MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 75b4d9eb26ed9e20009c9a55a58e66457d7ec4d7d060179f09f6522e96c62e2e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 75b4d9eb26ed9e20009c9a55a58e66457d7ec4d7d060179f09f6522e96c62e2e
SHA3-384 hash: 639462e418e14d25f96bcb83b3fbf0880820df26737f9aa7e7d75a52436009168a89bbfffe971236ae3b53922ad451ac
SHA1 hash: eda2bf70e495f84311a476975eddba1e48a6da4e
MD5 hash: 88320f095894d571e5015d32846d8cc5
humanhash: massachusetts-hawaii-cola-stairway
File name:TikTok18.apk
Download: download sample
File size:7'525'641 bytes
First seen:2025-12-03 08:11:18 UTC
Last seen:Never
File type: apk
MIME type:application/zip
ssdeep 196608:whNQnARRU5BQ13O3eFgBi9LLkvWdwHnexU:wh5MuSQ9LYvmwHexU
TLSH T1B2761203F78E492ECDE2B978199713716A15ACEC2910928F4D02F218BEB72D95F25FC5
TrID 49.0% (.APK) Android Package (27000/1/5)
24.5% (.JAR) Java Archive (13500/1/2)
19.0% (.SH3D) Sweet Home 3D Design (generic) (10500/1/3)
7.2% (.ZIP) ZIP compressed archive (4000/1)
Magika apk
Reporter juroots
Tags:apk signed

Code Signing Certificate

Organisation:App
Issuer:App
Algorithm:sha384WithRSAEncryption
Valid from:2025-12-02T20:52:55Z
Valid to:2080-09-04T20:52:55Z
Serial number: a7ee7a5cd99431c4
Thumbprint Algorithm:SHA256
Thumbprint: 075186922a414e8c79fdd0d10fa7571fdaaec301417b011947ca7ce7b0a610cb
Source:This information was brought to you by ReversingLabs A1000 Malware Analysis Platform

Intelligence

File Origin
# of uploads :
1
# of downloads :
28
Origin country :
RO RO
Vendor Threat Intelligence
No detections
Verdict:
Unknown
Threat level:
  2.5/10
Confidence:
100%
Tags:
android signed
Link:
https://www.filescan.io/uploads/692ff0b48e26c121ec95356e/reports/991af0a8-c7e2-44ca-95db-0e04d23a14e7/overview
Result
Link:
https://incinerator.cloud/#/public/report/88320f095894d571e5015d32846d8cc5/detail
Application Permissions
Allows an application to request installing packages. (REQUEST_INSTALL_PACKAGES)
full Internet access (INTERNET)
view network status (ACCESS_NETWORK_STATE)
prevent phone from sleeping (WAKE_LOCK)
Result
Verdict:
UNKNOWN
Link:
https://labs.inquest.net/dfi/sha256/75b4d9eb26ed9e20009c9a55a58e66457d7ec4d7d060179f09f6522e96c62e2e
Score:
75%
Verdict:
Malware
File Type:
APK
Link:
https://malprob.io/report/75b4d9eb26ed9e20009c9a55a58e66457d7ec4d7d060179f09f6522e96c62e2e
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/75b4d9eb26ed9e20009c9a55a58e66457d7ec4d7d060179f09f6522e96c62e2e/
Threat name:
Android.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2025-12-03 08:12:25 UTC
File Type:
Binary (Archive)
Extracted files:
3
AV detection:
6 of 36 (16.67%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ow2nt2zg5wpcaae4tjk2ldtgiv6x5rgx2bqbphyj6zjc5fwgfyxa._file
Result
Malware family:
n/a
Score:
  6/10
Tags:
n/a
Link:
https://tria.ge/reports/251203-j3k2xsxkdq/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/75b4d9eb26ed9e20009c9a55a58e66457d7ec4d7d060179f09f6522e96c62e2e

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

apk 75b4d9eb26ed9e20009c9a55a58e66457d7ec4d7d060179f09f6522e96c62e2e

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3724020/
  
Delivery method
Distributed via web download

Comments