MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 176de2fc14fc8ef65d50f9f806ed9ab094cf4478183f5af3d410df2983dcae85. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


BankBot


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 176de2fc14fc8ef65d50f9f806ed9ab094cf4478183f5af3d410df2983dcae85
SHA3-384 hash: 8c3b1c6531a386691b41c4f3007ece629d3c7bea0b37ebe9f04deb01dae56d2985f7f9146241bac6f65ed26db962d46b
SHA1 hash: 7372ff3c90c3286bf9d417d34051f82d1fb185b0
MD5 hash: f6225c5f7bf2cb801a0cef2d97c7e301
humanhash: white-sodium-utah-fish
File name:Plus_m19562_hsz.apk
Download: download sample
Signature BankBot
Create hunting rule
File size:83'692'787 bytes
First seen:2023-12-16 01:46:31 UTC
Last seen:Never
File type: apk
MIME type:application/zip
ssdeep 1572864:kEVO5zWr8dxgFdSAnQnD9bOUehYMomCE2omGQsezeLSKWtEMArFQ:O5zWr8t9v3MxAhHsueJWJArFQ
TLSH T16D0812D7F754ECA5C0F35335973191A2B92A0C706B13E6A32D01B23C5EB39C89689ED9
TrID 28.6% (.APK) Android Package (32500/1/6)
18.9% (.OXT) OpenOffice Extension (21500/1/3)
11.8% (.JAR) Java Archive (13500/1/2)
11.0% (.VYM) VYM Mind Map (12500/1/3)
9.6% (.CATROBAT) Pocket Code/Catroid Catrobat Project (11000/1/2)
Reporter 5KidRo0t
Tags:apk BankBot signed

Code Signing Certificate

Organisation:da
Issuer:da
Algorithm:sha256WithRSAEncryption
Valid from:2023-08-11T01:19:25Z
Valid to:2078-05-14T01:19:25Z
Serial number: 59dfc9a1
Intelligence: 11 malware samples on MalwareBazaar are signed with this code signing certificate
Thumbprint Algorithm:SHA256
Thumbprint: c338a04d2267aa1ec918ace8b01ac2efa6e8ad07559f212a0caeee864d3268ce
Source:This information was brought to you by ReversingLabs A1000 Malware Analysis Platform

Intelligence

File Origin
# of uploads :
1
# of downloads :
487
Origin country :
ES ES
Vendor Threat Intelligence
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
android generisk joker triada
Link:
https://www.filescan.io/uploads/657d0199f4b6e5e1634b6317/reports/9ef0c118-e39b-458a-9f3c-b266835277da/overview
Result
Verdict:
MALICIOUS
Link:
https://labs.inquest.net/dfi/sha256/176de2fc14fc8ef65d50f9f806ed9ab094cf4478183f5af3d410df2983dcae85
Result
Threat name:
n/a
Detection:
malicious
Classification:
n/a
Score:
48 / 100
Link:
https://www.joesandbox.com/analysis/1363163
Signature
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
n/a
Score:
16%
Verdict:
Benign
File Type:
Archive
Link:
https://malprob.io/report/176de2fc14fc8ef65d50f9f806ed9ab094cf4478183f5af3d410df2983dcae85
Gathering data
Threat name:
Android.Trojan.Triada
Create hunting rule
Status:
Malicious
First seen:
2023-12-13 02:07:23 UTC
File Type:
Binary (Archive)
Extracted files:
11696
AV detection:
5 of 37 (13.51%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=c5w6f7au7shpmxkq7h4an3m2wckm6rdyda7vv46ucdpsta64v2cq._file
Result
Malware family:
n/a
Score:
  6/10
Tags:
android
Link:
https://tria.ge/reports/231216-b7j2eshhgj/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

BankBot

apk 176de2fc14fc8ef65d50f9f806ed9ab094cf4478183f5af3d410df2983dcae85

(this sample)

  
Delivery method
Distributed via web download

Comments