× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: af5d013c3adeb04d28a5b11fa8a3dfc72a977471d444b753140e453d69db1e47
Detection ratio: 8 / 63
Analysis date: 2017-12-26 18:04:06 UTC ( 1 year, 2 months ago ) View latest
Antivirus Result Update
AegisLab Adwareare.Andr.Leadbolt.D!c 20171226
Antiy-AVL Trojan/Android.TSGeneric 20171226
Avira (no cloud) ADWARE/ANDR.Leadbolt.D.Gen 20171226
AVware Trojan.AndroidOS.Generic.A 20171226
Cyren ZIP/Trojan.JEVN-4 20171226
DrWeb Adware.Leadbolt.12.origin 20171226
NANO-Antivirus Riskware.Android.Leadbolt.dkzuxh 20171226
TrendMicro-HouseCall Suspicious_GEN.F47V1129 20171226
Ad-Aware 20171225
AhnLab-V3 20171226
Alibaba 20171226
ALYac 20171226
Arcabit 20171226
Avast 20171226
Avast-Mobile 20171226
AVG 20171226
Baidu 20171226
BitDefender 20171226
Bkav 20171226
CAT-QuickHeal 20171226
ClamAV 20171226
CMC 20171226
Comodo 20171226
CrowdStrike Falcon (ML) 20171016
Cybereason None
Cylance 20171226
eGambit 20171226
Emsisoft 20171226
Endgame 20171130
ESET-NOD32 20171226
F-Prot 20171226
F-Secure 20171226
Fortinet 20171226
GData 20171226
Ikarus 20171226
Sophos ML 20170914
Jiangmin 20171226
K7AntiVirus 20171226
K7GW 20171226
Kaspersky 20171226
Kingsoft 20171226
Malwarebytes 20171226
MAX 20171226
McAfee 20171226
McAfee-GW-Edition 20171226
Microsoft 20171226
eScan 20171226
nProtect 20171226
Palo Alto Networks (Known Signatures) 20171226
Panda 20171226
Qihoo-360 20171226
Rising 20171226
SentinelOne (Static ML) 20171224
Sophos AV 20171226
SUPERAntiSpyware 20171226
Symantec 20171225
Symantec Mobile Insight 20171222
Tencent 20171226
TheHacker 20171219
TrendMicro 20171226
Trustlook 20171226
VBA32 20171226
VIPRE 20171226
ViRobot 20171226
Webroot 20171226
WhiteArmor 20171226
Yandex 20171225
Zillya 20171226
ZoneAlarm by Check Point 20171226
Zoner 20171226
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.luko.car. The internal version number of the application is 78. The displayed version string of the application is 1.837. The minimum Android API level for the application to run (MinSDKVersion) is 10. The target Android API level for the application to run (TargetSDKVersion) is 19.
Required permissions
android.permission.VIBRATE (control vibrator)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.READ_LOGS (read sensitive log data)
com.google.android.c2dm.permission.RECEIVE (Unknown permission from android reference)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.GET_TASKS (retrieve running applications)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.INTERNET (full Internet access)
com.luko.car.permission.C2D_MESSAGE (C2DM permission.)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
com.android.vending.BILLING (Unknown permission from android reference)
android.permission.GET_ACCOUNTS (discover known accounts)
Activities
com.prime31.UnityPlayerProxyActivity
com.prime31.UnityPlayerActivity
com.prime31.UnityPlayerNativeActivity
com.flurry.android.FlurryFullscreenTakeoverActivity
com.prime31.GoogleIABProxyActivity
com.facebook.LoginActivity
com.heyzap.sdk.ads.HeyzapInterstitialActivity
com.heyzap.sdk.ads.HeyzapVideoActivity
com.jirbo.unityadc.UnityADCActivity
com.jirbo.adcolony.AdColonyOverlay
com.jirbo.adcolony.AdColonyFullscreen
com.jirbo.adcolony.AdColonyBrowser
com.facebook.unity.FBUnityLoginActivity
com.facebook.unity.FBUnityDeepLinkingActivity
Services
com.luko.car.SwrveGcmIntentService
Receivers
com.luko.car.SwrveGcmBroadcastReceiver
com.heyzap.sdk.ads.PackageAddedReceiver
Activity-related intent filters
com.prime31.UnityPlayerProxyActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.luko.car.SwrveGcmBroadcastReceiver
actions: com.google.android.c2dm.intent.RECEIVE
categories: com.luko.car
com.heyzap.sdk.ads.PackageAddedReceiver
actions: android.intent.action.PACKAGE_ADDED
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The studied file contains at least one Portable Executable.
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
440
Uncompressed size
183624632
Highest datetime
2014-10-15 20:21:44
Lowest datetime
2013-12-12 00:55:44
Contained files by extension
png
187
xml
35
dll
13
so
4
dex
1
MF
1
RSA
1
SF
1
Contained files by type
unknown
200
PNG
187
XML
35
Portable Executable
13
ELF
4
DEX
1
Compressed bundles
File identification
MD5 e767c724f47b7c5c3ed50c9d5c6a05b0
SHA1 5022ad0a6709e154e3aea3a763d0ad53c19c1ab8
SHA256 af5d013c3adeb04d28a5b11fa8a3dfc72a977471d444b753140e453d69db1e47
ssdeep
786432:IclIykNEzHjww1lfe6wEmxYcxJBcXJCbxhx/l2qjYOZdN7daDUwHULjY/9FaKFZl:IclRcEnlPee+YcxJB/bxhx/lfjYO7N7e

File size 45.5 MB ( 47735490 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Java Archive (74.3%)
ZIP compressed archive (20.5%)
PrintFox/Pagefox bitmap (var. P) (5.1%)
Tags
apk contains-pe android contains-elf

VirusTotal metadata
First submission 2014-11-04 09:29:33 UTC ( 4 years, 4 months ago )
Last submission 2018-11-01 21:06:58 UTC ( 4 months, 3 weeks ago )
File names 1461447613_fast-outlaw-asphalt-surfers_v1.837.apk
Fast Outlaw. Asphalt Surfers.apk
08317-Fast-Outlaw-Asphalt-Surfers-v1-79.apk
fast-outlaw-asphalt-surfers.apk
440111_a96b2e_com.luko.car.apk
package.apk
fast-outlaw-asphalt-surfers.apk
598917_42fdf7_com.luko.car-78.apk
594045_531e79_fast_outlaw_asphalt_surfers.ver.1.837.build.78.apk
611391_7d7a31_com.luko.car-78.apk
e767c724f47b7c5c3ed50c9d5c6a05b0
fast-outlaw-asphalt-surfers-1-8371.apk
jskt_1413447566539.apk
594423_1caffc_fast_outlaw_asphalt_surfers.ver.1.837.build.78.apk
Fast_outlaw_asphalt_surfers_v1.837_androidone.ru.apk
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: Suspicious_GEN.F47V0408.

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!