NVISO ApkScan malware analysis report

December 19, 2018

 
General information
File namedetiga_release.apk
Other known file namesNone
OriginManually uploaded by anonymous user [2018-01-12 19:03:33]
MD5 hash0a92d1e0614e0656417d4a80e197bb0e
SHA256 hash0e9e598e5f08d989e0e86a5cd53b3ce692c5e2fb98c9bee4b02a6f6d056ee866
File size6817.44 KB
WorkerNVISO_API_KALI_01
Static malware analysis
Android manifest (AndroidManifest.xml)
Permissions
ACCESS_COARSE_LOCATION Allows an app to access approximate location derived from network location sources such as cell towers and Wi-Fi.
ACCESS_FINE_LOCATION Allows an app to access precise location from location sources such as GPS, cell towers, and Wi-Fi.
ACCESS_NETWORK_STATE Allows applications to access information about networks
INTERNET Allows applications to open network sockets.
READ_EXTERNAL_STORAGE Allows an application to read from external storage.
RECEIVE_BOOT_COMPLETED Allows an application to receive the ACTION_BOOT_COMPLETED that is broadcast after the system finishes booting.
BADGE_COUNT_READUnknown permission
BADGE_COUNT_WRITEUnknown permission
BROADCAST_BADGEUnknown permission
C2D_MESSAGEUnknown permission
CHANGE_BADGEUnknown permission
PROVIDER_INSERT_BADGEUnknown permission
READUnknown permission
READ_APP_BADGEUnknown permission
READ_SETTINGSUnknown permission
READ_SETTINGSUnknown permission
READ_SETTINGSUnknown permission
RECEIVEUnknown permission
UPDATE_BADGEUnknown permission
UPDATE_COUNTUnknown permission
UPDATE_SHORTCUTUnknown permission
WRITEUnknown permission
VIBRATE Allows access to the vibrator
WAKE_LOCK Allows using PowerManager WakeLocks to keep processor from sleeping or screen from dimming
WRITE_EXTERNAL_STORAGE Allows an application to write to external storage.
WRITE_SETTINGS Allows an application to read or write the system settings.
WRITE_SETTINGS Allows an application to read or write the system settings.
Services
Class com.onesignal.RestoreKickoffJobService
Class com.onesignal.RestoreJobService
Class com.onesignal.SyncJobService
Class com.onesignal.GcmIntentJobService
Class com.onesignal.GcmIntentService
Class com.google.android.gms.analytics.AnalyticsJobService
Class com.google.android.gms.analytics.AnalyticsService
Class com.onesignal.SyncService
Class com.onesignal.NotificationRestoreService
Virus Total scan results
No scan results received from VirusTotal.

This most probably means that the sample hash is not yet known by the VirusTotal scanners.
You can always upload this sample at VirusTotal.com manually (we do not share samples automatically with third parties).
Disassembled source code
Hardcoded URL's
Dynamic malware analysis
Screenshot or animated GIF of the analysed application

No screenshot taken during dynamic analysis.

This most likely means that your application did not run correctly on our test device.
Our test devices run Android 4.1 Jelly Bean (API level 16), and currently do not support hardware OpenGL acceleration.

Since the application did not run correctly, the results in the sections below could be incomplete!

Disk activity
Accessed files
No files were accessed.
Network activity
Opened network connections
No network connections were opened.
Automatically placed calls and text messages
Placed phone calls
No phone calls were placed automatically.
Sent SMS messages
No text messages were placed automatically.
Cryptographic activity
Used encryption keys
No cryptographic activity detected.
Encryption operations
No cryptographic activity detected.
Decryption operations
No cryptographic activity detected.
Information leakage
Network information leakage
No network information leakage detected.
SMS information leakage
No SMS information leakage detected.
File information leakage
No file information leakage detected.
Miscellaneous
Started services
No services were started.
Output generated by ADB logcat
Download ADB logcat file (text format - 22 KB)
report overview | terms & conditions | support & feedback | nviso.be