× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a8aee4ff1c3cbea05641eb104af251cbe2f454db0658a63e313ad444db201efe
File name: app-xmod-release_2.3.5_235.apk
Detection ratio: 19 / 58
Analysis date: 2018-11-09 20:10:10 UTC ( 4 months, 2 weeks ago ) View latest
Antivirus Result Update
Antiy-AVL Trojan/Android.TSGeneric 20181109
Arcabit Android.Riskware.Agent.gDIWR 20181109
Avira (no cloud) ANDROID/Malformed.SGN.Gen 20181109
Babable PUP.HighConfidence 20180918
BitDefender Android.Riskware.Agent.gDIWR 20181109
CAT-QuickHeal Android.Autoins.GEN8555 (PUP) 20181108
ClamAV Andr.Malware.Agent-1577145 20181109
Cyren ZIP/Trojan.NGCB-0 20181109
Emsisoft Android.Riskware.Agent.gDIWR (B) 20181109
ESET-NOD32 a variant of Android/Autoins.S potentially unsafe 20181109
F-Secure Android.Riskware.Agent 20181109
Fortinet Android/Generic.S.227755!tr 20181109
GData Android.Riskware.Agent.gDIWR 20181109
Ikarus PUA.AndroidOS.Xxassistant 20181109
K7GW Trojan ( 004d6cb81 ) 20181109
McAfee Artemis!FCD6601A847E 20181109
Symantec Android.Umeng 20181109
Symantec Mobile Insight AppRisk:Generisk 20181108
Zoner Trojan.AndroidOS.Autoins.A 20181109
Ad-Aware 20181109
AegisLab 20181109
AhnLab-V3 20181109
Alibaba 20180921
ALYac 20181109
Avast 20181109
Avast-Mobile 20181109
AVG 20181109
Baidu 20181109
Bkav 20181109
CMC 20181109
CrowdStrike Falcon (ML) 20180202
Cybereason 20180308
Cylance 20181109
DrWeb 20181109
Endgame 20181108
F-Prot 20181109
Sophos ML 20181108
Jiangmin 20181109
K7AntiVirus 20181109
Kaspersky 20181109
Kingsoft 20181109
Malwarebytes 20181109
MAX 20181109
McAfee-GW-Edition 20181109
Microsoft 20181109
eScan 20181109
NANO-Antivirus 20181109
Palo Alto Networks (Known Signatures) 20181109
Panda 20181109
Qihoo-360 20181109
Rising 20181109
SentinelOne (Static ML) 20181011
Sophos AV 20181109
SUPERAntiSpyware 20181107
TACHYON 20181109
Tencent 20181109
TheHacker 20181108
TrendMicro 20181109
TrendMicro-HouseCall 20181109
Trustlook 20181109
VBA32 20181109
ViRobot 20181109
Webroot 20181109
Yandex 20181109
Zillya 20181109
ZoneAlarm by Check Point 20181109
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.xmodgame. The internal version number of the application is 235. The displayed version string of the application is 2.3.5. The minimum Android API level for the application to run (MinSDKVersion) is 9. The target Android API level for the application to run (TargetSDKVersion) is 21.
Required permissions
android.permission.DISABLE_KEYGUARD (disable key lock)
android.permission.READ_CALENDAR (read calendar events)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.BLUETOOTH (create Bluetooth connections)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.INTERNET (full Internet access)
android.permission.BLUETOOTH_ADMIN (bluetooth administration)
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.INTERACT_ACROSS_USERS_FULL ()
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.GET_TASKS (retrieve running applications)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.DOWNLOAD_WITHOUT_NOTIFICATION (Unknown permission from android reference)
android.permission.READ_EXTERNAL_STORAGE (read from external storage)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.VIBRATE (control vibrator)
com.google.android.gms.permission.ACTIVITY_RECOGNITION (Unknown permission from android reference)
com.xmodgame.refresh_userinfo (Unknown permission from android reference)
android.permission.SYSTEM_ALERT_WINDOW (display system-level alerts)
android.permission.CAMERA (take pictures and videos)
android.permission.PACKAGE_USAGE_STATS (update component usage statistics)
android.permission.CHANGE_WIFI_STATE (change Wi-Fi status)
android.permission.RECORD_AUDIO (record audio)
android.permission.MOUNT_UNMOUNT_FILESYSTEMS (mount and unmount file systems)
android.permission.WRITE_CALENDAR (add or modify calendar events and send emails to guests)
Activities
com.facebook.FacebookActivity
com.facebook.ads.InterstitialAdActivity
com.xxAssistant.View.MainActivity
com.xxAssistant.View.InstalledActivity
com.xxAssistant.View.ToolActivity
com.xxAssistant.View.DownloadManagerActivity
com.xxAssistant.View.UpdateManagerActivity
com.xxAssistant.View.FeedbackActivity
com.xxAssistant.View.ContactActivity
com.xxAssistant.View.WebviewActivity
com.xxAssistant.View.AssistDetailActivity
com.xxAssistant.View.SplashActivity
com.xxAssistant.View.AboutActivity
com.xxAssistant.View.HistoryPluginActivity
com.xxAssistant.View.AddMyGameListActivity
com.xxAssistant.View.GuideActivity
com.xxAssistant.View.MultiLaunchActivity
com.xxAssistant.DialogView.BannerActivityDialogActivity
com.xxAssistant.DialogView.ConnectyChangeWindowActivity
com.xxAssistant.DialogView.ClientUpdateDialogActivity
com.xxAssistant.DialogView.DeletePluginWindowActivity
com.xxAssistant.DialogView.PluginInstallingDialogActivity
com.xxAssistant.View.GuideMoreActivity
com.xxAssistant.DanMuKu.View.ScreenRecorde.NewScreenRecorderActivity
com.xxAssistant.DanMuKu.View.ShareFacebookActivity
com.xxAssistant.View.Base.NewBaseDetailActivity
com.xxAssistant.View.LanguageSettingActivity
com.xxAssistant.View.LoadingSplashADActivity
com.xxAssistant.View.ScriptDetailActivity
com.xxAssistant.View.MyScriptActivity
com.xxAssistant.View.ScriptListByTagActivity
com.xxAssistant.View.ScriptSearchActivity
com.xxAssistant.View.ScriptActivateActivity
com.xxAssistant.DialogView.LukyGameActivity
com.xxAssistant.View.UserLoginActivity
com.xxAssistant.View.UserRegisterActivity
com.xxAssistant.View.UserEditProfileActivity
com.xxAssistant.View.UserResetPwdActivity
com.xxAssistant.View.UserForgotPwdActivity
com.xxAssistant.View.UserChoosePhotoActivity
com.inmobi.rendering.InMobiAdActivity
com.google.android.gms.ads.AdActivity
com.google.android.gms.ads.purchase.InAppPurchaseActivity
Services
com.xxtengine.core.TEngineInputService
com.xxAssistant.Script.ScriptService
com.xxAssistant.Service.TimeService
com.xxAssistant.Service.GhostService
com.xxAssistant.DanMuKu.Main.FileUploadService
com.xxAssistant.DanMuKu.Main.DanMuKuService
com.xxlib.service.XAccessibilityService
com.baidu.android.pushservice.PushService
com.baidu.android.pushservice.CommandService
com.xxAssistant.Receiver.BackgroundService
com.inmobi.signals.activityrecognition.ActivityRecognitionManager
com.inmobi.main.BackgroundService
Receivers
com.xxAssistant.Receiver.InstallReceiver
com.xxAssistant.Receiver.NetworkBroadcast
com.xxAssistant.Receiver.BaiduPushMessageReveiver
com.baidu.android.pushservice.PushServiceReceiver
com.baidu.android.pushservice.RegistrationReceiver
com.xxAssistant.DanMuKu.Receiver.DanmukuUserInfoRefreshBroadcast
com.xxAssistant.Receiver.ClientUserInfoRefreshBroadcast
com.inmobi.commons.core.utilities.uid.ImIdShareBroadCastReceiver
com.inmobi.main.AlarmTriggerReceiver
com.inmobi.main.InmobiAlarmReceiver
Providers
com.facebook.FacebookContentProvider
Service-related intent filters
com.xxAssistant.Script.ScriptService
actions: com.xmodgame.Service.ScriptService
com.xxtengine.core.TEngineInputService
actions: android.view.InputMethod
com.baidu.android.pushservice.PushService
actions: com.baidu.android.pushservice.action.PUSH_SERVICE
com.xxlib.service.XAccessibilityService
actions: android.accessibilityservice.AccessibilityService
Activity-related intent filters
com.xxAssistant.View.SplashActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.baidu.android.pushservice.PushServiceReceiver
actions: android.intent.action.BOOT_COMPLETED, android.net.conn.CONNECTIVITY_CHANGE, com.baidu.android.pushservice.action.notification.SHOW, com.baidu.android.pushservice.action.media.CLICK, android.intent.action.MEDIA_MOUNTED, android.intent.action.USER_PRESENT, android.intent.action.ACTION_POWER_CONNECTED, android.intent.action.ACTION_POWER_DISCONNECTED
com.baidu.android.pushservice.RegistrationReceiver
actions: com.baidu.android.pushservice.action.METHOD, com.baidu.android.pushservice.action.BIND_SYNC, android.intent.action.PACKAGE_REMOVED
com.xxAssistant.Receiver.NetworkBroadcast
actions: android.net.conn.CONNECTIVITY_CHANGE
com.xxAssistant.Receiver.BaiduPushMessageReveiver
actions: com.baidu.android.pushservice.action.MESSAGE, com.baidu.android.pushservice.action.RECEIVE, com.baidu.android.pushservice.action.notification.CLICK
com.inmobi.commons.core.utilities.uid.ImIdShareBroadCastReceiver
actions: com.inmobi.share.id
com.xxAssistant.Receiver.InstallReceiver
actions: android.intent.action.PACKAGE_ADDED, android.intent.action.PACKAGE_REMOVED, android.intent.action.PACKAGE_REPLACED
com.inmobi.main.AlarmTriggerReceiver
actions: android.intent.action.BOOT_COMPLETED, android.net.conn.CONNECTIVITY_CHANGE, android.intent.action.MEDIA_MOUNTED, android.intent.action.USER_PRESENT, android.intent.action.ACTION_POWER_CONNECTED, android.intent.action.ACTION_POWER_DISCONNECTED
com.xxAssistant.DanMuKu.Receiver.DanmukuUserInfoRefreshBroadcast
actions: com.xmodgame.refresh_user_info_action
com.xxAssistant.Receiver.ClientUserInfoRefreshBroadcast
actions: com.xmodgame.refresh_user_info_action
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
1171
Uncompressed size
7353387
Highest datetime
2016-07-25 16:49:36
Lowest datetime
2016-07-25 14:52:50
Contained files by extension
png
627
xml
358
jpg
4
apk
2
so
2
dex
1
zip
1
Contained files by type
PNG
628
XML
358
ELF
5
ZIP
3
JPG
3
unknown
2
DEX
1
File identification
MD5 fcd6601a847e323b6b6888f869d9ff9a
SHA1 440c8da4cd44ff2161e27fe609203a512f5defce
SHA256 a8aee4ff1c3cbea05641eb104af251cbe2f454db0658a63e313ad444db201efe
ssdeep
196608:IqEGPb0BIGAaFU3PzhTBCR/bHXxFNeoWgduMMDn9J0TTua:Iq3z5GfU3zUxHeoWgYhSua

File size 10.5 MB ( 11031965 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (47.7%)
SPSS Extension (27.2%)
Java Archive (13.1%)
Mozilla Firefox browser extension (7.2%)
ZIP compressed archive (3.6%)
Tags
checks-gps ext-prg contains-elf apk dyn-calls via-tor android

VirusTotal metadata
First submission 2016-07-25 14:38:31 UTC ( 2 years, 8 months ago )
Last submission 2019-01-30 13:46:02 UTC ( 1 month, 3 weeks ago )
File names 812606_eb5e73_app-xmod-release_2.3.5_235.apk
482377556.apk
Xmodgames 2.3.5_235.apk
Xmodgames-v2-3-5-Pdalife.ru.apk
www.putraadam.com-xmod-release_2.3.5.apk
app-xmod-release_2.3.5_235.apk
Xmodgames_Full_v2.3.5_Apktops.ir.apk
Xmodgames_2.3.5_.apk"; modification-date="Tue, 07 Feb 2017 16:10:02 +0000"; read-date="Tue, 07 Feb 2017 11:52:11 +0000
Xmodgames_2.3.5.apk
xmodgames.apk
app-xmod-release_2.3.5_235.apk.part
167120369.apk
app-xmod-release_2.3.5_235 (2).apk
Xmod_ATUALIZADO_gamessandroid.blogspot.com.br.apk
XMod Games v2.3.5.apk
XModGames_2.3.5-Android-1.com.apk"; filename*=utf-8''XModGames_2.3.5-Android-1.com.apk
301658156.apk
Onaylanmayan 269919.crdownload
491778681.apk
387891452.apk
295391443.Apk
Unconfirmed 409291.crdownload
tmp_8759-app-xmod-release_2.3.5_235602875257.apk
668594_1d6bb8_app-xmod-release_2.3.5_235.apk
xmodgames-v2.3.5.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Permissions checked
android.permission.READ_PHONE_STATE:com.xmodgame
Started receivers
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.BATTERY_CHANGED
External programs launched
/system/bin/sh -c getprop ro.board.platform
/system/bin/sh -c type su
Opened files
/data/app/com.xmodgame-1.apk
/data/data/com.xmodgame/code_cache/secondary-dexes
/data/data/com.xmodgame/files/.um
/data/data/com.xmodgame/app_apktool/ apktool.tmp
/mnt/sdcard/com.xmodgame/.device_info
/mnt/sdcard/com.xmodgame
/mnt/sdcard/com.xmodgame/download
/mnt/sdcard/com.xmodgame/images
/mnt/sdcard/com.xmodgame/videos
/data/data/com.xmodgame/files/.YFlurrySenderIndex.info.AnalyticsMain
/data/data/com.xmodgame/files/.yflurryreport.7b381a72951e61b1
/mnt/sdcard
/data/data/com.xmodgame/cache
/data/data/com.xmodgame/files/TDtcagent.db
/data/data/com.xmodgame/app_apktool/apktool..apk
/data/data/com.xmodgame/code_cache
/data/data/com.xmodgame/app_apktool
/data/data/com.xmodgame/app_bugly
/system
/data/data/com.xmodgame/files/secondary-dexes
Accessed files
/data/data/com.xmodgame/files
/mnt/sdcard/com.xmodgame
/mnt/sdcard/com.xmodgame/download
/mnt/sdcard/com.xmodgame/images
/mnt/sdcard/com.xmodgame/videos
/data/data/com.xmodgame/files/td.lock
/data/data/com.xmodgame/files/TDtcagent.db
/data/data/com.xmodgame/files/.FlurrySenderIndex.info.AnalyticsMain
/data/data/com.xmodgame/files/.YFlurrySenderIndex.info.AnalyticsMain
/data/data/com.xmodgame/files/.um
/system/app/Superuser.apk
/mnt/sdcard/com.xmodgame/.device_info
/data/data/com.xmodgame/app_apktool
/data/data/com.xmodgame/app_apktool/apktool..apk
/data/data/com.xmodgame/lib/utility
/data/data/com.xmodgame/lib/utility.so
/data/data/com.xmodgame/lib/libutility.so
/data/data/com.xmodgame/app_apktool/ apktool.tmp
/data/data/com.xmodgame/files/.yflurryreport.7b381a72951e61b1
/data/data/com.xmodgame/files/.flurryagent.-16bfb9b4
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Calls APIs that provide access to the system location services. These services allow applications to obtain periodic updates of the device's geographical location, or to fire an application-specified Intent when the device enters the proximity of a given geographical location.
Dynamically called methods
android.content.SharedPreferences$Editor.apply
android.app.Application.registerActivityLifecycleCallbacks 1 argument.
u'com.tendcloud.tenddata.k@41342fa0'
android.app.ActivityThread.getApplication
android.app.Application.registerActivityLifecycleCallbacks 1 argument.
u'com.tendcloud.tenddata.k@412e2008'
android.app.Application.registerActivityLifecycleCallbacks 1 argument.
u'com.tendcloud.tenddata.k@41340d80'
Contacted URLs
http://oc.umeng.com/check_config_update
636F6E74656E743D2537422532327265706F72745F706F6C696379253232253341312532432532327061636B616765253232253341253232636F6D2E786D6F6467616D652532322532432532326170706B65792532322533412532323535323634663230666439386335363238353030306464652532322532432532326C6173745F636F6E6669675F74696D6525323225334125323225323225324325323273646B5F76657273696F6E253232253341253232352E342E32253232253243253232747970652532322533412532326F6E6C696E655F636F6E6669672532322532432532326368616E6E656C253232253341253232393925323225324325323269...
http://rqd.uu.qq.com/rqd/sync
http://oc.umeng.com/check_config_update
636F6E74656E743D2537422532327265706F72745F706F6C696379253232253341312532432532327061636B616765253232253341253232636F6D2E786D6F6467616D652532322532432532326170706B65792532322533412532323535323634663230666439386335363238353030306464652532322532432532326C6173745F636F6E6669675F74696D652532322533412532324D6F6E2B4D61792B32352B3130253341313225334132312B4353542B3230313525323225324325323273646B5F76657273696F6E253232253341253232352E342E32253232253243253232747970652532322533412532326F6E6C696E655F636F6E6669672532322532...
http://api.xxzhushou.cn/script/checkXXMultiLaunch.php?appid=102&client_ver=2.3.5&tengine_ver=
http://cdn.xxzhushou.cn/xxApktool-release_1.0.1_100.apk
http://data1.xmodgames.com/android_up.json