ViceLeaker Operation: mobile espionage targeting Middle East | Securelist
Tags
| cmtmf-attack-pattern: | Code Injection |
| country: | Iran |
| attack-pattern: | Data Model Code Injection - T1540 Email Account - T1087.003 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Sms Messages - T1636.004 Tool - T1588.002 Vulnerabilities - T1588.006 |
Common Information
| Type | Value |
|---|---|
| UUID | 593f2d3f-906b-4a9d-aa95-23cad6dd6ff0 |
| Fingerprint | 870d090a8ca22ec1 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | June 26, 2019, 10 a.m. |
| Added to db | Sept. 26, 2022, 9:32 a.m. |
| Last updated | Oct. 22, 2024, 8:42 p.m. |
| Headline | ViceLeaker Operation: mobile espionage targeting Middle East |
| Title | ViceLeaker Operation: mobile espionage targeting Middle East | Securelist |
| Detected Hints/Tags/Attributes | 57/3/17 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://securelist.com/fanning-the-flames-viceleaker-operation/90877/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | iliageram.ir |
|
| Details | Domain | 338 | kaspersky.com |
|
| Details | 147 | intelreports@kaspersky.com |
||
| Details | File | 16 | com.ps |
|
| Details | File | 1 | reqsmscal.php |
|
| Details | File | 1 | reqcalllog.php |
|
| Details | File | 1 | 18.apk |
|
| Details | File | 1 | 4_6032967490689041387.apk |
|
| Details | File | 1 | psiphon-v91.apk |
|
| Details | md5 | 1 | 51df2597faa3fce38a4c5ae024f97b1c |
|
| Details | md5 | 1 | 2d108ff3a735dea1d1fdfa430f37fab2 |
|
| Details | md5 | 1 | 7ed754a802f0b6a1740a99683173db73 |
|
| Details | md5 | 1 | 3b89e5cd49c05ce6dc681589e6c368d9 |
|
| Details | IPv4 | 1 | 188.165.28.251 |
|
| Details | IPv4 | 1 | 188.165.49.205 |
|
| Details | IPv4 | 1 | 185.141.60.213 |
|
| Details | IPv4 | 1 | 185.51.201.133 |