× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2ba4ed4fe635c36840cdddcc91b29b18f202df697d2317aa0a22ca3d5cc95fa9
File name: legion-of-heroes-1-4-11-en-android.apk
Detection ratio: 0 / 57
Analysis date: 2016-04-05 00:12:02 UTC ( 3 years ago ) View latest
Antivirus Result Update
Ad-Aware 20160404
AegisLab 20160404
AhnLab-V3 20160404
Alibaba 20160401
ALYac 20160404
Antiy-AVL 20160404
Arcabit 20160405
Avast 20160405
AVG 20160405
Avira (no cloud) 20160405
AVware 20160404
Baidu 20160404
Baidu-International 20160404
BitDefender 20160405
Bkav 20160404
CAT-QuickHeal 20160404
ClamAV 20160404
CMC 20160404
Comodo 20160404
Cyren 20160405
DrWeb 20160405
Emsisoft 20160405
ESET-NOD32 20160404
F-Prot 20160405
F-Secure 20160405
Fortinet 20160404
GData 20160405
Ikarus 20160404
Jiangmin 20160404
K7AntiVirus 20160404
K7GW 20160404
Kaspersky 20160404
Kingsoft 20160405
Malwarebytes 20160404
McAfee 20160404
McAfee-GW-Edition 20160404
Microsoft 20160404
eScan 20160404
NANO-Antivirus 20160404
nProtect 20160404
Panda 20160404
Qihoo-360 20160405
Rising 20160404
Sophos AV 20160404
SUPERAntiSpyware 20160404
Symantec 20160331
Tencent 20160405
TheHacker 20160403
TotalDefense 20160404
TrendMicro 20160404
TrendMicro-HouseCall 20160404
VBA32 20160404
VIPRE 20160404
ViRobot 20160404
Yandex 20160316
Zillya 20160404
Zoner 20160404
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.nexonm.loh.usios. The internal version number of the application is 1411. The displayed version string of the application is 1.4.11. The minimum Android API level for the application to run (MinSDKVersion) is 14. The target Android API level for the application to run (TargetSDKVersion) is 19.
Required permissions
com.nexonm.loh.usios.permission.C2D_MESSAGE (C2DM permission.)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.VIBRATE (control vibrator)
com.google.android.c2dm.permission.RECEIVE (Unknown permission from android reference)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.GET_TASKS (retrieve running applications)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.INTERNET (full Internet access)
android.permission.KILL_BACKGROUND_PROCESS (Unknown permission from android reference)
android.permission.RESTART_PACKAGES (kill background processes)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
com.android.vending.BILLING (Unknown permission from android reference)
android.permission.GET_ACCOUNTS (discover known accounts)
Activities
com.nexonm.loh.usios.AndroidAPI
com.nexonm.loh.usios.MyAlert
com.facebook.LoginActivity
com.prime31.FacebookProxyActivity
com.prime31.GoogleIABProxyActivity
com.google.example.games.pluginsupport.SignInHelperActivity
com.google.example.games.pluginsupport.SelectOpponentsHelperActivity
com.google.example.games.pluginsupport.InvitationInboxHelperActivity
Services
com.nexonm.loh.usios.GCMIntentService
Receivers
com.google.android.gcm.GCMBroadcastReceiver
io.fiverocks.android.InstallReferrerReceiver
Activity-related intent filters
com.nexonm.loh.usios.AndroidAPI
actions: android.intent.action.MAIN, android.intent.action.VIEW
categories: android.intent.category.LAUNCHER, android.intent.category.DEFAULT
Receiver-related intent filters
com.google.android.gcm.GCMBroadcastReceiver
actions: com.google.android.c2dm.intent.RECEIVE, com.google.android.c2dm.intent.REGISTRATION
categories: com.nexonm.loh.usios
io.fiverocks.android.InstallReferrerReceiver
actions: com.android.vending.INSTALL_REFERRER
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The studied file contains at least one Portable Executable.
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
822
Uncompressed size
81079460
Highest datetime
2014-10-22 00:47:30
Lowest datetime
2014-07-07 22:53:24
Contained files by extension
png
203
xml
44
dll
16
so
3
dex
1
MF
1
RSA
1
mp4
1
SF
1
Contained files by type
unknown
554
PNG
203
XML
44
Portable Executable
16
ELF
3
DEX
1
MP3
1
File identification
MD5 170a5a53c0aab9067bbaa48e84b62129
SHA1 5e94ef19a6bd54b4b2ba96f26385f55d88ea8808
SHA256 2ba4ed4fe635c36840cdddcc91b29b18f202df697d2317aa0a22ca3d5cc95fa9
ssdeep
786432:U24giplO9aQEFiEA2mpwMnJq/2Q/lp+bJLR01HqQj7:U24giplRBmuMnm2Olp+bJ10Zqs7

File size 27.9 MB ( 29279442 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Java Archive (78.3%)
ZIP compressed archive (21.6%)
Tags
apk contains-pe contains-elf android software-collection

VirusTotal metadata
First submission 2014-10-30 09:45:50 UTC ( 4 years, 5 months ago )
Last submission 2018-03-16 19:37:19 UTC ( 1 year, 1 month ago )
File names legion-of-heroes-1-4-11-en-android.apk
com.nexonm.loh.usios.apk
170A5A53C0AAB9067BBAA48E84B62129
4fc306838bbd7d44ec97ed009ec518fcf6ea55c682c32af9693a06f31f7de03646cce1e8467a718749147101b3de2ff940d4408c32c75f3577535600337fa388
legion-of-heroes.apk
legion-of-heroes.apk
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!