MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8e7b0e8d2d82a7fcc696919f7bcd16d5d8008b68d7ff692f592a4dbb5cb083f3. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

SHA256 hash:	8e7b0e8d2d82a7fcc696919f7bcd16d5d8008b68d7ff692f592a4dbb5cb083f3
SHA3-384 hash:	8c24c3e0b8cd36323bd6b9fa0247f4f3a39b232f684a3d8cb4f1a6d8c04dfc24fcb9f0b317b7e08453e53a0571fada59
SHA1 hash:	17297853be16eb93186a1c12fb1bd1bc284f25fb
MD5 hash:	2173caecc50fac2fbf32656b7213c860
humanhash:	mango-comet-golf-bluebird
File name:	aomen58.apk
Download:	download sample
File size:	2'083'420 bytes
First seen:	2025-12-07 11:25:48 UTC
Last seen:	Never
File type:	apk
MIME type:	application/zip
ssdeep	49152:x7s1cBe3zyEWnV8OPyYXI4XWYwWhjRDl8Rdc46:1EyEWnV8KXIXYwmBl8Rdo
TLSH	T148A50243EB08E56BC5A7C63692769A5781064C658D83E7A30D41B16C0DFFAC09F9EFC8
TrID	49.0% (.APK) Android Package (27000/1/5) 24.5% (.JAR) Java Archive (13500/1/2) 19.0% (.SH3D) Sweet Home 3D Design (generic) (10500/1/3) 7.2% (.ZIP) ZIP compressed archive (4000/1)
Magika	apk
Reporter	juroots
Tags:	apk signed

Intelligence

---

File Origin

# of uploads :

1

# of downloads :

37

Origin country :

IL

Vendor Threat Intelligence

ACCE Unknown

No detections

FileScan.IO Unknown

Verdict:

Unknown

Threat level:

  2.5/10

Confidence:

100%

Tags:

base64 crypto evasive fingerprint signed

Link:

https://www.filescan.io/uploads/6935646dbba50eaf042523ca/reports/8f60d345-bca5-48db-997f-24a689a783f0/overview

Incinerator Dangerous

Result

Link:

https://incinerator.cloud/#/public/report/2173caecc50fac2fbf32656b7213c860/detail

Application Permissions

take pictures and videos (CAMERA)

record audio (RECORD_AUDIO)

read/modify/delete external storage contents (WRITE_EXTERNAL_STORAGE)

read phone state and identity (READ_PHONE_STATE)

read external storage contents (READ_EXTERNAL_STORAGE)

Allows an application to request installing packages. (REQUEST_INSTALL_PACKAGES)

coarse (network-based) location (ACCESS_COARSE_LOCATION)

fine (GPS) location (ACCESS_FINE_LOCATION)

Allows an application a broad access to external storage in scoped storage (MANAGE_EXTERNAL_STORAGE)

control flashlight (FLASHLIGHT)

view network status (ACCESS_NETWORK_STATE)

full Internet access (INTERNET)

control vibrator (VIBRATE)

view Wi-Fi status (ACCESS_WIFI_STATE)

prevent phone from sleeping (WAKE_LOCK)

change network connectivity (CHANGE_NETWORK_STATE)

change your audio settings (MODIFY_AUDIO_SETTINGS)

InQuest UNKNOWN

Result

Verdict:

UNKNOWN

Link:

https://labs.inquest.net/dfi/sha256/8e7b0e8d2d82a7fcc696919f7bcd16d5d8008b68d7ff692f592a4dbb5cb083f3

Kaspersky OpenTIP Adware

Verdict:

Adware

File Type:

apk

First seen:

2025-12-04T14:28:00Z UTC

Last seen:

2025-12-05T03:00:00Z UTC

Hits:

~100

Link:

https://opentip.kaspersky.com/8e7b0e8d2d82a7fcc696919f7bcd16d5d8008b68d7ff692f592a4dbb5cb083f3/results?tab=lookup

Nucleon Malprob Susipicious

Score:

56%

Verdict:

Susipicious

File Type:

APK

Link:

https://malprob.io/report/8e7b0e8d2d82a7fcc696919f7bcd16d5d8008b68d7ff692f592a4dbb5cb083f3

CERT.PL MWDB

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/8e7b0e8d2d82a7fcc696919f7bcd16d5d8008b68d7ff692f592a4dbb5cb083f3/

Spamhaus Hash Blocklist Suspicious file

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=rz5q5djnqkt7zruwsgpxxtiw2xmabc3i277wsl2zfjg3wxfqqpzq._file

Hatching Triage

Gathering data

Threat.Zone Unknown

Verdict:

Unknown

Tags:

n/a

YARA:

n/a

Link:

https://app.threat.zone/submission/71df172d-2cd3-4f23-98a6-924b6b4683e3

VirusTotal

Please note that we are no longer able to provide a coverage score for Virus Total.

YOROI YOMI Legit

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/8e7b0e8d2d82a7fcc696919f7bcd16d5d8008b68d7ff692f592a4dbb5cb083f3