× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b65c352d44fa1c73841c929757b3ae808522aa2ee3fd0a3591d4ab6759ff8d17
File name: AndroidOS.Backdoor.OBad
Detection ratio: 15 / 47
Analysis date: 2013-06-09 02:57:34 UTC ( 4 years, 7 months ago ) View latest
Antivirus Result Update
AhnLab-V3 Android-Axen/Prevention 20130608
AntiVir Android/Obad.a.3 20130608
Avast Android:Obad-A [Trj] 20130609
Comodo UnclassifiedMalware 20130608
DrWeb Android.Siggen.1.origin 20130609
ESET-NOD32 a variant of Android/Obad.A 20130608
GData Android:Obad-A 20130609
Ikarus AndroidOS.Backdoor.OBad 20130608
Kaspersky HEUR:Backdoor.AndroidOS.Obad.a 20130609
Kingsoft Android.Troj.Obad.a.(kcloud) 20130506
NANO-Antivirus Trojan.Obad.bsmgoe 20130609
Sophos AV Andr/Obad-A 20130609
Symantec Android.Obad 20130609
TrendMicro-HouseCall TROJ_GEN.F47V0529 20130609
VIPRE Trojan.AndroidOS.Generic.A 20130609
Yandex 20130608
Antiy-AVL 20130608
AVG 20130609
BitDefender 20130609
ByteHero 20130606
CAT-QuickHeal 20130607
ClamAV 20130609
Commtouch 20130608
Emsisoft 20130609
eSafe 20130606
F-Prot 20130608
F-Secure 20130608
Fortinet 20130609
Jiangmin 20130608
K7AntiVirus 20130607
K7GW 20130607
Malwarebytes 20130608
McAfee 20130609
McAfee-GW-Edition 20130608
Microsoft 20130609
eScan 20130609
Norman 20130608
nProtect 20130608
Panda 20130608
PCTools 20130521
Rising 20130607
SUPERAntiSpyware 20130608
TheHacker 20130608
TotalDefense 20130607
TrendMicro 20130609
VBA32 20130608
ViRobot 20130608
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.android.system.admin. The internal version number of the application is 2. The displayed version string of the application is 2.0. The minimum Android API level for the application to run (MinSDKVersion) is 1. The target Android API level for the application to run (TargetSDKVersion) is 17.
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.READ_LOGS (read sensitive log data)
android.permission.PROCESS_OUTGOING_CALLS (intercept outgoing calls)
android.permission.BLUETOOTH (create Bluetooth connections)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.INTERNET (full Internet access)
android.permission.BLUETOOTH_ADMIN (bluetooth administration)
android.permission.SEND_SMS (send SMS messages)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_BLUETOOTH_SHARE (Unknown permission from android reference)
android.permission.WRITE_SECURE_SETTINGS (modify secure system settings)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.READ_CONTACTS (read contact data)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.READ_SMS (read SMS or MMS)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.MODIFY_PHONE_STATE (modify phone status)
Activities
com.android.system.admin.CCOIoll
com.android.system.admin.cCoIOIOo
Services
com.android.system.admin.OCOcCOll
com.android.system.admin.MainService
com.android.system.admin.OCICooCI
Receivers
com.android.system.admin.OCllCoO
com.android.system.admin.IOOICOcI
com.android.system.admin.ICcIIlo
com.android.system.admin.CICoICCo
com.android.system.admin.CoccOIo
Service-related intent filters
com.android.system.admin.OCICooCI
actions: com.android.ussd.IExtendedNetworkService
categories: android.intent.category.DEFAULT
Activity-related intent filters
com.android.system.admin.CCOIoll
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.android.system.admin.CICoICCo
actions: android.intent.action.PHONE_STATE, android.intent.action.NEW_OUTGOING_CALL
com.android.system.admin.ICcIIlo
actions: android.intent.action.TIME_SET, android.intent.action.TIMEZONE_CHANGED, android.intent.action.TIME_CHANGED, android.intent.action.DATE_CHANGED
com.android.system.admin.OCllCoO
actions: com.strain.admin.DEVICE_ADMIN_ENABLED
com.android.system.admin.CoccOIo
actions: android.provider.Telephony.SMS_RECEIVED
com.android.system.admin.IOOICOcI
actions: android.intent.action.BOOT_COMPLETED, android.intent.action.QUICKBOOT_POWERON, android.intent.action.USER_PRESENT
Application certificate information
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
9
Uncompressed size
257625
Highest datetime
2013-05-16 00:01:50
Lowest datetime
2013-05-16 00:01:50
Contained files by extension
xml
3
dex
1
MF
1
RSA
1
SF
1
png
1
Contained files by type
unknown
4
XML
3
DEX
1
PNG
1
File identification
MD5 e1064bfd836e4c895b569b2de4700284
SHA1 40b3abcc27be12e6d091fd4db83e15f9e06fa027
SHA256 b65c352d44fa1c73841c929757b3ae808522aa2ee3fd0a3591d4ab6759ff8d17
ssdeep
1536:GS2c79Cldq8hIWIbyUVL08CIt79EkvCtnRF8JHW40C0t8rVhOrp076VEnehbC:bvoLaWtUR03o79Zqtn8tUC+8rVou7MFC

File size 82.3 KB ( 84306 bytes )
File type Android
Magic literal
Zip archive data, at least v1.0 to extract

TrID Java Archive (78.3%)
ZIP compressed archive (21.6%)
Tags
apk android faulty

VirusTotal metadata
First submission 2013-05-16 05:32:19 UTC ( 4 years, 8 months ago )
Last submission 2017-07-24 21:21:23 UTC ( 5 months, 4 weeks ago )
File names OBAD2.apk
N88.apk
1403180710.41.log
e1064bfd836e4c895b569b2de4700284
N88.apk
E1064BFD836E4C895B569B2DE4700284.apk
obad.apk
vti-rescan
M123.apk
test.apk
n6JHsuPkrKh_GomZR4E-20160810-23692-qp03wa
md5_submission.apk
40b3abcc27be12e6d091fd4db83e15f9e06fa027_mms.apk
Obad.A.apk
AndroidOS.Backdoor.OBad
E1064BFD836E4C895B569B2DE4700284_1381815246.apk
E1064BFD836E4C895B569B2DE4700284.apk
E1064BFD836E4C895B569B2DE4700284
B65C352D44FA1C73841C929757B3AE808522AA2EE3FD0A3591D4AB6759FF8D17.APK.log
无法卸载的安卓病毒.apk
b65c352d44fa1c73841c929757b3ae808522aa2ee3fd0a3591d4ab6759ff8d17
Obad.A.apk
e1064bfd836e4c895b569b2de4700284 (1).apk
Obad.A.apk
file.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!