ioc[.]one - OSINT Cyber Threat Intelligence Database

Attack on Zygote: a new twist in the evolution of mobile threats

Tags

country:	China
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Direct Broadcast Receivers - T1402 Botnet - T1583.005 Botnet - T1584.005 Broadcast Receivers - T1624.001 Domains - T1583.001 Domains - T1584.001 Hooking - T1617 Inter-Process Communication - T1559 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Sms Messages - T1636.004 Software - T1592.002 Vulnerabilities - T1588.006 Hooking - T1179 Hooking

Show in Graph

Common Information

Type	Value
UUID	cc621344-f8ce-4116-b99a-d5706bfb0dec
Fingerprint	ef259913a8b587c1
Analysis status	DONE
Considered CTI value	0
Text language
Published	March 3, 2016, 11:58 a.m.
Added to db	Sept. 26, 2022, 9:30 a.m.
Last updated	Nov. 8, 2024, 12:42 a.m.
Headline	Attack on Zygote: a new twist in the evolution of mobile threats
Title	Attack on Zygote: a new twist in the evolution of mobile threats
Detected Hints/Tags/Attributes	79/3/41

Source URLs

	Redirection	Url
Details	Source	https://securelist.com/attack-on-zygote-a-new-twist-in-the-evolution-of-mobile-threats/74032/

URL Provider

Details	Provider	Source level domain
Details	securelist.com	securelist.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	bridgeph2.zgxuanhao.com
Details	Domain	1	bridgeph3.zgxuanhao.com
Details	Domain	1	bridgeph4.zgxuanhao.com
Details	Domain	1	bridgeph2.viewvogue.com
Details	Domain	1	bridgeph3.viewvogue.com
Details	Domain	1	bridgeph4.viewvogue.com
Details	Domain	1	bridgecr1.tailebaby.com
Details	Domain	1	bridgecr2.tailebaby.com
Details	Domain	1	bridgecr3.tailebaby.com
Details	Domain	1	bridgecr4.tailebaby.com
Details	Domain	1	bridgecr1.hanltlaw.com
Details	Domain	1	bridgecr2.hanltlaw.com
Details	Domain	1	bridgecr3.hanltlaw.com
Details	Domain	1	bridgecr4.hanltlaw.com
Details	Domain	1	libconfigpppm.so
Details	Domain	1	libconfigpppl.so
Details	Domain	52	android.app
Details	Domain	188	com.android
Details	Domain	7	com.android.phone
Details	Domain	1	com.android.system.google.server.info
Details	Domain	2	com.android.system.guardianship.info
Details	Domain	3	com.android.email
Details	Domain	4	android.process.media
Details	Domain	1	com.ops.sms.core.broadcast.back.open.gprs.network
Details	Domain	1	libsmsiap.so
Details	File	1	androidguardianship.apk
Details	File	1	googleserverinfo.apk
Details	File	1	usbusageinfo.apk
Details	File	1	socialgraphop.db
Details	File	1	cpppimpt.db
Details	File	1	configpppl.jar
Details	File	20	dalvik.sys
Details	File	16	lang.sys
Details	File	20	android.settings
Details	File	30	android.sys
Details	File	4	server.inf
Details	File	2	guardianship.inf
Details	File	5	android.contact
Details	File	1	sms.core
Details	File	1	pismscore.ini
Details	File	1	pimmcrack.ini