× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 99f58b8e836598722c5a73ae6d99989bb1de92054d0249f2d352252184c29e73
File name: 527392_d66206_from_farm_to_city_dynasty_v1.18.1.apk
Detection ratio: 0 / 62
Analysis date: 2017-11-16 15:00:28 UTC ( 1 year, 6 months ago ) View latest
Antivirus Result Update
Ad-Aware 20171116
AegisLab 20171116
AhnLab-V3 20171116
Alibaba 20170911
ALYac 20171116
Antiy-AVL 20171116
Arcabit 20171116
Avast 20171116
Avast-Mobile 20171116
AVG 20171116
Avira (no cloud) 20171116
AVware 20171116
Baidu 20171116
BitDefender 20171116
Bkav 20171116
CAT-QuickHeal 20171116
ClamAV 20171115
CMC 20171109
Comodo 20171116
CrowdStrike Falcon (ML) 20171016
Cybereason None
Cylance 20171116
Cyren 20171116
DrWeb 20171116
eGambit 20171116
Endgame 20171024
ESET-NOD32 20171116
F-Prot 20171116
F-Secure 20171116
Fortinet 20171116
GData 20171116
Ikarus 20171116
Sophos ML 20170914
Jiangmin 20171116
K7AntiVirus 20171116
K7GW 20171116
Kaspersky 20171116
Kingsoft 20171116
Malwarebytes 20171116
MAX 20171116
McAfee 20171116
McAfee-GW-Edition 20171116
Microsoft 20171116
eScan 20171116
NANO-Antivirus 20171116
nProtect 20171116
Palo Alto Networks (Known Signatures) 20171116
Panda 20171116
Qihoo-360 20171116
Rising 20171116
SentinelOne (Static ML) 20171113
Sophos AV 20171116
SUPERAntiSpyware 20171116
Symantec 20171116
Symantec Mobile Insight 20171116
Tencent 20171116
TheHacker 20171112
TotalDefense 20171116
TrendMicro 20171116
TrendMicro-HouseCall 20171116
Trustlook 20171116
VBA32 20171116
VIPRE 20171116
ViRobot 20171116
Webroot 20171116
WhiteArmor 20171104
Yandex 20171116
Zillya 20171115
ZoneAlarm by Check Point 20171116
Zoner 20171116
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.webgames.dynasty. The internal version number of the application is 6059. The displayed version string of the application is 1.18.1. The minimum Android API level for the application to run (MinSDKVersion) is 15. The target Android API level for the application to run (TargetSDKVersion) is 21.
Required permissions
com.webgames.dynasty.permission.C2D_MESSAGE (C2DM permission.)
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
android.permission.READ_PHONE_STATE (read phone state and identity)
com.google.android.c2dm.permission.RECEIVE (Unknown permission from android reference)
android.permission.ACCESS_NETWORK_STATE (view network status)
com.android.vending.INSTALL_REFERRER (Unknown permission from android reference)
android.permission.WAKE_LOCK (prevent phone from sleeping)
com.android.vending.INTERACT_ACROSS_USERS_FULL ()
android.permission.INTERNET (full Internet access)
com.webgames.dynasty.permission.INSTALL_REFERRER (Unknown permission from android reference)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
com.android.vending.BILLING (Unknown permission from android reference)
android.permission.GET_ACCOUNTS (discover known accounts)
Activities
com.webgames.dynasty.DynastyMainActivity
com.facebook.FacebookActivity
Receivers
com.appsflyer.MultipleInstallBroadcastReceiver
com.kontagent.KAnalyticsReceiver
Activity-related intent filters
com.webgames.dynasty.DynastyMainActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.appsflyer.MultipleInstallBroadcastReceiver
actions: com.android.vending.INSTALL_REFERRER
com.kontagent.KAnalyticsReceiver
actions: com.android.vending.INSTALL_REFERRER
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
1505
Uncompressed size
62099241
Highest datetime
2015-11-30 16:31:56
Lowest datetime
2015-11-17 15:27:06
Contained files by extension
png
944
fnt
5
xml
1
Contained files by type
PNG
944
unknown
51
XML
5
File identification
MD5 17d0f86c00c979aa4cd4ef6706da22eb
SHA1 367e5e468a1069c3b51a78e4b8500f76f230eca8
SHA256 99f58b8e836598722c5a73ae6d99989bb1de92054d0249f2d352252184c29e73
ssdeep
1572864:CMqqCWj0wcY1XBRdrcDo0PMjsJMAGW+OtZwoeYjCjZfw1/vlPlHVzkANxG:/qqP0PuxRxPgMIM3CGZ0CQBbBNxG

File size 69.6 MB ( 73027250 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (72.9%)
Java Archive (20.1%)
ZIP compressed archive (5.5%)
PrintFox/Pagefox bitmap (var. P) (1.3%)
Tags
apk android dyn-calls ext-prg

VirusTotal metadata
First submission 2015-12-01 21:47:01 UTC ( 3 years, 5 months ago )
Last submission 2019-03-30 21:16:36 UTC ( 1 month, 3 weeks ago )
File names 527392_d66206_from_farm_to_city_dynasty_v1.18.1.apk
aaosaQn6ZPpt8RlCAZinxhoefcMJLAJLCoi51CHfLo6G4yL7XoJWEo9Np7vRJgCYd
saso3KZtEnlXZLnwDGrwwJffNWvbRvmgu606wnMvjhvxss24ufk
aaomWGlzZ4ZY0Ld6CYFytXbM7gzKsOmxtUy
assowtTIisJFt7O9bx6QYkT2fQUKEa
oamsm7WuEC2Qcd84MkUyU1HZUT9aiQzFuNprnow3pu8HEoBlideX1ez6TvDm0A3p
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Started receivers
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.AIRPLANE_MODE
External programs launched
getprop
Opened files
/data/data/com.webgames.dynasty/files/AFRequestCache
/data/data/com.webgames.dynasty/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core
/data/data/com.webgames.dynasty/files
Accessed files
/data/data/com.webgames.dynasty/files
/data/data/com.webgames.dynasty/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core
/data/data/com.webgames.dynasty/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/crash_marker
/data/data/com.webgames.dynasty/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/initialization_marker
/data/data/com.webgames.dynasty/files/AFRequestCache
/data/data/com.webgames.dynasty/files/AF_INSTALLATION
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Dynamically called methods
android.telephony.TelephonyManager.getDeviceId
Contacted URLs
https://track.appsflyer.com/api/v2.3/androidevent?buildnumber=1.15&app_id=com.webgames.dynasty
http://track.appsflyer.com/api/v2.3/androidevent?buildnumber=1.15&app_id=com.webgames.dynasty
https://api.appsflyer.com/install_data/v3/com.webgames.dynasty?devkey=Q45mLzUytqin9DiBjMyPtF&device_id=1349804137822-5161643514709368408
https://dmproxy.corpwebgames.com/api/v1/dc610d09df6342d39550477157a71c30/pgr?s=323316ED529F00EC
Accessed URIs
content://com.facebook.katana.provider.AttributionIdProvider