× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8cbef28223f8d7d40d776dc832f2927082579c88721f54fe522cd43347f6589a
File name: warofclans.apk
Detection ratio: 0 / 56
Analysis date: 2016-06-17 10:44:42 UTC ( 2 years, 8 months ago ) View latest
Antivirus Result Update
Ad-Aware 20160617
AegisLab 20160617
AhnLab-V3 20160617
Alibaba 20160617
ALYac 20160617
Antiy-AVL 20160617
Arcabit 20160617
Avast 20160617
AVG 20160617
Avira (no cloud) 20160617
AVware 20160617
Baidu 20160616
Baidu-International 20160614
BitDefender 20160617
Bkav 20160617
CAT-QuickHeal 20160617
ClamAV 20160617
CMC 20160616
Comodo 20160616
Cyren 20160616
DrWeb 20160617
Emsisoft 20160617
ESET-NOD32 20160617
F-Prot 20160617
F-Secure 20160617
Fortinet 20160617
GData 20160617
Ikarus 20160617
Jiangmin 20160617
K7AntiVirus 20160617
K7GW 20160616
Kaspersky 20160617
Kingsoft 20160617
Malwarebytes 20160617
McAfee 20160617
McAfee-GW-Edition 20160617
Microsoft 20160617
eScan 20160617
NANO-Antivirus 20160617
nProtect 20160617
Panda 20160616
Qihoo-360 20160617
Sophos AV 20160617
SUPERAntiSpyware 20160617
Symantec 20160617
Tencent 20160617
TheHacker 20160616
TotalDefense 20160616
TrendMicro 20160617
TrendMicro-HouseCall 20160617
VBA32 20160616
VIPRE 20160615
ViRobot 20160617
Yandex 20160616
Zillya 20160616
Zoner 20160617
The file being studied is Android related! APK Android file more specifically. The application's main package name is au.winner.wocau. The internal version number of the application is 8. The displayed version string of the application is 2.0.0. The minimum Android API level for the application to run (MinSDKVersion) is 8.
Required permissions
android.permission.CHANGE_NETWORK_STATE (change network connectivity)
android.permission.ACCESS_COARSE_UPDATES (Unknown permission from android reference)
android.permission.READ_LOGS (read sensitive log data)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.INTERNET (full Internet access)
com.android.vending.BILLING (Unknown permission from android reference)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.SEND_SMS (send SMS messages)
android.permission.RECEIVE_USER_PRESENT (Unknown permission from android reference)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.GET_TASKS (retrieve running applications)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
au.winner.wocau.permission.JPUSH_MESSAGE (Unknown permission from android reference)
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
au.winner.wocau.PAYMENT_BROADCAST_PERMISSION (Unknown permission from android reference)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.VIBRATE (control vibrator)
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS (access extra location provider commands)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECEIVE_SMS (receive SMS)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS (mount and unmount file systems)
Activities
com.utgame.update.UpdateActivity
com.utgame.thisiswar.ThisIsWar
com.pwgame.login.YdAds
com.pwgame.login.NoticeView
cn.jpush.android.ui.PushActivity
mp.MpActivity
Services
cn.jpush.android.service.DownloadService
org.openudid.OpenUDID_service
cn.jpush.android.service.PushService
mp.MpService
mp.StatusUpdateService
Receivers
cn.jpush.android.service.AlarmReceiver
mp.MpSMSReceiver
cn.jpush.android.service.PushReceiver
com.pwgame.login.AlarmReceiver
Service-related intent filters
org.openudid.OpenUDID_service
actions: org.openudid.GETUDID
cn.jpush.android.service.PushService
actions: cn.jpush.android.intent.REGISTER, cn.jpush.android.intent.REPORT, cn.jpush.android.intent.PushService, cn.jpush.android.intent.PUSH_TIME
Activity-related intent filters
cn.jpush.android.ui.PushActivity
actions: cn.jpush.android.ui.PushActivity
categories: android.intent.category.DEFAULT, au.winner.wocau
com.utgame.update.UpdateActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
cn.jpush.android.service.PushReceiver
actions: cn.jpush.android.intent.NOTIFICATION_RECEIVED_PROXY, android.intent.action.USER_PRESENT, android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.PACKAGE_ADDED, android.intent.action.PACKAGE_REMOVED
categories: au.winner.wocau
mp.MpSMSReceiver
actions: android.provider.Telephony.SMS_RECEIVED
com.pwgame.login.AlarmReceiver
actions: android.alarm.noti.action, mp.info.PAYMENT_STATUS_CHANGED, com.android.vending.INSTALL_REFERRER
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
998
Uncompressed size
68957941
Highest datetime
2014-07-25 11:14:40
Lowest datetime
2013-06-29 17:45:08
Contained files by extension
png
214
ccz
185
wav
141
xml
66
fnt
4
mp3
4
so
3
dex
1
pvr
1
tmx
1
RSA
1
SF
1
MF
1
txt
1
csv
1
Contained files by type
unknown
479
XML
296
PNG
214
MP3
4
ELF
3
DEX
1
JSON
1
File identification
MD5 2e3630664e4cdc2f29fcb9d2d3d0e274
SHA1 cdb0001ab3d44f12706ab3266fb9d7f92a1bafba
SHA256 8cbef28223f8d7d40d776dc832f2927082579c88721f54fe522cd43347f6589a
ssdeep
1572864:Vq/rwKYBMpGnEV+/G+V/AEVF/UKuSkH43C6Rf3uA:A/rcYDB+5DVF/Ujr43Cgf3uA

File size 49.3 MB ( 51646544 bytes )
File type Android
Magic literal
Zip archive data, at least v1.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android contains-elf dyn-calls software-collection

VirusTotal metadata
First submission 2014-10-25 01:06:00 UTC ( 4 years, 3 months ago )
Last submission 2016-06-20 00:11:45 UTC ( 2 years, 8 months ago )
File names warofclans.apk
warofclans.apk
cdb0001ab3d44f12706ab3266fb9d7f92a1bafba
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Started activities
#Intent;component=au.winner.wocau/com.utgame.thisiswar.ThisIsWar;end
Started receivers
android.net.conn.CONNECTIVITY_CHANGE
com.android.vending.INSTALL_REFERRER
Opened files
/data/data/au.winner.wocau/files
APP_ASSETS/Launcher.xml
APP_ASSETS/res/jsdata.pkg
APP_ASSETS/Version.xml
/data/app/au.winner.wocau-1.apk
/data/data/au.winner.wocau
/data/data/au.winner.wocau/shared_prefs
/data/data/au.winner.wocau/cache
/data/data/au.winner.wocau/lib
/data/data/au.winner.wocau/files/2.0.0.0.pkg
/data/data/au.winner.wocau/shared_prefs/openudid_prefs.xml
/data/data/au.winner.wocau/lib/libjpush.so
Accessed files
/data/data/au.winner.wocau/files
/data/data/au.winner.wocau/files/2.0.0.0.pkg
/data/data/au.winner.wocau/files/Version.xml
/data/data/au.winner.wocau/files/libthisiswarjs.so
/data/data/au.winner.wocau/app_data/eventlog
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Dynamically called methods
android.content.SharedPreferences$Editor.apply
Contacted URLs
http://103.249.210.60/resource/wocau/Version.xml
https://inmobisdk-a.akamaihd.net/sdk/configs/rootConfig.json?s-ver=3.7.1&i-aid=&a-bid=au.winner.wocau&u-key-ver=1&ua=&u-id-key=1104911608&a-ver=8&u-id-map=RNflWyszy4GZJQPb8VVTldnKY9r21D8jEv3yh5DLpjqxBAMzzOT7PrNS3pNuMuxa2CrtwfiGWC%2B4%0AvVncwuZwsaD6DrKXH2xfIPknbQGjSTCLW0TjKWvn6mlsTLFHItxo2u%2Bu7y1RdFrI8bZtVWjXPpFb%0AxmaDPqQub%2FWP77351BY%3D%0A
Accessed URIs
content://com.facebook.katana.provider.AttributionIdProvider
content://au.winner.wocau/referrer_apps
https://service.sponsorpay.com/installs/v2