MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 79c3de875a609b3109f51b8d0bde1a25da7013c5a78333b415551fd6c1eb24a6. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 4

Intelligence 4 IOCs YARA File information Comments

SHA256 hash:	79c3de875a609b3109f51b8d0bde1a25da7013c5a78333b415551fd6c1eb24a6
SHA3-384 hash:	3f008c32b6af35a22fdd7595666af592997be444b524473f380e833c31e3a75ffcc2d92026a3014c7f73ada94e9e7096
SHA1 hash:	3962803b5b6f2d3a0a846f97d44427f826d35c2b
MD5 hash:	65e0a612675c23c983752a0d9dc0450c
humanhash:	kitten-magnesium-three-carolina
File name:	Polyx.v1.apk
Download:	download sample
File size:	1'693'812 bytes
First seen:	2025-12-08 12:22:19 UTC
Last seen:	Never
File type:	apk
MIME type:	application/zip
ssdeep	24576:DCnKwNCC8bro03MQyf+jHZQlEScGnWPqi4riZG7zSbKyqhvxRQZdNRZnYqgeK5xU:D4NX8J34GQCScpSixueboZqRBgevV
TLSH	T15C75F182F7D9AC2FCD7380364BBB4A7A05428D46C686C7134968762C5DBB9C48F95FC8
TrID	39.1% (.APK) Android Package (27000/1/5) 20.2% (.ZIP) Opera Widget (14000/1/2) 19.5% (.JAR) Java Archive (13500/1/2) 15.2% (.SH3D) Sweet Home 3D Design (generic) (10500/1/3) 5.7% (.ZIP) ZIP compressed archive (4000/1)
Magika	apk
Reporter	juroots
Tags:	apk signed

Code Signing Certificate

Organisation:	Android Debug
Issuer:	Android Debug
Algorithm:	sha1WithRSAEncryption
Valid from:	2023-01-04T01:03:06Z
Valid to:	2052-12-27T01:03:06Z
Serial number:	01
Intelligence:	382 malware samples on MalwareBazaar are signed with this code signing certificate
Cert Central Blocklist:	This certificate is on the Cert Central blocklist
Thumbprint Algorithm:	SHA256
Thumbprint:	44f16f0301af10f3b8ff14b279a9bf2426a87752592f5a46d0ea717e26e3ee1a
Source:	This information was brought to you by ReversingLabs A1000 Malware Analysis Platform

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

Vendor Threat Intelligence

No detections

Verdict:

Unknown

Threat level:

2.5/10

Confidence:

100%

Tags:

android base64 crypto evasive masquerade signed

Link:

https://www.filescan.io/uploads/6936c347bc15eab491f7115f/reports/61572ae0-9e7e-4b29-b82a-2909b1960e53/overview

Result

Link:

https://incinerator.cloud/#/public/report/65e0a612675c23c983752a0d9dc0450c/detail

Application Permissions

full Internet access (INTERNET)

Result

Verdict:

UNKNOWN

Link:

https://labs.inquest.net/dfi/sha256/79c3de875a609b3109f51b8d0bde1a25da7013c5a78333b415551fd6c1eb24a6

Score:

69%

Verdict:

Susipicious

File Type:

APK

Link:

https://malprob.io/report/79c3de875a609b3109f51b8d0bde1a25da7013c5a78333b415551fd6c1eb24a6

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/79c3de875a609b3109f51b8d0bde1a25da7013c5a78333b415551fd6c1eb24a6/

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=phb55b22mcntccpvdogqxxq2exnhae6fu6bthnavkup5nqplesta._file

Gathering data

Verdict:

Unknown

Tags:

n/a

YARA:

n/a

Link:

https://app.threat.zone/submission/920513c6-7ab0-45d5-93ff-34d39fc13616

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/79c3de875a609b3109f51b8d0bde1a25da7013c5a78333b415551fd6c1eb24a6

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

apk 79c3de875a609b3109f51b8d0bde1a25da7013c5a78333b415551fd6c1eb24a6

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/3729247/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample