Joker Playing Hide-and-Seek with Google Play | blog
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Direct Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Sms Messages - T1636.004 Connection Proxy - T1090 |
Common Information
| Type | Value |
|---|---|
| UUID | 642fc7cf-f167-44bf-81c4-f34054a8e4eb |
| Fingerprint | ac09a9d9c93e27fd |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Sept. 24, 2020, midnight |
| Added to db | Sept. 11, 2022, 12:37 p.m. |
| Last updated | Nov. 17, 2024, 5:57 p.m. |
| Headline | Joker Playing Hide-and-Seek with Google Play |
| Title | Joker Playing Hide-and-Seek with Google Play | blog |
| Detected Hints/Tags/Attributes | 71/2/55 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | com.carefrendly.message.chat |
|
| Details | Domain | 1 | com.styles.simple.photocollage.photos |
|
| Details | Domain | 1 | com.unique.input.style.my |
|
| Details | Domain | 1 | dirsms.welcome.android |
|
| Details | Domain | 1 | mintleaf.message.messenger.tosms.ml |
|
| Details | Domain | 1 | omg.documents.blue |
|
| Details | Domain | 1 | pdf.maker.scan.image.phone |
|
| Details | Domain | 1 | com.gooders.pdfscanner.gp |
|
| Details | Domain | 1 | com.powerful.phone.android |
|
| Details | Domain | 1 | blackdragon.oss-ap-southeast-5.aliyuncs.com |
|
| Details | Domain | 1 | blackdragon03.oss-ap-southeast-5.aliyuncs.com |
|
| Details | Domain | 1 | nineth03.oss-ap-southeast-5.aliyuncs.com |
|
| Details | Domain | 1 | sahar.oss-us-east-1.aliyuncs.com |
|
| Details | Domain | 1 | 2j1i9uqw.oss-eu-central-1.aliyuncs.com |
|
| Details | Domain | 1 | ihuq.sky |
|
| Details | Domain | 1 | fgcxweasqw.oss-eu-central-1.aliyuncs.com |
|
| Details | Domain | 1 | jk8681oy.oss-eu-central-1.aliyuncs.com |
|
| Details | Domain | 1 | amly.art |
|
| Details | Domain | 1 | n47n.oss-ap-southeast-5.aliyuncs.com |
|
| Details | Domain | 1 | proxy48.oss-eu-central-1.aliyuncs.com |
|
| Details | Domain | 1 | laodaoo.oss-ap-southeast-5.aliyuncs.com |
|
| Details | Domain | 1 | rinimae.oss-ap-southeast-5.aliyuncs.com |
|
| Details | Domain | 1 | powerful.mov |
|
| Details | Domain | 1 | powerful2.mov |
|
| Details | Domain | 1 | intro.mov |
|
| Details | Domain | 1373 | twitter.com |
|
| Details | Domain | 16 | www.anquanke.com |
|
| Details | File | 20 | com.doc |
|
| Details | File | 7 | com.pas |
|
| Details | File | 1 | my.key |
|
| Details | File | 1 | omg.doc |
|
| Details | File | 1 | blue.pdf |
|
| Details | File | 1 | gooders.pdf |
|
| Details | md5 | 1 | 2086f0d40e611c25357e8906ebb10cd1 |
|
| Details | md5 | 1 | b8dea8e30c9f8dc5d81a5c205ef6547b |
|
| Details | md5 | 1 | 5a5756e394d751fae29fada67d498db3 |
|
| Details | md5 | 1 | 8dca20f649f4326fb4449e99f7823a85 |
|
| Details | md5 | 1 | 6c34f9d6264e4c3ec2ef846d0badc9bd |
|
| Details | md5 | 1 | 04b22ab4921d01199c9a578d723dc6d6 |
|
| Details | md5 | 1 | b488c44a30878b10f78d674fc98714b0 |
|
| Details | md5 | 1 | a6c412c2e266039f2d4a8096b7013f77 |
|
| Details | md5 | 1 | 4c5461634ee23a4ca4884fc9f9ddb348 |
|
| Details | md5 | 1 | e4065f0f5e3a1be6a56140ed6ef73df7 |
|
| Details | md5 | 1 | bfd2708725bd22ca748140961b5bfa2a |
|
| Details | md5 | 1 | 164322de2c46d4244341e250a3d44165 |
|
| Details | md5 | 1 | 88ed9afb4e532601729aab511c474e9a |
|
| Details | md5 | 1 | 27e01dd651cf6d3362e28b7628fe65a4 |
|
| Details | md5 | 1 | e7b8f388051a0172846d3b3f7a3abd64 |
|
| Details | md5 | 1 | 0ab0eca13d1c17e045a649be27927864 |
|
| Details | md5 | 1 | bfbe04fd0dd4fa593bc3df65a831c1be |
|
| Details | IPv4 | 1 | 161.117.229.58 |
|
| Details | IPv4 | 1 | 161.117.83.26 |
|
| Details | IPv4 | 1 | 47.74.179.177 |
|
| Details | Url | 1 | https://twitter.com/rebensk |
|
| Details | Url | 1 | https://www.anquanke.com/post/id/211978 |