× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4bb6195d8fe6841be08db04fcb45777338e8bb1cfe0304793b46f54b54e00d68
File name: pkg.apk
Detection ratio: 0 / 55
Analysis date: 2016-07-31 17:10:43 UTC ( 2 years, 7 months ago ) View latest
Antivirus Result Update
Ad-Aware 20160731
AegisLab 20160731
AhnLab-V3 20160731
Alibaba 20160730
ALYac 20160731
Antiy-AVL 20160731
Arcabit 20160731
Avast 20160731
AVG 20160731
Avira (no cloud) 20160731
AVware 20160731
Baidu 20160730
BitDefender 20160731
Bkav 20160727
CAT-QuickHeal 20160730
ClamAV 20160731
CMC 20160728
Comodo 20160731
Cyren 20160731
DrWeb 20160731
Emsisoft 20160731
ESET-NOD32 20160731
F-Prot 20160731
F-Secure 20160731
Fortinet 20160731
GData 20160731
Ikarus 20160731
Jiangmin 20160731
K7AntiVirus 20160731
K7GW 20160731
Kaspersky 20160731
Kingsoft 20160731
Malwarebytes 20160731
McAfee 20160731
McAfee-GW-Edition 20160803
Microsoft 20160731
eScan 20160731
NANO-Antivirus 20160731
nProtect 20160729
Panda 20160731
Qihoo-360 20160731
Sophos AV 20160731
SUPERAntiSpyware 20160731
Symantec 20160731
Tencent 20160731
TheHacker 20160729
TotalDefense 20160731
TrendMicro 20160731
TrendMicro-HouseCall 20160731
VBA32 20160729
VIPRE 20160731
ViRobot 20160731
Yandex 20160731
Zillya 20160731
Zoner 20160731
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.gameloft.android.ANMP.GloftTHHM. The internal version number of the application is 16032. The displayed version string of the application is 1.6.0m. The minimum Android API level for the application to run (MinSDKVersion) is 14. The target Android API level for the application to run (TargetSDKVersion) is 23.
Required permissions
android.permission.VIBRATE (control vibrator)
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
glshare.permission.ACCESS_SHARED_DATA (Unknown permission from android reference)
com.google.android.c2dm.permission.RECEIVE (Unknown permission from android reference)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.INTERNET (full Internet access)
com.gameloft.android.ANMP.GloftTHHM.permission.C2D_MESSAGE (C2DM permission.)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
com.android.vending.BILLING (Unknown permission from android reference)
android.permission.GET_ACCOUNTS (discover known accounts)
Activities
com.gameloft.android.ANMP.GloftTHHM.XamarinMainActivity
com.facebook.LoginActivity
com.gameloft.android.ANMP.GloftTHHM.installer.GameInstaller
com.gameloft.android.ANMP.GloftTHHM.iab.GMPActivity
com.gameloft.android.ANMP.GloftTHHM.IGPFreemiumActivity
com.gameloft.android.ANMP.GloftTHHM.InGameBrowser
com.gameloft.android.ANMP.GloftTHHM.PackageUtils.PermissionActivity
com.gameloft.glads.GLAdFullScreen
com.gameloft.glads.MRAIDFullScreen
com.gameloft.glads.vast.activity.VASTActivity
com.gameloft.glads.VASTFullScreen
Services
com.google.android.gms.analytics.CampaignTrackingService
com.gameloft.android.ANMP.GloftTHHM.GCMIntentService
Receivers
com.google.android.gcm.GCMBroadcastReceiver
com.gameloft.android.ANMP.GloftTHHM.PushNotification.LocalPushReceiver
com.gameloft.android.ANMP.GloftTHHM.PushNotification.PushIntentReceiver
com.gameloft.android.ANMP.GloftTHHM.PushNotification.PushDeleteReceiver
com.gameloft.android.ANMP.GloftTHHM.GLUtils.NetworkStateReceiver
com.gameloft.android.ANMP.GloftTHHM.BootCompletedReceiver
com.gameloft.android.ANMP.GloftTHHM.installer.IReferrerReceiver
com.gameloft.android.ANMP.GloftTHHM.ApplicationSetUp
Providers
mono.MonoRuntimeProvider
com.gameloft.android.ANMP.GloftTHHM.KeyProvider
Activity-related intent filters
com.gameloft.android.ANMP.GloftTHHM.IGPFreemiumActivity
actions: android.intent.action.MAIN
com.gameloft.android.ANMP.GloftTHHM.XamarinMainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.gameloft.android.ANMP.GloftTHHM.PushNotification.PushIntentReceiver
actions: com.gameloft.android.ANMP.GloftTHHM.PNBroadcast
com.google.android.gcm.GCMBroadcastReceiver
actions: com.google.android.c2dm.intent.RECEIVE, com.google.android.c2dm.intent.REGISTRATION
categories: com.gameloft.android.ANMP.GloftTHHM
com.gameloft.android.ANMP.GloftTHHM.PushNotification.PushDeleteReceiver
actions: com.gameloft.android.ANMP.GloftTHHM.PNDeleteBroadcast
com.gameloft.android.ANMP.GloftTHHM.BootCompletedReceiver
actions: android.intent.action.BOOT_COMPLETED
categories: android.intent.category.DEFAULT
com.gameloft.android.ANMP.GloftTHHM.PushNotification.LocalPushReceiver
actions: android.intent.action.BOOT_COMPLETED
com.gameloft.android.ANMP.GloftTHHM.ApplicationSetUp
actions: com.gameloft.android.ApplicationSetUp
com.gameloft.android.ANMP.GloftTHHM.GLUtils.NetworkStateReceiver
actions: android.net.conn.CONNECTIVITY_CHANGE
com.gameloft.android.ANMP.GloftTHHM.installer.IReferrerReceiver
actions: com.android.vending.INSTALL_REFERRER
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
522
Uncompressed size
89250124
Highest datetime
2016-04-25 09:59:32
Lowest datetime
2016-03-01 13:32:34
Contained files by extension
png
410
xml
88
so
10
txt
3
bin
2
MF
1
RSA
1
dex
1
mp4
1
mp3
1
SF
1
Contained files by type
PNG
410
XML
87
unknown
13
ELF
10
DEX
1
MP3
1
File identification
MD5 60737e0c73e4fe4e287e027aac2efd1f
SHA1 d98b5041e48ecb0bbdc57c7610e7a30e53c1dfef
SHA256 4bb6195d8fe6841be08db04fcb45777338e8bb1cfe0304793b46f54b54e00d68
ssdeep
786432:h58UWqRcV6o9fbRfsk2l6YL/i51JzB6ZVis5sNWgAqR+WuR9mk4NbuYtXobehIK9:TwrA4Ri6Y+51JMsNldR+FMkEZEc0H+

File size 50.2 MB ( 52621577 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (72.9%)
Java Archive (20.1%)
ZIP compressed archive (5.5%)
PrintFox/Pagefox bitmap (var. P) (1.3%)
Tags
apk android contains-elf

VirusTotal metadata
First submission 2016-04-27 20:46:31 UTC ( 2 years, 10 months ago )
Last submission 2017-03-27 07:12:03 UTC ( 1 year, 11 months ago )
File names siegefall.apk
27921-siegefalllacaidaimperio.apk
base.apk
pkg.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Permissions checked
glshare.permission.ACCESS_SHARED_DATA:com.gameloft.android.ANMP.GloftTHHM
Opened files
/data/data/com.gameloft.android.ANMP.GloftTHHM/files
/mnt/sdcard/Android/data/com.gameloft.android.ANMP.GloftTHHM/files
/data/data/com.gameloft.android.ANMP.GloftTHHM/cache
/mnt/sdcard/Android/data/com.gameloft.android.ANMP.GloftTHHM/files/.__override__
Accessed files
/data/data/com.gameloft.android.ANMP.GloftTHHM/files
/mnt/sdcard/Android/data/com.gameloft.android.ANMP.GloftTHHM/files
/
Accessed URIs
content://com.gameloft.android.ANMP.GloftTHHM.KeyProvider/key
content://com.gameloft.android.ANMP.GloftTHHM.mono.MonoRuntimeProvider.__mono_init__/key/
content://com.gameloft.android.ANMP.GloftTHHM.KeyProvider/key/