× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 41b506345ae7443297fa52900f998a23ebafbc7db6073748500cb3e7ff4b17a6
File name: 1421645403_com.wawoo.gunshootwar.apk
Detection ratio: 6 / 54
Analysis date: 2016-06-30 12:12:11 UTC ( 1 year, 9 months ago ) View latest
Antivirus Result Update
AhnLab-V3 Android-PUP/Dowgin.7ea5 20160630
AVware Trojan.AndroidOS.Generic.A 20160630
ESET-NOD32 a variant of Android/Packed.Jiagu.A potentially unsafe 20160630
McAfee Artemis!7E1B0024FC5C 20160630
McAfee-GW-Edition Artemis!7E1B0024FC5C 20160630
ViRobot Trojan.Win32.S.Agent.15035168[h] 20160630
Ad-Aware 20160630
AegisLab 20160630
Yandex 20160630
Alibaba 20160630
ALYac 20160630
Antiy-AVL 20160630
Arcabit 20160630
AVG 20160630
Baidu 20160630
BitDefender 20160630
Bkav 20160630
CAT-QuickHeal 20160630
ClamAV 20160630
CMC 20160630
Comodo 20160630
Cyren 20160630
DrWeb 20160630
Emsisoft 20160630
F-Prot 20160630
F-Secure 20160630
Fortinet 20160630
GData 20160630
Ikarus 20160630
Jiangmin 20160630
K7AntiVirus 20160630
K7GW 20160630
Kaspersky 20160630
Kingsoft 20160630
Malwarebytes 20160630
Microsoft 20160630
eScan 20160630
NANO-Antivirus 20160630
nProtect 20160630
Panda 20160630
Qihoo-360 20160630
Sophos AV 20160630
SUPERAntiSpyware 20160630
Symantec 20160630
Tencent 20160630
TheHacker 20160630
TotalDefense 20160630
TrendMicro 20160630
TrendMicro-HouseCall 20160630
VBA32 20160630
VIPRE 20160630
Yandex 20160630
Zillya 20160630
Zoner 20160630
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.wawoo.gunshootwar. The internal version number of the application is 8. The displayed version string of the application is 1.7. The minimum Android API level for the application to run (MinSDKVersion) is 9. The target Android API level for the application to run (TargetSDKVersion) is 21.
Required permissions
android.permission.INTERNET (full Internet access)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
Activities
com.unity3d.player.UnityPlayerProxyActivity
com.unity3d.player.UnityPlayerActivity
com.unity3d.player.UnityPlayerNativeActivity
com.unity3d.player.VideoPlayer
com.google.android.gms.ads.AdActivity
com.chartboost.sdk.unity.CBUnityPlayerProxyActivity
com.chartboost.sdk.unity.CBUnityPlayerActivity
com.chartboost.sdk.unity.CBUnityPlayerNativeActivity
com.unity3d.player.VideoPlayer
com.chartboost.sdk.CBImpressionActivity
com.artofbytes.gpg.android.ConnectionResolver
Activity-related intent filters
com.chartboost.sdk.unity.CBUnityPlayerProxyActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The studied file contains at least one Portable Executable.
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
180
Uncompressed size
42949672
Highest datetime
2014-12-11 00:36:16
Lowest datetime
2014-01-23 08:54:52
Contained files by extension
png
102
xml
8
dll
8
so
6
dex
1
MF
1
RSA
1
SF
1
Contained files by type
PNG
102
unknown
54
XML
8
Portable Executable
8
ELF
6
DEX
1
directory
1
File identification
MD5 7e1b0024fc5c1620d943a09f237cefed
SHA1 5c5c4d41d69ae08a82e9172f3623b3065cd4c3ba
SHA256 41b506345ae7443297fa52900f998a23ebafbc7db6073748500cb3e7ff4b17a6
ssdeep
393216:LKrEApSpeBFRW42rb9SD/hF1XwvAf/7J480ZAen09e9yEK:LKrApeBFKSD/PSvAW80Zc0fK

File size 14.3 MB ( 15035168 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk contains-pe ext-prg android contains-elf

VirusTotal metadata
First submission 2014-12-21 22:58:10 UTC ( 3 years, 4 months ago )
Last submission 2016-06-30 12:12:11 UTC ( 1 year, 9 months ago )
File names com.wawoo.gunshootwar-1.apk
com.wawoo.gunshootwar_LastUpdated__December102014.apk
com.wawoo.gunshootwar_8_1.7_635539634511518073.apk
com.wawoo.gunshootwar.apk
com.wawoo.gunshootwar_8.apk
com.wawoo.gunshootwar_LastUpdated__December102014.apk
com.wawoo.gunshootwar_LastUpdated__December102014.apk
7e1b0024fc5c1620d943a09f237cefed.tmp.6477
1421645403_com.wawoo.gunshootwar.apk
com.wawoo.gunshootwar_LastUpdated__December102014.apk
com.wawoo.gunshootwar_20141211221431498.apk
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Permissions checked
android.permission.INTERNET:com.wawoo.gunshootwar
android.permission.READ_PHONE_STATE:com.wawoo.gunshootwar
External programs launched
chmod 777 /data/data/com.wawoo.gunshootwar/files/libqupc.so
getprop ro.product.cpu.abi
Opened files
APP_ASSETS/libqupc.so
APP_ASSETS/libprotectClass.so
/data/data/com.wawoo.gunshootwar/files
Accessed files
/data/data/com.wawoo.gunshootwar/files
/data/data/com.wawoo.gunshootwar/files/libqupc.so
/data/data/com.wawoo.gunshootwar/files/libprotectClass.so