Please login or register.

Login with username, password and session length


SMF - Just Installed!

Author Topic: Android app: Blackmart Alpha [Certified Malware]  (Read 8460 times)

Offline greentara

  • Administrator
  • Veteran
  • *****
  • Posts: 1782
  • Karma: +3/-0
    • My detailed profile
Android app: Blackmart Alpha [Certified Malware]
« on: December 31, 2017, 09:50:41 PM »


"Blackmart Alpha

Blackmart Alpha is a market alternative to the Google Play Store for tablets and smartphones with Android operating system, from Blackmart you can download many applications, without the need to have an account and Google without the need for any kind of registration.
Blackmart Alpha: Functions

This market is very simple to use and offers many features to be able to download many applications.

On this market all applications are available for free download on the market Blackmart there is no application “trial” or “test”, there are only complete applications and free.

The Google Play Store is a very comprehensive market offers a number of applications, but unfortunately on Google Play Store, there are many paid apps and some are not often available for download on select smartphones or tablets even though they might be compatible.

On Blackmart this problem is not there, just download the application and try it, there are no limitations.

Its market is very intuitive and has functions for the custom search application.

Blackmart Alpha: technical prescriptions

Blackmart Alpha is an excellent substitute for the Google Play Store, being in possession of a multi-language selection is suitable for any user of any country.

Blackmart Alpha also has the following features that concernano operation:

  •    extremely easy, since first use
  •    Multilingual option for a global user experience
  •    completely free, without the need for any payment methods
  •    completely full of downloadable applications
  •    fast in downloading and installation of ‘application

Blackmart Alpha contains numerous applications, and you can choose them browsing by category or by searching by a specific department.

Blackmart Alpha is always updated with the latest App published on the web in order to provide all users of the world an experience compatibilitò 360 ° on your Android device.
Blackmart Alpha: Installation

To install this alternative Android Market on Android smartphones and tablets, in most cases need to go to the settings menu, select “unknown sources” and check the box.

In this way the market as an alternative to Google Play Store (Blackmart) can be installed.

This problem in the Android arises when you try to install an application that is not from the original market (Google), so by default the box for “Unknown Sources” is not checked, then it is advisable to dull not to have more problems with the installation of applications from unknown sources such as Blackmart Alpha.
Blackmart Alpha: Information

Blackmart Alpha has many applications, but unlike the Google Play Store fail to appear only the applications that are compatible with your system and model of your smartphone or tablet.

In some cases, applications downloaded from this market alternative to the Google Play Store may not be compatible with your system, therefore you can not run them and use them.

Fortunately, the market Blackmart some applications are available in multiple versions, so if an application is not compatible, it is recommended scaricarne another version and then if you need to upgrade from within the app."

Offline greentara

  • Administrator
  • Veteran
  • *****
  • Posts: 1782
  • Karma: +3/-0
    • My detailed profile
Re: Android app: Blackmart Alpha [Certified Malware]
« Reply #1 on: December 31, 2017, 09:58:20 PM »

SHA256: 56e5e9b1ad9756a442ed037f3d85e204832595bd02a1f5c8fc5ce6a442fb2001
File name:blackmart_apk.apk
Detection ratio: 16 / 62
Analysis date: 2017-12-30 10:10:34 UTC ( 1 day, 3 hours ago )



[th] Antivirus [/th]
[th] Result [/th]
[th] Update [/th]
AegisLab Adwareare.Andr.Airpush.O!c 20171230
Antiy-AVL Trojan/Android.TSGeneric 20171230
Avira (no cloud) ADWARE/ANDR.Airpush.O.Gen 20171229
CAT-QuickHeal Android.Airpush.J (AdWare) 20171230
ClamAV Andr.Malware.Agent-1462989 20171230
Cyren ZIP/Trojan.DNXL-8 20171230
DrWeb Adware.Airpush.31.origin 20171230
ESET-NOD32 a variant of Android/AdDisplay.AirPush.P potentially unwanted 20171230
Fortinet Android/Generic.Z.4732E2!tr 20171230
Ikarus PUA.AndroidOS.AirPush 20171230
McAfee Artemis!82A215E6FE0A 20171230
NANO-Antivirus Trojan.Android.Airpush.eenoit 20171230
Symantec Trojan.Gen.2 20171229
Tencent a.gray.mfpad 20171230
TrendMicro-HouseCall Suspicious_GEN.F47V0912 20171230
WhiteArmor PUP.HighConfidence 20171226
Ad-Aware 20171225
AhnLab-V3 20171230
Alibaba 20171229
ALYac 20171230
Arcabit 20171230
Avast 20171230
Avast-Mobile 20171229
AVG 20171230
AVware 20171230
Baidu 20171227
BitDefender 20171230
Bkav 20171229
CMC 20171229
Comodo 20171230
CrowdStrike Falcon (ML) 20171016
Cybereason None
Cylance 20171230
eGambit 20171230
Emsisoft 20171230
Endgame 20171130
F-Prot 20171230
F-Secure 20171230
GData 20171230
Sophos ML 20170914
Jiangmin 20171230
K7AntiVirus 20171230
K7GW 20171230
Kaspersky 20171230
Kingsoft 20171230
Malwarebytes 20171230
MAX 20171230
McAfee-GW-Edition 20171230
Microsoft 20171230
eScan 20171230
nProtect 20171230
Palo Alto Networks (Known Signatures) 20171230
Panda 20171230
Qihoo-360 20171230
Rising 20171230
SentinelOne (Static ML) 20171224
Sophos AV 20171230
SUPERAntiSpyware 20171230
Symantec Mobile Insight 20171230
TheHacker 20171229
TrendMicro 20171230
Trustlook 20171230
VBA32 20171229
VIPRE 20171230
ViRobot 20171230
Webroot 20171230
Yandex 20171229
Zillya 20171229
ZoneAlarm by Check Point 20171230
Zoner 20171230


 The file being studied is Android related! APK Android file more specifically. The application's main package name is The internal version number of the application is 992083. The displayed version string of the application is The minimum Android API level for the application to run (MinSDKVersion) is 9. The target Android API level for the application to run (TargetSDKVersion) is 22.

 Required permissions
 android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
 android.permission.VIBRATE (control vibrator)
 android.permission.READ_LOGS (read sensitive log data) (Unknown permission from android reference)
 android.permission.ACCESS_NETWORK_STATE (view network status)
 android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
 android.permission.WAKE_LOCK (prevent phone from sleeping)
 android.permission.GET_TASKS (retrieve running applications)
 android.permission.INTERNET (full Internet access) (C2DM permission.)
 android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
 android.permission.GET_ACCOUNTS (discover known accounts)





Activity-related intent filters
 actions: android.intent.action.SEARCH
 actions: android.intent.action.MAIN
 categories: android.intent.category.LAUNCHER
 Receiver-related intent filters
 actions: android.intent.action.BOOT_COMPLETED, android.intent.action.USER_PRESENT
 actions: android.intent.action.PACKAGE_ADDED, android.intent.action.PACKAGE_REMOVED, android.intent.action.PACKAGE_CHANGED, android.intent.action.PACKAGE_REPLACED
 actions: com.parse.push.intent.RECEIVE, com.parse.push.intent.DELETE, com.parse.push.intent.OPEN
 Application certificate information
Subject DN: C:RU, OU:blackmart, L:Moscow, O:blackmart, CN:blackmart C: RU CN: blackmart L: Moscow O: blackmart OU: blackmart validto: 11:17 PM 03/02/2036 serialnumber: 4d780a74 thumbprint: 12b34fb432092d9b8187aae7ab93b812af18ac10 validfrom: 11:17 PM 03/09/2011 Issuer DN: C:RU, OU:blackmart, L:Moscow, O:blackmart, CN:blackmart C: RU CN: blackmart L: Moscow O: blackmart OU: blackmart
 Interesting strings
http:// http://hostname/?
 The file being studied is a compressed stream! Details about the compressed contents follow.
 Contained files
 This file is a compressed stream containing 912 files.
  • res/color-v11/primary_text_holo_dark.xml[/url] XML 976 Bytes   
  • res/color-v11/primary_text_holo_light.xml[/url] XML 976 Bytes   
  • res/color-v11/primary_text_light_nodisable.xml[/url] XML 596 Bytes   
  • res/color-v11/primary_text_nodisable_holo_dark.xml[/url] XML 596 Bytes   
  • res/color-v11/primary_text_nodisable_holo_light.xml[/url] XML 596 Bytes   
  • res/color-v11/secondary_text_holo_dark.xml[/url] XML 1336 Bytes   
  • res/color-v11/secondary_text_holo_light.xml[/url] XML 1336 Bytes   
  • res/color-v11/secondary_text_nodisable_holo_dark.xml[/url] XML 596 Bytes   
  • res/color-v11/secondary_text_nodisable_holo_light.xml[/url] XML 596 Bytes   
  • res/drawable-hdpi-v11/ic_stat_notification.png[/url] PNG 677 Bytes   
     Compression metadata
    Contained files
    Uncompressed size
    Highest datetime
    2016-02-04 05:21:10
    Lowest datetime
    2016-02-04 05:18:56
     Contained files by extension
     Contained files by type

     Compressed bundles
     This file was also submitted to VirusTotal in the following compressed file bundles.
     [url=] 099639145c314fbda3bf2290a33f6389b4f96ebd2f6c8efb056d72e0147f24dc [/url]
     [url=] 129b05d52bc5c4fa8a64a58e940135877c2ebd3994b859e586a62fc6d0320dd2 [/url]
     [url=] 2d3885bf51b7313d08efedc44c18817426f7791d2b03e3c1baf9d2989fd330a8 [/url]
     [url=] 3323bb5cfe5f5122675197b99e4d229ccbcf9f02bacc6133e15787acc9dec886 [/url]
     [url=] 3d49997b31ac442a51e52d5f50cea0e3453e02b86c947774bcd61ff4856186bb [/url]
     [url=] 6523e78b8a6dbe98161b619aa59182e1c43fe2d8b46d13d01ec65ce6441ee5a2 [/url]
     [url=] 65dffbaf0078207f3f8ce2cf6d0ddeaa651412ddf96ec447c7b7d5b1b635fce2 [/url]
     [url=] 67011caa39d9339e7ddea58fd04fca448f0d611bbaf6d4c7c4421e250e1679e0 [/url]
     [url=] 6b468484501dc433695b680bec2872c3eb1f5c4031d0ed311b89671e00355d75 [/url]
     [url=] 7225feb2de36f0db644c5c7e8df67e38bf8174632162402ed31040a7a651053d [/url]
     [url=] 75190c2d350fa50cb8d416dafd1cc9d5fdd522c787ae2d99d1f4337b1f6801cc [/url]
     [url=] 7a0f67bd1a612400cea038e9c96f7d44f123eb870220197788f87df1367719fd [/url]
     [url=] 807c539035632ecb0da56ae12b2cb3a2e01b5c82628e8fe6b70a3cf49873ef80 [/url]
     [url=] 8ab7b125972226e399131f18d894efe3e2cf3f7afc3695a595c4681010d18118 [/url]
     [url=] 8e93a266a2b65afc52ec6fe92c6b4f38d7b61574da94bfcdd12954c2d100b9cf [/url]
     [url=] 9596cc3497ee4a28a7264182d11a68671cd4959e3af61eeb60b247411e4f89bc [/url]
     [url=] afacebb05dca0a5f7d2fa82d79db3d67c23b3a946c03623ba85e9bb6305597b7 [/url]
     [url=] cab040cd4dd4c7e64c7858a5ad3611814d60517335eb66b57d5b4d93c609d9af [/url]
     [url=] f3174ad18a7eff124ac07d2dd144587c6278e104cdea8e7b11436dcfb88052ee [/url]
     [url=] f3273bc00e86f9e4a07acaa6e9c10194f7d9365178063c393b150b0121135710[/url]

     File identification
     MD5 82a215e6fe0a66acbd3de7517a0c0d93
     SHA1 5181f29516fbf4e9d260e5295e11c448271c1da8
     SHA256 56e5e9b1ad9756a442ed037f3d85e204832595bd02a1f5c8fc5ce6a442fb2001
     File size 3.9 MB ( 4078403 bytes )
     File type Android
    Magic literal
    Zip archive data, at least v2.0 to extract
    TrID Android Package (73.9%)
     Java Archive (20.4%)
     ZIP compressed archive (5.6%)

     apk android via-tor
     VirusTotal metadata
     First submission 2016-02-04 03:33:09 UTC ( 1 year, 11 months ago )
     Last submission 2017-12-30 10:10:34 UTC ( 1 day, 3 hours ago )
    File names Blackmart.market_v0.99.2.83B-992083_Android-2.3.apk
     blackmart_apk (1).apk
     Blackmart Atualizado (Favela Tutoriais).apk

     Started receivers
     Opened files
     Accessed files
     Contacted URLs