ioc[.]one - OSINT Cyber Threat Intelligence Database

Confucius APT Android Spyware Linked to India-Pakistan Conflict | Threat Intel

Tags

country:	India Pakistan Kazakhstan
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Model Domains - T1583.001 Domains - T1584.001 Exploits - T1587.004 Exploits - T1588.005 Hardware - T1592.001 Impersonation - T1656 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	00c65231-bb7f-440b-a303-f6c3987f0aac
Fingerprint	a5298d9186a32689
Analysis status	DONE
Considered CTI value	2
Text language
Published	Feb. 10, 2021, midnight
Added to db	Aug. 31, 2024, 11:29 a.m.
Last updated	Aug. 31, 2024, 3:05 p.m.
Headline	Novel Confucius APT Android Spyware Linked to India-Pakistan Conflict
Title	Confucius APT Android Spyware Linked to India-Pakistan Conflict \| Threat Intel
Detected Hints/Tags/Attributes	90/3/54

Source URLs

	Redirection	Url
Details	Source	https://security.lookout.com/threat-intelligence/article/lookout-discovers-novel-confucius-apt-android-spyware-linked-to-india-pakistan-conflict
Details	Source	https://blog.lookout.com/lookout-discovers-novel-confucius-apt-android-spyware-linked-to-india-pakistan-conflict
Details	Source	https://resources.lookout.com/blog/lookout-discovers-novel-confucius-apt-android-spyware-linked-to-india-pakistan-conflict

URL Provider

Details	Provider	Source level domain
Details	lookout.com	resources.lookout.com
Details	lookout.com	security.lookout.com
Details	lookout.com	blog.lookout.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	493	✔	Lookout Threat Lab	https://www.lookout.com/threat-intelligence/article/rss.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	1	chatk.goldenbirdcoin.com
Details	Domain	1	samaatv.online
Details	Domain	1	pieupdate.online
Details	Domain	1	cucuchat.com
Details	Domain	1	tea-time.link
Details	Domain	1	data10.000webhostapp.com
Details	Domain	1	global134.000webhostapp.com
Details	Domain	1	wixten.000webhostapp.com
Details	Domain	1	sunshinereal.000webhostapp.com
Details	sha1	1	b6b239ccef57a261a254f5167357dc9096618939
Details	sha1	1	1f1bab3c5a60275384083ef9e2a5b9fe6c194a35
Details	sha1	1	704579a14a2ee80c89ad12019e19e50eb27dffea
Details	sha1	1	3372458b73d3d5c3957a75dfe6cff62c5cd3cd4f
Details	sha1	1	77867ddb68b68a340ccdb79bd9d46281d5956fa5
Details	sha1	1	c504cef5e0e04b15d21388e6f9cc2c320071d50b
Details	sha1	1	0cc49097778372fdf1ba2143e31a8f235342f9c9
Details	sha1	1	9b684cff07f98083bdb085cb846929ebca2c3df1
Details	sha1	1	2ecb5b88b12ba44cfce2f51df7f16fbd4754aea2
Details	sha1	1	665d23eda84cd008ccde013bde6a836976bcc4fc
Details	sha1	1	a38931d68b26f04a94241f2155bcbf465b3fa99a
Details	sha1	1	df5188225ab6de0a6e71635e997c4473c02d6527
Details	sha1	1	e01729e5ceb827318e5198a24a12ae6d6bbc4ab3
Details	sha1	1	8ae67888befb4f01f216d94f07051fc047150ceb
Details	sha1	1	41268c45dc2453469ea8a0a0c615bdb562d1d9de
Details	sha1	1	a4161cfe2d6146566094ee979ea893cd2fe3ae72
Details	sha1	1	03d199cff2be8667932933d1bcb6bb58d364545a
Details	sha1	1	fc2929a021ca1e83f0d87ca9c9c85df0057373e5
Details	sha1	1	a6128100cd9c505e12af16a163d4fea35c42808a
Details	sha1	1	6b75e6df7744a232a350658ad06e9574483a0b8b
Details	sha1	1	be524a5a42b4b3f48f5571311f9be683024b6939
Details	sha1	1	2fd402c23f6827c049b92af19d4815c03cde407f
Details	sha1	1	b847ffa3d097c9eb1ddfc0dd3133582988fde885
Details	sha1	1	9b10e71f3d38e73d3637bf14d93404175bf4c276
Details	sha1	1	ae1cd2a583082eeb540c567a051135d5147e97db
Details	sha1	1	a0ed91b759a0015145ab301a3bba8f6cd868b394
Details	sha1	1	afdc1db55e84e868e8ecdb3489309e1e19453779
Details	sha1	1	27cabf2a24a87324f922becd5ae2dcf7bf4ae4bd
Details	sha1	1	6779ebdd14113ce304172b078d859684248ee114
Details	sha1	1	6bb91b2b97f08eb116982a5039d859ada94c37fd
Details	sha1	1	e3cd30bbc7e9e0b8c4275c4d2b8ac876a7fc9b9b
Details	sha1	1	07f1b2d8b34ce31296f6f5fe336ebae90293119e
Details	sha1	1	15e18ac163275bdcf8e391a90127db5206ab4fdd
Details	sha1	1	a5224bf9444736970dc357da3b309ad089aa7912
Details	sha1	1	257bb82955818c1b3e2fc9581475c3d71df489e6
Details	sha1	1	fde11af0c9ede7ad1f2b4e8bd6d55c1ef90eff72
Details	sha1	1	01a91eb4cf0a8cfd048d98d3006e7b39a3d61f81
Details	IPv4	3	91.210.107.104
Details	IPv4	1	91.210.107.111
Details	IPv4	1	91.210.107.103
Details	IPv4	1	91.210.107.112
Details	IPv4	1	184.154.203.90
Details	IPv4	1	69.175.35.98
Details	IPv4	1	23.82.19.250
Details	Url	1	http://wangu.xyz19