related report (20200107)

https://blog.trendmicro.com/trendlabs-security-intelligence/first-active-attack-exploiting-cve-2019-2215-found-on-google-play-linked-to-sidewinder-apt-group/

com.camero.android.camera2basic.apk -> infected.rar

ms-ethics.net

cdn.ms-ethics.net

deb-cn.net

ap1-acl.net

https://ap1-acl.net/202/KfzLXf6NisWqPtYOrrQYJfzErkCyS8ib8dz3QSsN/1115/2280/16331af8

http://ap1-acl.net/mod/

ms-db.net

aws-check.net

reawk.net

https://reawk.net/202/jQcPZ3kx6hGod25WMnTocKStUToZEPRy6WfWkEX3/-1/12571/87854fea

https://reawk.net/202/OaZbRGT9AZ6rhLMSEWSoFykWnI7FeEbXdgvNvwZP/-1/12571/10255afc

gov-pk.org

baf.gov-pk.org

mlibinternetbanking.gov-pk.org

pakcert.gov-pk.org	

mail.paec.gov-pk.org

https://www.virustotal.com/graph/g2ba58f8b3f4043a7acb450ea1709cbbddd512be5f5bc4d2fa577eb7d7421b47d/drawer/node-summary/node/nap1-acl.net/1578369200420