____2.21_.apk

12.42 MB

Analyzed: 2026-03-05 02:42 UTC

Twitter / X Facebook LinkedIn WhatsApp Telegram Reddit
Analyze Another

APK Security & Privacy Score

Security scoring uses multi-engine scan signals and APK indicators. Privacy scoring uses requested permissions and network endpoint patterns.

Security Scan-weighted
31/100
Threat scan flagged
Privacy Permissions & network
89/100
High-risk permissions HTTP URLs found
46/100
High Risk
Overall trust

Source Verification

Status unverified
Observed hash 3c18a57687285a444890552b7252f0940289decf35282f8de34ebf01bf3e9b97
Reference hash verification could not be completed.

Facts

Threat scan 11/76 flagged, 0 suspicious
Permissions 7 requested
Network strings 51 URLs (30 HTTP, 21 HTTPS)
Target SDK Unknown
Certificate Unknown
Source verification UNVERIFIED (parse error)

Warnings

Threat scan flagged: 11/76 scanners marked this file as malicious.
Signing certificate metadata is unavailable.
Found 30 HTTP URL strings (unencrypted).
High-risk permissions detected: android.permission.REQUEST_INSTALL_PACKAGES, android.permission.QUERY_ALL_PACKAGES

Analysis Coverage

This report is partial. Some core metadata could not be extracted.
package_name
version
Package Name
Version Code
Version Name
Debuggable No
Allow Backup No
Min SDK Unknown
Target SDK Unknown
Supported ABIs
Universal

Security Scan

11 /76
⚠️ Threats Detected
Detected by 11 vendors: AhnLab-V3 (Dropper/Android.Agent.1318884), Avast-Mobile (Android:Evo-gen [Trj]), Avira (ANDROID/Malformed.ZIP.Gen)
Scanned by 76 security vendors
Last scan: 2026-03-05 02:41 UTC
Malicious
11
Suspicious
0
Harmless
0
Undetected
45
Timeout
8
Failure
1

Scan Providers

76 vendors
ALYac failure
No result reported
Engine 2.0.0.10
APEX type-unsupported
No result reported
Engine 6.755
AVG timeout
No result reported
Engine 23.9.8494.0
Acronis undetected
No result reported
Engine 1.2.0.121
AhnLab-V3 malicious
Dropper/Android.Agent.1318884
Engine 3.29.1.10604
Alibaba undetected
No result reported
Engine 0.3.0.5
Antiy-AVL undetected
No result reported
Engine 3.0
Arcabit undetected
No result reported
Engine 2025.0.0.23
Avast timeout
No result reported
Engine 23.9.8494.0
Avast-Mobile malicious
Android:Evo-gen [Trj]
Engine 260304-00
Avira malicious
ANDROID/Malformed.ZIP.Gen
Engine 8.3.3.24
Baidu undetected
No result reported
Engine 1.0.0.2
BitDefender timeout
No result reported
Engine 7.2
BitDefenderFalx malicious
Android.Trojan.SpyAgent.RV
Engine 2.0.936
Bkav undetected
No result reported
Engine 2.0.0.1
CAT-QuickHeal undetected
No result reported
Engine 22.00
CMC undetected
No result reported
Engine 2.4.2022.1
CTX undetected
No result reported
Engine 2024.8.29.1
ClamAV timeout
No result reported
Engine 1.5.2.0
CrowdStrike undetected
No result reported
Engine 1.0
Cylance type-unsupported
No result reported
Engine 3.0.0.0
Cynet type-unsupported
No result reported
Engine 4.0.3.4
DeepInstinct type-unsupported
No result reported
Engine 5.0.0.8
DrWeb malicious
Android.Spy.1430.origin
Engine 7.0.75.2070
ESET-NOD32 malicious
Android/TrojanDropper.Agent.NCE trojan
Engine 18.2.18.0
Elastic type-unsupported
No result reported
Engine 4.0.251
Emsisoft undetected
No result reported
Engine 2024.8.0.61147
F-Secure malicious
Malware.ANDROID/Malformed.ZIP.Gen
Engine 18.10.1547.307
Fortinet undetected
No result reported
Engine 7.0.30.0
GData undetected
No result reported
Engine GD:27.43740AVA:64.30774
Google undetected
No result reported
Engine 1772676057
Gridinsoft undetected
No result reported
Engine 1.0.240.174
Ikarus malicious
Trojan-Spy.AndroidOS.Agent
Engine 6.4.16.0
Jiangmin timeout
No result reported
K7AntiVirus undetected
No result reported
Engine 14.39.58778
K7GW undetected
No result reported
Engine 14.39.58778
Kaspersky malicious
HEUR:Trojan-Banker.AndroidOS.Agent.aax
Engine 22.0.1.28
Kingsoft undetected
No result reported
Engine None
Lionic undetected
No result reported
Engine 8.16
Malwarebytes undetected
No result reported
Engine 3.1.0.211
MaxSecure undetected
No result reported
Engine 1.0.0.1
McAfeeD undetected
No result reported
Engine 1.2.0.14023
MicroWorld-eScan undetected
No result reported
Engine 14.0.409.0
Microsoft undetected
No result reported
Engine 1.1.26010.1
NANO-Antivirus timeout
No result reported
Engine 1.0.170.26895
Paloalto type-unsupported
No result reported
Engine 0.9.0.1003
Panda undetected
No result reported
Engine 4.6.4.2
Rising undetected
No result reported
Engine 25.0.0.28
SUPERAntiSpyware undetected
No result reported
Engine 5.6.0.1032
Sangfor undetected
No result reported
Engine 2.22.3.0
SentinelOne type-unsupported
No result reported
Engine 7.5.3.1
Skyhigh timeout
No result reported
Sophos malicious
Andr/Xgen2-ATC
Engine 3.3.1.0
Symantec undetected
No result reported
Engine 1.22.0.0
SymantecMobileInsight type-unsupported
No result reported
Engine 2.0
TACHYON undetected
No result reported
Engine 2026-03-05.01
Tencent undetected
No result reported
Engine 1.0.0.1
Trapmine type-unsupported
No result reported
Engine 4.0.10.0
TrellixENS timeout
No result reported
Engine 6.0.6.653
TrendMicro undetected
No result reported
Engine 24.550.0.1002
TrendMicro-HouseCall undetected
No result reported
Engine 24.550.0.1002
Trustlook undetected
No result reported
Engine 1.0
VBA32 undetected
No result reported
Engine 5.5.1
VIPRE undetected
No result reported
Engine 6.0.0.35
Varist undetected
No result reported
Engine 6.6.1.3
ViRobot undetected
No result reported
Engine 2014.3.20.0
VirIT undetected
No result reported
Engine 9.5.1158
Webroot undetected
No result reported
Engine 1.9.0.8
Xcitium undetected
No result reported
Engine 38459
Yandex undetected
No result reported
Engine 5.5.2.24
Zillya undetected
No result reported
Engine 2.0.0.5556
ZoneAlarm malicious
Andr/Spy-BKN
Engine 6.23-113518639
Zoner undetected
No result reported
Engine 2.2.2.0
alibabacloud type-unsupported
No result reported
Engine 2.2.0
huorong undetected
No result reported
Engine 7683632:7683632:dcdb01d:dcdb01d
tehtris type-unsupported
No result reported
Engine v0.1.4

File Signatures

SHA-256 3c18a57687285a444890552b7252f0940289decf35282f8de34ebf01bf3e9b97
MD5 fea63f833b36a1a07f5c28a4032ce753
SHA-1 f803304f044c82772590ac41575b04367277014b
SSDEEP 393216:sn/zO4Hd1ionaKszWUfyiEQebrcXvfTYU3:qyS3SiUJ9wrUTD
TLSH T117D61287FB909C49DDFB53319A3B46A519434E3F0B13C583A915B1380C776E92E26ECA
VHASH f15e96ab0fdd68eb986986906294a7fe

File Intelligence

Type Description Android Human-friendly file type name based on multiple detection methods.
Type Extension apk Most likely file extension inferred from the content.
Type Tag android Primary type tag assigned by the classifier.
Type Tags executable, mobile, android, apk Additional type tags that describe the file content.
Magic Zip archive data, at least v2.0 to extract, compression method=deflate File signature result from magic bytes inspection.
Magika APK File type predicted by Magika (ML-based file type detection).
TrID Android Package (65%), Sweet Home 3D Design (generic) (25.3%), ZIP compressed archive (9.6%) TrID file type guesses with probabilities.
dhash 0000101e0f161200 Perceptual hash used to compare visual similarity of files.
raw md5 86484ddb5ac61eb4a18c2e577adf87c2 Raw MD5 hash of the file contents.
extensions xml (627), version (42), dex (21), png (17), kotlin_builtins (7), apk (1), arsc (1), CoroutineExceptionHandler (1), MainDispatcherFactory (1), prof (1), profm (1), properties (1), rsa (1), textproto (1) File extensions found inside the APK and how many of each.
file types XML (609), PNG (177), unknown (105), ZIP (1) Detected embedded file types and their counts.
highest datetime 2026-02-10 16:29:34 UTC Latest timestamp found among files inside the archive.
lowest datetime 1980-01-01 00:00:00 UTC Earliest timestamp found among files inside the archive.
num children 898 Number of files contained within the archive.
type APK Container type detected for the analyzed file.
uncompressed size 74 MB Estimated total size of all files after extraction.

Sandbox

Sandbox Verdicts

Zenbox android
Malicious 64% confidence MALWARE TROJAN EVADER

Requested Permissions (7)

have full network access Allows the app to create network sockets and use custom network protocols. The browser and other applications provide means to send data to the internet, so this permission is not required to send data to the internet. android.permission.INTERNET
modify or delete the contents of your shared storage Allows the app to write the contents of your shared storage. android.permission.WRITE_EXTERNAL_STORAGE
Dump android.permission.DUMP
android.permission.REQUEST_INSTALL_PACKAGES Custom app or vendor permission (not publicly documented). android.permission.REQUEST_INSTALL_PACKAGES
view network connections Allows the app to view information about network connections such as which networks exist and are connected. android.permission.ACCESS_NETWORK_STATE
android.permission.QUERY_ALL_PACKAGES Custom app or vendor permission (not publicly documented). android.permission.QUERY_ALL_PACKAGES
read the contents of your shared storage Allows the app to read the contents of your shared storage. android.permission.READ_EXTERNAL_STORAGE

URL Endpoints (51)

http://mmbiz.qpic.cn/mmbiz_jpg/AhVCKiamySq7UjeQyBicRmZ9gGibRibR3RaEdzibcgEWIHtibcYbZMvUkickjjIIzrcoTZicaCkkgJbbLxAlOwQ5j4rhzA/640?wx_fmt=jpeg http://mmbiz.qpic.cn/mmbiz_jpg/BUunvMLB7Msukt8osibyY7uk3XTthfnNRfoGaNNCmf5vFOVTxYoYia08WWNueqjPuC2xjIZsut9wxwDFPg7uok3A/640?wx_fmt=jpeg http://mmbiz.qpic.cn/mmbiz_jpg/HfIwCM4Wkpa2kHiaJ09gkUToV3j7bpnZicibTysbMEHUrwcZbMT0pnpuQsdMcFMP7NJMRAgWLOXXYpedAewN5XuGQ/640?wx_fmt=jpeg http://mmbiz.qpic.cn/mmbiz_jpg/LghEX4nInQMF2huZvp1dp3zuD1RN5AXZgmjdQckPf0akSVGVVmvTYFFAkzqmwr6W1t7UBXTwLXMqG1SyUfMLsw/640?wx_fmt=jpeg http://mmbiz.qpic.cn/mmbiz_jpg/PKIGibibSfSsjeH1lPickUZnU0JeghSTNiaBicqmgITkEp6dYqUPa8jLMj2icIqycxtpBukZYTyZJuyxwGOURiaAgQ9Qw/300?wx_fmt=jpeg http://mmbiz.qpic.cn/mmbiz_jpg/PKIGibibSfSsjeH1lPickUZnU0JeghSTNiaBuniczM0kLKgpMofibgXicOoZLpfcI311Nib1rb0M1EXia1l7wmrllib8NY2Q/640?wx_fmt=jpeg http://mmbiz.qpic.cn/mmbiz_jpg/TZxd8Peibgd74BrsyNLh2MIfxH1ia1hPViclgJIBxOuP2Thic3893m6MkibFDKxVZBQrZBETaNu99rzhIgNlWTbFMUA/640?wx_fmt=jpeg http://mmbiz.qpic.cn/mmbiz_jpg/UQz2hpQrhGib4xOBLlo96Xw1fmS80Pl8kBQqALMZYMQA3m3tUyiaEOnPBt0DY77cVSia4icrJdwuPTWs8VWWWegFLA/640?wx_fmt=jpeg http://mmbiz.qpic.cn/mmbiz_jpg/bkRJt65BXd4nAO03U5RjWuPaO2Cr4uNkDLkqAZicpFDmrZWM7JTSiaicOyJtr9Pl5NpEXRuSyRSYzSFic2cWJ6Stgw/640?wx_fmt=jpeg http://mmbiz.qpic.cn/mmbiz_jpg/bkRJt65BXd6icHP8V3VLJnia8eU5BXX8XVggxGJo8j6qQ6luKj9aSF4IibKib4bwn5ThCpDfIVQWickNOS1Mv0M1PGw/640?wx_fmt=jpeg http://mmbiz.qpic.cn/mmbiz_png/44sbVDcWQ82fls4RWf6mo4TnwRqMIqwuYGYvYag7xnNz2zebXZWH55ib6agBa04pfmjkqa3nkicjjJQhprSBicWow/0?wx_fmt=png http://mmbiz.qpic.cn/mmbiz_png/6OrVdXH1Eibtznad1QkUiccd3P7n1lWsKeB9tC6ph3VPvDVUYBDtLYxFb16RWIkR9XMPxNZUQERs1MRY9o35AIQQ/0?wx_fmt=png http://mmbiz.qpic.cn/mmbiz_png/AhVCKiamySq4LWJKmpJdhW9fXYqaqiaoic1vXtbYZy7A6heUaLYUtpyicfPdl18Cl3J5G5rtdt9DC9KgeaQkfxtRlQ/0?wx_fmt=png http://mmbiz.qpic.cn/mmbiz_png/BUunvMLB7MvL9Ey38jA5dN6CfI8dw43FMEntZjLfPx66TYTuZk91jAeMltXXtJX1ibpLSX7eaE9K7QGS6Jxduxw/0?wx_fmt=png http://mmbiz.qpic.cn/mmbiz_png/EfibSTPmH0Y6TQ6ckc1C72Enose6Y3KcVTNDDMcF4NhPMPW1CYdK9wPVndLpknnhspichia8BIwPxcBwUcPiaBfTpg/0?wx_fmt=png http://mmbiz.qpic.cn/mmbiz_png/HfIwCM4Wkpa4YHxa2fK9pY2GvJhsQjVr32LosYyGZFYIO7icj7n3ldIudDvJL1HibhbicuDQ0FyQGBHrIwvX1Tc1w/0?wx_fmt=png http://mmbiz.qpic.cn/mmbiz_png/I8txyBI0a2JSvWEW4SIiaDibIhuU85kA4gicGiapaQwse8icgCeGR5thZrmHuNGYGcZ5R2DxmicsvhRmkTRRiaxWTE1Qg/0?wx_fmt=png http://mmbiz.qpic.cn/mmbiz_png/LghEX4nInQMlT32W3EcTLf4j07KTGvDhgDDBNdQQKLaL4TcrFiaXwkx3Bac5NichgDovVmoMomqds5yXVzeekDVw/0?wx_fmt=png http://mmbiz.qpic.cn/mmbiz_png/PKIGibibSfSsh3SkRfNGW7629P1tiaTzibicaQWMD4Yccib8CGwWciax4pqEq0Ck2jAtib6lvC7HOsxL6kzD5DD3PqoUnw/0?wx_fmt=png http://mmbiz.qpic.cn/mmbiz_png/TZxd8Peibgd46Tt6VOO8uMT5C7sEsM1RiaEqU0BKf6L25B0BTouP5xYAbDRfmdibSHEybyHjdQlrmO0XMDjtUYvJw/0?wx_fmt=png

Submission Details

Submitted At 2026-03-05
First Submission 2026-03-05
Last Submission 2026-03-05
Stored Until 2026-04-04
Names & Tags
中国联通2.21 .apk ____2.21_.apk encrypted android apk obfuscated sends-sms checks-gps telephony reflection