MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 bd8cda80aaee3e4a17e9967a1c062ac5c8e4aefd7eaa3362f54044c2c94db52a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Pegasus


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments 1
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: bd8cda80aaee3e4a17e9967a1c062ac5c8e4aefd7eaa3362f54044c2c94db52a
SHA3-384 hash: 18eb63bb5b2e7cc9cbddd56cebbeeb05ae6dc0530c8a33eded278375dba3399f52feeee82cf2b03569210daac1b78265
SHA1 hash: 7289737c1dc462726abbe89335a7702c130bbdcc
MD5 hash: 8d4b77fa3546149f25bd17357d41fbf0
humanhash: hawaii-uniform-wyoming-cola
File name:Andr.PegasusB.apk
Download: download sample
Signature Pegasus
Create hunting rule
File size:1'108'049 bytes
First seen:2021-07-22 21:37:32 UTC
Last seen:2025-04-20 07:16:26 UTC
File type: apk
MIME type:application/zip
ssdeep 24576:RkVMvDz5Q6P8aJnB94XqMOkkXLjD+F5VCq7ncRL4GchuT:qKvDlhP8aj9bMvk7jDJqTmsGch0
TLSH T1FB35330B3523959FF88353B6D50884CB3564A7A70E4F90BB28FDC8BEC6518E26631D4A
Reporter Arkbird_SOLG
Tags:apk Pegasus signed

Code Signing Certificate

Organisation:Unknown
Issuer:Unknown
Algorithm:sha256WithRSAEncryption
Valid from:2018-11-06T23:33:40Z
Valid to:2046-03-24T23:33:40Z
Serial number: 54c05a98
Thumbprint Algorithm:SHA256
Thumbprint: 878e9880734ad025a0bb29916c342173b3c2c69cecaef09efefcf678e3d735b5
Source:This information was brought to you by ReversingLabs A1000 Malware Analysis Platform

Intelligence

File Origin
# of uploads :
3
# of downloads :
376
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Android.Obfus.AGtr.17193.UNOFFICIAL
Create hunting rule

SecuriteInfo.com.Andr.Pegasus-B.17259.15408.UNOFFICIAL
Create hunting rule

SecuriteInfo.com.Andr.Pegasus-B.31588.32305.UNOFFICIAL
Create hunting rule

Result
Verdict:
UNKNOWN
Link:
https://labs.inquest.net/dfi/sha256/bd8cda80aaee3e4a17e9967a1c062ac5c8e4aefd7eaa3362f54044c2c94db52a
Result
Threat name:
Unknown
Detection:
malicious
Classification:
spyw
Score:
56 / 100
Link:
https://www.joesandbox.com/analysis/265404
Signature
Antivirus or Machine Learning detection for sample
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
n/a
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/bd8cda80aaee3e4a17e9967a1c062ac5c8e4aefd7eaa3362f54044c2c94db52a/
Threat name:
Android.Spyware.Pegasus
Create hunting rule
Status:
Malicious
First seen:
2018-11-12 07:06:36 UTC
File Type:
Binary (Archive)
Extracted files:
31
AV detection:
19 of 45 (42.22%)
Threat level:
  2/5
Result
Malware family:
n/a
Score:
  8/10
Tags:
android
Link:
https://tria.ge/reports/210722-1f5vk2vgn2/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Chrysaor
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/bd8cda80aaee3e4a17e9967a1c062ac5c8e4aefd7eaa3362f54044c2c94db52a

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments


Avatar
commented on 2023-11-11 13:02:25 UTC

https://medium.com/@brotheralameen/malware-analysis-of-pegasus-spyware-70fe090f7cc2