× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d83075b329879b53364faa6a8e83f591ec1716426d0af70e2c632df72ed2e74a
File name: 1fcbd637a3f696ed9c131181aa16efd7f4f24dc8c2b260adcb9ec53e4b6c72d17...
Detection ratio: 0 / 56
Analysis date: 2016-09-15 06:01:45 UTC ( 2 years, 6 months ago ) View latest
Antivirus Result Update
Ad-Aware 20160915
AegisLab 20160915
AhnLab-V3 20160914
Alibaba 20160914
ALYac 20160915
Antiy-AVL 20160915
Arcabit 20160915
Avast 20160915
AVG 20160915
Avira (no cloud) 20160915
AVware 20160915
Baidu 20160914
BitDefender 20160915
Bkav 20160914
CAT-QuickHeal 20160914
ClamAV 20160915
CMC 20160912
Comodo 20160912
Cyren 20160915
DrWeb 20160915
Emsisoft 20160915
ESET-NOD32 20160915
F-Prot 20160915
F-Secure 20160915
Fortinet 20160915
GData 20160915
Ikarus 20160914
Jiangmin 20160915
K7AntiVirus 20160914
K7GW 20160915
Kaspersky 20160915
Kingsoft 20160915
Malwarebytes 20160915
McAfee 20160915
McAfee-GW-Edition 20160915
Microsoft 20160915
eScan 20160915
NANO-Antivirus 20160915
nProtect 20160915
Panda 20160914
Qihoo-360 20160915
Rising 20160915
Sophos AV 20160915
SUPERAntiSpyware 20160914
Symantec 20160915
Tencent 20160915
TheHacker 20160915
TotalDefense 20160907
TrendMicro 20160915
TrendMicro-HouseCall 20160915
VBA32 20160914
VIPRE 20160915
ViRobot 20160915
Yandex 20160914
Zillya 20160914
Zoner 20160915
The file being studied is Android related! APK Android file more specifically. The application's main package name is net.hideman. The internal version number of the application is 77. The displayed version string of the application is 4.3. The minimum Android API level for the application to run (MinSDKVersion) is 9. The target Android API level for the application to run (TargetSDKVersion) is 21.
Required permissions
android.permission.VIBRATE (control vibrator)
android.permission.INTERNET (full Internet access)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
com.android.vending.BILLING (Unknown permission from android reference)
Activities
net.hideman.auth.views.LoginActivity
net.hideman.connection.views.LogActivity
net.hideman.connection.views.SelectCountryActivity
net.hideman.connection.views.TunErrorActivity
net.hideman.connection.views.VpnServicePrepareActivity
net.hideman.help.views.ChatActivity
net.hideman.help.views.FaqActivity
net.hideman.help.views.FaqAnswerActivity
net.hideman.help.views.TicketActivity
net.hideman.payment.views.AdvertiserActivity
net.hideman.payment.views.GooglePaymentActivity
net.hideman.payment.views.HidemanOfferActivity
net.hideman.payment.views.LinkAccountActivity
net.hideman.payment.views.PaymentMethodActivity
net.hideman.payment.views.SitePaymentActivity
net.hideman.payment.views.SmsPaymentActivity
net.hideman.payment.views.SubscriptionSelectActivity
net.hideman.payment.views.AdMobActivity
com.google.android.gms.ads.AdActivity
net.hideman.payment.views.TapjoyActivity
com.tapjoy.TJCOffersWebView
com.tapjoy.TapjoyFullScreenAdWebView
com.tapjoy.TapjoyVideoView
com.tapjoy.TJAdUnitView
com.tapjoy.mraid.view.ActionHandler
com.tapjoy.mraid.view.Browser
net.hideman.payment.views.FyberActivity
com.sponsorpay.publisher.ofw.SPOfferWallActivity
net.hideman.payment.views.SupersonicActivity
com.supersonicads.sdk.controller.ControllerActivity
com.supersonicads.sdk.controller.InterstitialActivity
com.supersonicads.sdk.controller.OpenUrlActivity
net.hideman.settings.views.PortForwardingActivity
net.hideman.settings.views.SettingsActivity
net.hideman.views.AboutActivity
net.hideman.views.BlockableActivity
net.hideman.views.BlockActivity
net.hideman.views.HtmlViewActivity
net.hideman.views.MainActivity
net.hideman.views.NotificationActivity
net.hideman.views.StarterActivity
net.hideman.views.TestingActivity
net.hideman.views.WaitNetworkActivity
Services
net.hideman.payment.inapp.UnfinishedPurchaseCheckerService
net.hideman.widget.Widget2x1UpdateService
net.hideman.widget.Widget1x1UpdateService
net.hideman.connection.ConnectorService
net.hideman.connection.openvpn.OpenVpnService
Receivers
net.hideman.widget.Widget_2x1
net.hideman.widget.Widget_1x1
net.hideman.utils.NetworkState
Activity-related intent filters
net.hideman.views.StarterActivity
actions: android.net.vpn.SETTINGS, android.intent.action.MAIN
categories: android.intent.category.DEFAULT, android.intent.category.LAUNCHER
Receiver-related intent filters
net.hideman.widget.Widget_1x1
actions: android.appwidget.action.APPWIDGET_UPDATE, net.hideman.action.NETWORK_STATE, net.hideman.connection.STATE_CHANGED
net.hideman.widget.Widget_2x1
actions: android.appwidget.action.APPWIDGET_UPDATE, net.hideman.action.NETWORK_STATE, net.hideman.connection.STATE_CHANGED, net.hideman.connection.IP_CHANGED
net.hideman.utils.NetworkState
actions: android.net.conn.CONNECTIVITY_CHANGE
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
1132
Uncompressed size
1220654
Highest datetime
2015-05-15 10:08:34
Lowest datetime
2015-05-15 10:08:04
Contained files by extension
png
937
xml
51
x86
2
Contained files by type
PNG
937
XML
51
ELF
12
File identification
MD5 10bc1d7803188067b2472f33afdea86f
SHA1 5076ccc9469a05bd7776974a56f34879d2372bf9
SHA256 d83075b329879b53364faa6a8e83f591ec1716426d0af70e2c632df72ed2e74a
ssdeep
196608:b2yV21wEvjFInc2aez6ar2mRIpAR/EQjFq0iE3EblxBFa0crgp:SBhLFIcfez6aamRqAR/3Fq0iE3u1vcrA

File size 9.5 MB ( 9938997 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android contains-elf

VirusTotal metadata
First submission 2015-05-15 08:43:51 UTC ( 3 years, 10 months ago )
Last submission 2016-10-25 20:06:36 UTC ( 2 years, 4 months ago )
File names d5399aeca633ad679165da1709beb925
hideman-vpn-4-3-multi-android.apk
hideman.apk
hideman-vpn.apk
1fcbd637a3f696ed9c131181aa16efd7f4f24dc8c2b260adcb9ec53e4b6c72d174e289a47a733d524bdeab90debd33e4170a2a82b5ac65efd2d331099652b01e
10bc1d7803188067b2472f33afdea86f.tmp.16510
net.hideman.apk
10bc1d7803188067b2472f33afdea86f.tmp.6340
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Permissions checked
android.permission.INTERNET:net.hideman
Started activities
#Intent;component=net.hideman/.views.MainActivity;end
Started services
#Intent;component=net.hideman/.widget.Widget2x1UpdateService;end
#Intent;component=net.hideman/.widget.Widget1x1UpdateService;end
#Intent;component=net.hideman/.payment.inapp.UnfinishedPurchaseCheckerService;end
Started receivers
net.hideman.action.NETWORK_STATE
Opened files
/data/data/net.hideman/files/endpoints
/data/data/net.hideman/files
APP_ASSETS/flags/FR.png
APP_ASSETS/flags/AUTO.png
Accessed files
/data/data/net.hideman/files
/data/data/net.hideman/cache/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855.p12
/data/data/net.hideman/databases/billing.db
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Contacted URLs
https://www.hideman.net/api/call/
757365726E616D653D67756573742670617373776F72643D5A33566C63335125334425304126636F6D6D616E643D6765745F617574685F64617461267569643D39306464353762636262316664363638396662316631323366636137316538656330303331666464616566616536616466346630366438356430643636306363266C616E673D757326747970653D6D6F62696C65266C616E673D5553
https://docs.google.com/document/d/13lW4im07HsaBTX4WdvDuKb61j9FN4Ux2rNI3tb3fFWU/export/format=txt
http://www.hideman.net/api/call/
757365726E616D653D67756573742670617373776F72643D5A33566C63335125334425304126636F6D6D616E643D6765745F617574685F64617461267569643D39306464353762636262316664363638396662316631323366636137316538656330303331666464616566616536616466346630366438356430643636306363266C616E673D757326747970653D6D6F62696C65266C616E673D5553
https://www.dropbox.com/s/o4eicap49h5jzcj/API endpoints.txt/dl=1
http://www.hideman.net/api/call/
757365726E616D653D6D6235383439313138253430686964656D616E2E6E65742670617373776F72643D5A54686D4F57526B4E7725334425334425304126636F6D6D616E643D636F6E6E656374696F6E73267569643D39306464353762636262316664363638396662316631323366636137316538656330303331666464616566616536616466346630366438356430643636306363266C616E673D757326706B637331323D3126636F6E6669673D3026636F6E66696756657273696F6E3D31
http://www.hideman.net/api/call/
757365726E616D653D6D6235383439313138253430686964656D616E2E6E65742670617373776F72643D5A54686D4F57526B4E7725334425334425304126636F6D6D616E643D6765745F6C696D697473267569643D39306464353762636262316664363638396662316631323366636137316538656330303331666464616566616536616466346630366438356430643636306363266C616E673D7573
http://www.hideman.net/api/call/
757365726E616D653D6D6235383439313138253430686964656D616E2E6E65742670617373776F72643D5A54686D4F57526B4E7725334425334425304126636F6D6D616E643D6970267569643D39306464353762636262316664363638396662316631323366636137316538656330303331666464616566616536616466346630366438356430643636306363266C616E673D7573
http://www.hideman.net/api/call/
757365726E616D653D6D6235383439313138253430686964656D616E2E6E65742670617373776F72643D5A54686D4F57526B4E7725334425334425304126636F6D6D616E643D75706461746573267569643D39306464353762636262316664363638396662316631323366636137316538656330303331666464616566616536616466346630366438356430643636306363266C616E673D757326706C6174666F726D3D616E6472