The file could be a resource-only apk, as there's no java code. But it could also be because there's a companion *.odex file which you didn't include. Looking at the manifest it looks like the 2nd option.
If the apktool's developer can't solve it easily, I doubt you'll find on this forum specialized help.
One advice I can give you is to use -r with apktool to have a look at the code (assuming there is indeed some), or use JEB to explore the code in an interactive manner.
For resources, use aapt.exe (from Android SDK tools) to list and inspect the resources, including the manifest:
Code:
aapt l -a safebox.apk
This will list:
- the resources stored as standalone files (e.g. png's)
- the resources compiled in resources.arsc
- the manifest structure (verbose)
You can also use other aapt options to actually list the resource values, e.g. "aapt.exe d --values resources safebox.apk"
The apk also contains a native lib (libhidisk_security.so) which you can explore with IDA, but the logic that will invoke the entry points will be in java code.
There are functions to encrypt and decrypt, but apparently only for the raw operations. Managing the keys and files is probably in the java part.