I received a PanwAPKTest application alert on an Android endpoint. What is this?

I received a PanwAPKTest application alert on an Android endpoint. What is this?

1127
Created On 01/31/25 12:01 PM - Last Modified 09/26/25 13:04 PM


Question


  • A PanwAPKTest application is detected as Malware on an Android endpoint
  • What is this and what should I do?

 

Environment


  • Cortex XDR agent for Android

Answer


  • The PanwAPKTest is a sample malware file that you can use to test a Malware Protection Module.
  • This sample file is signed by the com.panw.panwapktest which doesn't bring any harmful behaviors.
  • No incident response is needed.
  • The sample file can be removed after the detection test is confirmed.

 

Additional Information


  • In some cases, you might see that this same application alert does not appear on your Tenant. It's expected and shouldn't be treated as an error.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000PR9NCAW&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language