× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e63bf3ad06c5347e9d878ddb3217798dc52918bafa1a2ca3a3f41131a568c35d
File name: 1431613805_com.crazylabs.evolution.apk
Detection ratio: 1 / 56
Analysis date: 2016-06-22 14:36:12 UTC ( 1 year, 5 months ago ) View latest
Antivirus Result Update
Sophos AV Android Multi Ads (PUA) 20160622
Ad-Aware 20160622
AegisLab 20160622
AhnLab-V3 20160622
Alibaba 20160622
ALYac 20160622
Antiy-AVL 20160622
Arcabit 20160622
Avast 20160622
AVG 20160622
Avira (no cloud) 20160622
AVware 20160622
Baidu 20160622
Baidu-International 20160614
BitDefender 20160622
Bkav 20160622
CAT-QuickHeal 20160622
ClamAV 20160622
CMC 20160620
Comodo 20160622
Cyren 20160622
DrWeb 20160622
Emsisoft 20160622
ESET-NOD32 20160622
F-Prot 20160622
F-Secure 20160622
Fortinet 20160622
GData 20160622
Ikarus 20160622
Jiangmin 20160622
K7AntiVirus 20160622
K7GW 20160622
Kaspersky 20160622
Kingsoft 20160622
Malwarebytes 20160622
McAfee 20160622
McAfee-GW-Edition 20160622
Microsoft 20160622
eScan 20160622
NANO-Antivirus 20160622
nProtect 20160622
Panda 20160622
Qihoo-360 20160622
SUPERAntiSpyware 20160622
Symantec 20160622
Tencent 20160622
TheHacker 20160621
TotalDefense 20160622
TrendMicro 20160622
TrendMicro-HouseCall 20160622
VBA32 20160621
VIPRE 20160622
ViRobot 20160622
Yandex 20160621
Zillya 20160622
Zoner 20160622
The file being studied is Android related! APK Android file more specifically. The application's main package name is com.crazylabs.evolution. The internal version number of the application is 6. The displayed version string of the application is 1.0.0. The minimum Android API level for the application to run (MinSDKVersion) is 15. The target Android API level for the application to run (TargetSDKVersion) is 21.
Required permissions
android.permission.INTERNET (full Internet access)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.ACCESS_WIFI_STATE (view Wi-Fi status)
com.android.vending.BILLING (Unknown permission from android reference)
Activities
com.tabtale.publishing.ttunity.TTUnityPlayerNativeActivity
com.unity3d.player.UnityPlayerNativeActivity
com.tabtale.publishingsdk.monetization.appshelf.WebViewActivity
com.google.android.gms.ads.AdActivity
com.inmobi.androidsdk.IMBrowserActivity
com.millennialmedia.android.MMActivity
com.mdotm.android.vast.VastInterstitialActivity
com.mdotm.android.view.MdotMActivity
com.startapp.android.publish.list3d.List3DActivity
com.startapp.android.publish.AppWallActivity
com.jirbo.adcolony.AdColonyOverlay
com.jirbo.adcolony.AdColonyFullscreen
com.jirbo.adcolony.AdColonyBrowser
com.flurry.android.FlurryFullscreenTakeoverActivity
com.unity3d.ads.android.view.UnityAdsFullscreenActivity
com.appsflyer.AppsFlyerOverrideActivity
com.outlinegames.unibill.PurchaseActivity
Receivers
com.tabtale.publishingsdk.monetization.appshelf.WebViewService
com.inmobi.commons.analytics.androidsdk.IMAdTrackerReceiver
com.appsflyer.MultipleInstallBroadcastReceiver
Activity-related intent filters
com.tabtale.publishing.ttunity.TTUnityPlayerNativeActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER, android.intent.category.LEANBACK_LAUNCHER
Receiver-related intent filters
com.appsflyer.MultipleInstallBroadcastReceiver
actions: com.android.vending.INSTALL_REFERRER
com.inmobi.commons.analytics.androidsdk.IMAdTrackerReceiver
actions: com.android.vending.INSTALL_REFERRER, android.net.conn.CONNECTIVITY_CHANGE, com.inmobi.share.id
com.tabtale.publishingsdk.monetization.appshelf.WebViewService
actions: com.tabtale.publishingsdk.monetization.appshelf.WebViewActivity.APPSHELF_LINK, com.tabtale.publishingsdk.monetization.appshelf.WebViewActivity.APPSHELF_SHOW, com.tabtale.publishingsdk.monetization.appshelf.WebViewActivity.APPSHELF_PLAY_SOUND, com.tabtale.publishingsdk.monetization.appshelf.WebViewActivity.APPSHELF_START_ANIMATION_ENDED
Application certificate information
Interesting strings
The file being studied is a compressed stream! Details about the compressed contents follow.
Interesting properties
The studied file contains at least one Portable Executable.
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
343
Uncompressed size
130932725
Highest datetime
2015-05-03 17:41:16
Lowest datetime
2015-03-21 00:45:46
Contained files by extension
png
128
xml
12
dll
11
txt
10
so
6
dex
1
MF
1
zip
1
RSA
1
SF
1
Contained files by type
unknown
184
PNG
128
XML
12
Portable Executable
11
ELF
6
DEX
1
ZIP
1
File identification
MD5 82278767eaf2bbe8129538517a834587
SHA1 d916dcf0038e02e45ffbd913257bb0d339aef439
SHA256 e63bf3ad06c5347e9d878ddb3217798dc52918bafa1a2ca3a3f41131a568c35d
ssdeep
393216:Bkghyw2W6rNiR8dleoIRfzQIo2cTdj+GYiMCFLv9NNTNYmu3Zr7DFrXdER:lnv2leoIRfzY2cTdwiM89NNTNYP5rXdm

File size 21.5 MB ( 22556747 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract

TrID Java Archive (78.3%)
ZIP compressed archive (21.6%)
Tags
apk contains-pe android contains-elf

VirusTotal metadata
First submission 2015-07-14 02:28:38 UTC ( 2 years, 4 months ago )
Last submission 2016-06-22 14:36:12 UTC ( 1 year, 5 months ago )
File names 1431613805_com.crazylabs.evolution.apk
com.crazylabs.evolution.apk
82278767eaf2bbe8129538517a834587.apk
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: Suspicious_GEN.F47V0815.

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Opened files
APP_ASSETS/bin/Data/settings.xml
Accessed files
/data/app/com.crazylabs.evolution-1.apk/assets/bin/Data/settings.xml