Rectifyq📃Title: Related CherryBlos and FakeTrade Android Malware Involved in Scam Campaigns
📅Date: 2023-07-28
🔗References:
🔖Rectifyq Taxonomies:
- relevancy: 🔴 Highly Relevant
- category: ⚔Threat
- sub-category: campaign-analysis
- target: broad-based
- MY-relevancy: relevant
- topic: mobile-attack
🔖MISP Galaxies:
- producer Trend-Micro
- target-information=“Indonesia”
- target-information=“Malaysia”
- target-information=“Mexico”
- target-information=“Philippines”
- target-information=“Uganda”
- target-information=“Vietnam”
- mitre-attack-pattern=[]
MISP event uuid: 594728ee-92ad-4f92-9f47-358cce216ba9
Indicator of Compromise (IoCs)
type,value,comment
hostname, 008c.hugeversapi.com, 'C&C server'
domain, chatgptc.io, 'Phishing'
hostname, gptc.m1m1mapi.com, 'C&C server'
domain, happyminder.buzz, 'Phishing'
url, https://dl.chatgptc.io/gptalkwallet.apk, 'Malware download URL'
url, https://dl.synthnet.ai/synthnet.apk, 'Malware download URL'
url, https://happyminder.buzz/happyminer.apk, 'Malware download URL'
url, https://www.robot999.net/robot999.apk, 'Malware download URL'
domain, robot999.net, 'Phishing'
domain, synthnet.ai, 'Phishing'
hostname, synthnet.m1m1mapi.com, 'C&C server'
hostname, wapi.hugeversapi.com, 'C&C server'
sha256, 8a01025d4ee1c9649d86ff74864c580a1773deb77b469dc1439e410ecff595e3, 'SynthNet No sample in VT\r\nLast check:12/05/2025'
Full IOCs available in Rectifyq's MISP```