ioc[.]one - OSINT Cyber Threat Intelligence Database

AIRAVAT Malware Targeting Android Users

Tags

maec-delivery-vectors:

Watering Hole

attack-pattern:

Data Access Call Log - T1433 Access Contact List - T1432 Audio Capture - T1429 Call Log - T1636.002 Capture Sms Messages - T1412 Commonly Used Port - T1436 Contact List - T1636.003 Credentials - T1589.001 Data From Local System - T1533 Deliver Malicious App Via Other Means - T1476 Input Capture - T1417 Keylogging - T1056.001 Keylogging - T1417.001 Malware - T1587.001 Malware - T1588.001 Multi-Factor Authentication - T1556.006 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Sms Messages - T1636.004 Software - T1592.002 Video Capture - T1512 Input Capture - T1056 Wipe Device Data - Mob-T1050

Show in Graph

Common Information

Type	Value
UUID	df4da949-6fb0-43f8-bb5f-6e546c686190
Fingerprint	bc210c198333aec9
Analysis status	DONE
Considered CTI value	2
Text language
Published	July 13, 2022, midnight
Added to db	Jan. 16, 2023, 3:58 p.m.
Last updated	Nov. 7, 2024, 2:09 a.m.
Headline	AIRAVAT Malware Targeting Android Users
Title	AIRAVAT Malware Targeting Android Users
Detected Hints/Tags/Attributes	75/2/26

Source URLs

	Redirection	Url
Details	Source	https://blog.cyble.com/2022/07/13/airavat-malware-targeting-android-users/

URL Provider

Details	Provider	Source level domain
Details	cyble.com	blog.cyble.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	1		blindajeseguro.online
Details	Domain	1		jhon-30119-default-rtdb.firebaseio.com
Details	Domain	1		dragomitch.com
Details	File	2		version.apk
Details	md5	1		6fac9478a54847894dd18a4dd872193e
Details	md5	1		9518cc7b90498c97fa2644689cd7af05
Details	md5	1		c1b1be3d2060ba12de2bf1cab7a779a2
Details	sha1	1		faed58d2c8e8931e3e78cda0835d3851d13e295e
Details	sha1	1		d343bd8e54d0a5fbbb5ef95ba29e11169e0a6ed6
Details	sha1	1		d9eaf807b464dcd10ef4adf56253e5fc8d84cece
Details	sha256	1		ab91fcca30556555b8fe6128075c80c3bd906eed5facdc57f2e493ddbb37f779
Details	sha256	1		1d3be2cf4af7b2a976f17c6e3f09c925171c7496706aefd4518cd0de772bf2e6
Details	sha256	1		e2d37779a91da5bff2a066a614cb03d77fb2e17e36660ca838eab92b82d61440
Details	MITRE ATT&CK Techniques	13		T1476
Details	MITRE ATT&CK Techniques	14		T1412
Details	MITRE ATT&CK Techniques	11		T1432
Details	MITRE ATT&CK Techniques	9		T1433
Details	MITRE ATT&CK Techniques	22		T1429
Details	MITRE ATT&CK Techniques	19		T1533
Details	MITRE ATT&CK Techniques	10		T1512
Details	MITRE ATT&CK Techniques	7		T1447
Details	MITRE ATT&CK Techniques	7		T1417
Details	MITRE ATT&CK Techniques	6		T1436
Details	Url	1		http://blindajeseguro.online
Details	Url	1		https://jhon-30119-default-rtdb.firebaseio.com
Details	Url	1		https://dragomitch.com