{ "Event": { "analysis": "2", "date": "2017-08-11", "extends_uuid": "", "info": "OSINT - Fake Snapchat in Google Play Store", "publish_timestamp": "1502462432", "published": true, "threat_level_id": "3", "timestamp": "1502462398", "uuid": "598dc10d-2e10-4de5-8745-433202de0b81", "Orgc": { "name": "CIRCL", "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f" }, "Tag": [ { "colour": "#ffffff", "local": false, "name": "tlp:white", "relationship_type": "" }, { "colour": "#5f0077", "local": false, "name": "ms-caro-malware:malware-platform=\"AndroidOS\"", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1502462398", "to_ids": false, "type": "link", "uuid": "598dc128-b620-491f-902c-4df402de0b81", "value": "https://blog.zimperium.com/fake-snapchat-google-play-store/", "Tag": [ { "colour": "#00223b", "local": false, "name": "osint:source-type=\"blog-post\"", "relationship_type": "" } ] }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1502462398", "to_ids": false, "type": "text", "uuid": "598dc141-218c-4086-b974-497e02de0b81", "value": "Zimperium discovered and reported a fake version of the popular Snapchat app in the official Google Play Store; At the time of our discovery, it was the second result when searching for \u00e2\u20ac\u0153Snapchat\u00e2\u20ac\u009d. The fake version of Snapchat app is using \u00e2\u20ac\u0153Snap Inc .\u00e2\u20ac\u009d as Company Name, with a \u00e2\u20ac\u009d .\u00e2\u20ac\u009d appended to original name.", "Tag": [ { "colour": "#00223b", "local": false, "name": "osint:source-type=\"blog-post\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1502462398", "to_ids": false, "type": "mobile-application-id", "uuid": "598dc195-e494-4617-a1e4-486302de0b81", "value": "com.snacha.android" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1502462398", "to_ids": true, "type": "sha256", "uuid": "598dc1b5-d13c-4fb5-a52d-44ca02de0b81", "value": "f1049a50763fd4a8dddd45735ee97a419caac0997a0c99393af111a24afdf146" }, { "category": "Payload delivery", "comment": "- Xchecked via VT: f1049a50763fd4a8dddd45735ee97a419caac0997a0c99393af111a24afdf146", "deleted": false, "disable_correlation": false, "timestamp": "1502462398", "to_ids": true, "type": "sha1", "uuid": "598dc1be-1174-4856-a6e8-4dc702de0b81", "value": "41859c0fe79f625ddcc0f851519a811c2d017a18" }, { "category": "Payload delivery", "comment": "- Xchecked via VT: f1049a50763fd4a8dddd45735ee97a419caac0997a0c99393af111a24afdf146", "deleted": false, "disable_correlation": false, "timestamp": "1502462398", "to_ids": true, "type": "md5", "uuid": "598dc1be-80cc-4105-a841-430f02de0b81", "value": "510f1c68f93ff812e07ffe8caf609a63" }, { "category": "External analysis", "comment": "- Xchecked via VT: f1049a50763fd4a8dddd45735ee97a419caac0997a0c99393af111a24afdf146", "deleted": false, "disable_correlation": false, "timestamp": "1502462398", "to_ids": false, "type": "link", "uuid": "598dc1be-ccb4-4eea-8924-44e802de0b81", "value": "https://www.virustotal.com/file/f1049a50763fd4a8dddd45735ee97a419caac0997a0c99393af111a24afdf146/analysis/1502452010/" } ] } }