× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 198e152817a5bba2ca723fde3cb12e3c9e6efa5e050371937452e85258944879
File name: com.mobage.ww.a1903.SWTD_Android.apk
Detection ratio: 0 / 55
Analysis date: 2016-02-21 15:37:42 UTC ( 3 years, 2 months ago ) View latest
Antivirus Result Update
Ad-Aware 20160221
AegisLab 20160221
Yandex 20160220
AhnLab-V3 20160221
Alibaba 20160221
Antiy-AVL 20160221
Arcabit 20160221
Avast 20160221
AVG 20160221
Avira (no cloud) 20160221
AVware 20160221
Baidu-International 20160221
BitDefender 20160221
Bkav 20160220
ByteHero 20160221
CAT-QuickHeal 20160220
ClamAV 20160221
CMC 20160219
Comodo 20160221
Cyren 20160221
DrWeb 20160221
Emsisoft 20160221
ESET-NOD32 20160221
F-Prot 20160221
F-Secure 20160219
Fortinet 20160220
GData 20160221
Ikarus 20160221
Jiangmin 20160221
K7AntiVirus 20160221
K7GW 20160221
Kaspersky 20160221
Malwarebytes 20160221
McAfee 20160221
McAfee-GW-Edition 20160220
Microsoft 20160221
eScan 20160221
NANO-Antivirus 20160221
nProtect 20160219
Panda 20160221
Qihoo-360 20160221
Rising 20160221
Sophos AV 20160221
SUPERAntiSpyware 20160221
Symantec 20160221
Tencent 20160221
TheHacker 20160217
TotalDefense 20160221
TrendMicro 20160221
TrendMicro-HouseCall 20160221
VBA32 20160220
VIPRE 20160221
ViRobot 20160221
Zillya 20160219
Zoner 20160221
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.mobage.ww.a1903.SWTD_Android. The internal version number of the application is 37. The displayed version string of the application is 1.3.0. The minimum Android API level for the application to run (MinSDKVersion) is 9. The target Android API level for the application to run (TargetSDKVersion) is 19.
Required permissions
android.permission.VIBRATE (control vibrator)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.GET_TASKS (retrieve running applications)
com.mobage.ww.a1903.SWTD_Android.permission.RECEIVE_ADM_MESSAGE (Unknown permission from android reference)
com.google.android.c2dm.permission.RECEIVE (Unknown permission from android reference)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.WAKE_LOCK (prevent phone from sleeping)
com.mobage.ww.a1903.SWTD_Android.permission.C2D_MESSAGE (C2DM permission.)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.INTERNET (full Internet access)
com.android.vending.CHECK_LICENSE (Unknown permission from android reference)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
com.android.vending.BILLING (Unknown permission from android reference)
android.permission.GET_ACCOUNTS (discover known accounts)
com.amazon.device.messaging.permission.RECEIVE (Unknown permission from android reference)
Activities
com.mobage.ww.a1903.SWTD_Android.OLInterstitialActivity
com.otherlevels.androidportal.NotificationOpenActivity
com.test.android.MBUnityPlayerProxyActivity
com.test.android.MBUnityPlayerActivity
com.test.android.MBUnityPlayerNativeActivity
com.facebook.LoginActivity
com.facebook.unity.FBUnityLoginActivity
com.facebook.unity.FBUnityDeepLinkingActivity
com.chartboost.sdk.CBImpressionActivity
Services
com.otherlevels.androidportal.UnityGCMIntentService
com.mobage.ww.android.analytics.HeartbeatService
com.mobage.global.android.c2dm.ADMHandler
com.CFM.ELAN.ELANAlarmCreator
com.CFM.CustomELAN.ELANAlarmCreator
Receivers
com.otherlevels.androidportal.LocalNotificationReceiver
com.otherlevels.androidportal.UnityGCMBroadcastReceiver
com.mobage.android.ads.TrackingReceiver
com.mobage.global.android.c2dm.C2DMBaseReceiver
com.amazon.inapp.purchasing.ResponseReceiver
com.CFM.ELAN.TimedAlarm
com.CFM.CustomELAN.TimedAlarm
com.mobage.global.android.c2dm.ADMHandler$Receiver
Activity-related intent filters
com.test.android.MBUnityPlayerProxyActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
com.test.android.MBUnityPlayerActivity
actions: com.mobage.android.action.RECEIVE_NOTIFICATION
Receiver-related intent filters
com.mobage.global.android.c2dm.ADMHandler$Receiver
actions: com.amazon.device.messaging.intent.REGISTRATION, com.amazon.device.messaging.intent.RECEIVE
categories: com.mobage.ww.a1903.SWTD_Android
com.mobage.android.ads.TrackingReceiver
actions: com.android.vending.INSTALL_REFERRER
com.amazon.inapp.purchasing.ResponseReceiver
actions: com.amazon.inapp.purchasing.NOTIFY
com.otherlevels.androidportal.UnityGCMBroadcastReceiver
actions: com.google.android.c2dm.intent.RECEIVE, com.google.android.c2dm.intent.REGISTRATION
categories: com.mobage.ww.a1903.SWTD_Android
com.mobage.global.android.c2dm.C2DMBaseReceiver
actions: com.google.android.c2dm.intent.REGISTRATION, com.google.android.c2dm.intent.RECEIVE
categories: com.mobage.ww.a1903.SWTD_Android
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The studied file contains at least one Portable Executable.
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
183
Uncompressed size
55720017
Highest datetime
2015-03-31 09:49:56
Lowest datetime
2015-02-18 12:48:04
Contained files by extension
png
115
xml
33
dll
11
so
8
dex
1
MF
1
RSA
1
SF
1
Contained files by type
PNG
115
XML
33
unknown
15
Portable Executable
11
ELF
8
DEX
1
File identification
MD5 f874aec659d94da4bf3f895101630e14
SHA1 953c0e9868974fd9e014784ed782cf81ae2b6488
SHA256 198e152817a5bba2ca723fde3cb12e3c9e6efa5e050371937452e85258944879
ssdeep
393216:8aooK4Fq/FaC/hyXYRUeeq+kzUlK+E6bz4R0LtKCZXrDwh5mpoUh2dcrPvjtvPZp:8aV3MEC/QIRUeLSE8z3LtKCXrsh5W66t

File size 18.8 MB ( 19731896 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk contains-pe software-collection android contains-elf

VirusTotal metadata
First submission 2015-04-09 13:00:13 UTC ( 4 years, 1 month ago )
Last submission 2016-06-06 05:18:43 UTC ( 2 years, 11 months ago )
File names star-wars-a-galactic-defense.apk
star-wars-galactic-defense-1-3-0-multi-android.apk
star-wars-galactic-defense-1.3.0.apk
com.mobage.ww.a1903.SWTD_Android.apk
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Started receivers
android.net.conn.CONNECTIVITY_CHANGE
Opened files
/data/data/com.mobage.ww.a1903.SWTD_Android/files/AdjustIoActivityState
/data/data/com.mobage.ww.a1903.SWTD_Android/files/AdjustIoPackageQueue
/data/data/com.mobage.ww.a1903.SWTD_Android/cache/volley
/mnt/sdcard
/data/data/com.mobage.ww.a1903.SWTD_Android/cache/__chartboost/CBRequestManager
/data/data/com.mobage.ww.a1903.SWTD_Android/cache/__chartboost/CBTrackingDirectory
/mnt/sdcard/Android/data/com.mobage.ww.a1903.SWTD_Android/cache/__chartboost/CBVideoDirectory
APP_ASSETS/bin/Data/settings.xml
APP_ASSETS/distribution_name
/data/data/com.mobage.ww.a1903.SWTD_Android/cache/__chartboost/CBTrackingDirectory/cb_previous_session_info
Accessed files
/data/app/com.mobage.ww.a1903.SWTD_Android-1.apk/assets/bin/Data/settings.xml
/mnt/sdcard/Android/obb/com.mobage.ww.a1903.SWTD_Android
/data/data/com.mobage.ww.a1903.SWTD_Android/cache/volley
/data/data/com.mobage.ww.a1903.SWTD_Android/cache/__chartboost/CBRequestManager
/data/data/com.mobage.ww.a1903.SWTD_Android/cache/__chartboost/CBTrackingDirectory
/mnt/sdcard/Android/data/com.mobage.ww.a1903.SWTD_Android/cache/__chartboost/CBVideoDirectory
/data/data/com.mobage.ww.a1903.SWTD_Android/cache/__chartboost/CBTrackingDirectory/cb_previous_session_info
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Contacted URLs
https://app.adjust.io/startup
616E64726F69645F69643D66633965316236333033663065386337266D61635F736861313D3262643561633733613132393934363164656364343530336564316565633839643266323734333626656E7669726F6E6D656E743D70726F64756374696F6E26747261636B696E675F656E61626C65643D302673657373696F6E5F636F756E743D31266170705F746F6B656E3D656B646267626D6C7367716A26637265617465645F61743D323031322D31302D3039543139253341323825334132315A2532423032303026616E64726F69645F757569643D38373066633065652D363231312D343562622D393965342D303230316138373964373734266D61635F...
https://live.chartboost.com/api/video-prefetch
https://live.chartboost.com/api/config
Accessed URIs
https://live.chartboost.com/api/video-prefetch
https://live.chartboost.com/api/config
content://com.facebook.katana.provider.AttributionIdProvider
https://live.chartboost.com/interstitial/get