× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9f6c290040357521d00ae25f75114878de29488456d289afea6234919178122d
File name: 9F6C290040357521D00AE25F75114878DE29488456D289AFEA6234919178122D
Detection ratio: 0 / 58
Analysis date: 2018-11-16 22:01:09 UTC ( 4 months ago ) View latest
Antivirus Result Update
Ad-Aware 20181116
AegisLab 20181116
AhnLab-V3 20181116
Alibaba 20180921
Antiy-AVL 20181116
Arcabit 20181116
Avast 20181116
Avast-Mobile 20181116
AVG 20181116
Avira (no cloud) 20181116
Babable 20180918
Baidu 20181116
BitDefender 20181116
Bkav 20181116
CAT-QuickHeal 20181116
ClamAV 20181116
CMC 20181116
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181116
Cyren 20181116
DrWeb 20181116
eGambit 20181116
Emsisoft 20181116
Endgame 20181108
ESET-NOD32 20181116
F-Prot 20181116
F-Secure 20181116
Fortinet 20181116
GData 20181116
Ikarus 20181116
Sophos ML 20181108
Jiangmin 20181116
K7AntiVirus 20181116
K7GW 20181116
Kaspersky 20181116
Kingsoft 20181116
Malwarebytes 20181116
MAX 20181116
McAfee 20181116
McAfee-GW-Edition 20181116
Microsoft 20181116
eScan 20181116
NANO-Antivirus 20181116
Palo Alto Networks (Known Signatures) 20181116
Panda 20181116
Qihoo-360 20181116
Rising 20181116
SentinelOne (Static ML) 20181011
Sophos AV 20181116
SUPERAntiSpyware 20181114
Symantec 20181116
Symantec Mobile Insight 20181108
TACHYON 20181116
Tencent 20181116
TheHacker 20181113
TotalDefense 20181116
TrendMicro 20181116
TrendMicro-HouseCall 20181116
Trustlook 20181116
VBA32 20181116
ViRobot 20181116
Webroot 20181116
Yandex 20181115
Zillya 20181116
ZoneAlarm by Check Point 20181116
Zoner 20181116
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.gameloft.android.ANMP.GloftGF2F. The internal version number of the application is 42120. The displayed version string of the application is 4.2.1. The minimum Android API level for the application to run (MinSDKVersion) is 15. The target Android API level for the application to run (TargetSDKVersion) is 28.
Required permissions
com.gameloft.android.ANMP.GloftGF2F.permission.C2D_MESSAGE (C2DM permission.)
android.permission.VIBRATE (control vibrator)
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
glshare.permission.ACCESS_SHARED_DATA (Unknown permission from android reference)
com.google.android.c2dm.permission.RECEIVE (Unknown permission from android reference)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.REQUEST_INSTALL_PACKAGES (Unknown permission from android reference)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.INTERNET (full Internet access)
android.permission.FOREGROUND_SERVICE (Unknown permission from android reference)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
com.android.vending.BILLING (Unknown permission from android reference)
External libraries
org.apache.http.legacy
Activities
com.gameloft.android.ANMP.GloftGF2F.Start
com.gameloft.android.wrapper.GamePermission
com.gameloft.android.ANMP.GloftGF2F.AdServerInterstitial
com.gameloft.android.ANMP.GloftGF2F.AdServerVideos
com.gameloft.android.ANMP.GloftGF2F.ActivityMessage
com.gameloft.android.ANMP.GloftGF2F.Nt
com.gameloft.android.ANMP.GloftGF2F.ActivityClearAllTasks
com.facebook.FacebookActivity
com.facebook.CustomTabMainActivity
com.gameloft.android.ANMP.GloftGF2F.SoftKeyBoardActivity
com.gameloft.android.ANMP.GloftGF2F.S800x480.GloftGF2F
Services
com.gameloft.android.ANMP.GloftGF2F.GCMIntentService
com.gameloft.android2d.iap.billings.google.BillingService
Receivers
com.gameloft.android.ANMP.GloftGF2F.PushNotification.GCMBroadcastReceiver
com.gameloft.android2d.iap.billings.google.BillingReceiver
com.gameloft.android.ANMP.GloftGF2F.PushNotification.LocalPushReceiver
com.gameloft.android.ANMP.GloftGF2F.PushNotification.PushIntentReceiver
com.gameloft.android.ANMP.GloftGF2F.PushNotification.PushDeleteReceiver
com.gameloft.android.ANMP.GloftGF2F.GoogleIAPTrackerReceiver
com.gameloft.android.ANMP.GloftGF2F.installer.IReferrerReceiver
Providers
android.support.v4.content.FileProvider
com.gameloft.android.ANMP.GloftGF2F.KeyProvider
Activity-related intent filters
com.gameloft.android.ANMP.GloftGF2F.Start
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
com.gameloft.android.ANMP.GloftGF2F.S800x480.GloftGF2F
actions: android.intent.action.MAIN
Receiver-related intent filters
com.gameloft.android.ANMP.GloftGF2F.GoogleIAPTrackerReceiver
actions: android.intent.action.BOOT_COMPLETED
categories: android.intent.category.DEFAULT
com.gameloft.android.ANMP.GloftGF2F.PushNotification.LocalPushReceiver
actions: android.intent.action.BOOT_COMPLETED
com.gameloft.android.ANMP.GloftGF2F.PushNotification.GCMBroadcastReceiver
actions: com.google.android.c2dm.intent.RECEIVE, com.google.android.c2dm.intent.REGISTRATION
categories: com.gameloft.android.ANMP.GloftGF2F
com.gameloft.android2d.iap.billings.google.BillingReceiver
actions: com.android.vending.billing.IN_APP_NOTIFY, com.android.vending.billing.RESPONSE_CODE, com.android.vending.billing.PURCHASE_STATE_CHANGED
com.gameloft.android.ANMP.GloftGF2F.installer.IReferrerReceiver
actions: com.android.vending.INSTALL_REFERRER
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
237
Uncompressed size
32327841
Highest datetime
2018-10-05 18:16:34
Lowest datetime
1980-01-01 07:00:00
Contained files by extension
png
113
xml
60
txt
4
so
3
bin
2
1
2
3
2
2
2
5
2
4
2
dex
1
MF
1
RSA
1
jpg
1
js
1
7
1
6
1
SF
1
Contained files by type
PNG
113
XML
60
unknown
59
ELF
3
DEX
1
JPG
1
File identification
MD5 698e358f1ed064185483c2d400d0281f
SHA1 ed7077eebca7ab3371c70e8c9c15fca4b4d65a6d
SHA256 9f6c290040357521d00ae25f75114878de29488456d289afea6234919178122d
ssdeep
196608:vY3ty3wY06D5btJKg2236gVXP+EmJBkO7Pit7t7f7Gq0ticcdn:vY9aB3D5btJeotmfk6eZrGgLdn

File size 10.1 MB ( 10564025 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (66.4%)
Java Archive (18.3%)
Mozilla Archive Format (gen) (8.8%)
ZIP compressed archive (5.0%)
PrintFox/Pagefox bitmap (var. P) (1.2%)
Tags
apk android contains-elf via-tor

VirusTotal metadata
First submission 2018-10-10 09:06:57 UTC ( 5 months, 1 week ago )
Last submission 2019-01-27 10:39:10 UTC ( 1 month, 3 weeks ago )
File names com.gameloft.android.ANMP.apk
green-farm-3-4-2-1.apk
green-farm.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!