× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c823468af407536b0628eeb88b8956b56f911313fb62fac27421c93dc905a13c
File name: 1385304128_wakaville.apk
Detection ratio: 2 / 56
Analysis date: 2016-06-24 16:20:15 UTC ( 2 years, 11 months ago ) View latest
Antivirus Result Update
AVware Trojan.AndroidOS.Generic.A 20160624
Ikarus AdWare.AndroidOS.ActiveInject 20160624
Ad-Aware 20160624
AegisLab 20160624
AhnLab-V3 20160624
Alibaba 20160624
ALYac 20160624
Antiy-AVL 20160624
Arcabit 20160624
Avast 20160624
AVG 20160624
Avira (no cloud) 20160624
Baidu 20160624
Baidu-International 20160614
BitDefender 20160624
Bkav 20160623
CAT-QuickHeal 20160623
ClamAV 20160624
CMC 20160620
Comodo 20160624
Cyren 20160624
DrWeb 20160624
Emsisoft 20160624
ESET-NOD32 20160624
F-Prot 20160624
F-Secure 20160624
Fortinet 20160624
GData 20160624
Jiangmin 20160624
K7AntiVirus 20160624
K7GW 20160624
Kaspersky 20160624
Kingsoft 20160624
Malwarebytes 20160624
McAfee 20160624
McAfee-GW-Edition 20160624
Microsoft 20160624
eScan 20160624
NANO-Antivirus 20160624
nProtect 20160624
Panda 20160624
Qihoo-360 20160624
Sophos AV 20160624
SUPERAntiSpyware 20160624
Symantec 20160624
Tencent 20160624
TheHacker 20160624
TotalDefense 20160624
TrendMicro 20160624
TrendMicro-HouseCall 20160624
VBA32 20160624
VIPRE 20160624
ViRobot 20160624
Yandex 20160624
Zillya 20160624
Zoner 20160624
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.mobilexlabs.wakaville. The internal version number of the application is 101. The displayed version string of the application is 1.01. The minimum Android API level for the application to run (MinSDKVersion) is 8. The target Android API level for the application to run (TargetSDKVersion) is 16.
Required permissions
android.permission.VIBRATE (control vibrator)
android.permission.RECEIVE_BOOT_COMPLETED (automatically start at boot)
com.google.android.c2dm.permission.RECEIVE (Unknown permission from android reference)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.INTERNET (full Internet access)
com.android.vending.CHECK_LICENSE (Unknown permission from android reference)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
com.android.vending.BILLING (Unknown permission from android reference)
android.permission.GET_ACCOUNTS (discover known accounts)
com.mobilexlabs.wakaville.permission.C2D_MESSAGE (C2DM permission.)
Activities
com.inject.InjectActivity
com.ansca.corona.CoronaActivity
com.vungle.sdk.VungleAdvert
com.ansca.corona.CameraActivity
com.ansca.corona.VideoActivity
com.ansca.corona.purchasing.StoreActivity
com.facebook.LoginActivity
com.ansca.corona.facebook.FacebookFragmentActivity
Services
com.ansca.corona.CoronaService
Receivers
com.heyzap.sdk.ads.PackageAddedReceiver
com.ansca.corona.SystemStartupBroadcastReceiver
com.ansca.corona.notifications.AlarmManagerBroadcastReceiver
com.ansca.corona.notifications.StatusBarBroadcastReceiver
com.ansca.corona.notifications.GoogleCloudMessagingBroadcastReceiver
com.ansca.corona.purchasing.GoogleStoreBroadcastReceiver
Providers
com.ansca.corona.storage.FileContentProvider
Activity-related intent filters
com.inject.InjectActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.heyzap.sdk.ads.PackageAddedReceiver
actions: android.intent.action.PACKAGE_ADDED
com.ansca.corona.notifications.GoogleCloudMessagingBroadcastReceiver
actions: com.google.android.c2dm.intent.RECEIVE, com.google.android.c2dm.intent.REGISTRATION
categories: com.mobilexlabs.wakaville
com.ansca.corona.SystemStartupBroadcastReceiver
actions: android.intent.action.BOOT_COMPLETED
com.ansca.corona.purchasing.GoogleStoreBroadcastReceiver
actions: com.android.vending.billing.IN_APP_NOTIFY, com.android.vending.billing.RESPONSE_CODE, com.android.vending.billing.PURCHASE_STATE_CHANGED
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
989
Uncompressed size
39557681
Highest datetime
2013-11-20 10:56:48
Lowest datetime
2013-11-20 10:56:20
Contained files by extension
png
833
mp3
60
xml
53
so
14
jpg
8
txt
3
ttf
2
dex
1
MF
1
car
1
RSA
1
igo
1
SF
1
Contained files by type
PNG
834
MP3
55
XML
53
unknown
16
ELF
14
JPG
10
JSON
5
DEX
1
HTML
1
File identification
MD5 b66d728cec30eeb02a11be38ec4dddd4
SHA1 2f02114a0715b50b1c658eddfe21c2422b47f31c
SHA256 c823468af407536b0628eeb88b8956b56f911313fb62fac27421c93dc905a13c
ssdeep
786432:gP5bbd+R5agmbXpEZ1U/uno0OsCUKPSG9sk:gP5Sa9bXkBo0nKPLsk

File size 34.1 MB ( 35720934 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Android Package (77.2%)
Sweet Home 3D design (generic) (15.4%)
ZIP compressed archive (5.8%)
PrintFox/Pagefox bitmap (var. P) (1.4%)
Tags
apk android contains-elf

VirusTotal metadata
First submission 2013-11-26 10:06:39 UTC ( 5 years, 6 months ago )
Last submission 2016-06-24 16:20:15 UTC ( 2 years, 11 months ago )
File names 21657-b66d728cec30eeb02a11be38ec4dddd4-1461660300.apk
wakaville.apk
69JhT3wePbdaNqcgH8btxUmFMVh_NRuU.apk
yiwan.com_jswydgr_en_1.01.apk
WakaVille-Zombie-Killer-Squad.apk
1385304128_wakaville.apk
wakaville_v1.0.1_quxiu.COM.apk
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Opened files
APP_ASSETS/class.inject
APP_ASSETS/adsimage.inject