Mobile threat intelligence for the masses

Try a real life example of Pithus on TryHackMe: Android Malware Analysis
Search by fuzzy hash

Results

com.sophos.smsec
98c80b9a02ae236de21b984abbdd838fa19088a4a67c861e791b6bcf199135f6
Sophos Intercept X for Mobile
Version: 3495
First seen: 2022-06-07T23:49:15.300896
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
org.cryptomator
7a6244dee11559b204bec9452c43c1b046586ccdba9448276cd38a20795c2054
Cryptomator
Version: 2659
First seen: 2022-04-29T05:31:12.551796
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
org.swiftapps.swiftbackup
b1bc11b745e89dcb92e695aa57dbdbcf8cb8f151c34125434cad112edc3c5ca7
Swift Backup
Version: 540
First seen: 2022-04-28T14:52:02.417143
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

2/62
keepass2android.keepass2android
56be0c42f4129a9510a7fa45494e11747c158d87aa5b7acd37c24a34f9d418a2
Keepass2Android
Version: 186
First seen: 2022-04-01T04:12:06.079119
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
Similar samples:
keepass2android.…
com.mural
92cd21eabe318b2a0b2af5ee6538e56d5b09bb1770628afa7dcfea59f8719df7
MURAL
Version: 17
First seen: 2022-02-09T09:18:42.491960
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
com.intsig.camscanner
31cb25b992fd69e76df0b3d0b797182f38c399ef0c373fac1f4d15936f94be48
CamScanner
Version: 5871
First seen: 2022-01-22T14:14:09.957872
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
keepass2android.keepass2android
4b5c6c8575efd660ef2baf8c3cd24afc40c520e8ce93d54d3762e34e8221b694
Keepass2Android
Version: 180
First seen: 2021-11-15T09:35:43.418397
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
Similar samples:
keepass2android.…
com.riteshsahu.SMSBackupRestorePro
20b3bdb58980718e373792f2b572b25fed2d4a92ecca7d22d9e02ca319f18273
SMS Backup & Restore Pro
Version: 1015002
First seen: 2021-11-03T15:56:03.690341
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
com.kmp.video
55f2e975dcdf62e41af35c5f90c20f7e9509645f031737e54ae592f6ea8fdcf6
KMP
Version: 3110130
First seen: 2021-10-25T22:55:20.156382
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

1/51
com.thegrizzlylabs.geniusscan
8927fccd6232755ff2859b7cce761516836da132da1d0b62aee47e91853540c7
Genius Scan+
Version: 2458
First seen: 2021-10-22T02:17:48.080090
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
me.bluemail.mail
639f18cdbd8479dbd2da6742f468fa0de10214ea6b06775467ab8746a89e5f67
BlueMail
Version: 17612
First seen: 2021-10-06T15:53:21.933053
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
com.azure.authenticator
cd7db187bca2a55392241b3e98feb4a911febd0b50f01f9d5b05976910b1c4ed
Authenticator
Version: 202077553
First seen: 2021-09-03T13:53:40.170464
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
io.enpass.app
a63dbd39d8b720ba62d8552137a6a90260cef0c34e7597fa0994c859b73b0a86
Enpass
Version: 129
First seen: 2021-07-16T09:37:29.234417
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

1/60
il.idf.idfcertwallet
ca6a93e22f5f222f890ff717290d1952827cb5f1762dfdd71d762a155971e929
הארנק הצה"לי
Version: 5
First seen: 2021-06-15T07:57:36.267373
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
com.imageline.FLM
6a1af01466ecbe0c406221b5999c8c9bf54c08bc2e2691700a19a5dc27891f74
FL Studio Mobile
Version: 305003
First seen: 2021-05-18T16:16:23.949608
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
com.ttxapps.autosync
83ce2ffdfd9d97c56e8103dea77af39eaef708d86286d2a3c527ada1d59107fa
Autosync
Version: 2012081
First seen: 2021-05-15T11:28:21.965221
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
com.microsoft.office.outlook
32b45747aae25cbf1a7294b4db84e063062cc407bfcccdd6cf8b2cb0b3c20613
Outlook
Version: 42114807
First seen: 2021-05-05T15:31:40.587478
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
com.box.android
75e4c38b97f580ab3da5489ebbe848db5b602e6cd245aea97ee8512f47fdccd9
Box
Version: 5200032
First seen: 2021-05-05T13:58:12.139907
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat level: Moderate Risk
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

31/63
com.tencent.mm
539889b68f27a908bd584851afe069402d61f9bf1beb5c2ba0240b5b875ac785
Correos
Version: 1
First seen: 2021-01-04T12:35:32.216843
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

34/64
Similar samples:
friend.cigar.spr…
friend.cigar.spray
3527dcd60b3f476a25f2e4828fb05633847e58b6939895a05aacd2a89b847d3d
InPost Mobile
Version: 1
First seen: 2021-01-01T13:30:30.129078
Attribute: domains

login.windows.net

Attribute: domains_analysis._name

login.windows.net

Threat:
33/62
Android.Dropper.Hqwar
Similar samples:
com.tencent.mm