× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b9162644bb8ad36382588c71532e375fbefef03281f4d1b4f2394fe1c240af92
File name: starwarsgalacticdefense.apk
Detection ratio: 0 / 57
Analysis date: 2016-06-05 22:51:36 UTC ( 2 years, 11 months ago ) View latest
Antivirus Result Update
Ad-Aware 20160605
AegisLab 20160604
AhnLab-V3 20160605
Alibaba 20160603
ALYac 20160605
Antiy-AVL 20160605
Arcabit 20160605
Avast 20160605
AVG 20160605
Avira (no cloud) 20160605
AVware 20160605
Baidu 20160603
Baidu-International 20160605
BitDefender 20160605
Bkav 20160604
CAT-QuickHeal 20160604
ClamAV 20160605
CMC 20160602
Comodo 20160605
Cyren 20160605
DrWeb 20160605
Emsisoft 20160605
ESET-NOD32 20160605
F-Prot 20160605
F-Secure 20160605
Fortinet 20160605
GData 20160605
Ikarus 20160605
Jiangmin 20160605
K7AntiVirus 20160605
K7GW 20160605
Kaspersky 20160605
Kingsoft 20160605
Malwarebytes 20160605
McAfee 20160605
McAfee-GW-Edition 20160605
Microsoft 20160605
eScan 20160605
NANO-Antivirus 20160605
nProtect 20160603
Panda 20160605
Qihoo-360 20160605
Rising 20160605
Sophos AV 20160605
SUPERAntiSpyware 20160605
Symantec 20160605
Tencent 20160605
TheHacker 20160604
TotalDefense 20160605
TrendMicro 20160605
TrendMicro-HouseCall 20160605
VBA32 20160603
VIPRE 20160605
ViRobot 20160605
Yandex 20160605
Zillya 20160605
Zoner 20160605
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.mobage.ww.a1903.SWTD_Android. The internal version number of the application is 40. The displayed version string of the application is 1.3.1. The minimum Android API level for the application to run (MinSDKVersion) is 9. The target Android API level for the application to run (TargetSDKVersion) is 19.
Required permissions
android.permission.VIBRATE (control vibrator)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.GET_TASKS (retrieve running applications)
com.mobage.ww.a1903.SWTD_Android.permission.RECEIVE_ADM_MESSAGE (Unknown permission from android reference)
com.google.android.c2dm.permission.RECEIVE (Unknown permission from android reference)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.WAKE_LOCK (prevent phone from sleeping)
com.mobage.ww.a1903.SWTD_Android.permission.C2D_MESSAGE (C2DM permission.)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.INTERNET (full Internet access)
com.android.vending.CHECK_LICENSE (Unknown permission from android reference)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
com.android.vending.BILLING (Unknown permission from android reference)
android.permission.GET_ACCOUNTS (discover known accounts)
com.amazon.device.messaging.permission.RECEIVE (Unknown permission from android reference)
Activities
com.mobage.ww.a1903.SWTD_Android.OLInterstitialActivity
com.otherlevels.androidportal.NotificationOpenActivity
com.test.android.MBUnityPlayerProxyActivity
com.test.android.MBUnityPlayerActivity
com.test.android.MBUnityPlayerNativeActivity
com.facebook.LoginActivity
com.facebook.unity.FBUnityLoginActivity
com.facebook.unity.FBUnityDeepLinkingActivity
com.chartboost.sdk.CBImpressionActivity
Services
com.otherlevels.androidportal.UnityGCMIntentService
com.mobage.ww.android.analytics.HeartbeatService
com.mobage.global.android.c2dm.ADMHandler
com.CFM.ELAN.ELANAlarmCreator
com.CFM.CustomELAN.ELANAlarmCreator
Receivers
com.otherlevels.androidportal.LocalNotificationReceiver
com.otherlevels.androidportal.UnityGCMBroadcastReceiver
com.mobage.android.ads.TrackingReceiver
com.mobage.global.android.c2dm.C2DMBaseReceiver
com.amazon.inapp.purchasing.ResponseReceiver
com.CFM.ELAN.TimedAlarm
com.CFM.CustomELAN.TimedAlarm
com.mobage.global.android.c2dm.ADMHandler$Receiver
Activity-related intent filters
com.test.android.MBUnityPlayerProxyActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
com.test.android.MBUnityPlayerActivity
actions: com.mobage.android.action.RECEIVE_NOTIFICATION
Receiver-related intent filters
com.mobage.global.android.c2dm.ADMHandler$Receiver
actions: com.amazon.device.messaging.intent.REGISTRATION, com.amazon.device.messaging.intent.RECEIVE
categories: com.mobage.ww.a1903.SWTD_Android
com.mobage.android.ads.TrackingReceiver
actions: com.android.vending.INSTALL_REFERRER
com.amazon.inapp.purchasing.ResponseReceiver
actions: com.amazon.inapp.purchasing.NOTIFY
com.otherlevels.androidportal.UnityGCMBroadcastReceiver
actions: com.google.android.c2dm.intent.RECEIVE, com.google.android.c2dm.intent.REGISTRATION
categories: com.mobage.ww.a1903.SWTD_Android
com.mobage.global.android.c2dm.C2DMBaseReceiver
actions: com.google.android.c2dm.intent.REGISTRATION, com.google.android.c2dm.intent.RECEIVE
categories: com.mobage.ww.a1903.SWTD_Android
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The studied file contains at least one Portable Executable.
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
183
Uncompressed size
55889717
Highest datetime
2015-04-22 15:41:52
Lowest datetime
2015-03-24 08:41:18
Contained files by extension
png
115
xml
33
dll
11
so
8
dex
1
MF
1
RSA
1
SF
1
Contained files by type
PNG
115
XML
33
unknown
15
Portable Executable
11
ELF
8
DEX
1
File identification
MD5 261e0822c9d419aba589143035fbc8e8
SHA1 cfbc56958232835d4ece4ebbd4015c9891ecf76a
SHA256 b9162644bb8ad36382588c71532e375fbefef03281f4d1b4f2394fe1c240af92
ssdeep
393216:duKJF3MqWtrcplH3L+S1Y7UD9ClJOX45smWrp+7ehZiqpKd2WcATHa1:Yo3Mq4SlH3LbByds9t+7eP5rATy

File size 18.9 MB ( 19798141 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk contains-pe android contains-elf

VirusTotal metadata
First submission 2015-05-11 10:53:16 UTC ( 4 years ago )
Last submission 2016-09-04 00:37:48 UTC ( 2 years, 8 months ago )
File names star-wars-a-galactic-defense.apk
30098e585130cd2453fd6322a8033c995f5f67bb39d553ce28dea40cfdee91b00d6990171c1822b9a97bec4ac3e0698ba4459f2d9e35b67883a0e199f79d9cb1
starwarsgalacticdefense.apk
Star Wars ™: Galactic Defense v1.3.1.apk
com.mobage.ww.a1903.SWTD_Android.apk
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Started receivers
android.net.conn.CONNECTIVITY_CHANGE
Opened files
/data/data/com.mobage.ww.a1903.SWTD_Android/files/AdjustIoActivityState
/data/data/com.mobage.ww.a1903.SWTD_Android/files/AdjustIoPackageQueue
/data/data/com.mobage.ww.a1903.SWTD_Android/cache/volley
/mnt/sdcard
/data/data/com.mobage.ww.a1903.SWTD_Android/cache/__chartboost/CBRequestManager
/data/data/com.mobage.ww.a1903.SWTD_Android/cache/__chartboost/CBTrackingDirectory
/mnt/sdcard/Android/data/com.mobage.ww.a1903.SWTD_Android/cache/__chartboost/CBVideoDirectory
APP_ASSETS/bin/Data/settings.xml
APP_ASSETS/distribution_name
/data/data/com.mobage.ww.a1903.SWTD_Android/cache/__chartboost/CBTrackingDirectory/cb_previous_session_info
Accessed files
/data/app/com.mobage.ww.a1903.SWTD_Android-1.apk/assets/bin/Data/settings.xml
/mnt/sdcard/Android/obb/com.mobage.ww.a1903.SWTD_Android
/data/data/com.mobage.ww.a1903.SWTD_Android/cache/__chartboost/CBRequestManager
/data/data/com.mobage.ww.a1903.SWTD_Android/cache/__chartboost/CBTrackingDirectory
/mnt/sdcard/Android/data/com.mobage.ww.a1903.SWTD_Android/cache/__chartboost/CBVideoDirectory
/data/data/com.mobage.ww.a1903.SWTD_Android/cache/volley
/data/data/com.mobage.ww.a1903.SWTD_Android/cache/__chartboost/CBTrackingDirectory/cb_previous_session_info
Interesting calls
Calls APIs that provide access to information about the telephony services on the device. Applications can use such methods to determine telephony services and states, as well as to access some types of subscriber information.
Contacted URLs
https://app.adjust.io/startup
616E64726F69645F69643D62666331343834653264663131636332266D61635F736861313D3262643561633733613132393934363164656364343530336564316565633839643266323734333626656E7669726F6E6D656E743D70726F64756374696F6E26747261636B696E675F656E61626C65643D302673657373696F6E5F636F756E743D31266170705F746F6B656E3D656B646267626D6C7367716A26637265617465645F61743D323031322D31302D3130543037253341353925334130345A2532423032303026616E64726F69645F757569643D63653439613732302D343437382D343938332D613939612D393765393663346434383632266D61635F...
https://live.chartboost.com/api/config
https://live.chartboost.com/api/video-prefetch
Accessed URIs
https://live.chartboost.com/api/video-prefetch
https://live.chartboost.com/api/config
content://com.facebook.katana.provider.AttributionIdProvider
https://live.chartboost.com/interstitial/get