ioc[.]one - OSINT Cyber Threat Intelligence Database

Unofficial Telegram App Secretly Loads Infinite Malicious Sites

Tags

country:	Germany India Iran Singapore
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Domains - T1583.001 Domains - T1584.001 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002

Show in Graph

Common Information

Type	Value
UUID	2bd425c0-8225-418d-8490-f967b4c46dfc
Fingerprint	9420b109891226a5
Analysis status	DONE
Considered CTI value	2
Text language
Published	July 15, 2019, midnight
Added to db	Dec. 18, 2024, 11:16 p.m.
Last updated	Dec. 18, 2024, 11:17 p.m.
Headline	Unofficial Telegram App Secretly Loads Infinite Malicious Sites
Title	Unofficial Telegram App Secretly Loads Infinite Malicious Sites
Detected Hints/Tags/Attributes	43/3/37

Source URLs

	Redirection	Url
Details	Redirection	https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/unofficial-telegram-app-malicious-sites
Details	Redirection	https://symantec-enterprise-blogs.security.com/threat-intelligence/unofficial-telegram-app-malicious-sites
Details	Source	https://www.security.com/threat-intelligence/unofficial-telegram-app-malicious-sites

URL Provider

Details	Provider	Source level domain
Details	security.com	symantec-enterprise-blogs.security.com
Details	security.com	www.security.com

Attributes

Details	Type	#Events	Value
Details	Domain	11	android.support
Details	Domain	1	com.sajjadapps.photos
Details	Domain	1	com.sajjads.apps.ringtone.video
Details	Domain	1	2dl.pw
Details	Domain	1	ps.popcash.net
Details	Domain	2	tsyndicate.com
Details	Domain	1	go.strpjmp.com
Details	Domain	1	creative.strpjmp.com
Details	Domain	1	stripchat.com
Details	Domain	1	www.amarktflow.com
Details	Domain	1	festyy.com
Details	Domain	1	heroesofrpg.com
Details	File	1	androidaf.php
Details	File	1	androidsh.php
Details	File	1	androidal.php
Details	sha256	1	cdf792f1ef66d3790e06bc80971560a8c6e3500476ee9e3700e12bbb1ae88468
Details	sha256	1	7844aa5c4706a333e71ccabbbafaace6d3311671761201f373bbb91f350e0c82
Details	sha256	1	c3927fdddb69e291b23296c4de23e9c3c5e098e757ccbfe9005299aa427ae443
Details	sha256	1	734363b849d289e23d385b8c1d3490f5a20f9a3baee890973fb645d4586cd6e4
Details	sha256	1	4e00626249c7fbab4ed9e5f3db215b0dff970077777b871d1e78f8014fdf1d24
Details	sha256	1	5eed7d3ecd9b438befc73dfd49e10f2511276f1ff7dc8af2f1f3a00df614ba6c
Details	sha256	1	fe7a46f299e92ea6e4cf2e662d20ef825e30c5d9ff226b426a2263a6c6bb4d79
Details	sha256	1	1e118357248ec8ed3098d1a0f74a2487b99d6ff629535e6990d5afe204e57306
Details	sha256	1	28a0b453c1bb1a9cced3d34c9dc752cef41ed2c23d972abf2e5d1fb996595754
Details	sha256	1	99d3d25c99ce408406801a9ef376a3517a5c99aa81f4ca94e6e3277ceec1c40e
Details	sha256	1	e6bf383a5dd7796ff747419975a6589fda9bd6482c8449e4f92612bed5e64e12
Details	Url	1	http://2dl.pw/so/androidaf.php?vk=h20
Details	Url	1	http://2dl.pw/so/androidsh.php?vk=h50
Details	Url	1	http://2dl.pw/so/androidal.php?vk=h23
Details	Url	1	http://2dl.pw
Details	Url	1	http://ps.popcash.net
Details	Url	1	http://tsyndicate.com
Details	Url	1	http://go.strpjmp.com
Details	Url	1	http://creative.strpjmp.com
Details	Url	1	http://stripchat.com
Details	Url	1	http://festyy.com
Details	Url	1	https://heroesofrpg.com