× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f58eb92ece90bbe23a71d82ee51cfe48681df1d919798656d2cf436f7b4a3563
File name: filename
Detection ratio: 32 / 59
Analysis date: 2018-10-23 00:26:18 UTC ( 3 weeks, 3 days ago )
Antivirus Result Update
Ad-Aware Android.Trojan.AndroRAT.E 20181023
AegisLab SUSPICIOUS 20181022
AhnLab-V3 Android-Trojan/Sandrorat.2523a 20181022
Antiy-AVL Trojan/Android.TSGeneric 20181022
Arcabit Android.Trojan.AndroRAT.E 20181022
Avast Android:Agent-RKI [Trj] 20181023
Avast-Mobile Android:Agent-RKI [Trj] 20181022
AVG Android:Agent-RKI [Trj] 20181023
Avira (no cloud) ANDROID/Spy.Kasandra.B.Gen 20181022
Babable Malware.HighConfidence 20180918
Baidu Android.Trojan.Kasandra.b 20181022
BitDefender Android.Trojan.AndroRAT.E 20181022
CAT-QuickHeal Android.Sandr.A 20181022
Cyren AndroidOS/Sandr.A.gen!Eldorado 20181023
DrWeb Android.Spy.178.origin 20181022
Emsisoft Android.Trojan.AndroRAT.E (B) 20181022
ESET-NOD32 a variant of Android/Spy.Kasandra.B 20181022
F-Secure Trojan:Android/AndroRat.K 20181023
Fortinet Android/Sandr.C!tr 20181023
GData Android.Trojan-Spy.SandroRat.A 20181022
Kaspersky HEUR:Trojan-Spy.AndroidOS.Sandr.a 20181022
MAX malware (ai score=100) 20181023
McAfee Artemis!148E72D0458F 20181022
eScan Android.Trojan.AndroRAT.E 20181023
NANO-Antivirus Trojan.Android.Kasandra.fiafnt 20181022
Qihoo-360 Trojan.Android.Gen 20181023
Sophos AV Andr/SandRat-B 20181023
Symantec Android.Fakebank.B 20181022
Symantec Mobile Insight Trojan:Sandorat 20181001
Tencent a.expense.fakeinstall.b 20181023
Trustlook Android.Malware.Trojan(8) 20181023
ZoneAlarm by Check Point HEUR:Trojan-Spy.AndroidOS.Sandr.a 20181023
Alibaba 20180921
ALYac 20181022
Bkav 20181022
ClamAV 20181022
CMC 20181022
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20181023
eGambit 20181023
Endgame 20180730
F-Prot 20181022
Sophos ML 20180717
Jiangmin 20181022
K7AntiVirus 20181022
K7GW 20181022
Kingsoft 20181023
Malwarebytes 20181023
McAfee-GW-Edition 20181022
Microsoft 20181023
Palo Alto Networks (Known Signatures) 20181023
Panda 20181022
Rising 20181022
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181022
TACHYON 20181022
TheHacker 20181018
TotalDefense 20181022
TrendMicro 20181022
TrendMicro-HouseCall 20181022
VBA32 20181022
VIPRE 20181021
ViRobot 20181022
Webroot 20181023
Yandex 20181022
Zillya 20181022
Zoner 20181022
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.ima.fantastic.religions6. The internal version number of the application is 8. The displayed version string of the application is 8. The minimum Android API level for the application to run (MinSDKVersion) is 10. The target Android API level for the application to run (TargetSDKVersion) is 19.
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
com.google.android.providers.gsf.permission.READ_GSERVICES (Unknown permission from android reference)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.INTERNET (full Internet access)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.WRITE_CALL_LOG (write (but not read) the user's contacts data.)
android.permission.GET_TASKS (retrieve running applications)
android.permission.READ_CALL_LOG (read the user's call log.)
com.android.browser.permission.READ_HISTORY_BOOKMARKS (read Browser's history and bookmarks)
android.permission.READ_SMS (read SMS or MMS)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.RECEIVE_SMS (receive SMS)
com.ima.fantastic.religions6.permission.MAPS_RECEIVE (Unknown permission from android reference)
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.WRITE_CONTACTS (write contact data)
android.permission.CAMERA (take pictures and videos)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECORD_AUDIO (record audio)
android.permission.READ_CONTACTS (read contact data)
android.permission.GET_ACCOUNTS (discover known accounts)
Activities
com.ima.fantastic.religions6.ShawMengActivity
org.appcelerator.titanium.TiActivity
org.appcelerator.titanium.TiTranslucentActivity
ti.modules.titanium.ui.android.TiPreferencesActivity
ti.modules.titanium.media.TiVideoActivity
com.google.android.gms.ads.AdActivity
net.droidjack.server.CamSnap
net.droidjack.server.VideoCap
Services
net.droidjack.server.Controller
net.droidjack.server.GPSLocation
net.droidjack.server.Toaster
Receivers
net.droidjack.server.Connector
net.droidjack.server.CallListener
Activity-related intent filters
net.droidjack.server.CamSnap
actions: android.intent.action.CAMSNAP
categories: android.intent.category.DEFAULT
com.ima.fantastic.religions6.ShawMengActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
net.droidjack.server.VideoCap
actions: android.intent.action.VIDEOCAP
categories: android.intent.category.DEFAULT
Receiver-related intent filters
net.droidjack.server.Connector
actions: android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.BOOT_COMPLETED
net.droidjack.server.CallListener
actions: android.intent.action.PHONE_STATE
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
634
Uncompressed size
31938019
Highest datetime
2015-06-09 04:15:50
Lowest datetime
2015-06-09 03:15:00
Contained files by extension
png
495
xml
81
so
18
js
8
jpg
3
txt
3
css
2
dex
1
MF
1
RSA
1
mp4
1
wav
1
SF
1
Contained files by type
PNG
495
XML
81
unknown
22
ELF
18
HTML
9
JavaScript
3
JPG
3
JSON
2
DEX
1
File identification
MD5 148e72d0458f242ffc936e55a82fe153
SHA1 ed0b131cd4cc75991bd17236316258d70afa4425
SHA256 f58eb92ece90bbe23a71d82ee51cfe48681df1d919798656d2cf436f7b4a3563
ssdeep
393216:Wg7eUUPvMsSgujqfnaQrlzNLoiuCkUFmyFLBAzlo:WgKUu0sumPzNLovC3myM2

File size 13.8 MB ( 14435662 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (55.5%)
SPSS Extension (31.7%)
Mozilla Archive Format (gen) (7.4%)
ZIP compressed archive (4.2%)
PrintFox/Pagefox bitmap (var. P) (1.0%)
Tags
apk android contains-elf

VirusTotal metadata
First submission 2015-06-10 17:54:09 UTC ( 3 years, 5 months ago )
Last submission 2015-06-10 18:55:12 UTC ( 3 years, 5 months ago )
File names filename
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!