#1280255: Middle Eastern Mobile Malware - Domestic Kitten - Additional IOCs

Description: Reference:

https://mp.weixin.qq.com/s/yaLC8gs-U92X6WnYzuuQ7w
First Aid: IOCs:

domain lohefeshordeh.net
domain firmwaresystemupdate.com
URL http://push.lohefeshordeh.net:3000/sanayee/classes/_Installation
URL http://www.firmwaresystemupdate.com/mmh
URL http://www.firmwaresystemupdate.com/mmh/upload-log.php
URL http://198.50.220.44:80
hostname push.lohefeshordeh.net
hostname www.ychatonline.net
hostname www.firmwaresystemupdate.com
hostname www.appsoftupdate.com
FileHash-MD5 9d3ca081e7fe27e44707d8634c22fc95
FileHash-MD5 e94ed62a28a9fd6f714c3e29b3636788
FileHash-MD5 155316526ff476698494e90efc1127bc
FileHash-MD5 cc88f21406eaeed70a890f53e57c98b6
FileHash-MD5 f05d8588cf2e8be9fa6ccac39a0f7311
FileHash-MD5 3c0011dd7f6c9474cda5ffd52415d4a8
FileHash-MD5 4134cb97b2446654347ab2e1ca2c050f
FileHash-MD5 12bea094932da9fa51853740fcaa68a1
FileHash-MD5 ac32ffaa379aed78dcc11ea74fbdfcf
FileHash-MD5 25a65cbfc9d34f5367acb5ea2a32e3ef
FileHash-MD5 d199c202beb4380e2f675e93c36cf0f4
FileHash-MD5 26f655d19358ba5c124bbb705c3778a7
FileHash-MD5 fbd0afe5bd3d0d61feb21680b304d7a
FileHash-MD5 4567824a45a818bc389d7eeae3c7b678
FileHash-MD5 86da3a7378e17b51ba83ba3333e86a32
FileHash-MD5 2a0394da1639aab6b9fea26c93eebe07
FileHash-MD5 34be434996b9bc19112f875f0a3711d2
FileHash-MD5 05eaa04bc27db3af51215d68a1d32d05
FileHash-MD5 43bd113a0952172bcba57055f5a707bb
More info: https://otx.alienvault.com/pulse/5d9db01cc5328d4649e0594c?utm_medium=InProduct&utm_source=OTX&utm_content=Email&utm_campaign=new_pulse_from_subscribed

Date added Oct. 9, 2019, 1 p.m.
Source AlienVault
Subjects
  • All New Malware or Attack Alerts - New Reports / IOCs in
  • . APTs - Advanced Persistent Threats - New Reports in
  • . APTs - Iran - New Reports in
  • Iran - Domestic Kitten
  • Mobile Malware and Threats - Various
  • Mobile Malware - New Reports in
  • . News Iran
  • .News Middle East - Various