MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3aea0345c88f069d3a079c82571086adafb585137a86e277f4e5c9fb1b2190e6. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 3aea0345c88f069d3a079c82571086adafb585137a86e277f4e5c9fb1b2190e6
SHA3-384 hash: 58e323af860c82e58771575d0ebe05aeb24e6d0b29122cd415724abb72cba5588ab54b6aa1f503ae6d74a31902f1fc53
SHA1 hash: 1fd9c680512f07dae21cd828f1d003905d72466b
MD5 hash: 7374b7cdaf87346796a8728e9020dfd2
humanhash: florida-freddie-uncle-kansas
File name:246caipiao-android.apk
Download: download sample
File size:5'967'526 bytes
First seen:2025-12-03 08:11:01 UTC
Last seen:Never
File type: apk
MIME type:application/zip
ssdeep 98304:X8p4zoSoQKFtBlUHd3l71YDCpr7A6UnQ4h36u5g9tGu9tG5NAhoZQ9TMfbreRn:switBlUHdbpfA6UnHz5gDhDEmhckMmn
TLSH T1DD560255F708A42FC5B761338EB6533162468D8989C2EB136A28761C6D73EC48F5EFC8
TrID 34.3% (.APK) Android Package (27000/1/5)
17.1% (.JAR) Java Archive (13500/1/2)
15.9% (.VYM) VYM Mind Map (12500/1/3)
14.0% (.CATROBAT) Pocket Code/Catroid Catrobat Project (11000/1/2)
13.3% (.SH3D) Sweet Home 3D Design (generic) (10500/1/3)
Magika apk
Reporter juroots
Tags:apk signed

Code Signing Certificate

Organisation:377812
Issuer:377812
Algorithm:sha256WithRSAEncryption
Valid from:2022-11-01T16:16:48Z
Valid to:2121-05-26T16:16:48Z
Serial number: 6156d84a
Thumbprint Algorithm:SHA256
Thumbprint: 032c107a842faa2b0d675da6049e29cb2552061c41692fab341915e102f7a361
Source:This information was brought to you by ReversingLabs A1000 Malware Analysis Platform

Intelligence

File Origin
# of uploads :
1
# of downloads :
23
Origin country :
RO RO
Vendor Threat Intelligence
No detections
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
androidrepublic base64 crypto evasive fingerprint obfuscated packed persistence signed
Link:
https://www.filescan.io/uploads/692ff0afd916827ff3ae8655/reports/c9ad3f0c-b531-4499-bede-92db78391c37/overview
Result
Link:
https://incinerator.cloud/#/public/report/7374b7cdaf87346796a8728e9020dfd2/detail
Application Permissions
read external storage contents (READ_EXTERNAL_STORAGE)
read/modify/delete external storage contents (WRITE_EXTERNAL_STORAGE)
read sensitive log data (READ_LOGS)
retrieve running applications (GET_TASKS)
Allows an application to request installing packages. (REQUEST_INSTALL_PACKAGES)
take pictures and videos (CAMERA)
mount and unmount file systems (MOUNT_UNMOUNT_FILESYSTEMS)
prevent phone from sleeping (WAKE_LOCK)
full Internet access (INTERNET)
view Wi-Fi status (ACCESS_WIFI_STATE)
view network status (ACCESS_NETWORK_STATE)
kill background processes (RESTART_PACKAGES)
send sticky broadcast (BROADCAST_STICKY)
kill background processes (KILL_BACKGROUND_PROCESSES)
control vibrator (VIBRATE)
change network connectivity (CHANGE_NETWORK_STATE)
change your audio settings (MODIFY_AUDIO_SETTINGS)
change Wi-Fi status (CHANGE_WIFI_STATE)
automatically start at boot (RECEIVE_BOOT_COMPLETED)
control flashlight (FLASHLIGHT)
allow use of fingerprint (USE_FINGERPRINT)
delete all application cache data (CLEAR_APP_CACHE)
Result
Verdict:
UNKNOWN
Link:
https://labs.inquest.net/dfi/sha256/3aea0345c88f069d3a079c82571086adafb585137a86e277f4e5c9fb1b2190e6
Verdict:
Unknown
File Type:
apk
First seen:
2022-11-21T14:27:00Z UTC
Last seen:
2024-12-08T10:38:00Z UTC
Hits:
~100
Link:
https://opentip.kaspersky.com/3aea0345c88f069d3a079c82571086adafb585137a86e277f4e5c9fb1b2190e6/results?tab=lookup
Score:
12%
Verdict:
Benign
File Type:
APK
Link:
https://malprob.io/report/3aea0345c88f069d3a079c82571086adafb585137a86e277f4e5c9fb1b2190e6
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/3aea0345c88f069d3a079c82571086adafb585137a86e277f4e5c9fb1b2190e6/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=hlvagroir4dj2oqhtsbfoeegvwx3lbitpkdoe57u4xe7wgzbsdta._file
Result
Malware family:
n/a
Score:
  6/10
Tags:
n/a
Link:
https://tria.ge/reports/251203-j3e6nsxkdl/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.54
Link:
https://yomi.yoroi.company/submissions/3aea0345c88f069d3a079c82571086adafb585137a86e277f4e5c9fb1b2190e6

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

apk 3aea0345c88f069d3a079c82571086adafb585137a86e277f4e5c9fb1b2190e6

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3724023/
  
Delivery method
Distributed via web download

Comments