RTO_E_CHALLAN_.apk

18.56 MB

Analyzed: 2026-03-19 09:42 UTC

Twitter / X Facebook LinkedIn WhatsApp Telegram Reddit
Analyze Another

APK Security & Privacy Score

Security scoring uses multi-engine scan signals and APK indicators. Privacy scoring uses requested permissions and network endpoint patterns.

Security Scan-weighted
70/100
Threat scan flagged
Privacy Permissions & network
100/100
Low data access
82/100
Good
Overall trust

Source Verification

Status unverified
Observed hash d492fde3a87f8cd27a67e9a536660524b80016f50f3e3c215f37fb2320e31fc9
Reference hash verification could not be completed.

Facts

Threat scan 4/76 flagged, 0 suspicious
Permissions 0 requested
Network strings 5 URLs (0 HTTP, 5 HTTPS)
Target SDK Unknown
Certificate Valid until 2036-03-15 (10 years, suspicious)
Source verification UNVERIFIED (parse error)

Warnings

Threat scan flagged: 4/76 scanners marked this file as malicious.

Analysis Coverage

This report is partial. Some core metadata could not be extracted.
package_name
version
permissions_or_components
Package Name
Version Code
Version Name
Debuggable No
Allow Backup No
Min SDK Unknown
Target SDK Unknown
Supported ABIs
arm64-v8a armeabi-v7a

Certificate & Signer

Valid From 2026-03-18 12:01:26
Valid To 2036-03-15 12:01:26
Serial Number 3cb6ca9051e387e2
Thumbprint 325cfa0de380739cf05a16bdcf83cbcfb6c5e95b
Issuer: CN AOfwhbuKUGmb32s608
Issuer: DN CN:AOfwhbuKUGmb32s608
Subject: CN AOfwhbuKUGmb32s608
Subject: DN CN:AOfwhbuKUGmb32s608

Security Scan

4 /76
⚠️ Threats Detected
Detected by 4 vendors: DrWeb (Android.MulDrop.8677), F-Secure (Trojan:Android/Corrupted.BA), K7GW (Trojan ( 006d7e1e1 ))
Scanned by 76 security vendors
Last scan: 2026-03-19 09:42 UTC
Malicious
4
Suspicious
0
Harmless
0
Undetected
61
Timeout
0
Failure
2

Scan Providers

76 vendors
ALYac undetected
No result reported
Engine 2.0.0.10
APEX type-unsupported
No result reported
Engine 6.760
AVG undetected
No result reported
Engine 23.9.8494.0
Acronis undetected
No result reported
Engine 1.2.0.121
AhnLab-V3 undetected
No result reported
Engine 3.29.1.10604
Alibaba undetected
No result reported
Engine 0.3.0.5
Antiy-AVL undetected
No result reported
Engine 3.0
Arcabit undetected
No result reported
Engine 2025.0.0.23
Avast undetected
No result reported
Engine 23.9.8494.0
Avast-Mobile undetected
No result reported
Engine 260319-00
Avira undetected
No result reported
Engine 8.3.3.24
Baidu undetected
No result reported
Engine 1.0.0.2
BitDefender undetected
No result reported
Engine 7.2
BitDefenderFalx undetected
No result reported
Engine 2.0.936
Bkav failure
No result reported
Engine 2.0.0.1
CAT-QuickHeal undetected
No result reported
Engine 22.00
CMC undetected
No result reported
Engine 2.4.2022.1
CTX undetected
No result reported
Engine 2024.8.29.1
ClamAV undetected
No result reported
Engine 1.5.2.0
CrowdStrike undetected
No result reported
Engine 1.0
Cylance type-unsupported
No result reported
Engine 3.0.0.0
Cynet undetected
No result reported
Engine 4.0.3.4
DeepInstinct type-unsupported
No result reported
Engine 5.0.0.8
DrWeb malicious
Android.MulDrop.8677
Engine 7.0.75.2070
ESET-NOD32 undetected
No result reported
Engine 18.2.18.0
Elastic undetected
No result reported
Engine 4.0.252
Emsisoft undetected
No result reported
Engine 2024.8.0.61147
F-Secure malicious
Trojan:Android/Corrupted.BA
Engine 18.10.1547.307
Fortinet undetected
No result reported
Engine 7.0.30.0
GData undetected
No result reported
Engine GD:27.43910AVA:64.30867
Google undetected
No result reported
Engine 1773907247
Gridinsoft undetected
No result reported
Engine 1.0.241.174
Ikarus undetected
No result reported
Engine 6.4.16.0
Jiangmin undetected
No result reported
Engine 16.0.100
K7AntiVirus undetected
No result reported
Engine 14.42.58923
K7GW malicious
Trojan ( 006d7e1e1 )
Engine 14.42.58924
Kaspersky malicious
HEUR:Trojan-Dropper.AndroidOS.BeatBanker.c
Engine 22.0.1.28
Kingsoft undetected
No result reported
Engine None
Lionic undetected
No result reported
Engine 8.16
Malwarebytes undetected
No result reported
Engine 3.1.0.214
MaxSecure undetected
No result reported
Engine 1.0.0.1
McAfeeD undetected
No result reported
Engine 1.2.0.14148
MicroWorld-eScan undetected
No result reported
Engine 14.0.409.0
Microsoft undetected
No result reported
Engine 1.1.26010.1
NANO-Antivirus undetected
No result reported
Engine 1.0.170.26895
Paloalto type-unsupported
No result reported
Engine 0.9.0.1003
Panda undetected
No result reported
Engine 4.6.4.2
Rising undetected
No result reported
Engine 25.0.0.28
SUPERAntiSpyware undetected
No result reported
Engine 5.6.0.1032
Sangfor undetected
No result reported
Engine 2.22.3.0
SentinelOne type-unsupported
No result reported
Engine 7.5.3.1
Skyhigh failure
No result reported
Sophos undetected
No result reported
Engine 3.3.1.0
Symantec undetected
No result reported
Engine 1.22.0.0
SymantecMobileInsight type-unsupported
No result reported
Engine 2.0
TACHYON undetected
No result reported
Engine 2026-03-19.02
Tencent undetected
No result reported
Engine 1.0.0.1
Trapmine type-unsupported
No result reported
Engine 4.0.10.0
TrellixENS undetected
No result reported
Engine 6.0.6.653
TrendMicro undetected
No result reported
Engine 24.550.0.1002
TrendMicro-HouseCall undetected
No result reported
Engine 24.550.0.1002
Trustlook undetected
No result reported
Engine 1.0
VBA32 undetected
No result reported
Engine 5.5.1
VIPRE undetected
No result reported
Engine 6.0.0.35
Varist undetected
No result reported
Engine 6.6.1.3
ViRobot undetected
No result reported
Engine 2014.3.20.0
VirIT undetected
No result reported
Engine 9.5.1168
Webroot undetected
No result reported
Engine 1.9.0.8
Xcitium undetected
No result reported
Engine 38495
Yandex undetected
No result reported
Engine 5.5.2.24
Zillya undetected
No result reported
Engine 2.0.0.5565
ZoneAlarm undetected
No result reported
Engine 6.23-113519024
Zoner undetected
No result reported
Engine 2.2.2.0
alibabacloud type-unsupported
No result reported
Engine 2.2.0
huorong undetected
No result reported
Engine f69d8f5:f69d8f5:73c045a:73c045a
tehtris type-unsupported
No result reported

File Signatures

SHA-256 d492fde3a87f8cd27a67e9a536660524b80016f50f3e3c215f37fb2320e31fc9
MD5 d5fb482c3d6bfe17cbb88102eeab2adb
SHA-1 5449b64658b3e404e81a84f24b86ed3645240b2d
SSDEEP 393216:X5H8P7JbXMSIcv7/VF84YCOHRGQwHViA/QuGic6Zmcea3v8f:XR8PNbbIQ7/VbOxGQwHXvc6sV48f
TLSH T16217DE23F40529AADEC9A130F5E7579577301A440393A638271FF026FDE25DECA36AD2
VHASH 63e830f664cda7c0ad1d875d0817d3b9

File Intelligence

Type Description Android Human-friendly file type name based on multiple detection methods.
Type Extension apk Most likely file extension inferred from the content.
Type Tag android Primary type tag assigned by the classifier.
Type Tags executable, mobile, android, apk Additional type tags that describe the file content.
Magic Zip archive data, at least v2.0 to extract, compression method=[0x7d2d] File signature result from magic bytes inspection.
Magika ZIP File type predicted by Magika (ML-based file type detection).
TrID ZIP compressed archive (100%) TrID file type guesses with probabilities.
dhash 0000001e0a1a0310 Perceptual hash used to compare visual similarity of files.
raw md5 13be9ac356aa68d50da8e82d48f57dd9 Raw MD5 hash of the file contents.
extensions xml (8), webp (5), so (2), arsc (1), dex (1), png (1), prof (1), profm (1) File extensions found inside the APK and how many of each.
file types unknown (19), XML (7), ELF (2), PNG (1) Detected embedded file types and their counts.
highest datetime 2026-03-18 12:01:24 UTC Latest timestamp found among files inside the archive.
lowest datetime 2026-03-18 12:01:22 UTC Earliest timestamp found among files inside the archive.
num children 31 Number of files contained within the archive.
type ZIP Container type detected for the analyzed file.
uncompressed size 20 MB Estimated total size of all files after extraction.

Deep Manifest Analysis

Activity Intents (2)

ara.memoryguardian.AssistantActivity
Actions
Assist Activity Action: Perform assist action. android.intent.action.ASSIST
Categories
android.intent.category.DEFAULT
ara.memoryguardian.MainActivity
Actions
Main Activity Action: Start as a main entry point, does not expect to android.intent.action.MAIN
Categories
android.intent.category.INFO

Service Intents (4)

ara.memoryguardian.util.QuickSettingsClearTileService
Actions
android.service.quicksettings.action.QS_TILE android.service.quicksettings.action.QS_TILE
ara.memoryguardian.util.QuickSettingsPauseTileService
Actions
android.service.quicksettings.action.QS_TILE android.service.quicksettings.action.QS_TILE
ara.memoryguardian.util.QuickSettingsShowTileService
Actions
android.service.quicksettings.action.QS_TILE android.service.quicksettings.action.QS_TILE
com.ivw.usucaptibleclavius.Vibrating
Actions
Firebase messaging event Action used by Firebase to deliver a push message to the app. com.google.firebase.MESSAGING_EVENT

Receiver Intents (4)

Profile installer Installs performance profiles to speed up app startup and hot paths. androidx.profileinstaller.ProfileInstallReceiver
Actions
Install performance profile Installs a profile that helps optimize app performance. androidx.profileinstaller.action.INSTALL_PROFILE
Skip profile install Skips profile installation for this build. androidx.profileinstaller.action.SKIP_FILE
Save performance profile Saves a profile generated during app usage. androidx.profileinstaller.action.SAVE_PROFILE
Benchmark operation Runs a profile installer benchmark operation. androidx.profileinstaller.action.BENCHMARK_OPERATION
ara.memoryguardian.BootReceiver
Actions
Boot Completed Broadcast Action: This is broadcast once, after the system has finished android.intent.action.BOOT_COMPLETED
com.google.firebase.iid.FirebaseInstanceIdReceiver
Actions
com.google.android.c2dm.intent.RECEIVE com.google.android.c2dm.intent.RECEIVE
com.ivw.usucaptibleclavius.PolingReattiring
Actions
Boot Completed Broadcast Action: This is broadcast once, after the system has finished android.intent.action.BOOT_COMPLETED

Native Libraries (1)

liburuadzer liburuadzer.so

URL Endpoints (5)

https://goo.gle/compose-feedback https://issuetracker.google.com/issues/241760537 https://issuetracker.google.com/issues/297974033 https://issuetracker.google.com/issues/300280216 https://issuetracker.google.com/issues/new?component=907884&template=1466542

Submission Details

Submitted At 2026-03-19
First Submission 2026-03-19
Last Submission 2026-03-19
Stored Until 2026-04-18
Names & Tags
91458aba-5259-482b-8bdc-2253a8114b52_RTO_E_CHALLAN_.apk apk contains-elf encrypted android