Dexofuzzy: Android malware similarity clustering method using opcode sequence
Common Information
| Type | Value |
|---|---|
| UUID | 5df1f3d0-a663-4154-a129-8d9a64a08255 |
| Fingerprint | 8a7090abb960b84f06b9f7c85f6adc6f37a69b2812a57b3a1c75187c18232ede |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Nov. 4, 2019, 4 p.m. |
| Added to db | April 18, 2024, 10:32 a.m. |
| Last updated | Aug. 31, 2024, 1:15 a.m. |
| Headline | Dexofuzzy: Android malware similarity clustering method using opcode sequence |
| Title | Dexofuzzy: Android malware similarity clustering method using opcode sequence |
| Detected Hints/Tags/Attributes | 150/4/230 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Url | 1 | http://www.welivesecurity.com/2016/08/24/fi |
|
| Details | Url | 1 | https://citizenlab.ca/2016/08/group5-syria/. |
|
| Details | Url | 1 | http://researchcenter.paloaltonetworks.com/2016/07/unit42-spynote-android- |
|
| Details | Url | 1 | https://www.proofpoint.com/us/threat-insight/post/droidjack-uses-side-load-backdoored-pokemon-go-android-app. |
|
| Details | Url | 1 | http://blog.checkpoint.com/wp-content/uploads/2016/07/hummingbad-research-report_ |
|
| Details | Url | 1 | https://blogs.mcafee.com/mcafee-labs/android-malware-clicker- |
|
| Details | Url | 20 | http://blog.trendmicro.com |
|
| Details | Url | 1 | http://researchcenter.paloaltonetworks.com/2016/02/new-android-trojan-xbot-phishes-credit-cards-and-bank-accounts- |
|
| Details | Url | 1 | http://www.symantec.com/connect/blogs/androidbankosy-all-ears- |
|
| Details | Url | 1 | http://news.drweb.com |
|
| Details | Url | 23 | http://blog.trendmicro.com/trendlabs- |
|
| Details | Url | 1 | http://researchcenter.paloaltonetworks.com/2015/10 |
|
| Details | Url | 1 | https://www.cert.pl/wp-content/uploads/2015/12/the_postal_group.pdf |
|
| Details | Url | 17 | https://www.fi |
|
| Details | Url | 1 | http://blog.trendmicro.com/trendlabs-security-intelligence/new-ghost-push-variants-sport-guard-code-malware-creator- |
|
| Details | Url | 1 | http://www.welivesecurity.com/2015/09/22/android-trojan-drops-in- |
|
| Details | Url | 1 | https://www.fortinet.com/blog/threat-research/locker-an-android- |
|
| Details | Url | 1 | http://www.welivesecurity.com/2015/07/23/porn-clicker-keeps- |
|
| Details | Url | 1 | https://www.paloaltonetworks.com/content/dam/paloaltonetworks-com/en_us |
|
| Details | Domain | 247 | www.virusbulletin.com |
|
| Details | Domain | 4 | ssdeep.compare |
|
| Details | Domain | 69 | trojan.android |
|
| Details | Domain | 403 | securelist.com |
|
| Details | Domain | 12 | www.gdatasoftware.com |
|
| Details | Domain | 604 | www.trendmicro.com |
|
| Details | Domain | 71 | blogs.jpcert.or.jp |
|
| Details | Domain | 45 | source.android.com |
|
| Details | Domain | 23 | www.intezer.com |
|
| Details | Domain | 9 | ibotpeaches.github.io |
|
| Details | Domain | 37 | blog.alyac.co.kr |
|
| Details | Domain | 4127 | github.com |
|
| Details | Domain | 43 | pypi.org |
|
| Details | Domain | 20 | ti.360.net |
|
| Details | Domain | 261 | blog.talosintelligence.com |
|
| Details | Domain | 3 | securitywithoutborders.org |
|
| Details | Domain | 177 | blog.trendmicro.com |
|
| Details | Domain | 262 | www.welivesecurity.com |
|
| Details | Domain | 144 | www.fortinet.com |
|
| Details | Domain | 71 | news.sophos.com |
|
| Details | Domain | 57 | www.clearskysec.com |
|
| Details | Domain | 132 | www.sophos.com |
|
| Details | Domain | 24 | researchcenter.paloaltonetworks.com |
|
| Details | Domain | 53 | blog.avast.com |
|
| Details | Domain | 33 | blog.fortinet.com |
|
| Details | Domain | 28 | securingtomorrow.mcafee.com |
|
| Details | Domain | 224 | unit42.paloaltonetworks.com |
|
| Details | Domain | 20 | checkpoint.com |
|
| Details | Domain | 251 | www.bleepingcomputer.com |
|
| Details | Domain | 60 | documents.trendmicro.com |
|
| Details | Domain | 27 | f5.com |
|
| Details | Domain | 79 | blog.checkpoint.com |
|
| Details | Domain | 1 | blog.comodo.com |
|
| Details | Domain | 1 | rednaga.io |
|
| Details | Domain | 216 | www.symantec.com |
|
| Details | Domain | 23 | www.forcepoint.com |
|
| Details | Domain | 2 | cyberkov.com |
|
| Details | Domain | 15 | blog.lookout.com |
|
| Details | Domain | 67 | citizenlab.ca |
|
| Details | Domain | 14 | blogs.mcafee.com |
|
| Details | Domain | 21 | news.drweb.com |
|
| Details | Domain | 28 | www.cert.pl |
|
| Details | Domain | 22 | reeye.com |
|
| Details | Domain | 34 | www.paloaltonetworks.com |
|
| Details | File | 172 | androidmanifest.xml |
|
| Details | File | 1 | mal-a988.html |
|
| Details | File | 1 | gustuff-targets-australia.html |
|
| Details | File | 2 | exodus.html |
|
| Details | File | 1 | gplayerbanker.html |
|
| Details | File | 1 | spyware.html |
|
| Details | File | 1 | sophos-coinminer-and-other-malicious-cryptominers-tpna.aspx |
|
| Details | File | 1 | investigation-unearths-kevdroid.html |
|
| Details | File | 1 | copycat-research-report.pdf |
|
| Details | File | 1 | analyzing-xavier-an-information-stealing-ad-library-on-android.pdf |
|
| Details | File | 1 | gooligan-research-report.pdf |
|
| Details | File | 1 | hunting-libyan-scorpions-en.pdf |
|
| Details | File | 1 | final-62916.pdf |
|
| Details | File | 141 | www.cer |
|
| Details | File | 38 | t.pl |
|
| Details | File | 1 | the_postal_group.pdf |
|
| Details | File | 1 | kemoge_another_mobi.html |
|
| Details | File | 1 | ransomware-full-of-surprises.html |
|
| Details | File | 1 | unit42-cool-reaper.pdf |
|
| Details | Github username | 1 | estsecurity |
|
| Details | md5 | 1 | 20a274cbc057bd2035961af97724b70c |
|
| Details | md5 | 1 | 11ac1b71368f35f20b3edcc108779ec0 |
|
| Details | md5 | 1 | 57b318d68307ad2d4eb7c875e5e254cf |
|
| Details | md5 | 1 | 7b04fb5f405661805439dc4cb5d27d66 |
|
| Details | md5 | 1 | 8b38b9f15fe4f04dc01334ea72f365a8 |
|
| Details | md5 | 1 | 3a7eeac01632016b7a4509b267a4b4bb |
|
| Details | md5 | 1 | 9dfa20544e7694e50f63d298db0e4718 |
|
| Details | md5 | 1 | aecf1472bd8a061fd0fdd0722b841ee0 |
|
| Details | md5 | 1 | c919f72a8a0a64edd6a68dfe20e6bb36 |
|
| Details | md5 | 1 | 78c2444fe15a8e58c629076781d9442a |
|
| Details | md5 | 1 | 140687aa4d4fc70175c7df1d737d5515 |
|
| Details | md5 | 1 | c918c977d48855d115527eddde7dbc99 |
|
| Details | md5 | 1 | f741d7f608a826e96d06a549602b1ce2 |
|
| Details | md5 | 1 | 530bd6c95c3a79c04f49880a44c348db |
|
| Details | md5 | 1 | a13126ed31b3a7982133ff57e6f9676d |
|
| Details | md5 | 1 | 659909c20269c630372eac4878e679ca |
|
| Details | md5 | 1 | 73415fbf16952894e0620b40766d9e2f |
|
| Details | md5 | 1 | a765d2829b80d812b321c663d8d8320e |
|
| Details | md5 | 1 | c18f39c4b09e542926d728195b88e418 |
|
| Details | md5 | 1 | c36475ede88631a74f046bd2d4c96405 |
|
| Details | md5 | 1 | ef161923c7a6f99d134467ca21e34410 |
|
| Details | md5 | 1 | fffb8d51838af6bb742e84b8b16239bb |
|
| Details | md5 | 1 | 642bef4824d549ac56520657a1868913 |
|
| Details | md5 | 1 | a0f776e61cf4ddc55c28051583fbb28e |
|
| Details | md5 | 1 | e24a0d6b17a9dbf0456bbf4bb93adb25 |
|
| Details | md5 | 1 | 766055b991805fe8ef0a1c96643a98a1 |
|
| Details | md5 | 1 | 11ba93d968bd96e9e9c9418ea1fdcbbc |
|
| Details | md5 | 1 | af046d94f254a3f85a0ba731562a05c5 |
|
| Details | md5 | 1 | ce59958c01e437f4bdc68b4896222b8e |
|
| Details | md5 | 1 | dfd2eca84919418da2fa617fc51e9de5 |
|
| Details | md5 | 1 | 8ebeb3f91cda8e985a9c61beb8cdde9d |
|
| Details | md5 | 1 | 93ebc337c5fe4794d33df155986a284d |
|
| Details | md5 | 1 | 56b1f4800fa0e083caf0526c3de26059 |
|
| Details | md5 | 1 | d6abaa07f7e525153116c98412115b2e |
|
| Details | md5 | 1 | 9d23f7688a82d487a8bb87df19cb2426 |
|
| Details | md5 | 1 | 34be73f9fdccc152530f2d6cc26cc640 |
|
| Details | md5 | 1 | 356f50c4202d6e96462484004d06f25e |
|
| Details | md5 | 1 | 6a5f850d5f6a319bba2326a7e015dc97 |
|
| Details | md5 | 1 | 7399e38c0729c122d02a6085391cbb5a |
|
| Details | md5 | 1 | a6c6daed941a33248c5232a4507ee726 |
|
| Details | md5 | 1 | 3f13c5c6de3139ecf86120df58cc4b53 |
|
| Details | md5 | 1 | 0c67d0919e574a6876c73118260368ee |
|
| Details | md5 | 1 | 162cb09e2eebd595eae2617cd3af1d0d |
|
| Details | md5 | 1 | 1be29a6622543f6f5063eda1d83a4e49 |
|
| Details | md5 | 1 | 7cd86d83d916dbd9b04d0e7e4f9ff6e8 |
|
| Details | md5 | 1 | abaf6cb1972d55702b559725983e134a |
|
| Details | md5 | 1 | b36a751d72e2bdea80e7ff72b6fb3a41 |
|
| Details | md5 | 1 | bf6dc2f78baed212f6aa4268da086e09 |
|
| Details | md5 | 1 | cec85188308644273332d00d633ab875 |
|
| Details | md5 | 1 | 5b446ec92f1cf0a2a06fbe66a95a6c89 |
|
| Details | md5 | 1 | d7b8e2001ea50c008a6ed068cdbb716c |
|
| Details | md5 | 1 | ef835c570bed7d36b8a935a6b7d85b8a |
|
| Details | md5 | 1 | eda506a6c01c3c7e149ebaebcf929c40 |
|
| Details | md5 | 1 | 62ca1a7b1d90d2af1f7f166ec2f5167f |
|
| Details | md5 | 1 | 7158222d72465a7ee9c3616582e0ee00 |
|
| Details | md5 | 1 | b5103298638ec324923422559d3ace55 |
|
| Details | md5 | 1 | ea6ef49be139f6180b14f2dd007c8349 |
|
| Details | md5 | 1 | 5f512bf1f51141d4201dcfe819dc2165 |
|
| Details | md5 | 1 | 8b453869402743b3f2b88163d6cf1b32 |
|
| Details | md5 | 1 | 0cc5d5436d7ff42886b74e89cf6f7047 |
|
| Details | md5 | 1 | 15be23d3724fafaa16c7e68f1f6466f6 |
|
| Details | md5 | 1 | 2e3990fd4af3ea26066a7180b24bb435 |
|
| Details | md5 | 1 | 3d0f8954e8324ac0143bd1a10723538a |
|
| Details | md5 | 1 | 4c635fcce49743de86d8f9cc58d2de8b |
|
| Details | md5 | 1 | 5ee2367fa2c4f8dc79a9d466148b3819 |
|
| Details | md5 | 1 | 69e30a40e68d85140bd881f195bc791a |
|
| Details | md5 | 1 | 7c7b32233f94e850703880caee1bac15 |
|
| Details | md5 | 1 | 81426b5812f164f16daf0c59e0593dbe |
|
| Details | md5 | 1 | 9388b89593e515e89263c113d1245e04 |
|
| Details | md5 | 1 | 9e8b27b00da7f56371125c5659b09f20 |
|
| Details | md5 | 1 | b7c173fa6b86ba87f13a4b6221646b49 |
|
| Details | md5 | 1 | ceab2234b547df62747d901397b419d2 |
|
| Details | md5 | 1 | dc34055f88595063cc66baf238486919 |
|
| Details | md5 | 1 | e3c22b146d4cf6aa70292ee12622afeb |
|
| Details | md5 | 1 | 0a533a3f76496e57d11a9d6c3ed3258b |
|
| Details | md5 | 1 | 1aeb25ac71b8fc1b76f87e2db5f7d650 |
|
| Details | md5 | 1 | 296bed0e48929cd83b84624239683ded |
|
| Details | md5 | 1 | 533fa599f95864701025b205cd24226e |
|
| Details | md5 | 1 | 77cf656556bfdcd0bbdfd7a8d48702de |
|
| Details | md5 | 1 | 9d7adfe4e98ed8dc0623c6a6bed85adf |
|
| Details | md5 | 1 | a7917eacaf02c715a8e232ae18551a09 |
|
| Details | md5 | 1 | deca693848b8926a32ae1048e02d5b52 |
|
| Details | md5 | 1 | e69ca52ff99ac45c30a7eca833bf17c0 |
|
| Details | md5 | 1 | eaf5620c94ca479f49593350e0e53052 |
|
| Details | md5 | 1 | fc2b5e892ce00df128545247ddd9d104 |
|
| Details | md5 | 1 | 1634b1fb3b353019e9d3b7b3d21507ab |
|
| Details | md5 | 1 | 9e099645a13a339f83af08941db40056 |
|
| Details | Url | 1 | https://securelist.com/mobile-malware-evolution-2018/89689/. |
|
| Details | Url | 1 | https://www.gdatasoftware.com/blog/2018/11/31255-cyber-attacks-on- |
|
| Details | Url | 1 | https://www.trendmicro.com/vinfo/au/security/research-and-analysis/threat-reports |
|
| Details | Url | 1 | https://blogs.jpcert.or.jp/en/2016/05/classifying- |
|
| Details | Url | 1 | https://source.android.com/devices/tech/dalvik. |
|
| Details | Url | 1 | https://www.intezer.com/intezer- |
|
| Details | Url | 1 | https://ibotpeaches.github.io/apktool. |
|
| Details | Url | 1 | https://blog.alyac.co.kr/2035. |
|
| Details | Url | 1 | https://github.com/estsecurity/dexofuzzy. |
|
| Details | Url | 1 | https://pypi.org/project/dexofuzzy. |
|
| Details | Url | 1 | https://ti.360.net/blog/articles/stealjob-new-android- |
|
| Details | Url | 1 | https://blog.talosintelligence.com/2019/04/gustuff-targets-australia.html |
|
| Details | Url | 2 | https://securitywithoutborders.org/blog/2019/03/29/exodus.html |
|
| Details | Url | 1 | https://ti.360.net/blog/articles/kbuster-fake-bank-app-in-south-korean-en/. |
|
| Details | Url | 1 | https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/malbus-popular-south-korean-bus-app-series-in-google- |
|
| Details | Url | 17 | https://blog.trendmicro.com |
|
| Details | Url | 1 | https://www.welivesecurity.com/2018/12/11 |
|
| Details | Url | 1 | https://blog.talosintelligence.com/2018/10 |
|
| Details | Url | 13 | https://securelist.com |
|
| Details | Url | 1 | https://securelist.com/busygasper-the-unfriendly-spy/87627/. |
|
| Details | Url | 1 | https://www.fortinet.com/blog/threat-research/android-bondpath--a-mature- |
|
| Details | Url | 1 | https://news.sophos.com/en-us/2018/08/14/anubis-is-back-are-you-prepared/. |
|
| Details | Url | 1 | https://www.virusbulletin.com/conference/vb2018/abstracts |
|
| Details | Url | 1 | https://www.clearskysec.com |
|
| Details | Url | 2 | https://www.sophos.com/en-us/medialibrary/pdfs |
|
| Details | Url | 1 | https://researchcenter.paloaltonetworks.com/2018/04/unit42-reaper-groups- |
|
| Details | Url | 1 | https://securelist.com/pocket-cryptofarms/85137/. |
|
| Details | Url | 1 | https://blog.talosintelligence.com/2018/04/fake-av- |
|
| Details | Url | 1 | https://researchcenter.paloaltonetworks.com/2018/03/unit42-telerat-another-android-trojan-leveraging-telegrams-bot-api- |
|
| Details | Url | 1 | https://blog.avast.com/downloaders-on- |
|
| Details | Url | 1 | https://blog.avast.com/new-version-of- |
|
| Details | Url | 33 | http://blog.trendmicro.com/trendlabs-security- |
|
| Details | Url | 1 | https://securelist.com/wap-billing-trojan-clickers-on-rise/81576/. |
|
| Details | Url | 3 | http://blog.trendmicro.com/trendlabs-security-intelligence/new- |
|
| Details | Url | 1 | http://blog.fortinet.com/2017/07/09 |
|
| Details | Url | 3 | https://securingtomorrow.mcafee.com/other-blogs/mcafee- |
|
| Details | Url | 1 | https://unit42.paloaltonetworks.com/unit42-spydealer-android- |
|
| Details | Url | 24 | http://blog.trendmicro.com/trendlabs-security-intelligence |
|
| Details | Url | 7 | https://www.bleepingcomputer.com/news/security |
|
| Details | Url | 1 | https://blog.avast.com/spyware-targets- |
|
| Details | Url | 1 | https://documents.trendmicro.com/assets/appendix-- |
|
| Details | Url | 1 | https://securelist.com/78648/dvmap-the-fi |
|
| Details | Url | 1 | https://f5.com/labs |
|
| Details | Url | 1 | https://blog.checkpoint.com/2017/03/21/swearing-trojan- |
|
| Details | Url | 1 | http://researchcenter.paloaltonetworks.com/2017/03/unit42-google- |
|
| Details | Url | 1 | https://securelist.com/blog/incidents/77562/breaking-the-weakest- |
|
| Details | Url | 1 | http://blog.fortinet.com/2017/01/26/deep-analysis-of-android-rootnik-malware-using-advanced-anti-debug-and- |
|
| Details | Url | 1 | http://blog.checkpoint.com/2017/01/23/hummingbad-returns/. |
|
| Details | Url | 1 | https://securelist.com/switcher-android-joins-the-attack-the-router- |
|
| Details | Url | 1 | http://blog.trendmicro.com/trendlabs-security-intelligence/fake- |
|
| Details | Url | 1 | https://blog.comodo.com/comodo-news |
|
| Details | Url | 2 | http://blog.checkpoint.com/wp-content |
|
| Details | Url | 1 | http://researchcenter.paloaltonetworks.com/2016 |
|
| Details | Url | 1 | http://rednaga.io/2016/11/14/hackingteam_back_for_your_ |
|
| Details | Url | 5 | https://www.symantec.com/connect/blogs |
|
| Details | Url | 1 | https://blog.fortinet.com/2016/11/01/android-banking-malware-masquerades-as-fl |
|
| Details | Url | 1 | https://www.forcepoint.com/blog/security-labs/bitter-targeted-attack-against- |
|
| Details | Url | 1 | http://blog.trendmicro.com/trendlabs-security-intelligence/dresscode- |
|
| Details | Url | 1 | https://cyberkov.com/wp-content |
|
| Details | Url | 1 | https://blog.lookout.com/blog/2016/09/16/embassy-spyware-google-play/. |