misp-circl-feed/feeds/circl/misp/598dc10d-2e10-4de5-8745-433202de0b81.json

126 lines
No EOL
4.2 KiB
JSON

{
"Event": {
"analysis": "2",
"date": "2017-08-11",
"extends_uuid": "",
"info": "OSINT - Fake Snapchat in Google Play Store",
"publish_timestamp": "1502462432",
"published": true,
"threat_level_id": "3",
"timestamp": "1502462398",
"uuid": "598dc10d-2e10-4de5-8745-433202de0b81",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"local": "0",
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#5f0077",
"local": "0",
"name": "ms-caro-malware:malware-platform=\"AndroidOS\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1502462398",
"to_ids": false,
"type": "link",
"uuid": "598dc128-b620-491f-902c-4df402de0b81",
"value": "https://blog.zimperium.com/fake-snapchat-google-play-store/",
"Tag": [
{
"colour": "#00223b",
"local": "0",
"name": "osint:source-type=\"blog-post\"",
"relationship_type": ""
}
]
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1502462398",
"to_ids": false,
"type": "text",
"uuid": "598dc141-218c-4086-b974-497e02de0b81",
"value": "Zimperium discovered and reported a fake version of the popular Snapchat app in the official Google Play Store; At the time of our discovery, it was the second result when searching for \u00e2\u20ac\u0153Snapchat\u00e2\u20ac\u009d. The fake version of Snapchat app is using \u00e2\u20ac\u0153Snap Inc .\u00e2\u20ac\u009d as Company Name, with a \u00e2\u20ac\u009d .\u00e2\u20ac\u009d appended to original name.",
"Tag": [
{
"colour": "#00223b",
"local": "0",
"name": "osint:source-type=\"blog-post\"",
"relationship_type": ""
}
]
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1502462398",
"to_ids": false,
"type": "mobile-application-id",
"uuid": "598dc195-e494-4617-a1e4-486302de0b81",
"value": "com.snacha.android"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1502462398",
"to_ids": true,
"type": "sha256",
"uuid": "598dc1b5-d13c-4fb5-a52d-44ca02de0b81",
"value": "f1049a50763fd4a8dddd45735ee97a419caac0997a0c99393af111a24afdf146"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: f1049a50763fd4a8dddd45735ee97a419caac0997a0c99393af111a24afdf146",
"deleted": false,
"disable_correlation": false,
"timestamp": "1502462398",
"to_ids": true,
"type": "sha1",
"uuid": "598dc1be-1174-4856-a6e8-4dc702de0b81",
"value": "41859c0fe79f625ddcc0f851519a811c2d017a18"
},
{
"category": "Payload delivery",
"comment": "- Xchecked via VT: f1049a50763fd4a8dddd45735ee97a419caac0997a0c99393af111a24afdf146",
"deleted": false,
"disable_correlation": false,
"timestamp": "1502462398",
"to_ids": true,
"type": "md5",
"uuid": "598dc1be-80cc-4105-a841-430f02de0b81",
"value": "510f1c68f93ff812e07ffe8caf609a63"
},
{
"category": "External analysis",
"comment": "- Xchecked via VT: f1049a50763fd4a8dddd45735ee97a419caac0997a0c99393af111a24afdf146",
"deleted": false,
"disable_correlation": false,
"timestamp": "1502462398",
"to_ids": false,
"type": "link",
"uuid": "598dc1be-ccb4-4eea-8924-44e802de0b81",
"value": "https://www.virustotal.com/file/f1049a50763fd4a8dddd45735ee97a419caac0997a0c99393af111a24afdf146/analysis/1502452010/"
}
]
}
}