NVISO ApkScan malware analysis report

November 18, 2018

 
General information
File nameDecrypto_v1.4_.7_apkpure_.com_.apk
Other known file namesNone
OriginManually uploaded by anonymous user [2018-08-05 18:51:31]
MD5 hash3cc31498b395de251bc1aeae1aeff3eb
SHA256 hashc93b5d24838ec25846534d70bb20be50dc56999d7f60db463604ecee12051d02
File size7228.78 KB
WorkerNVISO_API_KALI_01
Static malware analysis
Android manifest (AndroidManifest.xml)
Permissions
ACCESS_NETWORK_STATE Allows applications to access information about networks
INTERNET Allows applications to open network sockets.
READ_EXTERNAL_STORAGE Allows an application to read from external storage.
WRITE_EXTERNAL_STORAGE Allows an application to write to external storage.
Services
No services registered.
Virus Total scan results
None of the 60 scanners detected malicious behavior.
Disassembled source code
Hardcoded URL's
Dynamic malware analysis
Screenshot or animated GIF of the analysed application

Random artificial input is provided to the scanned applications during dynamic analysis, in order to mimic a human being using and interacting with the application. This can result in our report showing a different screen than the one you would see when starting the application.

Disk activity
Accessed files
Filename/proc/1241/cmdline
Filename/proc/1299/cmdline
Filename/data/data/info.valky.decryptor/shared_prefs/info.valky.decryptor_preferences.xml
Filename/dev/input/event0
Filename/proc/1257/cmdline
Filename/proc/meminfo
Filename/dev/urandom
Filename/proc/1314/cmdline
Filename/data/data/info.valky.decryptor/cache/1460683162801.jar
Filename/data/data/com.android.vending/shared_prefs/finsky.xml
Filename/data/data/info.valky.decryptor/cache/1460683162801.dex
Filename/data/data/info.valky.decryptor/cache/1460683162801.tmp
Filename/data/data/com.android.music/shared_prefs/Music.xml
Filename/proc/1387/cmdline
Filename/proc/1317/cmdline
Filename/proc/1271/cmdline
Filename/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml
Filename/proc/1310/cmdline
Filename/data/data/info.valky.decryptor/shared_prefs/admob.xml
Network activity
Opened network connections
Destination216.58.204.130:443File descriptor26
Destination216.58.204.130:443File descriptor28
Destination216.58.204.130:443File descriptor38
Automatically placed calls and text messages
Placed phone calls
No phone calls were placed automatically.
Sent SMS messages
No text messages were placed automatically.
Cryptographic activity
Used encryption keys
AlgorithmAES
Key4, 103, -30, 65, -64, 8, 86, -111, 39, -2, 110, -18, 84, -7, 44, 1
  
Encryption operations
No cryptographic activity detected.
Decryption operations
AlgorithmAES/CBC/PKCS5Padding
Data (ASCII)
Data (RAW)com.google.android.ads.zxxz.d
  
AlgorithmAES/CBC/PKCS5Padding
Data (ASCII)
Data (RAW)com.google.android.ads.zxxz.h
  
AlgorithmAES/CBC/PKCS5Padding
Data (ASCII)
Data (RAW)com.google.android.ads.zxxz.i
  
AlgorithmAES/CBC/PKCS5Padding
Data (ASCII)
Data (RAW)com.google.android.ads.zxxz.c
  
AlgorithmAES/CBC/PKCS5Padding
Data (ASCII)
Data (RAW)a
  
AlgorithmAES/CBC/PKCS5Padding
Data (ASCII)
Data (RAW)com.google.android.ads.zxxz.g
  
AlgorithmAES/CBC/PKCS5Padding
Data (ASCII)
Data (RAW)com.google.android.ads.zxxz.a
  
AlgorithmAES/CBC/PKCS5Padding
Data (ASCII)
Data (RAW)com.google.android.ads.zxxz.j
  
AlgorithmAES/CBC/PKCS5Padding
Data (ASCII)
Data (RAW)com.google.android.ads.zxxz.b
  
AlgorithmAES/CBC/PKCS5Padding
Data (ASCII)
Data (RAW)com.google.android.ads.zxxz.o
  
AlgorithmAES/CBC/PKCS5Padding
Data (ASCII)
Data (RAW)com.google.android.ads.zxxz.e
  
AlgorithmAES/CBC/PKCS5Padding
Data (ASCII)
Data (RAW)com.google.android.ads.zxxz.m
  
AlgorithmAES/CBC/PKCS5Padding
Data (ASCII)
Data (RAW)com.google.android.ads.zxxz.n
  
AlgorithmAES/CBC/PKCS5Padding
Data (ASCII)
Data (RAW)com.google.android.ads.zxxz.k
  
AlgorithmAES/CBC/PKCS5Padding
Data (ASCII)
Data (RAW)com.google.android.ads.zxxz.l
  
AlgorithmAES/CBC/PKCS5Padding
Data (ASCII)
Data (RAW)com.google.android.ads.zxxz.f
  
Information leakage
Network information leakage
No network information leakage detected.
SMS information leakage
No SMS information leakage detected.
File information leakage
No file information leakage detected.
Miscellaneous
Started services
Service namecom.android.music.MediaPlaybackService
Output generated by ADB logcat
Download ADB logcat file (text format - 612 KB)
report overview | terms & conditions | support & feedback | nviso.be