2023-04-21 13:25:09 +00:00
|
|
|
{
|
2023-12-14 14:30:15 +00:00
|
|
|
"Event": {
|
|
|
|
"analysis": "2",
|
|
|
|
"date": "2016-03-08",
|
|
|
|
"extends_uuid": "",
|
|
|
|
"info": "BadMirror: New Android Malware Family Spotted by SherlockDroid",
|
|
|
|
"publish_timestamp": "1457459747",
|
|
|
|
"published": true,
|
|
|
|
"threat_level_id": "3",
|
|
|
|
"timestamp": "1457459739",
|
|
|
|
"uuid": "56df115b-5030-4328-a9ee-4484950d210f",
|
|
|
|
"Orgc": {
|
|
|
|
"name": "CIRCL",
|
|
|
|
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
|
|
|
|
},
|
|
|
|
"Tag": [
|
|
|
|
{
|
|
|
|
"colour": "#ffffff",
|
|
|
|
"local": "0",
|
|
|
|
"name": "tlp:white",
|
|
|
|
"relationship_type": ""
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#004646",
|
|
|
|
"local": "0",
|
|
|
|
"name": "type:OSINT",
|
|
|
|
"relationship_type": ""
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459579",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "56df117b-4f04-4945-b56a-4591950d210f",
|
|
|
|
"value": "http://silent.googlestatistics.net:10055/api/sys"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459579",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "56df117b-ff24-431b-83d7-457f950d210f",
|
|
|
|
"value": "http://silent.800t.net:10055/api/sys"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459579",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "56df117b-fde8-4890-9b65-494f950d210f",
|
|
|
|
"value": "http://googlestatistics.net:10055/boxgame/appmore/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "Imported via the freetext import.",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459579",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "56df117b-9578-43b5-9155-416e950d210f",
|
|
|
|
"value": "http://bg.800t.net:10055/appmore/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Samples",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459610",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "56df119a-c078-4452-a404-5cd9950d210f",
|
|
|
|
"value": "835c14d38926c88ee9a51a0b6d8c7893a76e3bf4e8d1978b650e178c88b1e07e"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Samples",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459610",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "56df119a-8a5c-42a6-ad39-5cd9950d210f",
|
|
|
|
"value": "ba56136e88e398a8e7f7c3c398b21550d17beb3ae533b579d6a1abf5de6d4d5c"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Samples",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459611",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "56df119b-0e04-455d-9301-5cd9950d210f",
|
|
|
|
"value": "171ccb5ef9ff1bbeb65912b7fbaa30724aa17f949e4ac75738d4fbf74ad6577c"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Samples",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459611",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "56df119b-4558-4616-9bd8-5cd9950d210f",
|
|
|
|
"value": "4393b8d81d6ccd5be5aa2652180dfb7213dca8a9f089c70edf4b2b1711aadeba"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Samples",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459611",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "56df119b-1054-45de-a07a-5cd9950d210f",
|
|
|
|
"value": "bad6b2f190c042e85c18fab79f3008bc167dd20a37a2382089e8c50910b2d8bb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Samples",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459612",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "56df119c-903c-49ca-ad6b-5cd9950d210f",
|
|
|
|
"value": "c17e327c1b35589317ad4f9f877fb260eac7fc4d1d8647bf1335348ce7ba1564"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Samples",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459612",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "56df119c-5af8-4711-a455-5cd9950d210f",
|
|
|
|
"value": "c684f0d3a87b8bc1f69291fa526ccad2fa71a4701cf55531b23509a985a36210"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Samples",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459612",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "56df119c-4f38-4f82-a8ee-5cd9950d210f",
|
|
|
|
"value": "8721d98ef053e6f429cbc07a710b87b8048c8b8bb9788651f20e90281bb37ac5"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Samples",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459613",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "56df119d-fdb0-4e36-add5-5cd9950d210f",
|
|
|
|
"value": "f45fc90d1f2818c72ece2b1a88d6dad6f6065a7a6e1b366e919c8fc85c1391f6"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Samples",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459613",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "56df119d-2018-4457-b8c4-5cd9950d210f",
|
|
|
|
"value": "86e48e907a412f110db908234899037e6890872452b260274e03c5c736537932"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Samples",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459652",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha256",
|
|
|
|
"uuid": "56df11ac-0c48-4f48-b57e-4206950d210f",
|
|
|
|
"value": "a839afe5b67de0d7500f30cd787abfbcaf268c2684b8e247381e28e4bb18e551"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Samples - Xchecked via VT: f45fc90d1f2818c72ece2b1a88d6dad6f6065a7a6e1b366e919c8fc85c1391f6",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459705",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "56df11f9-6a3c-45af-ab0e-460a02de0b81",
|
|
|
|
"value": "c3edf6fcdc0770c62cc03078051392db418fec7e"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Samples - Xchecked via VT: f45fc90d1f2818c72ece2b1a88d6dad6f6065a7a6e1b366e919c8fc85c1391f6",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459705",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "56df11f9-1fac-4cb2-b73e-45c702de0b81",
|
|
|
|
"value": "415990651f6b53b6df3208bea7e5e29d"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459706",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "56df11fa-6568-42b1-b6ba-415502de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/f45fc90d1f2818c72ece2b1a88d6dad6f6065a7a6e1b366e919c8fc85c1391f6/analysis/1457418028/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Samples - Xchecked via VT: 835c14d38926c88ee9a51a0b6d8c7893a76e3bf4e8d1978b650e178c88b1e07e",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459706",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "sha1",
|
|
|
|
"uuid": "56df11fa-fc88-41ef-b781-478a02de0b81",
|
|
|
|
"value": "05d9c9eeded99da30bbddbb81150c0eff45d812e"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "Samples - Xchecked via VT: 835c14d38926c88ee9a51a0b6d8c7893a76e3bf4e8d1978b650e178c88b1e07e",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459706",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "md5",
|
|
|
|
"uuid": "56df11fa-7ad8-4ed6-9a63-471c02de0b81",
|
|
|
|
"value": "4f437c0e4a424bc25c1a3abf26321d98"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459706",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "56df11fa-5510-469d-8869-421b02de0b81",
|
|
|
|
"value": "https://www.virustotal.com/file/835c14d38926c88ee9a51a0b6d8c7893a76e3bf4e8d1978b650e178c88b1e07e/analysis/1457415536/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1457459739",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "56df121b-9fd0-4b3e-b630-414c950d210f",
|
|
|
|
"value": "http://blog.fortinet.com/post/badmirror-new-android-malware-family-spotted-by-sherlockdroid"
|
|
|
|
}
|
2023-04-21 13:25:09 +00:00
|
|
|
]
|
2023-12-14 14:30:15 +00:00
|
|
|
}
|
2023-04-21 13:25:09 +00:00
|
|
|
}
|