Deep File & APK Scan
Full static analysis of every uploaded file — archives are unpacked, executables and macros inspected, and APKs get manifest, DEX-code and SDK analysis.
Most scanners only hash the file surface. SpyApp looks inside every file type: archives are unpacked, Office documents are checked for hidden VBA macros, executables and scripts are inspected for malicious traits, and disguised files (a "PDF" that is really a program) are unmasked. Android APKs get the deepest treatment — we unpack them like an analyst would: we parse the AndroidManifest.xml to map every declared component, walk the DEX bytecode for suspicious API calls (call recording, screen capture, accessibility abuse), and list every third-party SDK bundled inside.
What this layer checks
- Works on all file types — documents, executables, scripts, archives, images and APKs.
- Macro & script detection — hidden VBA macros and droppers in Office files and scripts are flagged.
- Manifest & component mapping — every activity, service and broadcast receiver an Android app registers.
- DEX code inspection — flags calls to call-recording, keylogging and screen-capture APIs.
- Embedded SDK inventory — see exactly which ad, analytics and tracking SDKs ship inside the app.
- Hidden payload detection — encrypted assets and secondary APKs dropped at runtime are surfaced.
Why it matters
Malware authors count on users never looking inside a file. This layer makes the inside visible — automatically, in seconds, and explained in plain English instead of analyst jargon. Combined with the other six layers, it feeds the single verdict you see at the top of every report: SAFE, WARNING, or MALWARE.
Test it on a real file.
Scanning any file is free, takes under a minute and requires no sign-up.