Mirrors/ioc-collection
6
0
Fork 0
mirror of https://github.com/avast/ioc synced 2024-06-30 18:51:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
620551c0d6
ioc-collection/SMSFactory/README.md
avast-ti 620551c0d6
Add files via upload
2022-06-02 10:55:12 +02:00

2.2 KiB
Raw Blame History

IOC for SMSFactory

Android

SMSFactory has a few versions, each with numerous samples that are nearly identical in their malicious features. The IOCs include several samples from each version as well as C2 servers used to deliver commands.

Most recent version with SMS and call features

SHA256 Package name 453df13d0a713ceaaf4790d7d08475a5f770e0ddf3b99c7355e99ff1819f5e83 com.older.appearedbringing 5e0b625abb4125ffeb1ec375f36ad22d8f4699bb411067434b3a71688959e495 xyz.toe.punishmentdemo 315aa2102b04fef28347788c8e32b6b45c0fd395106f6415f8d08db368c85053 xyz.milfs.ebonyignored adea95a9b678220b6a5c54d54c3043f20c26ed9cbcc4ce304f2a737a98e7d1b4 com.introducing.incestpointer 26d527ffdbe35c1a3cac05a490bca36d3eae13a897648ee7ff81e0c412ce5a54 net.apart.behavioralrefinance a01808e5b4d57f31bd17b1d8a2422d23d52f618e3284732449f7d22139d0eb36 xyz.bachelor.desktopscooking

Version with conditions and admin access

SHA256 Package name a57fdb5f8845022cbcb33e62bfe8fc8757391b64fbfb6be87eb7e71e92c538f5 way.heaven.cringe.stop 5e13ba4cd22e59f9dec180a050865348f8c64147527f5d52a6f467e51201a29a mueres.vives.elige.wise befbb3ab3711a991903a0cdac8d9f3782bc460c75fece4d9e8b01aba7394acd7 panama.tony.exit.roma 58557cbb1cffa5f50bd2f70e205edca5f2b037bda0e99a2dfe3b1035cc0ff497 scope.submarine.maza.zoo a9c24f54503c58b73bffa20bd4fb77bd424e01d3014a949a41de638f6841a45f casius.klay.tropa.roop a0d0ded55f9bf2d286c5eac230b998a5e4ec6bbd894ff2dd0da97fd1079b4a92 period.inform.crash.troupe

Older game hack version with an icon

SHA256 Package name d7a6f57c30e04623b105fc83c0b8e85787e327accd0bf691af3b1da655f1d160 com.fortnite 0e278d7faf8dd97689297435f08bb5561c36151b4a3ef2c3ab0d024165170091 com.enlighten.lastlight.hack ff2a35970052a0d66802d543260f4eafc8ceac4ea0d3a709a1859b0f5914bef9 net.peakgames.amy.hack 06d1759e8b4cdce0bc2faa5f4678d83d64887570dd0dd6a04b596052ab2c7edd com.outfit7.mytalkingtomfree.hack 13f6322973ce58a0e20607e6167f3fb7925c494cdd627bdabdc2d78f87f3c38a com.pockettrend.neomonsters.hack 07fb68ae79c38a3a17222e7fa67bcb5e0bee5a8fe46e4a6b5caaf16135241f45 com.gamefirst.chibisurvivorlord.hack

C2

sms.service.mobilelinks[.]xyz krinterro[.]com phone.relario[.]xyz sms.relario[.]xyz