← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Android GravityRAT goes after WhatsApp backups
WHITE tr2222200 2023-06-16 Modified: 2023-06-16
18
IOCs
MEDIUM VOLUME
gravityratbingechatspacecobrafigurec serverchaticobingechat appomemo instanteset researchindiaandroidaugustvirustotaljunefacebookreboot
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
SpaceCobra BingeChat GravityRAT
Indicators of Compromise (4 / 18 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
URL https://cld.androidadbserver.com 2023-06-16
URL https://dev.androidadbserver.com 2023-06-16
URL https://downloads.bingechat.net/uploadA/c1d8bad13c5359c97cab280f7b561389153/BingeChat.zip 2023-06-16
URL https://ping.androidadbserver.com 25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393 2023-06-16
References (1)
↗ https://www.welivesecurity.com/2023/06/15/android-gravityrat-goes-after-whatsapp-backups/