× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: cb9b928463947294decc2e1475e95154beaac85955fbfe161a6494497c9faea2
File name: output.114049210.txt
Detection ratio: 32 / 62
Analysis date: 2018-09-18 06:07:06 UTC ( 8 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Android.Riskware.SmsPay.ADR 20180917
AhnLab-V3 Android-PUP/SmsPay.ae5ae 20180917
Alibaba A.H.Pay.Qnmrkz 20180713
Arcabit Android.Riskware.SmsPay.ADR 20180918
Avira (no cloud) ANDROID/Trojan.Agent.AMAM.Gen 20180917
Baidu Android.Trojan.Fadeb.c 20180914
BitDefender Android.Riskware.SmsPay.ADR 20180918
CAT-QuickHeal Android.SmsPay.GEN7302 (PUP) 20180917
Cyren ZIP/Trojan.CYLE-0 20180918
DrWeb Android.Xiny.1513 20180918
Emsisoft Android.Riskware.SmsPay.ADR (B) 20180918
ESET-NOD32 a variant of Android/Fadeb.K 20180918
F-Secure Android.Riskware.SmsPay 20180918
Fortinet Android/Agent.AYL!tr 20180918
GData Android.Riskware.SmsPay.ADR 20180918
Ikarus Trojan.AndroidOS.Fadeb 20180917
K7GW Trojan ( 0053c40b1 ) 20180918
Kaspersky not-a-virus:HEUR:RiskTool.AndroidOS.Dnotua.acgn 20180918
MAX malware (ai score=99) 20180918
McAfee Artemis!5E187481D299 20180918
McAfee-GW-Edition Artemis!PUP 20180918
eScan Android.Riskware.SmsPay.ADR 20180918
NANO-Antivirus Trojan.Android.Agent.dqfsll 20180918
Qihoo-360 Trojan.Android.Gen 20180918
Sophos AV Andr/Rootnik-AI 20180918
Symantec Dialer.Generic 20180918
Symantec Mobile Insight Other:Android.Reputation.1 20180911
Tencent a.payment.movers 20180918
TrendMicro-HouseCall Suspicious_GEN.F47V0917 20180918
Trustlook Android.Malware.General 20180918
ZoneAlarm by Check Point not-a-virus:HEUR:RiskTool.AndroidOS.Dnotua.acgn 20180918
Zoner Trojan.AndroidOS.SmsPay.C 20180917
AegisLab 20180918
ALYac 20180918
Antiy-AVL 20180918
Avast 20180918
Avast-Mobile 20180917
AVG 20180918
AVware 20180918
Babable 20180918
Bkav 20180917
ClamAV 20180918
CMC 20180917
Comodo 20180918
CrowdStrike Falcon (ML) 20180202
Cybereason 20180308
Cylance 20180918
eGambit 20180918
Endgame 20180730
F-Prot 20180918
Sophos ML 20180717
Jiangmin 20180918
K7AntiVirus 20180918
Kingsoft 20180918
Malwarebytes 20180918
Microsoft 20180918
Palo Alto Networks (Known Signatures) 20180918
Panda 20180917
Rising 20180918
SentinelOne (Static ML) 20180830
SUPERAntiSpyware 20180907
TACHYON 20180918
TheHacker 20180914
TotalDefense 20180918
TrendMicro 20180918
VBA32 20180917
VIPRE 20180918
ViRobot 20180918
Webroot 20180918
Yandex 20180917
Zillya 20180917
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.wqrqtuys.ksbdhxtk. The internal version number of the application is 774010. The displayed version string of the application is 3.14. The minimum Android API level for the application to run (MinSDKVersion) is 11. The target Android API level for the application to run (TargetSDKVersion) is 19.
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.DISABLE_KEYGUARD (disable key lock)
android.permission.READ_USER_DICTIONARY (read user-defined dictionary)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.CAMERA (take pictures and videos)
android.permission.INTERNET (full Internet access)
android.permission.CHANGE_CONFIGURATION (change your UI settings)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.INTERACT_ACROSS_USERS_FULL ()
android.permission.UPDATE_APP_OPS_STATS (Unknown permission from android reference)
com.android.launcher.permission.INSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.RECEIVE_WAP_PUSH (receive WAP)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.GET_TASKS (retrieve running applications)
android.permission.READ_CALL_LOG (read the user's call log.)
android.permission.READ_SETTINGS (Unknown permission from android reference)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.MEDIA_CONTENT_CONTROL (Unknown permission from android reference)
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.ACCESS_MTK_MMHW (Unknown permission from android reference)
android.permission.BROADCAST_STICKY (send sticky broadcast)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.MODIFY_AUDIO_SETTINGS (change your audio settings)
android.permission.SAMSUNG_TUNTAP (Unknown permission from android reference)
android.permission.READ_SMS (read SMS or MMS)
android.permission.VIBRATE (control vibrator)
android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)
android.permission.READ_INTERNAL_STORAGE (Unknown permission from android reference)
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS (access extra location provider commands)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.READ_CONTACTS (read contact data)
android.permission.RUN_INSTRUMENTATION (Unknown permission from android reference)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS (mount and unmount file systems)
android.permission.WRITE_INTERNAL_STORAGE (Unknown permission from android reference)
android.permission.GET_ACCOUNTS (discover known accounts)
Activities
com.baidu.go.MainActivity
com.baidu.go.MhDeActivity
com.baidu.go.MhReadActivity
com.baidu.go.MbActivity
com.baidu.go.SPVideoActivity
com.baidu.go.zp.SW_VWebViewActivity
com.baidu.go.WelcomeActivity
com.nys.go.view.gallery.ImagePagerActivity
com.nys.go.novel.ReadActivity
com.nys.go.novel.CataActivity
Services
com.jy.ll.wx.LL_TpService
com.y.t.jar.pay.UpdateServices
com.inter.china.fplay.service.LlcServoceOne
com.a.w.p.M
Receivers
com.y.t.jar.pay.InNoticeReceiver
com.inter.china.fplay.service.LlcReceiverOne
com.wchen.jzf.jrever.JzRever
com.zxhy.zf.r.D
com.a.w.p.B
Activity-related intent filters
com.baidu.go.WelcomeActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.inter.china.fplay.service.LlcReceiverOne
actions: android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.BATTERY_CHANGED, android.intent.action.USER_PRESENT, android.net.wifi.supplicant.CONNECTION_CHANGE, android.intent.action.ACTION_POWER_CONNECTED, android.intent.action.ACTION_POWER_DISCONNECTED
com.zxhy.zf.r.D
actions: android.provider.Telephony.SMS_RECEIVED
com.a.w.p.B
actions: android.provider.Telephony.SMS_RECEIVED, android.intent.action.USER_PRESENT, android.intent.action.ACTION_SHUTDOWN, android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.SIM_STATE_CHANGED, android.intent.action.SERVICE_STATE, android.bluetooth.adapter.action.STATE_CHANGED, android.net.wifi.WIFI_STATE_CHANGED, android.intent.action.ANY_DATA_STATE, android.net.wifi.STATE_CHANGE, android.intent.action.BOOT_COMPLETED, android.intent.action.MEDIA_MOUNTED, android.intent.action.MEDIA_EJECT
categories: android.intent.category.DEFAULT, android.intent.category.LAUNCHER
com.wchen.jzf.jrever.JzRever
actions: android.provider.Telephony.SMS_DELIVER, android.provider.Telephony.SMS_RECEIVED
com.y.t.jar.pay.InNoticeReceiver
actions: android.provider.Telephony.SMS_DELIVER, android.provider.Telephony.SMS_RECEIVED
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
125
Uncompressed size
3180408
Highest datetime
2018-09-17 14:52:08
Lowest datetime
2018-09-17 14:45:38
Contained files by extension
xml
61
png
49
so
4
jpg
2
dex
1
MF
1
cf
1
RSA
1
dat
1
SF
1
Contained files by type
XML
60
PNG
49
unknown
9
ELF
4
JPG
2
DEX
1
File identification
MD5 5e187481d299f83de023320dfc84780b
SHA1 75faaef4f5a50bc40cb60ff532879ebfe2700c95
SHA256 cb9b928463947294decc2e1475e95154beaac85955fbfe161a6494497c9faea2
ssdeep
49152:t4Q3eQtBgjQDNjgO9Yh2Wd5za0niywnpfglgGK:d3eUgsNjgOfWd5bninnV6K

File size 1.7 MB ( 1798812 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (72.9%)
Java Archive (20.1%)
ZIP compressed archive (5.5%)
PrintFox/Pagefox bitmap (var. P) (1.3%)
Tags
apk android contains-elf

VirusTotal metadata
First submission 2018-09-17 11:34:53 UTC ( 8 months, 1 week ago )
Last submission 2018-09-18 06:07:06 UTC ( 8 months, 1 week ago )
File names xa844278.apk
output.114049210.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!