ioc[.]one - OSINT Cyber Threat Intelligence Database

MalBus Actor Changed Market from Google Play to ONE Store | McAfee Blog

Tags

country:	North Korea South Korea
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Malware - T1587.001 Malware - T1588.001 Screen Capture - T1513 Server - T1583.004 Server - T1584.004 Screen Capture - T1113 Screen Capture

Show in Graph

Common Information

Type	Value
UUID	553e9e04-d3ed-4407-bf20-20f7be1b7e17
Fingerprint	a4159d8be97e3239
Analysis status	DONE
Considered CTI value	2
Text language
Published	April 9, 2020, 5:38 p.m.
Added to db	Nov. 6, 2023, 7:14 p.m.
Last updated	Nov. 18, 2024, 8:27 a.m.
Headline	MalBus Actor Changed Market from Google Play to ONE Store
Title	MalBus Actor Changed Market from Google Play to ONE Store \| McAfee Blog
Detected Hints/Tags/Attributes	44/3/14

Source URLs

	Redirection	Url
Details	Source	https://www.mcafee.com/blogs/other-blogs/mcafee-labs/malbus-actor-changed-market-from-google-play-to-one-store/

URL Provider

Details	Provider	Source level domain
Details	mcafee.com	www.mcafee.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	333	✔	—	https://www.mcafee.com/blogs/other-blogs/mcafee-labs/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	2		libmovie.so
Details	File	5		sms.txt
Details	File	1		mms.txt
Details	sha256	1		5e57bc8d83a372bf4d046c272cd43db9000036c9b32d8eecead1af75f4958c57
Details	sha256	1		1613b35c73c6497730490d7712ac015c2b42931446aed149e1292e2ba77d0ff4
Details	sha256	1		d328373cd67c467485b9c96349a0ee08fc3b58fe2c11fb19f4dcb9ea6c7a0dae
Details	sha256	1		c5bff68022ead6302f710f1ce1c3d5682a8cd3610b1f8ed2563098d7ac4e1909
Details	sha256	1		c410cacbb0be8f649f082148c91f4cef27f101b8db3ce64a02882506c9b51a63
Details	sha256	1		178dddf38ec232d540bd88320521d8134644da1e7af19e7ae295b2d614e3ab56
Details	sha256	1		9fc914545fbb99b7e0d4a5207f5a2b32a8a127a36caa9159d4feeac445c509f7
Details	sha256	1		df651ac1bfd60cd29cea85cc410002b933552260c2439fe86a4f32486abd0828
Details	sha256	1		63d10c9cd105c7b17effef18d31d571fe4c9c999966cc09bdb40df07c1b6baa8
Details	sha256	1		f99212b70729942923fe26b996791cdd8eb561f8ae017e1d71202fbb97f7d245
Details	IPv4	1442		127.0.0.1