× Obsługa plików cookie w przeglądarce jest wyłączona! Ta strona wymaga włączonej obsługi plików cookie, aby działać poprawnie
SHA256: 07278c56973d609caa5f9eb2393d9b1eb41964d24e7e9e7a7e7f9fdfb2bb4c31
Nazwa pliku: 60f0c18fae934d1033394d62951d5dc8.apk
Współczynnik wykrycia: 29 / 58
Data analizy: 2017-04-23 20:43:26 UTC ( 4 dni, 7 godzin temu )
Antywirus Wynik Uaktualnij
Ad-Aware Android.Trojan.HiddenApp.OU 20170423
AegisLab SUSPICIOUS 20170423
AhnLab-V3 Android-Trojan/FakeInst.3e91a 20170423
Alibaba A.H.Int.Kgb 20170421
Arcabit Android.Trojan.HiddenApp.OU 20170423
Avast Android:Agent-MOB [Trj] 20170423
Avira (no cloud) ANDROID/HiddenApp.hezjj 20170423
BitDefender Android.Trojan.HiddenApp.OU 20170423
CAT-QuickHeal Android.Mekir.B 20170422
Cyren ZIP/Trojan.YSNH-9 20170423
DrWeb Android.Backdoor.500.origin 20170423
Emsisoft Android.Trojan.HiddenApp.OU (B) 20170423
ESET-NOD32 Android/HiddenApp.BB 20170423
F-Secure Android.Trojan.HiddenApp.OU 20170423
Fortinet Android/Generic.AP.1470EE!tr 20170423
GData Android.Trojan.HiddenApp.OU 20170423
Ikarus Trojan.AndroidOS.Hiddenapp 20170423
K7GW Trojan ( 004fa1e81 ) 20170423
Kaspersky HEUR:Trojan-Spy.AndroidOS.Mekir.d 20170423
McAfee Artemis!60F0C18FAE93 20170423
eScan Android.Trojan.HiddenApp.OU 20170423
NANO-Antivirus Trojan.Android.HiddenApp.eikhbb 20170423
Qihoo-360 Android mobile malware 20170423
Rising Trojan.HiddenApp/Android!8.4AF (cloud:uXw56joGlJC) 20170423
Sophos Andr/HiddenAp-Z 20170423
Symantec Mobile Insight Trojan:Malapp 20170422
Tencent a.expense.squareup 20170423
WhiteArmor Android-Malware.SN-Sure.2441134153074532264000.[PUA] 20170409
ZoneAlarm by Check Point HEUR:Trojan-Spy.AndroidOS.Mekir.d 20170423
ALYac 20170423
Antiy-AVL 20170423
AVG 20170423
AVware 20170423
Baidu 20170421
ClamAV 20170423
CMC 20170421
Comodo 20170423
CrowdStrike Falcon (ML) 20170130
Endgame 20170419
F-Prot 20170423
Invincea 20170413
Jiangmin 20170422
K7AntiVirus 20170423
Kingsoft 20170423
Malwarebytes 20170423
McAfee-GW-Edition 20170423
Microsoft 20170423
nProtect 20170423
Palo Alto Networks (Known Signatures) 20170423
Panda 20170423
SentinelOne (Static ML) 20170330
SUPERAntiSpyware 20170423
TheHacker 20170423
TotalDefense 20170423
TrendMicro-HouseCall 20170423
Trustlook 20170423
VBA32 20170421
VIPRE 20170423
ViRobot 20170423
Webroot 20170423
Yandex 20170421
Zillya 20170421
Zoner 20170423
The file being studied is Android related! APK Android file more specifically. The application's main package name is it.phonevoda.androidv1. The internal version number of the application is 1. The displayed version string of the application is 1. The minimum Android API level for the application to run (MinSDKVersion) is 7. The target Android API level for the application to run (TargetSDKVersion) is 19.
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.READ_SYNC_SETTINGS (read sync settings)
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS (access extra location provider commands)
com.android.launcher.permission.UNINSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.ACCESS_MOCK_LOCATION (mock location sources for testing)
android.permission.READ_USER_DICTIONARY (read user-defined dictionary)
android.permission.READ_CALENDAR (read calendar events)
android.permission.READ_LOGS (read sensitive log data)
android.permission.WRITE_PROFILE (write the user's personal profile data)
android.permission.READ_SOCIAL_STREAM (read from the user's social stream)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.UPDATE_DEVICE_STATS (modify battery statistics)
android.permission.READ_SYNC_STATS (read sync statistics)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.BLUETOOTH (create Bluetooth connections)
android.permission.CAMERA (take pictures and videos)
android.permission.INTERNET (full Internet access)
android.permission.SET_WALLPAPER_HINTS (set wallpaper size hints)
android.permission.SET_ANIMATION_SCALE (modify global animation speed)
android.permission.CHANGE_CONFIGURATION (change your UI settings)
android.permission.BLUETOOTH_ADMIN (bluetooth administration)
android.permission.NFC (control Near-Field Communication)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.PERSISTENT_ACTIVITY (make application always run)
android.permission.USE_CREDENTIALS (use the authentication credentials of an account)
com.android.launcher.permission.INSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.WRITE_CALL_LOG (write (but not read) the user's contacts data.)
android.permission.SET_PROCESS_LIMIT (limit number of running processes)
android.permission.READ_CALL_LOG (read the user's call log.)
android.permission.CHANGE_WIFI_MULTICAST_STATE (allow Wi-Fi Multicast reception)
android.permission.WRITE_USER_DICTIONARY (write to user-defined dictionary)
com.android.browser.permission.READ_HISTORY_BOOKMARKS (read Browser's history and bookmarks)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.SUBSCRIBED_FEEDS_READ (read subscribed feeds)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.GET_PACKAGE_SIZE (measure application storage space)
android.permission.RECORD_AUDIO (record audio)
android.permission.WRITE_SOCIAL_STREAM (write the user's social stream)
android.permission.MANAGE_ACCOUNTS (manage the accounts list)
android.permission.WRITE_SYNC_SETTINGS (write sync settings)
android.permission.READ_CONTACTS (read contact data)
android.permission.AUTHENTICATE_ACCOUNTS (act as an account authenticator)
android.permission.SIGNAL_PERSISTENT_PROCESSES (send Linux signals to applications)
android.permission.BROADCAST_STICKY (send sticky broadcast)
android.permission.SET_WALLPAPER (set wallpaper)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.READ_SMS (read SMS or MMS)
android.permission.WRITE_CONTACTS (write contact data)
android.permission.BATTERY_STATS (modify battery statistics)
android.permission.KILL_BACKGROUND_PROCESSES (kill background processes)
android.permission.GET_TASKS (retrieve running applications)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.RECEIVE_MMS (receive MMS)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.SET_ALWAYS_FINISH (make all background applications close)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.MODIFY_PHONE_STATE (modify phone status)
android.permission.MODIFY_AUDIO_SETTINGS (change your audio settings)
android.permission.RESTART_PACKAGES (kill background processes)
android.permission.READ_PROFILE (read the user's personal profile data)
android.permission.USE_SIP (make/receive Internet calls)
android.permission.GET_ACCOUNTS (discover known accounts)
android.permission.WRITE_CALENDAR (add or modify calendar events and send emails to guests)
Activities
com.google.android.system.MainActivity
com.google.android.system.RecActivity
Services
com.google.android.MainService
Receivers
com.google.android.Autostart
com.google.android.PackageChangeReceiver
Activity-related intent filters
com.google.android.system.MainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.google.android.PackageChangeReceiver
actions: android.intent.action.PACKAGE_ADDED, android.intent.action.PACKAGE_REPLACED, android.intent.action.PACKAGE_REMOVED
com.google.android.Autostart
actions: android.intent.action.BOOT_COMPLETED
Application certificate information
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
9
Uncompressed size
486330
Highest datetime
2014-05-20 14:58:52
Lowest datetime
2014-05-20 14:58:52
Contained files by extension
png
3
xml
1
dex
1
MF
1
RSA
1
SF
1
Contained files by type
unknown
4
PNG
3
XML
1
DEX
1
File identification
MD5 60f0c18fae934d1033394d62951d5dc8
SHA1 c0802514739173623a319db4551f88d2ca71bdb2
SHA256 07278c56973d609caa5f9eb2393d9b1eb41964d24e7e9e7a7e7f9fdfb2bb4c31
ssdeep
6144:HgMaUKxo0x5AsEWfTS+8pPFRZd5EuEl6r3k:HgSKx/5IWLSdPWWr0

File size 217.6 KB ( 222799 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android

VirusTotal metadata
First submission 2016-10-07 08:20:29 UTC ( 6 miesięcy, 3 tygodnie temu )
Last submission 2016-11-22 11:39:41 UTC ( 5 miesięcy temu )
Nazwy plików 60f0c18fae934d1033394d62951d5dc8.apk
60f0c18fae934d1033394d62951d5dc8.virus
Brak komentarzy. Żaden z członków społeczności VirusTotal nie skomentował tego. Bądź pierwszy, by to zrobić!

Skomentuj

?
Dodaj komentarz

Nie jesteś zalogowany. Tylko zarejestrowani użytkownicy mogą dodawać komentarze, zalogować się i mieć swój głos!

Brak ocen. Nikt jeszcze nie oddał swojego głosu, bądź pierwszy!
Started services
#Intent;component=it.phonevoda.androidv1/com.google.android.MainService;end
Started receivers
android.intent.action.SCREEN_ON
android.intent.action.SCREEN_OFF
android.intent.action.USER_PRESENT
android.provider.Telephony.SMS_RECEIVED
Opened files
/data/data/it.phonevoda.androidv1/files/stservice.dat
/data/data/it.phonevoda.androidv1/files/arservice.dat
/data/data/it.phonevoda.androidv1/files/crservice.dat
/data/data/it.phonevoda.androidv1/files/idservice.dat
/mnt/sdcard/Android/data/com.google.android.app/trf
/mnt/sdcard/Android/data/com.google.android.app
/mnt/sdcard
Accessed files
/mnt/sdcard/Android/data/com.google.android.app
/mnt/sdcard/Android/data/com.google.android.app/trf
Interesting calls
Calls APIs that manage SMS operations such as sending data, text, and pdu SMS messages.
Contacted URLs
https://66.232.100.221/UlisseREST/api/actions/RequestActionsToExecute
https://66.232.100.221/UlisseREST/api/log/NotifyLog