× Obsługa plików cookie w przeglądarce jest wyłączona! Ta strona wymaga włączonej obsługi plików cookie, aby działać poprawnie
SHA256: 07278c56973d609caa5f9eb2393d9b1eb41964d24e7e9e7a7e7f9fdfb2bb4c31
Nazwa pliku: 60f0c18fae934d1033394d62951d5dc8.apk
Współczynnik wykrycia: 29 / 63
Data analizy: 2018-04-17 12:20:42 UTC ( 1 miesiąc temu )
Antywirus Wynik Uaktualnij
AegisLab Android.Troj.Hiddenapp!c 20180417
AhnLab-V3 Android-Trojan/FakeInst.3e91a 20180417
Alibaba A.H.Int.Kgb 20180417
Antiy-AVL Trojan[Spy]/Android.Mekir 20180417
Arcabit Android.Trojan.HiddenApp.OU 20180417
Avast-Mobile Android:Agent-MOB [Trj] 20180417
Avira (no cloud) ANDROID/HiddenApp.hezjj 20180417
BitDefender Android.Trojan.HiddenApp.OU 20180417
CAT-QuickHeal Android.Mekir.B 20180417
Cyren AndroidOS/GenBl.60F0C18F!Olympus 20180417
DrWeb Android.Backdoor.500.origin 20180417
Emsisoft Android.Trojan.HiddenApp.OU (B) 20180417
ESET-NOD32 Android/HiddenApp.BB 20180417
Fortinet Android/Generic.AP.1470EE!tr 20180417
GData Android.Trojan.HiddenApp.OU 20180417
Ikarus Trojan.AndroidOS.Hiddenapp 20180417
K7GW Trojan ( 0001140e1 ) 20180417
Kaspersky HEUR:Trojan-Spy.AndroidOS.Mekir.d 20180417
MAX malware (ai score=100) 20180417
McAfee Artemis!60F0C18FAE93 20180417
NANO-Antivirus Trojan.Android.HiddenApp.eikhbb 20180417
Qihoo-360 Trojan.Android.Gen 20180417
Sophos AV Andr/HiddenAp-Z 20180417
Symantec Trojan.Gen.2 20180417
Symantec Mobile Insight Trojan:Malapp 20180412
Tencent a.expense.squareup 20180417
Trustlook Android.PUA.General 20180417
WhiteArmor Malware.HighConfidence 20180408
ZoneAlarm by Check Point HEUR:Trojan-Spy.AndroidOS.Mekir.d 20180417
Ad-Aware 20180417
ALYac 20180417
Avast 20180417
AVG 20180417
AVware 20180417
Baidu 20180417
Bkav 20180410
ClamAV 20180417
CMC 20180417
Comodo 20180417
CrowdStrike Falcon (ML) 20170201
Cybereason None
Cylance 20180417
eGambit 20180417
Endgame 20180403
F-Prot 20180417
F-Secure 20180417
Sophos ML 20180121
Jiangmin 20180417
K7AntiVirus 20180417
Kingsoft 20180417
Malwarebytes 20180417
McAfee-GW-Edition 20180417
Microsoft 20180417
eScan 20180417
nProtect 20180417
Palo Alto Networks (Known Signatures) 20180417
Panda 20180416
Rising 20180417
SentinelOne (Static ML) 20180225
SUPERAntiSpyware 20180417
TheHacker 20180415
TotalDefense 20180417
TrendMicro 20180417
TrendMicro-HouseCall 20180417
VBA32 20180414
VIPRE 20180417
ViRobot 20180417
Webroot 20180417
Yandex 20180417
Zillya 20180416
Zoner 20180416
The file being studied is Android related! APK Android file more specifically. The application's main package name is it.phonevoda.androidv1. The internal version number of the application is 1. The displayed version string of the application is 1. The minimum Android API level for the application to run (MinSDKVersion) is 7. The target Android API level for the application to run (TargetSDKVersion) is 19.
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.READ_SYNC_SETTINGS (read sync settings)
android.permission.KILL_BACKGROUND_PROCESSES (kill background processes)
com.android.launcher.permission.UNINSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.ACCESS_MOCK_LOCATION (mock location sources for testing)
android.permission.READ_USER_DICTIONARY (read user-defined dictionary)
android.permission.READ_CALENDAR (read calendar events)
android.permission.READ_LOGS (read sensitive log data)
android.permission.WRITE_PROFILE (write the user's personal profile data)
android.permission.READ_SOCIAL_STREAM (read from the user's social stream)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.UPDATE_DEVICE_STATS (modify battery statistics)
android.permission.READ_SYNC_STATS (read sync statistics)
android.permission.WRITE_SYNC_SETTINGS (write sync settings)
android.permission.BLUETOOTH (create Bluetooth connections)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.INTERNET (full Internet access)
android.permission.SET_WALLPAPER_HINTS (set wallpaper size hints)
android.permission.SET_ANIMATION_SCALE (modify global animation speed)
android.permission.CHANGE_CONFIGURATION (change your UI settings)
android.permission.BLUETOOTH_ADMIN (bluetooth administration)
android.permission.NFC (control Near-Field Communication)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.PERSISTENT_ACTIVITY (make application always run)
android.permission.USE_CREDENTIALS (use the authentication credentials of an account)
com.android.launcher.permission.INSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.WRITE_SMS (edit SMS or MMS)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.WRITE_CALL_LOG (write (but not read) the user's contacts data.)
android.permission.SET_PROCESS_LIMIT (limit number of running processes)
android.permission.READ_CALL_LOG (read the user's call log.)
android.permission.CHANGE_WIFI_MULTICAST_STATE (allow Wi-Fi Multicast reception)
android.permission.WRITE_USER_DICTIONARY (write to user-defined dictionary)
com.android.browser.permission.READ_HISTORY_BOOKMARKS (read Browser's history and bookmarks)
android.permission.SET_ALWAYS_FINISH (make all background applications close)
android.permission.SUBSCRIBED_FEEDS_READ (read subscribed feeds)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.GET_PACKAGE_SIZE (measure application storage space)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.WRITE_SOCIAL_STREAM (write the user's social stream)
android.permission.MANAGE_ACCOUNTS (manage the accounts list)
android.permission.WRITE_CONTACTS (write contact data)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.MODIFY_PHONE_STATE (modify phone status)
android.permission.AUTHENTICATE_ACCOUNTS (act as an account authenticator)
android.permission.SIGNAL_PERSISTENT_PROCESSES (send Linux signals to applications)
android.permission.BROADCAST_STICKY (send sticky broadcast)
android.permission.SET_WALLPAPER (set wallpaper)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.READ_SMS (read SMS or MMS)
android.permission.BATTERY_STATS (modify battery statistics)
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS (access extra location provider commands)
android.permission.GET_TASKS (retrieve running applications)
android.permission.CAMERA (take pictures and videos)
android.permission.RECEIVE_MMS (receive MMS)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECORD_AUDIO (record audio)
android.permission.READ_CONTACTS (read contact data)
android.permission.MODIFY_AUDIO_SETTINGS (change your audio settings)
android.permission.RESTART_PACKAGES (kill background processes)
android.permission.READ_PROFILE (read the user's personal profile data)
android.permission.USE_SIP (make/receive Internet calls)
android.permission.GET_ACCOUNTS (discover known accounts)
android.permission.WRITE_CALENDAR (add or modify calendar events and send emails to guests)
Activities
com.google.android.system.MainActivity
com.google.android.system.RecActivity
Services
com.google.android.MainService
Receivers
com.google.android.Autostart
com.google.android.PackageChangeReceiver
Activity-related intent filters
com.google.android.system.MainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.google.android.PackageChangeReceiver
actions: android.intent.action.PACKAGE_ADDED, android.intent.action.PACKAGE_REPLACED, android.intent.action.PACKAGE_REMOVED
com.google.android.Autostart
actions: android.intent.action.BOOT_COMPLETED
Application certificate information
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
9
Uncompressed size
486330
Highest datetime
2014-05-20 14:58:52
Lowest datetime
2014-05-20 14:58:52
Contained files by extension
png
3
xml
1
dex
1
MF
1
RSA
1
SF
1
Contained files by type
unknown
4
PNG
3
XML
1
DEX
1
File identification
MD5 60f0c18fae934d1033394d62951d5dc8
SHA1 c0802514739173623a319db4551f88d2ca71bdb2
SHA256 07278c56973d609caa5f9eb2393d9b1eb41964d24e7e9e7a7e7f9fdfb2bb4c31
ssdeep
6144:HgMaUKxo0x5AsEWfTS+8pPFRZd5EuEl6r3k:HgSKx/5IWLSdPWWr0

File size 217.6 KB ( 222799 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android

VirusTotal metadata
First submission 2016-10-07 08:20:29 UTC ( 1 rok, 7 miesięcy temu )
Last submission 2016-11-22 11:39:41 UTC ( 1 rok, 5 miesięcy temu )
Nazwy plików 60f0c18fae934d1033394d62951d5dc8.apk
60f0c18fae934d1033394d62951d5dc8.virus
Brak komentarzy. Żaden z członków społeczności VirusTotal nie skomentował tego. Bądź pierwszy, by to zrobić!

Skomentuj

?
Dodaj komentarz

Nie jesteś zalogowany. Tylko zarejestrowani użytkownicy mogą dodawać komentarze, zalogować się i mieć swój głos!

Brak ocen. Nikt jeszcze nie oddał swojego głosu, bądź pierwszy!
Started services
#Intent;component=it.phonevoda.androidv1/com.google.android.MainService;end
Started receivers
android.intent.action.SCREEN_ON
android.intent.action.SCREEN_OFF
android.intent.action.USER_PRESENT
android.provider.Telephony.SMS_RECEIVED
Opened files
/data/data/it.phonevoda.androidv1/files/stservice.dat
/data/data/it.phonevoda.androidv1/files/arservice.dat
/data/data/it.phonevoda.androidv1/files/crservice.dat
/data/data/it.phonevoda.androidv1/files/idservice.dat
/mnt/sdcard/Android/data/com.google.android.app/trf
/mnt/sdcard/Android/data/com.google.android.app
/mnt/sdcard
Accessed files
/mnt/sdcard/Android/data/com.google.android.app
/mnt/sdcard/Android/data/com.google.android.app/trf
Interesting calls
Calls APIs that manage SMS operations such as sending data, text, and pdu SMS messages.
Contacted URLs
https://66.232.100.221/UlisseREST/api/actions/RequestActionsToExecute
https://66.232.100.221/UlisseREST/api/log/NotifyLog