Skip to content

Latest commit

 

History

History
61 lines (53 loc) · 2.44 KB

README.adoc

File metadata and controls

61 lines (53 loc) · 2.44 KB
Raw

Doctor Web identifies an attack on Android-based TV sets and TV boxes ― Indicators of compromise

Samples

Detection name Path SHA-1

Android.Pandora.4

assets/gomediad.so

eb7e9c854508dbfbc3205c42d65efc65fe2aec94

Tool.AppProcessShell.1

./classes.dex

87005061e5e4ebca28c9463be19f5da6a5ee275d

Android.Pandora.15

.tmp.sh

f347afa9e35dbbfc27f5aa3f27ef2fd22e628909

Android.Pandora.2

/system/bin/pandoraspearrk

14215a93ed5d0a86f31aab0b2d7be6db8a45a371

Android.Pandora.1

/system/bin/pandoraspear

a4af993540ff66d3989f1bed013a5b9e86c06f47

Android.Pandora.10

/system/bin/pandoraspear

315ce059dc226831b691e12cf954d9ed038075ca

Android.Pandora.3

com.global.latinotvod (apk)

59c9f06b3ff2abceb7116ffc9f4566d2466ae4c4

Android.Pandora.7, Android.Pandora.5

com.world.youcinetv (apk)

533770922093f567ba6f976308c847cc313786a6

Android.Pandora.7, Android.Pandora.5

com.world.youcinetv (apk)

79759135952f88403fe38f242fea42c191412484

Android.Pandora.7, Android.Pandora.5

com.world.youcinetv (apk)

9c3b326f38118dd6bcde52c78b39e7665bf56f22

Android.Pandora.17

com.android.msandroid (apk)

38505df840791e49797cb16e895fecc400e9e57f

Android.Pandora.17, Android.Pandora.19

com.global.latinotvod (apk)

a4d2b8bf7f166e99aa0db4336939cbbb8938603a

Android.Pandora.17, Android.Pandora.18

com.spanish.latinomobile (apk)

E4b4cc3bc9c7d8da00010dba040b7d500e4afce8

Android.Pandora.4

com.android.msandroid (apk)

Adaa93cf60ba47bb48892d7067156a1d4d03ed52

Android.Pandora.4

com.android.msandroid (apk)

864b477f97ce8640c8fbf60d73fbc5552883b20f

Android.Pandora.4

com.android.msandroid (apk)

952d9d39bccd3c0de975aca2d2ec577f8dac9934

Android.Pandora.5

com.world.youcinetv (apk)

c9a681d3406301ed24f3d27f480cc213862c2bc4

Android.Pandora.4

com.global.latinotvod (apk)

bdeee172f31cd4500bc10de3673bd48c65fd7e89

Android.Pandora.20

com.global.unitviptv (apk)

e7f67afe8ed036cb583c4a13319001e27179ce3b

Network indicators

Domains

youcineapp[.]com
magistv[.]video
tele-latino[.]com
telelatino[.]app
youcineapk[.]org
btvapp[.]net
youcine[.]one
youcinetv[.]app
youcinetv[.]page[.]link
latino9[.]com
fadfatest[.]pneydn[.]com
pandoramain-1794008345[.]us-west-2[.]elb[.]amazonaws[.]com
romatotti520[.]oicp[.]io
pandorabackup-1322908155[.]us-west-2[.]elb[.]amazonaws[.]com
pcn[.]panddna[.]com
ok3[.]mflve[.]com
apz[.]bsaldo[.]com
abcr[.]ftsym1[.]com
fadfa.gdalieyw[.]com

IPs

195[.]154.168[.]94