| Key | Value |
|---|---|
| FileName | http://mirror.math.princeton.edu/pub/blackarch/blackarch/os//x86_64//backdoor-apk-141.2710126-1-any.pkg.tar.xz |
| MD5 | 00AED8E0BCB8735D9263027D9614DAC1 |
| SHA-1 | CD0741C5936196C1E9815EDD4911E98C6066EEBA |
| SHA-256 | AB63E73DA090317BDA5EFB55D9628A3B508B19C8F7D6E0ACED07B575043AA53D |
| SSDEEP | 1572864:bEOzVbUsp52gOqs5PBlb7SdYfFfCqx/Qm8KATrD4hKvxk:bhFUM7OnVB9SqfFKqeTKA3kKJk |
| TLSH | T1A8B7333A38F185C8D1B96D0B85597E2BB381E54DFCCD5C5DAC1DB4A422E772B26F080A |
| hashlookup:children-total | 175 |
| hashlookup:trust | 50 |
The searched file hash includes 175 children files known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileName | usr/share/backdoor-apk/third-party/android-sdk-linux/build-tools/25.0.2/lib64/libLLVM.so |
| FileSize | 30712616 |
| MD5 | 7DF50D2D9A89013A15E742F54A234963 |
| SHA-1 | 00C0C99F877697CE1C321DB44B71666456F909DF |
| SHA-256 | A064E467B7D2CBF08CE24BBC3D2D61355804D35CF1FAB918DB23349A69CA8A3A |
| SSDEEP | 196608:S9ObpRnhJmzGIfRZ72A3MBMiI1ALVl7IuMWImztg:RppL0Z72A8ahALtze |
| TLSH | T110676C03F6A1851DC96AC534474FA332F734BC8999212B6BBAD4EF392D32F419B1A750 |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | usr/share/backdoor-apk/third-party/android-sdk-linux/build-tools/25.0.2/renderscript/lib/blas/x86_64/libblasV8.so |
| FileSize | 1788560 |
| MD5 | 324083166E19C926F56A398164C1777A |
| SHA-1 | 015FEF71E62F5A9B61B40A3FE0B39D5B4644BBD1 |
| SHA-256 | B053F1D9A6C19EBDFCB767E678C19BEE083CD40B6552A65C2C67432894B3A50B |
| SSDEEP | 49152:JcMOygKLLE3ysiicd1kva9m+oyKr9rT53GyAK2oL3eTeu:JcN9MQU |
| TLSH | T124855B43F5E3659DD26BC03413DAB6B3B220347901E63E3F6B959E312979EC05A2A713 |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | usr/share/thefatrat/tools/android-sdk/renderscript/lib/intermediates/armeabi-v7a/libc.so |
| FileSize | 771876 |
| MD5 | 5E19BCDE48CD7CDBD8E0B4F4FE60D3A8 |
| SHA-1 | 038735463E1F23A09F4D10814725CB02030F7A08 |
| SHA-256 | 076861A228FD9C7A41C164D625B6141FD1E0C6D74B814B484E136DC3B64C2232 |
| SSDEEP | 12288:D5W1IfNlXsbYuZ32CsOrCXgNM9RxIv79jgV769SeQ3VtLsLW1IfNlXsbYuZ:DM1IfNlXsbY82Csnw9ZCtLR1IfNlXsbY |
| TLSH | T10AF47C81F98E4F36C1FB973A3A3F16E02732D448B39347126E8DD4693A1225CDB67952 |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | usr/share/thefatrat/tools/android-sdk/renderscript/lib/renderscript-v8.jar |
| FileSize | 156684 |
| MD5 | 35AAD17D89AA0F175213EBB662B13365 |
| SHA-1 | 05668B8CD6C7B07F152B6A5B4C6CFF620817BA0F |
| SHA-256 | 5C4EAE63C6BFBE8697337EDFE93C56CA7B248261193378F011B44A0F0230035F |
| SSDEEP | 3072:on00krnEwu1l1yfZeg9ZApRYeJQ4bWYDS5EiI:o0zEZmZUpmejiYDRiI |
| TLSH | T114E3D076AEA0F0E8D15B2035657DCC37ED0E02848DAED00311B59D8BC9199E88FEBF56 |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| CRC32 | EB74FA32 |
| FileName | ./usr/lib/llvm-3.8/lib/clang/3.8.0/include/avx2intrin.h |
| FileSize | 42907 |
| MD5 | 86FE29F96CAE08C0DC05E8E9BBC1E571 |
| OpSystemCode | 362 |
| ProductCode | 183705 |
| RDS:package_id | 182052 |
| SHA-1 | 0810A20B4F1F49778E3DFABCAB1EEE11F95686D5 |
| SHA-256 | 260C593D8E2AF431321D74B1B07B3987437BF477EC8FD3E915E008AA993B0CF5 |
| SSDEEP | 384:fEBEWiXCcErhzT7BE2dzykB2yXbB2khZbcSvynuY:sBEdXCcEhBE2dzykBpbB2khZbcSG |
| SpecialCode | |
| TLSH | T168135FC7F660DBC54906A49090538E2CF57D5EAF6A2D3941F9AD28C7EF1F0A3A235E04 |
| db | nsrl_modern_rds |
| insert-timestamp | 1679424572.3133504 |
| source | RDS.db |
| tar:gname | bin |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | usr/share/thefatrat/tools/android-sdk/renderscript/include/rs_quaternion.rsh |
| FileSize | 10913 |
| MD5 | C75167261C8E421C7116DE186CF0C6F4 |
| SHA-1 | 09533866BCD78B7E71A2A6B529C1212E8BB763E0 |
| SHA-256 | 7579FE6EE51C86B6D3CDA482E1B8599A7744FB679F6CD10DFA5106143652893A |
| SSDEEP | 192:99XHIxU8FSDRsCLx5qv0W/kiYpWVyUIAZ4qb6cADb6YP5j7B23EhOvg/IEeoW6dP:994uBLxkvZtExULaA5/a |
| TLSH | T1D93234F25D507032BE42D3E11A6A6073A134A1977B05CD61B05FE6AC5F0789B43BDEE2 |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| CRC32 | 17A3A1EE |
| FileName | ./usr/lib/llvm-3.5/lib/clang/3.5.0/include/stdnoreturn.h |
| FileSize | 1381 |
| KnownMalicious | malshare.com |
| MD5 | 294412F598218AC0AF6082B87A8EEFE9 |
| OpSystemCode | 362 |
| ProductCode | 239421 |
| RDS:package_id | 182052 |
| SHA-1 | 0A19DA009FD0367321BDD213E4F4261527366F95 |
| SHA-256 | 4919ED8A963BFE90FD830333718223BC3D30F24C370D70C10EF022832519F7A4 |
| SHA-512 | 0E994B54338D7830D867760BF1E4C9996ADCBB6F855546C0D5F1B2FD28BD5C13952614F9EC9BF2BCFF06586D79F2EA940FC2A74BDD2F815453BC7EA8E22778F5 |
| SSDEEP | 24:BGc7+srmJHFH0yb3gt84EHlQ1hQe9QHWsUv4WOk4/+RJo3oqOAF5C3h7y3JSGLQf:BF7+sCJ9lDEtsQQMQHWs5G7Jo3oAF5Cp |
| SpecialCode | |
| TLSH | T10821531E7ED007631A67C7701A1928E4F11AFA5B791B2788646AF2181F270BCC1FFC88 |
| db | nsrl_android |
| insert-timestamp | 1728263047.645276 |
| mimetype | text/x-c |
| source | snap:2V9w8kYOtxYW5wN1bXWwQ1dllTmnzKiS_13 |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| CRC32 | 4AF14A58 |
| FileName | ./usr/lib/llvm-4.0/lib/clang/4.0.0/include/rdseedintrin.h |
| FileSize | 2029 |
| KnownMalicious | malshare.com |
| MD5 | 8DB41C5CBD2F827C67E8FC886F4F7174 |
| OpSystemCode | 362 |
| ProductCode | 239421 |
| RDS:package_id | 182052 |
| SHA-1 | 0A61DF51D8A9C090FC4A0ACF9132356F7B9F037C |
| SHA-256 | 79EE08DD2BB46EAEA403B852B0639E4C4E056815585F565107E85D957CF336A2 |
| SHA-512 | 142068B7FC88732D16660B22E13A36860848CF36C3CAB8E269D6648F02515EB8E4AEFEF018F4BEA84DFC70BEF984723A75C7E465C5F1B59739454C2E9F47E9FF |
| SSDEEP | 48:BssCJ9lDEtsQQMQHWs5G7Jo3oAF5POgrZCOMd5qvRmm:6rgtYMQHqEo2OgrEOMzKRmm |
| SpecialCode | |
| TLSH | T1E74143397D11C3B6154BC6B0905F1599E11EA85FBE772940646BF2441F2702992FECC9 |
| db | nsrl_android |
| insert-timestamp | 1728263047.9037433 |
| mimetype | text/x-c |
| source | snap:2V9w8kYOtxYW5wN1bXWwQ1dllTmnzKiS_13 |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| CRC32 | 1C787A64 |
| FileName | librsjni.so |
| FileSize | 72108 |
| MD5 | AC1E67763FCC9D6C1247F7E6EFB4FD2A |
| OpSystemCode | 362 |
| ProductCode | 239152 |
| RDS:package_id | 310389 |
| SHA-1 | 0DADF8BF22BAA6BBD3355C6BC4D24EE5553ADEE5 |
| SHA-256 | 9F5B0B3154AE3689C2527672D3AD77B386A39EC8186637D53E2FA6D23545CABE |
| SSDEEP | 1536:+UOn+hj6o91TYwb/BQZJDiyZXjsyOunsVei/VOmBpXhwA+pWUTNi6nwYQRs5tF2G:vOn+hj6o91TYwb/BQZ1a/VOmBpXhwA+W |
| SpecialCode | |
| TLSH | T14263976B7B049C2BC26DDD3390BDCA1A027F856645E42F267D18460AED861C7FF0793A |
| db | nsrl_android |
| insert-timestamp | 1727066323.457264 |
| source | RDS.db |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| CRC32 | 970FC69A |
| FileName | ./usr/lib/llvm-4.0/lib/clang/4.0.0/include/vecintrin.h |
| FileSize | 291982 |
| KnownMalicious | malshare.com |
| MD5 | A5386E99D70241782396EEF2A2965376 |
| OpSystemCode | 362 |
| ProductCode | 183705 |
| RDS:package_id | 182052 |
| SHA-1 | 0DBEB28AAC1C6A7F90BAE8294A251854C39356A1 |
| SHA-256 | B6B7C53511ADF0173EDE848668E60FA6B50EB8710212B97CC83BA227BFE20366 |
| SSDEEP | 3072:oMTUTbL2C79copUXqHor3uiF+y8SlpnNrqfRz5MOBzX2Tx/t8C5AYlGkc0X/:h |
| SpecialCode | |
| TLSH | T1BC54E4AE5DB4D0B23DBFE20268039A2CE45C09D7A1D97D21B4AF396C2F57051AFAD047 |
| db | nsrl_modern_rds |
| insert-timestamp | 1679424572.2000804 |
| source | RDS.db |
| tar:gname | bin |
| tar:uname | root |