Veo TV icon

veo_tv.apk

Veo TV

11.55 MB

Analyzed: 2026-03-24 05:16 UTC

Twitter / X Facebook LinkedIn WhatsApp Telegram Reddit
Analyze Another

APK Security & Privacy Score

Security scoring uses multi-engine scan signals and APK indicators. Privacy scoring uses requested permissions and network endpoint patterns.

Security Scan-weighted
53/100
Threat scan flagged Outdated target SDK
Privacy Permissions & network
82/100
High-risk permissions HTTP URLs found AllowBackup enabled Possible tracking
64/100
Caution
Overall trust

Facts

Threat scan 5/76 flagged, 0 suspicious
Permissions 20 requested
Network strings 41 URLs (1 HTTP, 40 HTTPS)
Target SDK 27
Certificate Valid until 2049-05-18 (23 years, suspicious)

Warnings

Threat scan flagged: 5/76 scanners marked this file as malicious.
Found 1 HTTP URL strings (unencrypted).
High-risk permissions detected: android.permission.SYSTEM_ALERT_WINDOW, android.permission.WRITE_SETTINGS, android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
AllowBackup is enabled.
Possible analytics/tracking domains found: app-measurement.com, pagead2.googlesyndication.com, update.crashlytics.com
Package Name com.shabakaty.cbox.tw
Version Code 10605
Version Name 1.6.5
Application Name com.shabakaty.cbox.tv.TVLeanbackApplication
Debuggable No
Allow Backup Yes
Min SDK Android 21 (Lollipop)
Target SDK Android 27 (Oreo)
Supported ABIs
arm64-v8a armeabi-v7a x86 x86_64

Certificate & Signer

Valid From 2024-05-24 01:30:48
Valid To 2049-05-18 01:30:48
Serial Number 597876da
Thumbprint 17a9f0b4d0a0fd1a95498931bf1e7a42455148c0
Issuer: C SY
Issuer: CN SMJ 🔺
Issuer: DN C:SY, CN:SMJ 🔺, L:@sszzw, O:SMJ 🔺, ST:SYRIAN, OU:@sszzw
Issuer: L @sszzw
Issuer: O SMJ 🔺
Issuer: OU @sszzw
Issuer: ST SYRIAN
Subject: C SY
Subject: CN SMJ 🔺
Subject: DN C:SY, CN:SMJ 🔺, L:@sszzw, O:SMJ 🔺, ST:SYRIAN, OU:@sszzw
Subject: L @sszzw
Subject: O SMJ 🔺
Subject: OU @sszzw
Subject: ST SYRIAN

Security Scan

5 /76
⚠️ Threats Detected
Detected by 5 vendors: AhnLab-V3 (PUP/Android.Malct.1265389), Avast-Mobile (APK:CRepMalware [Trj]), DrWeb (Tool.Obfuscator.TrashCode.1)
Scanned by 76 security vendors
Last scan: 2026-03-16 20:02 UTC
Malicious
5
Suspicious
0
Harmless
0
Undetected
63
Timeout
0
Failure
0

Scan Providers

76 vendors
ALYac undetected
No result reported
Engine 2.0.0.10
APEX type-unsupported
No result reported
Engine 6.759
AVG undetected
No result reported
Engine 23.9.8494.0
Acronis undetected
No result reported
Engine 1.2.0.121
AhnLab-V3 malicious
PUP/Android.Malct.1265389
Engine 3.29.1.10604
Alibaba undetected
No result reported
Engine 0.3.0.5
Antiy-AVL undetected
No result reported
Engine 3.0
Arcabit undetected
No result reported
Engine 2025.0.0.23
Avast undetected
No result reported
Engine 23.9.8494.0
Avast-Mobile malicious
APK:CRepMalware [Trj]
Engine 260316-00
Avira undetected
No result reported
Engine 8.3.3.24
Baidu undetected
No result reported
Engine 1.0.0.2
BitDefender undetected
No result reported
Engine 7.2
BitDefenderFalx undetected
No result reported
Engine 2.0.936
Bkav undetected
No result reported
Engine 2.0.0.1
CAT-QuickHeal undetected
No result reported
Engine 22.00
CMC undetected
No result reported
Engine 2.4.2022.1
CTX undetected
No result reported
Engine 2024.8.29.1
ClamAV undetected
No result reported
Engine 1.5.2.0
CrowdStrike undetected
No result reported
Engine 1.0
Cylance type-unsupported
No result reported
Engine 3.0.0.0
Cynet undetected
No result reported
Engine 4.0.3.4
DeepInstinct type-unsupported
No result reported
Engine 5.0.0.8
DrWeb malicious
Tool.Obfuscator.TrashCode.1
Engine 7.0.75.2070
ESET-NOD32 undetected
No result reported
Engine 18.2.18.0
Elastic undetected
No result reported
Engine 4.0.252
Emsisoft undetected
No result reported
Engine 2024.8.0.61147
F-Secure undetected
No result reported
Engine 18.10.1547.307
Fortinet undetected
No result reported
Engine 7.0.30.0
GData undetected
No result reported
Engine GD:27.43878AVA:64.30853
Google undetected
No result reported
Engine 1773687640
Gridinsoft undetected
No result reported
Engine 1.0.241.174
Ikarus malicious
PUA.Agent
Engine 6.4.16.0
Jiangmin undetected
No result reported
Engine 16.0.100
K7AntiVirus undetected
No result reported
Engine 14.42.58898
K7GW malicious
Trojan ( 0056a2a01 )
Engine 14.42.58897
Kaspersky undetected
No result reported
Engine 22.0.1.28
Kingsoft undetected
No result reported
Engine None
Lionic undetected
No result reported
Engine 8.16
Malwarebytes undetected
No result reported
Engine 3.1.0.211
MaxSecure undetected
No result reported
Engine 1.0.0.1
McAfeeD undetected
No result reported
Engine 1.2.0.14035
MicroWorld-eScan undetected
No result reported
Engine 14.0.409.0
Microsoft undetected
No result reported
Engine 1.1.26010.1
NANO-Antivirus undetected
No result reported
Engine 1.0.170.26895
Paloalto type-unsupported
No result reported
Engine 0.9.0.1003
Panda undetected
No result reported
Engine 4.6.4.2
Rising undetected
No result reported
Engine 25.0.0.28
SUPERAntiSpyware undetected
No result reported
Engine 5.6.0.1032
Sangfor undetected
No result reported
Engine 2.22.3.0
SentinelOne type-unsupported
No result reported
Engine 7.5.3.1
Skyhigh undetected
No result reported
Engine v2021.2.0+4045
Sophos undetected
No result reported
Engine 3.3.1.0
Symantec undetected
No result reported
Engine 1.22.0.0
SymantecMobileInsight undetected
No result reported
Engine 2.0
TACHYON undetected
No result reported
Engine 2026-03-16.02
Tencent undetected
No result reported
Engine 1.0.0.1
Trapmine type-unsupported
No result reported
Engine 4.0.10.0
TrellixENS undetected
No result reported
Engine 6.0.6.653
TrendMicro undetected
No result reported
Engine 24.550.0.1002
TrendMicro-HouseCall undetected
No result reported
Engine 24.550.0.1002
Trustlook undetected
No result reported
Engine 1.0
VBA32 undetected
No result reported
Engine 5.5.1
VIPRE undetected
No result reported
Engine 6.0.0.35
Varist undetected
No result reported
Engine 6.6.1.3
ViRobot undetected
No result reported
Engine 2014.3.20.0
VirIT undetected
No result reported
Engine 9.5.1166
Webroot undetected
No result reported
Engine 1.9.0.8
Xcitium undetected
No result reported
Engine 38489
Yandex undetected
No result reported
Engine 5.5.2.24
Zillya undetected
No result reported
Engine 2.0.0.5564
ZoneAlarm undetected
No result reported
Engine 6.23-113518947
Zoner undetected
No result reported
Engine 2.2.2.0
alibabacloud type-unsupported
No result reported
Engine 2.2.0
huorong undetected
No result reported
Engine 06f8e5b:06f8e5b:4cecb4c:4cecb4c
tehtris type-unsupported
No result reported
Engine v0.1.4

File Signatures

SHA-256 7474d5d0f67cfc9547be46acd36fd20f9353a0a2eb86a521a171be5503dd3396
MD5 2b2d6dd7a80c6c6fce5e4d82343fe18c
SHA-1 8c7867f4ae26b99926c11b643ea46acb31745ed0
SSDEEP 196608:qXqipFICARDp+KR6oz1z23l4OH5QQgD6dPqz87XcokifHGlGgnRCNT+j+jVu:qXPxAxp2oI3+OCQg2yEMokifHG4gnRqw
TLSH T1C4C6010AFA4DAE2FC8F359350A5B43627126ED8A532181236119F7397DB7BC48E17BC4
VHASH 5de987f8ec7c0bd5be521fae9514d636
PERMHASH d66061a9213777e13ad6555d198c88057e2191bbab15ed7c0fcdd52a31511087

File Intelligence

Type Description Android Human-friendly file type name based on multiple detection methods.
Type Extension apk Most likely file extension inferred from the content.
Type Tag android Primary type tag assigned by the classifier.
Type Tags executable, mobile, android, apk Additional type tags that describe the file content.
Magic Zip archive data, at least v1.0 to extract, compression method=store File signature result from magic bytes inspection.
Magika APK File type predicted by Magika (ML-based file type detection).
TrID Android Package (35.2%), OpenOffice Extension (28.1%), Java Archive (17.6%), Sweet Home 3D Design (generic) (13.7%), ZIP compressed archive (5.2%) TrID file type guesses with probabilities.
dhash 00001c1e1e171400 Perceptual hash used to compare visual similarity of files.
raw md5 4bd7862443f12f1a64767a7d44e16ffb Raw MD5 hash of the file contents.
extensions xml (332), png (321), version (32), ttf (29), otf (24), so (22), dex (4), ogg (4), properties (2), txt (2), arsc (1), crt (1), dat (1), gz (1), json (1), kotlin_module (1), MF (1), RSA (1), SF (1) File extensions found inside the APK and how many of each.
file types XML (332), PNG (321), unknown (98), ELF (22), DEX (4), OGG (4) Detected embedded file types and their counts.
highest datetime 2024-06-10 19:32:20 UTC Latest timestamp found among files inside the archive.
lowest datetime 2024-05-24 05:30:48 UTC Earliest timestamp found among files inside the archive.
num children 781 Number of files contained within the archive.
type APK Container type detected for the analyzed file.
uncompressed size 24 MB Estimated total size of all files after extraction.

Sandbox

Sandbox Verdicts

Zenbox android
Malicious 68% confidence MALWARE TROJAN EVADER

Deep Manifest Analysis

Activity Intents (1)

com.shabakaty.cbox.tv.activities.HomeActivity
Actions
Main Activity Action: Start as a main entry point, does not expect to android.intent.action.MAIN
Categories
android.intent.category.LAUNCHER android.intent.category.LEANBACK_LAUNCHER android.intent.category.HOME

Receiver Intents (1)

com.applisto.appcloner.classes.FakeCamera$FakeCameraReceiver
Actions
com.applisto.appcloner.action.FAKE_CAMERA_SELECT_CAMERA_PICTURE com.applisto.appcloner.action.FAKE_CAMERA_SELECT_CAMERA_PICTURE
com.applisto.appcloner.action.FAKE_CAMERA_ROTATE_CLOCKWISE com.applisto.appcloner.action.FAKE_CAMERA_ROTATE_CLOCKWISE
com.applisto.appcloner.action.FAKE_CAMERA_ROTATE_ANTI_CLOCKWISE com.applisto.appcloner.action.FAKE_CAMERA_ROTATE_ANTI_CLOCKWISE

Native Libraries (7)

libRSSupport libRSSupport.so
libappcloner libappcloner.so
libnpdcc libnpdcc.so
librsjni librsjni.so
librsjni_androidx librsjni_androidx.so
libsandhook-native libsandhook-native.so
libsandhook libsandhook.so

Requested Permissions (25)

have full network access Allows the app to create network sockets and use custom network protocols. The browser and other applications provide means to send data to the internet, so this permission is not required to send data to the internet. android.permission.INTERNET
modify or delete the contents of your shared storage Allows the app to write the contents of your shared storage. android.permission.WRITE_EXTERNAL_STORAGE
read the contents of your shared storage Allows the app to read the contents of your shared storage. android.permission.READ_EXTERNAL_STORAGE
view Wi-Fi connections Allows the app to view information about Wi-Fi networking, such as whether Wi-Fi is enabled and name of connected Wi-Fi devices. android.permission.ACCESS_WIFI_STATE
view network connections Allows the app to view information about network connections such as which networks exist and are connected. android.permission.ACCESS_NETWORK_STATE
keep car screen turned on Allows the app to keep the car screen turned on. android.permission.WAKE_LOCK
Install Referrer service Allows Google Play to bind to the app's Install Referrer service for install attribution. com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
Read Logs android.permission.READ_LOGS
Flashlight android.permission.FLASHLIGHT
net.dinglisch.android.tasker.PERMISSION_RUN_TASKS
access Bluetooth settings Allows the app to configure the local Bluetooth tablet, and to discover and pair with remote devices. android.permission.BLUETOOTH_ADMIN
control vibration Allows the app to control the vibrator. android.permission.VIBRATE
This app can appear on top of other apps This app can appear on top of other apps or other parts of the screen. This may interfere with normal app usage and change the way that other apps appear. android.permission.SYSTEM_ALERT_WINDOW
modify or delete the contents of your shared storage Allows the app to write the contents of your shared storage. android.permission.WRITE_EXTERNAL_STORAGE
connect and disconnect from Wi-Fi Allows the app to connect to and disconnect from Wi-Fi access points and to make changes to device configuration for Wi-Fi networks. android.permission.CHANGE_WIFI_STATE
have full network access Allows the app to create network sockets and use custom network protocols. The browser and other applications provide means to send data to the internet, so this permission is not required to send data to the internet. android.permission.INTERNET
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS Custom app or vendor permission (not publicly documented). android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
view network connections Allows the app to view information about network connections such as which networks exist and are connected. android.permission.ACCESS_NETWORK_STATE
android.permission.USE_FINGERPRINT Custom app or vendor permission (not publicly documented). android.permission.USE_FINGERPRINT
view Wi-Fi connections Allows the app to view information about Wi-Fi networking, such as whether Wi-Fi is enabled and name of connected Wi-Fi devices. android.permission.ACCESS_WIFI_STATE
take pictures and videos This app can take pictures and record videos using the camera while the app is in use. android.permission.CAMERA
read the contents of your shared storage Allows the app to read the contents of your shared storage. android.permission.READ_EXTERNAL_STORAGE
pair with Bluetooth devices Allows the app to view the configuration of Bluetooth on the tablet, and to make and accept connections with paired devices. android.permission.BLUETOOTH
modify system settings Allows the app to modify the system\'s settings data. Malicious apps may corrupt your system\'s configuration. android.permission.WRITE_SETTINGS
android.permission.READ_SETTINGS Custom app or vendor permission (not publicly documented). android.permission.READ_SETTINGS

Uses Features (2)

Touchscreen Feature for {@link #getSystemAvailableFeatures} and android.hardware.touchscreen
Leanback Feature for {@link #getSystemAvailableFeatures} and android.software.leanback

Activities (6)

com.shabakaty.cbox.tv.activities.HomeActivity
com.shabakaty.cbox.tv.activities.ErrorActivity
com.shabakaty.cbox.tv.activities.SettingsActivity
com.shabakaty.cbox.tv.player.ExoPlayerActivity
com.applisto.appcloner.classes.DefaultProvider$MyActivity
com.applisto.appcloner.classes.FakeCamera$FakeCameraActivity

Services (6)

com.google.firebase.components.ComponentDiscoveryService
com.google.android.gms.measurement.AppMeasurementService
com.google.android.gms.measurement.AppMeasurementJobService
com.google.android.datatransport.runtime.backends.TransportBackendDiscovery
com.google.android.datatransport.runtime.scheduling.jobscheduling.JobInfoSchedulerService
com.applisto.appcloner.service.RemoteService

Broadcast Receivers (5)

com.google.android.gms.measurement.AppMeasurementReceiver com.google.android.gms.measurement.AppMeasurementReceiver
com.google.android.datatransport.runtime.scheduling.jobscheduling.AlarmManagerSchedulerBroadcastReceiver com.google.android.datatransport.runtime.scheduling.jobscheduling.AlarmManagerSchedulerBroadcastReceiver
com.applisto.appcloner.classes.DefaultProvider$DefaultReceiver com.applisto.appcloner.classes.DefaultProvider$DefaultReceiver
com.applisto.appcloner.classes.FakeCamera$FakeCameraReceiver com.applisto.appcloner.classes.FakeCamera$FakeCameraReceiver
com.applisto.appcloner.classes.DisableClipboardAccess$ClearClipboardReceiver com.applisto.appcloner.classes.DisableClipboardAccess$ClearClipboardReceiver

Content Providers (3)

com.squareup.picasso.PicassoProvider
com.google.firebase.provider.FirebaseInitProvider
com.applisto.appcloner.classes.DefaultProvider

URL Endpoints (44)

http://whois.domaintools.com/ https://app-measurement.com/a https://firebase.google.com/support/guides/disable-analytics https://firebase.google.com/support/privacy/init-options https://github.com/castorflex https://github.com/castorflex/SmoothProgressBar https://github.com/castorflex/SmoothProgressBar.git https://goo.gl/J1sWQy https://goo.gl/NAOOOI https://google.com/search https://music-1539414046135.firebaseio.com https://pagead2.googlesyndication.com/pagead/gen_204?id=gmob-apps https://plus.google.com/ https://update.crashlytics.com/spi/v1/platforms/android/apps https://www.google.com https://www.googleapis.com/auth/appstate https://www.googleapis.com/auth/datastoremobile https://www.googleapis.com/auth/drive https://www.googleapis.com/auth/drive.appdata https://www.googleapis.com/auth/drive.apps

Submission Details

Submitted At 2026-03-24
First Submission 2026-03-24
Last Submission 2026-03-24
Stored Until 2026-04-23
Names & Tags
veo_tv.apk Veo TV.apk android apk contains-elf runtime-modules reflection obfuscated detect-debug-environment