Android Banking Malware Masquerading as Email App Targets German Banks
Tags
| cmtmf-attack-pattern: | Masquerading |
| country: | Germany |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Model Contact List - T1636.003 Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Sms Messages - T1636.004 Social Media - T1593.001 Masquerading - T1036 Masquerading |
Common Information
| Type | Value |
|---|---|
| UUID | a71e50a4-a842-48a6-a0e4-57ced9f99cf5 |
| Fingerprint | fc64b9198923b68f |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Nov. 18, 2016, midnight |
| Added to db | Jan. 18, 2023, 11:17 p.m. |
| Last updated | Sept. 2, 2024, 10:53 p.m. |
| Headline | Android Banking Malware Masquerading as Email App Targets German Banks |
| Title | Android Banking Malware Masquerading as Email App Targets German Banks |
| Detected Hints/Tags/Attributes | 39/4/15 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | com.qihoo.security |
|
| Details | Domain | 4 | com.kms.free |
|
| Details | Domain | 2 | com.eset.ems2.gp |
|
| Details | Domain | 1 | com.eset.ems.gp |
|
| Details | Domain | 1 | com.cleanmaster.security |
|
| Details | Domain | 1 | droiddudes.best |
|
| Details | Domain | 1 | com.womboidsystems.antivirus.security.android |
|
| Details | Domain | 2 | banker.gt |
|
| Details | Domain | 2 | polo777555lolo.at |
|
| Details | Domain | 2 | polo569noso.at |
|
| Details | Domain | 2 | wahamer8lol77j.at |
|
| Details | File | 1 | b.ai |
|
| Details | File | 1 | antivirus.tab |
|
| Details | File | 2 | dianxinos.opt |
|
| Details | sha256 | 1 | 216cde0f92e601ec0e65218f9cc13dc22bdf6cb7e46c2d2a22a7dc4488238e1b |