adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/5c35f6b7-0360-430d-a564-4b22950d210f.json

96 lines
4.6 KiB
JSON
Raw Permalink Normal View History

chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--5c35f6b7-0360-430d-a564-4b22950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-09T15:07:06.000Z",
"modified": "2019-01-09T15:07:06.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "grouping",
"spec_version": "2.1",
"id": "grouping--5c35f6b7-0360-430d-a564-4b22950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-09T15:07:06.000Z",
"modified": "2019-01-09T15:07:06.000Z",
"name": "OSINT - Adware Disguised as Game, TV, Remote Control Apps Infect 9 Million Google Play Users",
"context": "suspicious-activity",
"object_refs": [
"observed-data--5c35f710-e368-4f58-86b1-4d81950d210f",
"url--5c35f710-e368-4f58-86b1-4d81950d210f",
"x-misp-attribute--5c35f821-8630-403a-93fe-48c0950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"veris:action:malware:variety=\"Adware\"",
"malware_classification:malware-category=\"Adware\"",
"ms-caro-malware:malware-type=\"Adware\"",
"enisa:nefarious-activity-abuse=\"spyware-or-deceptive-adware\"",
"ms-caro-malware-full:malware-type=\"Adware\"",
"osint:source-type=\"blog-post\"",
"workflow:todo=\"add-missing-misp-galaxy-cluster-values\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5c35f710-e368-4f58-86b1-4d81950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-09T13:33:48.000Z",
"modified": "2019-01-09T13:33:48.000Z",
"first_observed": "2019-01-09T13:33:48Z",
"last_observed": "2019-01-09T13:33:48Z",
"number_observed": 1,
"object_refs": [
"url--5c35f710-e368-4f58-86b1-4d81950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"blog-post\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5c35f710-e368-4f58-86b1-4d81950d210f",
"value": "https://blog.trendmicro.com/trendlabs-security-intelligence/adware-disguised-as-game-tv-remote-control-apps-infect-9-million-google-play-users/"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5c35f821-8630-403a-93fe-48c0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-09T13:33:47.000Z",
"modified": "2019-01-09T13:33:47.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"blog-post\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "Adware is bothersome, disruptive, and have been around for a long time, but they\u2019re still around. In fact, we recently discovered an active adware family (detected by Trend Micro as AndroidOS_HidenAd) disguised as 85 game, TV, and remote control simulator apps on the Google Play store. This adware is capable of displaying full-screen ads, hiding itself, monitoring a device\u2019s screen unlocking functionality, and running in the mobile device\u2019s background. The 85 fake apps, which have been downloaded a total of 9 million times around the world. After verifying our report, Google swiftly suspended the fake apps from the Play store."
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue Copy permalink