MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2cc755a2c9dae64ea5914bd32aa6824a3bc1f0e3be1f2d03c116ffc68f7772d0. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



GhostBat


Vendor detections: 5


Intelligence 5 IOCs YARA 1 File information Comments

SHA256 hash: 2cc755a2c9dae64ea5914bd32aa6824a3bc1f0e3be1f2d03c116ffc68f7772d0
SHA3-384 hash: e350d91a0da93695932a7abb8ff1df9402a213398f72c6482c1915e4ac3a869a398c173b9f93e406d3fb98936f4ccc49
SHA1 hash: 457e2b696593fd35cb3279da938748ae5cf33519
MD5 hash: 1bc9a72a39ca6b37300b883fca97eb94
humanhash: oregon-uranus-iowa-purple
File name:ۦۖ۫.apk
Download: download sample
Signature GhostBat
File size:9'142'934 bytes
First seen:2026-07-03 17:27:55 UTC
Last seen:2026-07-03 17:29:07 UTC
File type: apk
MIME type:application/zip
ssdeep 196608:DMnTYOVtAktgqK7GRfjYpza2rJ8BZoFFrBx4aIiKXEFxbQ3Uog0PUPHu5dp9ETzN:DMnTY2t3qqKiRfjIv8PoFRkaIl0vAUoK
TLSH T1CA9633D7B2FB2E39C0FE2238B02511173B3A04589B097E85F4543ABC5657C0BAF5A99D
Magika zip
Reporter BastianHein
Tags:apk GhostBat mparivahan

Intelligence


File Origin
# of uploads :
2
# of downloads :
46
Origin country :
CL CL
Vendor Threat Intelligence
No detections
Verdict:
Unknown
Threat level:
  0/10
Confidence:
100%
Tags:
signed
Result
Malware family:
ghostbat
Score:
  10/10
Tags:
family:ghostbat android infostealer rat trojan
Please note that we are no longer able to provide a coverage score for Virus Total.

YARA Signatures


MalwareBazaar uses YARA rules from several public and non-public repositories, such as YARAhub and Malpedia. Those are being matched against malware samples uploaded to MalwareBazaar as well as against any suspicious process dumps they may create. Please note that only results from TLP:CLEAR rules are being displayed.

Rule name:telebot_framework
Author:vietdx.mb

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments