MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 260ac08451aa3cfe04fab1bbc15ac04ab169cf051e43cd638e541409c3001bce. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 260ac08451aa3cfe04fab1bbc15ac04ab169cf051e43cd638e541409c3001bce
SHA3-384 hash: aa16c9085214d7aa71a8ad7d1e4915d8455b6564ce80304a649f7e64071d20d2bba8e40f56074cfea8594ac431d00f9a
SHA1 hash: 952b32878e2ac2b3dc0915f87171508563348cec
MD5 hash: adfe8cfd063f4dc548e9a25a35a2457b
humanhash: fruit-uncle-triple-speaker
File name:Web-Video-Cast-v5.12.8-MOD-OTR-(Getmodsapk.com).apk
Download: download sample
File size:61'439'370 bytes
First seen:2025-11-30 08:17:01 UTC
Last seen:Never
File type: apk
MIME type:application/zip
ssdeep 786432:CdjHdDhl1CpvjUhZ0+22Ld+rUadVvhx1j3TtPVFv65swf0mBRcF0J:CfDA1UhZNd+pFv65swf0Kl
TLSH T12ED7BE07E6568E32C8AE933D58B687517B312D45AB4793572018F2BCBDB32D06F893C9
TrID 27.2% (.SPE) SPSS Extension (30000/1/7)
24.5% (.APK) Android Package (27000/1/5)
12.7% (.ZIP) Opera Widget (14000/1/2)
12.2% (.JAR) Java Archive (13500/1/2)
10.0% (.CATROBAT) Pocket Code/Catroid Catrobat Project (11000/1/2)
Magika apk
Reporter juroots
Tags:apk signed

Code Signing Certificate

Organisation:Sheikh Nadeem
Issuer:Sheikh Nadeem
Algorithm:sha256WithRSAEncryption
Valid from:2024-09-29T12:53:53Z
Valid to:2124-09-05T12:53:53Z
Serial number: 04517f50
Thumbprint Algorithm:SHA256
Thumbprint: 49e602d3ad8321a2339a2fa1d00bced58bbcd756a17b49df266a7fce4f1f1242
Source:This information was brought to you by ReversingLabs A1000 Malware Analysis Platform

Intelligence

File Origin
# of uploads :
1
# of downloads :
38
Origin country :
CH CH
Vendor Threat Intelligence
Gathering data
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
adware anti-vm base64 crypto evasive fingerprint signed
Link:
https://www.filescan.io/uploads/692bfd989921be4c9304774f/reports/a51ae750-befc-4dec-b306-fcf5e569b909/overview
Result
Link:
https://incinerator.cloud/#/public/report/adfe8cfd063f4dc548e9a25a35a2457b/detail
Application Permissions
read phone state and identity (READ_PHONE_STATE)
read external storage contents (READ_EXTERNAL_STORAGE)
read/modify/delete external storage contents (WRITE_EXTERNAL_STORAGE)
prevent phone from sleeping (WAKE_LOCK)
full Internet access (INTERNET)
view Wi-Fi status (ACCESS_WIFI_STATE)
change Wi-Fi status (CHANGE_WIFI_STATE)
allow Wi-Fi Multicast reception (CHANGE_WIFI_MULTICAST_STATE)
view network status (ACCESS_NETWORK_STATE)
Result
Verdict:
UNKNOWN
Link:
https://labs.inquest.net/dfi/sha256/260ac08451aa3cfe04fab1bbc15ac04ab169cf051e43cd638e541409c3001bce
Details
Base64 Encoded URL
Detected an ANSI or UNICODE http:// or https:// base64 encoded URL prefix.
Verdict:
Unknown
File Type:
apk
First seen:
2025-11-30T00:45:00Z UTC
Last seen:
2025-11-30T01:12:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/260ac08451aa3cfe04fab1bbc15ac04ab169cf051e43cd638e541409c3001bce/results?tab=lookup
Score:
1%
Verdict:
Benign
File Type:
APK
Link:
https://malprob.io/report/260ac08451aa3cfe04fab1bbc15ac04ab169cf051e43cd638e541409c3001bce
Gathering data
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=eyfmbbcrvi6p4bh2wg54cwwajkywttyfdzb42y4okqkatqyadpha._file
Result
Malware family:
n/a
Score:
  8/10
Tags:
android defense_evasion discovery evasion execution impact persistence
Link:
https://tria.ge/reports/251130-j6xj5axpbp/
Behaviour
Schedules tasks to execute at a specified time
Uses Crypto APIs (Might try to encrypt user data)
Checks the presence of a debugger
Queries information about active data network
Reads information about phone network operator.
Loads dropped Dex/Jar
Queries information about running processes on the device
Checks if the Android device is rooted.
Verdict:
Suspicious
Tags:
n/a
YARA:
n/a
Link:
https://app.threat.zone/submission/ebcf8a55-467d-4e26-995a-f72a8238719b
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

apk 260ac08451aa3cfe04fab1bbc15ac04ab169cf051e43cd638e541409c3001bce

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3721046/
  
Delivery method
Distributed via web download

Comments