Mobile threat intelligence for the masses

Try a real life example of Pithus on TryHackMe: Android Malware Analysis
Search by fuzzy hash

Results

Attribute: domains

c-hzgt2.getui.com

Attribute: domains_analysis._name

c-hzgt2.getui.com

Threat level: High Risk
com.att.mobilesecurity
885701f788fc23c690648f3ecadc54e1b285090e2ead0fe09cc6795395371f5d
AT&T Mobile Security
Version: 3020215
First seen: 2022-05-06T03:38:11.297285
Attribute: domains

c-networkauth.att.com

Attribute: domains_analysis._name

c-networkauth.att.com

Threat level: Moderate Risk
com.samsung.android.voc
64ab5f94e6d588b8a9a77e9a470daf6a776f27abe449c0c9ca1378627f521b28
Samsung Members
Version: 410013000
First seen: 2022-04-24T20:57:00.908235
Attribute: domains

c-contactus.samsung.com

Attribute: domains_analysis._name

c-contactus.samsung.com

Threat level: Moderate Risk
com.yh.android.sdwifi
e3f4b0994a995b50b3ef75a653c6b1b6d7bb905a8dc4d461c66e29a961aeee74
闪电WiFi
Version: 11070819
First seen: 2022-04-08T07:30:44.016653
Attribute: domains

c-w-s.applk.cn

Attribute: domains_analysis._name

c-w-s.applk.cn

Threat level: High Risk
com.samsung.android.game.gos
997b3e33474c8b7929bbaa62b3f2bbd9d0fcbf0e0ac5ef96049324ff0f931f40
Game Optimizing Service
Version: 350200007
First seen: 2022-04-07T19:50:22.632740
Attribute: domains

c-api.stg-gos-gsp.io
c-api.dev-gos-gsp.io
c-api.gos-gsp.io

Attribute: domains_analysis._name

c-api.stg-gos-gsp.io
c-api.dev-gos-gsp.io
c-api.gos-gsp.io

Threat level: Moderate Risk
Attribute: domains

c-hzgt2.getui.com

Attribute: domains_analysis._name

c-hzgt2.getui.com

14/59
com.aixuedai.axd
bcc9e21a4f70fbfa876ab0efbadf4a4d78188d80d0b440a58d531be218c661d5
爱又米
Version: 117
First seen: 2022-03-08T08:57:52.583293
Attribute: domains

c-hzgt2.getui.com

Attribute: domains_analysis._name

c-hzgt2.getui.com

4/61
com.dafangya.app.pro
12306cf26194df31b9f74388d583a6b7a826246199e0d1d355d73a53b9211f96
大房鸭
Version: 870009
First seen: 2022-03-01T09:05:47.974953
Attribute: domains

c-adash.m.taobao.com

Attribute: domains_analysis._name

c-adash.m.taobao.com

1/62
com.douban.book.reader
da6347912c03f0b5e9e843abecf5572a0b355b031c4956da36a29e6d5de28494
豆瓣阅读
Version: 331
First seen: 2022-02-15T13:36:28.662715
Attribute: domains

c-hzgt2.getui.com

Attribute: domains_analysis._name

c-hzgt2.getui.com

1/59
com.freebpload.bloodpressdaily
1218552e14c99f581a3fc6a0a58c75420e573d5247eadd5d299ad15f067c3db8
Free BP Recorder
Version: 15
First seen: 2022-02-09T19:56:34.095099
Attribute: domains

c-ssl.duitang.com

Attribute: domains_analysis._name

c-ssl.duitang.com

18/62
me.yidui
6ad16ee75d573afa7bb4c1deb37d3ccb514f3fac03dedc51b7a6e92d53bbff63
伊对
Version: 804
First seen: 2022-02-09T02:15:39.247383
Attribute: domains

c-hzgt2.getui.com

Attribute: domains_analysis._name

c-hzgt2.getui.com

Threat level: High Risk
com.yitantech.penta
fa3c0eab2b21a0bf9fc80e3057df707c92b46df1f429f9bd7852e02ea07c1531
耶扑
Version: 784
First seen: 2022-02-08T11:54:05.837545
Attribute: domains

c-hzgt2.getui.com

Attribute: domains_analysis._name

c-hzgt2.getui.com

Threat level: High Risk
com.taptap.global
468a41075be3688eb8d09ca04b6a99b0d8f440780222f7658af73c7b19c96fdf
TapTap
Version: 222003000
First seen: 2022-02-01T23:03:54.094886
Attribute: domains

c-adash.m.taobao.com

Attribute: domains_analysis._name

c-adash.m.taobao.com

Threat level: High Risk
com.mobvoi.push
f08e153af4d4b158cb6fb8b575279a7d2d84ff407d0889273c40a169c95fdd28
MobvoiPush
Version: 1
First seen: 2022-01-14T09:31:36.018032
Attribute: domains

c-hzgt2.getui.com

Attribute: domains_analysis._name

c-hzgt2.getui.com

Threat level: Moderate Risk
com.mobvoi.baiding
b6cbce65e9e4478d22078eb331a47c858053452d11823a36ead02c75802a0911
出门问问
Version: 90635894
First seen: 2022-01-14T09:19:11.677064
Attribute: domains

c-hzgt2.getui.com

Attribute: domains_analysis._name

c-hzgt2.getui.com

Threat level: High Risk
com.broaddeep.safe.childrennetguard
f7d8b684c18a23c918581654517326a148e45b0063281117513dcd3ad782c083
阳光守护-孩子
Version: 11010
First seen: 2022-01-06T15:21:25.326543
Attribute: domains

c-hzgt2.getui.com

Attribute: domains_analysis._name

c-hzgt2.getui.com

Threat level: High Risk
pro.huobi
000a07400594e445835b71f80a6f6f85488ead4e414922af4bf90ca674f6d497
hbg_account
Version: 404
First seen: 2021-12-30T10:47:44.025210
Attribute: domains

c-hzgt2.getui.com

Attribute: domains_analysis._name

c-hzgt2.getui.com

2/61
com.samsung.android.game.gos
77cb6891baf8e332bff28a3569d2d3710a5951653e4d9f3d766a0b09c333cf33
Game Optimizing Service
Version: 210200000
First seen: 2021-11-13T05:55:27.483094
Attribute: domains

c-api.game-mode.net
c-api-dev.game-mode.net
c-api-stg.game-mode.net

Attribute: domains_analysis._name

c-api.game-mode.net
c-api-dev.game-mode.net
c-api-stg.game-mode.net

Threat level: Moderate Risk
com.box.aiqu
aa163eafce38e5625c6700bd2a780f88c389a3e0fa95a12ada73412c4892de3e
爱趣游戏
Version: 144
First seen: 2021-11-12T04:06:40.625744
Attribute: domains

c-adash.m.taobao.com

Attribute: domains_analysis._name

c-adash.m.taobao.com

Threat level: High Risk
cn.kuwo.player
e7c5cc325752b3aa36fbd40be802c8e2da07f0dfe310dc8e9324ee64cc0c40f0
酷我音乐
Version: 9311
First seen: 2021-10-13T02:32:00.045232
Attribute: domains

c-gtc.getui.com
c-hzgt2.getui.com

Attribute: domains_analysis._name

c-gtc.getui.com
c-hzgt2.getui.com

2/58
com.ecgtbxfo.pqgkivp
d190fd3c695e2ca36235832834912ed02f3d64038600d525991c8024c6196839
Video Player
Version: 1
First seen: 2021-10-12T04:26:46.975907
Attribute: domains

c-hzgt2.getui.com

Attribute: domains_analysis._name

c-hzgt2.getui.com

Threat:
18/63
Android.Infostealer.Bian
com.nymydtfhlduirn.eezg
0e5901cfa496e8e61f284a9433bc242faa45462b13167cf736b6167382130758
Flash Player 11.5.1
Version: 1
First seen: 2021-09-23T20:25:37.725590
Attribute: domains

c-hzgt2.getui.com

Attribute: domains_analysis._name

c-hzgt2.getui.com

12/62
cn.nice.fullwallpaper
db8f5b66ee0221dc892867fb5594fe2a6dc1a140ebbb80d0a00a305f019b07c6
Nice Wallpaper
Version: 17271
First seen: 2021-07-31T06:31:27.099773
Attribute: domains

c-ssl.duitang.com

Attribute: domains_analysis._name

c-ssl.duitang.com

3/63
com.kayaya.tao.tomcat
001292a595eb39ce04fd0a1c2b1de3d8799f72d20b90dd5f0ae73568b948db7c
Talking Tom 3
Version: 1
First seen: 2021-07-14T11:22:04.544183
Attribute: domains

www3.c

Attribute: domains_analysis._name

www3.c

29/61
Attribute: domains

c-hzgt2.getui.com

Attribute: domains_analysis._name

c-hzgt2.getui.com

Threat level: Moderate Risk
com.smule.autorap
abd0b1f2f779b581f739cbb0d4ab2999b94252e9398b3b10f0c7cdfc4b06a173
AutoRap
Version: 8170
First seen: 2021-06-22T11:03:18.777298
Attribute: domains

c-int-ash.smule.com
c-int-sf.smule.com

Attribute: domains_analysis._name

c-int-ash.smule.com
c-int-sf.smule.com

Threat level: Moderate Risk
com.citymobil
cdc39be672437c4f1b2876e1d8572ad4c0f5978120a13dedc19a12b5e75c171c
Ситимобил
Version: 803
First seen: 2021-05-12T21:15:44.171221
Attribute: domains

c-api.city-mobil.ru

Attribute: domains_analysis._name

c-api.city-mobil.ru

Threat level: Moderate Risk
com.zhiliaoapp.musically
c1b0a692a3f272ef79f1fb2a18b683b893c89a5301cdd57ae3bd4e8bbdfc55f7
TikTok
Version: 2021808410
First seen: 2021-03-31T08:34:21.811354
Attribute: domains

api21-normal-c-alisg.tiktokv.com
api16-core-c-useast1a.tiktokv.com
api21-core-c-alisg.tiktokv.com
api16-core-c-alisg.tiktokv.com
api16-normal-c-alisg.tiktokv.com

Attribute: domains_analysis._name

api21-normal-c-alisg.tiktokv.com
api16-core-c-useast1a.tiktokv.com
api21-core-c-alisg.tiktokv.com
api16-core-c-alisg.tiktokv.com
api16-normal-c-alisg.tiktokv.com

Threat level: Moderate Risk
com.google.android.gms
6a2813aca603ce2661bbbdf2ee97716b28530fdc256ce2bfd010ca73537b57b7
Google Play services
Version: 210612018
First seen: 2021-02-19T16:54:10.421390
Attribute: domains

www2.c

Attribute: domains_analysis._name

www2.c

1/62
com.snda.wifilocating
2c216a8b1fb216302138f45015be16cd6d3d7416235587be0f3a2f076ea769e0
WiFi Master Key
Version: 210201
First seen: 2021-02-16T17:41:23.757442
Attribute: domains

c-w.applk.cn

Attribute: domains_analysis._name

c-w.applk.cn

1/60
Attribute: domains

api3-normal-c-lf.snssdk.com

Attribute: domains_analysis._name

api3-normal-c-lf.snssdk.com

4/63