Ecocash icon

com-econetprod-10560-62391385-ced2da5a69fd57853a3e8d1f4dfcd54c.apk

Ecocash

7.56 MB

Analyzed: 2026-03-27 08:39 UTC

Twitter / X Facebook LinkedIn WhatsApp Telegram Reddit
Analyze Another

APK Security & Privacy Score

Security scoring uses multi-engine scan signals and APK indicators. Privacy scoring uses requested permissions and network endpoint patterns.

Security Scan-weighted
97/100
Threat scan clean
Privacy Permissions & network
69/100
HTTP URLs found Possible tracking
81/100
Good
Overall trust

Facts

Threat scan 0/76 flagged, 0 suspicious
Permissions 13 requested
Network strings 23 URLs (11 HTTP, 12 HTTPS)
Target SDK 30
Certificate Valid until 2038-06-11 (12 years, suspicious)

Warnings

Found 11 HTTP URL strings (unencrypted).
Possible analytics/tracking domains found: pagead2.googlesyndication.com, ssl.google-analytics.com, www.google-analytics.com
Package Name com.econetprod
Version Code 10560
Version Name 5.5
Application Name com.comviva.webaxn.ui.WebaxnApplicationTracker
Debuggable No
Allow Backup No
Min SDK Android 14 (Ice Cream Sandwich)
Target SDK Android 30 (Android 11)
Supported ABIs
Universal

Certificate & Signer

Valid From 2013-06-17 15:12:33
Valid To 2038-06-11 15:12:33
Serial Number 5708b879
Thumbprint b013813d86b660a050df1605351e874f89f65101
Issuer: C 91
Issuer: CN fdpos
Issuer: DN C:91, CN:fdpos, L:bangalore, O:comviva, ST:karnataka, OU:webaxn
Issuer: L bangalore
Issuer: O comviva
Issuer: OU webaxn
Issuer: ST karnataka
Subject: C 91
Subject: CN fdpos
Subject: DN C:91, CN:fdpos, L:bangalore, O:comviva, ST:karnataka, OU:webaxn
Subject: L bangalore
Subject: O comviva
Subject: OU webaxn
Subject: ST karnataka

Security Scan

0 /76
✓ Clean
Scanned by 76 security vendors
Last scan: 2023-12-10 19:35 UTC
Malicious
0
Suspicious
0
Harmless
0
Undetected
41
Timeout
25
Failure
0

Scan Providers

76 vendors
ALYac undetected
No result reported
Engine 1.1.3.1
APEX type-unsupported
No result reported
Engine 6.478
AVG timeout
No result reported
Engine 23.9.8494.0
Acronis timeout
No result reported
Engine 1.2.0.121
AhnLab-V3 undetected
No result reported
Engine 3.25.0.10459
Alibaba undetected
No result reported
Engine 0.3.0.5
Antiy-AVL undetected
No result reported
Engine 3.0
Arcabit undetected
No result reported
Engine 2022.0.0.18
Avast timeout
No result reported
Engine 23.9.8494.0
Avast-Mobile undetected
No result reported
Engine 231210-02
Avira undetected
No result reported
Engine 8.3.3.16
Baidu timeout
No result reported
Engine 1.0.0.2
BitDefender timeout
No result reported
Engine 7.2
BitDefenderFalx undetected
No result reported
Engine 2.0.936
BitDefenderTheta timeout
No result reported
Engine 7.2.37796.0
Bkav undetected
No result reported
Engine 2.0.0.1
CAT-QuickHeal undetected
No result reported
Engine 22.00
CMC undetected
No result reported
Engine 2.4.2022.1
ClamAV timeout
No result reported
Engine 1.2.1.0
CrowdStrike type-unsupported
No result reported
Engine 1.0
Cybereason type-unsupported
No result reported
Engine 1.2.449
Cylance type-unsupported
No result reported
Engine 2.0.0.0
Cynet undetected
No result reported
Engine 4.0.0.28
DeepInstinct type-unsupported
No result reported
Engine 3.1.0.15
DrWeb undetected
No result reported
Engine 7.0.61.8090
ESET-NOD32 undetected
No result reported
Engine 28379
Elastic timeout
No result reported
Emsisoft timeout
No result reported
Engine 2022.6.0.32461
F-Secure undetected
No result reported
Engine 18.10.1547.307
FireEye timeout
No result reported
Engine 35.24.1.0
Fortinet timeout
No result reported
GData timeout
No result reported
Google undetected
No result reported
Engine 1702233051
Gridinsoft undetected
No result reported
Engine 1.0.151.174
Ikarus undetected
No result reported
Engine 6.2.4.0
Jiangmin undetected
No result reported
Engine 16.0.100
K7AntiVirus undetected
No result reported
Engine 12.130.50390
K7GW undetected
No result reported
Engine 12.130.50390
Kaspersky timeout
No result reported
Engine 22.0.1.28
Kingsoft undetected
No result reported
Engine None
Lionic undetected
No result reported
Engine 7.5
MAX undetected
No result reported
Engine 2023.1.4.1
Malwarebytes undetected
No result reported
Engine 4.5.5.54
MaxSecure undetected
No result reported
Engine 1.0.0.1
McAfee timeout
No result reported
Engine 6.0.6.653
MicroWorld-eScan undetected
No result reported
Engine 14.0.409.0
Microsoft timeout
No result reported
Engine 1.1.23110.2
NANO-Antivirus undetected
No result reported
Engine 1.0.146.25796
Paloalto type-unsupported
No result reported
Engine 0.9.0.1003
Panda timeout
No result reported
Engine 4.6.4.2
Rising timeout
No result reported
Engine 25.0.0.27
SUPERAntiSpyware undetected
No result reported
Engine 5.6.0.1032
Sangfor timeout
No result reported
Engine 2.23.0.0
SentinelOne type-unsupported
No result reported
Engine 23.4.2.3
Skyhigh timeout
No result reported
Sophos undetected
No result reported
Engine 2.4.3.0
Symantec undetected
No result reported
Engine 1.21.0.0
SymantecMobileInsight undetected
No result reported
Engine 2.0
TACHYON undetected
No result reported
Engine 2023-12-10.02
Tencent undetected
No result reported
Engine 1.0.0.1
Trapmine type-unsupported
No result reported
Engine 4.0.14.97
TrendMicro timeout
No result reported
Engine 11.0.0.1006
TrendMicro-HouseCall timeout
No result reported
Engine 10.0.0.1040
Trustlook undetected
No result reported
Engine 1.0
VBA32 timeout
No result reported
VIPRE undetected
No result reported
Engine 6.0.0.35
Varist timeout
No result reported
Engine 6.5.1.2
ViRobot undetected
No result reported
Engine 2014.3.20.0
VirIT timeout
No result reported
Webroot type-unsupported
No result reported
Engine 1.0.0.403
Xcitium undetected
No result reported
Engine 36249
Yandex timeout
No result reported
Engine 5.5.2.24
Zillya undetected
No result reported
Engine 2.0.0.5010
ZoneAlarm undetected
No result reported
Engine 1.0
Zoner undetected
No result reported
Engine 2.2.2.0
tehtris type-unsupported
No result reported
Engine v0.1.4-109-g76614fd

File Signatures

SHA-256 ac2c33567621167048925380acbe809acc71d85677c88230d3c00c9cf91fa133
MD5 ced2da5a69fd57853a3e8d1f4dfcd54c
SHA-1 61e2164d156fd0d1f9def800287fc58f71076d42
SSDEEP 98304:5M8QgMFe9sH8Iie+ucGUHPJ3F78nOuoV7D14DvQchAee:5HMMh0UHPj6oV7J4i
TLSH T14786F146FB54E40BC07BE13206E6062266570C45CE82E7DB7A5DB26C4FB3AC84E95FC6
VHASH 777662c2ed4ec8bc9ed6bad06076a13e
PERMHASH d1768ab4314420b5bde2ec7886e4664d089a421fddc7cd57361a38da825ee5f5

File Intelligence

Type Description Android Human-friendly file type name based on multiple detection methods.
Type Extension apk Most likely file extension inferred from the content.
Type Tag android Primary type tag assigned by the classifier.
Type Tags executable, mobile, android, apk Additional type tags that describe the file content.
Magic Zip archive data, at least v0.0 to extract, compression method=deflate File signature result from magic bytes inspection.
TrID Android Package (34.7%), Opera Widget (14.9%), Java Archive (14.4%), Pocket Code/Catroid Catrobat Project (11.7%), Sweet Home 3D design (generic) (11.2%) TrID file type guesses with probabilities.
extensions png (653), xml (198), jpg (5), txt (2), css (1), dex (1), MF (1), RSA (1), SF (1) File extensions found inside the APK and how many of each.
file types PNG (650), XML (198), unknown (143), JPG (8), DEX (1) Detected embedded file types and their counts.
highest datetime 1980-00-00 00:00:00 Latest timestamp found among files inside the archive.
lowest datetime 1980-00-00 00:00:00 Earliest timestamp found among files inside the archive.
num children 1229 Number of files contained within the archive.
type APK Container type detected for the analyzed file.
uncompressed size 8.1 MB Estimated total size of all files after extraction.

Deep Manifest Analysis

Activity Intents (1)

com.comviva.webaxn.ui.WebAxnActivity
Actions
Main Activity Action: Start as a main entry point, does not expect to android.intent.action.MAIN
View Activity Action: Display the data to the user. android.intent.action.VIEW
Categories
android.intent.category.LAUNCHER android.intent.category.BROWSABLE android.intent.category.DEFAULT

Requested Permissions (13)

have full network access Allows the app to create network sockets and use custom network protocols. The browser and other applications provide means to send data to the internet, so this permission is not required to send data to the internet. android.permission.INTERNET
view network connections Allows the app to view information about network connections such as which networks exist and are connected. android.permission.ACCESS_NETWORK_STATE
view Wi-Fi connections Allows the app to view information about Wi-Fi networking, such as whether Wi-Fi is enabled and name of connected Wi-Fi devices. android.permission.ACCESS_WIFI_STATE
control vibration Allows the app to control the vibrator. android.permission.VIBRATE
keep car screen turned on Allows the app to keep the car screen turned on. android.permission.WAKE_LOCK
android.permission.USE_FINGERPRINT Custom app or vendor permission (not publicly documented). android.permission.USE_FINGERPRINT
access precise location only in the foreground This app can get your precise location from location services while the app is in use. Location services for your device must be turned on for the app to get location. This may increase battery usage. android.permission.ACCESS_FINE_LOCATION
read your contacts Allows the app to read data about your contacts stored on your tablet. Apps will also have access to the accounts on your tablet that have created contacts. This may include accounts created by apps you have installed. This permission allows apps to save your contact data, and malicious apps may share contact data without your knowledge. android.permission.READ_CONTACTS
add or modify calendar events and send email to guests without owners\' knowledge This app can add, remove, or change calendar events on your tablet. This app can send messages that may appear to come from calendar owners, or change events without notifying their owners. android.permission.WRITE_CALENDAR
take pictures and videos This app can take pictures and record videos using the camera while the app is in use. android.permission.CAMERA
Flashlight android.permission.FLASHLIGHT
modify or delete the contents of your shared storage Allows the app to write the contents of your shared storage. android.permission.WRITE_EXTERNAL_STORAGE
Cloud messaging receive Allows the app to receive push messages via Google/Firebase Cloud Messaging. com.google.android.c2dm.permission.RECEIVE

Uses Features (17)

Bluetooth Feature for {@link #getSystemAvailableFeatures} and android.hardware.bluetooth
Camera Feature for {@link #getSystemAvailableFeatures} and android.hardware.camera
Camera Any Feature for {@link #getSystemAvailableFeatures} and android.hardware.camera.any
Camera Autofocus Feature for {@link #getSystemAvailableFeatures} and android.hardware.camera.autofocus
Camera Flash Feature for {@link #getSystemAvailableFeatures} and android.hardware.camera.flash
Camera Front Feature for {@link #getSystemAvailableFeatures} and android.hardware.camera.front
Location Feature for {@link #getSystemAvailableFeatures} and android.hardware.location
Location Gps Feature for {@link #getSystemAvailableFeatures} and android.hardware.location.gps
Location Network Feature for {@link #getSystemAvailableFeatures} and android.hardware.location.network
Microphone Feature for {@link #getSystemAvailableFeatures} and android.hardware.microphone
Screen Landscape Feature for {@link #getSystemAvailableFeatures} and android.hardware.screen.landscape
Screen Portrait Feature for {@link #getSystemAvailableFeatures} and android.hardware.screen.portrait
Telephony Feature for {@link #getSystemAvailableFeatures} and android.hardware.telephony
Telephony Cdma Feature for {@link #getSystemAvailableFeatures} and android.hardware.telephony.cdma
Telephony Gsm Feature for {@link #getSystemAvailableFeatures} and android.hardware.telephony.gsm
Wifi Feature for {@link #getSystemAvailableFeatures} and android.hardware.wifi
Wifi Direct Feature for {@link #getSystemAvailableFeatures} and android.hardware.wifi.direct

Activities (11)

com.comviva.webaxn.ui.WebAxnActivity
com.comviva.webaxn.ui.ExitActivity
com.comviva.webaxn.ui.NotiDlgActivity
com.comviva.webaxn.ui.InlineVideoPlayer
com.comviva.webaxn.ui.WebViewActivity
com.comviva.webaxn.ui.CropActivity
com.comviva.webaxn.ui.WebAxnContactPickerActivity
com.theartofdev.edmodo.cropper.CropImageActivity
com.google.zxing.client.android.CaptureActivity
com.google.android.gms.auth.api.signin.internal.SignInHubActivity
com.google.android.gms.common.api.GoogleApiActivity

Services (5)

com.comviva.webaxn.utils.DataSyncService
com.comviva.webaxn.utils.DownloadService
com.google.android.gms.analytics.AnalyticsService
com.google.android.gms.analytics.AnalyticsJobService
com.google.android.gms.auth.api.signin.RevocationBoundService

Broadcast Receivers (3)

com.comviva.webaxn.transport.NotificationReceiver com.comviva.webaxn.transport.NotificationReceiver
com.comviva.webaxn.utils.SyncAlarmReceiver com.comviva.webaxn.utils.SyncAlarmReceiver
com.google.android.gms.analytics.AnalyticsReceiver com.google.android.gms.analytics.AnalyticsReceiver

Content Providers (1)

android.support.v4.content.FileProvider

URL Endpoints (23)

http://books.google http://goo.gl/8Rd3yj http://goo.gl/naFqQk http://google.com/books http://hostname/ http://maps.google.com/maps?saddr= http://www.google http://www.google-analytics.com http://www.google.com/books?id= http://www.google.com/books?vid=isbn http://zxing.appspot.com/scan https://accounts.google.com/o/oauth2/revoke?token= https://app.ecocash.co.zw/webaxn/webaxn?group=subsPROD5&platform=android https://books.google https://maps.google https://overmind.datatheorem.com/trustkit/report https://pagead2.googlesyndication.com/pagead/gen_204?id=gmob-apps https://plus.google.com/ https://ssl.google-analytics.com https://www.google

Submission Details

Submitted At 2026-03-27
First Submission 2026-03-27
Last Submission 2026-03-27
Stored Until 2026-04-26
Names & Tags
com-econetprod-10560-62391385-ced2da5a69fd57853a3e8d1f4dfcd54c.apk submission base.apk obfuscated telephony android reflection apk