× Cookies er deaktivert! Denne siden krever at cookies er aktivert for å fungere optimalt.
SHA256: 8fb4b16dd882084d7c0908681303d783afa92f6f79c93d82dabccaf313258fbd
Deteksjonsrate: 35 / 59
Analysedato: 2017-04-24 21:01:21 UTC ( 5 måneder siden )
Antivirus Resultat Oppdatér
Ad-Aware Android.Trojan.SLocker.IE 20170424
AegisLab SUSPICIOUS 20170424
AhnLab-V3 Android-Trojan/Slocker.12fa1 20170424
Alibaba A.H.Pay.Ficrider 20170424
Antiy-AVL Trojan[Ransom]/Android.Small 20170424
Arcabit Android.Trojan.SLocker.IE 20170424
Avast Android:Agent-LEI [Trj] 20170424
AVG Android/G2P.KI.109211EBFC67 20170424
Avira (no cloud) ANDROID/Locker.DJ.Gen 20170424
Baidu Android.Trojan.Locker.at 20170424
BitDefender Android.Trojan.SLocker.IE 20170424
CAT-QuickHeal Android.Small.K 20170424
Cyren AndroidOS/GenBl.E4A9C945!Olympus 20170424
DrWeb Android.Encoder.2 20170424
Emsisoft Android.Trojan.SLocker.IE (B) 20170424
ESET-NOD32 a variant of Android/Locker.HG 20170424
F-Secure Trojan:Android/SLocker.BZ 20170424
Fortinet Android/Generic.AP.E948!tr 20170424
GData Android.Trojan.SLocker.IE 20170424
Ikarus Trojan.AndroidOS.Locker 20170424
K7GW Trojan ( 004dfe821 ) 20170424
Kaspersky HEUR:Trojan-Ransom.AndroidOS.Small.as 20170424
Kingsoft Android.Troj.SLocker.a.(kcloud) 20170424
McAfee Artemis!E4A9C9458555 20170424
McAfee-GW-Edition Artemis!Trojan 20170424
eScan Android.Trojan.SLocker.IE 20170424
NANO-Antivirus Trojan.Android.Ransom.eawtmo 20170424
Qihoo-360 Trojan.Android.Gen 20170424
Sophos AV Andr/SLocker-AP 20170424
Symantec Mobile Insight Trojan:Lockdroid.E 20170424
Tencent a.rogue.pornplayer 20170424
TrendMicro ANDROIDOS_SLOCKER.AXBB 20170424
TrendMicro-HouseCall ANDROIDOS_SLOCKER.AXBB 20170424
WhiteArmor Android-Malware.SN-Sure.60110305130733153757443422.[Trojan] 20170409
ZoneAlarm by Check Point HEUR:Trojan-Ransom.AndroidOS.Small.as 20170424
ALYac 20170424
AVware 20170424
ClamAV 20170424
CMC 20170421
Comodo 20170424
CrowdStrike Falcon (ML) 20170130
Endgame 20170419
F-Prot 20170424
Sophos ML 20170413
Jiangmin 20170424
K7AntiVirus 20170424
Malwarebytes 20170424
Microsoft 20170424
nProtect 20170424
Palo Alto Networks (Known Signatures) 20170424
Panda 20170424
Rising None
SentinelOne (Static ML) 20170330
SUPERAntiSpyware 20170424
TheHacker 20170424
TotalDefense 20170424
Trustlook 20170424
VBA32 20170421
VIPRE 20170424
ViRobot 20170424
Webroot 20170424
Yandex 20170424
Zillya 20170424
Zoner 20170424
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.wp.wattpad. The minimum Android API level for the application to run (MinSDKVersion) is 10. The target Android API level for the application to run (TargetSDKVersion) is 10.
Required permissions
android.permission.DISABLE_KEYGUARD (disable key lock)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.INTERNET (full Internet access)
android.permission.QUICKBOOT_POWERON (Unknown permission from android reference)
android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)
android.permission.KILL_BACKGROUND_PROCESSES (kill background processes)
android.permission.CAMERA (take pictures and videos)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
Activities
com.wp.wattpad.wattpadge
com.wp.wattpad.wattpad
Services
com.wp.wattpad.wattpaddavsb
Receivers
com.wp.wattpad.wattpadvds
com.wp.wattpad.wattpadvdsv
Activity-related intent filters
com.wp.wattpad.wattpadge
actions: android.intent.action.MAIN
categories: android.intent.category.DEFAULT, android.intent.category.LAUNCHER
Receiver-related intent filters
com.wp.wattpad.wattpadvds
actions: android.intent.action.REBOOT, android.intent.action.QUICKBOOT_POWERON, com.htc.intent.action.QUICKBOOT_POWERON, android.intent.action.BOOT_COMPLETED, android.intent.action.SCREEN_ON, android.intent.action.PACKAGE_ADDED, android.intent.action.PACKAGE_REMOVED, android.intent.action.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE, android.intent.action.ALL_APPS, android.intent.action.USER_PRESENT
com.wp.wattpad.wattpadvdsv
actions: android.app.action.DEVICE_ADMIN_ENABLED, android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED, android.app.action.ACTION_DEVICE_ADMIN_DISABLED, android.app.action.DEVICE_ADMIN_DISABLED
Application certificate information
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
15
Uncompressed size
268615
Highest datetime
2008-02-29 04:33:46
Lowest datetime
2008-02-29 04:33:46
Contained files by extension
xml
3
MF
2
png
2
dex
1
RSA
1
SF
1
Contained files by type
unknown
6
XML
4
PNG
3
DEX
1
JPG
1
File identification
MD5 e4a9c945855599fde13ab5bfe8d85939
SHA1 746d166c2387295fa465d668c857514d3bd329ea
SHA256 8fb4b16dd882084d7c0908681303d783afa92f6f79c93d82dabccaf313258fbd
ssdeep
6144:LtIiHK7yJSoOkTgg7xkKmOLQ4n5rIDPTFGfN:DHWL8TgYxk0845WPTAV

File size 212.7 KB ( 217758 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android

VirusTotal metadata
First submission 2016-03-03 10:50:24 UTC ( 1 år, 6 måneder siden )
Last submission 2016-07-23 17:10:49 UTC ( 1 år, 2 måneder siden )
Ingen kommentarer. Ingen av VirusTotals medlemmer har kommentert denne enheten, bli den første til å gjøre det!

Skriv en kommentar...

?
Send kommentar

Du har ikke logget inn. Bare registrerte brukere kan skrive kommentarer. Logg inn og bli hørt!

Ingen stemmer. Ingen har stemt på denne ennå, bli den første til å gjøre det!
Started activities
#Intent;launchFlags=0x10000000;component=com.wp.wattpad/.wattpadge;end
Started services
#Intent;component=com.wp.wattpad/.wattpaddavsb;end
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Contacted URLs
http://stul4ik.com/a.php