C5D1F96999&locale=en_US&details=samsung%20-%20Nexus%20S%20-%20crespo%20-%20JRO03E