NVISO ApkScan malware analysis report

April 23, 2019

 
General information
File nameVikingJump_1.6_apk-dl_.com_.apk
Other known file namesNone
OriginManually uploaded by anonymous user [2016-05-10 13:19:12]
MD5 hash9abe2ab6a11c0e6d77e7e2bdd1050a6c
SHA256 hashb4d03a2104dc07ab58e7ffa9477c1ffc44427a0c2170e75effbd41397c3dca0f
File size7253.15 KB
WorkerNVISO_API_KALI_01
Static malware analysis
Android manifest (AndroidManifest.xml)
Permissions
ACCESS_NETWORK_STATE Allows applications to access information about networks
ACCESS_WIFI_STATE Allows applications to access information about Wi-Fi networks
INTERNET Allows applications to open network sockets.
READ_PHONE_STATE Allows read only access to phone state.
RECEIVE_BOOT_COMPLETED Allows an application to receive the ACTION_BOOT_COMPLETED that is broadcast after the system finishes booting.
BILLINGUnknown permission
WRITE_EXTERNAL_STORAGE Allows an application to write to external storage.
Services
Class com.fa.c.SystemService
Class com.fa.c.StartService
Virus Total scan results
None of the 56 scanners detected malicious behavior.
Disassembled source code
Hardcoded URL's
Dynamic malware analysis
Screenshot or animated GIF of the analysed application

Random artificial input is provided to the scanned applications during dynamic analysis, in order to mimic a human being using and interacting with the application. This can result in our report showing a different screen than the one you would see when starting the application.

Disk activity
Accessed files
Filenamepipe:[3612]
Filenamepipe:[3630]
Filename/proc/1255/cmdline
Filenamepipe:[3613]
Filenamepipe:[3639]
Filenamepipe:[3679]
Filename/proc/1420/cmdline
Filenamepipe:[3694]
Filename/proc/meminfo
Filename/proc/1285/cmdline
Filename/dev/urandom
Filenamepipe:[3689]
Filename/data/data/com.Jump.vikingJump/shared_prefs/cbPrefs.xml
Filename/data/data/com.android.music/shared_prefs/Music.xml
Filenamepipe:[3643]
Filenamepipe:[3698]
Filenamepipe:[3626]
Filenamepipe:[3667]
Filenamepipe:[3614]
Filenamepipe:[3693]
Filename/data/data/com.android.vending/shared_prefs/finsky.xml
Filename/proc/1347/cmdline
Filenamepipe:[3621]
Filenamepipe:[3663]
Filename/data/data/com.Jump.vikingJump/cache/.chartboost/session/cb_previous_session_info
Filenamepipe:[3675]
Filename/proc/1314/cmdline
Filename/data/data/com.Jump.vikingJump/shared_prefs/com.Jump.vikingJump_preferences.xml
Filenamepipe:[3651]
Filenamepipe:[3647]
Filenamepipe:[3655]
Filename/proc/1327/cmdline
Filename/proc/1330/cmdline
Filename/proc/1332/cmdline
Filenamepipe:[3659]
Filenamepipe:[3702]
Filename/dev/input/event0
Filenamepipe:[3683]
Filename/proc/1540/cmdline
Filename/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml
Filenamepipe:[3699]
Filenamepipe:[3634]
Filenamepipe:[3671]
Filename/proc/1270/cmdline
Filename/data/data/com.android.launcher/shared_prefs/com.android.launcher2.prefs.xml
Network activity
Opened network connections
No network connections were opened.
Automatically placed calls and text messages
Placed phone calls
No phone calls were placed automatically.
Sent SMS messages
No text messages were placed automatically.
Cryptographic activity
Used encryption keys
AlgorithmAES
Key-83, 48, -82, 125, 12, -120, 31, -37, 105, -65, 73, 69, 33, 103, -100, -30
  
Encryption operations
No cryptographic activity detected.
Decryption operations
No cryptographic activity detected.
Information leakage
Network information leakage
No network information leakage detected.
SMS information leakage
No SMS information leakage detected.
File information leakage
No file information leakage detected.
Miscellaneous
Started services
Service namecom.fa.c.SystemService
Service namecom.fa.c.StartService
Service namecom.android.music.MediaPlaybackService
Output generated by ADB logcat
Download ADB logcat file (text format - 589 KB)
report overview | terms & conditions | support & feedback | nviso.be