2020-06-27 MA-789.062020 MyCERT Advisory - StayAtHome malicious APK campaign| Threat Intelligence Malaysia

📃Title: MA-789.062020: MyCERT Advisory - StayAtHome malicious APK campaign
📅Date: 2020-06-27
🔗References:

https://mycert.org.my/portal/advisory?id=MA-789.062020

🔖Rectifyq Taxonomies:

relevancy: 🔴 Highly Relevant
category: ⚔Threat
sub-category: campaign-analysis
target: targeted
MY-relevancy: relevant

🔖MISP Galaxies:

target-information=“Malaysia”
producer= 4a61b42d-e3f0-4964-9d88-4aa96e24c31d
mitre-attack-pattern=[]

MISP event uuid: 9c2e21c0-3bc1-4868-aa12-9eaaa790ec7a

Indicator of Compromise (IoCs)

type,value,comment
md5, b4546bfaa3f339f624a9fe8e64a682e1, ''
md5, 8ff52a49b6efc41c5bd3f77c406297f3, ''
md5, 548bae857891cc7e578031922def6c5a, ''
md5, b61c8f5157a38a1b40b4294be3e8cb29, ''
md5, 69efe778721dcd66bbd7ed1eaf2ae116, ''
url, https://defase241.s3.eu-central-1.amazonaws.com/StayHomeMalaysia.apk, ''
url, https://fewfasdfwerta.s3.eu-central-1.amazonaws.com/StayAtHome.apk, ''
url, https://stayinghomemalaysia.s3.eu-central-1.amazonaw.com/StayingHomeMalaysia.apk, ''
url, https://20gbcampings.com/APK/20GBGift.apk, ''
url, https://fesastatre214s.s3.eu-central-1.amazonaws.com/Hadiah.apk, ''
domain, cabel1lan4ightice2.top, ''
domain, fe2rltao23ts.top, ''
domain, gladyobreic24e1s.top, ''
domain, ucuzplastk.tk, ''
ip-dst, 47.252.20.45, ''
ip-dst, 148.66.159.235, ''

Full IOCs available in Rectifyq’s MISP

Rectifyq

Explorer

2020-06-27 MA-789.062020 MyCERT Advisory - StayAtHome malicious APK campaign

Indicator of Compromise (IoCs)

🔴 Latest Relevant 🇲🇾 Threat Articles

2026-04-30 Inside Shadow-Earth-053 A China-Aligned Cyberespionage Campaign Against Government and Defense Sectors in Asia

2026-04-29 Phoenix Rising Exposing the PhaaS Kit Behind Global Mass Phishing Campaigns

2026-04-21 GhostCargo, a 5-years campaign

Graph View