× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f172a87f27d4063698841a34df879a547568046dc3875645255a1b13103c0e6b
File name: Norton_Internet_Security (es).apk
Detection ratio: 9 / 53
Analysis date: 2014-08-06 14:33:15 UTC ( 4 years, 9 months ago ) View latest
Antivirus Result Update
AhnLab-V3 Android-Malicious/Slocker 20140806
AntiVir Android/Locker.A.Gen 20140806
Avast Android:RansomLocker-J [Trj] 20140806
ESET-NOD32 a variant of Android/Locker.B 20140806
F-Secure Trojan:Android/SLocker.F 20140806
Kaspersky HEUR:Trojan-Ransom.AndroidOS.Aples.a 20140806
McAfee Artemis!DFE27C3F117E 20140806
McAfee-GW-Edition Artemis!DFE27C3F117E 20140805
Sophos AV Andr/FBILock-A 20140806
Ad-Aware 20140806
AegisLab 20140806
Yandex 20140805
Antiy-AVL 20140806
AVG 20140806
AVware 20140806
Baidu-International 20140806
BitDefender 20140806
Bkav 20140806
ByteHero 20140806
CAT-QuickHeal 20140806
ClamAV 20140806
CMC 20140806
Commtouch 20140806
Comodo 20140806
DrWeb 20140806
Emsisoft 20140806
F-Prot 20140806
Fortinet 20140806
GData 20140806
Ikarus 20140806
Jiangmin 20140806
K7AntiVirus 20140806
K7GW 20140806
Kingsoft 20140806
Malwarebytes 20140806
Microsoft 20140806
eScan 20140806
NANO-Antivirus 20140806
Norman 20140806
nProtect 20140806
Panda 20140806
Qihoo-360 20140806
Rising 20140806
SUPERAntiSpyware 20140804
Symantec 20140806
Tencent 20140806
TheHacker 20140805
TotalDefense 20140806
TrendMicro 20140806
TrendMicro-HouseCall 20140806
VIPRE 20140806
ViRobot 20140806
Zoner 20140729
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.android.locker. The internal version number of the application is 1. The displayed version string of the application is 1.0. The minimum Android API level for the application to run (MinSDKVersion) is 8.
Risk summary
The studied DEX file makes use of API reflection
The studied DEX file makes use of cryptographic functions
Permissions that allow the application to access Internet
Permissions that allow the application to access private information
Other permissions that could be considered as dangerous in certain scenarios
Required permissions
android.permission.DISABLE_KEYGUARD (disable key lock)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.INTERNET (full Internet access)
android.permission.KILL_BACKGROUND_PROCESSES (kill background processes)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.GET_TASKS (retrieve running applications)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
Permission-related API calls
GET_TASKS
ACCESS_NETWORK_STATE
KILL_BACKGROUND_PROCESSES
INTERNET
VIBRATE
DISABLE_KEYGUARD
READ_PHONE_STATE
WAKE_LOCK
Main Activity
com.android.locker.VirusSearcher
Activities
com.android.locker.MainActivity$mainActivity
com.android.locker.VirusSearcher
com.android.locker.SenderActivity
Services
com.android.locker.BackgroundService
Receivers
com.android.locker.MainActivity
com.android.locker.BootReceiver
Activity-related intent filters
com.android.locker.VirusSearcher
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.android.locker.BootReceiver
actions: android.intent.action.BOOT_COMPLETED, android.intent.action.SCREEN_ON
categories: android.intent.category.HOME
com.android.locker.MainActivity
actions: android.app.action.DEVICE_ADMIN_ENABLED, android.app.action.DEVICE_ADMIN_DISABLED
Application certificate information
Application bundle files
Interesting strings
File identification
MD5 d21e1c0f992ed70c6881c1f31c7a555a
SHA1 008e58c586c41f3c3afcc109888e6dea6979618d
SHA256 f172a87f27d4063698841a34df879a547568046dc3875645255a1b13103c0e6b
ssdeep
12288:lbKtVXcTEl1885lC0rBDc/qBcSVObqaXKF:gFcTc8+lHrdc/qrVOOIKF

File size 390.0 KB ( 399350 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android

VirusTotal metadata
First submission 2014-08-06 14:33:15 UTC ( 4 years, 9 months ago )
Last submission 2014-08-22 15:28:07 UTC ( 4 years, 9 months ago )
File names PZ (4).apk
Norton_Internet_Security (es).apk
Norton_Internet_Security (es).apk
f172a87f27d4063698841a34df879a547568046dc3875645255a1b13103c0e6b.apk
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x1174209e

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
4012

ZipCompressedSize
1213

FileAccessDate
2014:11:22 10:33:37+01:00

ZipFileName
res/layout/activity_main.xml

ZipBitFlag
0x0808

FileCreateDate
2014:11:22 10:33:37+01:00

ZipModifyDate
2014:07:18 21:23:02

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Started activities
#Intent;launchFlags=0x10000000;component=com.android.locker/.MainActivity%24mainActivity;end
Accessed files
/mnt/sdcard/droidflag.syst
Contacted URLs
http://verify-terms.com/admcp/api.php
6D6574686F643D646576696365737461747573266170705F6B65793D6635683364386A683267366E7636676B3767327761733167346E636D70753326696D65693D
http://verify-terms.com/admcp/api.php
6D6574686F643D6C61756E63686572266170705F6B65793D6635683364386A683267366E7636676B3767327761733167346E636D707533
Accessed URIs
package:com.android.locker