forked from stamparm/maltrail
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathandroid_facestealer.txt
87 lines (60 loc) · 3.02 KB
/
android_facestealer.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
# Copyright (c) 2014-2022 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission
# Aliases: flytrap
# Reference: https://news.drweb.com/show/?i=14244&lng=en
# Reference: https://github.com/DoctorWebLtd/malware-iocs/blob/master/Android.PWS.Facebook/README.adoc
# Reference: https://www.virustotal.com/gui/file/6a4c430a032f833fad3477f017a83427db73a58c2efd1e836e88a866c1b80607/detection
applockkeep.xyz
applockmaster.xyz
horoscopedaily.xyz
horoscopemagic.xyz
inwellfitness.xyz
lockitmaster.xyz
superbrightflashlight.xyz
cc.horoscopemagic.xyz
data.applockkeep.xyz
data.horoscopedaily.xyz
mm.superbrightflashlight.xyz
mxi.applockmaster.xyz
shop.vfgrl.com
wap.inwellfitness.xyz
wap.lockitmaster.xyz
# Reference: https://twitter.com/Cuser07/status/1458420592042934276
# Reference: https://twitter.com/sh1shk0va/status/1461665573247594498
build8.life
jobone.host
kcoffni.xyz
# Reference: https://www.virustotal.com/gui/file/b2fa24bc68c7b410037a4a7234c1e7cb1a2890360195f5fae07f773a3b3f9f9a/detection
fridaybook.live
# Reference: https://twitter.com/ReBensk/status/1480177022701694976
# Reference: https://www.virustotal.com/gui/file/d85b8b520c5857c1dedf36918f1257720dc5dab47315b9b2da371b70306727a5/detection
roxum.info
# Reference: https://blog.zimperium.com/flytrap-android-malware-compromises-thousands-of-facebook-accounts/
# Reference: https://otx.alienvault.com/pulse/611392538c3c01b12885549a
http://47.57.237.26
165.232.173.244:3023
manage-ads.com
quanlysanpham.work
# Reference: https://twitter.com/ReBensk/status/1483344828851441664
# Reference: https://www.virustotal.com/gui/domain/vpacket.cc/relations
# Reference: https://www.virustotal.com/gui/file/e1ee8693c59bbca5c5ff979ad35dcc3cfddf5a0a7b4cc6818e3dc980fea33b89/detection
vpacket.cc
api.vpacket.cc
# Reference: https://labs.k7computing.com/index.php/facestealer-the-rise-of-facebook-credential-stealer-malware/
webtrace.club
/api_v0/udata
# Reference: https://www.virustotal.com/gui/file/9f8e2b5730722e78bb3df03f9465f99dd583d63a6b1bcaf2f70fe437e0433f9b/detection
# Reference: https://www.virustotal.com/gui/file/19b80966c27ac3e0668942b8916ec1aba6556384ade7e61a21015a7a2baafd03/detection
name888.life
# Reference: https://www.virustotal.com/gui/file/6590c5e57f483a949e3f420b50e6b9b9caec0be71bcf7b32ec5b1eeb6445dec6/detection
dozenorms.club
# Reference: https://www.trendmicro.com/en_us/research/22/e/fake-mobile-apps-steal-facebook-credentials--crypto-related-keys.html
# Reference: https://otx.alienvault.com/pulse/628389be899915f3a5c86e87
sufen168.space
# Reference: https://www.virustotal.com/gui/file/016ac0393763684dd9539c1a17748e6bec838b4614f0c72311ca130a735a2348/detection
hefreesstate.xyz
# Reference: https://twitter.com/malwrhunterteam/status/1528097861472342017
# Reference: https://www.virustotal.com/gui/file/a07e63fb0b0edc75361f191c3c15fad4f0fbffbbd73369499c0e393a4add7547/detection
http://95.179.165.48
# Reference: https://www.virustotal.com/gui/file/85fd33f70ad2cdbd887ca23f656063d5444a80277dc3a3febccdc33ef303d4d7/detection
lockmanagerpro.top