• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – APT C-23 Active in Middle East
November 30, 2020
Rewterz Threat Alert – Alert on Gozi Banking Trojan
November 30, 2020

Rewterz Threat Alert – Adobe Flash Malicious APK

November 30, 2020

Severity

High

Analysis Summary

Threat actors have been dropping malicious Adobe Flash player APK to users to exfiltrate data and rob users off from there sensitive information. The filename of the malicious apk is Adobe Flash 2020 to make it more legitimate. The malicious APK has the images of the guideline of how to install Adobe Flash Player. When users opt to download and install the said fake app, the site connects to another URL to download malicious.

Image
Image

Impact

  • Data breach
  • Exposure of sensitive data 

Indicators of Compromise

Filename

  • Adobe_Flash_2020[.]apk

MD5

  • 0b7018e42a1aa85669aeed0d60a8bb80

SHA-256

  • 86d2ceb1e5c9496f4e64192232168ba6e80630211c715e2e9987b7ea19df7629

SHA1

  • ac56bdcadb912cda0289bc5c867358b2dc2bcee7

URL

  • https[:]//online-menu[.]net/media/lading/lading/%20-
  • https[:]//online-menu[.]net/media/lading/lading/download[.]php%20->
  • https[:]//online-menu[.]net/media/lading/lading/Adobe_Flash_2020[.]apk

Remediation

  • Block all threat indicators at your respective controls.
  • Search for IOCs in your environment.
  • Block access to malicious sites.
  • Adobe Flash Player can be downloaded via Play store and official Adobe website. 
  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.