{ "Event": { "analysis": "2", "date": "2017-11-09", "extends_uuid": "", "info": "OSINT - How Mobile Bankbots Disguise as Perfectly Trustworthy Apps", "publish_timestamp": "1514468116", "published": true, "threat_level_id": "3", "timestamp": "1513825272", "uuid": "5a3a297f-95a8-418e-a949-484f950d210f", "Orgc": { "name": "CIRCL", "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f" }, "Tag": [ { "colour": "#004646", "local": "0", "name": "type:OSINT", "relationship_type": "" }, { "colour": "#ffffff", "local": "0", "name": "tlp:white", "relationship_type": "" }, { "colour": "#00223b", "local": "0", "name": "osint:source-type=\"blog-post\"", "relationship_type": "" }, { "colour": "#f24722", "local": "0", "name": "Banker", "relationship_type": "" }, { "colour": "#002f76", "local": "0", "name": "ms-caro-malware-full:malware-family=\"Banker\"", "relationship_type": "" }, { "colour": "#5f0077", "local": "0", "name": "ms-caro-malware:malware-platform=\"AndroidOS\"", "relationship_type": "" }, { "colour": "#211c1c", "local": "0", "name": "Android Malware", "relationship_type": "" }, { "colour": "#001a40", "local": "0", "name": "ms-caro-malware-full:malware-platform=\"AndroidOS\"", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1513764306", "to_ids": false, "type": "link", "uuid": "5a3a2992-b630-4ff6-a166-4b16950d210f", "value": "https://www.riskiq.com/blog/labs/mobile-bankbot/" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1513764306", "to_ids": true, "type": "ip-dst", "uuid": "5a3a3286-581c-42a0-9d48-487f950d210f", "value": "91.226.11.200" } ] } }