ioc[.]one - OSINT Cyber Threat Intelligence Database

Roaming Mantis dabbles in mining and phishing multilingually

Tags

country:	Argentina Brunei Bangladesh Bulgaria Timor Leste Germany India Indonesia Italy Japan South Korea Spain Thailand Poland Portugal Turkey Russia Saint Helena Ukraine U.S. Virgin Islands
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Credentials - T1589.001 Dns - T1071.004 Dns - T1590.002 Dns Server - T1583.002 Dns Server - T1584.002 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004

Show in Graph

Common Information

Type	Value
UUID	bb5f006d-93bd-4584-b01d-fe10936a6292
Fingerprint	de2519018a347fc8
Analysis status	DONE
Considered CTI value	2
Text language
Published	May 18, 2018, 10 a.m.
Added to db	Feb. 18, 2023, 12:05 a.m.
Last updated	Nov. 17, 2024, 5:56 p.m.
Headline	Roaming Mantis dabbles in mining and phishing multilingually
Title	Roaming Mantis dabbles in mining and phishing multilingually
Detected Hints/Tags/Attributes	91/3/74

Source URLs

	Redirection	Url
Details	Source	https://securelist.com/roaming-mantis-dabbles-in-mining-and-phishing-multilingually/85607/

URL Provider

Details	Provider	Source level domain
Details	securelist.com	securelist.com

Attributes

Details	Type	#Events	Value
Details	Domain	3	security.apple.com
Details	Domain	2	my.tv.sohu.com
Details	Domain	46	www.baidu.com
Details	Domain	272	outlook.com
Details	Domain	2	trojan-banker.androidos.wroba.al
Details	Domain	2	shaoye11.hopto.org
Details	Domain	3	haoxingfu01.ddns.net
Details	File	4	facebook.apk
Details	File	8	chrome.apk
Details	File	3	data.sql
Details	md5	1	fbe10ce5631305ca8bf8cd17ba1a0a35
Details	md5	2	f3ca571b2d1f0ecff371fb82119d1afe
Details	md5	2	4d9a7e425f8c8b02d598ef0a0a776a58
Details	md5	2	03108e7f426416b0eaca9132f082d568
Details	md5	1	07eab01094567c6d62a73f7098634eb8
Details	md5	2	1cc88a79424091121a83d58b6886ea7a
Details	md5	2	2a1da7e17edaefc0468dbf25a0f60390
Details	md5	2	31e61e52d38f19cf3958df2239fba1a7
Details	md5	2	34efc3ebf51a6511c0d12cce7592db73
Details	md5	1	531714703557a58584a102ecc34162ff
Details	md5	2	904b4d615c05952bcf58f35acadee5c1
Details	md5	1	9f94c34aae5c7d50bc0997d043df032b
Details	md5	2	a21322b2416fce17a1877542d16929d5
Details	md5	2	b84b0d5f128a8e0621733a6f3b412e19
Details	md5	2	bd90279ad5c5a813bc34c06093665e55
Details	md5	1	cc1e4d3af5698feb36878df0233ab14a
Details	md5	2	ff163a92f2622f2b8330a5730d3d636c
Details	md5	2	808b186ddfa5e62ee882d5bdb94cc6e2
Details	md5	1	ee0718c18b2e9f941b5d0327a27fbda1
Details	md5	1	13c8dda30b866e84163f82b95008790a
Details	md5	2	19e3daf40460aea22962d98de4bc32d2
Details	md5	1	1b984d8cb76297efa911a3c49805432e
Details	md5	2	36b2609a98aa39c730c2f5b49097d0ad
Details	md5	2	3ba4882dbf2dd6bd4fc0f54ec1373f4c
Details	md5	1	46c34be9b3ff01e73153937ef35b0766
Details	md5	1	5145c98d809bc014c3af39415be8c9ac
Details	md5	1	6116dc0a59e4859a32caddaefda4dbf4
Details	md5	2	8a4ed9c4a66d7ccb3d155f85383ea3b3
Details	md5	1	a5d2403b98cddcd80b79a4658df4d147
Details	md5	2	b43335b043212355619fd827b01be9a0
Details	md5	1	b4152bee9eca9eb247353e0ecab37aa5
Details	md5	2	b7afa4b2dafb57886fc47a1355824199
Details	md5	1	bf5538df0688961ef6fccb5854883a20
Details	md5	2	f89214bfa4b4ac9000087e4253e7f754
Details	md5	2	6cac4c9eda750a69e435c801a7ca7b8d
Details	md5	1	e56cccd689a9e354cb539bb069733a43
Details	md5	1	fe0198f4b3d9dc501c2b7db2750a228b
Details	md5	2	1bd7815bece1b54b7728b8dd16f1d3a9
Details	md5	1	28ef823d10a3b78f8840310484e3cc69
Details	md5	2	307d2780185ba2b8c5ad4c9256407504
Details	md5	1	3e01b64fb9fe9605fee7c07e42907a3b
Details	md5	2	3e4bff0e8ed962f3c420692a35d2e503
Details	md5	1	3ed3b8ecce178c2e977a269524f43576
Details	md5	2	57abbe642b85fa00b1f76f62acad4d3b
Details	md5	2	6e1926d548ffac0f6cedfb4a4f49196e
Details	md5	1	6d5f6065ec4112f1581732206539e72e
Details	md5	2	7714321baf6a54b09baa6a777b9742ef
Details	md5	2	7aa46b4d67c3ab07caa53e8d8df3005c
Details	md5	2	a0f88c77b183da227b9902968862c2b9
Details	md5	1	b964645e76689d7e0d09234fb7854ede
Details	IPv4	1	172.247.116.155
Details	IPv4	2	220.136.78.40
Details	IPv4	2	220.136.73.107
Details	IPv4	3	43.240.14.44
Details	IPv4	1	118.168.201.70
Details	IPv4	1	118.168.202.125
Details	IPv4	2	128.14.50.147
Details	IPv4	2	220.136.76.200
Details	IPv4	2	220.136.111.66
Details	IPv4	2	220.136.179.5
Details	IPv4	1	220.136.182.72
Details	Url	1	http://security.apple.com
Details	Url	2	http://my.tv.sohu.com/user/%s
Details	Url	2	https://www.baidu.com/p/%s/detail