{ "type": "bundle", "id": "bundle--5ab38954-dd00-43a1-8e79-405e950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:45:34.000Z", "modified": "2018-03-23T10:45:34.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "grouping", "spec_version": "2.1", "id": "grouping--5ab38954-dd00-43a1-8e79-405e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:45:34.000Z", "modified": "2018-03-23T10:45:34.000Z", "name": "OSINT - ExpensiveWall: A Dangerous \u2018Packed\u2019 Malware On Google Play That Will Hit Your Wallet", "context": "suspicious-activity", "object_refs": [ "observed-data--5ab3a11a-eb88-4eaf-a957-49ed950d210f", "url--5ab3a11a-eb88-4eaf-a957-49ed950d210f", "x-misp-attribute--5ab4cd58-4958-4837-a557-42e4950d210f", "indicator--5ab4d044-e6cc-4e5f-933d-43c7950d210f", "indicator--5ab4d045-db54-4a40-b87c-485a950d210f", "indicator--5ab4d045-ec04-457a-adaf-4164950d210f", "indicator--5ab4d046-a57c-4788-bb38-4c9c950d210f", "indicator--5ab4d046-83ec-4409-8fde-497e950d210f", "indicator--5ab4d047-be04-4020-bacd-498d950d210f", "indicator--5ab4d047-4d5c-4770-87f3-48ef950d210f", "indicator--5ab4d048-1fd8-4ddc-b914-488b950d210f", "indicator--5ab4d048-e2b8-4e27-b8ee-4cb0950d210f", "indicator--5ab4d049-e0e8-4d7f-a803-4db5950d210f", "indicator--5ab4d09e-04d4-42d1-8f42-46ca950d210f", "indicator--5ab4d09f-ed18-4503-a7e3-4e83950d210f", "indicator--5ab4d09f-25a8-4c4a-b253-4e1a950d210f", "indicator--5ab4d0a0-ffe0-4cdd-9410-4ee9950d210f", "indicator--5ab4d0a0-c174-452d-878e-4a1c950d210f", "indicator--5ab4d0a1-d75c-449d-aa76-43da950d210f", "indicator--5ab4d0a1-3908-41d2-98d9-469d950d210f", "indicator--5ab4d0a2-03ec-4a26-95b8-4e5d950d210f", "indicator--5ab4d0a2-d14c-4354-8deb-4691950d210f", "indicator--5ab4d0a3-ebf4-4e38-8512-4c7a950d210f", "indicator--5ab4d122-de98-4fd3-823a-4bc1950d210f", "indicator--5ab4d122-b170-4e0b-bd31-46f8950d210f", "indicator--5ab4d123-4180-42f9-8988-4e7b950d210f", "indicator--5ab4d123-9e24-482e-96f3-4962950d210f", "indicator--5ab4d124-0308-4366-819e-4367950d210f", "indicator--5ab4d124-7c74-4041-982b-475a950d210f", "indicator--5ab4d125-fb58-4d3c-8896-4f5d950d210f", "indicator--5ab4d125-7604-449a-8821-4c29950d210f", "indicator--5ab4d126-a0e4-4970-9968-4b35950d210f", "indicator--5ab4d126-f27c-43dc-964a-4b77950d210f", "indicator--5ab4d292-0e24-4d37-b1e1-4cc1950d210f", "indicator--5ab4d292-8960-4638-a136-4205950d210f", "indicator--5ab4d293-fafc-4eac-b1ba-4277950d210f", "indicator--5ab4d293-ec9c-431c-89b0-4b15950d210f", "indicator--5ab4d294-e440-42b4-8b1f-436f950d210f", "indicator--5ab4d294-3c04-48b8-a8b9-4a98950d210f", "indicator--5ab4d294-ad9c-4b8e-ac5b-4503950d210f", "indicator--5ab4d295-6324-4074-8c12-44fd950d210f", "indicator--5ab4d295-c35c-469c-9d2c-4d78950d210f", "indicator--5ab4d296-5e3c-4848-aa03-4dba950d210f", "indicator--5ab4d371-6b1c-40d4-9765-41b4950d210f", "indicator--5ab4d371-a308-4df7-a596-4a83950d210f", "indicator--5ab4d372-e1a4-4f37-b278-46c8950d210f", "indicator--5ab4d372-fe44-4696-96d7-4b2b950d210f", "indicator--5ab4d373-98bc-421a-a080-4a70950d210f", "indicator--5ab4d373-adbc-4195-9d5d-4fa2950d210f", "indicator--5ab4d373-d62c-4674-9a2f-4d58950d210f", "indicator--5ab4d374-a7ac-44b3-a909-4e4f950d210f", "indicator--5ab4d374-a838-431b-be02-4a48950d210f", "indicator--5ab4d375-487c-47f7-b76f-43db950d210f", "indicator--5ab4d375-1c9c-420b-a54d-4240950d210f", "indicator--5ab4d375-9b7c-45bf-a8e8-4a80950d210f", "indicator--5ab4d4e5-b848-4875-bb73-48ed950d210f", "indicator--5ab4d4e6-e05c-436e-8aad-44f0950d210f", "indicator--5ab4d4e6-4d8c-48a0-960f-437a950d210f", "indicator--5ab4d4e6-0104-493b-b0c4-48f5950d210f", "indicator--5ab4d4e7-35d4-4df0-beb7-4c8d950d210f", "indicator--5ab4d4e7-eb0c-43f1-bc2c-45cc950d210f", "indicator--5ab4d4e8-074c-4801-af82-4262950d210f", "indicator--5ab4d4e8-293c-48fc-a3ac-43e4950d210f", "indicator--5ab4d4e8-6058-4a92-a6df-4cef950d210f", "indicator--5ab4d4e9-50a8-4ea9-b4bb-4d86950d210f", "indicator--5ab4d56d-ca5c-4f6e-8bbb-431f950d210f", "indicator--5ab4d56e-8d24-47a4-a3ff-4131950d210f", "indicator--5ab4d56e-66e0-4170-a28f-446d950d210f", "indicator--5ab4d56e-ba6c-438f-9837-4e46950d210f", "indicator--5ab4d56f-0570-489f-aae1-4b02950d210f", "indicator--5ab4d56f-4794-46c2-b602-4a94950d210f", "indicator--5ab4d570-74bc-4f80-9f3c-40f5950d210f", "indicator--5ab4d570-56a8-4346-9e41-44b5950d210f", "indicator--5ab4d570-856c-44f1-b5dc-402c950d210f", "indicator--5ab4d571-b5d8-4c33-867d-4c7f950d210f", "indicator--5ab4d661-3ffc-4d40-a2e3-4f9d950d210f", "indicator--5ab4d661-73bc-4c28-b0b4-4e56950d210f", "indicator--5ab4d662-8a10-4841-957a-4416950d210f", "indicator--5ab4d682-55e0-4e3a-b7fc-4161950d210f", "indicator--5ab4d6ed-49c0-42c3-976a-4d98950d210f", "indicator--5ab4d6ee-6728-4bc4-8a27-44b4950d210f", "indicator--5ab4d6ee-8910-4fe5-ad85-4682950d210f", "indicator--5ab4d746-94cc-42bd-b9ce-41f8950d210f", "indicator--5ab4d746-a880-419f-a792-4bf5950d210f", "indicator--5ab4d747-b960-4ba0-821e-4040950d210f", "indicator--5ab4d747-067c-41de-8580-49df950d210f", "indicator--5ab4d748-e348-40bd-921e-42a1950d210f", "indicator--5ab4d778-3284-4005-899a-4aa3950d210f", "indicator--5ab4d778-8080-4150-a41d-4de6950d210f", "indicator--5ab4d779-ff74-411c-9d03-4d5c950d210f", "indicator--5ab4d779-51a8-45bd-a557-4e20950d210f", "indicator--5ab4d77a-2cd4-47d3-bc02-4102950d210f", "indicator--5ab4d7c7-ecdc-46ae-94f8-4263950d210f", "indicator--5ab4d7c8-2ec0-4fea-98dd-4964950d210f", "indicator--5ab4d882-d0d4-4976-a833-42d4950d210f", "indicator--5ab4d882-0a10-47c9-97b3-4e7d950d210f", "indicator--5ab4d883-7eac-487b-af22-4abb950d210f", "indicator--5ab4d883-ad38-40af-b991-49c4950d210f", "indicator--5ab4d884-243c-4517-81cb-43cc950d210f", "indicator--5ab4d884-36bc-46ce-8550-4cb8950d210f", "indicator--5ab4d9a1-68a8-47b3-9364-4aa9950d210f", "indicator--5ab4d9a2-d8f4-4a8c-936a-4e67950d210f", "indicator--5ab4d9a2-1bac-4ecb-a78c-4e02950d210f", "indicator--5ab4d9a3-efdc-4bf1-a0c8-4328950d210f", "indicator--5ab4d9a3-63e0-4c98-9747-4ba9950d210f", "indicator--5ab4d9a3-d05c-49af-ae6a-4c26950d210f", "indicator--5ab4d9a4-7800-480f-b745-4e7a950d210f", "indicator--5ab4d9a4-df8c-4431-a56a-408e950d210f", "indicator--5ab4d9a5-a394-4efe-8705-42d1950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "workflow:todo=\"create-missing-misp-galaxy-cluster-values\"", "circl:incident-classification=\"malware\"", "osint:source-type=\"blog-post\"", "Android Malware", "ms-caro-malware-full:malware-platform=\"AndroidOS\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--5ab3a11a-eb88-4eaf-a957-49ed950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T09:50:08.000Z", "modified": "2018-03-23T09:50:08.000Z", "first_observed": "2018-03-23T09:50:08Z", "last_observed": "2018-03-23T09:50:08Z", "number_observed": 1, "object_refs": [ "url--5ab3a11a-eb88-4eaf-a957-49ed950d210f" ], "labels": [ "misp:type=\"link\"", "misp:category=\"External analysis\"", "osint:source-type=\"blog-post\"" ] }, { "type": "url", "spec_version": "2.1", "id": "url--5ab3a11a-eb88-4eaf-a957-49ed950d210f", "value": "https://blog.checkpoint.com/2017/09/14/expensivewall-dangerous-packed-malware-google-play-will-hit-wallet/" }, { "type": "x-misp-attribute", "spec_version": "2.1", "id": "x-misp-attribute--5ab4cd58-4958-4837-a557-42e4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T09:49:59.000Z", "modified": "2018-03-23T09:49:59.000Z", "labels": [ "misp:type=\"comment\"", "misp:category=\"External analysis\"", "osint:source-type=\"blog-post\"" ], "x_misp_category": "External analysis", "x_misp_type": "comment", "x_misp_value": "Check Point\u2019s mobile threat research team identified a new variant of an Android malware that sends fraudulent premium SMS messages and charges users\u2019 accounts for fake services without their knowledge. According to Google Play data, the malware infected at least 50 apps and was downloaded between 1 million and 4.2 million times before the affected apps were removed.\r\n\r\nThe new strain of malware is dubbed \u201cExpensiveWall,\u201d after one of the apps it uses to infect devices, \u201cLovely Wallpaper.\u201d ExpensiveWall is a new variant of a malware found earlier this year on Google Play. The entire malware family has now been downloaded between 5.9 million and 21.1 million times." }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d044-e6cc-4e5f-933d-43c7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:00:36.000Z", "modified": "2018-03-23T10:00:36.000Z", "description": "I Love Fliter", "pattern": "[file:name = 'com.star.trek']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:00:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d045-db54-4a40-b87c-485a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:00:37.000Z", "modified": "2018-03-23T10:00:37.000Z", "description": "Tool Box Pro", "pattern": "[file:name = 'com.newac.toolbox']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:00:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d045-ec04-457a-adaf-4164950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:00:37.000Z", "modified": "2018-03-23T10:00:37.000Z", "description": "X WALLPAPER", "pattern": "[file:name = 'com.newac.wallpaper']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:00:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d046-a57c-4788-bb38-4c9c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:00:38.000Z", "modified": "2018-03-23T10:00:38.000Z", "description": "Horoscope", "pattern": "[file:name = 'com.yeahmobi.horoscopeinter']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:00:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d046-83ec-4409-8fde-497e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:00:38.000Z", "modified": "2018-03-23T10:00:38.000Z", "description": "X Wallpaper Pro", "pattern": "[file:name = 'com.gkt.xwallpaper']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:00:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d047-be04-4020-bacd-498d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:00:39.000Z", "modified": "2018-03-23T10:00:39.000Z", "description": "Beautiful Camera", "pattern": "[file:name = 'com.gwqcv.zsfy']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:00:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d047-4d5c-4770-87f3-48ef950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:00:39.000Z", "modified": "2018-03-23T10:00:39.000Z", "description": "Color Camera", "pattern": "[file:name = 'com.hdsj.hdey']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:00:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d048-1fd8-4ddc-b914-488b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:00:40.000Z", "modified": "2018-03-23T10:00:40.000Z", "description": "Love Photo", "pattern": "[file:name = 'com.lovephoto.gp.inter']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:00:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d048-e2b8-4e27-b8ee-4cb0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:00:40.000Z", "modified": "2018-03-23T10:00:40.000Z", "description": "Tide Camera", "pattern": "[file:name = 'com.parrot.tidecmr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:00:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d049-e0e8-4d7f-a803-4db5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:00:41.000Z", "modified": "2018-03-23T10:00:41.000Z", "description": "Charming Camera", "pattern": "[file:name = 'com.zerg.charmingcmr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:00:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d09e-04d4-42d1-8f42-46ca950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:02:06.000Z", "modified": "2018-03-23T10:02:06.000Z", "description": "Horoscope", "pattern": "[file:name = 'com.constellation.prophecy']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:02:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d09f-ed18-4503-a7e3-4e83950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:02:07.000Z", "modified": "2018-03-23T10:02:07.000Z", "description": "DIY Your Screen", "pattern": "[file:name = 'com.desktoptools.screenunsubscribe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:02:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d09f-25a8-4c4a-b253-4e1a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:02:07.000Z", "modified": "2018-03-23T10:02:07.000Z", "description": "Ringtone", "pattern": "[file:name = 'com.gkt.ringtonegp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:02:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d0a0-ffe0-4cdd-9410-4ee9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:02:08.000Z", "modified": "2018-03-23T10:02:08.000Z", "description": "\u0e14\u0e27\u0e07 12 \u0e23\u0e32\u0e28\u0e35 Lite", "pattern": "[file:name = 'com.gpthtwo.horoscope']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:02:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d0a0-c174-452d-878e-4a1c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:02:08.000Z", "modified": "2018-03-23T10:02:08.000Z", "description": "Safe locker", "pattern": "[file:name = 'com.guard.defend']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:02:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d0a1-d75c-449d-aa76-43da950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:02:09.000Z", "modified": "2018-03-23T10:02:09.000Z", "description": "Wifi Booster", "pattern": "[file:name = 'com.newac.wifibooster']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:02:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d0a1-3908-41d2-98d9-469d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:02:09.000Z", "modified": "2018-03-23T10:02:09.000Z", "description": "Cool Desktop", "pattern": "[file:name = 'com.newera.desktop']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:02:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d0a2-03ec-4a26-95b8-4e5d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:02:10.000Z", "modified": "2018-03-23T10:02:10.000Z", "description": "useful cube", "pattern": "[file:name = 'com.newera.toolbox']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:02:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d0a2-d14c-4354-8deb-4691950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:02:10.000Z", "modified": "2018-03-23T10:02:10.000Z", "description": "Tool Box Pro", "pattern": "[file:name = 'com.pl.toolboxpro']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:02:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d0a3-ebf4-4e38-8512-4c7a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:02:11.000Z", "modified": "2018-03-23T10:02:11.000Z", "description": "Useful Desktop", "pattern": "[file:name = 'com.something.someone']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:02:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d122-de98-4fd3-823a-4bc1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:04:18.000Z", "modified": "2018-03-23T10:04:18.000Z", "description": "\u0e14\u0e27\u0e07 12 \u0e23\u0e32\u0e28\u0e35 Lite", "pattern": "[file:name = 'com.yeahmobi.horoscope']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:04:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d122-b170-4e0b-bd31-46f8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:04:18.000Z", "modified": "2018-03-23T10:04:18.000Z", "description": "Horoscope2.0", "pattern": "[file:name = 'com.yeahmobi.horoscopegpadap']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:04:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d123-4180-42f9-8988-4e7b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:04:19.000Z", "modified": "2018-03-23T10:04:19.000Z", "description": "Yes Star", "pattern": "[file:name = 'com.cegqz.uoud']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:04:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d123-9e24-482e-96f3-4962950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:04:19.000Z", "modified": "2018-03-23T10:04:19.000Z", "description": "Shiny Camera", "pattern": "[file:name = 'com.cmr.shiny']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:04:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d124-0308-4366-819e-4367950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:04:20.000Z", "modified": "2018-03-23T10:04:20.000Z", "description": "Simple Camera", "pattern": "[file:name = 'com.johg.udrad']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:04:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d124-7c74-4041-982b-475a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:04:20.000Z", "modified": "2018-03-23T10:04:20.000Z", "description": "Smiling Camera", "pattern": "[file:name = 'com.scamera.smiling']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:04:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d125-fb58-4d3c-8896-4f5d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:04:21.000Z", "modified": "2018-03-23T10:04:21.000Z", "description": "Universal Camera", "pattern": "[file:name = 'com.cmr.universal']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:04:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d125-7604-449a-8821-4c29950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:04:21.000Z", "modified": "2018-03-23T10:04:21.000Z", "description": "Amazing Toolbox", "pattern": "[file:name = 'com.gb.toolbox']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:04:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d126-a0e4-4970-9968-4b35950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:04:22.000Z", "modified": "2018-03-23T10:04:22.000Z", "description": "Easy capture", "pattern": "[file:name = 'com.genesis.awesome']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:04:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d126-f27c-43dc-964a-4b77950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:04:22.000Z", "modified": "2018-03-23T10:04:22.000Z", "description": "Memory Doctor", "pattern": "[file:name = 'com.newera.memorydoctor']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:04:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d292-0e24-4d37-b1e1-4cc1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:10:26.000Z", "modified": "2018-03-23T10:10:26.000Z", "description": "Tool Box Pro", "pattern": "[file:name = 'com.pl.toolbox']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:10:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d292-8960-4638-a136-4205950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:10:26.000Z", "modified": "2018-03-23T10:10:26.000Z", "description": "Reborn Beauty", "pattern": "[file:name = 'com.sexy.pic']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:10:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d293-fafc-4eac-b1ba-4277950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:10:27.000Z", "modified": "2018-03-23T10:10:27.000Z", "description": "Joy Photo", "pattern": "[file:name = 'com.joy.photo.gp.inter']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:10:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d293-ec9c-431c-89b0-4b15950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:10:27.000Z", "modified": "2018-03-23T10:10:27.000Z", "description": "Fancy Camera", "pattern": "[file:name = 'com.fancy.camera.gp.inter']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:10:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d294-e440-42b4-8b1f-436f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:10:28.000Z", "modified": "2018-03-23T10:10:28.000Z", "description": "Amazing Photo", "pattern": "[file:name = 'com.amazing.photo.gp.inter']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:10:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d294-3c04-48b8-a8b9-4a98950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:10:28.000Z", "modified": "2018-03-23T10:10:28.000Z", "description": "Amazing Camera", "pattern": "[file:name = 'com.amazing.camera.ggi']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:10:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d294-ad9c-4b8e-ac5b-4503950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:10:28.000Z", "modified": "2018-03-23T10:10:28.000Z", "description": "Super Wallpaper", "pattern": "[file:name = 'com.super.wallpaper.gp.inter']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:10:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d295-6324-4074-8c12-44fd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:10:29.000Z", "modified": "2018-03-23T10:10:29.000Z", "description": "DD Player", "pattern": "[file:name = 'com.aolw.maoa']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:10:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d295-c35c-469c-9d2c-4d78950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:10:29.000Z", "modified": "2018-03-23T10:10:29.000Z", "description": "Fascinating Camera", "pattern": "[file:name = 'com.bbapcmr.fascinating']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:10:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d296-5e3c-4848-aa03-4dba950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:10:30.000Z", "modified": "2018-03-23T10:10:30.000Z", "description": "Universal Camera", "pattern": "[file:name = 'com.coral.muse']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:10:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d371-6b1c-40d4-9765-41b4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:14:09.000Z", "modified": "2018-03-23T10:14:09.000Z", "description": "Cream Camera", "pattern": "[file:name = 'com.cream.lecoa']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:14:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d371-a308-4df7-a596-4a83950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:14:09.000Z", "modified": "2018-03-23T10:14:09.000Z", "description": "Looking Camera", "pattern": "[file:name = 'com.dmeq.oopes']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:14:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d372-e1a4-4f37-b278-46c8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:14:10.000Z", "modified": "2018-03-23T10:14:10.000Z", "description": "DD Weather", "pattern": "[file:name = 'com.dosl.wthre']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:14:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d372-fe44-4696-96d7-4b2b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:14:10.000Z", "modified": "2018-03-23T10:14:10.000Z", "description": "Global Weather", "pattern": "[file:name = 'com.fqaf.dlksk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:14:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d373-98bc-421a-a080-4a70950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:14:11.000Z", "modified": "2018-03-23T10:14:11.000Z", "description": "Love Fitness", "pattern": "[file:name = 'com.ivxz.ykvlf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:14:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d373-adbc-4195-9d5d-4fa2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:14:11.000Z", "modified": "2018-03-23T10:14:11.000Z", "description": "Pretty Pictures", "pattern": "[file:name = 'com.jpst.lsyk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:14:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d373-d62c-4674-9a2f-4d58950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:14:11.000Z", "modified": "2018-03-23T10:14:11.000Z", "description": "Cool Wallpapers", "pattern": "[file:name = 'com.kifb.mifv']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:14:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d374-a7ac-44b3-a909-4e4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:14:12.000Z", "modified": "2018-03-23T10:14:12.000Z", "description": "Beauty Camera", "pattern": "[file:name = 'com.magic.beautycmr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:14:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d374-a838-431b-be02-4a48950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:14:12.000Z", "modified": "2018-03-23T10:14:12.000Z", "description": "Love locker", "pattern": "[file:name = 'com.opaly.nqib']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:14:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d375-487c-47f7-b76f-43db950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:14:13.000Z", "modified": "2018-03-23T10:14:13.000Z", "description": "Real Star", "pattern": "[file:name = 'com.real.stargh']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:14:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d375-1c9c-420b-a54d-4240950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:14:13.000Z", "modified": "2018-03-23T10:14:13.000Z", "description": "Magic Camera", "pattern": "[file:name = 'com.sadcmr.magic']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:14:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d375-9b7c-45bf-a8e8-4a80950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:14:13.000Z", "modified": "2018-03-23T10:14:13.000Z", "description": "Wonder Camera", "pattern": "[file:name = 'com.scamera.wonder']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:14:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d4e5-b848-4875-bb73-48ed950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:20:21.000Z", "modified": "2018-03-23T10:20:21.000Z", "description": "Funny Camera", "pattern": "[file:name = 'com.scmr.funny']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:20:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d4e6-e05c-436e-8aad-44f0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:20:22.000Z", "modified": "2018-03-23T10:20:22.000Z", "description": "Easy Camera", "pattern": "[file:name = 'com.simon.easy']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:20:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d4e6-4d8c-48a0-960f-437a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:20:22.000Z", "modified": "2018-03-23T10:20:22.000Z", "description": "Smart Keyboard", "pattern": "[file:name = 'com.smgft.keyboard']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:20:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d4e6-0104-493b-b0c4-48f5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:20:22.000Z", "modified": "2018-03-23T10:20:22.000Z", "description": "Travel Camera", "pattern": "[file:name = 'com.xnoc.jdvy']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:20:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d4e7-35d4-4df0-beb7-4c8d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:20:23.000Z", "modified": "2018-03-23T10:20:23.000Z", "description": "Photo Warp", "pattern": "[file:name = 'com.yiuw.fhly']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:20:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d4e7-eb0c-43f1-bc2c-45cc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:20:23.000Z", "modified": "2018-03-23T10:20:23.000Z", "description": "Lovely Wallpaper", "pattern": "[file:name = 'com.yjmn.vokle']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:20:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d4e8-074c-4801-af82-4262950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:20:24.000Z", "modified": "2018-03-23T10:20:24.000Z", "description": "Lattice Camera", "pattern": "[file:name = 'com.ysyg.wtmca']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:20:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d4e8-293c-48fc-a3ac-43e4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:20:24.000Z", "modified": "2018-03-23T10:20:24.000Z", "description": "Quick Charger", "pattern": "[file:name = 'fast.bats.chaz']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:20:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d4e8-6058-4a92-a6df-4cef950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:20:24.000Z", "modified": "2018-03-23T10:20:24.000Z", "description": "Up Camera", "pattern": "[file:name = 'com.upcamera.xgcby']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:20:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d4e9-50a8-4ea9-b4bb-4d86950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:26:10.000Z", "modified": "2018-03-23T10:26:10.000Z", "description": "Photo Power", "pattern": "[file:name = 'com.photo.power.gp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:26:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d56d-ca5c-4f6e-8bbb-431f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:22:37.000Z", "modified": "2018-03-23T10:22:37.000Z", "description": "HDwallpaper", "pattern": "[file:name = 'com.asdf.fg.hdwallpaper']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:22:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d56e-8d24-47a4-a3ff-4131950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:22:38.000Z", "modified": "2018-03-23T10:22:38.000Z", "description": "Wonderful Games", "pattern": "[file:name = 'com.gb.wonderfulgames']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:22:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d56e-66e0-4170-a28f-446d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:22:38.000Z", "modified": "2018-03-23T10:22:38.000Z", "description": "BI File Manager", "pattern": "[file:name = 'com.gkt.fileexplorer']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:22:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d56e-ba6c-438f-9837-4e46950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:22:38.000Z", "modified": "2018-03-23T10:22:38.000Z", "description": "Wallpapers HD", "pattern": "[file:name = 'com.gkt.wallpapershd']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:22:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d56f-0570-489f-aae1-4b02950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:22:39.000Z", "modified": "2018-03-23T10:22:39.000Z", "description": "Beautiful Video-Edit your Memory", "pattern": "[file:name = 'com.kevin.beautyvideo']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:22:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d56f-4794-46c2-b602-4a94950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:22:39.000Z", "modified": "2018-03-23T10:22:39.000Z", "description": "Wonderful Cam", "pattern": "[file:name = 'com.newera.beautifulphoto']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:22:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d570-74bc-4f80-9f3c-40f5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:22:40.000Z", "modified": "2018-03-23T10:22:40.000Z", "description": "useful cube", "pattern": "[file:name = 'com.next.toolset']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:22:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d570-56a8-4346-9e41-44b5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:22:40.000Z", "modified": "2018-03-23T10:22:40.000Z", "description": "Ringtone", "pattern": "[file:name = 'com.ringtone.freshac']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:22:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d570-856c-44f1-b5dc-402c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:22:40.000Z", "modified": "2018-03-23T10:22:40.000Z", "description": "Exciting Games", "pattern": "[file:name = 'com.gkt.gamebar']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:22:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d571-b5d8-4c33-867d-4c7f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:26:04.000Z", "modified": "2018-03-23T10:26:04.000Z", "description": "Replica Adventure", "pattern": "[file:name = 'com.replica.adventure.gp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:26:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d661-3ffc-4d40-a2e3-4f9d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:26:41.000Z", "modified": "2018-03-23T10:26:41.000Z", "description": "Amazing Gamebox", "pattern": "[file:name = 'com.ads.wowgames']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:26:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d661-73bc-4c28-b0b4-4e56950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:26:41.000Z", "modified": "2018-03-23T10:26:41.000Z", "description": "Super locker", "pattern": "[file:name = 'com.wtns.superlocker']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:26:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d662-8a10-4841-957a-4416950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:26:42.000Z", "modified": "2018-03-23T10:26:42.000Z", "description": "Music Player", "pattern": "[file:name = 'com.musicg.ckiqp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:26:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d682-55e0-4e3a-b7fc-4161950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:27:14.000Z", "modified": "2018-03-23T10:27:14.000Z", "description": "CuteCamera", "pattern": "[file:name = 'com.hygk.hlhy']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:27:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d6ed-49c0-42c3-976a-4d98950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:29:01.000Z", "modified": "2018-03-23T10:29:01.000Z", "description": "Cartoon Camera-stylish, clean", "pattern": "[file:name = 'com.kkcamera.akbcartoon']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:29:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d6ee-6728-4bc4-8a27-44b4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:29:02.000Z", "modified": "2018-03-23T10:29:02.000Z", "description": "Art Camera", "pattern": "[file:name = 'com.craft.decorate']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:29:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d6ee-8910-4fe5-ad85-4682950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:29:02.000Z", "modified": "2018-03-23T10:29:02.000Z", "description": "Infinity safe", "pattern": "[file:name = 'com.applocker.coldwar']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:29:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d746-94cc-42bd-b9ce-41f8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:30:30.000Z", "modified": "2018-03-23T10:30:30.000Z", "description": "Magical Horoscope", "pattern": "[file:name = 'com.final.horosope']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:30:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d746-a880-419f-a792-4bf5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:30:30.000Z", "modified": "2018-03-23T10:30:30.000Z", "description": "Toolbox", "pattern": "[file:name = 'com.gp.toolboxche']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:30:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d747-b960-4ba0-821e-4040950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:30:31.000Z", "modified": "2018-03-23T10:30:31.000Z", "description": "Cute Belle", "pattern": "[file:name = 'com.prettygirl.newyear']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:30:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d747-067c-41de-8580-49df950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:30:31.000Z", "modified": "2018-03-23T10:30:31.000Z", "description": "CartoonWallpaper", "pattern": "[file:name = 'com.roy.cartoonwallpaper']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:30:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d748-e348-40bd-921e-42a1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:30:32.000Z", "modified": "2018-03-23T10:30:32.000Z", "description": "Ringtone", "pattern": "[file:name = 'com.thebell.newcentury']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:30:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d778-3284-4005-899a-4aa3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:31:20.000Z", "modified": "2018-03-23T10:31:20.000Z", "description": "Best Camera", "pattern": "[file:name = 'com.aypx.ygzp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:31:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d778-8080-4150-a41d-4de6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:31:20.000Z", "modified": "2018-03-23T10:31:20.000Z", "description": "Colorful Locker", "pattern": "[file:name = 'com.colorful.locker']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:31:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d779-ff74-411c-9d03-4d5c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:31:21.000Z", "modified": "2018-03-23T10:31:21.000Z", "description": "Light Keyboard", "pattern": "[file:name = 'com.hlux.wfsha']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:31:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d779-51a8-45bd-a557-4e20950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:31:21.000Z", "modified": "2018-03-23T10:31:21.000Z", "description": "Safe Privacy", "pattern": "[file:name = 'com.ytkue.oprw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:31:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d77a-2cd4-47d3-bc02-4102950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:31:22.000Z", "modified": "2018-03-23T10:31:22.000Z", "description": "Enjoy Wallpaper", "pattern": "[file:name = 'com.qwer.enjoy.enjoywallpaper']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:31:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d7c7-ecdc-46ae-94f8-4263950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:32:39.000Z", "modified": "2018-03-23T10:32:39.000Z", "description": "Fancy locker", "pattern": "[file:name = 'com.highfirst.fancylocker']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:32:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d7c8-2ec0-4fea-98dd-4964950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:32:40.000Z", "modified": "2018-03-23T10:32:40.000Z", "description": "Vitality Camera", "pattern": "[file:name = 'com.owexs.iouert']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:32:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d882-d0d4-4976-a833-42d4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:35:46.000Z", "modified": "2018-03-23T10:35:46.000Z", "description": "Lock Now", "pattern": "[file:name = 'com.tools.yidian']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:35:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d882-0a10-47c9-97b3-4e7d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:35:46.000Z", "modified": "2018-03-23T10:35:46.000Z", "description": "Fancy Camera", "pattern": "[file:name = 'com.camera.kfcfancy']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:35:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d883-7eac-487b-af22-4abb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:35:47.000Z", "modified": "2018-03-23T10:35:47.000Z", "description": "Useful Camera", "pattern": "[file:name = 'com.hhcamera.useful']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:35:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d883-ad38-40af-b991-49c4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:35:47.000Z", "modified": "2018-03-23T10:35:47.000Z", "description": "Sec Transfer", "pattern": "[file:name = 'com.sec.transfer']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:35:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d884-243c-4517-81cb-43cc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:39:20.000Z", "modified": "2018-03-23T10:39:20.000Z", "description": "Magic Filter", "pattern": "[file:name = 'com.bpmiddle.oneversion']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:39:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d884-36bc-46ce-8550-4cb8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:36:37.000Z", "modified": "2018-03-23T10:36:37.000Z", "description": "Funny Video", "pattern": "[file:name = 'com.funny.video.gp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:36:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d9a1-68a8-47b3-9364-4aa9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:42:48.000Z", "modified": "2018-03-23T10:42:48.000Z", "description": "GG Player", "pattern": "[file:name = 'com.gg.player.gp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:42:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d9a2-d8f4-4a8c-936a-4e67950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:43:08.000Z", "modified": "2018-03-23T10:43:08.000Z", "description": "Love Camera", "pattern": "[file:name = 'com.love.camera.gp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:43:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d9a2-1bac-4ecb-a78c-4e02950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:43:03.000Z", "modified": "2018-03-23T10:43:03.000Z", "description": "Oneshot Beautify", "pattern": "[file:name = 'com.oneshot.beautify.gp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:43:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d9a3-efdc-4bf1-a0c8-4328950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:42:57.000Z", "modified": "2018-03-23T10:42:57.000Z", "description": "Pretty Camera", "pattern": "[file:name = 'com.pretty.camera.gp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:42:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d9a3-63e0-4c98-9747-4ba9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:42:42.000Z", "modified": "2018-03-23T10:42:42.000Z", "description": "Amazing Video", "pattern": "[file:name = 'com.amazing.video.gp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:42:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d9a3-d05c-49af-ae6a-4c26950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:43:13.000Z", "modified": "2018-03-23T10:43:13.000Z", "description": "Fine Photo", "pattern": "[file:name = 'com.fine.photo.gp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:43:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d9a4-7800-480f-b745-4e7a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:43:17.000Z", "modified": "2018-03-23T10:43:17.000Z", "description": "File Manager", "pattern": "[file:name = 'com.file.manager.gp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:43:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d9a4-df8c-4431-a56a-408e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:42:52.000Z", "modified": "2018-03-23T10:42:52.000Z", "description": "Cute Puzzle", "pattern": "[file:name = 'com.cute.puzzle.gp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:42:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ab4d9a5-a394-4efe-8705-42d1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-03-23T10:40:57.000Z", "modified": "2018-03-23T10:40:57.000Z", "description": "Smile Keyboard", "pattern": "[file:name = 'com.keyboard.smile']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-23T10:40:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }