# Copyright (c) 2014-2022 Maltrail developers (https://github.com/stamparm/maltrail/) # See the file 'LICENSE' for copying permission # Reference: https://medium.com/csis-techblog/analysis-of-joker-a-spy-premium-subscription-bot-on-googleplay-9ad24f044451 joker2.dolphinsclean.com beatleslover.com tb-eu-jet.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1184054662003134464 # Reference: https://www.virustotal.com/gui/ip-address/52.77.93.217/relations 23w5338-z.com beatleslover.com hyy-2d2.com kaaryah.com nichfyy.com prick-6ey.com sw7p5-629.com # Reference: https://twitter.com/ReBensk/status/1217065291320045568 andu-eu.oss-eu-central-1.aliyuncs.com # Reference: https://research.checkpoint.com/2020/android-app-fraud-haken-clicker-and-joker-premium-dialer/ # Reference: https://www.virustotal.com/gui/ip-address/3.123.204.12/relations http://3.123.204.12 # Reference: https://twitter.com/ReBensk/status/1232297093802233856 happyyear.top # Reference: https://twitter.com/ReBensk/status/1246451065970712576 wsbb.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1249765927677243393 gplay.oss-eu-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1274316961510498306 yehua-online.oss-cn-hangzhou.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1274334502224044032 facebookdata-1301476296.cos.na-ashburn.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1275443534070296576 wdfoz.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1275713835090001922 rockmanpc.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1276806753959763968 http://34.206.171.237 woea.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1278016062378987520 etut.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1279451409189146624 39200628.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1278711799001632769 separatesuppliers.live # Reference: https://www.virustotal.com/gui/file/275dbae90dc9d84782297858b90579a106d4752e0b6e8a7553b86d1d4d8f7f62/detection http://47.241.2.108 # Reference: https://www.virustotal.com/gui/file/4a9504de927266b9101417e2dc2acf66e2c9e5b3565f64894a6467b0ebeac58f/detection http://161.117.229.58 # Reference: https://twitter.com/bl4ckh0l3z/status/1280090346840567809 # Reference: https://www.virustotal.com/gui/file/76faf61e374b271d7a818338a4857c2400ff0a2e5864ce1a70e6df04cf8da3a0/detection # Reference: https://www.virustotal.com/gui/file/901020b4b768fd4382f9d305cce7906b33dd0ce876e28151d760b0311b5e8769/detection http://161.117.44.212 http://161.117.46.64 http://161.117.48.94 33333333333-1301476296.cos.eu-moscow.myqcloud.com facebookdata-1301476296.cos.na-ashburn.myqcloud.com # Reference: https://research.checkpoint.com/2020/new-joker-variant-hits-google-play-with-an-old-trick/ gd-1301476296.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1281909972683677696 http://161.117.83.26 hardsay.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1283788323178373120 http://47.74.179.177 # Reference: https://twitter.com/ReBensk/status/1286642164152311810 # Reference: https://www.virustotal.com/gui/file/198d887f450053630fa40ae0221c794a1ce6733385e6559dae3b9777308803b2/detection allstars.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1287414754496196610 waitalone.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1287662297465454592 # Reference: https://www.virustotal.com/gui/file/4bc4beccd01a014354c27e2388e87e67ff1d37e5c7a220650d6931ac4fc28b89/detection hardwarestandards.shop mobiledevices.icu # Reference: https://twitter.com/ReBensk/status/1288333955570302976 aisunani.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/aazim_here/status/1288440507396493313 narta.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1288701923974156288 99042.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1288790256649674752 fbgufra07.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1288790529308864512 larkbucket.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1289412525197467648 bullse.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/bl4ckh0l3z/status/1289831992108789761 reff2355-1301476296.cos.eu-moscow.myqcloud.com # Reference: https://twitter.com/bl4ckh0l3z/status/1290214936900063232 fdsr234-1301476296.cos.eu-frankfurt.myqcloud.com gfd3424-1301476296.cos.ap-mumbai.myqcloud.com hkkg34fd-1301476296.cos.na-siliconvalley.myqcloud.com # Reference: https://twitter.com/bl4ckh0l3z/status/1290603888991776771 dg1042.oss-eu-central-1.aliyuncs.com mg420.oss-us-west-1.aliyuncs.com ydnxy042.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1290612822582468613 http://161.117.226.98 # Reference: https://twitter.com/ReBensk/status/1290618344853221376 http://161.117.62.127 http://47.91.99.122 http://47.91.99.17 # Reference: https://twitter.com/bl4ckh0l3z/status/1290655447645663234 gseven.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1291985135936602112 purchasingmanagers.club # Reference: https://twitter.com/bl4ckh0l3z/status/1292425701925281793 http://54.251.231.73 # Reference: https://twitter.com/bl4ckh0l3z/status/1292908632217210884 forgotten.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1297528634127851533 ruik.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1297909430663684098 http://54.254.62.156 # Reference: https://twitter.com/ReBensk/status/1298846513070829568 jk8681oy.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1298891762744909824 were4o5.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1300691596556603392 blackdragon.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1300652965854883840 n47n.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1301027283734585344 blackdragon02.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1301494248550866944 2j1i9uqw.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1301963377435181057 http://18.141.129.153 # Reference: https://twitter.com/ReBensk/status/1303917434831876097 proxy48.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1309475351572045825 # Reference: https://www.zscaler.com/blogs/security-research/joker-playing-hide-and-seek-google-play # Reference: https://otx.alienvault.com/pulse/5f6e0a6e075485dddd57a37b 2j1i9uqw.oss-eu-central-1.aliyuncs.com blackdragon.oss-ap-southeast-5.aliyuncs.com blackdragon03.oss-ap-southeast-5.aliyuncs.com fgcxweasqw.oss-eu-central-1.aliyuncs.com jk8681oy.oss-eu-central-1.aliyuncs.com laodaoo.oss-ap-southeast-5.aliyuncs.com n47n.oss-ap-southeast-5.aliyuncs.com nineth03.oss-ap-southeast-5.aliyuncs.com proxy48.oss-eu-central-1.aliyuncs.com rinimae.oss-ap-southeast-5.aliyuncs.com sahar.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1310417869184946176 successfully.link # Reference: https://twitter.com/ReBensk/status/1318048542037082114 becomplete.online # Reference: https://twitter.com/ReBensk/status/1318400566628765696 http://161.117.178.233 # Reference: https://twitter.com/ReBensk/status/1318608437056466944 http://161.117.250.158 # Reference: https://twitter.com/ReBensk/status/1318757468995018752 http://161.117.230.57 # Reference: https://twitter.com/ReBensk/status/1320593911090421760 brickmortar.life # Reference: https://twitter.com/ReBensk/status/1322789280083808263 idnyss-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1327249045513879556 watermile.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1329328104720932865 nqgvyv.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/Cuser07/status/1332623673484689408 firelife.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1336482195230380032 icelife.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1336651462395490305 satellites.life # Reference: https://twitter.com/Cuser07/status/1341937502685261826 perper.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/Cuser07/status/1342708478737936384 likeafish.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/Cuser07/status/1343389745372491777 indo-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1344988057074683904 # Reference: https://www.virustotal.com/gui/file/781ca10557344f191f53515b2c085a1a5d8331056fa3bf47d622c41c534a13b2/detection at7kyxx4.net last2020.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1345268756470145024 http://47.241.106.26 lasomiso.oss-ap-southeast-5.aliyuncs.com znyym.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1345607922038886400 rainday.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1346343034208747521 http://54.251.231.67 # Reference: https://twitter.com/sh1shk0va/status/1347258704115200002 feeli.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1349959814814724097 jordi.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1349772427685859329 longdistance.live # Reference: https://twitter.com/ReBensk/status/1352114382151405568 # Reference: https://www.virustotal.com/gui/file/b6058b96e2acb5a3b0bcf699c5f4c4dc740f6bf65b1ceeff07c71c978327a83e/detection pandaksp.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1352232075189907460 dinners.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1353601014847348736 comforty.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1356623475075547140 dingz.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1357608935914565633 rooftop.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1357630155917729794 sunset.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1358702595057983490 founde.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1358706711473790977 # Reference: https://www.virustotal.com/gui/file/aeb60925fd4a8525f76bfce9e39d577c394d0e541bffdbce9707c78818d82f76/detection fy-2021.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1359045679377575937 skullali.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1359073731079852032 aliyuncls.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1359070082635231233 lovingu.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1359077052050141185 plantgrowthtracker.oss-cn-zhangjiakou.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1361001345663176704 sungoddess.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1363373817553293315 andyla.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1364081572584906753 warriorss.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1365176741103247367 uiytjjuytr.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1365177983149826048 runwa.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1365182302523777032 tool-pdf.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1366311466769420292 fronta.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1366343257014165507 breezea.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1368862009710755841 chenllx-buc.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1368901182358364167 linchen-bucket.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1370277229700124673 biggerone.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1373874229037342721 hwayt.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1376073798768713729 dagmar.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1376072244493873152 giantchameleon.com # Reference: https://twitter.com/ReBensk/status/1376465936299909120 banca.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1376827979423047681 scanlucky.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1378587175575453703 selct.oss-ap-southeast-2.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1378996591567151107 lwildlifetrust.com # Reference: https://twitter.com/ReBensk/status/1379809108312788993 wansgo.oss-ap-southeast-5.aliyuncs.com # Reference: https://github.com/DoctorWebLtd/malware-iocs/blob/master/Android.Joker/README.adoc ad.mobnv.com api.lemonmanga.com gp.fortunnecat.com router.cutebubblegame.com welcome.baltergames.com allinonemessenger.oss-cn-shenzhen.aliyuncs.com beautypluscamera.oss-ap-northeast-1.aliyuncs.com cameramx-photovideocamera.oss-cn-wulanchabu.aliyuncs.com colorrollingicon.oss-cn-huhehaote.aliyuncs.com deepkeyboardpro.oss-cn-hongkong.aliyuncs.com funcolortoucheffects.oss-ap-southeast-2.aliyuncs.com funneymemeemoji.oss-ap-southeast-5.aliyuncs.com happycolor.oss-ap-northeast-1.aliyuncs.com happytapping.oss-cn-qingdao.aliyuncs.com new2021keyboard.oss-ap-south-1.aliyuncs.com novasdk.oss-cn-beijing.aliyuncs.com superkeyboard.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1381533326570229762 # Reference: https://www.virustotal.com/gui/file/3dfd9c6825c816fe0c995942c3c2885c5113084f199de5c1c107cf58c9f2d01b/detection dsfdbhfg-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1381531919356100609 # Reference: https://www.virustotal.com/gui/file/7f5a3921bcaf383ae8812814b1e29dad4f1baddfa0b723cc6e3bdd6c6e6a358a/detection 0402-ppd-dsb.oss-ap-southeast-2.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1382594399712911360 # Reference: https://www.virustotal.com/gui/file/c55a1f0344582b1a4f06199bf2abc2e6cb11c22b18e1c86bbef433ab4b782ef4/detection languages-mmp.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/m0br3v/status/1224286533487820800 coronavirus.oss-accelerate.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1384373907940016131 dgsxc.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/Someguy19891/status/1385224629396987908 cvnz.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/Someguy19891/status/1385282363484033027 vfew.oss-eu-west-1.aliyuncs.com # Reference: https://twitter.com/Cuser07/status/1340647716930560000 ewr1.vultrobjects.com # Reference: https://twitter.com/ReBensk/status/1386225948001914883 cjck-image.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/Someguy19891/status/1386384566978371585 vbnm.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1386897035484274689 mul4.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1389887507702050817 yutey.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/Someguy19891/status/1389883215477809153 ww44kk-1305586011.cos.na-siliconvalley.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1392735146235760640 512-1305586011.cos.na-ashburn.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1394902634641780736 517-1305586011.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1393133564523257858 dododododo.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1393455501514477571 321145512a513-1305586011.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1393598051697131521 piapia.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1395351832654794759 vvtts.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1395983592652623875 haiyawa.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1395983811637252096 suanleba.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1395983726660644872 gapp.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1396334176639459330 misia.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/dvjmane19/status/1396568030398746627 buckts.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1396718261807435781 sycg.oss-eu-west-1.aliyuncs.com # Reference: https://twitter.com/dvjmane19/status/1398668479167823874 kullali.oss-us-east-1.aliyuncs.com wter.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1399041124682006529 new-sk.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1399210588429946888 517-1305586011.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1399207089256296454 skullali.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1399969639413686273 syracuse-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1400131768833822720 tos-1305586011.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/Someguy19891/status/1400758703603683328 61toolll.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1401057812604588037 automan-1301476296.cos.eu-moscow.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1401432186096537601 z7f5b2g-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1401521422770458626 20210419-1305586011.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/Someguy19891/status/1403280211093835784 tttlll-1305586011.cos.na-toronto.myqcloud.com # Reference: https://twitter.com/dvjmane19/status/1404322779554476037 aiyama.oss-eu-west-1.aliyuncs.com # Reference: https://twitter.com/Someguy19891/status/1405421937753432065 # Reference: https://www.virustotal.com/gui/domain/spotifly.world/detection spotifly.world # Reference: https://twitter.com/ReBensk/status/1405754983547502603 tatamm.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1406241798431797249 tpfl.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1406651189312180225 voicesp.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1406653301978853380 tatamm.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1407936663662125056 614tls-1305586011.cos.eu-frankfurt.myqcloud.com dejunior.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1409417735889735680 tnd.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1409427649118621699 02aa-1301476296.cos.eu-moscow.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1410479298381639682 intherain.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1411901306248253448 onemoretime.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1411916504476504066 0701baibao-1305586011.cos.ap-nanjing.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1412726140645494785 willyou.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1413071498948923399 kadmg.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/ni_fi_70/status/1412716959754600456 http://143.198.150.254 /ob1x/8j84e/xnxo # Reference: https://twitter.com/ReBensk/status/1414446496406065156 corejj.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/magnumsnip/status/1414589863106519040 hd-background.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1415182687787094023 dkqonfacebook-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1414900521802948613 caonimasbsa-1305586011.cos.ap-singapore.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1416400454389428228 denni.oss-ap-northeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1416438873761091588 onemoretime.oss-us-east-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1417079288197570560 mffsgfb-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1418535089277870080 # Reference: https://www.virustotal.com/gui/file/52af3165b2a222d0336a26ff7a9302b2df973d995177eeff3094bfd36e0e9d1c/detection samg.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1418533495471702019 # Reference: https://www.virustotal.com/gui/file/d31c3b1a0887e5923b65e5157318e1a8ea366881eabd02233f1037ebdcb5e7eb/detection 716ocean-1305586011.cos.na-ashburn.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1418099141591269379 # Reference: https://www.virustotal.com/gui/file/96a8edb1080f49cd384f2bc7f2a5ab65de08893fe7abd45bbfd3fe8f8945159c/detection usefully.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1419521390445617156 # Reference: https://www.virustotal.com/gui/file/73d09c62df86d24e19f94b6a4d00dd4f4ae6d1af978888d6955936cacbbbdfae/detection jiefx.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1419683128277405699 pointer.oss-ap-southeast-2.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1421875674839621636 # Reference: https://www.virustotal.com/gui/file/652412b8441a5c7b46a6106e8c40f7fac3fa1cc9009316ae270f9c8fbadee98f/detection ds-3006.oss-acc-allline.aliyuncs.com.gds.alibabadns.com wg9.oss-accelerate.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1422040841124683779 # Reference: https://www.virustotal.com/gui/file/5cc2dbd3fa346bca124faeee24e1072b02df993fd70a1d2973ab4da973e13759/detection weathercycl.club # Reference: https://twitter.com/ReBensk/status/1423249047360393218 # Reference: https://www.virustotal.com/gui/file/f050606805f23465d30b9b2c61c9c912b1c5006e7683d1a039af08a02a5865ef/detection covidis.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1423266441277497355 84ppsd-1305586011.cos.na-siliconvalley.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1423560450101243905 # Reference: https://www.virustotal.com/gui/file/9cb527cab9f836d6716507be12076f34e7a3260400a641c12554fd2ce5052c5a/detection bjylhf.oss-ap-southeast-3.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1424391509508431878 http://161.117.226.99 # Reference: https://twitter.com/ReBensk/status/1429116330284781574 # Reference: https://www.virustotal.com/gui/file/bb3e0a955f7eb43b04e03449b4aeb87a15935891b48ea015f738a4153cf92486/detection heartrateandmealtracker.com # Reference: https://labs.k7computing.com/index.php/joker-unleashes-itself-again-on-google-play-store/ # Reference: https://www.virustotal.com/gui/file/214135bb602b3d833d51a3a4ddcbd3aea3124caf67ad2aa0467d8b3073a24b1e/detection 1mg1816-1305586011.cos.na-ashburn.myqcloud.com fenglintechnology-app01.oss-me-east-1.aliyuncs.com grouplearn.shop implemente.life paramera.shop puerassist.club seemslologo.club vip.paramera.shop # Reference: https://twitter.com/ni_fi_70/status/1450001755065012224 diyaa.oss-ap-southeast-2.aliyuncs.com wo0.oss-accelerate.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1451079105470820358 jiaomei.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1458795768022720520 banmama.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1458803683517468678 fibvdk77pp.s3.us-east-1.amazonaws.com opyv7s6tju.s3.eu-north-1.amazonaws.com # Reference: https://twitter.com/cy60rg17/status/1459941307279831046 howmuch.oss-me-east-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1460225316941672448 aa1026.oss-ap-southeast-5.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1460274914397720584 uyetpvn545.s3.eu-west-1.amazonaws.com # Reference: https://twitter.com/cy60rg17/status/1461376398078013440 ykzzldx.oss-ap-southeast-2.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1466078385818505226 8egbu57cwe.s3.eu-north-1.amazonaws.com # Reference: https://twitter.com/sh1shk0va/status/1468891475887157250 # Reference: https://twitter.com/midnight_comms/status/1468969195220062214 # Reference: https://www.virustotal.com/gui/file/988293d69199e6905e29256b489c9f73c0939e520f19fb23a7bd6d222f708359/detection # Reference: https://www.virustotal.com/gui/file/ef03a39a0a845b54f2a4be42d533ee92d5b309c9f81bb985ed3cce1e3733ece3/detection http://193.123.103.55 fortunnecat.com aff.fortunnecat.com v7s3q3zisk.s3.eu-west-3.amazonaws.com # Reference: https://twitter.com/midnight_comms/status/1468971453630410763 knowu.oss-ap-northeast-1.aliyuncs.com # Reference: https://twitter.com/midnight_comms/status/1468971551324131349 # Reference: https://www.virustotal.com/gui/file/8ee3c8007da49ace4c6070081766e8a5f91ed5c9c966dc5f65287b7c312f797f/detection http://8.214.6.79 applicanic.com keyboardstyle-181d4.firebaseio.com keyboardstyleapps.blogspot.com azh913.oss-us-east-1.aliyuncs.com ds-2008.oss-acc-allline.aliyuncs.com ds-2048.oss-acc-allline.aliyuncs.com ds-2008.oss-acc-allline.aliyuncs.com.gds.alibabadns.com ds-2048.oss-acc-allline.aliyuncs.com.gds.alibabadns.com yon.oss-ap-southeast-1.aliyuncs.com /svhyqj/mjcxzy /svhyqj /mjcxzy # Reference: https://twitter.com/midnight_comms/status/1468972508426620937 multi-languagekeyboard.blogspot.com # Reference: https://twitter.com/sh1shk0va/status/1470367449669423110 # Reference: https://twitter.com/midnight_comms/status/1470379168575541250 jao9.oss-eu-central-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1470359946705395720 # Reference: https://twitter.com/midnight_comms/status/1470377864985923586 xzh5gswh3z.s3.us-east-1.amazonaws.com # Reference: https://twitter.com/sh1shk0va/status/1471127777785098242 # Reference: https://twitter.com/midnight_comms/status/1471157786750832641 # Reference: https://twitter.com/midnight_comms/status/1471158825377939461 # Reference: https://twitter.com/midnight_comms/status/1471160285230624769 # Reference: https://twitter.com/midnight_comms/status/1471161366568259586 http://8.214.56.11 40wia6je1e.s3.eu-north-1.amazonaws.com mjhla.oss-ap-southeast-3.aliyuncs.com mqjuikvjn-1301476296.cos.ap-mumbai.myqcloud.com # Reference: https://twitter.com/ReBensk/status/1471459460602159107 nv2.oss-accelerate.aliyuncs.com # Reference: https://twitter.com/Cuser07/status/1472124389282181121 # Reference: https://twitter.com/midnight_comms/status/1472232347139559429 mygoodidea.xyz mygoodidea.oss-me-east-1.aliyuncs.com puerassist.club # Reference: https://twitter.com/ReBensk/status/1475362049257402370 maybee.oss-us-west-1.aliyuncs.com # Reference: https://twitter.com/sh1shk0va/status/1475456020004671489 # Reference: https://twitter.com/midnight_comms/status/1475481954506137601 qyhtofiqg9.s3.eu-west-3.amazonaws.com # Reference: https://twitter.com/ReBensk/status/1434533331408809985 ladders.oss-eu-west-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1482421958461759488 # Reference: https://www.virustotal.com/gui/file/a9045ba7536e77151fed86ef78efd2fc66cc4298e9b3017df091273c5152b1d8/detection lettera.oss-ap-southeast-1.aliyuncs.com # Reference: https://twitter.com/ReBensk/status/1482423059374313472 # Reference: https://www.virustotal.com/gui/file/16bbf489bae2c9146d63b715a5f9ff0b24ea3b9bfe8cc93169bd59eadd3a4154/detection blissful.oss-ap-northeast-1.aliyuncs.com # APK /000166ssshH5.apk