× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ffc01bd3de505942a4e5a102f0d576ddcb2f6a3354cf5b7cd465d972a0701617
File name: app-debug.apk
Detection ratio: 1 / 58
Analysis date: 2017-05-25 20:22:16 UTC ( 1 year, 9 months ago )
Antivirus Result Update
WhiteArmor PUP.HighConfidence 20170524
Ad-Aware 20170525
AegisLab 20170525
AhnLab-V3 20170525
Alibaba 20170525
ALYac 20170525
Antiy-AVL 20170525
Arcabit 20170525
Avast 20170525
AVG 20170525
Avira (no cloud) 20170525
AVware 20170525
BitDefender 20170525
Bkav 20170525
CAT-QuickHeal 20170525
ClamAV 20170525
CMC 20170525
Comodo 20170525
CrowdStrike Falcon (ML) 20170420
Cyren 20170525
DrWeb 20170525
Endgame 20170515
ESET-NOD32 20170525
F-Prot 20170525
F-Secure 20170525
Fortinet 20170525
GData 20170525
Ikarus 20170525
Sophos ML 20170519
Jiangmin 20170525
K7AntiVirus 20170525
K7GW 20170525
Kaspersky 20170525
Kingsoft 20170525
Malwarebytes 20170525
McAfee 20170525
McAfee-GW-Edition 20170525
Microsoft 20170525
eScan 20170525
NANO-Antivirus 20170525
nProtect 20170525
Palo Alto Networks (Known Signatures) 20170525
Panda 20170525
Qihoo-360 20170525
Rising 20170525
SentinelOne (Static ML) 20170516
Sophos AV 20170525
SUPERAntiSpyware 20170525
Symantec 20170525
Symantec Mobile Insight 20170525
Tencent 20170525
TheHacker 20170525
TrendMicro 20170525
TrendMicro-HouseCall 20170525
Trustlook 20170525
VBA32 20170525
VIPRE 20170525
ViRobot 20170525
Webroot 20170525
Yandex 20170518
Zillya 20170525
ZoneAlarm by Check Point 20170525
Zoner 20170525
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.geeksonsecurity.malwaredemo. The internal version number of the application is 2. The displayed version string of the application is 1.1. The minimum Android API level for the application to run (MinSDKVersion) is 14. The target Android API level for the application to run (TargetSDKVersion) is 22.
Required permissions
android.permission.GET_TASKS (retrieve running applications)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)
Activities
com.geeksonsecurity.malwaredemo.MainActivity
com.geeksonsecurity.malwaredemo.OverlayActivity
Services
com.geeksonsecurity.malwaredemo.MainService
Receivers
com.geeksonsecurity.malwaredemo.BootReceiver
Activity-related intent filters
com.geeksonsecurity.malwaredemo.MainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.geeksonsecurity.malwaredemo.BootReceiver
actions: android.intent.action.BOOT_COMPLETED
Application certificate information
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
153
Uncompressed size
4060115
Highest datetime
2017-05-25 23:18:44
Lowest datetime
2017-05-25 23:15:52
Contained files by extension
xml
88
png
51
dex
1
MF
1
RSA
1
SF
1
Contained files by type
XML
88
PNG
51
unknown
13
DEX
1
File identification
MD5 cc280816cdd280e4086f8c0b2e9a6785
SHA1 59dee4782664f4eae2fa0182122fa28811ff62b5
SHA256 ffc01bd3de505942a4e5a102f0d576ddcb2f6a3354cf5b7cd465d972a0701617
ssdeep
24576:Ha1loGvm2vC5ZF/sGI7YUCBYSGsjkIxGUXqHQM/xz0syHz5WuQPfQIuFNHPGWtAU:606mqC5ZF/qYUaYSGsjdXYQM/hANWu7l

File size 1.4 MB ( 1433650 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android via-tor

VirusTotal metadata
First submission 2017-05-25 20:22:16 UTC ( 1 year, 9 months ago )
Last submission 2017-05-25 20:22:16 UTC ( 1 year, 9 months ago )
File names app-debug.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!