× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e2752f49b478dfa7754c0079c72ce06967b9be99e80b53f5a184a00c00b4686a
File name: 0d2d9504649a97e7afee2caca61e277e.virus
Detection ratio: 23 / 41
Analysis date: 2011-10-19 14:33:48 UTC ( 3 years, 7 months ago ) View latest
Antivirus Result Update
Antiy-AVL Trojan/win32.agent 20111019
Avast Android:PhoneSpy-A 20111019
CAT-QuickHeal Android.Nickispy.C 20111019
Comodo UnclassifiedMalware 20111019
DrWeb Android.NickiSpy.2 20111019
Emsisoft Trojan-Spy.AndroidOS!IK 20111019
F-Secure Trojan:Android/Nickispy.C 20111019
Fortinet Android/NickiSpy.C!tr.spy 20111019
GData Android:PhoneSpy-A 20111019
Ikarus Trojan-Spy.AndroidOS 20111019
Jiangmin TrojanSpy.AndroidOS.at 20111019
Kaspersky Trojan-Spy.AndroidOS.Nickspy.g 20111019
Microsoft TrojanSpy:AndroidOS/Nickispy.B 20111019
NOD32 Android/Spy.NickiSpy.B 20111019
Norman Suspicious_Gen3.ABQOM 20111019
PCTools Android.Nickispy 20111019
Panda Android/NickSpy.A 20111019
Sophos Andr/SMSRep-E 20111019
Symantec Android.Nickispy 20111019
TrendMicro AndroidOS_NICKISPY.C 20111019
TrendMicro-HouseCall AndroidOS_NICKISPY.C 20111019
VIPRE Trojan.AndroidOS.Nickyspy.b (v) 20111019
VirusBuster TrojanSpy.AndroidOS.Nickispy.D 20111019
AVG 20111018
AhnLab-V3 20111019
AntiVir 20111019
BitDefender 20111019
ByteHero 20110923
ClamAV 20111019
Commtouch 20111019
F-Prot 20111019
K7AntiVirus 20111018
McAfee-GW-Edition 20111019
Prevx 20111019
Rising 20111019
SUPERAntiSpyware 20111019
TheHacker 20111018
ViRobot 20111019
eSafe 20111017
eTrust-Vet 20111019
nProtect 20111019
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.google.android. The internal version number of the application is 1. The displayed version string of the application is 1.1. The minimum Android API level for the application to run (MinSDKVersion) is 4.
Risk summary
The studied DEX file makes use of API reflection
Permissions that allow the application to manipulate SMS
Permissions that allow the application to perform calls
Permissions that allow the application to manipulate your location
Permissions that allow the application to perform payments
Permissions that allow the application to access Internet
Permissions that allow the application to access private information
Other permissions that could be considered as dangerous in certain scenarios
Required permissions
android.permission.WRITE_APN_SETTINGS (write Access Point Name settings)
android.permission.ACCESS_COARSE_UPDATES (Unknown permission from android reference)
android.permission.PROCESS_OUTGOING_CALLS (intercept outgoing calls)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.INTERNET (full Internet access)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.FORCE_STOP_PACKAGES (force-stop other applications)
android.permission.DELETE_PACKAGES (delete applications)
android.permission.ACCESS_GPS (Unknown permission from android reference)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.RECORD_AUDIO (record audio)
android.permission.WRITE_CONTACTS (write contact data)
android.permission.READ_CONTACTS (read contact data)
android.permission.DISABLE_KEYGUARD (disable key lock)
android.permission.PERMISSION_NAME (Unknown permission from android reference)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.READ_SMS (read SMS or MMS)
android.permission.KILL_BACKGROUND_PROCESSES (kill background processes)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.MODIFY_PHONE_STATE (modify phone status)
android.permission.DEVICE_POWER (turn phone on or off)
android.permission.RESTART_PACKAGES (kill background processes)
Permission-related API calls
WRITE_SETTINGS
ACCESS_NETWORK_STATE
RECORD_AUDIO
FACTORY_TEST
RESTART_PACKAGES
WAKE_LOCK
SEND_SMS
VIBRATE
ACCESS_COARSE_LOCATION
DISABLE_KEYGUARD
READ_CONTACTS
INTERNET
READ_PHONE_STATE
ACCESS_FINE_LOCATION
Activities
com.google.android.activity.FullScreenActivity
Services
com.google.android.service.MainService
com.google.android.service.AlarmService
com.google.android.service.SocketService
com.google.android.service.GpsService
com.google.android.service.CallRecordService
com.google.android.service.CallLogService
com.google.android.service.UploadService
com.google.android.service.SmsService
com.google.android.service.ContactService
com.google.android.service.SmsControllerService
com.google.android.service.CommandExecutorService
com.google.android.service.RegisterService
com.google.android.service.CallsListenerService
com.google.android.service.KeyguardLockService
com.google.android.service.ScreenService
com.google.android.service.ManualLocalService
com.google.android.service.SyncContactService
com.google.android.service.LocationService
com.google.android.service.EnvRecordService
Receivers
com.google.android.receiver.BootReceiver
com.google.android.receiver.AlarmReceiver
com.google.android.receiver.CallRecordReceiver
Service-related intent filters
com.google.android.service.SocketService
actions: work.service.upinfo
Receiver-related intent filters
com.google.android.receiver.CallRecordReceiver
actions: android.intent.action.NEW_OUTGOING_CALL, android.intent.action.PHONE_STATE, android.intent.action.NEW_OUTGOING_CALL_FROM_CALLMASTER
categories: android.intent.category.DEFAULT
com.google.android.receiver.BootReceiver
actions: android.intent.action.BOOT_COMPLETED, TEST
categories: android.intent.category.HOME
Code-related observations
The application does not load any code dynamically
The application contains reflection code
The application does not contain native code
The application does not contain cryptographic code
Application certificate information
Application bundle files
Interesting strings
File identification
MD5 0d2d9504649a97e7afee2caca61e277e
SHA1 d40a1010264669ec6076e6efe21ef554cf29a855
SHA256 e2752f49b478dfa7754c0079c72ce06967b9be99e80b53f5a184a00c00b4686a
ssdeep
1536:gojINrH8+mFPorw6I/B6bO60lG/gtSe7i281cRGYlGNkuRHWLriY5j4l52iQ3RzL:PjMRwd0nG7sN1RihW5rmZYYz1Ci

File size 144.1 KB ( 147539 bytes )
File type Android
Magic literal
Zip archive data, at least v1.0 to extract

TrID Java Archive (78.3%)
ZIP compressed archive (21.6%)
Tags
dex apk android

VirusTotal metadata
First submission 2011-08-10 15:58:25 UTC ( 3 years, 9 months ago )
Last submission 2015-02-17 10:11:48 UTC ( 3 months, 2 weeks ago )
File names nickispy_c.apk
New_NickiSpy.apk
e2752f49b478dfa7754c0079c72ce06967b9be99e80b53f5a184a00c00b4686a.log
e2752f49b478dfa7754c0079c72ce06967b9be99e80b53f5a184a00c00b4686a.log
d40a1010264669ec6076e6efe21ef554cf29a855
E2752F49B478DFA7754C0079C72CE06967B9BE99E80B53F5A184A00C00B4686A.log
0d2d9504649a97e7afee2caca61e277e.virus
0d2d9504649a97e7afee2caca61e277e.apk
0d2d9504649a97e7afee2caca61e277e
jin_2.1.apk
jin_1.5.apk
e2752f49b478dfa7754c0079c72ce06967b9be99e80b53f5a184a00c00b4686a.bin
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
10

ZipCRC
0x99a4f90b

FileType
ZIP

ZipCompression
None

ZipUncompressedSize
2200

ZipCompressedSize
2200

FileAccessDate
2015:02:17 11:12:05+01:00

ZipFileName
res/drawable/icon.png

ZipBitFlag
0

FileCreateDate
2015:02:17 11:12:05+01:00

ZipModifyDate
2011:08:09 17:09:12

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Started services
#Intent;component=com.google.android/.service.AlarmService;end
#Intent;component=com.google.android/.service.SmsControllerService;end
#Intent;component=com.google.android/.service.MainService;end
#Intent;component=com.google.android/.service.UploadService;end
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Calls APIs that manage SMS operations such as sending data, text, and pdu SMS messages.
Accessed URIs
content://telephony/carriers
content://telephony/carriers/preferapn