MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b8f7304f293daad9beb862a068f837a4426792656a3a2695b614dbe9ac920b3e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: b8f7304f293daad9beb862a068f837a4426792656a3a2695b614dbe9ac920b3e
SHA3-384 hash: 71cb7b5ba808fe69d5d580f7f21147b05c78b4cd89a1d539ed0afc9639422984847a0b5411590b70522846fdc606af03
SHA1 hash: 2b1643297de9892dcb1e14cb1d80798a2b811283
MD5 hash: 0b9f152cf6919cb566ff19cc9a49455d
humanhash: grey-sink-delaware-nine
File name:planet4d.apk
Download: download sample
File size:1'091'435 bytes
First seen:2025-12-07 11:26:06 UTC
Last seen:Never
File type: apk
MIME type:application/zip
ssdeep 12288:r6nECu+F54p+bfJNXm9gDQErxLwFmNCYa9Ysmfm6CDqT7gQ/+Tf6UrohZ:GnEw/j1NXm9mrxLwFmNCX9jmfmETOTfw
TLSH T163358D82EF05E82AD5F7C637827546BB66164C184B93D3831A89B23C1DB79C04BD9FC9
TrID 49.0% (.APK) Android Package (27000/1/5)
24.5% (.JAR) Java Archive (13500/1/2)
19.0% (.SH3D) Sweet Home 3D Design (generic) (10500/1/3)
7.2% (.ZIP) ZIP compressed archive (4000/1)
Magika apk
Reporter juroots
Tags:apk signed

Code Signing Certificate

Organisation:Android
Issuer:Android
Algorithm:sha1WithRSAEncryption
Valid from:2008-02-29T01:33:46Z
Valid to:2035-07-17T01:33:46Z
Serial number: 936eacbe07f201df
Intelligence: 1710 malware samples on MalwareBazaar are signed with this code signing certificate
Thumbprint Algorithm:SHA256
Thumbprint: a40da80a59d170caa950cf15c18c454d47a39b26989d8b640ecd745ba71bf5dc
Source:This information was brought to you by ReversingLabs A1000 Malware Analysis Platform

Intelligence

File Origin
# of uploads :
1
# of downloads :
47
Origin country :
IL IL
Vendor Threat Intelligence
No detections
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Tags:
base64 crypto evasive fakeapp fingerprint signed
Link:
https://www.filescan.io/uploads/69356476bba50eaf042523cf/reports/92a0d35a-f273-4484-84ba-2c21dfa67cc4/overview
Result
Link:
https://incinerator.cloud/#/public/report/0b9f152cf6919cb566ff19cc9a49455d/detail
Application Permissions
fine (GPS) location (ACCESS_FINE_LOCATION)
take pictures and videos (CAMERA)
read external storage contents (READ_EXTERNAL_STORAGE)
read/modify/delete external storage contents (WRITE_EXTERNAL_STORAGE)
view network status (ACCESS_NETWORK_STATE)
control vibrator (VIBRATE)
full Internet access (INTERNET)
Result
Verdict:
SUSPICIOUS
Link:
https://labs.inquest.net/dfi/sha256/b8f7304f293daad9beb862a068f837a4426792656a3a2695b614dbe9ac920b3e
Verdict:
Unknown
File Type:
apk
Link:
https://opentip.kaspersky.com/b8f7304f293daad9beb862a068f837a4426792656a3a2695b614dbe9ac920b3e/results?tab=lookup
Score:
14%
Verdict:
Benign
File Type:
APK
Link:
https://malprob.io/report/b8f7304f293daad9beb862a068f837a4426792656a3a2695b614dbe9ac920b3e
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/b8f7304f293daad9beb862a068f837a4426792656a3a2695b614dbe9ac920b3e/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=xd3tatzjhwvntpvymkqgr6bxurbgpetfni5cnfnwctn6tlesbm7a._file
Gathering data
Verdict:
Unknown
Tags:
n/a
YARA:
n/a
Link:
https://app.threat.zone/submission/56b834cd-e8fa-4c5c-b7f5-4be22cc8d348
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.54
Link:
https://yomi.yoroi.company/submissions/b8f7304f293daad9beb862a068f837a4426792656a3a2695b614dbe9ac920b3e

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

apk b8f7304f293daad9beb862a068f837a4426792656a3a2695b614dbe9ac920b3e

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3728649/
  
Delivery method
Distributed via web download

Comments