× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: fe550ad2c1e2b5a54fa4951e42dce7fde94f93056722b32fbb5620e6ab766eaa
Detection ratio: 29 / 56
Analysis date: 2016-12-24 15:30:03 UTC ( 2 years, 5 months ago )
Antivirus Result Update
Ad-Aware Android.Adware.Dowgin.CW 20161224
AegisLab Android.Adware.Dowgin!c 20161224
AhnLab-V3 Android-PUP/Dowgin.7241 20161224
Alibaba A.W.Rog.lajiaoAD.A 20161223
Antiy-AVL RiskWare[RiskTool:not-a-virus,HEUR]/Android.Gupno.1 20161224
Arcabit Android.Adware.Dowgin.CW 20161224
Avast Android:Gunpoder-A [Trj] 20161224
AVG Android/G2P.BY.4B72090579A3 20161224
AVware Adware.AndroidOS.AirPush.a (v) 20161224
Baidu Android.Trojan.Agent.sz 20161207
BitDefender Android.Adware.Dowgin.CW 20161224
CAT-QuickHeal Android.Dowgin.C (AdWare) 20161224
Cyren AndroidOS/GenPua.5484AA1A!Olympus 20161224
DrWeb Android.Hmad.1 20161224
Emsisoft Android.Adware.Dowgin.CW (B) 20161224
ESET-NOD32 a variant of Android/AdDisplay.AirPush.G potentially unwanted 20161224
F-Prot AndroidOS/Airpush.S 20161224
F-Secure Adware:Android/Dowgin 20161224
Fortinet Adware/AirPush!Android 20161224
GData Android.Adware.Dowgin.CW 20161224
Ikarus PUA.AndroidOS.Dowgin 20161224
Kaspersky not-a-virus:HEUR:AdWare.AndroidOS.Drosel.a 20161224
McAfee Artemis!5484AA1AC8A7 20161224
NANO-Antivirus Trojan.Android.AdPush.dgtgig 20161224
Qihoo-360 Other.Android.Gen 20161224
Sophos AV Andr/Gunpoder-A 20161224
Tencent a.gray.mfpad 20161224
Trustlook Android.Trojan.Stealinfo 20161224
WhiteArmor Android-Malware.SN-Sure.4613612901113846.[Adware] 20161221
ALYac 20161224
Avira (no cloud) 20161224
ClamAV 20161224
CMC 20161224
Comodo 20161224
CrowdStrike Falcon (ML) 20161024
Sophos ML 20161216
Jiangmin 20161224
K7AntiVirus 20161224
K7GW 20161224
Kingsoft 20161224
Malwarebytes 20161224
McAfee-GW-Edition 20161224
Microsoft 20161224
eScan 20161224
nProtect 20161224
Panda 20161224
Rising 20161224
SUPERAntiSpyware 20161223
Symantec 20161224
TheHacker 20161222
TotalDefense 20161224
TrendMicro-HouseCall 20161224
VBA32 20161223
VIPRE 20161224
ViRobot 20161224
Yandex 20161223
Zillya 20161223
Zoner 20161224
The file being studied is Android related! APK Android file more specifically. The application's main package name is arcade.game.street.mame.megaman. The internal version number of the application is 5. The displayed version string of the application is 2.5. The minimum Android API level for the application to run (MinSDKVersion) is 9.
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.READ_LOGS (read sensitive log data)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.BLUETOOTH (create Bluetooth connections)
android.permission.INTERNET (full Internet access)
android.permission.BLUETOOTH_ADMIN (bluetooth administration)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
com.android.launcher.permission.INSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.GET_TASKS (retrieve running applications)
com.android.browser.permission.READ_HISTORY_BOOKMARKS (read Browser's history and bookmarks)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.READ_SMS (read SMS or MMS)
android.permission.VIBRATE (control vibrator)
arcade.game.street.mame.megaman (Unknown permission from android reference)
android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.GET_ACCOUNTS (discover known accounts)
Activities
com.seleuco.mame4all.MainActivity
com.seleuco.mame4all.MAME4all
com.google.android.gms.ads.AdActivity
com.seleuco.mame4all.prefs.UserPreferences
com.seleuco.mame4all.HelpActivity
com.seleuco.mame4all.prefs.DefineKeys
com.seleuco.mame4all.prefs.ListKeys
com.seleuco.mame4all.prefs.KeySelect
com.yrkfgo.assxqx4.AdActivity
com.yrkfgo.assxqx4.BrowserActivity
com.yrkfgo.assxqx4.PlayActivity
com.umeng.update.UpdateDialogActivity
com.cypay.paysdk.CYPayMainActivity
com.paypal.android.sdk.payments.PaymentActivity
com.paypal.android.sdk.payments.LoginActivity
com.paypal.android.sdk.payments.PaymentMethodActivity
com.paypal.android.sdk.payments.PaymentConfirmActivity
io.card.payment.CardIOActivity
io.card.payment.DataEntryActivity
com.cypay.paysdk.channel.fortumo.FortumoActivity
mp.MpActivity
com.seleuco.mame4all.CyPayActivity
com.ose.a.a
Services
com.yrkfgo.assxqx4.UbService
com.yrkfgo.assxqx4.AdService
com.umeng.update.net.DownloadingService
com.paypal.android.sdk.payments.PayPalService
mp.MpService
mp.StatusUpdateService
com.gunpoder.common.utils.FloatAdService
com.fx.a.s
Receivers
com.yrkfgo.assxqx4.BootReceiver
mp.MpSMSReceiver
com.cypay.paysdk.channel.fortumo.PaymentStatusReceiver
com.fx.a.br
com.ose.a.r
Activity-related intent filters
com.seleuco.mame4all.MainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.ose.a.r
actions: android.intent.action.PACKAGE_ADDED, android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.USER_PRESENT, com.lseiei.downloadManager
com.cypay.paysdk.channel.fortumo.PaymentStatusReceiver
actions: mp.info.PAYMENT_STATUS_CHANGED
mp.MpSMSReceiver
actions: android.provider.Telephony.SMS_RECEIVED
com.yrkfgo.assxqx4.BootReceiver
actions: android.intent.action.BOOT_COMPLETED
categories: android.intent.category.HOME
com.fx.a.br
actions: android.intent.action.USER_PRESENT, com.lseiei.downloadManager, android.intent.action.PACKAGE_ADDED
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
456
Uncompressed size
28451829
Highest datetime
2014-08-25 14:05:48
Lowest datetime
2014-08-13 10:07:30
Contained files by extension
png
323
xml
109
so
8
txt
5
zip
3
dex
1
MF
1
RSA
1
jpg
1
SF
1
Contained files by type
PNG
323
XML
107
unknown
13
ELF
8
ZIP
3
DEX
1
JPG
1
File identification
MD5 5484aa1ac8a77072f41078899c92bb28
SHA1 39f2de7d9ed892ae9992b70488d3cf61dcc8c32e
SHA256 fe550ad2c1e2b5a54fa4951e42dce7fde94f93056722b32fbb5620e6ab766eaa
ssdeep
393216:qIMbGlUyXq/vrm4vlICYFSucwIvS6ct5p/UGhmIh7:qtbGlNOvrKEuVt/UoRh7

File size 14.5 MB ( 15223007 bytes )
File type Android
Magic literal
Zip archive data, at least v1.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android contains-elf

VirusTotal metadata
First submission 2015-03-07 04:12:48 UTC ( 4 years, 2 months ago )
Last submission 2015-03-07 04:12:48 UTC ( 4 years, 2 months ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!