× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ccad414278de526be50bbd05578c88eb56ce845e44a75ad0a9d2f0b0c4f163ca
File name: PincerB2B7D5.apk
Detection ratio: 35 / 55
Analysis date: 2016-08-06 14:40:56 UTC ( 3 weeks, 2 days ago )
Antivirus Result Update
AVG Android/G2P.KR.528067F9CDB6 20160806
AVware Trojan.AndroidOS.Generic.A 20160806
Ad-Aware Android.Trojan.InfoStealer.AZ 20160806
AegisLab Pincer 20160806
AhnLab-V3 Android-Trojan/Pincer.21eb 20160806
Alibaba A.H.Pri.Pincer 20160805
Antiy-AVL Trojan[Backdoor]/AndroidOS.Pincer.a 20160806
Arcabit Android.Trojan.InfoStealer.AZ 20160806
Avast Android:SecCert-D [Trj] 20160806
Avira (no cloud) ANDROID/SecCert.A.1 20160806
BitDefender Android.Trojan.InfoStealer.AZ 20160806
CAT-QuickHeal Android.Pincer.A 20160805
ClamAV Andr.Trojan.Pincer-1 20160806
Comodo UnclassifiedMalware 20160806
Cyren AndroidOS/GenBl.B2B7D599!Olympus 20160806
DrWeb Android.Backdoor.15.origin 20160806
ESET-NOD32 a variant of Android/SecCert.A 20160806
Emsisoft Android.Trojan.InfoStealer.AZ (B) 20160806
F-Prot AndroidOS/Pincer.A 20160806
F-Secure Trojan:Android/Pincer.A 20160806
Fortinet Android/SecCert.A!tr 20160806
GData Android.Trojan.InfoStealer.AZ 20160806
Ikarus AndroidOS.Pincer.A 20160806
Jiangmin Backdoor/AndroidOS.gx 20160806
K7AntiVirus Trojan ( 0001140e1 ) 20160806
K7GW Trojan ( 0001140e1 ) 20160806
Kaspersky HEUR:Trojan-Spy.AndroidOS.SmsThief.fs 20160806
McAfee Artemis!B2B7D5999DCE 20160806
eScan Android.Trojan.InfoStealer.AZ 20160806
NANO-Antivirus Trojan.Android.Pincer.cwzgiz 20160806
Qihoo-360 Trojan.Android.Gen 20160806
Sophos Andr/Pincer-A 20160806
Tencent SH.!Android.GenA.191d5 20160806
TrendMicro ANDROIDOS_PINCER.VTD 20160806
TrendMicro-HouseCall ANDROIDOS_PINCER.VTD 20160806
ALYac 20160806
Baidu 20160806
Bkav 20160806
CMC 20160804
Kingsoft 20160806
Malwarebytes 20160806
McAfee-GW-Edition 20160806
Microsoft 20160806
Panda 20160806
SUPERAntiSpyware 20160806
Symantec 20160806
TheHacker 20160806
TotalDefense 20160805
VBA32 20160805
VIPRE 20160806
ViRobot 20160806
Yandex 20160805
Zillya 20160806
Zoner 20160806
nProtect 20160805
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.security.certificate. The internal version number of the application is 4. The displayed version string of the application is 4.6. The minimum Android API level for the application to run (MinSDKVersion) is 8. The target Android API level for the application to run (TargetSDKVersion) is 15.
Required permissions
android.permission.SEND_SMS (send SMS messages)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.INTERNET (full Internet access)
android.permission.READ_LOGS (read sensitive log data)
android.permission.CALL_PRIVILEGED (directly call any phone numbers)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.MODIFY_PHONE_STATE (modify phone status)
Activities
com.security.certificate.ui.MainActivity
com.security.certificate.ui.UssdActivity
com.security.certificate.ui.MessageDialogActivity
Services
com.security.certificate.services.CheckCommandsService
com.security.certificate.services.CheckQueueService
com.security.certificate.services.USSDDumbExtendedNetworkService
Receivers
com.security.certificate.services.ReCheckCommandReceiver
com.security.certificate.services.ReSendQueueReceiver
com.security.certificate.services.SmsSentReceiver
com.security.certificate.services.SmsReceiver
com.security.certificate.services.PhoneCallReceiver
com.security.certificate.services.OnBootReceiver
Service-related intent filters
com.security.certificate.services.USSDDumbExtendedNetworkService
actions: com.android.ussd.IExtendedNetworkService
categories: android.intent.category.DEFAULT
Activity-related intent filters
com.security.certificate.ui.MainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.security.certificate.services.SmsSentReceiver
actions: android.intent.action.SMS_SENT
com.security.certificate.services.ReCheckCommandReceiver
actions: android.intent.action.RE_CHECK_COMMAND
com.security.certificate.services.ReSendQueueReceiver
actions: android.intent.action.RE_SEND_QUEUE
com.security.certificate.services.SmsReceiver
actions: android.provider.Telephony.SMS_RECEIVED
com.security.certificate.services.PhoneCallReceiver
actions: android.intent.action.PHONE_STATE
com.security.certificate.services.OnBootReceiver
actions: android.intent.action.BOOT_COMPLETED
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
12
Uncompressed size
66579
Highest datetime
2013-03-08 20:32:38
Lowest datetime
2013-03-08 20:32:38
Contained files by extension
png
4
xml
3
dex
1
MF
1
RSA
1
SF
1
Contained files by type
unknown
4
PNG
4
XML
3
DEX
1
File identification
MD5 b2b7d5999dce0559d13ab06d30c2c6ec
SHA1 ec14ed31a85f37fad7c7d9c8c0d2aad3a60c8b36
SHA256 ccad414278de526be50bbd05578c88eb56ce845e44a75ad0a9d2f0b0c4f163ca
ssdeep
768:5FCa7E7lJjujSCn0nAXi7IxMdhFB+uzIigU/GmHtzneJuk6/BevfD:3CVJjOn0A8YGEOBB/zHZe8rW

File size 37.6 KB ( 38496 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android ext-prg

VirusTotal metadata
First submission 2013-03-19 20:06:56 UTC ( 3 years, 5 months ago )
Last submission 2016-06-21 02:33:25 UTC ( 2 months, 1 week ago )
File names N108.apk
Recent29-e.apk
b2b7d5999dce0559d13ab06d30c2c6ec.ec14ed31a85f37fad7c7d9c8c0d2aad3a60c8b36
N108.apk
PincerB2B7D5.apk
b2b7d5999dce0559d13ab06d30c2c6ec.apk
b2b7d5999dce0559d13ab06d30c2c6ec.log
Recent29-e.apk
M143.apk
J152.apk
1403113583.29.log
b2b7d5999dce0559d13ab06d30c2c6ec.virus
PincerB2B7D5.apk
CCAD414278DE526BE50BBD05578C88EB56CE845E44A75AD0A9D2F0B0C4F163CA.APK.log
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Started services
#Intent;component=com.security.certificate/.services.CheckCommandsService;end
#Intent;component=com.security.certificate/.services.CheckQueueService;end
External programs launched
logcat -d USSDDumbExtendedNetworkService:I *:S
Accessed files
/system/app/Superuser.apk
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Calls APIs that manage SMS operations such as sending data, text, and pdu SMS messages.