MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 4bb5107629080ccccbf8d4a150467f4979aa260c4d6096878c0d42c12bc85088. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 4bb5107629080ccccbf8d4a150467f4979aa260c4d6096878c0d42c12bc85088
SHA3-384 hash: 434e7646caac05b8e7c9ca6f2156e58a1e986e6d4db27e3d20bc5f69612fede4d78e3bc5c27a40cf9618a1a7f44f8f7a
SHA1 hash: 3c3177f07d1463d0bb67c7146e95b00e57335923
MD5 hash: 8637269acab1d333d4d58f12442d5bf3
humanhash: lima-iowa-sierra-echo
File name:galaxy88new_1.0.0.apk
Download: download sample
File size:4'794'590 bytes
First seen:2025-12-01 20:34:37 UTC
Last seen:Never
File type: apk
MIME type:application/zip
ssdeep 98304:ApaXL+64cLxNl/iyypjXkLzq/64luh+6GUUifyFBlgLCr4Nb:wab+yxT/Y56yHxNoyF+b
TLSH T10126F18BFB49592FC87B14F249AE523116578D178E839B436C48321C68B76D83F9DBC8
TrID 65.0% (.APK) Android Package (27000/1/5)
25.3% (.SH3D) Sweet Home 3D Design (generic) (10500/1/3)
9.6% (.ZIP) ZIP compressed archive (4000/1)
Magika apk
Reporter juroots
Tags:apk

Intelligence

File Origin
# of uploads :
1
# of downloads :
45
Origin country :
IL IL
Vendor Threat Intelligence
No detections
Result
Link:
https://incinerator.cloud/#/public/report/8637269acab1d333d4d58f12442d5bf3/detail
Application Permissions
full Internet access (INTERNET)
Result
Verdict:
UNKNOWN
Link:
https://labs.inquest.net/dfi/sha256/4bb5107629080ccccbf8d4a150467f4979aa260c4d6096878c0d42c12bc85088
Verdict:
Unknown
File Type:
apk
First seen:
2023-10-02T00:59:00Z UTC
Last seen:
2025-11-17T05:20:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/4bb5107629080ccccbf8d4a150467f4979aa260c4d6096878c0d42c12bc85088/results?tab=lookup
Score:
98%
Verdict:
Malware
File Type:
APK
Link:
https://malprob.io/report/4bb5107629080ccccbf8d4a150467f4979aa260c4d6096878c0d42c12bc85088
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/4bb5107629080ccccbf8d4a150467f4979aa260c4d6096878c0d42c12bc85088/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=jo2ra5rjbagmzs7y2sqvart7jf42ujqmjvqjnb4mbvbmck6ikcea._file
Result
Malware family:
n/a
Score:
  7/10
Tags:
android collection credential_access discovery impact persistence
Link:
https://tria.ge/reports/251201-zddjjsvrel/
Behaviour
Checks CPU information
Checks memory information
Registers a broadcast receiver at runtime (usually for listening for system events)
Queries the mobile country code (MCC)
Obtains sensitive information copied to the device clipboard
Verdict:
Unknown
Tags:
n/a
YARA:
n/a
Link:
https://app.threat.zone/submission/bd351606-dd14-4495-91ed-0b5596ce300a
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.05
Link:
https://yomi.yoroi.company/submissions/4bb5107629080ccccbf8d4a150467f4979aa260c4d6096878c0d42c12bc85088

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

apk 4bb5107629080ccccbf8d4a150467f4979aa260c4d6096878c0d42c12bc85088

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3722929/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3723211/
  
URLhaus
https://urlhaus.abuse.ch/url/3723217/

Comments