Source:
https://www.virustotal.com/en/file/56e5e9b1ad9756a442ed037f3d85e204832595bd02a1f5c8fc5ce6a442fb2001/analysis/ SHA256: | 56e5e9b1ad9756a442ed037f3d85e204832595bd02a1f5c8fc5ce6a442fb2001 |
File name: | blackmart_apk.apk |
Detection ratio: | 16 / 62 |
Analysis date: | 2017-12-30 10:10:34 UTC ( 1 day, 3 hours ago ) |
[th] Antivirus [/th] [th] Result [/th] [th] Update [/th] |
AegisLab | Adwareare.Andr.Airpush.O!c | 20171230 |
Antiy-AVL | Trojan/Android.TSGeneric | 20171230 |
Avira (no cloud) | ADWARE/ANDR.Airpush.O.Gen | 20171229 |
CAT-QuickHeal | Android.Airpush.J (AdWare) | 20171230 |
ClamAV | Andr.Malware.Agent-1462989 | 20171230 |
Cyren | ZIP/Trojan.DNXL-8 | 20171230 |
DrWeb | Adware.Airpush.31.origin | 20171230 |
ESET-NOD32 | a variant of Android/AdDisplay.AirPush.P potentially unwanted | 20171230 |
Fortinet | Android/Generic.Z.4732E2!tr | 20171230 |
Ikarus | PUA.AndroidOS.AirPush | 20171230 |
McAfee | Artemis!82A215E6FE0A | 20171230 |
NANO-Antivirus | Trojan.Android.Airpush.eenoit | 20171230 |
Symantec | Trojan.Gen.2 | 20171229 |
Tencent | a.gray.mfpad | 20171230 |
TrendMicro-HouseCall | Suspicious_GEN.F47V0912 | 20171230 |
WhiteArmor | PUP.HighConfidence | 20171226 |
Ad-Aware | | 20171225 |
AhnLab-V3 | | 20171230 |
Alibaba | | 20171229 |
ALYac | | 20171230 |
Arcabit | | 20171230 |
Avast | | 20171230 |
Avast-Mobile | | 20171229 |
AVG | | 20171230 |
AVware | | 20171230 |
Baidu | | 20171227 |
BitDefender | | 20171230 |
Bkav | | 20171229 |
CMC | | 20171229 |
Comodo | | 20171230 |
CrowdStrike Falcon (ML) | | 20171016 |
Cybereason | | None |
Cylance | | 20171230 |
eGambit | | 20171230 |
Emsisoft | | 20171230 |
Endgame | | 20171130 |
F-Prot | | 20171230 |
F-Secure | | 20171230 |
GData | | 20171230 |
Sophos ML | | 20170914 |
Jiangmin | | 20171230 |
K7AntiVirus | | 20171230 |
K7GW | | 20171230 |
Kaspersky | | 20171230 |
Kingsoft | | 20171230 |
Malwarebytes | | 20171230 |
MAX | | 20171230 |
McAfee-GW-Edition | | 20171230 |
Microsoft | | 20171230 |
eScan | | 20171230 |
nProtect | | 20171230 |
Palo Alto Networks (Known Signatures) | | 20171230 |
Panda | | 20171230 |
Qihoo-360 | | 20171230 |
Rising | | 20171230 |
SentinelOne (Static ML) | | 20171224 |
Sophos AV | | 20171230 |
SUPERAntiSpyware | | 20171230 |
Symantec Mobile Insight | | 20171230 |
TheHacker | | 20171229 |
TrendMicro | | 20171230 |
Trustlook | | 20171230 |
VBA32 | | 20171229 |
VIPRE | | 20171230 |
ViRobot | | 20171230 |
Webroot | | 20171230 |
Yandex | | 20171229 |
Zillya | | 20171229 |
ZoneAlarm by Check Point | | 20171230 |
Zoner | | 20171230 |
The file being studied is Android related! APK Android file more specifically. The application's main package name is
org.blackmart.market. The internal version number of the application is
992083. The displayed version string of the application is
0.99.2.83B. The minimum Android API level for the application to run (MinSDKVersion) is
9. The target Android API level for the application to run (TargetSDKVersion) is
22.
Required permissions
android.permission.ACCESS_FINE_LOCATION (
fine (GPS) location)
android.permission.VIBRATE (
control vibrator)
android.permission.READ_LOGS (
read sensitive log data)
com.google.android.c2dm.permission.RECEIVE (
Unknown permission from android reference)
android.permission.ACCESS_NETWORK_STATE (
view network status)
android.permission.ACCESS_COARSE_LOCATION (
coarse (network-based) location)
android.permission.WAKE_LOCK (
prevent phone from sleeping)
android.permission.GET_TASKS (
retrieve running applications)
android.permission.INTERNET (
full Internet access)
org.blackmart.market.permission.C2D_MESSAGE (
C2DM permission.)
android.permission.WRITE_EXTERNAL_STORAGE (
modify/delete SD card contents)
android.permission.GET_ACCOUNTS (
discover known accounts)
Activities
org.blackmart.market.ui.HomeActivity
org.blackmart.market.ui.ApkInfoActivity
org.blackmart.market.ui.ApkListActivity
org.blackmart.market.ui.ScreenShotActivity
org.blackmart.market.ui.ApkSearchActivity
org.blackmart.market.ui.SortModeActivity
org.blackmart.market.ui.SettingsActivity
org.blackmart.market.ui.DeviceActivity
org.blackmart.market.ui.AboutActivity
com.pzdpnt.ykpgmp230391.AdActivity
com.pzdpnt.ykpgmp230391.BrowserActivity
tiny.lib.log.ui.CrashReportActivity
com.google.android.gms.ads.AdActivity
com.google.android.gms.ads.purchase.InAppPurchaseActivity
Services
org.blackmart.market.util.components.BlackmartService
com.parse.PushService
Receivers
org.blackmart.market.util.components.ActionsReceiver
com.parse.ParseBroadcastReceiver
com.parse.GcmBroadcastReceiver
com.parse.ParsePushBroadcastReceiver
Providers
org.blackmart.market.util.components.ApkSearchRecentSuggestionsProvider
Activity-related intent filters
org.blackmart.market.ui.ApkSearchActivity actions: android.intent.action.SEARCH
org.blackmart.market.ui.HomeActivity actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.parse.GcmBroadcastReceiver actions: com.google.android.c2dm.intent.RECEIVE, com.google.android.c2dm.intent.REGISTRATION
categories: org.blackmart.market
com.parse.ParseBroadcastReceiver actions: android.intent.action.BOOT_COMPLETED, android.intent.action.USER_PRESENT
org.blackmart.market.util.components.ActionsReceiver actions: android.intent.action.PACKAGE_ADDED, android.intent.action.PACKAGE_REMOVED, android.intent.action.PACKAGE_CHANGED, android.intent.action.PACKAGE_REPLACED
com.parse.ParsePushBroadcastReceiver actions: com.parse.push.intent.RECEIVE, com.parse.push.intent.DELETE, com.parse.push.intent.OPEN
Application certificate information
Subject DN: C:RU, OU:blackmart, L:Moscow, O:blackmart, CN:blackmart C: RU CN: blackmart L: Moscow O: blackmart OU: blackmart validto: 11:17 PM 03/02/2036 serialnumber: 4d780a74 thumbprint: 12b34fb432092d9b8187aae7ab93b812af18ac10 validfrom: 11:17 PM 03/09/2011 Issuer DN: C:RU, OU:blackmart, L:Moscow, O:blackmart, CN:blackmart C: RU CN: blackmart L: Moscow O: blackmart OU: blackmart Interesting strings
http:// http://hostname/? http://market.android.com http://market.b3er.org/blackmart/upload2 http://play.google.com/store/ http://plus.google.com/ http://schema.org/ActivateAction http://schema.org/ActiveActionStatus http://schema.org/AddAction http://schema.org/BookmarkAction http://schema.org/CommunicateAction http://schema.org/CompletedActionStatus http://schema.org/FailedActionStatus http://schema.org/FilmAction http://schema.org/LikeAction http://schema.org/ListenAction http://schema.org/PhotographAction http://schema.org/ReserveAction http://schema.org/SearchAction http://schema.org/ViewAction http://schema.org/WantAction http://schema.org/WatchAction http://schemas.android.com/apk/res/android http://www.google-analytics.com http://www.google.com https://accounts.google.com https://api.parse.com/1/ https://csi.gstatic.com/csi https://e.crashlytics.com/spi/v2/events https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/mraid/v2/mraid_app_banner.js https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/mraid/v2/mraid_app_expanded_banner.js https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/mraid/v2/mraid_app_interstitial.js https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/sdk-core-v40.html https://login.live.com https://login.yahoo.com https://market.android.com https://market.android.com/details?id= https://play.google.com/store/ https://settings.crashlytics.com/spi/v2/platforms/android/apps/%s/settings https://ssl.google-analytics.com https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.googleapis.com/auth/appstate https://www.googleapis.com/auth/datastoremobile https://www.googleapis.com/auth/drive.appdata https://www.googleapis.com/auth/drive.file https://www.googleapis.com/auth/fitness.activity.read https://www.googleapis.com/auth/fitness.activity.write https://www.googleapis.com/auth/fitness.body.read https://www.googleapis.com/auth/fitness.body.write https://www.googleapis.com/auth/fitness.location.read https://www.googleapis.com/auth/fitness.location.write https://www.googleapis.com/auth/fitness.nutrition.read https://www.googleapis.com/auth/fitness.nutrition.write https://www.googleapis.com/auth/games https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/plus.moments.write https://www.googletagmanager.com https://www.linkedin.com https://www.paypal.com The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
This file is a compressed stream containing 912 files.
- res/color-v11/primary_text_holo_dark.xml[/url] XML 976 Bytes
[url=https://www.virustotal.com/en/file/56e5e9b1ad9756a442ed037f3d85e204832595bd02a1f5c8fc5ce6a442fb2001/analysis/] - res/color-v11/primary_text_holo_light.xml[/url] XML 976 Bytes
[url=https://www.virustotal.com/en/file/56e5e9b1ad9756a442ed037f3d85e204832595bd02a1f5c8fc5ce6a442fb2001/analysis/] - res/color-v11/primary_text_light_nodisable.xml[/url] XML 596 Bytes
[url=https://www.virustotal.com/en/file/56e5e9b1ad9756a442ed037f3d85e204832595bd02a1f5c8fc5ce6a442fb2001/analysis/] - res/color-v11/primary_text_nodisable_holo_dark.xml[/url] XML 596 Bytes
[url=https://www.virustotal.com/en/file/56e5e9b1ad9756a442ed037f3d85e204832595bd02a1f5c8fc5ce6a442fb2001/analysis/] - res/color-v11/primary_text_nodisable_holo_light.xml[/url] XML 596 Bytes
[url=https://www.virustotal.com/en/file/56e5e9b1ad9756a442ed037f3d85e204832595bd02a1f5c8fc5ce6a442fb2001/analysis/] - res/color-v11/secondary_text_holo_dark.xml[/url] XML 1336 Bytes
[url=https://www.virustotal.com/en/file/56e5e9b1ad9756a442ed037f3d85e204832595bd02a1f5c8fc5ce6a442fb2001/analysis/] - res/color-v11/secondary_text_holo_light.xml[/url] XML 1336 Bytes
[url=https://www.virustotal.com/en/file/56e5e9b1ad9756a442ed037f3d85e204832595bd02a1f5c8fc5ce6a442fb2001/analysis/] - res/color-v11/secondary_text_nodisable_holo_dark.xml[/url] XML 596 Bytes
[url=https://www.virustotal.com/en/file/56e5e9b1ad9756a442ed037f3d85e204832595bd02a1f5c8fc5ce6a442fb2001/analysis/] - res/color-v11/secondary_text_nodisable_holo_light.xml[/url] XML 596 Bytes
[url=https://www.virustotal.com/en/file/56e5e9b1ad9756a442ed037f3d85e204832595bd02a1f5c8fc5ce6a442fb2001/analysis/] - res/drawable-hdpi-v11/ic_stat_notification.png[/url] PNG 677 Bytes
Compression metadata
Contained files
912
Uncompressed size
6996391
Highest datetime
2016-02-04 05:21:10
Lowest datetime
2016-02-04 05:18:56
Contained files by extension
png
725
xml
171
dex
1
MF
1
RSA
1
SF
1
Contained files by type
PNG
725
XML
171
unknown
12
HTML
3
DEX
1
Compressed bundles
This file was also submitted to VirusTotal in the following compressed file bundles.
[url=https://www.virustotal.com/en/file/099639145c314fbda3bf2290a33f6389b4f96ebd2f6c8efb056d72e0147f24dc/analysis/] 099639145c314fbda3bf2290a33f6389b4f96ebd2f6c8efb056d72e0147f24dc [/url]
[url=https://www.virustotal.com/en/file/129b05d52bc5c4fa8a64a58e940135877c2ebd3994b859e586a62fc6d0320dd2/analysis/] 129b05d52bc5c4fa8a64a58e940135877c2ebd3994b859e586a62fc6d0320dd2 [/url]
[url=https://www.virustotal.com/en/file/2d3885bf51b7313d08efedc44c18817426f7791d2b03e3c1baf9d2989fd330a8/analysis/] 2d3885bf51b7313d08efedc44c18817426f7791d2b03e3c1baf9d2989fd330a8 [/url]
[url=https://www.virustotal.com/en/file/3323bb5cfe5f5122675197b99e4d229ccbcf9f02bacc6133e15787acc9dec886/analysis/] 3323bb5cfe5f5122675197b99e4d229ccbcf9f02bacc6133e15787acc9dec886 [/url]
[url=https://www.virustotal.com/en/file/3d49997b31ac442a51e52d5f50cea0e3453e02b86c947774bcd61ff4856186bb/analysis/] 3d49997b31ac442a51e52d5f50cea0e3453e02b86c947774bcd61ff4856186bb [/url]
[url=https://www.virustotal.com/en/file/6523e78b8a6dbe98161b619aa59182e1c43fe2d8b46d13d01ec65ce6441ee5a2/analysis/] 6523e78b8a6dbe98161b619aa59182e1c43fe2d8b46d13d01ec65ce6441ee5a2 [/url]
[url=https://www.virustotal.com/en/file/65dffbaf0078207f3f8ce2cf6d0ddeaa651412ddf96ec447c7b7d5b1b635fce2/analysis/] 65dffbaf0078207f3f8ce2cf6d0ddeaa651412ddf96ec447c7b7d5b1b635fce2 [/url]
[url=https://www.virustotal.com/en/file/67011caa39d9339e7ddea58fd04fca448f0d611bbaf6d4c7c4421e250e1679e0/analysis/] 67011caa39d9339e7ddea58fd04fca448f0d611bbaf6d4c7c4421e250e1679e0 [/url]
[url=https://www.virustotal.com/en/file/6b468484501dc433695b680bec2872c3eb1f5c4031d0ed311b89671e00355d75/analysis/] 6b468484501dc433695b680bec2872c3eb1f5c4031d0ed311b89671e00355d75 [/url]
[url=https://www.virustotal.com/en/file/7225feb2de36f0db644c5c7e8df67e38bf8174632162402ed31040a7a651053d/analysis/] 7225feb2de36f0db644c5c7e8df67e38bf8174632162402ed31040a7a651053d [/url]
[url=https://www.virustotal.com/en/file/75190c2d350fa50cb8d416dafd1cc9d5fdd522c787ae2d99d1f4337b1f6801cc/analysis/] 75190c2d350fa50cb8d416dafd1cc9d5fdd522c787ae2d99d1f4337b1f6801cc [/url]
[url=https://www.virustotal.com/en/file/7a0f67bd1a612400cea038e9c96f7d44f123eb870220197788f87df1367719fd/analysis/] 7a0f67bd1a612400cea038e9c96f7d44f123eb870220197788f87df1367719fd [/url]
[url=https://www.virustotal.com/en/file/807c539035632ecb0da56ae12b2cb3a2e01b5c82628e8fe6b70a3cf49873ef80/analysis/] 807c539035632ecb0da56ae12b2cb3a2e01b5c82628e8fe6b70a3cf49873ef80 [/url]
[url=https://www.virustotal.com/en/file/8ab7b125972226e399131f18d894efe3e2cf3f7afc3695a595c4681010d18118/analysis/] 8ab7b125972226e399131f18d894efe3e2cf3f7afc3695a595c4681010d18118 [/url]
[url=https://www.virustotal.com/en/file/8e93a266a2b65afc52ec6fe92c6b4f38d7b61574da94bfcdd12954c2d100b9cf/analysis/] 8e93a266a2b65afc52ec6fe92c6b4f38d7b61574da94bfcdd12954c2d100b9cf [/url]
[url=https://www.virustotal.com/en/file/9596cc3497ee4a28a7264182d11a68671cd4959e3af61eeb60b247411e4f89bc/analysis/] 9596cc3497ee4a28a7264182d11a68671cd4959e3af61eeb60b247411e4f89bc [/url]
[url=https://www.virustotal.com/en/file/afacebb05dca0a5f7d2fa82d79db3d67c23b3a946c03623ba85e9bb6305597b7/analysis/] afacebb05dca0a5f7d2fa82d79db3d67c23b3a946c03623ba85e9bb6305597b7 [/url]
[url=https://www.virustotal.com/en/file/cab040cd4dd4c7e64c7858a5ad3611814d60517335eb66b57d5b4d93c609d9af/analysis/] cab040cd4dd4c7e64c7858a5ad3611814d60517335eb66b57d5b4d93c609d9af [/url]
[url=https://www.virustotal.com/en/file/f3174ad18a7eff124ac07d2dd144587c6278e104cdea8e7b11436dcfb88052ee/analysis/] f3174ad18a7eff124ac07d2dd144587c6278e104cdea8e7b11436dcfb88052ee [/url]
[url=https://www.virustotal.com/en/file/f3273bc00e86f9e4a07acaa6e9c10194f7d9365178063c393b150b0121135710/analysis/] f3273bc00e86f9e4a07acaa6e9c10194f7d9365178063c393b150b0121135710[/url]
File identification
MD5 82a215e6fe0a66acbd3de7517a0c0d93
SHA1 5181f29516fbf4e9d260e5295e11c448271c1da8
SHA256 56e5e9b1ad9756a442ed037f3d85e204832595bd02a1f5c8fc5ce6a442fb2001
ssdeep
98304:OPjWp610H5HYHKyydm8JNGyoJmtkX8Qdjyw5zTJpO8KZnwUZD5+7UMCpWNhpq2re:j6My2MsQz5zTJp7byFx73
File size 3.9 MB ( 4078403 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract
TrID | Android Package (73.9%) Java Archive (20.4%) ZIP compressed archive (5.6%) |
Tags
apk android via-tor
VirusTotal metadata
First submission 2016-02-04 03:33:09 UTC ( 1 year, 11 months ago )
Last submission 2017-12-30 10:10:34 UTC ( 1 day, 3 hours ago )
File names | Blackmart.market_v0.99.2.83B-992083_Android-2.3.apk blackmart_apk.apk blackmart_apk.apk tmp_10706-blackmart_apk-504586237.apk blackmart.apk tmp_23672-blackmart_apk-1010268415.apk tmp_5227-org.blackmart.market_v0.99.2.83B-992083_Android-2.31875900308.apk blackmart_apk[1].apk blackmart.market_992083.apk 550900 140515052.apk Black Market_mod-apps.com.apk tmp_17789-blackmart_apk663375324.apk roi1465113283.apk black_mart.apk tmp_16654-blackmart_apk-2027855909.apk blackmart_apk (1).apk Blackmart Atualizado (Favela Tutoriais).apk black_mart(1).apk 1818270.apk tmp_14954-blackmart_apk(2)547968605.apk 205808809.apk blackmart_apk.apk tmp_14541-blackmart_apk1462954719.apk tmp_21177-blackmart_apk-1659452053.apk |
Started receivers
android.intent.action.BATTERY_CHANGED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED
android.net.conn.CONNECTIVITY_CHANGE
Opened files
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/507455E80145-0001-05DC-F7A764CD01B4BeginSession.cls
/data/data/org.blackmart.market/cache/com.parse
/data/data/org.blackmart.market/app_Parse/CommandCache
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/log-files
/data/data/org.blackmart.market/cache
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/507455E80145-0001-05DC-F7A764CD01B4SessionOS.cls_temp
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/507455E80145-0001-05DC-F7A764CD01B4SessionDevice.cls_temp
/data/data/org.blackmart.market/app_Parse/installationId
/data/data/org.blackmart.market/cache/68466295162
/data
Accessed files
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/initialization_marker
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/crash_marker
/data/data/org.blackmart.market/cache/com.parse
/data/data/org.blackmart.market/cache/com.parse/applicationId
/data/data/org.blackmart.market/app_Parse
/proc/meminfo
/system/app/Superuser.apk
/system/xbin/su
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/log-files
/data/data/org.blackmart.market/app_Parse/currentUser
/data/data/org.blackmart.market/app_Parse/currentConfig
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/invalidClsFiles
/data/data/org.blackmart.market/app_Parse/currentInstallation
/data/data/org.blackmart.market/app_Parse/installationId
/data/data/org.blackmart.market/cache/68466295162
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/log-files/crashlytics-userlog-507455E80145-0001-05DC-F7A764CD01B4.temp
Contacted URLs
https://api.parse.com/1/classes/_Installation
7B226170704E616D65223A22426C61636B6D617274222C2261707056657273696F6E223A22302E39392E322E383342222C2264657669636554797065223A22616E64726F6964222C226170704964656E746966696572223A226F72672E626C61636B6D6172742E6D61726B6574222C22696E7374616C6C6174696F6E4964223A2231383364336639632D346330622D343864362D383461662D656262353566393433643362222C2274696D655A6F6E65223A224575726F70655C2F4D6164726964222C226C6F63616C654964656E746966696572223A22656E2D5553222C22706172736556657273696F6E223A22312E31332E30227D
https://settings.crashlytics.com/spi/v2/platforms/android/apps/org.blackmart.market/settings?instance=5ee0835455d675763017e34adf563b7dcb0f1c34&source=1&build_version=992083&icon_hash=9510cea39b203e0d3d691be8274d03feffb3918b&display_version=0.99.2.83B