2744 lines
No EOL
108 KiB
JSON
2744 lines
No EOL
108 KiB
JSON
{
|
|
"type": "bundle",
|
|
"id": "bundle--5ab38954-dd00-43a1-8e79-405e950d210f",
|
|
"objects": [
|
|
{
|
|
"type": "identity",
|
|
"spec_version": "2.1",
|
|
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:45:34.000Z",
|
|
"modified": "2018-03-23T10:45:34.000Z",
|
|
"name": "CIRCL",
|
|
"identity_class": "organization"
|
|
},
|
|
{
|
|
"type": "grouping",
|
|
"spec_version": "2.1",
|
|
"id": "grouping--5ab38954-dd00-43a1-8e79-405e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:45:34.000Z",
|
|
"modified": "2018-03-23T10:45:34.000Z",
|
|
"name": "OSINT - ExpensiveWall: A Dangerous \u2018Packed\u2019 Malware On Google Play That Will Hit Your Wallet",
|
|
"context": "suspicious-activity",
|
|
"object_refs": [
|
|
"observed-data--5ab3a11a-eb88-4eaf-a957-49ed950d210f",
|
|
"url--5ab3a11a-eb88-4eaf-a957-49ed950d210f",
|
|
"x-misp-attribute--5ab4cd58-4958-4837-a557-42e4950d210f",
|
|
"indicator--5ab4d044-e6cc-4e5f-933d-43c7950d210f",
|
|
"indicator--5ab4d045-db54-4a40-b87c-485a950d210f",
|
|
"indicator--5ab4d045-ec04-457a-adaf-4164950d210f",
|
|
"indicator--5ab4d046-a57c-4788-bb38-4c9c950d210f",
|
|
"indicator--5ab4d046-83ec-4409-8fde-497e950d210f",
|
|
"indicator--5ab4d047-be04-4020-bacd-498d950d210f",
|
|
"indicator--5ab4d047-4d5c-4770-87f3-48ef950d210f",
|
|
"indicator--5ab4d048-1fd8-4ddc-b914-488b950d210f",
|
|
"indicator--5ab4d048-e2b8-4e27-b8ee-4cb0950d210f",
|
|
"indicator--5ab4d049-e0e8-4d7f-a803-4db5950d210f",
|
|
"indicator--5ab4d09e-04d4-42d1-8f42-46ca950d210f",
|
|
"indicator--5ab4d09f-ed18-4503-a7e3-4e83950d210f",
|
|
"indicator--5ab4d09f-25a8-4c4a-b253-4e1a950d210f",
|
|
"indicator--5ab4d0a0-ffe0-4cdd-9410-4ee9950d210f",
|
|
"indicator--5ab4d0a0-c174-452d-878e-4a1c950d210f",
|
|
"indicator--5ab4d0a1-d75c-449d-aa76-43da950d210f",
|
|
"indicator--5ab4d0a1-3908-41d2-98d9-469d950d210f",
|
|
"indicator--5ab4d0a2-03ec-4a26-95b8-4e5d950d210f",
|
|
"indicator--5ab4d0a2-d14c-4354-8deb-4691950d210f",
|
|
"indicator--5ab4d0a3-ebf4-4e38-8512-4c7a950d210f",
|
|
"indicator--5ab4d122-de98-4fd3-823a-4bc1950d210f",
|
|
"indicator--5ab4d122-b170-4e0b-bd31-46f8950d210f",
|
|
"indicator--5ab4d123-4180-42f9-8988-4e7b950d210f",
|
|
"indicator--5ab4d123-9e24-482e-96f3-4962950d210f",
|
|
"indicator--5ab4d124-0308-4366-819e-4367950d210f",
|
|
"indicator--5ab4d124-7c74-4041-982b-475a950d210f",
|
|
"indicator--5ab4d125-fb58-4d3c-8896-4f5d950d210f",
|
|
"indicator--5ab4d125-7604-449a-8821-4c29950d210f",
|
|
"indicator--5ab4d126-a0e4-4970-9968-4b35950d210f",
|
|
"indicator--5ab4d126-f27c-43dc-964a-4b77950d210f",
|
|
"indicator--5ab4d292-0e24-4d37-b1e1-4cc1950d210f",
|
|
"indicator--5ab4d292-8960-4638-a136-4205950d210f",
|
|
"indicator--5ab4d293-fafc-4eac-b1ba-4277950d210f",
|
|
"indicator--5ab4d293-ec9c-431c-89b0-4b15950d210f",
|
|
"indicator--5ab4d294-e440-42b4-8b1f-436f950d210f",
|
|
"indicator--5ab4d294-3c04-48b8-a8b9-4a98950d210f",
|
|
"indicator--5ab4d294-ad9c-4b8e-ac5b-4503950d210f",
|
|
"indicator--5ab4d295-6324-4074-8c12-44fd950d210f",
|
|
"indicator--5ab4d295-c35c-469c-9d2c-4d78950d210f",
|
|
"indicator--5ab4d296-5e3c-4848-aa03-4dba950d210f",
|
|
"indicator--5ab4d371-6b1c-40d4-9765-41b4950d210f",
|
|
"indicator--5ab4d371-a308-4df7-a596-4a83950d210f",
|
|
"indicator--5ab4d372-e1a4-4f37-b278-46c8950d210f",
|
|
"indicator--5ab4d372-fe44-4696-96d7-4b2b950d210f",
|
|
"indicator--5ab4d373-98bc-421a-a080-4a70950d210f",
|
|
"indicator--5ab4d373-adbc-4195-9d5d-4fa2950d210f",
|
|
"indicator--5ab4d373-d62c-4674-9a2f-4d58950d210f",
|
|
"indicator--5ab4d374-a7ac-44b3-a909-4e4f950d210f",
|
|
"indicator--5ab4d374-a838-431b-be02-4a48950d210f",
|
|
"indicator--5ab4d375-487c-47f7-b76f-43db950d210f",
|
|
"indicator--5ab4d375-1c9c-420b-a54d-4240950d210f",
|
|
"indicator--5ab4d375-9b7c-45bf-a8e8-4a80950d210f",
|
|
"indicator--5ab4d4e5-b848-4875-bb73-48ed950d210f",
|
|
"indicator--5ab4d4e6-e05c-436e-8aad-44f0950d210f",
|
|
"indicator--5ab4d4e6-4d8c-48a0-960f-437a950d210f",
|
|
"indicator--5ab4d4e6-0104-493b-b0c4-48f5950d210f",
|
|
"indicator--5ab4d4e7-35d4-4df0-beb7-4c8d950d210f",
|
|
"indicator--5ab4d4e7-eb0c-43f1-bc2c-45cc950d210f",
|
|
"indicator--5ab4d4e8-074c-4801-af82-4262950d210f",
|
|
"indicator--5ab4d4e8-293c-48fc-a3ac-43e4950d210f",
|
|
"indicator--5ab4d4e8-6058-4a92-a6df-4cef950d210f",
|
|
"indicator--5ab4d4e9-50a8-4ea9-b4bb-4d86950d210f",
|
|
"indicator--5ab4d56d-ca5c-4f6e-8bbb-431f950d210f",
|
|
"indicator--5ab4d56e-8d24-47a4-a3ff-4131950d210f",
|
|
"indicator--5ab4d56e-66e0-4170-a28f-446d950d210f",
|
|
"indicator--5ab4d56e-ba6c-438f-9837-4e46950d210f",
|
|
"indicator--5ab4d56f-0570-489f-aae1-4b02950d210f",
|
|
"indicator--5ab4d56f-4794-46c2-b602-4a94950d210f",
|
|
"indicator--5ab4d570-74bc-4f80-9f3c-40f5950d210f",
|
|
"indicator--5ab4d570-56a8-4346-9e41-44b5950d210f",
|
|
"indicator--5ab4d570-856c-44f1-b5dc-402c950d210f",
|
|
"indicator--5ab4d571-b5d8-4c33-867d-4c7f950d210f",
|
|
"indicator--5ab4d661-3ffc-4d40-a2e3-4f9d950d210f",
|
|
"indicator--5ab4d661-73bc-4c28-b0b4-4e56950d210f",
|
|
"indicator--5ab4d662-8a10-4841-957a-4416950d210f",
|
|
"indicator--5ab4d682-55e0-4e3a-b7fc-4161950d210f",
|
|
"indicator--5ab4d6ed-49c0-42c3-976a-4d98950d210f",
|
|
"indicator--5ab4d6ee-6728-4bc4-8a27-44b4950d210f",
|
|
"indicator--5ab4d6ee-8910-4fe5-ad85-4682950d210f",
|
|
"indicator--5ab4d746-94cc-42bd-b9ce-41f8950d210f",
|
|
"indicator--5ab4d746-a880-419f-a792-4bf5950d210f",
|
|
"indicator--5ab4d747-b960-4ba0-821e-4040950d210f",
|
|
"indicator--5ab4d747-067c-41de-8580-49df950d210f",
|
|
"indicator--5ab4d748-e348-40bd-921e-42a1950d210f",
|
|
"indicator--5ab4d778-3284-4005-899a-4aa3950d210f",
|
|
"indicator--5ab4d778-8080-4150-a41d-4de6950d210f",
|
|
"indicator--5ab4d779-ff74-411c-9d03-4d5c950d210f",
|
|
"indicator--5ab4d779-51a8-45bd-a557-4e20950d210f",
|
|
"indicator--5ab4d77a-2cd4-47d3-bc02-4102950d210f",
|
|
"indicator--5ab4d7c7-ecdc-46ae-94f8-4263950d210f",
|
|
"indicator--5ab4d7c8-2ec0-4fea-98dd-4964950d210f",
|
|
"indicator--5ab4d882-d0d4-4976-a833-42d4950d210f",
|
|
"indicator--5ab4d882-0a10-47c9-97b3-4e7d950d210f",
|
|
"indicator--5ab4d883-7eac-487b-af22-4abb950d210f",
|
|
"indicator--5ab4d883-ad38-40af-b991-49c4950d210f",
|
|
"indicator--5ab4d884-243c-4517-81cb-43cc950d210f",
|
|
"indicator--5ab4d884-36bc-46ce-8550-4cb8950d210f",
|
|
"indicator--5ab4d9a1-68a8-47b3-9364-4aa9950d210f",
|
|
"indicator--5ab4d9a2-d8f4-4a8c-936a-4e67950d210f",
|
|
"indicator--5ab4d9a2-1bac-4ecb-a78c-4e02950d210f",
|
|
"indicator--5ab4d9a3-efdc-4bf1-a0c8-4328950d210f",
|
|
"indicator--5ab4d9a3-63e0-4c98-9747-4ba9950d210f",
|
|
"indicator--5ab4d9a3-d05c-49af-ae6a-4c26950d210f",
|
|
"indicator--5ab4d9a4-7800-480f-b745-4e7a950d210f",
|
|
"indicator--5ab4d9a4-df8c-4431-a56a-408e950d210f",
|
|
"indicator--5ab4d9a5-a394-4efe-8705-42d1950d210f"
|
|
],
|
|
"labels": [
|
|
"Threat-Report",
|
|
"misp:tool=\"MISP-STIX-Converter\"",
|
|
"workflow:todo=\"create-missing-misp-galaxy-cluster-values\"",
|
|
"circl:incident-classification=\"malware\"",
|
|
"osint:source-type=\"blog-post\"",
|
|
"Android Malware",
|
|
"ms-caro-malware-full:malware-platform=\"AndroidOS\""
|
|
],
|
|
"object_marking_refs": [
|
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5ab3a11a-eb88-4eaf-a957-49ed950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T09:50:08.000Z",
|
|
"modified": "2018-03-23T09:50:08.000Z",
|
|
"first_observed": "2018-03-23T09:50:08Z",
|
|
"last_observed": "2018-03-23T09:50:08Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5ab3a11a-eb88-4eaf-a957-49ed950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"osint:source-type=\"blog-post\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5ab3a11a-eb88-4eaf-a957-49ed950d210f",
|
|
"value": "https://blog.checkpoint.com/2017/09/14/expensivewall-dangerous-packed-malware-google-play-will-hit-wallet/"
|
|
},
|
|
{
|
|
"type": "x-misp-attribute",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-attribute--5ab4cd58-4958-4837-a557-42e4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T09:49:59.000Z",
|
|
"modified": "2018-03-23T09:49:59.000Z",
|
|
"labels": [
|
|
"misp:type=\"comment\"",
|
|
"misp:category=\"External analysis\"",
|
|
"osint:source-type=\"blog-post\""
|
|
],
|
|
"x_misp_category": "External analysis",
|
|
"x_misp_type": "comment",
|
|
"x_misp_value": "Check Point\u2019s mobile threat research team identified a new variant of an Android malware that sends fraudulent premium SMS messages and charges users\u2019 accounts for fake services without their knowledge. According to Google Play data, the malware infected at least 50 apps and was downloaded between 1 million and 4.2 million times before the affected apps were removed.\r\n\r\nThe new strain of malware is dubbed \u201cExpensiveWall,\u201d after one of the apps it uses to infect devices, \u201cLovely Wallpaper.\u201d ExpensiveWall is a new variant of a malware found earlier this year on Google Play. The entire malware family has now been downloaded between 5.9 million and 21.1 million times."
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d044-e6cc-4e5f-933d-43c7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:00:36.000Z",
|
|
"modified": "2018-03-23T10:00:36.000Z",
|
|
"description": "I Love Fliter",
|
|
"pattern": "[file:name = 'com.star.trek']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:00:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d045-db54-4a40-b87c-485a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:00:37.000Z",
|
|
"modified": "2018-03-23T10:00:37.000Z",
|
|
"description": "Tool Box Pro",
|
|
"pattern": "[file:name = 'com.newac.toolbox']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:00:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d045-ec04-457a-adaf-4164950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:00:37.000Z",
|
|
"modified": "2018-03-23T10:00:37.000Z",
|
|
"description": "X WALLPAPER",
|
|
"pattern": "[file:name = 'com.newac.wallpaper']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:00:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d046-a57c-4788-bb38-4c9c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:00:38.000Z",
|
|
"modified": "2018-03-23T10:00:38.000Z",
|
|
"description": "Horoscope",
|
|
"pattern": "[file:name = 'com.yeahmobi.horoscopeinter']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:00:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d046-83ec-4409-8fde-497e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:00:38.000Z",
|
|
"modified": "2018-03-23T10:00:38.000Z",
|
|
"description": "X Wallpaper Pro",
|
|
"pattern": "[file:name = 'com.gkt.xwallpaper']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:00:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d047-be04-4020-bacd-498d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:00:39.000Z",
|
|
"modified": "2018-03-23T10:00:39.000Z",
|
|
"description": "Beautiful Camera",
|
|
"pattern": "[file:name = 'com.gwqcv.zsfy']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:00:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d047-4d5c-4770-87f3-48ef950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:00:39.000Z",
|
|
"modified": "2018-03-23T10:00:39.000Z",
|
|
"description": "Color Camera",
|
|
"pattern": "[file:name = 'com.hdsj.hdey']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:00:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d048-1fd8-4ddc-b914-488b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:00:40.000Z",
|
|
"modified": "2018-03-23T10:00:40.000Z",
|
|
"description": "Love Photo",
|
|
"pattern": "[file:name = 'com.lovephoto.gp.inter']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:00:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d048-e2b8-4e27-b8ee-4cb0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:00:40.000Z",
|
|
"modified": "2018-03-23T10:00:40.000Z",
|
|
"description": "Tide Camera",
|
|
"pattern": "[file:name = 'com.parrot.tidecmr']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:00:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d049-e0e8-4d7f-a803-4db5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:00:41.000Z",
|
|
"modified": "2018-03-23T10:00:41.000Z",
|
|
"description": "Charming Camera",
|
|
"pattern": "[file:name = 'com.zerg.charmingcmr']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:00:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d09e-04d4-42d1-8f42-46ca950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:02:06.000Z",
|
|
"modified": "2018-03-23T10:02:06.000Z",
|
|
"description": "Horoscope",
|
|
"pattern": "[file:name = 'com.constellation.prophecy']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:02:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d09f-ed18-4503-a7e3-4e83950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:02:07.000Z",
|
|
"modified": "2018-03-23T10:02:07.000Z",
|
|
"description": "DIY Your Screen",
|
|
"pattern": "[file:name = 'com.desktoptools.screenunsubscribe']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:02:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d09f-25a8-4c4a-b253-4e1a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:02:07.000Z",
|
|
"modified": "2018-03-23T10:02:07.000Z",
|
|
"description": "Ringtone",
|
|
"pattern": "[file:name = 'com.gkt.ringtonegp']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:02:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d0a0-ffe0-4cdd-9410-4ee9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:02:08.000Z",
|
|
"modified": "2018-03-23T10:02:08.000Z",
|
|
"description": "\u0e14\u0e27\u0e07 12 \u0e23\u0e32\u0e28\u0e35 Lite",
|
|
"pattern": "[file:name = 'com.gpthtwo.horoscope']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:02:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d0a0-c174-452d-878e-4a1c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:02:08.000Z",
|
|
"modified": "2018-03-23T10:02:08.000Z",
|
|
"description": "Safe locker",
|
|
"pattern": "[file:name = 'com.guard.defend']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:02:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d0a1-d75c-449d-aa76-43da950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:02:09.000Z",
|
|
"modified": "2018-03-23T10:02:09.000Z",
|
|
"description": "Wifi Booster",
|
|
"pattern": "[file:name = 'com.newac.wifibooster']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:02:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d0a1-3908-41d2-98d9-469d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:02:09.000Z",
|
|
"modified": "2018-03-23T10:02:09.000Z",
|
|
"description": "Cool Desktop",
|
|
"pattern": "[file:name = 'com.newera.desktop']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:02:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d0a2-03ec-4a26-95b8-4e5d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:02:10.000Z",
|
|
"modified": "2018-03-23T10:02:10.000Z",
|
|
"description": "useful cube",
|
|
"pattern": "[file:name = 'com.newera.toolbox']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:02:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d0a2-d14c-4354-8deb-4691950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:02:10.000Z",
|
|
"modified": "2018-03-23T10:02:10.000Z",
|
|
"description": "Tool Box Pro",
|
|
"pattern": "[file:name = 'com.pl.toolboxpro']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:02:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d0a3-ebf4-4e38-8512-4c7a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:02:11.000Z",
|
|
"modified": "2018-03-23T10:02:11.000Z",
|
|
"description": "Useful Desktop",
|
|
"pattern": "[file:name = 'com.something.someone']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:02:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d122-de98-4fd3-823a-4bc1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:04:18.000Z",
|
|
"modified": "2018-03-23T10:04:18.000Z",
|
|
"description": "\u0e14\u0e27\u0e07 12 \u0e23\u0e32\u0e28\u0e35 Lite",
|
|
"pattern": "[file:name = 'com.yeahmobi.horoscope']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:04:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d122-b170-4e0b-bd31-46f8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:04:18.000Z",
|
|
"modified": "2018-03-23T10:04:18.000Z",
|
|
"description": "Horoscope2.0",
|
|
"pattern": "[file:name = 'com.yeahmobi.horoscopegpadap']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:04:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d123-4180-42f9-8988-4e7b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:04:19.000Z",
|
|
"modified": "2018-03-23T10:04:19.000Z",
|
|
"description": "Yes Star",
|
|
"pattern": "[file:name = 'com.cegqz.uoud']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:04:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d123-9e24-482e-96f3-4962950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:04:19.000Z",
|
|
"modified": "2018-03-23T10:04:19.000Z",
|
|
"description": "Shiny Camera",
|
|
"pattern": "[file:name = 'com.cmr.shiny']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:04:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d124-0308-4366-819e-4367950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:04:20.000Z",
|
|
"modified": "2018-03-23T10:04:20.000Z",
|
|
"description": "Simple Camera",
|
|
"pattern": "[file:name = 'com.johg.udrad']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:04:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d124-7c74-4041-982b-475a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:04:20.000Z",
|
|
"modified": "2018-03-23T10:04:20.000Z",
|
|
"description": "Smiling Camera",
|
|
"pattern": "[file:name = 'com.scamera.smiling']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:04:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d125-fb58-4d3c-8896-4f5d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:04:21.000Z",
|
|
"modified": "2018-03-23T10:04:21.000Z",
|
|
"description": "Universal Camera",
|
|
"pattern": "[file:name = 'com.cmr.universal']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:04:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d125-7604-449a-8821-4c29950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:04:21.000Z",
|
|
"modified": "2018-03-23T10:04:21.000Z",
|
|
"description": "Amazing Toolbox",
|
|
"pattern": "[file:name = 'com.gb.toolbox']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:04:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d126-a0e4-4970-9968-4b35950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:04:22.000Z",
|
|
"modified": "2018-03-23T10:04:22.000Z",
|
|
"description": "Easy capture",
|
|
"pattern": "[file:name = 'com.genesis.awesome']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:04:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d126-f27c-43dc-964a-4b77950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:04:22.000Z",
|
|
"modified": "2018-03-23T10:04:22.000Z",
|
|
"description": "Memory Doctor",
|
|
"pattern": "[file:name = 'com.newera.memorydoctor']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:04:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d292-0e24-4d37-b1e1-4cc1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:10:26.000Z",
|
|
"modified": "2018-03-23T10:10:26.000Z",
|
|
"description": "Tool Box Pro",
|
|
"pattern": "[file:name = 'com.pl.toolbox']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:10:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d292-8960-4638-a136-4205950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:10:26.000Z",
|
|
"modified": "2018-03-23T10:10:26.000Z",
|
|
"description": "Reborn Beauty",
|
|
"pattern": "[file:name = 'com.sexy.pic']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:10:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d293-fafc-4eac-b1ba-4277950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:10:27.000Z",
|
|
"modified": "2018-03-23T10:10:27.000Z",
|
|
"description": "Joy Photo",
|
|
"pattern": "[file:name = 'com.joy.photo.gp.inter']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:10:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d293-ec9c-431c-89b0-4b15950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:10:27.000Z",
|
|
"modified": "2018-03-23T10:10:27.000Z",
|
|
"description": "Fancy Camera",
|
|
"pattern": "[file:name = 'com.fancy.camera.gp.inter']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:10:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d294-e440-42b4-8b1f-436f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:10:28.000Z",
|
|
"modified": "2018-03-23T10:10:28.000Z",
|
|
"description": "Amazing Photo",
|
|
"pattern": "[file:name = 'com.amazing.photo.gp.inter']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:10:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d294-3c04-48b8-a8b9-4a98950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:10:28.000Z",
|
|
"modified": "2018-03-23T10:10:28.000Z",
|
|
"description": "Amazing Camera",
|
|
"pattern": "[file:name = 'com.amazing.camera.ggi']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:10:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d294-ad9c-4b8e-ac5b-4503950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:10:28.000Z",
|
|
"modified": "2018-03-23T10:10:28.000Z",
|
|
"description": "Super Wallpaper",
|
|
"pattern": "[file:name = 'com.super.wallpaper.gp.inter']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:10:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d295-6324-4074-8c12-44fd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:10:29.000Z",
|
|
"modified": "2018-03-23T10:10:29.000Z",
|
|
"description": "DD Player",
|
|
"pattern": "[file:name = 'com.aolw.maoa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:10:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d295-c35c-469c-9d2c-4d78950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:10:29.000Z",
|
|
"modified": "2018-03-23T10:10:29.000Z",
|
|
"description": "Fascinating Camera",
|
|
"pattern": "[file:name = 'com.bbapcmr.fascinating']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:10:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d296-5e3c-4848-aa03-4dba950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:10:30.000Z",
|
|
"modified": "2018-03-23T10:10:30.000Z",
|
|
"description": "Universal Camera",
|
|
"pattern": "[file:name = 'com.coral.muse']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:10:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d371-6b1c-40d4-9765-41b4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:14:09.000Z",
|
|
"modified": "2018-03-23T10:14:09.000Z",
|
|
"description": "Cream Camera",
|
|
"pattern": "[file:name = 'com.cream.lecoa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:14:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d371-a308-4df7-a596-4a83950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:14:09.000Z",
|
|
"modified": "2018-03-23T10:14:09.000Z",
|
|
"description": "Looking Camera",
|
|
"pattern": "[file:name = 'com.dmeq.oopes']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:14:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d372-e1a4-4f37-b278-46c8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:14:10.000Z",
|
|
"modified": "2018-03-23T10:14:10.000Z",
|
|
"description": "DD Weather",
|
|
"pattern": "[file:name = 'com.dosl.wthre']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:14:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d372-fe44-4696-96d7-4b2b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:14:10.000Z",
|
|
"modified": "2018-03-23T10:14:10.000Z",
|
|
"description": "Global Weather",
|
|
"pattern": "[file:name = 'com.fqaf.dlksk']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:14:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d373-98bc-421a-a080-4a70950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:14:11.000Z",
|
|
"modified": "2018-03-23T10:14:11.000Z",
|
|
"description": "Love Fitness",
|
|
"pattern": "[file:name = 'com.ivxz.ykvlf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:14:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d373-adbc-4195-9d5d-4fa2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:14:11.000Z",
|
|
"modified": "2018-03-23T10:14:11.000Z",
|
|
"description": "Pretty Pictures",
|
|
"pattern": "[file:name = 'com.jpst.lsyk']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:14:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d373-d62c-4674-9a2f-4d58950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:14:11.000Z",
|
|
"modified": "2018-03-23T10:14:11.000Z",
|
|
"description": "Cool Wallpapers",
|
|
"pattern": "[file:name = 'com.kifb.mifv']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:14:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d374-a7ac-44b3-a909-4e4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:14:12.000Z",
|
|
"modified": "2018-03-23T10:14:12.000Z",
|
|
"description": "Beauty Camera",
|
|
"pattern": "[file:name = 'com.magic.beautycmr']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:14:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d374-a838-431b-be02-4a48950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:14:12.000Z",
|
|
"modified": "2018-03-23T10:14:12.000Z",
|
|
"description": "Love locker",
|
|
"pattern": "[file:name = 'com.opaly.nqib']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:14:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d375-487c-47f7-b76f-43db950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:14:13.000Z",
|
|
"modified": "2018-03-23T10:14:13.000Z",
|
|
"description": "Real Star",
|
|
"pattern": "[file:name = 'com.real.stargh']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:14:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d375-1c9c-420b-a54d-4240950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:14:13.000Z",
|
|
"modified": "2018-03-23T10:14:13.000Z",
|
|
"description": "Magic Camera",
|
|
"pattern": "[file:name = 'com.sadcmr.magic']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:14:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d375-9b7c-45bf-a8e8-4a80950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:14:13.000Z",
|
|
"modified": "2018-03-23T10:14:13.000Z",
|
|
"description": "Wonder Camera",
|
|
"pattern": "[file:name = 'com.scamera.wonder']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:14:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d4e5-b848-4875-bb73-48ed950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:20:21.000Z",
|
|
"modified": "2018-03-23T10:20:21.000Z",
|
|
"description": "Funny Camera",
|
|
"pattern": "[file:name = 'com.scmr.funny']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:20:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d4e6-e05c-436e-8aad-44f0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:20:22.000Z",
|
|
"modified": "2018-03-23T10:20:22.000Z",
|
|
"description": "Easy Camera",
|
|
"pattern": "[file:name = 'com.simon.easy']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:20:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d4e6-4d8c-48a0-960f-437a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:20:22.000Z",
|
|
"modified": "2018-03-23T10:20:22.000Z",
|
|
"description": "Smart Keyboard",
|
|
"pattern": "[file:name = 'com.smgft.keyboard']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:20:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d4e6-0104-493b-b0c4-48f5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:20:22.000Z",
|
|
"modified": "2018-03-23T10:20:22.000Z",
|
|
"description": "Travel Camera",
|
|
"pattern": "[file:name = 'com.xnoc.jdvy']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:20:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d4e7-35d4-4df0-beb7-4c8d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:20:23.000Z",
|
|
"modified": "2018-03-23T10:20:23.000Z",
|
|
"description": "Photo Warp",
|
|
"pattern": "[file:name = 'com.yiuw.fhly']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:20:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d4e7-eb0c-43f1-bc2c-45cc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:20:23.000Z",
|
|
"modified": "2018-03-23T10:20:23.000Z",
|
|
"description": "Lovely Wallpaper",
|
|
"pattern": "[file:name = 'com.yjmn.vokle']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:20:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d4e8-074c-4801-af82-4262950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:20:24.000Z",
|
|
"modified": "2018-03-23T10:20:24.000Z",
|
|
"description": "Lattice Camera",
|
|
"pattern": "[file:name = 'com.ysyg.wtmca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:20:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d4e8-293c-48fc-a3ac-43e4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:20:24.000Z",
|
|
"modified": "2018-03-23T10:20:24.000Z",
|
|
"description": "Quick Charger",
|
|
"pattern": "[file:name = 'fast.bats.chaz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:20:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d4e8-6058-4a92-a6df-4cef950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:20:24.000Z",
|
|
"modified": "2018-03-23T10:20:24.000Z",
|
|
"description": "Up Camera",
|
|
"pattern": "[file:name = 'com.upcamera.xgcby']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:20:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d4e9-50a8-4ea9-b4bb-4d86950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:26:10.000Z",
|
|
"modified": "2018-03-23T10:26:10.000Z",
|
|
"description": "Photo Power",
|
|
"pattern": "[file:name = 'com.photo.power.gp']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:26:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d56d-ca5c-4f6e-8bbb-431f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:22:37.000Z",
|
|
"modified": "2018-03-23T10:22:37.000Z",
|
|
"description": "HDwallpaper",
|
|
"pattern": "[file:name = 'com.asdf.fg.hdwallpaper']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:22:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d56e-8d24-47a4-a3ff-4131950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:22:38.000Z",
|
|
"modified": "2018-03-23T10:22:38.000Z",
|
|
"description": "Wonderful Games",
|
|
"pattern": "[file:name = 'com.gb.wonderfulgames']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:22:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d56e-66e0-4170-a28f-446d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:22:38.000Z",
|
|
"modified": "2018-03-23T10:22:38.000Z",
|
|
"description": "BI File Manager",
|
|
"pattern": "[file:name = 'com.gkt.fileexplorer']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:22:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d56e-ba6c-438f-9837-4e46950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:22:38.000Z",
|
|
"modified": "2018-03-23T10:22:38.000Z",
|
|
"description": "Wallpapers HD",
|
|
"pattern": "[file:name = 'com.gkt.wallpapershd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:22:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d56f-0570-489f-aae1-4b02950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:22:39.000Z",
|
|
"modified": "2018-03-23T10:22:39.000Z",
|
|
"description": "Beautiful Video-Edit your Memory",
|
|
"pattern": "[file:name = 'com.kevin.beautyvideo']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:22:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d56f-4794-46c2-b602-4a94950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:22:39.000Z",
|
|
"modified": "2018-03-23T10:22:39.000Z",
|
|
"description": "Wonderful Cam",
|
|
"pattern": "[file:name = 'com.newera.beautifulphoto']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:22:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d570-74bc-4f80-9f3c-40f5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:22:40.000Z",
|
|
"modified": "2018-03-23T10:22:40.000Z",
|
|
"description": "useful cube",
|
|
"pattern": "[file:name = 'com.next.toolset']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:22:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d570-56a8-4346-9e41-44b5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:22:40.000Z",
|
|
"modified": "2018-03-23T10:22:40.000Z",
|
|
"description": "Ringtone",
|
|
"pattern": "[file:name = 'com.ringtone.freshac']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:22:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d570-856c-44f1-b5dc-402c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:22:40.000Z",
|
|
"modified": "2018-03-23T10:22:40.000Z",
|
|
"description": "Exciting Games",
|
|
"pattern": "[file:name = 'com.gkt.gamebar']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:22:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d571-b5d8-4c33-867d-4c7f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:26:04.000Z",
|
|
"modified": "2018-03-23T10:26:04.000Z",
|
|
"description": "Replica Adventure",
|
|
"pattern": "[file:name = 'com.replica.adventure.gp']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:26:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d661-3ffc-4d40-a2e3-4f9d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:26:41.000Z",
|
|
"modified": "2018-03-23T10:26:41.000Z",
|
|
"description": "Amazing Gamebox",
|
|
"pattern": "[file:name = 'com.ads.wowgames']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:26:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d661-73bc-4c28-b0b4-4e56950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:26:41.000Z",
|
|
"modified": "2018-03-23T10:26:41.000Z",
|
|
"description": "Super locker",
|
|
"pattern": "[file:name = 'com.wtns.superlocker']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:26:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d662-8a10-4841-957a-4416950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:26:42.000Z",
|
|
"modified": "2018-03-23T10:26:42.000Z",
|
|
"description": "Music Player",
|
|
"pattern": "[file:name = 'com.musicg.ckiqp']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:26:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d682-55e0-4e3a-b7fc-4161950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:27:14.000Z",
|
|
"modified": "2018-03-23T10:27:14.000Z",
|
|
"description": "CuteCamera",
|
|
"pattern": "[file:name = 'com.hygk.hlhy']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:27:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d6ed-49c0-42c3-976a-4d98950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:29:01.000Z",
|
|
"modified": "2018-03-23T10:29:01.000Z",
|
|
"description": "Cartoon Camera-stylish, clean",
|
|
"pattern": "[file:name = 'com.kkcamera.akbcartoon']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:29:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d6ee-6728-4bc4-8a27-44b4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:29:02.000Z",
|
|
"modified": "2018-03-23T10:29:02.000Z",
|
|
"description": "Art Camera",
|
|
"pattern": "[file:name = 'com.craft.decorate']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:29:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d6ee-8910-4fe5-ad85-4682950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:29:02.000Z",
|
|
"modified": "2018-03-23T10:29:02.000Z",
|
|
"description": "Infinity safe",
|
|
"pattern": "[file:name = 'com.applocker.coldwar']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:29:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d746-94cc-42bd-b9ce-41f8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:30:30.000Z",
|
|
"modified": "2018-03-23T10:30:30.000Z",
|
|
"description": "Magical Horoscope",
|
|
"pattern": "[file:name = 'com.final.horosope']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:30:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d746-a880-419f-a792-4bf5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:30:30.000Z",
|
|
"modified": "2018-03-23T10:30:30.000Z",
|
|
"description": "Toolbox",
|
|
"pattern": "[file:name = 'com.gp.toolboxche']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:30:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d747-b960-4ba0-821e-4040950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:30:31.000Z",
|
|
"modified": "2018-03-23T10:30:31.000Z",
|
|
"description": "Cute Belle",
|
|
"pattern": "[file:name = 'com.prettygirl.newyear']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:30:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d747-067c-41de-8580-49df950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:30:31.000Z",
|
|
"modified": "2018-03-23T10:30:31.000Z",
|
|
"description": "CartoonWallpaper",
|
|
"pattern": "[file:name = 'com.roy.cartoonwallpaper']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:30:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d748-e348-40bd-921e-42a1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:30:32.000Z",
|
|
"modified": "2018-03-23T10:30:32.000Z",
|
|
"description": "Ringtone",
|
|
"pattern": "[file:name = 'com.thebell.newcentury']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:30:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d778-3284-4005-899a-4aa3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:31:20.000Z",
|
|
"modified": "2018-03-23T10:31:20.000Z",
|
|
"description": "Best Camera",
|
|
"pattern": "[file:name = 'com.aypx.ygzp']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:31:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d778-8080-4150-a41d-4de6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:31:20.000Z",
|
|
"modified": "2018-03-23T10:31:20.000Z",
|
|
"description": "Colorful Locker",
|
|
"pattern": "[file:name = 'com.colorful.locker']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:31:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d779-ff74-411c-9d03-4d5c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:31:21.000Z",
|
|
"modified": "2018-03-23T10:31:21.000Z",
|
|
"description": "Light Keyboard",
|
|
"pattern": "[file:name = 'com.hlux.wfsha']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:31:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d779-51a8-45bd-a557-4e20950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:31:21.000Z",
|
|
"modified": "2018-03-23T10:31:21.000Z",
|
|
"description": "Safe Privacy",
|
|
"pattern": "[file:name = 'com.ytkue.oprw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:31:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d77a-2cd4-47d3-bc02-4102950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:31:22.000Z",
|
|
"modified": "2018-03-23T10:31:22.000Z",
|
|
"description": "Enjoy Wallpaper",
|
|
"pattern": "[file:name = 'com.qwer.enjoy.enjoywallpaper']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:31:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d7c7-ecdc-46ae-94f8-4263950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:32:39.000Z",
|
|
"modified": "2018-03-23T10:32:39.000Z",
|
|
"description": "Fancy locker",
|
|
"pattern": "[file:name = 'com.highfirst.fancylocker']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:32:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d7c8-2ec0-4fea-98dd-4964950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:32:40.000Z",
|
|
"modified": "2018-03-23T10:32:40.000Z",
|
|
"description": "Vitality Camera",
|
|
"pattern": "[file:name = 'com.owexs.iouert']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:32:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d882-d0d4-4976-a833-42d4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:35:46.000Z",
|
|
"modified": "2018-03-23T10:35:46.000Z",
|
|
"description": "Lock Now",
|
|
"pattern": "[file:name = 'com.tools.yidian']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:35:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d882-0a10-47c9-97b3-4e7d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:35:46.000Z",
|
|
"modified": "2018-03-23T10:35:46.000Z",
|
|
"description": "Fancy Camera",
|
|
"pattern": "[file:name = 'com.camera.kfcfancy']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:35:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d883-7eac-487b-af22-4abb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:35:47.000Z",
|
|
"modified": "2018-03-23T10:35:47.000Z",
|
|
"description": "Useful Camera",
|
|
"pattern": "[file:name = 'com.hhcamera.useful']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:35:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d883-ad38-40af-b991-49c4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:35:47.000Z",
|
|
"modified": "2018-03-23T10:35:47.000Z",
|
|
"description": "Sec Transfer",
|
|
"pattern": "[file:name = 'com.sec.transfer']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:35:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d884-243c-4517-81cb-43cc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:39:20.000Z",
|
|
"modified": "2018-03-23T10:39:20.000Z",
|
|
"description": "Magic Filter",
|
|
"pattern": "[file:name = 'com.bpmiddle.oneversion']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:39:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d884-36bc-46ce-8550-4cb8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:36:37.000Z",
|
|
"modified": "2018-03-23T10:36:37.000Z",
|
|
"description": "Funny Video",
|
|
"pattern": "[file:name = 'com.funny.video.gp']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:36:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d9a1-68a8-47b3-9364-4aa9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:42:48.000Z",
|
|
"modified": "2018-03-23T10:42:48.000Z",
|
|
"description": "GG Player",
|
|
"pattern": "[file:name = 'com.gg.player.gp']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:42:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d9a2-d8f4-4a8c-936a-4e67950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:43:08.000Z",
|
|
"modified": "2018-03-23T10:43:08.000Z",
|
|
"description": "Love Camera",
|
|
"pattern": "[file:name = 'com.love.camera.gp']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:43:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d9a2-1bac-4ecb-a78c-4e02950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:43:03.000Z",
|
|
"modified": "2018-03-23T10:43:03.000Z",
|
|
"description": "Oneshot Beautify",
|
|
"pattern": "[file:name = 'com.oneshot.beautify.gp']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:43:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d9a3-efdc-4bf1-a0c8-4328950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:42:57.000Z",
|
|
"modified": "2018-03-23T10:42:57.000Z",
|
|
"description": "Pretty Camera",
|
|
"pattern": "[file:name = 'com.pretty.camera.gp']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:42:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d9a3-63e0-4c98-9747-4ba9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:42:42.000Z",
|
|
"modified": "2018-03-23T10:42:42.000Z",
|
|
"description": "Amazing Video",
|
|
"pattern": "[file:name = 'com.amazing.video.gp']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:42:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d9a3-d05c-49af-ae6a-4c26950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:43:13.000Z",
|
|
"modified": "2018-03-23T10:43:13.000Z",
|
|
"description": "Fine Photo",
|
|
"pattern": "[file:name = 'com.fine.photo.gp']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:43:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d9a4-7800-480f-b745-4e7a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:43:17.000Z",
|
|
"modified": "2018-03-23T10:43:17.000Z",
|
|
"description": "File Manager",
|
|
"pattern": "[file:name = 'com.file.manager.gp']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:43:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d9a4-df8c-4431-a56a-408e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:42:52.000Z",
|
|
"modified": "2018-03-23T10:42:52.000Z",
|
|
"description": "Cute Puzzle",
|
|
"pattern": "[file:name = 'com.cute.puzzle.gp']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:42:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ab4d9a5-a394-4efe-8705-42d1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-03-23T10:40:57.000Z",
|
|
"modified": "2018-03-23T10:40:57.000Z",
|
|
"description": "Smile Keyboard",
|
|
"pattern": "[file:name = 'com.keyboard.smile']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-03-23T10:40:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "marking-definition",
|
|
"spec_version": "2.1",
|
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
|
"created": "2017-01-20T00:00:00.000Z",
|
|
"definition_type": "tlp",
|
|
"name": "TLP:WHITE",
|
|
"definition": {
|
|
"tlp": "white"
|
|
}
|
|
}
|
|
]
|
|
} |