MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 3b5adb76e37e4cc999e281068d1f3e6f82cab8055c6b46c2e6de1b6ea8499a7e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
Threat unknown
Vendor detections: 7
| SHA256 hash: | 3b5adb76e37e4cc999e281068d1f3e6f82cab8055c6b46c2e6de1b6ea8499a7e |
|---|---|
| SHA3-384 hash: | c5e2dde42346ec23c3c3997843402f5d5b7a1c293897ede8751dcc58a2a9f1ae8b5f3e7fc8500722d8be241d61a34319 |
| SHA1 hash: | ae447ea4f5a73f4d918767dca673a2774a313e9c |
| MD5 hash: | 2632d7f26f9bbc02d11640c4a109bcf3 |
| humanhash: | steak-enemy-fish-fix |
| File name: | 3b5adb76e37e4cc999e281068d1f3e6f82cab8055c6b46c2e6de1b6ea8499a7e.apk |
| Download: | download sample |
| File size: | 87'404'292 bytes |
| First seen: | 2026-04-15 12:51:17 UTC |
| Last seen: | Never |
| File type: | apk |
| MIME type: | application/zip |
| ssdeep | 786432:fKTXx8hpRVAgfsVI0mke75jT0ZfR7LzfvfWyYEL9aoW56k1mApPfjO52Qm/fiJU9:iTef9R5fyYLT1Y52QzJW |
| TLSH | T1E918E147F6428CA7CDE55470A55ED277B3223D6CC352A213AA44B7287EBB7D44F2A380 |
| TrID | 50.0% (.APK) Android Package (27000/1/5) 23.1% (.VYM) VYM Mind Map (12500/1/3) 19.4% (.SH3D) Sweet Home 3D Design (generic) (10500/1/3) 7.4% (.ZIP) ZIP compressed archive (4000/1) |
| Magika | apk |
| Reporter |  JAMESWT_WT |
| Tags: | 45-74-4-179 apk livemap-back-ddns-net |
Intelligence
File Origin
# of uploads :
1
# of downloads :
54
Origin country :
ITVendor Threat Intelligence
Verdict:
Likely Malicious
Threat level:
7.5/10
Confidence:
100%
Tags:
base64 crypto evasive fingerprint persistence signed
Result
Application Permissions
read phone state and identity (READ_PHONE_STATE)
Allows an application a broad access to external storage in scoped storage (MANAGE_EXTERNAL_STORAGE)
read/modify/delete external storage contents (WRITE_EXTERNAL_STORAGE)
read external storage contents (READ_EXTERNAL_STORAGE)
read contact data (READ_CONTACTS)
write contact data (WRITE_CONTACTS)
read SMS or MMS (READ_SMS)
send SMS messages (SEND_SMS)
display system-level alerts (SYSTEM_ALERT_WINDOW)
record audio (RECORD_AUDIO)
fine (GPS) location (ACCESS_FINE_LOCATION)
coarse (network-based) location (ACCESS_COARSE_LOCATION)
access location in background (ACCESS_BACKGROUND_LOCATION)
full Internet access (INTERNET)
view Wi-Fi status (ACCESS_WIFI_STATE)
view network status (ACCESS_NETWORK_STATE)
automatically start at boot (RECEIVE_BOOT_COMPLETED)
prevent phone from sleeping (WAKE_LOCK)
control vibrator (VIBRATE)
C2DM permissions (RECEIVE)
Result
Verdict:
UNKNOWN
Link:
Details
Base64 Encoded URL
Detected an ANSI or UNICODE http:// or https:// base64 encoded URL prefix.
Verdict:
Malicious
File Type:
apk
First seen:
2026-04-11T01:57:00Z UTC
Last seen:
2026-04-11T02:39:00Z UTC
Hits:
~10
Score:
98%
Verdict:
Malware
File Type:
APK
Gathering data
Detection(s):
Suspicious file
Result
Malware family:
n/a
Score:
6/10
Tags:
android defense_evasion discovery execution persistence
Behaviour
Schedules tasks to execute at a specified time
Acquires the wake lock
Makes use of the framework's foreground persistence service
Queries information about active data network
Please note that we are no longer able to provide a coverage score for Virus Total.
File information
The table below shows additional information about this malware sample such as delivery method and external references.
No further information available
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.