Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,807,128 Members 40,267 Now Online
XDA Developers Android and Mobile Development Forum

Suspicious Apk

Tip us?
 
Romansko
Old
#1  
Romansko's Avatar
Member - OP
Thanks Meter 4
Posts: 36
Join Date: Nov 2013
Location: Behind you
Default Suspicious Apk

Hello,

I hope this is the right forum to ask this question, if not please forgive me.

So I've downloaded this GPS Running pro APK in a magical way not from google play and I've scanned it. The risk rating was suspicious activity detected.

The results are long and a lot of blah blah blah. If you want, you can view it here:
http://apkscan.nviso.be/report/show/e16acb0537fa2a946d6eb3dfa334df32


I'll just copy the highlighted fields:
Code:
Virus Total scan results
VIPRE	Adware.AndroidOS.AirPush.a (v)
and
Code:
Information leakage
Network information leakage
Destination	178.250.2.115:80
Tag	TAINT_IMEI
Data (ASCII)	GET /API/androidevent.php?oursecret=runtastic89635jo&udid=357242043237511&androidID=3ffe1b97467e2dec
Data (RAW)	474554202f4150492f616e64726f69646576656e742e7068703f6f75727365637265743d72756e74617374696338393633356a6f26756469643d33353732343230343332333735313126616e64726f696449443d33666665316239373436376532646563
Operation	send
 	 
Destination	178.250.2.115:80
Tag	TAINT_IMEI
Data (ASCII)	GET /atrk/andrdapp?udid=357242043237511&androidID=3ffe1b97467e2dec&macAddress=&type=&storeAppID=&dev
Data (RAW)	474554202f6174726b2f616e6472646170703f756469643d33353732343230343332333735313126616e64726f696449443d33666665316239373436376532646563266d6163416464726573733d26747970653d2673746f726541707049443d26646576
Operation	send
 	 
SMS information leakage
No SMS information leakage detected.
File information leakage
Path	/data/data/com.runtastic.android.pro2/files/.flurrydatasenderblo
Operation	write
Tag	TAINT_IMEI
Data (ASCII)	�H�OOJZV9GLEJ12ZPKRTCWI2K5.1.2AND3ffe1b97467e2dec�W�T7������
Data (RAW)	001b000000000000000000000000000300efbfbd000001480cefbfbd4f4f00144a5a5639474c454a31325a504b5254435749324b0005352e312e32000200000013414e4433666665316239373436376532646563000500147fefbfbd5705efbfbd5437efbfbdefbfbd07efbfbdefbfbdefbfbd1719efbfbd
For the Adware thing, I guess the app push me ads but what the latest thing means? which Information gets leaked?

Is there a way going back If I've installed it?

Thank you guys,
appreciate it.
 
Romansko
Old
#2  
Romansko's Avatar
Member - OP
Thanks Meter 4
Posts: 36
Join Date: Nov 2013
Location: Behind you
No reply. *UP*
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes