× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e6753bba53d7cca4a534c3089f24cd0546462667d110c0d48974f9e76714fe1c
File name: ce59958c01e437f4bdc68b4896222b8e.virus
Detection ratio: 35 / 62
Analysis date: 2018-10-04 21:21:35 UTC ( 2 months, 1 week ago )
Antivirus Result Update
Ad-Aware Android.Trojan.AndroRAT.E 20181004
AegisLab Trojan.AndroidOS.Generic.l!c 20181004
AhnLab-V3 Android-Trojan/Sandrorat.2523a 20181004
Antiy-AVL Trojan[Spy]/Android.Sandr 20181004
Arcabit Android.Trojan.AndroRAT.E 20181004
Avast Android:Agent-RKI [Trj] 20181004
Avast-Mobile Android:Agent-RKI [Trj] 20181004
AVG Android:Agent-RKI [Trj] 20181004
Avira (no cloud) ANDROID/Spy.Kasandra.E.Gen 20181004
AVware Trojan.AndroidOS.Generic.A 20180925
Babable Malware.HighConfidence 20180918
Baidu Android.Trojan.Kasandra.c 20180930
BitDefender Android.Trojan.AndroRAT.E 20181004
CAT-QuickHeal Android.Sandr.A 20181004
Cyren AndroidOS/Sandr.A.gen!Eldorado 20181004
DrWeb Android.Spy.178.origin 20181004
Emsisoft Android.Trojan.AndroRAT.E (B) 20181004
ESET-NOD32 a variant of Android/Spy.Kasandra.A 20181004
F-Secure Trojan:Android/AndroRat.K 20181004
Fortinet Android/Sandr.C!tr 20181004
GData Android.Trojan-Spy.SandroRat.A 20181004
Ikarus Trojan-Spy.AndroidOS.Kasandra 20181004
K7GW Spyware ( 004c0e3d1 ) 20181003
Kaspersky HEUR:Trojan-Spy.AndroidOS.Sandr.a 20181004
MAX malware (ai score=97) 20181004
McAfee Artemis!CE59958C01E4 20181004
McAfee-GW-Edition Artemis!Trojan 20181004
eScan Android.Trojan.AndroRAT.E 20181004
Qihoo-360 Trojan.Android.Gen 20181004
Sophos AV Andr/SandRat-B 20181004
Symantec Android.Sandorat 20181004
Symantec Mobile Insight Trojan:Sandorat 20181001
Tencent Trojan.Android.Sandr.aaa 20181004
Trustlook Android.Malware.Trojan 20181004
ZoneAlarm by Check Point HEUR:Trojan-Spy.AndroidOS.Sandr.a 20181004
Alibaba 20180921
ALYac 20181004
Bkav 20181003
ClamAV 20181004
CMC 20181004
Comodo 20181004
CrowdStrike Falcon (ML) 20180723
Cybereason 20180308
Cylance 20181004
eGambit 20181004
Endgame 20180730
F-Prot 20181004
Sophos ML 20180717
Jiangmin 20181004
K7AntiVirus 20181004
Kingsoft 20181004
Malwarebytes 20181004
Microsoft 20181004
NANO-Antivirus 20181004
Palo Alto Networks (Known Signatures) 20181004
Panda 20181004
Rising 20181004
SentinelOne (Static ML) 20180926
SUPERAntiSpyware 20181004
TACHYON 20181004
TheHacker 20181001
TotalDefense 20181004
TrendMicro 20181004
TrendMicro-HouseCall 20181004
VBA32 20181004
VIPRE 20181004
ViRobot 20181004
Webroot 20181004
Yandex 20181004
Zillya 20181003
Zoner 20181004
The file being studied is Android related! APK Android file more specifically. The application's main package name is net.droidjack.server. The internal version number of the application is 1. The displayed version string of the application is 1.0. The minimum Android API level for the application to run (MinSDKVersion) is 8. The target Android API level for the application to run (TargetSDKVersion) is 17.
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.INTERNET (full Internet access)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.WRITE_CALL_LOG (write (but not read) the user's contacts data.)
android.permission.GET_TASKS (retrieve running applications)
android.permission.READ_CALL_LOG (read the user's call log.)
com.android.browser.permission.READ_HISTORY_BOOKMARKS (read Browser's history and bookmarks)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.RECORD_AUDIO (record audio)
android.permission.WRITE_CONTACTS (write contact data)
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.READ_SMS (read SMS or MMS)
android.permission.CAMERA (take pictures and videos)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.READ_CONTACTS (read contact data)
android.permission.GET_ACCOUNTS (discover known accounts)
Activities
net.droidjack.server.MainActivity
net.droidjack.server.CamSnap
net.droidjack.server.VideoCap
Services
net.droidjack.server.Controller
net.droidjack.server.GPSLocation
net.droidjack.server.Toaster
Receivers
net.droidjack.server.Connector
net.droidjack.server.CallListener
Activity-related intent filters
net.droidjack.server.CamSnap
actions: android.intent.action.CAMSNAP
categories: android.intent.category.DEFAULT
net.droidjack.server.MainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
net.droidjack.server.VideoCap
actions: android.intent.action.VIDEOCAP
categories: android.intent.category.DEFAULT
Receiver-related intent filters
net.droidjack.server.Connector
actions: android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.BOOT_COMPLETED
net.droidjack.server.CallListener
actions: android.intent.action.PHONE_STATE
Application certificate information
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
12
Uncompressed size
460046
Highest datetime
2015-11-10 19:26:10
Lowest datetime
2015-11-10 19:26:10
Contained files by extension
xml
4
png
3
dex
1
MF
1
RSA
1
SF
1
Contained files by type
XML
4
unknown
4
PNG
3
DEX
1
File identification
MD5 ce59958c01e437f4bdc68b4896222b8e
SHA1 9288811c9747d151eab4ec708b368fc6cc4e2cb5
SHA256 e6753bba53d7cca4a534c3089f24cd0546462667d110c0d48974f9e76714fe1c
ssdeep
3072:upiNwwtCoFuWsejRj9Q6iFuGukCae5+Estc8V7kb3HHZn3NR/UL7QxoRrpkx:upL3WseiykG+E+hV+1L/SUxk8

File size 191.9 KB ( 196513 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (91.3%)
ZIP compressed archive (6.9%)
PrintFox/Pagefox bitmap (var. P) (1.7%)
Tags
apk android

VirusTotal metadata
First submission 2015-12-11 08:20:12 UTC ( 3 years ago )
Last submission 2018-10-04 21:21:35 UTC ( 2 months, 1 week ago )
File names ce59958c01e437f4bdc68b4896222b8e.virus
filename
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!