× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ba1d6f317214d318b2a4e9a9663bc7ec867a6c845affecad1290fd717cc74f29
File name: B00E185UX4.apk
Detection ratio: 45 / 60
Analysis date: 2017-04-17 21:29:31 UTC ( 6 days, 9 hours ago )
Antivirus Result Update
Ad-Aware Android.Trojan.Obad.A 20170417
AegisLab SUSPICIOUS 20170417
AhnLab-V3 Android-Trojan/Obad.22cc5 20170417
Alibaba A.H.Rem.Obad 20170417
Antiy-AVL Trojan[Backdoor]/Android.Obad 20170417
Arcabit Android.Trojan.Obad.A 20170417
Avast Android:Obad-A [Trj] 20170417
AVG Android/G2M.TZ.3412FC8CABB0 20170417
Avira (no cloud) ANDROID/Obad.a.2 20170417
AVware Trojan.AndroidOS.Generic.A 20170417
Baidu Android.Backdoor.Obad.d 20170417
BitDefender Android.Trojan.Obad.A 20170417
CAT-QuickHeal Android.Obad.A 20170417
ClamAV Andr.Trojan.OBad-1 20170417
Comodo UnclassifiedMalware 20170417
Cyren AndroidOS/GenBl.F7BE25E4!Olympus 20170417
DrWeb Android.Obad.1.origin 20170417
Emsisoft Android.Trojan.Obad.A (B) 20170417
ESET-NOD32 Android/Obad.B 20170417
F-Prot AndroidOS/Obad.B 20170417
F-Secure Trojan:Android/Obad.A 20170417
Fortinet Android/Obad.A 20170417
GData Android.Trojan.Agent.DMF49F 20170417
Ikarus AndroidOS.Obad 20170417
Jiangmin Backdoor/AndroidOS.ac 20170417
K7AntiVirus Trojan ( 0001140e1 ) 20170417
K7GW Trojan ( 0001140e1 ) 20170417
Kaspersky HEUR:Backdoor.AndroidOS.Obad.a 20170417
Kingsoft Android.Troj.Obad.a.(kcloud) 20170417
McAfee Android/Obad 20170417
McAfee-GW-Edition Android/Obad 20170417
eScan Android.Trojan.Obad.A 20170417
NANO-Antivirus Trojan.Android.Obad.dfttmg 20170416
Qihoo-360 Android mobile malware 20170417
Rising Trojan.Agent.fxr (classic) 20170417
Sophos Andr/Obad-A 20170417
Symantec Android.Obad 20170417
Symantec Mobile Insight Backdoor:Obad 20170414
Tencent SH.!Android.GenA.19f2e 20170417
TrendMicro AndroidOS_OBAD.A 20170417
TrendMicro-HouseCall AndroidOS_OBAD.A 20170417
Trustlook Android.Trojan.Obad 20170417
WhiteArmor Android-Malware.SN-Sure.575359495852.[Trojan] 20170409
Zillya Trojan.Obad..1 20170414
ZoneAlarm by Check Point HEUR:Backdoor.AndroidOS.Obad.a 20170417
ALYac 20170417
Bkav 20170415
CMC 20170417
CrowdStrike Falcon (ML) 20170130
Endgame 20170413
Invincea 20170413
Malwarebytes 20170417
Microsoft 20170417
nProtect 20170417
Palo Alto Networks (Known Signatures) 20170417
Panda 20170417
SentinelOne (Static ML) 20170330
SUPERAntiSpyware 20170417
TheHacker 20170416
VBA32 20170417
VIPRE 20170417
ViRobot 20170417
Webroot 20170417
Yandex 20170417
Zoner 20170417
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.android.system.admin. The internal version number of the application is 3. The displayed version string of the application is 3.0. The minimum Android API level for the application to run (MinSDKVersion) is 1. The target Android API level for the application to run (TargetSDKVersion) is 17.
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.READ_LOGS (read sensitive log data)
android.permission.PROCESS_OUTGOING_CALLS (intercept outgoing calls)
android.permission.RAISED_THREAD_PRIORITY (Unknown permission from android reference)
android.permission.BLUETOOTH (create Bluetooth connections)
android.permission.ACCESS_BLUETOOTH_SHARE (Unknown permission from android reference)
android.permission.INTERNET (full Internet access)
android.permission.BLUETOOTH_ADMIN (bluetooth administration)
android.permission.SEND_SMS (send SMS messages)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.WRITE_SECURE_SETTINGS (modify secure system settings)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.MODIFY_PHONE_STATE (modify phone status)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.READ_SMS (read SMS or MMS)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.READ_CONTACTS (read contact data)
Activities
com.android.system.admin.OclIIOlC
com.android.system.admin.cOOCoCc
Services
com.android.system.admin.AdminService
com.android.system.admin.MainService
com.android.system.admin.CCOloCco
Receivers
com.android.system.admin.AdminReceiver
com.android.system.admin.OlOClICl
com.android.system.admin.OooOOOo
com.android.system.admin.CIcIoICo
com.android.system.admin.OOOOlIO
Service-related intent filters
com.android.system.admin.CCOloCco
actions: com.android.ussd.IExtendedNetworkService
categories: android.intent.category.DEFAULT
Activity-related intent filters
com.android.system.admin.OclIIOlC
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.android.system.admin.AdminReceiver
actions: com.strain.admin.DEVICE_ADMIN_ENABLED
com.android.system.admin.OlOClICl
actions: android.intent.action.BOOT_COMPLETED, android.intent.action.QUICKBOOT_POWERON, android.intent.action.USER_PRESENT
com.android.system.admin.CIcIoICo
actions: android.intent.action.PHONE_STATE, android.intent.action.NEW_OUTGOING_CALL
com.android.system.admin.OOOOlIO
actions: android.provider.Telephony.SMS_RECEIVED
com.android.system.admin.OooOOOo
actions: android.intent.action.TIME_SET, android.intent.action.TIMEZONE_CHANGED, android.intent.action.TIME_CHANGED, android.intent.action.DATE_CHANGED
Application certificate information
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
9
Uncompressed size
257221
Highest datetime
2013-05-21 10:17:40
Lowest datetime
2013-05-21 10:17:40
Contained files by extension
xml
3
dex
1
MF
1
RSA
1
SF
1
png
1
Contained files by type
unknown
4
XML
3
DEX
1
PNG
1
Compressed bundles
File identification
MD5 f7be25e4f19a3a82d2e206de8ac979c8
SHA1 a2ba1bacc996b90b37a2c93089692bf5f30f1d68
SHA256 ba1d6f317214d318b2a4e9a9663bc7ec867a6c845affecad1290fd717cc74f29
ssdeep
1536:frqhOhW22IdzfH8T92wMpvr8wloZjkgspQlpovbQ18J4oMQ7IRMrx6pr:frOMW4FfKINRIwlEsT8qbaMrq

File size 83.1 KB ( 85079 bytes )
File type Android
Magic literal
Zip archive data, at least v1.0 to extract

TrID Java Archive (78.3%)
ZIP compressed archive (21.6%)
Tags
apk android faulty

VirusTotal metadata
First submission 2013-05-26 23:04:09 UTC ( 3 years, 11 months ago )
Last submission 2017-04-17 21:29:31 UTC ( 6 days, 9 hours ago )
File names file-6800936_apk
obad2.apk
androidobada.apk
1403103360.76.log
F7BE25E4F19A3A82D2E206DE8AC979C8
vti-rescan
androidobada.apk
f7be25e4f19a3a82d2e206de8ac979c8.apk
0316.apk
md5_submission.apk
f7be25e4f19a3a82d2e206de8ac979c8-a2ba1bacc996b90b37a2c93089692bf5f30f1d68
M124.apk
Recent13-b.apk
B00E185UX4.apk
F7BE25E4F19A3A82D2E206DE8AC979C8.apk.zip
F7BE25E4F19A3A82D2E206DE8AC979C8.apk
SystemSpeedup_475699.apk
tetus2.apk
a2ba1bacc996b90b37a2c93089692bf5f30f1d68
BA1D6F317214D318B2A4E9A9663BC7EC867A6C845AFFECAD1290FD717CC74F29.APK
J134.apk
f7be25e4f19a3a82d2e206de8ac979c8
N89.apk
androidobada.apk
OBAD1.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!