← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Baidu -Dangerous behavior gained through malicious ads
WHITE Q.Vashti 2025-06-06 Modified: 2025-07-06
100
IOCs
HIGH VOLUME
droid.permission.RECEIVE_BOOT_COMPLETED android.permission.WRITE_SETTINGS android.permission.VIBRATE com.samsung.android.providers.context.permission.WRITE_USE_APP_FEATURE_SURVEY getui.permission.GetuiService.cn.quicktv.androidpro com.android.launcher.permission.INSTALL_SHORTCUT android.permission.ACCESS_WIFI_STATE android.permission.WAKE_LOCK android.permission.ACCESS_DOWNLOAD_MANAGER android.permission.MODIFY_AUDIO_SETTINGS More: https://www.virustotal.com/gui/file/0033fd6cacc814fb077261e7c19bc1137250ef80409a2a64919b2957a7982a8e/details
filehashsha1filehashsha256get httppost httpget httpspost httpsresolved ipsdetail infoflagcomponentnamecomponentinfobehaviourstartlinuxandroidforbidden dategmt connectionextrasacceptfile type
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (100)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL hostname domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 ce0c5c540fa21e3e28dc3ec5ed376ab3 MD5 of 36defe1dd1e0e701b3db90eda2cedf57ca4d0ec7 2025-06-06
FileHash-SHA1 36defe1dd1e0e701b3db90eda2cedf57ca4d0ec7 SHA1 of 0033fd6cacc814fb077261e7c19bc1137250ef80409a2a64919b2957a7982a8e 2025-06-06
FileHash-SHA256 0033fd6cacc814fb077261e7c19bc1137250ef80409a2a64919b2957a7982a8e SHA256 of 36defe1dd1e0e701b3db90eda2cedf57ca4d0ec7 2025-06-06
URL http://119.4.250.59//k4/app/app_config/cibn/1.json 2025-06-06
URL http://119.4.250.59//k4/app/app_config/jrys_ads20160516/1.json?client_version=jrys_6.2.4 2025-06-06
URL http://119.4.250.59//k4/app/app_config/jrys_ads20160516_6.2.4_baidu/1.json?client_version=jrys_6.2.4 2025-06-06
URL http://119.4.250.59//k4/video/video_sources/1.json?client_version=jrys_6.2.4 2025-06-06
URL http://218.244.147.118/p6/app/app_config/backend_serverlist1/1.json?client_version=jrys_6.2.4 2025-06-06
URL http://a.appjiagu.com/ad-service/ad/mark 2025-06-06
URL http://alog.umeng.co/app_logs 2025-06-06
URL http://alog.umeng.com/app_logs 2025-06-06
URL http://c.appjiagu.com/apk/cr.html 2025-06-06
URL http://mobads-logs.baidu.com/brwhis.log 2025-06-06
URL http://mobads.baidu.com/ads/pa/8/__pasys_remote_banner.php??bdr=19&os=android&v=8.1&tp=Lenovo+A360t 2025-06-06
URL http://nav.cn.ronghub.com/navipush.json 2025-06-06
URL http://s.appjiagu.com:80/pkl16.html 2025-06-06
URL https://stats.cn.ronghub.com/active.json 2025-06-06
hostname a.appjiagu.com 2025-06-06
hostname alog.umeng.co 2025-06-06
hostname alog.umeng.com 2025-06-06
hostname c.appjiagu.com 2025-06-06
hostname mobads-logs.baidu.com 2025-06-06
hostname mobads.baidu.com 2025-06-06
hostname nav.cn.ronghub.com 2025-06-06
hostname s.appjiagu.com 2025-06-06
hostname stats.cn.ronghub.com 2025-06-06
URL http://119.4.250.59/k4/app/app_config/cibn_quicktv/1.json 2025-06-06
URL http://119.4.250.59/k4/app/app_config/quicktv_ads20160129/1.json?client_version=quicktv_6.3.4 2025-06-06
URL http://119.4.250.59/k4/app/app_config/quicktv_ads20160129_6.3.4_appchina/1.json?client_version=quicktv_6.3.4 2025-06-06
URL http://119.4.250.59/k4/app/app_config/quicktv_ads20160129_6.3.4_wandoujia/1.json?client_version=quicktv_6.3.4 2025-06-06
URL http://119.4.250.59/k4/app/app_config/quicktv_ads20160129_6.3.6_qq/1.json?client_version=quicktv_6.3.6 2025-06-06
URL http://119.4.250.59/k4/app/app_config/quicktv_ads20160516/1.json?client_version=quicktv_6.4.0 2025-06-06
URL http://119.4.250.59/k4/app/app_config/quicktv_ads20160516_6.4.0_wandoujia/1.json?client_version=quicktv_6.4.0 2025-06-06
URL http://119.4.250.59/k4/video/video_sources/1.json 2025-06-06
URL http://119.4.250.59/k5/app/app_config/quicktv_ads20160712_6.5.2_baidu/1/quicktv_6_5_2.json 2025-06-06
hostname a.i33.tv 2025-06-06
domain goodchoice.cn 2025-06-06
domain liangzemu.cn 2025-06-06
domain tll888.com 2025-06-06
URL http://218.244.147.118/k2/app/app_config/backend_serverlist1/ 2025-06-06
URL http://218.244.147.118/k2/app/app_config/backend_serverlist1/1.json?client_version=android_quicktv_6.0.4 2025-06-06
URL http://218.244.147.118/k2/app/app_config/backend_serverlist1/1.json?client_version=quicktv_6.2.8 2025-06-06
URL http://218.244.147.118/k2/app/app_config/backend_serverlist1/1.json?client_version=quicktv_6.3.4 2025-06-06
URL http://218.244.147.118/k2/app/app_config/backend_serverlist1/1.json?client_version=quicktv_6.4.0 2025-06-06
URL http://218.244.147.118/k2/app/app_config/backend_serverlist1/1.json?client_version=quicktv_6.5.2 2025-06-06
URL http://218.244.147.118/k4/app/app_config/backend_serverlist1/1.json 2025-06-06
URL http://218.244.147.118/p3/app/app_config/backend_serverlist/0.json 2025-06-06
URL http://218.244.147.118/p3/app/app_config/backend_serverlist1/0.json?client_version=android_wtv_5.1.6 2025-06-06
URL http://218.244.147.118/p3/app/app_config/backend_serverlist1/0.json?client_version=android_wtv_5.2.0 2025-06-06
URL http://218.244.147.118/p6/app/app_config/backend_serverlist1/ 2025-06-06
URL http://218.244.147.118/p6/app/app_config/backend_serverlist1/1.json?client_version=kktv_6.2.8 2025-06-06
URL http://218.244.147.118/p6/app/app_config/backend_serverlist1/1.json?client_version=wtv_6.2.5 2025-06-06
URL http://218.244.147.118:6389/wtvlive/migu2/ 2025-06-06
URL http://api_p.tll888.com/yitv.php?id= 2025-06-06
URL http://liangzemu.cn/ 2025-06-06
URL http://www.goodchoice.cn/ 2025-06-06
FileHash-SHA256 0eba16017ee9fc6fe92e8371e6ab3437d63a5d9b75bbba915f0aa9b48af547f4 2025-06-06
FileHash-SHA256 11ba17e9c8ef9bcc0e095d53b53a1532087d3c60fb06e323a1d144d63f48030c 2025-06-06
FileHash-SHA256 7dc561a2e7a86de253dc2cb4dc338923bb7c29d13374468508ede5f50c1e2a28 2025-06-06
FileHash-SHA256 f90f666760eb62848dcfd4533dacf3bd989bf9bdb428817cd71df95f22ed1c8e 2025-06-06
FileHash-SHA256 fd9b3b0cc4b5f574390130a5097f628e6a8774947cec00d7753758a0c0e395b4 2025-06-06
URL http://101.199.113.167:80 2025-06-06
URL http://104.192.110.203:80 2025-06-06
URL http://106.120.160.10:80 2025-06-06
URL http://119.4.250.60:8080 2025-06-06
URL http://120.92.13.68:443 2025-06-06
URL http://120.92.22.172:443 2025-06-06
URL http://180.163.242.233:80 2025-06-06
URL http://180.163.249.17:80 2025-06-06
URL http://203.119.128.27:80 2025-06-06
URL http://218.244.147.118:80 2025-06-06
URL http://36.110.213.226:80 2025-06-06
URL http://36.110.234.50:80 2025-06-06
URL http://3.120.236.181:80 2025-06-06
URL http://3.121.84.28:80 2025-06-06
hostname alog.umeng.com.gds.alibabadns.com 2025-06-06
hostname nlb-pub-rcgcan-fra-api-80-63da57c9f4d72f7b.elb.eu-central-1.amazonaws.com 2025-06-06
FileHash-MD5 9a2ac8c66a1d628503c88514101df6b7 2025-06-06
FileHash-MD5 b843973cbd68854f22e3e446d9297111 2025-06-06
FileHash-SHA256 f69a82d9e7b72a6fba6b0c6d59aaa7824c78edd31fca2540a1aed8dd75148456 2025-06-06
domain androidannotations-api.properties 2025-06-06
domain entities-base.properties 2025-06-06
domain entities-full.properties 2025-06-06
domain version.properties 2025-06-06
domain armv7a.so 2025-06-06
domain libbspatch.so 2025-06-06
domain libgetuiext.so 2025-06-06
domain libjiagu.so 2025-06-06
domain librongimlib.so 2025-06-06
domain libthinkoplayer.so 2025-06-06
domain libvbyte-p2p-v7a.so 2025-06-06
domain libvbyte-v7a.so 2025-06-06
domain libvlccore.so 2025-06-06
domain opustool.so 2025-06-06
domain x86.so 2025-06-06
hostname 2fmobads.baidu.com 2025-06-06
hostname android.permission.camera 2025-06-06
hostname android.permission.read 2025-06-06
hostname com.igexin.download.action.notify.click 2025-06-06
FileHash-SHA256 d4fbc33c3e410cea4d1cb61db6e93e13949174def1a9a840063b52a73ada53b1 2025-06-06