Main > International Scams
Android app: Blackmart Alpha [Certified Malware]
(1/1)
greentara:
Source: http://www.blackmart.us/comment-page-24/#comment-75778
"Blackmart Alpha
Blackmart Alpha is a market alternative to the Google Play Store for tablets and smartphones with Android operating system, from Blackmart you can download many applications, without the need to have an account and Google without the need for any kind of registration.
Blackmart Alpha: Functions
This market is very simple to use and offers many features to be able to download many applications.
On this market all applications are available for free download on the market Blackmart there is no application “trial” or “test”, there are only complete applications and free.
The Google Play Store is a very comprehensive market offers a number of applications, but unfortunately on Google Play Store, there are many paid apps and some are not often available for download on select smartphones or tablets even though they might be compatible.
On Blackmart this problem is not there, just download the application and try it, there are no limitations.
Its market is very intuitive and has functions for the custom search application.
Blackmart Alpha: technical prescriptions
Blackmart Alpha is an excellent substitute for the Google Play Store, being in possession of a multi-language selection is suitable for any user of any country.
Blackmart Alpha also has the following features that concernano operation:
* extremely easy, since first use
* Multilingual option for a global user experience
* completely free, without the need for any payment methods
* completely full of downloadable applications
* fast in downloading and installation of ‘application
Blackmart Alpha contains numerous applications, and you can choose them browsing by category or by searching by a specific department.
Blackmart Alpha is always updated with the latest App published on the web in order to provide all users of the world an experience compatibilitò 360 ° on your Android device.
Blackmart Alpha: Installation
To install this alternative Android Market on Android smartphones and tablets, in most cases need to go to the settings menu, select “unknown sources” and check the box.
In this way the market as an alternative to Google Play Store (Blackmart) can be installed.
This problem in the Android arises when you try to install an application that is not from the original market (Google), so by default the box for “Unknown Sources” is not checked, then it is advisable to dull not to have more problems with the installation of applications from unknown sources such as Blackmart Alpha.
Blackmart Alpha: Information
Blackmart Alpha has many applications, but unlike the Google Play Store fail to appear only the applications that are compatible with your system and model of your smartphone or tablet.
In some cases, applications downloaded from this market alternative to the Google Play Store may not be compatible with your system, therefore you can not run them and use them.
Fortunately, the market Blackmart some applications are available in multiple versions, so if an application is not compatible, it is recommended scaricarne another version and then if you need to upgrade from within the app."
greentara:
Source: https://www.virustotal.com/en/file/56e5e9b1ad9756a442ed037f3d85e204832595bd02a1f5c8fc5ce6a442fb2001/analysis/
SHA256: 56e5e9b1ad9756a442ed037f3d85e204832595bd02a1f5c8fc5ce6a442fb2001 File name:blackmart_apk.apkDetection ratio: 16 / 62 Analysis date: 2017-12-30 10:10:34 UTC ( 1 day, 3 hours ago )
[th] Antivirus [/th]
[th] Result [/th]
[th] Update [/th]
AegisLab Adwareare.Andr.Airpush.O!c 20171230 Antiy-AVL Trojan/Android.TSGeneric 20171230 Avira (no cloud) ADWARE/ANDR.Airpush.O.Gen 20171229 CAT-QuickHeal Android.Airpush.J (AdWare) 20171230 ClamAV Andr.Malware.Agent-1462989 20171230 Cyren ZIP/Trojan.DNXL-8 20171230 DrWeb Adware.Airpush.31.origin 20171230 ESET-NOD32 a variant of Android/AdDisplay.AirPush.P potentially unwanted 20171230 Fortinet Android/Generic.Z.4732E2!tr 20171230 Ikarus PUA.AndroidOS.AirPush 20171230 McAfee Artemis!82A215E6FE0A 20171230 NANO-Antivirus Trojan.Android.Airpush.eenoit 20171230 Symantec Trojan.Gen.2 20171229 Tencent a.gray.mfpad 20171230 TrendMicro-HouseCall Suspicious_GEN.F47V0912 20171230 WhiteArmor PUP.HighConfidence 20171226 Ad-Aware 20171225 AhnLab-V3 20171230 Alibaba 20171229 ALYac 20171230 Arcabit 20171230 Avast 20171230 Avast-Mobile 20171229 AVG 20171230 AVware 20171230 Baidu 20171227 BitDefender 20171230 Bkav 20171229 CMC 20171229 Comodo 20171230 CrowdStrike Falcon (ML) 20171016 Cybereason None Cylance 20171230 eGambit 20171230 Emsisoft 20171230 Endgame 20171130 F-Prot 20171230 F-Secure 20171230 GData 20171230 Sophos ML 20170914 Jiangmin 20171230 K7AntiVirus 20171230 K7GW 20171230 Kaspersky 20171230 Kingsoft 20171230 Malwarebytes 20171230 MAX 20171230 McAfee-GW-Edition 20171230 Microsoft 20171230 eScan 20171230 nProtect 20171230 Palo Alto Networks (Known Signatures) 20171230 Panda 20171230 Qihoo-360 20171230 Rising 20171230 SentinelOne (Static ML) 20171224 Sophos AV 20171230 SUPERAntiSpyware 20171230 Symantec Mobile Insight 20171230 TheHacker 20171229 TrendMicro 20171230 Trustlook 20171230 VBA32 20171229 VIPRE 20171230 ViRobot 20171230 Webroot 20171230 Yandex 20171229 Zillya 20171229 ZoneAlarm by Check Point 20171230 Zoner 20171230
The file being studied is Android related! APK Android file more specifically. The application's main package name is org.blackmart.market. The internal version number of the application is 992083. The displayed version string of the application is 0.99.2.83B. The minimum Android API level for the application to run (MinSDKVersion) is 9. The target Android API level for the application to run (TargetSDKVersion) is 22.
Required permissions
android.permission.ACCESS_FINE_LOCATION (fine (GPS) location)
android.permission.VIBRATE (control vibrator)
android.permission.READ_LOGS (read sensitive log data)
com.google.android.c2dm.permission.RECEIVE (Unknown permission from android reference)
android.permission.ACCESS_NETWORK_STATE (view network status)
android.permission.ACCESS_COARSE_LOCATION (coarse (network-based) location)
android.permission.WAKE_LOCK (prevent phone from sleeping)
android.permission.GET_TASKS (retrieve running applications)
android.permission.INTERNET (full Internet access)
org.blackmart.market.permission.C2D_MESSAGE (C2DM permission.)
android.permission.WRITE_EXTERNAL_STORAGE (modify/delete SD card contents)
android.permission.GET_ACCOUNTS (discover known accounts)
Activities
org.blackmart.market.ui.HomeActivity
org.blackmart.market.ui.ApkInfoActivity
org.blackmart.market.ui.ApkListActivity
org.blackmart.market.ui.ScreenShotActivity
org.blackmart.market.ui.ApkSearchActivity
org.blackmart.market.ui.SortModeActivity
org.blackmart.market.ui.SettingsActivity
org.blackmart.market.ui.DeviceActivity
org.blackmart.market.ui.AboutActivity
com.pzdpnt.ykpgmp230391.AdActivity
com.pzdpnt.ykpgmp230391.BrowserActivity
tiny.lib.log.ui.CrashReportActivity
com.google.android.gms.ads.AdActivity
com.google.android.gms.ads.purchase.InAppPurchaseActivity
Services
org.blackmart.market.util.components.BlackmartService
com.parse.PushService
Receivers
org.blackmart.market.util.components.ActionsReceiver
com.parse.ParseBroadcastReceiver
com.parse.GcmBroadcastReceiver
com.parse.ParsePushBroadcastReceiver
Providers
org.blackmart.market.util.components.ApkSearchRecentSuggestionsProvider
Activity-related intent filters
org.blackmart.market.ui.ApkSearchActivity
actions: android.intent.action.SEARCH
org.blackmart.market.ui.HomeActivity
actions: android.intent.action.MAIN
categories: android.intent.category.LAUNCHER
Receiver-related intent filters
com.parse.GcmBroadcastReceiver
actions: com.google.android.c2dm.intent.RECEIVE, com.google.android.c2dm.intent.REGISTRATION
categories: org.blackmart.market
com.parse.ParseBroadcastReceiver
actions: android.intent.action.BOOT_COMPLETED, android.intent.action.USER_PRESENT
org.blackmart.market.util.components.ActionsReceiver
actions: android.intent.action.PACKAGE_ADDED, android.intent.action.PACKAGE_REMOVED, android.intent.action.PACKAGE_CHANGED, android.intent.action.PACKAGE_REPLACED
com.parse.ParsePushBroadcastReceiver
actions: com.parse.push.intent.RECEIVE, com.parse.push.intent.DELETE, com.parse.push.intent.OPEN
Application certificate information
Subject DN: C:RU, OU:blackmart, L:Moscow, O:blackmart, CN:blackmart C: RU CN: blackmart L: Moscow O: blackmart OU: blackmart validto: 11:17 PM 03/02/2036 serialnumber: 4d780a74 thumbprint: 12b34fb432092d9b8187aae7ab93b812af18ac10 validfrom: 11:17 PM 03/09/2011 Issuer DN: C:RU, OU:blackmart, L:Moscow, O:blackmart, CN:blackmart C: RU CN: blackmart L: Moscow O: blackmart OU: blackmart
Interesting strings
http:// http://hostname/? http://market.android.com http://market.b3er.org/blackmart/upload2 http://play.google.com/store/ http://plus.google.com/ http://schema.org/ActivateAction http://schema.org/ActiveActionStatus http://schema.org/AddAction http://schema.org/BookmarkAction http://schema.org/CommunicateAction http://schema.org/CompletedActionStatus http://schema.org/FailedActionStatus http://schema.org/FilmAction http://schema.org/LikeAction http://schema.org/ListenAction http://schema.org/PhotographAction http://schema.org/ReserveAction http://schema.org/SearchAction http://schema.org/ViewAction http://schema.org/WantAction http://schema.org/WatchAction http://schemas.android.com/apk/res/android http://www.google-analytics.com http://www.google.com https://accounts.google.com https://api.parse.com/1/ https://csi.gstatic.com/csi https://e.crashlytics.com/spi/v2/events https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/mraid/v2/mraid_app_banner.js https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/mraid/v2/mraid_app_expanded_banner.js https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/mraid/v2/mraid_app_interstitial.js https://googleads.g.doubleclick.net/mads/static/mad/sdk/native/sdk-core-v40.html https://login.live.com https://login.yahoo.com https://market.android.com https://market.android.com/details?id= https://play.google.com/store/ https://settings.crashlytics.com/spi/v2/platforms/android/apps/%s/settings https://ssl.google-analytics.com https://twitter.com https://www.facebook.com https://www.google-analytics.com https://www.googleapis.com/auth/appstate https://www.googleapis.com/auth/datastoremobile https://www.googleapis.com/auth/drive.appdata https://www.googleapis.com/auth/drive.file https://www.googleapis.com/auth/fitness.activity.read https://www.googleapis.com/auth/fitness.activity.write https://www.googleapis.com/auth/fitness.body.read https://www.googleapis.com/auth/fitness.body.write https://www.googleapis.com/auth/fitness.location.read https://www.googleapis.com/auth/fitness.location.write https://www.googleapis.com/auth/fitness.nutrition.read https://www.googleapis.com/auth/fitness.nutrition.write https://www.googleapis.com/auth/games https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/plus.moments.write https://www.googletagmanager.com https://www.linkedin.com https://www.paypal.com
The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
This file is a compressed stream containing 912 files.
[+] res/color-v11/primary_text_holo_dark.xml XML 976 Bytes
[+] res/color-v11/primary_text_holo_light.xml XML 976 Bytes
[+] res/color-v11/primary_text_light_nodisable.xml XML 596 Bytes
[+] res/color-v11/primary_text_nodisable_holo_dark.xml XML 596 Bytes
[+] res/color-v11/primary_text_nodisable_holo_light.xml XML 596 Bytes
[+] res/color-v11/secondary_text_holo_dark.xml XML 1336 Bytes
[+] res/color-v11/secondary_text_holo_light.xml XML 1336 Bytes
[+] res/color-v11/secondary_text_nodisable_holo_dark.xml XML 596 Bytes
[+] res/color-v11/secondary_text_nodisable_holo_light.xml XML 596 Bytes
[+] res/drawable-hdpi-v11/ic_stat_notification.png PNG 677 Bytes
Compression metadata
Contained files
912
Uncompressed size
6996391
Highest datetime
2016-02-04 05:21:10
Lowest datetime
2016-02-04 05:18:56
Contained files by extension
png
725
xml
171
dex
1
MF
1
RSA
1
SF
1
Contained files by type
PNG
725
XML
171
unknown
12
HTML
3
DEX
1
Compressed bundles
This file was also submitted to VirusTotal in the following compressed file bundles.
099639145c314fbda3bf2290a33f6389b4f96ebd2f6c8efb056d72e0147f24dc
129b05d52bc5c4fa8a64a58e940135877c2ebd3994b859e586a62fc6d0320dd2
2d3885bf51b7313d08efedc44c18817426f7791d2b03e3c1baf9d2989fd330a8
3323bb5cfe5f5122675197b99e4d229ccbcf9f02bacc6133e15787acc9dec886
3d49997b31ac442a51e52d5f50cea0e3453e02b86c947774bcd61ff4856186bb
6523e78b8a6dbe98161b619aa59182e1c43fe2d8b46d13d01ec65ce6441ee5a2
65dffbaf0078207f3f8ce2cf6d0ddeaa651412ddf96ec447c7b7d5b1b635fce2
67011caa39d9339e7ddea58fd04fca448f0d611bbaf6d4c7c4421e250e1679e0
6b468484501dc433695b680bec2872c3eb1f5c4031d0ed311b89671e00355d75
7225feb2de36f0db644c5c7e8df67e38bf8174632162402ed31040a7a651053d
75190c2d350fa50cb8d416dafd1cc9d5fdd522c787ae2d99d1f4337b1f6801cc
7a0f67bd1a612400cea038e9c96f7d44f123eb870220197788f87df1367719fd
807c539035632ecb0da56ae12b2cb3a2e01b5c82628e8fe6b70a3cf49873ef80
8ab7b125972226e399131f18d894efe3e2cf3f7afc3695a595c4681010d18118
8e93a266a2b65afc52ec6fe92c6b4f38d7b61574da94bfcdd12954c2d100b9cf
9596cc3497ee4a28a7264182d11a68671cd4959e3af61eeb60b247411e4f89bc
afacebb05dca0a5f7d2fa82d79db3d67c23b3a946c03623ba85e9bb6305597b7
cab040cd4dd4c7e64c7858a5ad3611814d60517335eb66b57d5b4d93c609d9af
f3174ad18a7eff124ac07d2dd144587c6278e104cdea8e7b11436dcfb88052ee
f3273bc00e86f9e4a07acaa6e9c10194f7d9365178063c393b150b0121135710
File identification
MD5 82a215e6fe0a66acbd3de7517a0c0d93
SHA1 5181f29516fbf4e9d260e5295e11c448271c1da8
SHA256 56e5e9b1ad9756a442ed037f3d85e204832595bd02a1f5c8fc5ce6a442fb2001
ssdeep
98304:OPjWp610H5HYHKyydm8JNGyoJmtkX8Qdjyw5zTJpO8KZnwUZD5+7UMCpWNhpq2re:j6My2MsQz5zTJp7byFx73
File size 3.9 MB ( 4078403 bytes )
File type Android
Magic literal
Zip archive data, at least v2.0 to extract
TrID Android Package (73.9%)
Java Archive (20.4%)
ZIP compressed archive (5.6%)
Tags
apk android via-tor
VirusTotal metadata
First submission 2016-02-04 03:33:09 UTC ( 1 year, 11 months ago )
Last submission 2017-12-30 10:10:34 UTC ( 1 day, 3 hours ago )
File names Blackmart.market_v0.99.2.83B-992083_Android-2.3.apk
blackmart_apk.apk
blackmart_apk.apk
tmp_10706-blackmart_apk-504586237.apk
blackmart.apk
tmp_23672-blackmart_apk-1010268415.apk
tmp_5227-org.blackmart.market_v0.99.2.83B-992083_Android-2.31875900308.apk
blackmart_apk[1].apk
blackmart.market_992083.apk
550900
140515052.apk
Black Market_mod-apps.com.apk
tmp_17789-blackmart_apk663375324.apk
roi1465113283.apk
black_mart.apk
tmp_16654-blackmart_apk-2027855909.apk
blackmart_apk (1).apk
Blackmart Atualizado (Favela Tutoriais).apk
black_mart(1).apk
1818270.apk
tmp_14954-blackmart_apk(2)547968605.apk
205808809.apk
blackmart_apk.apk
tmp_14541-blackmart_apk1462954719.apk
tmp_21177-blackmart_apk-1659452053.apk
Started receivers
android.intent.action.BATTERY_CHANGED
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED
android.net.conn.CONNECTIVITY_CHANGE
Opened files
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/507455E80145-0001-05DC-F7A764CD01B4BeginSession.cls
/data/data/org.blackmart.market/cache/com.parse
/data/data/org.blackmart.market/app_Parse/CommandCache
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/log-files
/data/data/org.blackmart.market/cache
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/507455E80145-0001-05DC-F7A764CD01B4SessionOS.cls_temp
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/507455E80145-0001-05DC-F7A764CD01B4SessionDevice.cls_temp
/data/data/org.blackmart.market/app_Parse/installationId
/data/data/org.blackmart.market/cache/68466295162
/data
Accessed files
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/initialization_marker
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/crash_marker
/data/data/org.blackmart.market/cache/com.parse
/data/data/org.blackmart.market/cache/com.parse/applicationId
/data/data/org.blackmart.market/app_Parse
/proc/meminfo
/system/app/Superuser.apk
/system/xbin/su
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/log-files
/data/data/org.blackmart.market/app_Parse/currentUser
/data/data/org.blackmart.market/app_Parse/currentConfig
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/invalidClsFiles
/data/data/org.blackmart.market/app_Parse/currentInstallation
/data/data/org.blackmart.market/app_Parse/installationId
/data/data/org.blackmart.market/cache/68466295162
/data/data/org.blackmart.market/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/log-files/crashlytics-userlog-507455E80145-0001-05DC-F7A764CD01B4.temp
Contacted URLs
https://api.parse.com/1/classes/_Installation
7B226170704E616D65223A22426C61636B6D617274222C2261707056657273696F6E223A22302E39392E322E383342222C2264657669636554797065223A22616E64726F6964222C226170704964656E746966696572223A226F72672E626C61636B6D6172742E6D61726B6574222C22696E7374616C6C6174696F6E4964223A2231383364336639632D346330622D343864362D383461662D656262353566393433643362222C2274696D655A6F6E65223A224575726F70655C2F4D6164726964222C226C6F63616C654964656E746966696572223A22656E2D5553222C22706172736556657273696F6E223A22312E31332E30227D
https://settings.crashlytics.com/spi/v2/platforms/android/apps/org.blackmart.market/settings?instance=5ee0835455d675763017e34adf563b7dcb0f1c34&source=1&build_version=992083&icon_hash=9510cea39b203e0d3d691be8274d03feffb3918b&display_version=0.99.2.83B
Navigation
[0] Message Index
Go to full version