Yeah, your question is very odd. Anyway, you can do that (in parts). The apk is a compressed folder and you can open it. But more part of code are compiled. But your assets are not. So, you can change some asset file and read it from your app. There is no secure here, but you could just use some log in system if you wanted that (Besides, anyway to use hash in apk will fail in secure because you can just copy the apk to another device).
There is other way. You can compile your apk on the fly. Use your webservice to change the code you want. Read this: http://developer.android.com/tools/building/building-cmdline.html
Well, I really recomend you to try some login system with tokens like OAuth (but that is with you).