APK Security & Privacy Score
Security scoring uses multi-engine scan signals and APK indicators. Privacy scoring uses requested permissions and network endpoint patterns.
Security
Scan-weighted
16/100
Threat scan flagged
Outdated target SDK
Privacy
Permissions & network
98/100
AllowBackup enabled
Low data access
28/100
High Risk
Overall trust
Facts
Threat scan
25/76 flagged, 0 suspicious
Permissions
2 requested
Network strings
No URL strings detected
Target SDK
20
Certificate
Valid until 2035-07-17 (9 years, suspicious)
Warnings
Threat scan flagged: 25/76 scanners marked this file as malicious.
AllowBackup is enabled.
Package Name
com.Ransomware.Service
Version Code
1
Version Name
1.0
Application Name
.SketchApplication
Debuggable
No
Allow Backup
Yes
Min SDK
Android 19 (KitKat)
Target SDK
Android 20 (KitKat)
Supported ABIs
Universal
Certificate & Signer
Valid From
Valid To
Serial Number
Thumbprint
Issuer: C
Issuer: CN
Issuer: DN
Issuer: L
Issuer: O
Issuer: OU
Issuer: ST
Issuer: email
Subject: C
Subject: CN
Subject: DN
Subject: L
Subject: O
Subject: OU
Subject: ST
Subject: email
Security Scan
25
⚠️ Threats Detected
Detected by
25 vendors:
AhnLab-V3 (Trojan/Android.Locker.1283398), Avast-Mobile (APK:RepMalware [Trj]), Avira (ANDROID/Spy.Agent.kofxc)
Malicious
25
Suspicious
0
Harmless
0
Undetected
42
Timeout
0
Failure
0
Scan Providers
ALYac
APEX
AVG
Acronis
AhnLab-V3
Trojan/Android.Locker.1283398
Alibaba
Antiy-AVL
Arcabit
Avast
Avast-Mobile
APK:RepMalware [Trj]
Avira
ANDROID/Spy.Agent.kofxc
Baidu
BitDefender
BitDefenderFalx
Android.Riskware.Agent.NDD
Bkav
CAT-QuickHeal
cld.android.agent.1742552180
CMC
CTX
apk.trojan.locker
ClamAV
CrowdStrike
Cylance
Cynet
Malicious (score: 99)
DeepInstinct
DrWeb
Android.Siggen.Susp.30955
ESET-NOD32
Android/Spy.Agent.COK trojan
Elastic
Emsisoft
F-Secure
Malware.ANDROID/Spy.Agent.kofxc
Fortinet
Android/Agent.COK!tr.spy
GData
Google
Detected
Gridinsoft
Ikarus
Trojan-Spy.AndroidOS.Agent
Jiangmin
K7AntiVirus
K7GW
Spyware ( 0059f7fb1 )
Kaspersky
HEUR:Trojan.AndroidOS.Locker.s
Kingsoft
Lionic
Trojan.AndroidOS.Locker.C!c
Malwarebytes
MaxSecure
McAfeeD
MicroWorld-eScan
Microsoft
NANO-Antivirus
Trojan.Android.TrjGen.kwjbwt
Paloalto
Panda
Rising
Spyware.Agent/Android!8.3BE (CLOUD)
SUPERAntiSpyware
Sangfor
SentinelOne
Skyhigh
Sophos
Symantec
Trojan.Gen.MBT
SymantecMobileInsight
AppRisk:Generisk
TACHYON
Tencent
Android.Trojan.Locker.Unkl
Trapmine
TrellixENS
Artemis!AD59F133EF39
TrendMicro
TrendMicro-HouseCall
Trustlook
Android.Malware.Spyware
VBA32
VIPRE
Varist
ABApplication.UR
ViRobot
VirIT
Webroot
Xcitium
Yandex
Zillya
ZoneAlarm
Zoner
alibabacloud
huorong
Trojan/Generic!986B66FBCB8AED86
tehtris
File Signatures
SHA-256
9f49d60adca52f10d3556aba03330ed6fa164206c6cb17891556cc9fc078d6ea
MD5
ad59f133ef39e71bae4a9252b5680abb
SHA-1
8820a4c0b85e20159a12c598fb0a3edcb8b5263e
SSDEEP
98304:HX1xtvXlwdJeIaauc4hyF/BSI43ycMiVcDA+r2o:31xJlGzadhyFZSIwOA+r2o
TLSH
T187F52256EE8DE6ABED63D13982BAD60BC48801145901FE273D85C44C8BE7E01974BFED
VHASH
24168a0bfabdf228a4a83cba3f3daed5
PERMHASH
4df012c60a33e7e0305a88049d5bb641fefc4061c2ff03f7e284950e15fd7026
File Intelligence
Type Description
Human-friendly file type name based on multiple detection methods.
Type Extension
Most likely file extension inferred from the content.
Type Tag
Primary type tag assigned by the classifier.
Type Tags
Additional type tags that describe the file content.
Magic
File signature result from magic bytes inspection.
Magika
File type predicted by Magika (ML-based file type detection).
TrID
TrID file type guesses with probabilities.
dhash
Perceptual hash used to compare visual similarity of files.
raw md5
Raw MD5 hash of the file contents.
extensions
File extensions found inside the APK and how many of each.
file types
Detected embedded file types and their counts.
highest datetime
Latest timestamp found among files inside the archive.
lowest datetime
Earliest timestamp found among files inside the archive.
num children
Number of files contained within the archive.
type
Container type detected for the analyzed file.
uncompressed size
Estimated total size of all files after extraction.
Deep Manifest Analysis
Activity Intents (1)
com.Ransomware.Service.MainActivity
Receiver Intents (1)
com.Ransomware.Service.DeviceAdminSample
Requested Permissions (2)
have full network access
android.permission.INTERNET
view network connections
android.permission.ACCESS_NETWORK_STATE
Activities (2)
com.Ransomware.Service.MainActivity
com.Ransomware.Service.DebugActivity
Broadcast Receivers (1)
com.Ransomware.Service.DeviceAdminSample
com.Ransomware.Service.DeviceAdminSample
Submission Details
Submitted At
First Submission
Last Submission
Stored Until