Operation Poisoned News: Hong Kong Users Targeted with Mobile Malware via Local News Links
Common Information
| Type | Value |
|---|---|
| UUID | 65cedd3c-b8d1-4589-8756-de65b3a23ce6 |
| Fingerprint | 0fb67b9c24ff9033fe8f4344ef4563b4d7ee50b11272abdcebe04a4089890b11 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | March 23, 2020, 3:52 p.m. |
| Added to db | April 14, 2024, 12:48 a.m. |
| Last updated | Aug. 31, 2024, 8:13 a.m. |
| Headline | Operation Poisoned News: Hong Kong Users Targeted with Mobile Malware via Local News Links |
| Title | Operation Poisoned News: Hong Kong Users Targeted with Mobile Malware via Local News Links |
| Detected Hints/Tags/Attributes | 100/3/32 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 10 | cve-2019-8605 |
|
| Details | CVE | 3 | cve-2018-4243 |
|
| Details | CVE | 2 | cve-2018-4241 |
|
| Details | CVE | 4 | cve-2017-13861 |
|
| Details | CVE | 6 | cve-2019-6225 |
|
| Details | Domain | 1 | rce.party |
|
| Details | Domain | 359 | com.apple |
|
| Details | Domain | 2 | app.poorgoddaay.com |
|
| Details | Domain | 2 | movie.poorgoddaay.com |
|
| Details | Domain | 2 | news.poorgoddaay.com |
|
| Details | Domain | 2 | appledaily.googlephoto.vip |
|
| Details | Domain | 2 | www.googlephoto.vip |
|
| Details | Domain | 2 | app.hkrevolution.club |
|
| Details | Domain | 2 | news2.hkrevolution.club |
|
| Details | Domain | 2 | svr.hkrevolution.club |
|
| Details | Domain | 2 | news.hkrevolution.club |
|
| Details | Domain | 2 | www.facebooktoday.cc |
|
| Details | Domain | 2 | news.hkrevolt.com |
|
| Details | Domain | 1 | www.messager.cloud |
|
| Details | Domain | 604 | www.trendmicro.com |
|
| Details | File | 1 | wtf.js |
|
| Details | File | 3 | ircbin.pl |
|
| Details | File | 3 | wifi.pl |
|
| Details | File | 1 | logininfo2.dat |
|
| Details | File | 2 | wcdb_contact.sql |
|
| Details | File | 1 | wcdb_contract.sql |
|
| Details | File | 2 | mm.sql |
|
| Details | md5 | 1 | 384dec207ce9f15f503ffb4b1ef8cfab |
|
| Details | md5 | 1 | 3c1bfbdfae91f1f248180c2102ed65fb |
|
| Details | IPv4 | 2 | 45.134.1.180 |
|
| Details | IPv4 | 1 | 45.83.137.83 |
|
| Details | Url | 1 | http://rce.party/wtf.js |