× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d49733d22389edd8ed0615f6cb86613ec1a86092a58da2faf81736cb17326d0d
File name: z4root_1.3.0.apk
Detection ratio: 43 / 54
Analysis date: 2014-11-19 14:18:30 UTC ( 3 years ago ) View latest
Antivirus Result Update
Ad-Aware Android.Exploit.RATC.A 20141119
AegisLab Lotoor 20141119
Yandex Exploit.Linux.Lotoor.A 20141118
AhnLab-V3 Android-Malicious/Rootor 20141119
Antiy-AVL Trojan[Exploit]/Linux.Lotoor 20141119
Avast ELF:Lootor-U [PUP] 20141119
AVG Android/Toor 20141119
Avira (no cloud) EXP/Linux.Lotoor.V 20141119
AVware Exploit.AndroidOS.Lotoor 20141119
Baidu-International Trojan.Android.DroidRooter.BA 20141119
BitDefender Android.Exploit.RATC.A 20141119
Bkav MW.Clod332.Trojan.5f51 20141119
CAT-QuickHeal Exploit.Lotoor.Af 20141119
ClamAV Andr.Exploit.Ratc 20141119
Comodo Exploit.Linux.Lotoor.g 20141119
Cyren AndroidOS/GingerBreak.B.gen!Eldorado 20141119
DrWeb Android.DreamExploid.1 20141119
Emsisoft Android.Exploit.RATC.A (B) 20141119
ESET-NOD32 Android/Exploit.RageCage.A 20141119
F-Prot AndroidOS/DroidRooter.B 20141119
F-Secure Hack-Tool:Android/DroidRooter.B 20141119
Fortinet Android/DrdDream.A!exploit 20141119
GData Android.Exploit.RATC.A 20141119
Ikarus Exploit.AndroidOS.RATC 20141119
Jiangmin Exploit.Linux.f 20141118
K7GW Trojan ( 000001021 ) 20141119
Kaspersky Exploit.Linux.Lotoor.g 20141119
McAfee Artemis!46965BD41DAC 20141119
McAfee-GW-Edition Exploit-Android-Lotoor 20141119
Microsoft Exploit:Unix/Lotoor 20141119
eScan Android.Exploit.RATC.A 20141119
NANO-Antivirus Trojan.Android.Rooter.dhxprv 20141119
Norman Rooter.B 20141119
Sophos AV Andr/DoidRoot-A 20141119
Symantec Hacktool 20141119
Tencent Trojan.Android.Agent.9E8B23DC 20141119
TotalDefense AndroidOS/Rootor.A 20141119
TrendMicro-HouseCall AndroidOS_ROOTER.AL 20141119
VBA32 Exploit.Linux.Lotoor.g 20141119
VIPRE Exploit.AndroidOS.Lotoor 20141119
ViRobot Linux.S.Lotoor.978414 20141119
Zillya Downloader.OpenConnection.JS.232 20141119
Zoner Exploit.AndroidOS.Lotoor.G 20141118
ByteHero 20141119
CMC 20141118
K7AntiVirus 20141119
Kingsoft 20141119
Malwarebytes 20141119
nProtect 20141119
Panda 20141119
Qihoo-360 20141119
Rising 20141117
SUPERAntiSpyware 20141119
TheHacker 20141117
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.z4mod.z4root. The internal version number of the application is 6. The displayed version string of the application is 1.3.0. The minimum Android API level for the application to run (MinSDKVersion) is 4.
Required permissions
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.INTERNET (full Internet access)
Activities
com.z4mod.z4root.z4root
com.z4mod.z4root.Phase1
com.z4mod.z4root.Phase2
com.z4mod.z4root.PhaseRemove
com.admob.android.ads.AdMobActivity
Receivers
com.z4mod.z4root.AlarmReceiver
Activity-related intent filters
com.z4mod.z4root.z4root
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
29
Uncompressed size
1092570
Highest datetime
2010-11-21 14:04:06
Lowest datetime
2010-08-23 19:41:54
Contained files by extension
png
9
xml
7
jpg
3
dex
1
MF
1
RSA
1
apk
1
so
1
SF
1
Contained files by type
PNG
9
XML
7
unknown
7
JPG
3
ELF
2
DEX
1
Execution parents
Compressed bundles
File identification
MD5 46965bd41dac0e4988515aa2f9f95b19
SHA1 446481a3a8b3b85f8d1caa4ada713c21e98572b4
SHA256 d49733d22389edd8ed0615f6cb86613ec1a86092a58da2faf81736cb17326d0d
ssdeep
24576:nbsaV1vXbWfmh69rKr7H7b1cr9Z/3f1/3urI0xq:b31vXbUmhDrzfSrzPledxq

File size 955.5 KB ( 978414 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android contains-elf

VirusTotal metadata
First submission 2010-11-26 09:02:38 UTC ( 7 years ago )
Last submission 2017-12-04 05:52:50 UTC ( 1 week, 3 days ago )
File names CI_TMPbu20NA
fd1_z4root.apk
Z4root (1.3.0).apk
[Droid-Life.ru] z4root.1.3.0.apk
024358xu5kz6yqmm7mbmj6.zip
z4root.1.3.0_.apk
z4root%201.3.0_6.apk
z4root.1.3.0-xda-developers.apk
5_z4root.1.3.0.apk
227582-660174-z4root.apk
d49733d22389edd8ed0615f6cb86613ec1a86092a58da2faf81736cb17326d0d
output.111931463.txt
z4root-1-3-0-en-android.apk
output.9446267.txt
4aHLwUGvuk.apk
com.z4mod.z4root_6.apk
d49733d22389edd8ed0615f6cb86613ec1a86092a58da2faf81736cb17326d0d.apk
z4root-1.3.0.apk
com.z4mod.z4root-1.3.0-free-1679-www.apkhere.com.apk
D49733D22389EDD8ED0615F6CB86613EC1A86092A58DA2FAF81736CB17326D0D.apk
Z4Root APK v1.3.0.apk
z4r.apk
z4root.1.3.0.apk
netzwelt_z4root_28746.apk
46965bd41dac0e4988515aa2f9f95b19.tmp.29444
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
External programs launched
su
Opened files
/data/data/com.z4mod.z4root/cache/admob_cache
/data/data/com.z4mod.z4root/cache/admob_cache/20101109
Accessed files
/data/data/com.z4mod.z4root/cache/admob_cache
/data/data/com.z4mod.z4root/cache/admob_cache/20101109
/data/data/com.z4mod.z4root/cache/admob_cache/20101109/en.properties
/system/bin/su
/system/xbin/su
Contacted URLs
http://mm.admob.com/static/android/i18n/20101109/en.properties
http://r.admob.com/ad_source.php
Accessed URIs
geo:0,0?q=donuts
market://search?q=pname:com.admob
tel://6509313940