MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7c25f1090921bb3692900dc333a466fad7feb25631cb2fd2fc7f85ab1eaf729f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 7c25f1090921bb3692900dc333a466fad7feb25631cb2fd2fc7f85ab1eaf729f
SHA3-384 hash: 20c29fac6586762dbb6ec5ae3a1a11c13bcb6d148202eb999b5ac8a00b881173dbc0a759f11169e46640973c6f3bb484
SHA1 hash: 3888659b0d9179021e5c9cf0bb7d1a04b856eec8
MD5 hash: aaf72426d1cde99e371d3baff559a2a7
humanhash: alpha-sink-skylark-washington
File name:Muzik.indir.apk
Download: download sample
File size:9'570'547 bytes
First seen:2025-12-24 12:00:48 UTC
Last seen:Never
File type: apk
MIME type:application/zip
ssdeep 196608:RqaXisdOLLc8SCCF1UdvZEteCRjEvtVli0GrdzpixdrdUNIx:RqaisdOv2vmh2zFEFVVG5pixrUNm
TLSH T109A62357FF18682BC5B3C332467A465995169C01C793C35B6868B13C2AFBED08AD9F8C
TrID 49.0% (.APK) Android Package (27000/1/5)
24.5% (.JAR) Java Archive (13500/1/2)
19.0% (.SH3D) Sweet Home 3D Design (generic) (10500/1/3)
7.2% (.ZIP) ZIP compressed archive (4000/1)
Magika apk
Reporter Anonymous
Tags:apk banker signed

Code Signing Certificate

Organisation:Android
Issuer:Android
Algorithm:sha1WithRSAEncryption
Valid from:2008-02-29T01:33:46Z
Valid to:2035-07-17T01:33:46Z
Serial number: 936eacbe07f201df
Intelligence: 1716 malware samples on MalwareBazaar are signed with this code signing certificate
Thumbprint Algorithm:SHA256
Thumbprint: a40da80a59d170caa950cf15c18c454d47a39b26989d8b640ecd745ba71bf5dc
Source:This information was brought to you by ReversingLabs A1000 Malware Analysis Platform

Intelligence

File Origin
# of uploads :
1
# of downloads :
142
Origin country :
TR TR
Vendor Threat Intelligence
No detections
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
android bangbang_reinforcement base64 crypto evasive fingerprint lolbin obfuscated packed signed tracker
Link:
https://www.filescan.io/uploads/694bd617e126b9ff438fda88/reports/dd0ab1d0-e90b-4317-998b-31bd7d2a7b1b/overview
Result
Link:
https://incinerator.cloud/#/public/report/aaf72426d1cde99e371d3baff559a2a7/detail
Application Permissions
Allows an application to request installing packages. (REQUEST_INSTALL_PACKAGES)
Result
Verdict:
UNKNOWN
Link:
https://labs.inquest.net/dfi/sha256/7c25f1090921bb3692900dc333a466fad7feb25631cb2fd2fc7f85ab1eaf729f
Details
Base64 Encoded URL
Detected an ANSI or UNICODE http:// or https:// base64 encoded URL prefix.
Verdict:
Malicious
File Type:
apk
First seen:
2025-12-23T00:24:00Z UTC
Last seen:
2025-12-23T01:00:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/7c25f1090921bb3692900dc333a466fad7feb25631cb2fd2fc7f85ab1eaf729f/results?tab=lookup
Score:
22%
Verdict:
Benign
File Type:
APK
Link:
https://malprob.io/report/7c25f1090921bb3692900dc333a466fad7feb25631cb2fd2fc7f85ab1eaf729f
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/7c25f1090921bb3692900dc333a466fad7feb25631cb2fd2fc7f85ab1eaf729f/
Threat name:
Android.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2025-12-20 15:36:35 UTC
File Type:
Binary (Archive)
Extracted files:
995
AV detection:
7 of 36 (19.44%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=pqs7ccijeg5tneuqbxbthjdg7ll75mswghfs7ux4p6c2whvpokpq._file
Result
Malware family:
n/a
Score:
  7/10
Tags:
android collection credential_access defense_evasion evasion impact
Link:
https://tria.ge/reports/251224-n681dabz5f/
Behaviour
Uses Crypto APIs (Might try to encrypt user data)
Loads dropped Dex/Jar
Verdict:
Unknown
Tags:
n/a
YARA:
n/a
Link:
https://app.threat.zone/submission/09e3a9a6-b013-40ed-b030-ff3549c15798
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/7c25f1090921bb3692900dc333a466fad7feb25631cb2fd2fc7f85ab1eaf729f

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments