Pithus

Results

com.jarsilio.android.scrambledeggsif
ded876d33e1901ae1d11c3b289d45a27f90d08055b4704ddf5793dd7035947e8
Scrambled Exif

Version: 73

First seen: 2022-09-24T10:27:21.987272

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

ru.aaaaaacj.installer
250fcd17d9367a817d0ad50e42b40051470adcf791bd4f1c679e84a6f384e281

LP Installer

Version: 1788

First seen: 2022-09-23T19:01:29.236754

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

12/66

com.whatsapp
c48dc6e10d7f7d4cea7c8bef56f0d8bbb3083583b942560456e4265760a4d260
WhatsApp

Version: 221977000

First seen: 2022-09-23T18:58:55.336690

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

com.flyersoft.moonreaderp
3d160ac329aac842c2e9086306a9599a0643262f08e4a2b9789aa8a85c6cd658
Moon+ Reader Pro

Version: 707002

First seen: 2022-09-21T14:21:53.149010

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

net.onecook.browser
c769735e47bf2e74d3f2dbac300e4a8b7713fb16a6471726437a5da74b9af8d0
Stargon

Version: 143

First seen: 2022-09-20T12:51:44.164524

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

info.plateaukao.einkbro
f3315d547be5f3cce7b129b5c5d46f50a7d42e271627e4a2843f5a677e92d894
EinkBro

Version: 90700

First seen: 2022-09-20T11:21:55.305924

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

com.tencent.mm
801a1fd23b85919f667cfc98644994f12fc2f07546f143b9d641e117158c58bc

Version: 2

First seen: 2022-09-19T10:11:09.512720

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

com.vpnbottle.melon.free.unblock.fast.vpna
e156e914e062ee045dc4d677cedb0ae299f59c15725b4784f7e89fe44d89b28f

ExpressVPN

Version: 69999

First seen: 2022-09-18T13:53:01.085344

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

1/64

com.spotify.music
51e93ce357de6aaeb5289192d41a386d566be6467dcfaabf1f4f6c500977a21c
Spotify

Version: 90966754

First seen: 2022-09-18T10:18:19.903694

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

com.whatsapp
5689d6fd58741e183be1ec4abd96d4f963414d39f2595842a086ba8f263e08e0
WhatsApp

Version: 2139210154

First seen: 2022-09-17T17:45:22.415218

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

1/63

com.ea.game.fifa14_row
f8c4b1f00b54f04a85ac49f056943e48ba8c3f718a38fce278556f76ff6938bf

FIFA 22

Version: 136

First seen: 2022-09-16T15:38:47.916587

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

1/57

video.player.videoplayer
1c6bff15258bbd61cd53de93f18f38036df71608a0fdd97afbb9fc184a25fb78

XPlayer - Video Player

Version: 231400

First seen: 2022-09-15T10:48:54.616793

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

1/64

com.flyersoft.moonreaderp
e94fe0f6403d143a4186f6d2034ad73b127fe9c9bfaa0047b68fe34f4cc3648f
Moon+ Reader Pro

Version: 706001

First seen: 2022-09-14T18:38:48.353609

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

com.lsdroid.cerberuss
b0b89e87f4d8d0127c930ab87891f8c0cf500d1424735ba47ab139c6ccd0665c
System Framework

Version: 283700

First seen: 2022-09-13T20:17:33.117157

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

14/64

Similar samples:
com.lsdroid.cerb…

com.Relmtech.RemotePaid
17bd058c128c3557efe5f43085a8dd87502a8376b657d543b56e75b616bd3552
Unified Remote Full

Version: 321002

First seen: 2022-09-13T20:06:58.096005

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

com.utopia.pxviewr
9acd08d3356e89e9fd10c866293d8b303ca84c03f52fac459ce8b665015031d6

PxView R

Version: 401

First seen: 2022-09-13T05:29:07.098547

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

com.lsdroid.cerberus
4504937d81feb23d6f80e158518336bb319734c3af182d91e5864bcf62a0d6c8

Cerberus

Version: 283700

First seen: 2022-09-12T17:41:55.265958

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

25/64

Similar samples:
com.lsdroid.cerb…

online.moneywell.app
f3786172ad576682637366cc5042860cbf7912fdf677d3ecd1f2199e0a3e2d25
Money Well

Version: 455

First seen: 2022-09-12T13:24:09.456607

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

bou.amine.apps.readerforselfossv2.android
43718658f826b633ecd2dce5f4f147286f36efd41c70fc312ea4cbc55c504a43
Reader for Selfoss

Version: 122092501

First seen: 2022-09-09T19:25:59.299612

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

Similar samples:
bou.amine.apps.r…

bou.amine.apps.readerforselfossv2.android
4943e12c41a44581358c0c1907782738d0777e654163c722c958ba8ca23a217c
Reader for Selfoss

Version: 122092503

First seen: 2022-09-09T09:21:08.683015

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

Similar samples:
bou.amine.apps.r…

com.duckduckgo.mobile.android
8db3027898dc0196ab480b63292648e3270a7d5061fcd812501e3aa503f10a6f
DuckDuckGo

Version: 51350000

First seen: 2022-09-08T12:48:59.860821

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

io.moonlighting.painnt
f797c644bc9139df651ad890795d37fc90c3d74d7df28ed2606db87b8f9c5653
Painnt

Version: 40031

First seen: 2022-09-06T14:54:04.704519

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

com.ymwhatsapp
2ab9a00121f018ec0b2e7d43505385e46d8f26e87ce3bc40d57691f0fc46af82
WhatsApp

Version: 999999999

First seen: 2022-09-05T18:29:21.277757

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: High Risk

Similar samples:
com.whatsapp

com.whatsapp
2a8952d3a6079fa6c873b73936928470c8c8f2085d0bbae89f645017ee14dada
WhatsApp

Version: 999999999

First seen: 2022-09-05T17:59:55.315475

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: High Risk

Similar samples:
com.ymwhatsapp

com.facebook.lite
3d563083ec8a739c66b3aacf755cceea17e811d60826389d34b2572405c30c92
Lite

Version: 391859103

First seen: 2022-08-31T12:25:22.244801

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

Similar samples:
com.facebook.lite

com.facebook.lite
ae9142be08ebcda5ed1125f4e85f6a584685bc38ee55f409a682b322be82f5d7
Lite

Version: 391859103

First seen: 2022-08-31T12:19:52.813651

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

Similar samples:
com.facebook.lite

com.estrongs.android.pop
b1516e18ef6fd9c9e2301d8fd0bb6ed19a35a29eb959a29f23326027e107e200
ES File Explorer

Version: 15005

First seen: 2022-08-31T11:20:05.181682

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

1/60

com.shadyspy.monitor
4d43ecaadc57910cd8df8ee7c280e411dba3089efe760cd5d001098e3e052cf3
ShadySpy

Version: 114

First seen: 2022-08-29T02:13:04.710613

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

com.kidslox.app
f509795292d8f3ae2e06421abb5e65376212cc8ca53421166c7d1d6e19b855ee
Kidslox

Version: 54854

First seen: 2022-08-28T20:05:20.778545

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

com.mbank.bot.p
df65ac7a310d73bd6e260d20662409e0f679458c1d199b3426f48218d924e74f
臺灣銀行

Version: 79

First seen: 2022-08-25T12:16:30.042148

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

com.balysv.loop
036f5bf5120b1fca04597eabe5d0889358a5266a095a81a36e53f2b39d59dd3b
∞ Loop

Version: 1307

First seen: 2022-08-23T13:33:36.664543

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

com.kapp.youtube.final
28c452576713c7de743928d54a31ed47648aeecbb8637f36d11046b6e8fe966a

YMusic Premium

Version: 4280

First seen: 2022-08-20T16:58:00.988446

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

1/65

com.global.foodpanda.android
437e5ad5974ef16bd5cd9c937fc3e5f230409e833761719bfd7ca33121fe968b
foodpanda

Version: 212266274

First seen: 2022-08-19T13:54:31.753385

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

com.spotify.music
9d9b6f4be6e3e60eab91fa69c70df68e47d24963080468ab65d18c7b3b4753e3
Spotify

Version: 89136394

First seen: 2022-08-19T13:04:24.841469

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

com.simplemobiletools.smsmessenger
be67305d8a345d0c32dbb85dfaeddd07d751367a45c0a443a51b6e9e68a2ecdc
SMS Messenger

Version: 60

First seen: 2022-08-18T10:09:31.775288

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

com.alibaba.aliexpresshd
d28acfc4b57abad4bcee19fb87444c03e0153c5ac9b395b1aac47d052f003a7a
AliExpress

Version: 2600261

First seen: 2022-08-17T11:32:02.493589

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

org.shadowice.flocke.andotp
b947b393a821bfb5254287d132493d02967ff4190f017f7fa71eb569cd228a10
andOTP

Version: 39

First seen: 2022-08-17T08:39:43.465303

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

com.WhatsApp2Plus
a890d2c81a15258d50dba53e0ea7811efc77b9e483538f2be64bb5016fc298c0
WhatsApp

Version: 2119210099

First seen: 2022-08-16T21:33:05.668914

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

5/63

ver3.ycntivi.off
d15fb3aba7a6ba2f95b0cf1c406a0bcbcec5662756dcba2f817a44cb05fcb22d
Yacine TV

Version: 3

First seen: 2022-08-15T01:32:39.352435

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

1/65

com.ludashi.dualspaceprox
a44a1a2d4a0c771741939cfeb4ee3428c6bf3eebea56d532c27ab5ca973cc634

DualSpace Pro

Version: 22

First seen: 2022-08-14T04:43:09.641906

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

1/65

com.twelfthman.android
78ef697fd899b0f16d06dfe287efcbe43bc470827aa7d793778a4728c421d3fb

Twelfth Man

Version: 57

First seen: 2022-08-13T04:46:58.183714

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

com.tabiby.tabibyusers
11fb08ff634a897af374ee5c1545a960cf05291f52ab034a3b10cdb905a1b9f6

طبيبي للمستخدم

Version: 1

First seen: 2022-08-12T23:23:23.814680

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

com.alibaba.aliexpresshd
d7bba66607ea84284c2a410df26a7ab22e5becee5f65643e9bf73122f46f709e

AliExpress

Version: 151

First seen: 2022-08-12T20:07:32.825348

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

in.startv.hotstar
5b60313a47edf3619c656c138e0a893e5ef8c64e8877b1549d7b979802cd439c
Hotstar

Version: 701

First seen: 2022-08-12T08:24:30.221039

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: High Risk

com.abs.cpu_z_advance
20ae1f6512a71c86da0dafbb3e952f21e619d8eb6c849ba0736517a8347ad4c1
CPU X

Version: 354

First seen: 2022-08-11T00:51:34.588037

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

1/63

Similar samples:
com.abs.cpu_z_ad…

com.abs.cpu_z_advance
b6f42086c3544f0a19393a516b7e87f7e3e5d82369cdd8deabb58c3715500e1c
CPU X

Version: 354

First seen: 2022-08-10T23:25:40.066798

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

Similar samples:
com.abs.cpu_z_ad…

downloader.video.download.free
6eb4bcd70f0ebaec07c66db7cf14c08fc49544bf38cc1fa17842c94a8615dce6
Video Downloader

Version: 3145830

First seen: 2022-08-10T09:07:29.146562

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: High Risk

com.facebook.mlite
31d4f45ed0add4b607da448e617364f7e328be02ef2f02c8e87875b796e9958d
Messenger Lite

Version: 387850621

First seen: 2022-08-10T08:31:54.754988

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

com.jonjomckay.fritter
018d81aa1e7ebf883dcf6fb74e0219e6fbd2536e446fda056378ed294bb13885

Fritter

Version: 202201231

First seen: 2022-08-10T08:17:20.437902

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk

com.tiqiaa.remote
9ccdc8d361d6c82b64037bbae41f62332ead7b7d019d3dec0a72f92614f4e099

ZazaRemote

Version: 482

First seen: 2022-08-09T06:54:25.346159

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: High Risk

`md5`	Sample MD5 `md5: 3acab2...`
`sha1`	Sample SHA1 `sha1: 3acab2...`
`sha256`	Sample SHA256 `sha256: 3acab2...`
`uaid`	Sample UAID `uaid: 3acab2...`
`permissions`	Requested Android permission `permissions: *.internet`
`java_classes`	Defined Java class `java_classes: "Lcom/amazon/device"`
`features`	Requested Android feature `features: *camera`
`handle`	Application package name `handle: fr.meteo`
`app_name`	Application name `app_name: Google`
`domains`	Found domain `domains: google`
`cert_md5`	Certificate MD5 fingerprint `cert_md5: 3acab2...`
`cert_sha1`	Certificate SHA1 fingerprint `cert_sha1: 3acab2...`
`cert_sha256`	Certificate SHA256 fingerprint `cert_sha256: 3acab2...`
`cert_issuer`	Certificate issuer `cert_issuer: google`
`vt.malicious`	VT detection `vt.malicious:>1`

Mobile threat intelligence for the masses

Results