MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a0fda1e0331abd159c86e5bbbcef171dfd861247804fb10f18583914bb923ed2. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a0fda1e0331abd159c86e5bbbcef171dfd861247804fb10f18583914bb923ed2
SHA3-384 hash: a2ef5fd11228774147e6c43d9711c7e1f6f4eba7cdbf80e122b08ff0ed82280be553f5b6bc1669764693487c1350b341
SHA1 hash: dea57322f6531a3e1f1227d64ab45ebbc245f4f4
MD5 hash: 905ffa6a99a741035e39792ab4d2fda7
humanhash: nitrogen-butter-hotel-oscar
File name:90.ipa
Download: download sample
File size:5'882'807 bytes
First seen:2026-05-04 12:53:26 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 98304:N0b/L5ED+tBMjGlPUi+jTJ3kx/vNA3pS27Jb1Wa28Ywa+USgtrPlVNuogpPwGVO4:N0jfIjePUiG4vNB27TWay5r7Qo4VO4
TLSH T17046236FD2AFB01CED2E3775D1469E42B481F42BFDB5B4986E62130CB2DAB115060B4B
TrID 81.8% (.IPA) iOS Application (18000/1/4)
18.1% (.ZIP) ZIP compressed archive (4000/1)
Magika zip
Reporter 0x746f6d6669
Tags:ipa SparkKitty zip

Intelligence

File Origin
# of uploads :
1
# of downloads :
60
Origin country :
DE DE
Vendor Threat Intelligence
Gathering data
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/a0fda1e0331abd159c86e5bbbcef171dfd861247804fb10f18583914bb923ed2
Result
Verdict:
SUSPICIOUS
Link:
https://labs.inquest.net/dfi/sha256/a0fda1e0331abd159c86e5bbbcef171dfd861247804fb10f18583914bb923ed2
Details
Base64 Encoded URL
Detected an ANSI or UNICODE http:// or https:// base64 encoded URL prefix.
Verdict:
Clean
File Type:
zip
Link:
https://opentip.kaspersky.com/a0fda1e0331abd159c86e5bbbcef171dfd861247804fb10f18583914bb923ed2/results?tab=lookup
Score:
29%
Verdict:
Benign
File Type:
ARCHIVE
Link:
https://malprob.io/report/a0fda1e0331abd159c86e5bbbcef171dfd861247804fb10f18583914bb923ed2
Verdict:
inconclusive
YARA:
2 match(es)
Tags:
Zip Archive
Link:
https://app.malva.re/file/905ffa6a99a741035e39792ab4d2fda7
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/a0fda1e0331abd159c86e5bbbcef171dfd861247804fb10f18583914bb923ed2/
Verdict:
Clean
Link:
https://tip.neiki.dev/file/a0fda1e0331abd159c86e5bbbcef171dfd861247804fb10f18583914bb923ed2
Threat name:
iOS.Trojan.SparkKitty
Create hunting rule
Status:
Malicious
First seen:
2026-04-13 15:57:42 UTC
File Type:
Binary (Archive)
Extracted files:
414
AV detection:
10 of 24 (41.67%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ud62dybtdk6rlheg4w53z3yxdx6ymeshqbh3cdyyla4rjo4sh3ja._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
macos
Link:
https://tria.ge/reports/260504-qpca7acy4y/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments