ioc[.]one - OSINT Cyber Threat Intelligence Database

Deep Dive into an Obfuscation-as-a-Service for Android Malware - GoSecure

Tags

country:	Russia
maec-delivery-vectors:	Watering Hole
attack-pattern:	Botnet - T1583.005 Botnet - T1584.005 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Vulnerabilities - T1588.006

Show in Graph

Common Information

Type	Value
UUID	c4e51869-6314-4650-a339-f98364bd29c1
Fingerprint	b76c898189338de7
Analysis status	DONE
Considered CTI value	2
Text language
Published	Dec. 2, 2020, midnight
Added to db	Sept. 26, 2022, 9:30 a.m.
Last updated	Nov. 17, 2024, 5:57 p.m.
Headline	Deep Dive into an Obfuscation-as-a-Service for Android Malware
Title	Deep Dive into an Obfuscation-as-a-Service for Android Malware - GoSecure
Detected Hints/Tags/Attributes	51/3/38

Source URLs

	Redirection	Url
Details	Source	https://www.gosecure.net/blog/2020/12/02/deep-dive-into-an-obfuscation-as-a-service-for-android-malware/

URL Provider

Details	Provider	Source level domain
Details	gosecure.net	www.gosecure.net

Attributes

Details	Type	#Events	Value
Details	Domain	6	apklab.io
Details	Domain	1	ccc1ccc.ru
Details	Domain	1	bbb1bbb.ru
Details	Domain	1	rakason.ru
Details	Domain	1	static.66.170.99.88.clients.your-server.de
Details	Domain	1	orucakacdkkaldi.com
Details	Domain	1	ba2a.com
Details	Domain	1	selammigo34.com
Details	Domain	1	gunaydinmorroc.com
Details	Domain	1	hnoraip.world
Details	Domain	1	kalyanshop.best
Details	Domain	1	dontworryman.club
Details	Domain	1	placeoftomcat.club
Details	Domain	1	eee5eee.ru
Details	Domain	1373	twitter.com
Details	Domain	1	myluckycorp.com
Details	File	35	strings.xml
Details	File	1	ids.xml
Details	File	18	flare.sys
Details	sha1	1	a48fea41f84dc357ff164b7f2f35e8f09bb8305d
Details	sha1	1	3d81adfef37e817ceb0a45d62d314af1eba27374
Details	sha1	2	98bb4315a5ee3f92a3275f08e45f7e35d9995cd2
Details	sha1	1	d9872e32b5f4cda4aea7beed32ae3f23c753987b
Details	sha1	1	4c3a1103960780cc890831280b37ea3a20754fad
Details	sha1	1	494e7942be0ca873ea49e5cf33bed10aa1e7faf7
Details	IPv4	1	66.170.99.88
Details	IPv4	1	104.217.127.209
Details	IPv4	1	108.187.35.84
Details	IPv4	1	34.91.209.109
Details	IPv4	1	104.217.127.131
Details	IPv4	1	46.227.68.99
Details	IPv4	1	81.177.139.80
Details	IPv4	6	194.58.112.174
Details	IPv4	1	217.8.117.15
Details	IPv4	1	142.250.102.188
Details	IPv4	3	107.161.23.204
Details	IPv4	3	209.141.38.71
Details	IPv4	3	192.161.187.200