MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 12cb6136d2d325563b5079c138eeac2bc4ee4af3373718ba1c79c47a6121829e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 8


Intelligence 8 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 12cb6136d2d325563b5079c138eeac2bc4ee4af3373718ba1c79c47a6121829e
SHA3-384 hash: 591bbf9452866d0de717fef72f8a1acfa704ab4a4ccc9bf05790df7e205f5923c28634631af79c133daac30d18db2d2b
SHA1 hash: 838ce98977caa3472d86e724422d7615067c6ecb
MD5 hash: 103b6103770640d9347757e76cc93998
humanhash: yankee-mango-delaware-may
File name:Chrome (5).apk
Download: download sample
File size:2'441'463 bytes
First seen:2025-12-29 20:28:23 UTC
Last seen:Never
File type: apk
MIME type:application/zip
ssdeep 49152:yUILp9QGwWWkAj1jx6px1ErDc3fqbCp+s9q4APfYE:yUIV9lwvkAj196vSriqeJeIE
TLSH T104B5E046BB989F1FC87791320D4A5231A41AED67C713C387D9742B5928AF6F40F123EA
TrID 60.6% (.APK) Android Package (27000/1/5)
30.3% (.JAR) Java Archive (13500/1/2)
8.9% (.ZIP) ZIP compressed archive (4000/1)
Magika apk
Reporter tykkz
Tags:apk siberguvenlik signed

Code Signing Certificate

Organisation:key_blfg8fu
Issuer:key_blfg8fu
Algorithm:sha256WithRSAEncryption
Valid from:2025-12-29T19:42:01Z
Valid to:2053-05-16T19:42:01Z
Serial number: 4ab4ba65b4700912
Thumbprint Algorithm:SHA256
Thumbprint: 5ad8afd65e6f315ce5bd6da3c3e9478acd83468a49680a28937e82e4697bccd1
Source:This information was brought to you by ReversingLabs A1000 Malware Analysis Platform

Intelligence

File Origin
# of uploads :
1
# of downloads :
43
Origin country :
NL NL
Vendor Threat Intelligence
No detections
Detection(s):
Unix.Dropper.Fakeapp-10014994-0
Create hunting rule

Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
android bankbot base64 evasive expand lolbin obfuscated signed
Link:
https://www.filescan.io/uploads/6952e49b8d1aa9829e26adb3/reports/f04b6a41-4009-4708-b2bb-ce6e4d84eac7/overview
Result
Link:
https://incinerator.cloud/#/public/report/103b6103770640d9347757e76cc93998/detail
Application Permissions
Allows an application to request installing packages. (REQUEST_INSTALL_PACKAGES)
display system-level alerts (SYSTEM_ALERT_WINDOW)
full Internet access (INTERNET)
prevent phone from sleeping (WAKE_LOCK)
Result
Verdict:
UNKNOWN
Link:
https://labs.inquest.net/dfi/sha256/12cb6136d2d325563b5079c138eeac2bc4ee4af3373718ba1c79c47a6121829e
Verdict:
Malicious
File Type:
apk
First seen:
2025-12-29T17:51:00Z UTC
Last seen:
2025-12-30T05:49:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/12cb6136d2d325563b5079c138eeac2bc4ee4af3373718ba1c79c47a6121829e/results?tab=lookup
Score:
90%
Verdict:
Malware
File Type:
APK
Link:
https://malprob.io/report/12cb6136d2d325563b5079c138eeac2bc4ee4af3373718ba1c79c47a6121829e
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/12cb6136d2d325563b5079c138eeac2bc4ee4af3373718ba1c79c47a6121829e/
Threat name:
Android.Trojan.Coper
Create hunting rule
Status:
Malicious
First seen:
2025-12-29 20:29:18 UTC
File Type:
Binary (Archive)
Extracted files:
193
AV detection:
9 of 24 (37.50%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=clfwcnws2msvmo2qphatr3vmfpco4sxtg43rroq4phchuyjbqkpa._file
Result
Malware family:
n/a
Score:
  6/10
Tags:
android defense_evasion
Link:
https://tria.ge/reports/251229-y9n5gshz3g/
Behaviour
Checks the application is allowed to request package installs through the package installer
Verdict:
Malicious
Tags:
Unix.Dropper.Fakeapp-10014994-0
YARA:
n/a
Link:
https://app.threat.zone/submission/9e832047-d9a0-42dd-88ee-370a43b31098
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/12cb6136d2d325563b5079c138eeac2bc4ee4af3373718ba1c79c47a6121829e

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Link
https://github.com/tugceyildiz365-commits/asd/raw/refs/heads/main/Chrome.apk
  
Delivery method
Distributed via drive-by

Comments