ioc[.]one - OSINT Cyber Threat Intelligence Database

响尾蛇（APT-Q-39）利用Google Play传播的恶意Android软件分析

Tags

Show in Graph

Common Information

Type	Value
UUID	18e1a129-eb4a-4158-9dd0-b88979751808
Fingerprint	9dafa89144f136f9
Analysis status	DONE
Considered CTI value	2
Text language
Published	Feb. 21, 2022, midnight
Added to db	Sept. 11, 2022, 12:36 p.m.
Last updated	Nov. 15, 2024, 12:36 p.m.
Headline	响尾蛇（APT-Q-39）利用Google Play传播的恶意Android软件分析
Title	响尾蛇（APT-Q-39）利用Google Play传播的恶意Android软件分析
Detected Hints/Tags/Attributes	9/0/19

Source URLs

	Redirection	Url
Details	Source	https://mp-weixin-qq-com.translate.goog/s/LaWE4R24D7og-d7sWvsGyg?_x_tr_sl=zh-CN&_x_tr_tl=en&_x_tr_hl=en
Details	Source	https://mp.weixin.qq.com/s/LaWE4R24D7og-d7sWvsGyg

URL Provider

Details	Provider	Source level domain
Details	qq.com	mp.weixin.qq.com
Details	translate.goog	mp-weixin-qq-com.translate.goog

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	28		cve-2019-2215
Details	Domain	3		register.srvapp.co
Details	File	23		base.apk
Details	File	9		com.apk
Details	File	2		first-active-attack-exploiting-cve-2019-2215-found-on-google-play-linked-to-sidewinder-apt-group.html
Details	md5	2		3de1efa51c4670610380ebf87725e5b8
Details	md5	2		7651ed2c924d612686b4b5e6b4da0b96
Details	md5	2		17ccf24c4e09b1bc7ce5c0eb637a4edd
Details	md5	2		3df009405c2226fa5047de4caff3b927
Details	md5	2		9b0a33d41dda234676ba9efe379953f3
Details	md5	2		0e9a872844e912b057ebec6af011a2e7
Details	md5	2		5aa544b5c1432710b80aa315beef5b7d
Details	md5	2		32ee8258cc83415d87942edbc250acea
Details	md5	2		d1a7c83958cb714319fbf01f96a89504
Details	md5	2		91e4d29fd1c4ee00636040c76efe166d
Details	Threat Actor Identifier - APT-Q	9		APT-Q-39
Details	Url	2		https://register.srvapp.co
Details	Url	44		https://sandbox.ti.qianxin.com/sandbox/page
Details	Url	2		https://www.trendmicro.com/en_us/research/20/a/first-active-attack-exploiting-cve-2019-2215-found-on-google-play-linked-to-sidewinder-apt-group.html