MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 57a0a81eebdf6c1e0a5ab0489165f167856712121b86959f0c34ce5c24014266. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 57a0a81eebdf6c1e0a5ab0489165f167856712121b86959f0c34ce5c24014266
SHA3-384 hash: 37fe182dc3708d38922d52a211a8333c16f29d573e65598da457c699b04510ffa309ae4611fc10e60363a623d82329cf
SHA1 hash: 4501152ad4f7ab94c6a35c47d878d89ebebd7d3f
MD5 hash: 09d23ae331db4625df08192fbce2e270
humanhash: april-skylark-lake-papa
File name:Chrome (7).apk
Download: download sample
File size:2'441'463 bytes
First seen:2025-12-29 20:30:26 UTC
Last seen:Never
File type: apk
MIME type:application/zip
ssdeep 49152:6YRmpTrwTMCH++RdGM+kthvXdsumQzQLhdWj6VdvPOwqqgYlLJI:6YRmTkoM+Ghu3rVJPogI
TLSH T1B3B5E045BBA89E1EC877D0320D4A5635A55AEC23C703C387EDB4275928AF6F44F017EA
TrID 60.6% (.APK) Android Package (27000/1/5)
30.3% (.JAR) Java Archive (13500/1/2)
8.9% (.ZIP) ZIP compressed archive (4000/1)
Magika apk
Reporter tykkz
Tags:apk siberguvenlik signed

Code Signing Certificate

Organisation:key_jizpx0n
Issuer:key_jizpx0n
Algorithm:sha256WithRSAEncryption
Valid from:2025-12-29T20:09:35Z
Valid to:2053-05-16T20:09:35Z
Serial number: 59b9652a1e50e1a1
Thumbprint Algorithm:SHA256
Thumbprint: 805be28db527ae5fb997b938ad3a8b4c5923189f217bfe419546ca7a813e79e5
Source:This information was brought to you by ReversingLabs A1000 Malware Analysis Platform

Intelligence

File Origin
# of uploads :
1
# of downloads :
47
Origin country :
NL NL
Vendor Threat Intelligence
No detections
Detection(s):
Unix.Dropper.Fakeapp-10014994-0
Create hunting rule

Result
Link:
https://incinerator.cloud/#/public/report/09d23ae331db4625df08192fbce2e270/detail
Application Permissions
Allows an application to request installing packages. (REQUEST_INSTALL_PACKAGES)
display system-level alerts (SYSTEM_ALERT_WINDOW)
full Internet access (INTERNET)
prevent phone from sleeping (WAKE_LOCK)
Result
Verdict:
UNKNOWN
Link:
https://labs.inquest.net/dfi/sha256/57a0a81eebdf6c1e0a5ab0489165f167856712121b86959f0c34ce5c24014266
Verdict:
Malicious
File Type:
apk
First seen:
2025-12-29T19:02:00Z UTC
Last seen:
2025-12-30T05:49:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/57a0a81eebdf6c1e0a5ab0489165f167856712121b86959f0c34ce5c24014266/results?tab=lookup
Score:
90%
Verdict:
Malware
File Type:
APK
Link:
https://malprob.io/report/57a0a81eebdf6c1e0a5ab0489165f167856712121b86959f0c34ce5c24014266
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/57a0a81eebdf6c1e0a5ab0489165f167856712121b86959f0c34ce5c24014266/
Threat name:
Android.Infostealer.Anubis
Create hunting rule
Status:
Malicious
First seen:
2025-12-29 20:31:25 UTC
File Type:
Binary (Archive)
Extracted files:
193
AV detection:
10 of 24 (41.67%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=k6qkqhxl35wb4cs2wbejczprm6cwoeqsdodjlhymgthfyjabijta._file
Result
Malware family:
n/a
Score:
  6/10
Tags:
android defense_evasion
Link:
https://tria.ge/reports/251229-zaemfahz4g/
Behaviour
Checks the application is allowed to request package installs through the package installer
Verdict:
Malicious
Tags:
Unix.Dropper.Fakeapp-10014994-0
YARA:
n/a
Link:
https://app.threat.zone/submission/8c8a2d16-0dfe-4814-83f9-8edc060f1611
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/57a0a81eebdf6c1e0a5ab0489165f167856712121b86959f0c34ce5c24014266

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

apk 57a0a81eebdf6c1e0a5ab0489165f167856712121b86959f0c34ce5c24014266

(this sample)

  
Link
https://github.com/nuribilgeceylen-eng/babacan/raw/refs/heads/main/Chrome.apk
  
URLhaus
https://urlhaus.abuse.ch/url/3746248/
  
Delivery method
Distributed via web download

Comments