× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: acff087f92de0608407da1c9c82f799c45d6c79f02314e41b99dbf84c4c115fe
File name: 79b0b7885d3606aa803097b1db42b2530719a59a
Detection ratio: 1 / 64
Analysis date: 2018-05-23 04:07:31 UTC ( 9 months ago )
Antivirus Result Update
Symantec Mobile Insight AdLibrary:Igexin 20180522
Ad-Aware 20180523
AegisLab 20180523
AhnLab-V3 20180523
Alibaba 20180523
ALYac 20180523
Antiy-AVL 20180523
Arcabit 20180523
Avast 20180523
Avast-Mobile 20180522
AVG 20180523
Avira (no cloud) 20180523
AVware 20180523
Babable 20180406
Baidu 20180522
BitDefender 20180523
Bkav 20180522
CAT-QuickHeal 20180522
ClamAV 20180521
CMC 20180522
Comodo 20180523
CrowdStrike Falcon (ML) 20180202
Cybereason None
Cylance 20180523
Cyren 20180523
DrWeb 20180523
eGambit 20180523
Emsisoft 20180523
Endgame 20180507
ESET-NOD32 20180523
F-Prot 20180523
F-Secure 20180523
Fortinet 20180523
GData 20180523
Ikarus 20180522
Sophos ML 20180503
Jiangmin 20180523
K7AntiVirus 20180522
K7GW 20180523
Kaspersky 20180523
Kingsoft 20180523
Malwarebytes 20180523
MAX 20180523
McAfee 20180523
McAfee-GW-Edition 20180523
Microsoft 20180522
eScan 20180523
NANO-Antivirus 20180523
nProtect 20180523
Palo Alto Networks (Known Signatures) 20180523
Panda 20180522
Qihoo-360 20180523
Rising 20180523
SentinelOne (Static ML) 20180225
Sophos AV 20180523
SUPERAntiSpyware 20180523
Symantec 20180523
Tencent 20180523
TheHacker 20180516
TotalDefense 20180522
TrendMicro 20180523
TrendMicro-HouseCall 20180523
Trustlook 20180523
VBA32 20180522
VIPRE 20180523
ViRobot 20180523
Webroot 20180523
Yandex 20180522
Zillya 20180522
ZoneAlarm by Check Point 20180523
Zoner 20180522
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.syd.zhanshen.jxzy.google. The internal version number of the application is 21. The displayed version string of the application is 1.8.3.1805101620.2. The minimum Android API level for the application to run (MinSDKVersion) is 14. The target Android API level for the application to run (TargetSDKVersion) is 26.
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.INTERACT_ACROSS_USERS_FULL ()
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.USE_CREDENTIALS (use the authentication credentials of an account)
android.permission.SYSTEM_OVERLAY_WINDOW (Unknown permission from android reference)
android.permission.KILL_BACKGROUND_PROCESSES (kill background processes)
com.google.android.c2dm.permission.RECEIVE (Unknown permission from android reference)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.INTERNET (full Internet access)
android.permission.TYPE_APPLICATION_OVERLAY (Unknown permission from android reference)
android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
com.android.vending.BILLING (Unknown permission from android reference)
android.permission.GET_ACCOUNTS (discover known accounts)
android.permission.RECORD_AUDIO (record audio)
Activities
com.hsh.XProject.MainActivity
com.cmge.sdk.plug.SlyxServicerActivity
com.cmge.overseas.sdk.CmgeSdkDemo
com.cmge.overseas.sdk.login.ManagementCenterActivity
com.cmge.overseas.sdk.login.MultifunctionalActivity
com.cmge.overseas.sdk.login.LoginActivity
com.facebook.LoginActivity
com.cmge.overseas.sdk.payment.WebViewActivity
com.cmge.overseas.sdk.payment.PayActivity
com.cmge.overseas.sdk.payment.googleplay.PurchaseActivity
com.facebook.FacebookActivity
com.twm.login.LoginActivity
com.twm.login.EntryPhoneActivity
com.twm.login.VerifySmsActivity
com.twm.login.CountryCodeActivity
com.twm.pt.gamecashflow.PayActivity
com.twitter.sdk.android.core.identity.OAuthActivity
com.vk.sdk.VKServiceActivity
com.tencent.android.tpush.XGPushActivity
Services
com.hsh.XProject.UnityNotificationService
com.appsflyer.InstanceIDListener
com.tencent.android.tpush.service.XGPushService
com.tencent.android.tpush.rpc.XGRemoteService
Receivers
com.appsflyer.MultipleInstallBroadcastReceiver
com.google.android.gms.gcm.GcmReceiver
com.hsh.XProject.UnityNotificationManager
com.tencent.android.tpush.XGPushReceiver
com.hsh.XProject.XGPushMessageReceiver
Service-related intent filters
com.hsh.XProject.UnityNotificationService
actions: com.hsh.XProject.UnityNotificationService
com.appsflyer.InstanceIDListener
actions: com.google.android.gms.iid.InstanceID
com.tencent.android.tpush.rpc.XGRemoteService
actions: com.hsh.XProject.PUSH_ACTION
Activity-related intent filters
com.hsh.XProject.MainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER, android.intent.category.LEANBACK_LAUNCHER
com.tencent.android.tpush.XGPushActivity
actions:
Receiver-related intent filters
com.appsflyer.MultipleInstallBroadcastReceiver
actions: com.android.vending.INSTALL_REFERRER
com.google.android.gms.gcm.GcmReceiver
actions: com.google.android.c2dm.intent.RECEIVE
com.hsh.XProject.XGPushMessageReceiver
actions: com.tencent.android.tpush.action.PUSH_MESSAGE, com.tencent.android.tpush.action.FEEDBACK
com.hsh.XProject.UnityNotificationManager
actions: android.intent.action.BOOT_COMPLETED, android.intent.action.USER_PRESENT, android.intent.action.PACKAGE_RESTARTED
com.tencent.android.tpush.XGPushReceiver
actions: com.tencent.android.tpush.action.SDK, com.tencent.android.tpush.action.INTERNAL_PUSH_MESSAGE, android.intent.action.USER_PRESENT, android.net.conn.CONNECTIVITY_CHANGE, android.bluetooth.adapter.action.STATE_CHANGED, android.intent.action.ACTION_POWER_CONNECTED, android.intent.action.ACTION_POWER_DISCONNECTED
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1107
Uncompressed size
61075167
Highest datetime
2018-05-18 12:50:16
Lowest datetime
2018-01-08 12:07:14
Contained files by extension
png
301
xml
221
dll
12
txt
8
bin
1
mp4
1
Contained files by type
unknown
466
PNG
301
XML
221
Portable Executable
10
JSON
2
File identification
MD5 d05ef626194a2ce4a80ca259f7530fb7
SHA1 79b0b7885d3606aa803097b1db42b2530719a59a
SHA256 acff087f92de0608407da1c9c82f799c45d6c79f02314e41b99dbf84c4c115fe
ssdeep
1572864:CtsbRFieZw4CykDMs/mlbg29VIhjJE6kfDV64VX:IMm/m1g29i3aDZX

File size 60.1 MB ( 63006829 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Java Archive (78.3%)
ZIP compressed archive (21.6%)
Tags
apk android contains-pe

VirusTotal metadata
First submission 2018-05-23 04:07:31 UTC ( 9 months ago )
Last submission 2018-05-23 04:07:31 UTC ( 9 months ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!