Mobile threat intelligence for the masses

Try a real life example of Pithus on TryHackMe: Android Malware Analysis
Search by fuzzy hash

Results

Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
ru.aaaaaacj.installer
250fcd17d9367a817d0ad50e42b40051470adcf791bd4f1c679e84a6f384e281
LP Installer
Version: 1788
First seen: 2022-09-23T19:01:29.236754
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

12/66
com.whatsapp
c48dc6e10d7f7d4cea7c8bef56f0d8bbb3083583b942560456e4265760a4d260
WhatsApp
Version: 221977000
First seen: 2022-09-23T18:58:55.336690
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
com.flyersoft.moonreaderp
3d160ac329aac842c2e9086306a9599a0643262f08e4a2b9789aa8a85c6cd658
Moon+ Reader Pro
Version: 707002
First seen: 2022-09-21T14:21:53.149010
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
net.onecook.browser
c769735e47bf2e74d3f2dbac300e4a8b7713fb16a6471726437a5da74b9af8d0
Stargon
Version: 143
First seen: 2022-09-20T12:51:44.164524
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
info.plateaukao.einkbro
f3315d547be5f3cce7b129b5c5d46f50a7d42e271627e4a2843f5a677e92d894
EinkBro
Version: 90700
First seen: 2022-09-20T11:21:55.305924
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

1/64
com.spotify.music
51e93ce357de6aaeb5289192d41a386d566be6467dcfaabf1f4f6c500977a21c
Spotify
Version: 90966754
First seen: 2022-09-18T10:18:19.903694
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
com.whatsapp
5689d6fd58741e183be1ec4abd96d4f963414d39f2595842a086ba8f263e08e0
WhatsApp
Version: 2139210154
First seen: 2022-09-17T17:45:22.415218
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

1/63
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

1/57
video.player.videoplayer
1c6bff15258bbd61cd53de93f18f38036df71608a0fdd97afbb9fc184a25fb78
XPlayer - Video Player
Version: 231400
First seen: 2022-09-15T10:48:54.616793
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

1/64
com.flyersoft.moonreaderp
e94fe0f6403d143a4186f6d2034ad73b127fe9c9bfaa0047b68fe34f4cc3648f
Moon+ Reader Pro
Version: 706001
First seen: 2022-09-14T18:38:48.353609
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
com.lsdroid.cerberuss
b0b89e87f4d8d0127c930ab87891f8c0cf500d1424735ba47ab139c6ccd0665c
System Framework
Version: 283700
First seen: 2022-09-13T20:17:33.117157
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

14/64
Similar samples:
com.lsdroid.cerb…
com.Relmtech.RemotePaid
17bd058c128c3557efe5f43085a8dd87502a8376b657d543b56e75b616bd3552
Unified Remote Full
Version: 321002
First seen: 2022-09-13T20:06:58.096005
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
com.utopia.pxviewr
9acd08d3356e89e9fd10c866293d8b303ca84c03f52fac459ce8b665015031d6
PxView R
Version: 401
First seen: 2022-09-13T05:29:07.098547
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
com.lsdroid.cerberus
4504937d81feb23d6f80e158518336bb319734c3af182d91e5864bcf62a0d6c8
Cerberus
Version: 283700
First seen: 2022-09-12T17:41:55.265958
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

25/64
Similar samples:
com.lsdroid.cerb…
online.moneywell.app
f3786172ad576682637366cc5042860cbf7912fdf677d3ecd1f2199e0a3e2d25
Money Well
Version: 455
First seen: 2022-09-12T13:24:09.456607
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
bou.amine.apps.readerforselfossv2.android
43718658f826b633ecd2dce5f4f147286f36efd41c70fc312ea4cbc55c504a43
Reader for Selfoss
Version: 122092501
First seen: 2022-09-09T19:25:59.299612
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
Similar samples:
bou.amine.apps.r…
bou.amine.apps.readerforselfossv2.android
4943e12c41a44581358c0c1907782738d0777e654163c722c958ba8ca23a217c
Reader for Selfoss
Version: 122092503
First seen: 2022-09-09T09:21:08.683015
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
Similar samples:
bou.amine.apps.r…
com.duckduckgo.mobile.android
8db3027898dc0196ab480b63292648e3270a7d5061fcd812501e3aa503f10a6f
DuckDuckGo
Version: 51350000
First seen: 2022-09-08T12:48:59.860821
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
io.moonlighting.painnt
f797c644bc9139df651ad890795d37fc90c3d74d7df28ed2606db87b8f9c5653
Painnt
Version: 40031
First seen: 2022-09-06T14:54:04.704519
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
com.ymwhatsapp
2ab9a00121f018ec0b2e7d43505385e46d8f26e87ce3bc40d57691f0fc46af82
WhatsApp
Version: 999999999
First seen: 2022-09-05T18:29:21.277757
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: High Risk
Similar samples:
com.whatsapp
com.whatsapp
2a8952d3a6079fa6c873b73936928470c8c8f2085d0bbae89f645017ee14dada
WhatsApp
Version: 999999999
First seen: 2022-09-05T17:59:55.315475
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: High Risk
Similar samples:
com.ymwhatsapp
com.facebook.lite
3d563083ec8a739c66b3aacf755cceea17e811d60826389d34b2572405c30c92
Lite
Version: 391859103
First seen: 2022-08-31T12:25:22.244801
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
Similar samples:
com.facebook.lite
com.facebook.lite
ae9142be08ebcda5ed1125f4e85f6a584685bc38ee55f409a682b322be82f5d7
Lite
Version: 391859103
First seen: 2022-08-31T12:19:52.813651
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
Similar samples:
com.facebook.lite
com.estrongs.android.pop
b1516e18ef6fd9c9e2301d8fd0bb6ed19a35a29eb959a29f23326027e107e200
ES File Explorer
Version: 15005
First seen: 2022-08-31T11:20:05.181682
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

1/60
com.shadyspy.monitor
4d43ecaadc57910cd8df8ee7c280e411dba3089efe760cd5d001098e3e052cf3
ShadySpy
Version: 114
First seen: 2022-08-29T02:13:04.710613
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
com.kidslox.app
f509795292d8f3ae2e06421abb5e65376212cc8ca53421166c7d1d6e19b855ee
Kidslox
Version: 54854
First seen: 2022-08-28T20:05:20.778545
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
com.mbank.bot.p
df65ac7a310d73bd6e260d20662409e0f679458c1d199b3426f48218d924e74f
臺灣銀行
Version: 79
First seen: 2022-08-25T12:16:30.042148
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
com.balysv.loop
036f5bf5120b1fca04597eabe5d0889358a5266a095a81a36e53f2b39d59dd3b
∞ Loop
Version: 1307
First seen: 2022-08-23T13:33:36.664543
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
com.kapp.youtube.final
28c452576713c7de743928d54a31ed47648aeecbb8637f36d11046b6e8fe966a
YMusic Premium
Version: 4280
First seen: 2022-08-20T16:58:00.988446
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

1/65
com.global.foodpanda.android
437e5ad5974ef16bd5cd9c937fc3e5f230409e833761719bfd7ca33121fe968b
foodpanda
Version: 212266274
First seen: 2022-08-19T13:54:31.753385
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
com.spotify.music
9d9b6f4be6e3e60eab91fa69c70df68e47d24963080468ab65d18c7b3b4753e3
Spotify
Version: 89136394
First seen: 2022-08-19T13:04:24.841469
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
com.alibaba.aliexpresshd
d28acfc4b57abad4bcee19fb87444c03e0153c5ac9b395b1aac47d052f003a7a
AliExpress
Version: 2600261
First seen: 2022-08-17T11:32:02.493589
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
com.WhatsApp2Plus
a890d2c81a15258d50dba53e0ea7811efc77b9e483538f2be64bb5016fc298c0
WhatsApp
Version: 2119210099
First seen: 2022-08-16T21:33:05.668914
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

5/63
ver3.ycntivi.off
d15fb3aba7a6ba2f95b0cf1c406a0bcbcec5662756dcba2f817a44cb05fcb22d
Yacine TV
Version: 3
First seen: 2022-08-15T01:32:39.352435
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

1/65
com.ludashi.dualspaceprox
a44a1a2d4a0c771741939cfeb4ee3428c6bf3eebea56d532c27ab5ca973cc634
DualSpace Pro
Version: 22
First seen: 2022-08-14T04:43:09.641906
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

1/65
com.twelfthman.android
78ef697fd899b0f16d06dfe287efcbe43bc470827aa7d793778a4728c421d3fb
Twelfth Man
Version: 57
First seen: 2022-08-13T04:46:58.183714
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
com.tabiby.tabibyusers
11fb08ff634a897af374ee5c1545a960cf05291f52ab034a3b10cdb905a1b9f6
طبيبي للمستخدم
Version: 1
First seen: 2022-08-12T23:23:23.814680
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
com.alibaba.aliexpresshd
d7bba66607ea84284c2a410df26a7ab22e5becee5f65643e9bf73122f46f709e
AliExpress
Version: 151
First seen: 2022-08-12T20:07:32.825348
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
in.startv.hotstar
5b60313a47edf3619c656c138e0a893e5ef8c64e8877b1549d7b979802cd439c
Hotstar
Version: 701
First seen: 2022-08-12T08:24:30.221039
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: High Risk
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

1/63
Similar samples:
com.abs.cpu_z_ad…
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
Similar samples:
com.abs.cpu_z_ad…
downloader.video.download.free
6eb4bcd70f0ebaec07c66db7cf14c08fc49544bf38cc1fa17842c94a8615dce6
Video Downloader
Version: 3145830
First seen: 2022-08-10T09:07:29.146562
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: High Risk
com.facebook.mlite
31d4f45ed0add4b607da448e617364f7e328be02ef2f02c8e87875b796e9958d
Messenger Lite
Version: 387850621
First seen: 2022-08-10T08:31:54.754988
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
com.jonjomckay.fritter
018d81aa1e7ebf883dcf6fb74e0219e6fbd2536e446fda056378ed294bb13885
Fritter
Version: 202201231
First seen: 2022-08-10T08:17:20.437902
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: Moderate Risk
com.tiqiaa.remote
9ccdc8d361d6c82b64037bbae41f62332ead7b7d019d3dec0a72f92614f4e099
ZazaRemote
Version: 482
First seen: 2022-08-09T06:54:25.346159
Attribute: domains

www.facebook.com

Attribute: domains_analysis._name

www.facebook.com

Threat level: High Risk