× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 427cf8b13b287fafef2e9841cd290c3aa5e857d53d666af05f7bb08bf9530777
File name: [androidapplications.ru]com.swapit.expander.de.apk
Detection ratio: 2 / 60
Analysis date: 2018-01-19 22:23:33 UTC ( 1 year, 3 months ago )
Antivirus Result Update
AegisLab SUSPICIOUS 20180119
Symantec Trojan.Gen.8!cloud 20180119
Ad-Aware 20180119
AhnLab-V3 20180119
Alibaba 20180119
ALYac 20180119
Antiy-AVL 20180119
Arcabit 20180119
Avast 20180119
Avast-Mobile 20180119
AVG 20180119
Avira (no cloud) 20180119
AVware 20180119
Baidu 20180118
BitDefender 20180119
Bkav 20180119
CAT-QuickHeal 20180119
ClamAV 20180119
CMC 20180116
Comodo 20180119
CrowdStrike Falcon (ML) 20171016
Cybereason None
Cylance 20180119
Cyren 20180119
DrWeb 20180119
eGambit 20180119
Emsisoft 20180119
Endgame 20171130
ESET-NOD32 20180119
F-Prot 20180119
Fortinet 20180119
GData 20180119
Ikarus 20180119
Sophos ML 20170914
Jiangmin 20180119
K7AntiVirus 20180119
K7GW 20180119
Kaspersky 20180119
Kingsoft 20180119
Malwarebytes 20180119
MAX 20180119
McAfee 20180119
McAfee-GW-Edition 20180119
Microsoft 20180119
eScan 20180119
NANO-Antivirus 20180119
nProtect 20180119
Palo Alto Networks (Known Signatures) 20180119
Panda 20180119
Qihoo-360 20180119
Rising 20180119
SentinelOne (Static ML) 20180115
Sophos AV 20180119
SUPERAntiSpyware 20180119
Symantec Mobile Insight 20180119
Tencent 20180119
TheHacker 20180119
TrendMicro 20180119
TrendMicro-HouseCall 20180119
Trustlook 20180119
VBA32 20180119
VIPRE 20180119
ViRobot 20180119
Webroot 20180119
Yandex 20180112
Zillya 20180119
ZoneAlarm by Check Point 20180119
Zoner 20180119
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.swapit.expander.de. The internal version number of the application is 339. The displayed version string of the application is 3.39. The minimum Android API level for the application to run (MinSDKVersion) is 5. The target Android API level for the application to run (TargetSDKVersion) is 21.
Required permissions
android.permission.VIBRATE (control vibrator)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.INTERNET (full Internet access)
com.android.vending.CHECK_LICENSE (Unknown permission from android reference)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
Activities
com.swapit.expander.de.main
com.swapit.expander.de.createswap
com.swapit.expander.de.drive
com.swapit.expander.de.alerter
Services
com.swapit.expander.de.srvc
com.swapit.expander.de.widget
Receivers
com.swapit.expander.de.srvc$srvc_BR
com.swapit.expander.de.widget$widget_BR
Activity-related intent filters
com.swapit.expander.de.main
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.swapit.expander.de.widget$widget_BR
actions: android.appwidget.action.APPWIDGET_UPDATE
com.swapit.expander.de.srvc$srvc_BR
actions: android.intent.action.BOOT_COMPLETED, android.intent.action.MEDIA_EJECT, android.intent.action.ACTION_SHUTDOWN, android.intent.action.MEDIA_MOUNTED, android.intent.action.PACKAGE_REMOVED, android.intent.action.PACKAGE_REPLACED, android.intent.action.PACKAGE_ADDED
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
53
Uncompressed size
6206908
Highest datetime
2015-05-23 16:24:24
Lowest datetime
2008-02-29 04:33:46
Contained files by extension
png
29
so
8
xml
5
bal
4
dex
1
MF
1
bas
1
RSA
1
sh
1
SF
1
Contained files by type
PNG
26
ELF
11
unknown
9
XML
5
DEX
1
script
1
File identification
MD5 2cccd3804aafbc14b01e6da66e777688
SHA1 f63f6552c2ee63142cdfb1ef7c19c51a63e5595a
SHA256 427cf8b13b287fafef2e9841cd290c3aa5e857d53d666af05f7bb08bf9530777
ssdeep
98304:2trXD2ExReb/B3nr41yzCHvJpRNaM4hsL3eEmt4UGaE:2hJReb/Znr41yzCHrv/2s3Mt5LE

File size 5.4 MB ( 5689777 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (67.3%)
Java Archive (18.5%)
Mozilla Archive Format (gen) (8.9%)
ZIP compressed archive (5.1%)
Tags
apk android ext-prg contains-elf

VirusTotal metadata
First submission 2016-03-03 15:04:02 UTC ( 3 years, 1 month ago )
Last submission 2018-01-19 22:23:33 UTC ( 1 year, 3 months ago )
File names [androidapplications.ru]com.swapit.expander.de.apk
roehsoftramexpander3.39.apk
roehsoftramexpander3.39.apk
Roehsoft%20Swapit%20Ram%20Expander%20-%20v3.39.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
External programs launched
sh
Opened files
/mnt/sdcard
APP_ASSETS/arm_busybox.rsft.png
APP_ASSETS/mainn.bal
/data/data/com.swapit.expander.de/cache
Accessed files
/data/data/com.swapit.expander.de/cache/busybox.rsft
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.