Pithus

Results

com.mxtech.videoplayer.ad
7881345a05fcf6c90f37bfefe3248c1a622907b66474cba48d44b85f68810371
MX Player

Version: 1310001631

First seen: 2022-06-18T11:57:24.890255

Attribute: domains

mxvp-feature-toggle-prod-1.zenmxapps.com

Attribute: domains_analysis._name

mxvp-feature-toggle-prod-1.zenmxapps.com

6/59

com.wire
cbd4c3123894f86445febad88a770c5792866f976b629359ad22c39e460a81b7

Wire

Version: 2649586

First seen: 2022-06-08T04:53:22.375432

Attribute: domains

prod-nginz-ssl.wire.com
prod-nginz-https.wire.com

Attribute: domains_analysis._name

prod-nginz-ssl.wire.com
prod-nginz-https.wire.com

Threat level: Moderate Risk

com.apkpure.aegon
8243f24e79798c3a34fe9e8abee3d9fe6f1a52bea2b2d83b90e10023dd395533

APKPure

Version: 3173511

First seen: 2022-05-12T18:08:14.272213

Attribute: domains

apkpure-firebase.firebaseio.com

Attribute: domains_analysis._name

apkpure-firebase.firebaseio.com

1/62

air.net.ideasam.games.cat
75d0ec626df61ef093ece04e1118013da147d20542cd584b3312970adf186374
Secret Cat Forest

Version: 1005025

First seen: 2022-05-12T12:35:12.199119

Attribute: domains

thecat-firebase.firebaseio.com

Attribute: domains_analysis._name

thecat-firebase.firebaseio.com

Threat level: Moderate Risk

com.apkpure.aegon
c36e88c1f2179582068316107fad16c66e27232cab6ffb3145ffd71b248518e5

APKPure

Version: 3175421

First seen: 2022-05-09T07:24:43.260482

Attribute: domains

apkpure-firebase.firebaseio.com

Attribute: domains_analysis._name

apkpure-firebase.firebaseio.com

Threat level: Moderate Risk

Similar samples:
com.apkpure.aegon

com.apkpure.aegon

com.apkpure.aegon
dcffe68a6033a951b435163ab3d0611f7c2c85b050f342f2f59e57744a264419

APKPure

Version: 3175421

First seen: 2022-05-09T07:24:06.751797

Attribute: domains

apkpure-firebase.firebaseio.com

Attribute: domains_analysis._name

apkpure-firebase.firebaseio.com

Threat level: Moderate Risk

Similar samples:
com.apkpure.aegon

com.apkpure.aegon

com.apkpure.aegon
c630e47a29ba2e6a7d5200601adbea30eaabd2763f32855e362eea70a6603201

APKPure

Version: 3175231

First seen: 2022-05-02T09:40:52.121624

Attribute: domains

apkpure-firebase.firebaseio.com

Attribute: domains_analysis._name

apkpure-firebase.firebaseio.com

Threat level: Moderate Risk

Similar samples:
com.apkpure.aegon

com.apkpure.aegon

com.eddress.getgoodys
d7fe5a4939888c2fc3befafacfcda99e68c5a53fc7eac06d544e8890ab5660e4
Gorillas

Version: 242

First seen: 2022-04-15T19:12:51.209399

Attribute: domains

prod-api.gorillas.io

Attribute: domains_analysis._name

prod-api.gorillas.io

Threat level: Moderate Risk

Similar samples:
com.eddress.getg…

com.sec.enterprise.knox.cloudmdm.smdms
dc8ed5b68b04bf3728afebf5171bc036eb238e583836a2bedff8263fc938322b
Knox Enrollment Service

Version: 218000100

First seen: 2022-03-30T12:46:55.247231

Attribute: domains

eu-prod-bulk.secb2b.com
cn-prod-bulk.secb2b.com.cn

Attribute: domains_analysis._name

eu-prod-bulk.secb2b.com
cn-prod-bulk.secb2b.com.cn

Threat level: Moderate Risk

com.apkpure.aegon
903fc72c4d61ed004b6aa9d7a50beb46dc000bb6eb1b85abc27e7f3a6cebe796

APKPure

Version: 3173851

First seen: 2022-03-16T11:35:00.310158

Attribute: domains

apkpure-firebase.firebaseio.com

Attribute: domains_analysis._name

apkpure-firebase.firebaseio.com

Threat level: Moderate Risk

Similar samples:
com.apkpure.aegon

com.apkpure.aegon
3eb2d120ef0828f4b0816c873166b7d80233e416c3c8ee5d271393507bcff3a7

APKPure

Version: 3174041

First seen: 2022-03-15T10:21:37.694487

Attribute: domains

apkpure-firebase.firebaseio.com

Attribute: domains_analysis._name

apkpure-firebase.firebaseio.com

Threat level: Moderate Risk

Similar samples:
com.apkpure.aegon

com.overlook.android.fing
9f430fcf94e952a081e3ef20b320240260fe0f127a25d4231e25b8a50e015016
Fing

Version: 110601002

First seen: 2022-02-14T14:33:02.880391

Attribute: domains

fing-firebase.firebaseio.com

Attribute: domains_analysis._name

fing-firebase.firebaseio.com

Threat level: Moderate Risk

Similar samples:
com.overlook.and…

com.yitantech.penta
fa3c0eab2b21a0bf9fc80e3057df707c92b46df1f429f9bd7852e02ea07c1531

耶扑

Version: 784

First seen: 2022-02-08T11:54:05.837545

Attribute: domains

ypp-prod-room.yupaopao.cn

Attribute: domains_analysis._name

ypp-prod-room.yupaopao.cn

Threat level: High Risk

com.overlook.android.fing
e222821e610d8380c874f17f33550d75db10fcb5e04253ac94b0f908bd0db689
Fing

Version: 110600002

First seen: 2022-02-02T12:03:49.117811

Attribute: domains

fing-firebase.firebaseio.com

Attribute: domains_analysis._name

fing-firebase.firebaseio.com

Threat level: Moderate Risk

Similar samples:
com.overlook.and…

com.eddress.getgoodys
717115d99a478f55ae09d859fcf6456f0c547b66319a6700587c51f2ec59e06c
Gorillas

Version: 240

First seen: 2022-01-26T17:22:10.683884

Attribute: domains

prod-api.gorillas.io

Attribute: domains_analysis._name

prod-api.gorillas.io

Threat level: Moderate Risk

Similar samples:
com.eddress.getg…

com.julofinance.juloapp
486aa38cbfd2fb9e94cc78107d4ae8f0f302b5bf7e12410d1b6cd8a64cb2aa5d

JULO

Version: 2262

First seen: 2022-01-21T07:03:48.125052

Attribute: domains

prod-cluster.julo.co.id

Attribute: domains_analysis._name

prod-cluster.julo.co.id

Threat level: Moderate Risk

com.wire
447f819b9ff47b5c01ae0abc8f6ed35d9755253d2672008d6136a72d581fdb9e

Wire

Version: 979

First seen: 2022-01-20T09:10:53.819666

Attribute: domains

prod-nginz-ssl.wire.com
prod-nginz-https.wire.com

Attribute: domains_analysis._name

prod-nginz-ssl.wire.com
prod-nginz-https.wire.com

Threat level: Moderate Risk

com.t101.android3.recon.play
f557656b3df2c8142ef4439869223036b2dceebf150d1a5bccc10aa91123f66d
Recon

Version: 2240400

First seen: 2021-12-23T20:12:46.337139

Attribute: domains

recon-images.t101cdn.net
t101-prod-recon-firebase.firebaseio.com

Attribute: domains_analysis._name

recon-images.t101cdn.net
t101-prod-recon-firebase.firebaseio.com

Threat level: Moderate Risk

com.wire
fa4ed92010e011f9a193a0481c1613b6bb30cc2595f47373a8fffb7aa8564a47

Wire

Version: 1889384

First seen: 2021-12-20T19:02:32.008069

Attribute: domains

prod-nginz-ssl.wire.com
prod-nginz-https.wire.com

Attribute: domains_analysis._name

prod-nginz-ssl.wire.com
prod-nginz-https.wire.com

Threat level: Moderate Risk

com.mxtech.videoplayer.ad
3e6f5c13a848d3ce17db1a9ecc25b8cb1e416f7a985455a79d549aca9f44eeb3
MX Player

Version: 1330001476

First seen: 2021-12-13T05:09:43.666018

Attribute: domains

mxvp-feature-toggle-prod-1.zenmxapps.com

Attribute: domains_analysis._name

mxvp-feature-toggle-prod-1.zenmxapps.com

Threat level: High Risk

com.apkpure.aegon
d2541c3e537c519c0540aaeab78e113fd099252364699cc13fe44b39bbcba9a8

APKPure

Version: 3173001

First seen: 2021-12-11T00:06:34.449259

Attribute: domains

apkpure-firebase.firebaseio.com

Attribute: domains_analysis._name

apkpure-firebase.firebaseio.com

Threat level: Moderate Risk

Similar samples:
com.apkpure.aegon

com.apkpure.aegon

com.apkpure.aegon
163636b49b881d06db3e6d5d79e19067d075a55e4999758b2cbc126a57be27cf

APKPure

Version: 3173001

First seen: 2021-12-08T18:57:43.023262

Attribute: domains

apkpure-firebase.firebaseio.com

Attribute: domains_analysis._name

apkpure-firebase.firebaseio.com

Threat level: Moderate Risk

Similar samples:
com.apkpure.aegon

com.apkpure.aegon

com.pillarproject.wallet
f7a11f2819b26bc4e24dba78fe7845ca3ec78c341ceef21d7352b6d413eceecc
Pillar Wallet

Version: 23920

First seen: 2021-11-16T14:08:52.639195

Attribute: domains

prod-storyly-media.s3-eu-west-1.amazonaws.com

Attribute: domains_analysis._name

prod-storyly-media.s3-eu-west-1.amazonaws.com

Threat level: Moderate Risk

com.sec.enterprise.knox.cloudmdm.smdms
b6ca1ecc97bd769d774c7023c1a1ed1c81586c0bf8c2b2d8f8daac516033595f

Knox Enrollment Service

Version: 205100000

First seen: 2021-11-14T10:07:39.246978

Attribute: domains

cn-prod-bulk.secb2b.com.cn
eu-prod-bulk.secb2b.com

Attribute: domains_analysis._name

cn-prod-bulk.secb2b.com.cn
eu-prod-bulk.secb2b.com

Threat level: Moderate Risk

com.apkpure.aegon
3b752a1966b84d36731b0655d80e1116b268b1184064df47278cd0dafcd02a9e

APKPure

Version: 3172701

First seen: 2021-10-27T09:38:11.672163

Attribute: domains

apkpure-firebase.firebaseio.com

Attribute: domains_analysis._name

apkpure-firebase.firebaseio.com

Threat level: Moderate Risk

Similar samples:
com.apkpure.aegon

com.apkpure.aegon

com.wire
7349251b6cc35c8b99e3407d34d97621821477d385dcf707284329cb26d3eb3f

Wire

Version: 661281

First seen: 2021-10-11T17:24:56.057245

Attribute: domains

prod-nginz-https.wire.com
prod-nginz-ssl.wire.com

Attribute: domains_analysis._name

prod-nginz-https.wire.com
prod-nginz-ssl.wire.com

Threat level: Moderate Risk

com.wire
d47fb95f894851e59c06a22c2e331af542caa893dd67b89d35991abea746a549

Wire

Version: 1352843

First seen: 2021-10-04T08:13:43.837976

Attribute: domains

prod-nginz-https.wire.com
prod-nginz-ssl.wire.com

Attribute: domains_analysis._name

prod-nginz-https.wire.com
prod-nginz-ssl.wire.com

Threat level: Moderate Risk

eu.livesport.Diretta_it_plus
f5cc5556e8201e09e5ef4d945d07787a0b82997869d141dfb2e93a4620cb60eb
Diretta

Version: 257

First seen: 2021-10-03T20:46:12.617183

Attribute: domains

prod-proxy-dfs-service.kubefs1.pub.lskube.eu

Attribute: domains_analysis._name

prod-proxy-dfs-service.kubefs1.pub.lskube.eu

Threat level: Moderate Risk

com.weathernowapp.weathernow
fd96166de0a078aadac3f1571e0996f887faaee4b38f538520a6557ec1acfdd7

Weather Now

Version: 803

First seen: 2021-08-29T08:06:38.066021

Attribute: domains

prod-a.applovin.comhttps

Attribute: domains_analysis._name

prod-a.applovin.comhttps

Threat level: Moderate Risk

com.telos.app.im
45a1a9f1d8dbd1a6561d1fbe1eeaca024a552016589a78fd231f9425e9c84822
Telos

Version: 70

First seen: 2021-08-12T17:09:43.912714

Attribute: domains

prod-a.applovin.comhttps

Attribute: domains_analysis._name

prod-a.applovin.comhttps

Threat level: High Risk

com.shanga.walli
b651feb1457c7f4b9e83ba8f5c2ea07fbb2faa7c9259525e2fc52727c8032a1c
Walli 4K

Version: 570

First seen: 2021-08-12T00:19:53.958439

Attribute: domains

prod-a.applovin.colhttps

Attribute: domains_analysis._name

prod-a.applovin.colhttps

Threat level: Moderate Risk

com.glu.zbs
916eecabbe09f7356cab8f8d920fa6ea18bde6c41f3c6508accd08577fe31345
Left to Survive

Version: 22595470

First seen: 2021-08-07T08:35:32.793805

Attribute: domains

prod-a.applovin.comhttps

Attribute: domains_analysis._name

prod-a.applovin.comhttps

Threat level: Moderate Risk

com.seek4dreams.dessertshop
c2fb220568bf44b9ec6b2310fa13a7625fcdc13d1a43c3e299313cc213e8709b

Happy Desserts

Version: 15

First seen: 2021-08-01T17:00:41.062900

Attribute: domains

prod-a.applovin.comhttps

Attribute: domains_analysis._name

prod-a.applovin.comhttps

Threat level: Moderate Risk

com.yodo1.myapplication
e5ab1e2c4246f6e38e89da173524828b383f4f12a8b00660e0a7762a51b46af3
My yodo1

Version: 1

First seen: 2021-08-01T03:04:23.688702

Attribute: domains

prod-a.applovin.comhttps

Attribute: domains_analysis._name

prod-a.applovin.comhttps

Threat level: Moderate Risk

org.olympic.app.mobile
2169f88fe5c2be5e4ec8780a72f8a634c87ccac80f7493f051a2de796912072b
Olympics

Version: 729

First seen: 2021-07-13T21:13:37.585402

Attribute: domains

olympic-channel-t2020-firebase.firebaseio.com

Attribute: domains_analysis._name

olympic-channel-t2020-firebase.firebaseio.com

Threat level: Moderate Risk

com.betterforsol.solitaire.card.games.free
e696292c03e062c3d8bd15d25f7131a8d77c27d86002cd1a30540901740f2f9d

Solitaire

Version: 68

First seen: 2021-07-13T10:52:22.595611

Attribute: domains

prod-a.applovin.comhttps

Attribute: domains_analysis._name

prod-a.applovin.comhttps

1/64

com.bitsmedia.android.muslimpro
26616021b1b80bcc4dcb8e95f97da7264d07f538fd39116b701b99f3cc742e1a
Muslim Pro

Version: 12000504

First seen: 2021-07-12T20:19:17.585086

Attribute: domains

prod-a.applovin.comhttps

Attribute: domains_analysis._name

prod-a.applovin.comhttps

Threat level: Moderate Risk

com.mxtech.videoplayer.ad
62385003d4ffb2e36c51434a923fae55f26c1e2b49976c42c76dec6dfe8a053f
MX Player

Version: 1330001413

First seen: 2021-07-12T04:53:50.922574

Attribute: domains

mxvp-feature-toggle-prod-1.zenmxapps.com

Attribute: domains_analysis._name

mxvp-feature-toggle-prod-1.zenmxapps.com

1/62

com.explorer.file.manager.fileexplorer.exfile
3c9d4d472785fe3a5de51dfeef29c89b326be3ca76b6ed1b133e62cd5c9b8a04

File Manager

Version: 60

First seen: 2021-07-09T12:35:14.538654

Attribute: domains

prod-a.applovin.comhttps

Attribute: domains_analysis._name

prod-a.applovin.comhttps

1/63

com.magictouch.xfollowers
9aba64f9b1632235adaf69f3907d6db90ae83bb6d3897f63e18c9ae4ad61b3df
Followers+

Version: 54

First seen: 2021-06-23T14:22:57.050914

Attribute: domains

prod-a.applovin.comhttps

Attribute: domains_analysis._name

prod-a.applovin.comhttps

Threat level: Moderate Risk

com.atlassian.spotme.atlassianevents
46b5717243eec2234851e1d6ff769263f1d8c9c0ff5b02255222e685ac8302db

Atlassian

Version: 1500101

First seen: 2021-06-23T12:35:09.650465

Attribute: domains

spotme-firebase.firebaseio.com

Attribute: domains_analysis._name

spotme-firebase.firebaseio.com

Threat level: Moderate Risk

com.badmanners.murglar
587684205fe3af393615ab8ea355698ae2262731827f1b0cc51e21ba3044a073
Murglar

Version: 150

First seen: 2021-06-22T10:24:38.201520

Attribute: domains

prod-a.applovin.comhttps

Attribute: domains_analysis._name

prod-a.applovin.comhttps

Threat level: Moderate Risk

com.hookupdating
f63b6de31348fa9f698ac02d3563718615e42c7360c876093aed9527d9c4b1c3
Hud

Version: 193

First seen: 2021-06-13T10:25:03.337891

Attribute: domains

prod-cloud.hookupdating.mobi

Attribute: domains_analysis._name

prod-cloud.hookupdating.mobi

Threat level: Moderate Risk

com.hookupdating
00122a1a8ea801f3582c0bcc510c756a7e5deb21f777f46466cb5ddcb264c6e7
Hud

Version: 156

First seen: 2021-06-11T14:25:00.213517

Attribute: domains

prod-cloud.hookupdating.mobi

Attribute: domains_analysis._name

prod-cloud.hookupdating.mobi

Threat level: Moderate Risk

com.jrzheng.supervpnfree
561d963292c78877e1563eecc5e1d7ce29a5d9617999c396ab7b5ad38bbf7253
SuperVPN

Version: 100

First seen: 2021-05-27T06:42:15.624436

Attribute: domains

prod-a.applovin.comhttps

Attribute: domains_analysis._name

prod-a.applovin.comhttps

Threat level: Moderate Risk

com.enflick.android.tn2ndLine
7616d080b6c57c7e939e9d324ffb259c07185c961ffd7c1ac858beb72250ea55
2ndLine

Version: 13810

First seen: 2021-06-05T14:52:54.794443

Attribute: domains

prod-a.applovin.comhttps

Attribute: domains_analysis._name

prod-a.applovin.comhttps

1/61

com.mxtech.videoplayer.pro
fa51e640e796bb1307272cd5f20c52c186786d35a8398f66b278c22a2f7d1837
MX Player Pro

Version: 1330001379

First seen: 2021-06-04T14:45:16.200599

Attribute: domains

mxvp-feature-toggle-prod-1.zenmxapps.com

Attribute: domains_analysis._name

mxvp-feature-toggle-prod-1.zenmxapps.com

1/63

com.yoku.marumovie.analytics
fe7646d291f2db0f9ede6cf62919d6418dab469277c5f3ba5b1a7d4cba3514ef

CinemaHD Beta

Version: 100

First seen: 2021-06-04T09:43:01.075019

Attribute: domains

prod-a.applovin.colhttps

Attribute: domains_analysis._name

prod-a.applovin.colhttps

1/64

fast.safe.guard.vpn
2595621445cd0ae397ef2207b02c1d04996a41428f0afb2da89278487cbb8a2a
Clean Guard

Version: 72

First seen: 2021-05-12T08:12:13.351076

Attribute: domains

prod-a.applovin.comhttps

Attribute: domains_analysis._name

prod-a.applovin.comhttps

Threat level: High Risk

com.aspira
780f60a794e4745e4927c9f9e617a9b8946e126673a6c74e2fb0c20b24d62571

Aspira

Version: 1593

First seen: 2021-05-05T16:49:42.748704

Attribute: domains

prod-smileid.herokuapp.com

Attribute: domains_analysis._name

prod-smileid.herokuapp.com

Threat level: Moderate Risk

`md5`	Sample MD5 `md5: 3acab2...`
`sha1`	Sample SHA1 `sha1: 3acab2...`
`sha256`	Sample SHA256 `sha256: 3acab2...`
`uaid`	Sample UAID `uaid: 3acab2...`
`permissions`	Requested Android permission `permissions: *.internet`
`java_classes`	Defined Java class `java_classes: "Lcom/amazon/device"`
`features`	Requested Android feature `features: *camera`
`handle`	Application package name `handle: fr.meteo`
`app_name`	Application name `app_name: Google`
`domains`	Found domain `domains: google`
`cert_md5`	Certificate MD5 fingerprint `cert_md5: 3acab2...`
`cert_sha1`	Certificate SHA1 fingerprint `cert_sha1: 3acab2...`
`cert_sha256`	Certificate SHA256 fingerprint `cert_sha256: 3acab2...`
`cert_issuer`	Certificate issuer `cert_issuer: google`
`vt.malicious`	VT detection `vt.malicious:>1`

Mobile threat intelligence for the masses

Results