misp-circl-feed/feeds/circl/misp/5a216518-dd10-4191-9ac8-4919950d210f.json

260 lines
9 KiB
JSON
Raw Normal View History

2023-04-21 13:25:09 +00:00
{
"Event": {
"analysis": "2",
"date": "2017-11-28",
"extends_uuid": "",
"info": "OSINT - Google Discovers New Tizi Android Spyware",
"publish_timestamp": "1512283057",
"published": true,
"threat_level_id": "3",
"timestamp": "1512283042",
"uuid": "5a216518-dd10-4191-9ac8-4919950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#004646",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "type:OSINT",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
},
{
"colour": "#ffffff",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "tlp:white",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
},
{
"colour": "#00223b",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "osint:source-type=\"blog-post\"",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
},
{
"colour": "#211c1c",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "Android Malware",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
},
{
"colour": "#3c6b00",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "malware_classification:malware-category=\"Spyware\"",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
},
{
"colour": "#0088cc",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "misp-galaxy:android=\"Tizi\"",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512282367",
"to_ids": true,
"type": "filename",
"uuid": "5a2167bd-e750-4d4a-b4f2-4c20950d210f",
"value": "com.press.nasa.com.tanofresh"
},
{
"category": "Payload delivery",
"comment": "com.press.nasa.com.tanofresh",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512282367",
"to_ids": true,
"type": "sha256",
"uuid": "5a2167bd-5f98-45bc-a1b5-4862950d210f",
"value": "4d780a6fc18458311250d4d1edc750468fdb9b3e4c950dce5b35d4567b47d4a7"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512282367",
"to_ids": true,
"type": "filename",
"uuid": "5a2167bd-e184-46a4-98e8-43eb950d210f",
"value": "com.dailyworkout.tizi"
},
{
"category": "Payload delivery",
"comment": "com.dailyworkout.tizi",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512282367",
"to_ids": true,
"type": "sha256",
"uuid": "5a2167bd-d7fc-4be3-ab49-488d950d210f",
"value": "7c6af091a7b0f04fb5b212bd3c180ddcc6abf7cd77478fd22595e5b7aa7cfd9f"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512282367",
"to_ids": true,
"type": "filename",
"uuid": "5a2167bd-5ebc-4c51-9b93-4f70950d210f",
"value": "com.system.update.systemupdate"
},
{
"category": "Payload delivery",
"comment": "com.system.update.systemupdate",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512282367",
"to_ids": true,
"type": "sha256",
"uuid": "5a2167bd-fb5c-4b49-b44f-43c6950d210f",
"value": "7a956c754f003a219ea1d2205de3ef5bc354419985a487254b8aeb865442a55e"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512282367",
"to_ids": false,
"type": "link",
"uuid": "5a216d15-6b0c-4b76-9e83-41a6950d210f",
"value": "https://www.bleepingcomputer.com/news/security/google-discovers-new-tizi-android-spyware/",
"Tag": [
{
"colour": "#00223b",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "osint:source-type=\"blog-post\"",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
}
]
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512282367",
"to_ids": false,
"type": "comment",
"uuid": "5a216d33-5f44-4643-a153-4bb2950d210f",
"value": "Google's security team discovered a new strain of Android malware, named Tizi, and which has been used primarily to target users in African countries.\r\n\r\nCategorized as spyware, Google says Tizi can carry out a wide range of operations, but most focus on social media apps and activity.",
"Tag": [
{
"colour": "#00223b",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "osint:source-type=\"blog-post\"",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
}
]
},
{
"category": "Payload delivery",
"comment": "com.system.update.systemupdate - Xchecked via VT: 7a956c754f003a219ea1d2205de3ef5bc354419985a487254b8aeb865442a55e",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512282367",
"to_ids": true,
"type": "sha1",
"uuid": "5a2398ff-ea08-42ea-a97e-bb2c02de0b81",
"value": "184152328f8662006376b6a0b5a50f5f9219c8ce"
},
{
"category": "Payload delivery",
"comment": "com.system.update.systemupdate - Xchecked via VT: 7a956c754f003a219ea1d2205de3ef5bc354419985a487254b8aeb865442a55e",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512282367",
"to_ids": true,
"type": "md5",
"uuid": "5a2398ff-7da0-457c-9904-bb2c02de0b81",
"value": "9d073c17499632150dc72ac92590780d"
},
{
"category": "External analysis",
"comment": "com.system.update.systemupdate - Xchecked via VT: 7a956c754f003a219ea1d2205de3ef5bc354419985a487254b8aeb865442a55e",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512282367",
"to_ids": false,
"type": "link",
"uuid": "5a2398ff-21e4-4169-b6c8-bb2c02de0b81",
"value": "https://www.virustotal.com/file/7a956c754f003a219ea1d2205de3ef5bc354419985a487254b8aeb865442a55e/analysis/1512003768/"
},
{
"category": "Payload delivery",
"comment": "com.dailyworkout.tizi - Xchecked via VT: 7c6af091a7b0f04fb5b212bd3c180ddcc6abf7cd77478fd22595e5b7aa7cfd9f",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512282367",
"to_ids": true,
"type": "sha1",
"uuid": "5a2398ff-8f34-41cb-9e82-bb2c02de0b81",
"value": "501ca245120882a82021c8b8a2e5304b6e03eef5"
},
{
"category": "Payload delivery",
"comment": "com.dailyworkout.tizi - Xchecked via VT: 7c6af091a7b0f04fb5b212bd3c180ddcc6abf7cd77478fd22595e5b7aa7cfd9f",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512282367",
"to_ids": true,
"type": "md5",
"uuid": "5a2398ff-2ad0-4330-b947-bb2c02de0b81",
"value": "abe47a9e7d8da5c3a4f7579b61e9d72f"
},
{
"category": "External analysis",
"comment": "com.dailyworkout.tizi - Xchecked via VT: 7c6af091a7b0f04fb5b212bd3c180ddcc6abf7cd77478fd22595e5b7aa7cfd9f",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512282367",
"to_ids": false,
"type": "link",
"uuid": "5a2398ff-ddf4-4e19-9f96-bb2c02de0b81",
"value": "https://www.virustotal.com/file/7c6af091a7b0f04fb5b212bd3c180ddcc6abf7cd77478fd22595e5b7aa7cfd9f/analysis/1512160033/"
},
{
"category": "Payload delivery",
"comment": "com.press.nasa.com.tanofresh - Xchecked via VT: 4d780a6fc18458311250d4d1edc750468fdb9b3e4c950dce5b35d4567b47d4a7",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512282368",
"to_ids": true,
"type": "sha1",
"uuid": "5a239900-6dfc-4a68-aef0-bb2c02de0b81",
"value": "7ebdea26b6a0b7e9e7606d70c187ab0be934386e"
},
{
"category": "Payload delivery",
"comment": "com.press.nasa.com.tanofresh - Xchecked via VT: 4d780a6fc18458311250d4d1edc750468fdb9b3e4c950dce5b35d4567b47d4a7",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512282368",
"to_ids": true,
"type": "md5",
"uuid": "5a239900-6ad0-4ebd-bc73-bb2c02de0b81",
"value": "d0da76c2f0c5aa3ef5af897bec2f0e52"
},
{
"category": "External analysis",
"comment": "com.press.nasa.com.tanofresh - Xchecked via VT: 4d780a6fc18458311250d4d1edc750468fdb9b3e4c950dce5b35d4567b47d4a7",
"deleted": false,
"disable_correlation": false,
"timestamp": "1512282368",
"to_ids": false,
"type": "link",
"uuid": "5a239900-da84-4a68-89a5-bb2c02de0b81",
"value": "https://www.virustotal.com/file/4d780a6fc18458311250d4d1edc750468fdb9b3e4c950dce5b35d4567b47d4a7/analysis/1512212017/"
}
]
}
}