来源:蜘蛛抓取(WebSpider)
时间:2017-08-11 09:06
标签:
android droidplugin
Antivirus scan for f141b7ae01bd3e9cfc28afbae8c85e6fff at
14:17:18 UTC - VirusTotal
Cookies被禁用!
本网站需要启用Cookie才能正常工作
The submitted file is a compressed bundle ciphered with password infected,
do you want to display the report for the contained inner file?
病毒库日期
Android.Riskware.Kingroot!c
Android-AppCare/Kingroot.1020e
Trojan/Android.TSGeneric
Android.Riskware.Kingroot.gPSR
Android:Rooter-EH [PUP]
Avast-Mobile
APK:RepMalware [PUP]
Android:Rooter-EH [PUP]
Avira (no cloud)
SPR/ANDR.DroidRooter.112
Trojan.AndroidOS.Generic.A
BitDefender
Android.Riskware.Kingroot.gPSR
CAT-QuickHeal
Android.DroidRooter.A (PUP)
Andr.Malware.Agent-1469412
AndroidOS/DroidRooter.V
Tool.Rooter.43.origin
Android.Riskware.Kingroot.gPSR (B)
ESET-NOD32
a variant of Android/DroidRooter.AC potentially unsafe
AndroidOS/DroidRooter.V
Android/Generic.Z.4FEFF9!tr
Android.Exploit.GingerBreak.E
PUA.AndroidOS.DroidRooter
malware (ai score=80)
Artemis!32279EE0CCB4
McAfee-GW-Edition
NANO-Antivirus
Riskware.Android.Rooter.duipsj
Android KingRoot (PUA)
Android.Lotoor
TrendMicro-HouseCall
Suspicious_GEN.F47V0912
Exploit.AndroidOS.DroidRooter.M
CrowdStrike Falcon (ML)
Cybereason
K7AntiVirus
Malwarebytes
Palo Alto Networks (Known Signatures)
SentinelOne (Static ML)
SUPERAntiSpyware
WhiteArmor
ZoneAlarm by Check Point
The file being studied is Android related!
APK Android file more specifically.
The application's main package name is
com.kingroot.RushRoot.
The internal version number of the application is
The displayed version string of the application is
The minimum Android API level for the application to run (MinSDKVersion) is
The target Android API level for the application to run (TargetSDKVersion) is
Required permissions
com.kingroot.kinguser.permission.activityCalled (Unknown permission from android reference)
com.android.launcher.permission.UNINSTALL_SHORTCUT (Unknown permission from android reference)
android.permission.ACCESS_MOCK_LOCATION (mock location sources for testing)
android.permission.WRITE_OWNER_DATA (Unknown permission from android reference)
android.permission.INTERNET (full Internet access)
com.android.launcher.permission.INSTALL_SHORTCUT (Unknown permission from android reference)
com.android.launcher3.permission.READ_SETTINGS (Unknown permission from android reference)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.ACCESS_CACHE_FILESYSTEM (access the cache file system)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.ACCESS_MTK_MMHW (Unknown permission from android reference)
com.android.launcher.permission.READ_SETTINGS (Unknown permission from android reference)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.READ_OWNER_DATA (Unknown permission from android reference)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.READ_CONTACTS (read contact data)
android.permission.RESTART_PACKAGES (kill background processes)
Activities
com.kingroot.RushRoot.activities.MainActivity
com.kingroot.RushRoot.activities.TestActivity
com.tencent.securedownload.sdk.ui.ShortCutActivity
com.tencent.securedownload.sdk.ui.ShortCutGroupActivity
com.kingroot.RushRoot.KrService
com.tencent.securedownload.sdk.ui.DownloadService
com.kingroot.RushRoot.BootCompletedReceiver
com.tencent.securedownload.sdk.ui.AlarmReceiver
com.tencent.securedownload.sdk.ui.BootReceiver
Activity-related intent filters
com.kingroot.RushRoot.activities.MainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
com.tencent.securedownload.sdk.ui.ShortCutActivity
actions: android.intent.action.SECORE
com.tencent.securedownload.sdk.ui.ShortCutGroupActivity
actions: android.intent.action.SECORE
Receiver-related intent filters
com.tencent.securedownload.sdk.ui.BootReceiver
actions: android.intent.action.BOOT_COMPLETED, android.intent.action.DATE_CHANGED
com.kingroot.RushRoot.BootCompletedReceiver
actions: android.intent.action.BOOT_COMPLETED
Application certificate information
DN: C:CN, CN:kingroot, L:Beijing, O:kingroot工作室, ST:Beijing, OU:kingroot工作室
CN: kingroot
L: Beijing
O: kingroot工作室
ST: Beijing
OU: kingroot工作室
validto: 02:39 AM 01/12/2037
serialnumber: 4f17825d
thumbprint: 3f1b86adfcd810ea977
validfrom: 02:39 AM 01/19/2012
DN: C:CN, CN:kingroot, L:Beijing, O:kingroot工作室, ST:Beijing, OU:kingroot工作室
CN: kingroot
L: Beijing
O: kingroot工作室
ST: Beijing
OU: kingroot工作室
Interesting strings
http://monitor.uu.qq.com/analytics/upload
http://update.uu.qq.com/gray/access
http://pmir.3g.qq.com
http://wuptest.cs0309.3g.qq.com
http://www.kingroot.net/proxy.php
http://pmir.3g.qq.com/
http://bh.3g.qq.com
http://bh.cs0309.3g.qq.com
The file being studied is a compressed stream!
Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
This file is a compressed stream containing 110 files.
3490174 Bytes
Detection ratio
when this report was generated
9508 Bytes
Detection ratio
when this report was generated
9629 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
1316 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
1560 Bytes
Detection ratio
when this report was generated
1672 Bytes
Detection ratio
when this report was generated
1144 Bytes
Detection ratio
when this report was generated
1488 Bytes
Detection ratio
when this report was generated
1716 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
370884 Bytes
Detection ratio
when this report was generated
47994 Bytes
Detection ratio
when this report was generated
54552 Bytes
Detection ratio
when this report was generated
17659 Bytes
Detection ratio
when this report was generated
151716 Bytes
Detection ratio
when this report was generated
1524072 Bytes
Detection ratio
when this report was generated
70716 Bytes
Detection ratio
when this report was generated
21796 Bytes
Detection ratio
when this report was generated
54520 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
1922 Bytes
Detection ratio
when this report was generated
1264 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
3668 Bytes
Detection ratio
when this report was generated
3669 Bytes
Detection ratio
when this report was generated
3886 Bytes
Detection ratio
when this report was generated
3843 Bytes
Detection ratio
when this report was generated
2227 Bytes
Detection ratio
when this report was generated
2219 Bytes
Detection ratio
when this report was generated
20876 Bytes
Detection ratio
when this report was generated
1022 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
33892 Bytes
Detection ratio
when this report was generated
21262 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
1089 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
2446 Bytes
Detection ratio
when this report was generated
1273 Bytes
Detection ratio
when this report was generated
1295 Bytes
Detection ratio
when this report was generated
1627 Bytes
Detection ratio
when this report was generated
5922 Bytes
Detection ratio
when this report was generated
10061 Bytes
Detection ratio
when this report was generated
1273 Bytes
Detection ratio
when this report was generated
6649 Bytes
Detection ratio
when this report was generated
8142 Bytes
Detection ratio
when this report was generated
7592 Bytes
Detection ratio
when this report was generated
7350 Bytes
Detection ratio
when this report was generated
2246 Bytes
Detection ratio
when this report was generated
5060 Bytes
Detection ratio
when this report was generated
2034 Bytes
Detection ratio
when this report was generated
2917 Bytes
Detection ratio
when this report was generated
7386 Bytes
Detection ratio
when this report was generated
7035 Bytes
Detection ratio
when this report was generated
7185 Bytes
Detection ratio
when this report was generated
3927 Bytes
Detection ratio
when this report was generated
5513 Bytes
Detection ratio
when this report was generated
9105 Bytes
Detection ratio
when this report was generated
1849 Bytes
Detection ratio
when this report was generated
3693 Bytes
Detection ratio
when this report was generated
1519 Bytes
Detection ratio
when this report was generated
5483 Bytes
Detection ratio
when this report was generated
8995 Bytes
Detection ratio
when this report was generated
11767 Bytes
Detection ratio
when this report was generated
11916 Bytes
Detection ratio
when this report was generated
5884 Bytes
Detection ratio
when this report was generated
17997 Bytes
Detection ratio
when this report was generated
16453 Bytes
Detection ratio
when this report was generated
3304 Bytes
Detection ratio
when this report was generated
1096 Bytes
Detection ratio
when this report was generated
1436 Bytes
Detection ratio
when this report was generated
1436 Bytes
Detection ratio
when this report was generated
1136 Bytes
Detection ratio
when this report was generated
Compression metadata
Contained files
Uncompressed size
Highest datetime
Lowest datetime
Contained files by extension
Contained files by type
SHA1 bea2f75db0f8dc99b754bef6a4ecdf9b1768138a
SHA256 f141b7ae01bd3e9cfc28afbae8c85e6fff
tIVnSt4Qqgf97lMpZmWMtDbdeKrTWO8WCNybJy:0S4Ig9ZTxdeKB8WWybE
6.3 MB ( 6649985 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract
Android Package (53.2%)
Java Enterprise Archive (19.7%)
Java Archive (14.7%)
Mozilla Firefox browser extension (8.1%)
ZIP compressed archive (4.0%)
VirusTotal metadata
First submission
06:27:24 UTC ( 2 年, 10 月 前 )
Last submission
14:17:18 UTC ( 2 月, 1 周 前 )
KingRoot.apk
KingRoot_4.0.apk
KingRoot-4.0.0.233-release-_.apk
KingRoot v4.0.apk
tmp_25624-KingRoot-4.0.0.233-release-_386.apk
Kingroot-chinese_mobilesnack.net.apk
kingroot_4.0.0.apk
KingRoot-4.0.0.apk
32279ee0ccb4e14c629e1ede.tmp.2450
Kingroot.apk
kingroot_4.0.apk
KingRoot_4.0.0.233_release__105001.apk
32279ee0ccb4e14c629e1ede.tmp.6231
KingRoot-4.0.0.233-release-.apk
KingRoot-4.0.0.233-release-_105001 youtube.apk
kingroot_4.0.0 (1).apk
KingRoot-4.0.0.233-release-_105001.apk
kingroot-4-0-en-android.apk
KingRoot-4.0.0.233-release-_.apk.part
KingRoot_4.0.0.233.apk
32279ee0ccb4e14c629e1ede.apk
kingroot.apk
SALUDOS A TODOS MIS QUERIDOS SUSCRIPTORES!!kingroot.apk
Started receivers
android.net.conn.CONNECTIVITY_CHANGE
External programs launched
Opened files
/data/app/com.kingroot.RushRoot.apk
/data/data/com.kingroot.RushRoot/lib
/data/data/com.kingroot.RushRoot/app_krsdk
/data/data/com.kingroot.RushRoot/app_krsdk/libkrsdk.1.0.153.so
/data/data/com.kingroot.RushRoot/app_krsdk/superuser.apk
/data/data/com.kingroot.RushRoot/app_krsdk/su
/data/data/com.kingroot.RushRoot/app_krsdk/reportroot
/data/data/com.kingroot.RushRoot/app_krsdk/toolbox
/data/data/com.kingroot.RushRoot/app_krsdk/supolicy
/data/data/com.kingroot.RushRoot/app_krsdk/su_check
/data/data/com.kingroot.RushRoot/app_krsdk/mm-direct-root.sh
/data/data/com.kingroot.RushRoot/app_krsdk/ku-config
/data/data/com.kingroot.RushRoot/app_krsdk/install-recovery.sh
/data/data/com.kingroot.RushRoot/app_krsdk/ddexe
/data/data/com.kingroot.RushRoot/app_krsdk/chattr
/data/data/com.kingroot.RushRoot/app_krsdk/kd
/data/data/com.kingroot.RushRoot/app_krsdk/__krsdk.res__
/data/data/com.kingroot.RushRoot/app_krsdk/krsdk.res
/data/data/com.kingroot.RushRoot/cache
APP_ASSETS/config.properties
APP_ASSETS/krsdk.res
APP_ASSETS/krsdk.cert
APP_ASSETS/libkrsdk.1.0.153.so
APP_ASSETS/su
APP_ASSETS/superuser.apk
/data/data/com.kingroot.RushRoot/app_tomb
/data/data/com.kingroot.RushRoot/lib/libSync.so
/mnt/sdcard
Accessed files
/data/data/com.kingroot.RushRoot/files
/data/data/com.kingroot.RushRoot/files/kr-stock-conf
/mnt/sdcard/kr-stock-conf
/proc/meminfo
/data/data/com.kingroot.RushRoot/app_tomb
/data/app/com.kingroot.RushRoot-1.apk
/data/data/com.kingroot.RushRoot/lib
/data/data/com.kingroot.RushRoot/lib/libSync.so
/data/data/com.kingroot.RushRoot/app_downloadsdk/dappinfo
/data/data/com.kingroot.RushRoot/app_krsdk/libkrsdk.1.0.153.so
/data/data/com.kingroot.RushRoot/app_krsdk/kd
/data/data/com.kingroot.RushRoot/app_krsdk
/data/data/com.kingroot.RushRoot/lib/Sync
/data/data/com.kingroot.RushRoot/lib/Sync.so
/data/data/com.kingroot.RushRoot/app_slog/actsts
Interesting calls
Calls APIs that provide access to information about the
telephony services on the device. Applications can use such methods to
determine telephony services and states, as well as to access some types of
subscriber information.
Dynamically called methods
android.os.SystemProperties.get 1 argument.
u'ro.build.hidden_ver'
android.os.SystemProperties.get 1 argument.
u'gsm.version.baseband'
android.os.SystemProperties.get 1 argument.
u'ro.serialno'
android.os.SystemProperties.get 1 argument.
u'ro.mediatek.platform'
android.os.SystemProperties.get 1 argument.
u'ro.product.real_model'
android.os.SystemProperties.get 1 argument.
u'ro.product.model'
android.os.SystemProperties.get 1 argument.
u'ro.board.platform'
android.os.SystemProperties.get 1 argument.
u'ro.hardware'
android.os.SystemProperties.get 1 argument.
u'ro.product.brand.replace'
android.os.SystemProperties.get 1 argument.
u'ro.product.model.replace'
Contacted URLs
http://www.kingroot.net/proxy.php
输入您的注册邮箱,我们将会给您发送密码重置邮件来设置新密码。
跟大家一起互动,为消除网络威胁尽一份力。
用户名或者电子信箱Antivirus scan for d5b7acf380e56a79f3d2e1d40f6c702d at
16:53:03 UTC - VirusTotal
Колачи?и су онемогу?ени.
Ова? са?т захтева колачи?е како би нормално функционисао
The submitted file is a compressed bundle ciphered with password infected,
do you want to display the report for the contained inner file?
Ажурира?е
Android.Riskware.Agent.EW
SUSPICIOUS
Android-AppCare/Agent.197d3
Trojan/Android.TSGeneric
Android.Riskware.Agent.EW
Android:KingRoot-Z [PUP]
Android/G5P.H.ACEF3CC08758
Android.Trojan-Dropper.Agent.di
BitDefender
Android.Riskware.Agent.EW
CAT-QuickHeal
Android.Rooter.E (PUP)
AndroidOS/DroidRooter.A.gen!Eldorado
Android.Riskware.Agent.EW (B)
ESET-NOD32
a variant of Android/LockScreen.Jisut.AX
Android.Riskware.Agent
Android/Generic.S.1BE02F!tr
Android.Riskware.Agent.EW
Trojan-Dropper.AndroidOS.Agent
Trojan.AndroidOS.dxel
Artemis!F01A
McAfee-GW-Edition
Android KingRoot (PUA)
Trojan.Gen.2
a.rogue.clownjokes.f
WhiteArmor
Android-Malware.SN-Sure..[Trojan]
Avira (no cloud)
CrowdStrike Falcon (ML)
K7AntiVirus
Malwarebytes
NANO-Antivirus
SUPERAntiSpyware
TotalDefense
TrendMicro
TrendMicro-HouseCall
The file being studied is a compressed stream!
Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
This file is a compressed stream containing 500 files.
19381 Bytes
Detection ratio
when this report was generated
3556656 Bytes
Detection ratio
when this report was generated
25912 Bytes
Detection ratio
when this report was generated
59026 Bytes
Detection ratio
when this report was generated
45991 Bytes
Detection ratio
when this report was generated
46025 Bytes
Detection ratio
when this report was generated
1077 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
1028 Bytes
Detection ratio
when this report was generated
1028 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
29512 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
1572 Bytes
Detection ratio
when this report was generated
4596 Bytes
Detection ratio
when this report was generated
2180 Bytes
Detection ratio
when this report was generated
23152 Bytes
Detection ratio
when this report was generated
6196 Bytes
Detection ratio
when this report was generated
1584 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
1292 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
6626 Bytes
Detection ratio
when this report was generated
3309 Bytes
Detection ratio
when this report was generated
3378 Bytes
Detection ratio
when this report was generated
1671 Bytes
Detection ratio
when this report was generated
1399 Bytes
Detection ratio
when this report was generated
3504 Bytes
Detection ratio
when this report was generated
1104 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
10406 Bytes
Detection ratio
when this report was generated
11731 Bytes
Detection ratio
when this report was generated
11561 Bytes
Detection ratio
when this report was generated
3801 Bytes
Detection ratio
when this report was generated
4536 Bytes
Detection ratio
when this report was generated
4838 Bytes
Detection ratio
when this report was generated
1522 Bytes
Detection ratio
when this report was generated
1677 Bytes
Detection ratio
when this report was generated
4854 Bytes
Detection ratio
when this report was generated
2613 Bytes
Detection ratio
when this report was generated
25716 Bytes
Detection ratio
when this report was generated
115632 Bytes
Detection ratio
when this report was generated
59736 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
57755 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
3760 Bytes
Detection ratio
when this report was generated
13432 Bytes
Detection ratio
when this report was generated
22974 Bytes
Detection ratio
when this report was generated
22826 Bytes
Detection ratio
when this report was generated
17592 Bytes
Detection ratio
when this report was generated
9440 Bytes
Detection ratio
when this report was generated
16398 Bytes
Detection ratio
when this report was generated
27539 Bytes
Detection ratio
when this report was generated
34040 Bytes
Detection ratio
when this report was generated
21736 Bytes
Detection ratio
when this report was generated
31952 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
13596 Bytes
Detection ratio
when this report was generated
25338 Bytes
Detection ratio
when this report was generated
1135448 Bytes
Detection ratio
when this report was generated
249662 Bytes
Detection ratio
when this report was generated
11547 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
1500 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
1201 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
1259 Bytes
Detection ratio
when this report was generated
12358 Bytes
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Detection ratio
when this report was generated
Compression metadata
Contained files
Uncompressed size
Highest datetime
Lowest datetime
Contained files by extension
Contained files by type
SHA1 42fb10f05aee041ca9d5185cadffa85
SHA256 d5b7acf380e56a79f3d2e1d40f6c702d
98304:zXfj206m6zUBrSSZRVN4nT1veem7C5cRFPbw7cPozKx8qgh7RbRraUs:j736mHBrSQRVU1Gh2cRFPRCqgh7NU
5.0 MB ( 5273017 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract
Android Package (53.2%)
Java Enterprise Archive (19.7%)
Java Archive (14.7%)
Mozilla Firefox browser extension (8.1%)
ZIP compressed archive (4.0%)
VirusTotal metadata
First submission
16:53:03 UTC (пре 1 година)
Last submission
16:53:03 UTC (пре 1 година)
Имена датотека
f01afdb635719fecf943b.virus
Унесите адресу е-поште с ко?ом сте се регистровали на Ва?рустотал, а ми ?емо вам послати везу за обнав?а?е лозинке.
Е-пошта:
Размените миш?е?е с другим корисницима Ва?рустотала и разгласите се док се борите са данаш?им прет?ама на интернету.
Презиме:
Корисничко име:
Адреса е-поште:
Лозинка:
Потврда лозинке:
Обавезно по?е
Корисничко име или адреса е-поште:
Лозинка:
