ioc[.]one - OSINT Cyber Threat Intelligence Database

GPlayed Trojan - .Net playing with Google Market

Tags

country:	Russia
attack-pattern:	Data Model Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Network Security Appliances - T1590.006 Server - T1583.004 Server - T1584.004 Sms Messages - T1636.004 Software - T1592.002 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	eeb7922f-5741-4f07-a079-0aa369e63bd8
Fingerprint	aeae1db52d529fc9
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 11, 2018, 1:31 p.m.
Added to db	Jan. 18, 2023, 10 p.m.
Last updated	Nov. 14, 2024, 2:04 p.m.
Headline	GPlayed Trojan - .Net playing with Google Market
Title	GPlayed Trojan - .Net playing with Google Market
Detected Hints/Tags/Attributes	62/2/18

Source URLs

	Redirection	Url
Details	Source	https://malware.news/t/gplayed-trojan-net-playing-with-google-market/23491

URL Provider

Details	Provider	Source level domain
Details	malware.news	malware.news

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	52		android.app
Details	Domain	904		snort.org
Details	Domain	3		sub1.tdsworker.ru
Details	Domain	7		feedproxy.google.com
Details	File	2		reznov.dll
Details	File	2		ecommon.dll
Details	File	2		testcc.php
Details	File	3		package.apk
Details	File	1		gplayedtrojan.html
Details	sha256	2		a342a16082ea53d101f556b50532651cd3e3fdc7d9e0be3aa136680ad9c6a69f
Details	sha256	2		604deb75eedf439766896f05799752de268baf437bf89a7185540627ab4a4bd1
Details	sha256	2		17b8665cdbbb94482ca970a754d11d6e29c46af6390a2d8e8193d8d6a527dec3
Details	IPv4	2		5.9.33.226
Details	IPv4	2		172.110.10.171
Details	Url	2		http://5.9.33.226:5416
Details	Url	2		http://172.110.10.171:85/testcc.php
Details	Url	2		http://sub1.tdsworker.ru:5555/3ds
Details	Url	1		http://feedproxy.google.com/~r/feedburner/talos/~3/fq4plwizbto/gplayedtrojan.html