Rectifyq📃Title: MA-789.062020: MyCERT Advisory - StayAtHome malicious APK campaign
📅Date: 2020-06-27
🔗References:
🔖Rectifyq Taxonomies:
- relevancy: 🔴 Highly Relevant
- category: ⚔Threat
- sub-category: campaign-analysis
- target: targeted
- MY-relevancy: relevant
🔖MISP Galaxies:
- target-information=“Malaysia”
- producer 4a61b42d-e3f0-4964-9d88-4aa96e24c31d
- mitre-attack-pattern=[]
MISP event uuid: 9c2e21c0-3bc1-4868-aa12-9eaaa790ec7a
Indicator of Compromise (IoCs)
type,value,comment
url, https://defase241.s3.eu-central-1.amazonaws.com/StayHomeMalaysia.apk, ''
url, https://fewfasdfwerta.s3.eu-central-1.amazonaws.com/StayAtHome.apk, ''
url, https://stayinghomemalaysia.s3.eu-central-1.amazonaw.com/StayingHomeMalaysia.apk, ''
url, https://20gbcampings.com/APK/20GBGift.apk, ''
url, https://fesastatre214s.s3.eu-central-1.amazonaws.com/Hadiah.apk, ''
domain, cabel1lan4ightice2.top, ''
domain, fe2rltao23ts.top, ''
domain, gladyobreic24e1s.top, ''
domain, ucuzplastk.tk, ''
ip-dst, 47.252.20.45, ''
ip-dst, 148.66.159.235, ''
Full IOCs available in Rectifyq's MISP```