× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c5064b59ef3188f56894f0b1c43ee6daaf0f626bea71058b53fb5ac179784881
File name: com.nexonm.loh.usios.apk
Detection ratio: 0 / 57
Analysis date: 2016-05-03 09:20:21 UTC ( 2 years, 11 months ago ) View latest
Antivirus Result Update
Ad-Aware 20160503
AegisLab 20160502
AhnLab-V3 20160502
Alibaba 20160503
ALYac 20160503
Antiy-AVL 20160503
Arcabit 20160503
Avast 20160503
AVG 20160503
Avira (no cloud) 20160503
AVware 20160503
Baidu 20160429
Baidu-International 20160503
BitDefender 20160503
Bkav 20160429
CAT-QuickHeal 20160503
ClamAV 20160502
CMC 20160429
Comodo 20160503
Cyren 20160502
DrWeb 20160503
Emsisoft 20160503
ESET-NOD32 20160503
F-Prot 20160502
F-Secure 20160503
Fortinet 20160503
GData 20160503
Ikarus 20160503
Jiangmin 20160503
K7AntiVirus 20160502
K7GW 20160503
Kaspersky 20160503
Kingsoft 20160503
Malwarebytes 20160503
McAfee 20160503
McAfee-GW-Edition 20160502
Microsoft 20160503
eScan 20160503
NANO-Antivirus 20160503
nProtect 20160502
Panda 20160502
Qihoo-360 20160503
Rising 20160503
Sophos AV 20160503
SUPERAntiSpyware 20160503
Symantec 20160503
Tencent 20160503
TheHacker 20160502
TotalDefense 20160502
TrendMicro 20160503
TrendMicro-HouseCall 20160503
VBA32 20160502
VIPRE 20160503
ViRobot 20160503
Yandex 20160502
Zillya 20160502
Zoner 20160503
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.nexonm.loh.usios. The internal version number of the application is 1431. The displayed version string of the application is 1.4.31. The minimum Android API level for the application to run (MinSDKVersion) is 14. The target Android API level for the application to run (TargetSDKVersion) is 19.
Required permissions
com.nexonm.loh.usios.permission.C2D_MESSAGE (C2DM permission.)
android.permission.INTERNET (full Internet access)
android.permission.VIBRATE (control vibrator)
com.google.android.c2dm.permission.RECEIVE (Unknown permission from android reference)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.GET_TASKS (retrieve running applications)
android.permission.WRITE_SETTINGS (modify global system settings)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.READ_PHONE_STATE (read phone state and identity)
android.permission.KILL_BACKGROUND_PROCESS (Unknown permission from android reference)
android.permission.RESTART_PACKAGES (kill background processes)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
com.android.vending.BILLING (Unknown permission from android reference)
android.permission.GET_ACCOUNTS (discover known accounts)
Activities
com.nexonm.loh.usios.AndroidAPI
com.nexonm.loh.usios.MyAlert
com.facebook.LoginActivity
com.prime31.FacebookProxyActivity
com.prime31.GoogleIABProxyActivity
com.google.example.games.pluginsupport.SignInHelperActivity
com.google.example.games.pluginsupport.SelectOpponentsHelperActivity
com.google.example.games.pluginsupport.InvitationInboxHelperActivity
Services
com.nexonm.loh.usios.GCMIntentService
Receivers
io.fiverocks.android.GCMReceiver
com.google.android.gcm.GCMBroadcastReceiver
io.fiverocks.android.InstallReferrerReceiver
io.fiverocks.android.FiveRocksReceiver
Activity-related intent filters
com.nexonm.loh.usios.AndroidAPI
actions: android.intent.action.MAIN, android.intent.action.VIEW
categories: android.intent.category.LAUNCHER, android.intent.category.DEFAULT
Receiver-related intent filters
io.fiverocks.android.InstallReferrerReceiver
actions: com.android.vending.INSTALL_REFERRER
com.google.android.gcm.GCMBroadcastReceiver
actions: com.google.android.c2dm.intent.RECEIVE, com.google.android.c2dm.intent.REGISTRATION
categories: com.nexonm.loh.usios
io.fiverocks.android.GCMReceiver
actions: com.google.android.c2dm.intent.REGISTRATION, com.google.android.c2dm.intent.RECEIVE, com.google.android.gcm.intent.RETRY
categories: com.nexonm.loh.usios
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The studied file contains at least one Portable Executable.
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
861
Uncompressed size
82752654
Highest datetime
2015-03-30 18:36:22
Lowest datetime
2014-07-07 22:53:24
Contained files by extension
png
209
xml
44
dll
16
so
3
dex
1
MF
1
RSA
1
mp4
1
SF
1
Contained files by type
unknown
587
PNG
209
XML
44
Portable Executable
16
ELF
3
DEX
1
MP3
1
File identification
MD5 70fec80ebf009ccf7311f6be2fad88b8
SHA1 e928af9b5a42b5408a108b636ade996cf8f71cdc
SHA256 c5064b59ef3188f56894f0b1c43ee6daaf0f626bea71058b53fb5ac179784881
ssdeep
786432:+JiMXXBzZLXdowejewMniw48QdX5kp+bJLR01HqQjW:+JpXX3LeVMnJmup+bJ10ZqsW

File size 28.7 MB ( 30143702 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Java Archive (78.3%)
ZIP compressed archive (21.6%)
Tags
apk contains-pe android contains-elf

VirusTotal metadata
First submission 2015-04-06 07:20:06 UTC ( 4 years ago )
Last submission 2016-09-29 19:48:59 UTC ( 2 years, 6 months ago )
File names 1b643ccd3cc7f8d45f055ec7027cd1f80e6844c1ccbce1f7fd75cab107881cd2473c6120092c2a9a2ab5d1483ec8aec120dfe3647d4dd540ade6c18a539ed96a
legion-of-heroes.apk
Legion_of_Heroes_1.4.31_APKField.apk
com.nexonm.loh.usios.apk
legion-of-heroes.apk
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!