Eastern Asian Android Assault - FluHorse - Check Point Research
Tags
Common Information
Type | Value |
---|---|
UUID | 0a7f19c7-5212-4a0e-8578-8e586f673801 |
Fingerprint | 9c21090b8d3867c3 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | May 4, 2023, 10:55 a.m. |
Added to db | June 5, 2023, 11:32 a.m. |
Last updated | Dec. 23, 2024, 12:17 p.m. |
Headline | Eastern Asian Android Assault – FluHorse |
Title | Eastern Asian Android Assault - FluHorse - Check Point Research |
Detected Hints/Tags/Attributes | 81/3/51 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 204 | ✔ | Check Point Research | https://research.checkpoint.com/feed | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 4702 | github.com |
|
Details | Domain | 3 | www.fetc-net.com |
|
Details | Domain | 1 | fetc-net.com |
|
Details | Domain | 1 | fetc.net.tw |
|
Details | Domain | 2 | tst.sh |
|
Details | Domain | 2 | jp.yelove.xyz |
|
Details | Domain | 1 | stealer.android.fluhorse.tc |
|
Details | Domain | 1 | fluhorse.tc |
|
Details | Domain | 2 | info1.yelove.xyz |
|
Details | Domain | 2 | h5.yelove.xyz |
|
Details | Domain | 2 | api.vpbankem.com |
|
Details | Domain | 2 | api.fetctw.xyz |
|
Details | Domain | 2 | api.fetc-net.com |
|
Details | Domain | 1 | api.usadmin-3.top |
|
Details | Domain | 2 | www.pcdstl.com |
|
Details | Domain | 2 | h5.spusp.xyz |
|
Details | Domain | 3 | blog.tst.sh |
|
Details | Domain | 7 | www.guardsquare.com |
|
Details | File | 397 | console.log |
|
Details | File | 1 | fetc.apk |
|
Details | File | 1 | dump_flutter_memory.js |
|
Details | File | 1 | map_dart_vm_memory.py |
|
Details | File | 1 | create_dart_objects.py |
|
Details | File | 1 | dart_obj_create.py |
|
Details | File | 1 | add_xref_to_dart_objects.py |
|
Details | File | 1 | dart_obj_xref.py |
|
Details | Github username | 1 | guardsquare |
|
Details | Github username | 1 | ptswarm |
|
Details | Github username | 9 | frida |
|
Details | sha256 | 2 | 2811f0426f23a7a3b6a8d8bb7e1bcd79e495026f4dcdc1c2fd218097c98de684 |
|
Details | sha256 | 3 | 0a577ee60ca676e49add6f266a1ee8ba5434290fa8954cc35f87546046008388 |
|
Details | sha256 | 2 | 2e18c919ad53a66622e404a96cbde15f237a7bfafed1c0896b6b7e289bc230d6 |
|
Details | sha256 | 2 | 416e22d6b85d6633d1da000058efb3cd597b8b7df5d77a6c3456464d65a775b3 |
|
Details | sha256 | 2 | 74008170fc5de4d40bcc97b8e2c6fbdb01889805c6ca456fd08134881cad0d2c |
|
Details | sha256 | 2 | 8b591b5488dab8adb485ea55197148d6b39715da562537c7d8b1a79cd3639510 |
|
Details | sha256 | 2 | 910707dd041c13f3379115bdf93bb4984ac20b9ecafd59f93e5089ab3a141e67 |
|
Details | sha256 | 2 | 9220752302e2bca0002ea701c772b2f2306831711b1c323157ef2573f176821a |
|
Details | sha256 | 2 | d78fa2c475ea08f90ef6b189d2a3fddc9ead86ae43df272e9083f92f7a47aabe |
|
Details | sha256 | 2 | d8a777b050ba27eeb41c0035f3477882d7eafc56edfcbe1e8cef05a7e85c8b9e |
|
Details | sha256 | 2 | de86b0fbbd343f3fc5bb6c19a067a6f063b423132e19c6004c7b696ea1fe0c7d |
|
Details | sha256 | 2 | 659f69d660179d0e8a5f4c2850c51a05529e0ef06ac739ca6f61fe470917ee96 |
|
Details | sha256 | 2 | e54a2581545477882a1b7c1f9cbb74fb2aa97fcf1ee8b097c8085302ed6fbf36 |
|
Details | Url | 1 | https://github.com/guardsquare/flutter-re-demo/pull/4. |
|
Details | Url | 3 | https://www.fetc-net.com |
|
Details | Url | 1 | https://jp.yelove.xyz/addcontent2 |
|
Details | Url | 1 | https://github.com/guardsquare/flutter-re-demo |
|
Details | Url | 1 | https://github.com/ptswarm/reflutter |
|
Details | Url | 2 | https://github.com/frida |
|
Details | Url | 2 | https://blog.tst.sh/reverse-engineering-flutter-apps-part-1 |
|
Details | Url | 1 | https://www.guardsquare.com/blog/current-state-and-future-of-reversing-flutter-apps |
|
Details | Url | 1 | https://github.com/guardsquare/flutter-re-demo/pull/4 |