× მზა ფაილები (Cookies) გამორთულია! ეს საიტი მოთხოვს მზა ფაილებს (cookies ) გამართული მუშაობისათვის
SHA256: 815f6e7b2a61c0d0316b1300fafc6cee4c2524826ffa18301c7833441fcb3c87
ფაილის სახელი: AndroidPlay_install.apk
დაფიქსირების შეფარდება: 15 / 47
ანალიზის თარიღი: 2013-09-16 07:10:17 UTC ( 5 წელი, 8 თვე-ის წინ ) ბოლო
ანტივირუსი შედეგები განახლება
AntiVir Android/TrojanSMS.Boxer.B.Gen 20130915
Avast Android:SMSBoxer-DI [Trj] 20130916
BitDefender Android.Trojan.FakeInst.DA 20130916
Commtouch AndroidOS/FakeInst.E.gen!Eldorado 20130916
Comodo UnclassifiedMalware 20130916
DrWeb Android.SmsSend.315.origin 20130916
Emsisoft Android.Trojan.FakeInst.DA (B) 20130916
F-Secure Trojan:Android/Fakeinst.CL 20130916
GData Android.Trojan.FakeInst.DA 20130916
Ikarus AndroidOS.Trojan-SMS.FakeInst 20130916
Jiangmin Trojan/AndroidOS.afcr 20130903
Kaspersky HEUR:Trojan-SMS.AndroidOS.FakeInst.a 20130916
Kingsoft Android.Troj.FakeInst.ic.(kcloud) 20130829
Sophos AV Andr/Boxer-M 20130916
VIPRE Trojan.AndroidOS.Generic.A 20130916
Yandex 20130915
AhnLab-V3 20130915
Antiy-AVL 20130915
AVG 20130915
Baidu-International 20130915
ByteHero 20130903
CAT-QuickHeal 20130916
ClamAV 20130916
ESET-NOD32 20130915
F-Prot 20130916
Fortinet 20130916
K7AntiVirus 20130913
K7GW 20130913
Malwarebytes 20130916
McAfee 20130916
McAfee-GW-Edition 20130915
Microsoft 20130916
eScan 20130916
NANO-Antivirus 20130916
Norman 20130915
nProtect 20130916
Panda 20130915
PCTools 20130915
Rising 20130916
SUPERAntiSpyware 20130915
Symantec 20130916
TheHacker 20130915
TotalDefense 20130913
TrendMicro 20130916
TrendMicro-HouseCall 20130916
VBA32 20130913
ViRobot 20130916
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.app.android. The internal version number of the application is 1. The displayed version string of the application is 1.0. The minimum Android API level for the application to run (MinSDKVersion) is 5. The target Android API level for the application to run (TargetSDKVersion) is 8.
Risk summary
The studied DEX file makes use of API reflection
Permissions that allow the application to manipulate SMS
Permissions that allow the application to perform payments
Permissions that allow the application to access Internet
Permissions that allow the application to access private information
Other permissions that could be considered as dangerous in certain scenarios
Required permissions
android.permission.SEND_SMS (send SMS messages)
android.permission.INTERNET (full Internet access)
com.app.android.permission.C2D_MESSAGE (C2DM permission.)
com.android.launcher.permission.INSTALL_SHORTCUT (Unknown permission from android reference)
com.google.android.c2dm.permission.RECEIVE (Unknown permission from android reference)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.CALL_PHONE (directly call phone numbers)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.READ_SETTINGS (Unknown permission from android reference)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.GET_ACCOUNTS (discover known accounts)
android.permission.READ_SMS (read SMS or MMS)
Permission-related API calls
WRITE_SETTINGS
ACCESS_NETWORK_STATE
WAKE_LOCK
SEND_SMS
VIBRATE
INTERNET
Main Activity
com.app.android.Main
Activities
com.app.android.Main
com.app.android.AgrActivity
com.app.android.ShowURL
Services
com.app.android.USSDNetworkService
com.app.android.GCMIntentService
com.app.android.ActorService
Receivers
com.app.android.Notifier
com.app.android.AirplaneModeHandler
com.app.android.BootReceiver
com.app.android.ProcedureMaker
com.app.android.MessageHandler
com.app.android.MessageReceiver
com.google.android.gcm.GCMBroadcastReceiver
Service-related intent filters
com.app.android.USSDNetworkService
actions: com.android.ussd.IExtendedNetworkService
categories: android.intent.category.DEFAULT
Activity-related intent filters
com.app.android.AgrActivity
actions: android.intent.action.VIEW
categories: android.intent.category.DEFAULT
com.app.android.Main
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.app.android.Notifier
actions: android.intent.action.BOOT_COMPLETED
categories: android.intent.category.HOME
com.google.android.gcm.GCMBroadcastReceiver
actions: com.google.android.c2dm.intent.RECEIVE, com.google.android.c2dm.intent.REGISTRATION
categories: com.app.android
com.app.android.ProcedureMaker
actions: com.app.android.MakeProcedure
categories: android.intent.category.HOME
com.app.android.BootReceiver
actions: android.intent.action.BOOT_COMPLETED, android.intent.action.QUICKBOOT_POWERON
categories: android.intent.category.HOME
com.app.android.MessageReceiver
actions: android.provider.Telephony.SMS_RECEIVED
com.app.android.MessageHandler
actions: com.app.android.MessageHandler
categories: android.intent.category.HOME
com.app.android.AirplaneModeHandler
actions: android.net.conn.CONNECTIVITY_CHANGE
Application certificate information
Application bundle files
Interesting strings
File identification
MD5 628584f27a91d3c0b21438b8e3fb670c
SHA1 1b7e3e480e43cadd5093abf948767d2a289a26f1
SHA256 815f6e7b2a61c0d0316b1300fafc6cee4c2524826ffa18301c7833441fcb3c87
ssdeep
12288:yYHEh2bla30RmDQVjnkUU6XU6SU66yU6kWXqsPQ:yYHEh2bla30RmDQVjpXS6yNqsPQ

File size 455.0 კბ ( 465932 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android

VirusTotal metadata
First submission 2013-09-16 07:09:09 UTC ( 5 წელი, 8 თვე-ის წინ )
Last submission 2015-03-02 11:40:40 UTC ( 4 წელი, 2 თვე-ის წინ )
ფაილის სახელები 628584f27a91d3c0b21438b8e3fb670c.apk
AndroidPlay_install.apk
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x1ea75b6b

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
4361

ZipCompressedSize
1357

ZipFileName
META-INF/MANIFEST.MF

ZipBitFlag
0x0808

ZipModifyDate
2013:09:16 11:05:25

კომენტარები არაა. ვირუსტოტალის წევრებს არ დაუტოვებიათ კომენტარი, იყავი პირველი!

დატოვე კომენტარი...

?
გამოაქვეყნე კომენტარი

თქვენ არ შესულხართ სისტემაში მხოლოდ დარეგისტრირებულ წევრებს შეუძლიათ კომენტარის დატოვება. დარეგისტრირდით რათა გქონდეთ თქვენი ხმა,

შეფასებები არ არის. ეს ფაილი არავის შეუფასებია, იყავი პირველი!
Started services
#Intent;action=com.google.android.c2dm.intent.REGISTER;package=com.google.android.gsf;S.sender=1006493311114;end
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Calls APIs that manage SMS operations such as sending data, text, and pdu SMS messages.
Contacted URLs
http://depositmobi.com/getTask.php/task=updateOpening&s=12363