Jump to content

What is Android/Packed.Jiagu.K (variant)?


Recommended Posts

Hi! Excuse me, I want to ask. 

I found a file named "Android/Packed.Jiagu.K (variant)" in my phone. The file was in my phone for almost 3 hours.

Is it malware? Is this file dangerous? What does this file do on my phone? Have my data been stolen because the file has been in my phone for almost 3 hours?

IMG_20230706_131843.jpg

Link to comment
Share on other sites

  • Administrators

Unfortunately it's impossible to tell since it's only a detection of a suspicious packer that has been seen to be misused by malware to evade detection. Moreover, we can't guess the application name from the file name either since it was a temporary file created by the browser during download.

Link to comment
Share on other sites

@Marcos  Is this a sign that some malware has managed to get into my phone and left a trace in the form of a file called "Android/Packed.Jiagu.K (variant)"??? 

Link to comment
Share on other sites

  • Most Valued Members
1 hour ago, Izzy123 said:

@Marcos  Is this a sign that some malware has managed to get into my phone and left a trace in the form of a file called "Android/Packed.Jiagu.K (variant)"??? 

It's something that has been downloaded through a browser most likely and was probably canceled or broken and the browser didn't clean it.

Link to comment
Share on other sites

  • Administrators

I'd suggest emailing samples[at]eset.com and providing the application name and location from which you downloaded the file. It's likely that the app is clean is just packed or protected with a suspicious packer.

Link to comment
Share on other sites

@Nightowl @Marcos 

The thing that worried me was that when I tried to find where the file came from, I found two suspicious websites. I don't know between these two suspicious websites, which website sent this file called "Android/Packed.Jiagu.K (variant)". Both websites have many different addresses and the addresses are very long. 

Before I found a suspicious file on my phone, I thought these two websites were normal advertising websites and I immediately clicked the back button if an advertising website appeared before the website was fully opened. But after I checked the two websites using Google Transparency Report (https://transparencyreport.google.com/safe-browsing/search?hl=en), a warning appeared that the two websites were dangerous. The results of the check are written like this:

"Some pages on this site are unsafe. The site https://*************. ***/xxxxxxx contains harmful content, including pages that:

• Try to trick visitors into sharing personal info or downloading software". 

Okay, thank you. I will send an email containing the name of the file and some of the suspicious website addresses. I don't think it's good to display the website address here because I don't want to make the person who sent the suspicious file to my phone feel happy and excited.

Thank You Very Much for the help from both of you. ☺️

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...