× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1b1f35c6358eabd739f33e7d05e6f6ab818a02fafcda4970006bf8339a653ed4
File name: 1b51b6ea3875316bfe5bde76feaf76ff
Detection ratio: 0 / 58
Analysis date: 2017-05-04 09:26:01 UTC ( 1 year, 10 months ago ) View latest
Antivirus Result Update
Ad-Aware 20170504
AegisLab 20170504
AhnLab-V3 20170503
Alibaba 20170504
ALYac 20170504
Antiy-AVL 20170504
Arcabit 20170504
Avast 20170504
AVG 20170504
Avira (no cloud) 20170504
AVware 20170504
Baidu 20170503
BitDefender 20170504
CAT-QuickHeal 20170504
ClamAV 20170504
CMC 20170503
Comodo 20170504
CrowdStrike Falcon (ML) 20170130
Cyren 20170504
DrWeb 20170504
Emsisoft 20170504
Endgame 20170503
ESET-NOD32 20170504
F-Prot 20170504
F-Secure 20170504
Fortinet 20170504
GData 20170504
Ikarus 20170504
Sophos ML 20170413
Jiangmin 20170504
K7AntiVirus 20170504
K7GW 20170426
Kaspersky 20170504
Kingsoft 20170504
Malwarebytes 20170504
McAfee 20170504
McAfee-GW-Edition 20170504
Microsoft 20170504
eScan 20170504
NANO-Antivirus 20170504
nProtect 20170504
Palo Alto Networks (Known Signatures) 20170504
Panda 20170503
Qihoo-360 20170504
Rising 20170504
SentinelOne (Static ML) 20170330
Sophos AV 20170504
SUPERAntiSpyware 20170504
Symantec 20170503
Symantec Mobile Insight 20170504
Tencent 20170504
TheHacker 20170504
TotalDefense 20170504
TrendMicro 20170504
VBA32 20170503
VIPRE 20170504
ViRobot 20170504
Webroot 20170504
WhiteArmor 20170502
Yandex 20170503
Zillya 20170504
ZoneAlarm by Check Point 20170504
Zoner 20170504
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.rubycell.violin. The internal version number of the application is 20170430. The displayed version string of the application is 20170430. The minimum Android API level for the application to run (MinSDKVersion) is 15. The target Android API level for the application to run (TargetSDKVersion) is 25.
Required permissions
android.permission.VIBRATE (control vibrator)
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
com.rubycell.violin.permission.C2D_MESSAGE (C2DM permission.)
com.google.android.c2dm.permission.RECEIVE (Unknown permission from android reference)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.WAKE_LOCK (prevent phone from sleeping)
.permission.C2D_MESSAGE (C2DM permission.)
android.permission.INTERNET (full Internet access)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
com.android.vending.BILLING (Unknown permission from android reference)
Activities
com.ansca.corona.CoronaActivity
com.rubycell.factory.RequestPermissionActivity
com.ansca.corona.CameraActivity
com.ansca.corona.VideoActivity
com.ansca.corona.purchasing.StoreActivity
com.google.android.gms.ads.AdActivity
com.facebook.FacebookActivity
plugin.facebook.v4.FacebookFragmentActivity
com.onesignal.PermissionsActivity
plugin.signin.GoogleSignIn
com.google.android.gms.auth.api.signin.internal.SignInHubActivity
com.google.android.gms.common.api.GoogleApiActivity
plugin.sharedsongs.activity.TabActivity
plugin.sharedsongs.activity.RequestSongActivity
plugin.sharedsongs.activity.CommentActivity
plugin.sharedsongs.activity.ARequestSongActivity
com.google.android.gms.ads.purchase.InAppPurchaseActivity
Services
com.ansca.corona.CoronaService
com.onesignal.GcmIntentService
com.onesignal.SyncService
com.google.android.gms.measurement.AppMeasurementService
com.google.android.gms.auth.api.signin.RevocationBoundService
com.google.firebase.iid.FirebaseInstanceIdService
Receivers
com.ansca.corona.SystemStartupBroadcastReceiver
com.ansca.corona.notifications.AlarmManagerBroadcastReceiver
com.ansca.corona.notifications.StatusBarBroadcastReceiver
com.ansca.corona.notifications.GoogleCloudMessagingBroadcastReceiver
com.ansca.corona.purchasing.GoogleStoreBroadcastReceiver
com.onesignal.NotificationOpenedReceiver
com.onesignal.GcmBroadcastReceiver
com.google.android.gms.measurement.AppMeasurementReceiver
com.google.firebase.iid.FirebaseInstanceIdReceiver
com.google.firebase.iid.FirebaseInstanceIdInternalReceiver
Providers
com.facebook.FacebookContentProvider
com.ansca.corona.storage.FileContentProvider
com.google.firebase.provider.FirebaseInitProvider
Service-related intent filters
com.google.firebase.iid.FirebaseInstanceIdService
actions: com.google.firebase.INSTANCE_ID_EVENT
Activity-related intent filters
com.ansca.corona.CoronaActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.google.android.gms.measurement.AppMeasurementReceiver
actions: com.google.android.gms.measurement.UPLOAD
com.google.firebase.iid.FirebaseInstanceIdReceiver
actions: com.google.android.c2dm.intent.RECEIVE, com.google.android.c2dm.intent.REGISTRATION
categories: com.rubycell.violin
com.ansca.corona.SystemStartupBroadcastReceiver
actions: android.intent.action.BOOT_COMPLETED
com.ansca.corona.purchasing.GoogleStoreBroadcastReceiver
actions: com.android.vending.billing.IN_APP_NOTIFY, com.android.vending.billing.RESPONSE_CODE, com.android.vending.billing.PURCHASE_STATE_CHANGED
com.ansca.corona.notifications.GoogleCloudMessagingBroadcastReceiver
actions: com.google.android.c2dm.intent.RECEIVE, com.google.android.c2dm.intent.REGISTRATION
categories: com.rubycell.violin
com.onesignal.GcmBroadcastReceiver
actions: com.google.android.c2dm.intent.RECEIVE
categories: com.rubycell.violin
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
1356
Uncompressed size
27045996
Highest datetime
1980-00-00 00:00:00
Lowest datetime
1980-00-00 00:00:00
Contained files by extension
png
585
xml
80
so
14
gui
11
jpg
10
ogg
3
ttf
2
dex
1
MF
1
car
1
sf2
1
mid
1
RSA
1
SF
1
js
1
Contained files by type
PNG
585
MIDI
236
XML
79
unknown
68
ELF
14
JPG
10
JSON
4
OGG
3
DEX
1
File identification
MD5 1b51b6ea3875316bfe5bde76feaf76ff
SHA1 d2e0f27f354a536faceedf938fbdc2c52892f52a
SHA256 1b1f35c6358eabd739f33e7d05e6f6ab818a02fafcda4970006bf8339a653ed4
ssdeep
393216:Qe6f1ehSKWJcUEJ3mM4a++Dr4cSDPMHIia289+eSe9kf:Qe6g8t2jmM4alDgQLhf

File size 16.2 MB ( 17017536 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (62.8%)
Java Archive (17.3%)
VYM Mind Map (14.9%)
ZIP compressed archive (4.7%)
Tags
apk android contains-elf

VirusTotal metadata
First submission 2017-05-04 09:26:01 UTC ( 1 year, 10 months ago )
Last submission 2018-01-28 14:02:43 UTC ( 1 year, 1 month ago )
File names Next Launcher 3D Shell Lite_20170430_ANROED.COM.apk
violin-for-everyone.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!