← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
EASTERN ASIAN ANDROID ASSAULT – FLUHORSE
WHITE Superpro 2023-05-08 Modified: 2023-05-08
40
IOCs
MEDIUM VOLUME
A new malware called FluHorse has been discovered, which targets different sectors of Eastern Asian markets through malicious Android applications that mimic legitimate ones. These apps have already been downloaded more than a million times and can steal victims' credentials and 2FA codes. The malware is distributed via emails, and in some cases, the emails used in the first stage of the attacks belong to high-profile entities. FluHorse is a persistent and dangerous threat that can remain undetected for months.
object poolc serverflutterdartandroidcheck pointelectronic tolldart objectfluhorseetc apkfuturevirustotalplayphishingnightloveexamplewindowfirstcodeformatevil
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Object Pool
Indicators of Compromise (5 / 40 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 784513796af2e9033fe3fe3d07273805 MD5 of 416e22d6b85d6633d1da000058efb3cd597b8b7df5d77a6c3456464d65a775b3 2023-05-08
FileHash-MD5 9d2523f1dc9d327377748cd44e67faa6 MD5 of d8a777b050ba27eeb41c0035f3477882d7eafc56edfcbe1e8cef05a7e85c8b9e 2023-05-08
FileHash-MD5 a476fd574020a80be414d4c4d395d8bf MD5 of 9220752302e2bca0002ea701c772b2f2306831711b1c323157ef2573f176821a 2023-05-08
FileHash-MD5 a5153d65c4e5de898808220670220579 MD5 of 8b591b5488dab8adb485ea55197148d6b39715da562537c7d8b1a79cd3639510 2023-05-08
FileHash-MD5 e2c4c168e2ae181155681740c64e91aa MD5 of 74008170fc5de4d40bcc97b8e2c6fbdb01889805c6ca456fd08134881cad0d2c 2023-05-08
References (1)
↗ https://research.checkpoint.com/2023/eastern-asian-android-assault-fluhorse/