Mobile threat intelligence for the masses

Try a real life example of Pithus on TryHackMe: Android Malware Analysis
Search by fuzzy hash

Results

cn.wps.moffice_eng
4f25febf3818e7f04ec59c01abdb83820ef5409c3a9a038f8d6a78a73481ae8a
WPS Office (Kingsoft Office)
Version: 97
First seen: 2022-07-14T01:41:52.880658
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
com.doubleTwist.cloudPlayerPro
d1396111d543bd3cff14ac00650f29e7b088e2d7d80afda72b1caf84192390ac
CloudPlayer Platinum
Version: 10177
First seen: 2022-06-09T23:21:48.360457
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
com.intsig.camscanner
265479ed06b68288594dcf017cfa7c9f99470ec93e44c3ab0dce725ed6962631
CamScanner
Version: 61587
First seen: 2022-05-27T23:13:40.787474
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
com.sec.android.app.myfiles
cd179a71e5bb1efbe4defd9794cfba05f2ba792c89b24a786c29fdcb5d57ce8f
My Files
Version: 1010201221
First seen: 2022-05-24T01:45:39.534261
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
pl.solidexplorer2
7dbe27a9be541a7d61cb6ca157cb8988aef3161001219046747f6819d020bcdd
Solid Explorer
Version: 200246
First seen: 2022-05-18T10:42:57.397082
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

pl.solidexplorer2
e0aff63b467d0349ca63351a5fdb85a55ebfaa0afd30885e37a20797a5c99f54
Solid Explorer
Version: 200246
First seen: 2022-05-16T17:40:51.916603
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
pl.solidexplorer2
2983dc6a6e62364c371c849e31ddd375a9d3d694a66f6bc964f923852c90ed56
Solid Explorer
Version: 200246
First seen: 2022-05-16T17:31:12.787395
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

pl.solidexplorer2
bd04005ff5ab6fd768f9b7aceabf22f295638181e941360785db78393033669f
Solid Explorer
Version: 200246
First seen: 2022-05-05T20:13:06.283962
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

pl.solidexplorer2
ab81643332bf6a08f1c394dfbb8144ad82534f093f5842e1d2b0ddaa1db13f04
Solid Explorer
Version: 200245
First seen: 2022-05-05T20:06:33.117144
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

com.mixplorer
07408af01aaa59dd762ddf3caab206df2fc1356b967139a99e80f266465a2088
MiXplorer
Version: 1805171
First seen: 2022-04-06T17:08:50.531973
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
keepass2android.keepass2android
56be0c42f4129a9510a7fa45494e11747c158d87aa5b7acd37c24a34f9d418a2
Keepass2Android
Version: 186
First seen: 2022-04-01T04:12:06.079119
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
Similar samples:
keepass2android.…
pl.solidexplorer2
e9b9c5a1f104882be9cf8732ba75e78d5f657cef9edad57dbed10b605fd597dd
Solid Explorer
Version: 200245
First seen: 2022-03-27T22:41:59.597130
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

pl.solidexplorer2
558f46f8332ac7b81c981c89e52ed9285c0a71c92ab38d801f3ed83e385d0185
Solid Explorer
Version: 200245
First seen: 2022-03-25T19:51:39.761856
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

com.finaccel.android
6378c0a1019c101de40b8c1a4d30146178c39a23ce150cd6c9af13f21e45f335
Kredivo
Version: 903050920
First seen: 2022-03-08T18:31:59.494160
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
com.readdle.spark
dc48ff7c0e18103e451ecb6b8ae0cc330b1c59169c526786fd179e1b68413ec6
Spark
Version: 21104443
First seen: 2022-02-17T19:23:48.821557
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
com.touchtype.swiftkey
90e588af7adf1ebd764a39b258660c1ac459db7b51c1ac08acfd2a78f227dcd7
Microsoft SwiftKey Keyboard
Version: 956301392
First seen: 2022-02-05T18:36:35.311922
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
com.touchtype.swiftkey
5652600a22ed24f6d919c77110939bb192faf3a6c85557db1bbed10095941300
SwiftKey
Version: 958595152
First seen: 2022-02-05T10:02:07.961853
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

1/49
com.intsig.camscanner
31cb25b992fd69e76df0b3d0b797182f38c399ef0c373fac1f4d15936f94be48
CamScanner
Version: 5871
First seen: 2022-01-22T14:14:09.957872
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
com.meamobile.printicular
0f4e04a6648eea18fc599ea75960cdcdc5f29358d04857b66d1d1d8225b6eb72
Printicular
Version: 110
First seen: 2022-01-02T08:28:12.556169
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
keepass2android.keepass2android
4b5c6c8575efd660ef2baf8c3cd24afc40c520e8ce93d54d3762e34e8221b694
Keepass2Android
Version: 180
First seen: 2021-11-15T09:35:43.418397
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
Similar samples:
keepass2android.…
com.touchtype.swiftkey
e4831edf46cad142c4ad9726768a286f902e4d2f96f802dbee3c7e50bb9c1223
Microsoft SwiftKey Keyboard
Version: 958464048
First seen: 2021-11-11T18:56:09.112601
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

1/59
Similar samples:
com.amaze.filema…
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

1/61
Similar samples:
com.amaze.filema…
org.cryptomator
fdade7112a37046772fff1d00f962d3f78b2d2688b5de6a2a09e647cea48a6b8
Cryptomator
Version: 2499
First seen: 2021-11-03T04:02:17.269444
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
me.bluemail.mail
639f18cdbd8479dbd2da6742f468fa0de10214ea6b06775467ab8746a89e5f67
BlueMail
Version: 17612
First seen: 2021-10-06T15:53:21.933053
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
com.metago.astro
7d74913c82306bb70e68f27b2836896c2f883bd0f20e39b783b225a29a87ba16
ASTRO File Manager
Version: 2021042815
First seen: 2021-10-06T13:40:20.623833
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
com.meritnation.school
a038127e6e2d0ecdbc2bd88ebd4b619a62962314ee757cebe4a91392ec81db22
Meritnation
Version: 124
First seen: 2021-10-01T16:42:01.472067
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
com.datbraincompany.hudi
2b6303a50472282bbf8ad7e6bd0ad0ddf0925403b313a3dc3c8ca8e624c23a50
HUDI Browser
Version: 31
First seen: 2021-09-16T11:30:00.574678
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: High Risk
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
com.datbraincompany.hudi
3446ccbf96a485c8a95febd5d81d45010f2ac2b6ef48b8531ce07a209ccd4d73
HUDI Browser
Version: 34
First seen: 2021-09-13T17:53:26.608855
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: High Risk
com.azure.authenticator
cd7db187bca2a55392241b3e98feb4a911febd0b50f01f9d5b05976910b1c4ed
Authenticator
Version: 202077553
First seen: 2021-09-03T13:53:40.170464
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
io.enpass.app
a63dbd39d8b720ba62d8552137a6a90260cef0c34e7597fa0994c859b73b0a86
Enpass
Version: 129
First seen: 2021-07-16T09:37:29.234417
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

1/60
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

1/63
org.kman.AquaMail
f04f830976c62cc8f58ad02d7093cf778ea7ab3e7dc81973f21ef6febe305e16
Aqua Mail
Version: 103000000
First seen: 2021-06-15T13:22:27.750757
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
cn.wps.moffice_eng
eaeb48ba7893046a9b93c0da0e2cb5d575af726c6a88fed2b6bd1b15b5bae5b1
WPS Office
Version: 128
First seen: 2021-05-26T07:04:44.298587
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
com.ttxapps.autosync
83ce2ffdfd9d97c56e8103dea77af39eaef708d86286d2a3c527ada1d59107fa
Autosync
Version: 2012081
First seen: 2021-05-15T11:28:21.965221
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
com.citymobil
cdc39be672437c4f1b2876e1d8572ad4c0f5978120a13dedc19a12b5e75c171c
Ситимобил
Version: 803
First seen: 2021-05-12T21:15:44.171221
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
com.microsoft.office.outlook
32b45747aae25cbf1a7294b4db84e063062cc407bfcccdd6cf8b2cb0b3c20613
Outlook
Version: 42114807
First seen: 2021-05-05T15:31:40.587478
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
io.enpass.app
45ae6ffd70902715ae904cb1c61428fadee9a5724e4faa56769294bea1a8e86c
Enpass
Version: 368
First seen: 2021-02-26T23:34:44.095177
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
com.mobisystems.office
8ec8dfe5f3e899035f9b6345e0636c4d801a19c4dc35f69bfcac8b77e3781a1c
OfficeSuite
Version: 12701
First seen: 2021-02-22T23:43:36.319579
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
pl.solidexplorer2
deea77ed9a001972a3653cbab70fbb167957decd48a39283d85d5a2a35d8ed08
Solid Explorer
Version: 200189
First seen: 2021-02-16T23:36:39.537505
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat level: Moderate Risk
com.tencent.mm
539889b68f27a908bd584851afe069402d61f9bf1beb5c2ba0240b5b875ac785
Correos
Version: 1
First seen: 2021-01-04T12:35:32.216843
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

34/64
Similar samples:
friend.cigar.spr…
friend.cigar.spray
3527dcd60b3f476a25f2e4828fb05633847e58b6939895a05aacd2a89b847d3d
InPost Mobile
Version: 1
First seen: 2021-01-01T13:30:30.129078
Attribute: domains

login.live.com

Attribute: domains_analysis._name

login.live.com

Threat:
33/62
Android.Dropper.Hqwar
Similar samples:
com.tencent.mm