Open ADB Ports Used to Spread Possible Satori Variant
Tags
country: China Netherlands Spain
attack-pattern: Data Botnet - T1583.005 Botnet - T1584.005 Dns Server - T1583.002 Dns Server - T1584.002 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006
Show in Graph
Common Information
Type Value
UUID 78e59c99-1448-4fe8-83a6-09665e86e282
Fingerprint b7b52981e839239d
Analysis status DONE
Considered CTI value 2
Text language
Published July 23, 2018, midnight
Added to db Oct. 15, 2024, 5:21 p.m.
Last updated Oct. 15, 2024, 7:13 p.m.
Headline Open ADB Ports Used to Spread Possible Satori Variant
Title Open ADB Ports Used to Spread Possible Satori Variant
Detected Hints/Tags/Attributes 51/2/13
Source URLs
Redirection Url
Details Source https://www.trendmicro.com/en_gb/research/18/g/open-adb-ports-being-exploited-to-spread-possible-satori-variant-in-android-devices.html
Details Source https://www.trendmicro.com/en_ca/research/18/g/open-adb-ports-being-exploited-to-spread-possible-satori-variant-in-android-devices.html
URL Provider
Details Provider Source level domain
Details trendmicro.com www.trendmicro.com
Attributes
Details Type #Events CTI Value
Details Domain 2 
ukrainianhorseriding.com
Details Domain 2 
rippr.cc
Details sha256 1 
79d55852af173612562718544ecdc569b0b8e0094647d609040f8fcc67112cba
Details sha256 1 
144e9093b50d7a0bf92ccc29dbbdab4955a8ef028ec2a4a64f2c16778fc0ba43
Details sha256 1 
2815ab8fe6d48982540524c6ac55e1df3a77a2e90c32114fde05bdc3bb353bea
Details sha256 1 
65af5e3bdb7f38b0bc47003e96e57e15a15dd7a74536a9d5b9899105c6707bbd
Details sha256 1 
01eca0d68cc8c2d7ad6aa8021852b57a04b8a4ca7d13e164095b29fd06a1ed9f
Details sha256 1 
4c3983040b2c72e4df9742c1314dcf8cd703805ab6aaa9185324b70fd530746e
Details IPv4 1 
185.62.189.149
Details IPv4 1 
95.215.62.169
Details Url 1 
http://185.62.189.149/adbs
Details Url 1 
http://185.62.189.149/adbs2
Details Url 1 
http://95.215.62.169/adbs