MoqHao Evolution: New variants start automatically right after installation [Friday, February 09, 2024]

A recent variant of the Android malware MoqHao has been found to automatically execute itself upon installation without requiring user interaction....
MoqHao Evolution: New variants start automatically right after installation [Friday, February 09, 2024]
MoqHao Evolution: New variants start automatically right after installation

MoqHao Evolution: New variants start automatically right after installation

Description :
A recent variant of the Android malware MoqHao has been found to automatically execute itself upon installation without requiring user interaction. The malware is distributed via SMS phishing links and abuses legitimate services like URL shorteners and Pinterest. It targets users in Asia and Europe, collects device info, and contains many new command and control capabilities.

Published Created Modified
2024-02-09 14:28:31 2024-02-09 14:28:31 2024-02-09 14:55:48

Tags

Indicators

Malwares :
  • MoqHao
Hashes :
  • b044804cf731cd7dd79000b7c6abce7b642402b275c1eb25712607fc1e5e3d2b
  • e72f46f15e50ce7cee5c4c0c5a5277e8be4bb3dd23d08ea79e1deacb8f004136
  • 2576a166d3b18eafc2e35a7de3e5549419d10ce62e0eeb24bad5a1daaa257528
  • f6323f8d8cfa4b5053c65f8c1862a8e6844b35b260f61735b3cf8d19990fef42
  • 61b4cca67762a4cf31209056ea17b6fb212e175ca330015d804122ee6481688e
  • bf102125a6fca5e96aed855b45bbed9aa0bc964198ce207f2e63a71487ad793a
Intrusion set :
  • Roaming Mantis
Location :
  • British Indian Ocean Territory
  • France
  • Japan
  • India
  • Germany
MITRE ATT&CK Techniques : Other observables :
  • Technology

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.