-
-
Save VulBusters/9202e2ca6ecad93f086328dee645f7a6 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "type": "bundle", | |
| "id": "bundle--d4a934d2-58a7-4edd-9086-fbb1d845cd55", | |
| "objects": [ | |
| { | |
| "type": "malware", | |
| "spec_version": "2.1", | |
| "id": "malware--7ea102c5-2b7e-4088-b102-46691b1b84e5", | |
| "created": "2023-03-29T12:58:43.400613Z", | |
| "modified": "2023-03-29T12:58:43.400613Z", | |
| "name": "android-iocs", | |
| "description": "Targeted a malicious app", | |
| "is_family": false | |
| }, | |
| { | |
| "type": "indicator", | |
| "spec_version": "2.1", | |
| "id": "indicator--3bb926c3-4543-4b5f-b8e8-349dbe22009d", | |
| "created": "2023-03-29T12:58:43.408323Z", | |
| "modified": "2023-03-29T12:58:43.408323Z", | |
| "indicator_types": [ | |
| "malicious-activity" | |
| ], | |
| "pattern": "[app:id='com.example.key']", | |
| "pattern_type": "stix", | |
| "pattern_version": "2.1", | |
| "valid_from": "2023-03-29T12:58:43.408323Z" | |
| }, | |
| { | |
| "type": "relationship", | |
| "spec_version": "2.1", | |
| "id": "relationship--379da288-bfc6-4bdd-9110-b4c6f0658636", | |
| "created": "2023-03-29T12:58:43.409395Z", | |
| "modified": "2023-03-29T12:58:43.409395Z", | |
| "relationship_type": "indicates", | |
| "source_ref": "indicator--3bb926c3-4543-4b5f-b8e8-349dbe22009d", | |
| "target_ref": "malware--7ea102c5-2b7e-4088-b102-46691b1b84e5" | |
| }, | |
| { | |
| "type": "indicator", | |
| "spec_version": "2.1", | |
| "id": "indicator--ebf54fc8-01fc-4111-a5ba-e5e912ca27aa", | |
| "created": "2023-03-29T12:58:43.409586Z", | |
| "modified": "2023-03-29T12:58:43.409586Z", | |
| "indicator_types": [ | |
| "malicious-activity" | |
| ], | |
| "pattern": "[app:id='com.example.screencontrol']", | |
| "pattern_type": "stix", | |
| "pattern_version": "2.1", | |
| "valid_from": "2023-03-29T12:58:43.409586Z" | |
| }, | |
| { | |
| "type": "relationship", | |
| "spec_version": "2.1", | |
| "id": "relationship--2742ad91-09ed-4eba-88d3-ba13da3dfac4", | |
| "created": "2023-03-29T12:58:43.410563Z", | |
| "modified": "2023-03-29T12:58:43.410563Z", | |
| "relationship_type": "indicates", | |
| "source_ref": "indicator--ebf54fc8-01fc-4111-a5ba-e5e912ca27aa", | |
| "target_ref": "malware--7ea102c5-2b7e-4088-b102-46691b1b84e5" | |
| }, | |
| { | |
| "type": "indicator", | |
| "spec_version": "2.1", | |
| "id": "indicator--44c2c8f1-ec44-4cc5-835f-9724b98dd7cd", | |
| "created": "2023-03-29T12:58:43.410744Z", | |
| "modified": "2023-03-29T12:58:43.410744Z", | |
| "indicator_types": [ | |
| "malicious-activity" | |
| ], | |
| "pattern": "[domain-name:value='alpha88ok.com']", | |
| "pattern_type": "stix", | |
| "pattern_version": "2.1", | |
| "valid_from": "2023-03-29T12:58:43.410744Z" | |
| }, | |
| { | |
| "type": "relationship", | |
| "spec_version": "2.1", | |
| "id": "relationship--915bffbf-9eec-413b-a522-34175651a80d", | |
| "created": "2023-03-29T12:58:43.411494Z", | |
| "modified": "2023-03-29T12:58:43.411494Z", | |
| "relationship_type": "indicates", | |
| "source_ref": "indicator--44c2c8f1-ec44-4cc5-835f-9724b98dd7cd", | |
| "target_ref": "malware--7ea102c5-2b7e-4088-b102-46691b1b84e5" | |
| }, | |
| { | |
| "type": "indicator", | |
| "spec_version": "2.1", | |
| "id": "indicator--135f25f9-763e-4159-af37-7a5499ef7e89", | |
| "created": "2023-03-29T12:58:43.411672Z", | |
| "modified": "2023-03-29T12:58:43.411672Z", | |
| "indicator_types": [ | |
| "malicious-activity" | |
| ], | |
| "pattern": "[app:id='com.mmt.myyk']", | |
| "pattern_type": "stix", | |
| "pattern_version": "2.1", | |
| "valid_from": "2023-03-29T12:58:43.411672Z" | |
| }, | |
| { | |
| "type": "relationship", | |
| "spec_version": "2.1", | |
| "id": "relationship--1c36df85-91a6-4f2b-831b-ae46b3a87c45", | |
| "created": "2023-03-29T12:58:43.412417Z", | |
| "modified": "2023-03-29T12:58:43.412417Z", | |
| "relationship_type": "indicates", | |
| "source_ref": "indicator--135f25f9-763e-4159-af37-7a5499ef7e89", | |
| "target_ref": "malware--7ea102c5-2b7e-4088-b102-46691b1b84e5" | |
| }, | |
| { | |
| "type": "indicator", | |
| "spec_version": "2.1", | |
| "id": "indicator--8d5b6557-c65e-4824-b02e-8c43db5e2b82", | |
| "created": "2023-03-29T12:58:43.412595Z", | |
| "modified": "2023-03-29T12:58:43.412595Z", | |
| "indicator_types": [ | |
| "malicious-activity" | |
| ], | |
| "pattern": "[app:id='com.test.ykreven']", | |
| "pattern_type": "stix", | |
| "pattern_version": "2.1", | |
| "valid_from": "2023-03-29T12:58:43.412595Z" | |
| }, | |
| { | |
| "type": "relationship", | |
| "spec_version": "2.1", | |
| "id": "relationship--5b7c474b-fde3-4542-acfd-2dcd46060909", | |
| "created": "2023-03-29T12:58:43.413264Z", | |
| "modified": "2023-03-29T12:58:43.413264Z", | |
| "relationship_type": "indicates", | |
| "source_ref": "indicator--8d5b6557-c65e-4824-b02e-8c43db5e2b82", | |
| "target_ref": "malware--7ea102c5-2b7e-4088-b102-46691b1b84e5" | |
| }, | |
| { | |
| "type": "indicator", | |
| "spec_version": "2.1", | |
| "id": "indicator--77be74fd-d89f-4bc6-a765-e7d6b34eab30", | |
| "created": "2023-03-29T12:58:43.413438Z", | |
| "modified": "2023-03-29T12:58:43.413438Z", | |
| "indicator_types": [ | |
| "malicious-activity" | |
| ], | |
| "pattern": "[app:id='com.fungo.loveshow.xiaoailive']", | |
| "pattern_type": "stix", | |
| "pattern_version": "2.1", | |
| "valid_from": "2023-03-29T12:58:43.413438Z" | |
| }, | |
| { | |
| "type": "relationship", | |
| "spec_version": "2.1", | |
| "id": "relationship--4f49e8e4-86f1-431b-97ca-059e35f2264b", | |
| "created": "2023-03-29T12:58:43.414265Z", | |
| "modified": "2023-03-29T12:58:43.414265Z", | |
| "relationship_type": "indicates", | |
| "source_ref": "indicator--77be74fd-d89f-4bc6-a765-e7d6b34eab30", | |
| "target_ref": "malware--7ea102c5-2b7e-4088-b102-46691b1b84e5" | |
| }, | |
| { | |
| "type": "indicator", | |
| "spec_version": "2.1", | |
| "id": "indicator--dcc8e97b-7c52-476e-bbcf-f68bec8711fe", | |
| "created": "2023-03-29T12:58:43.414442Z", | |
| "modified": "2023-03-29T12:58:43.414442Z", | |
| "indicator_types": [ | |
| "malicious-activity" | |
| ], | |
| "pattern": "[app:id='com.watchfacestudio.tghformula']", | |
| "pattern_type": "stix", | |
| "pattern_version": "2.1", | |
| "valid_from": "2023-03-29T12:58:43.414442Z" | |
| }, | |
| { | |
| "type": "relationship", | |
| "spec_version": "2.1", | |
| "id": "relationship--e58e5cfb-cf7b-4d89-9b47-7fc95d539184", | |
| "created": "2023-03-29T12:58:43.415243Z", | |
| "modified": "2023-03-29T12:58:43.415243Z", | |
| "relationship_type": "indicates", | |
| "source_ref": "indicator--dcc8e97b-7c52-476e-bbcf-f68bec8711fe", | |
| "target_ref": "malware--7ea102c5-2b7e-4088-b102-46691b1b84e5" | |
| }, | |
| { | |
| "type": "indicator", | |
| "spec_version": "2.1", | |
| "id": "indicator--eb2dfd3a-c813-4405-9fbf-ddde2899b9aa", | |
| "created": "2023-03-29T12:58:43.415419Z", | |
| "modified": "2023-03-29T12:58:43.415419Z", | |
| "indicator_types": [ | |
| "malicious-activity" | |
| ], | |
| "pattern": "[domain-name:value='sprungkebab.link']", | |
| "pattern_type": "stix", | |
| "pattern_version": "2.1", | |
| "valid_from": "2023-03-29T12:58:43.415419Z" | |
| }, | |
| { | |
| "type": "relationship", | |
| "spec_version": "2.1", | |
| "id": "relationship--eecf4dfe-764d-4d7c-88d3-95b8eeec24f0", | |
| "created": "2023-03-29T12:58:43.416327Z", | |
| "modified": "2023-03-29T12:58:43.416327Z", | |
| "relationship_type": "indicates", | |
| "source_ref": "indicator--eb2dfd3a-c813-4405-9fbf-ddde2899b9aa", | |
| "target_ref": "malware--7ea102c5-2b7e-4088-b102-46691b1b84e5" | |
| }, | |
| { | |
| "type": "indicator", | |
| "spec_version": "2.1", | |
| "id": "indicator--b00ddb28-b4bc-4b26-87ed-807fef683a31", | |
| "created": "2023-03-29T12:58:43.416507Z", | |
| "modified": "2023-03-29T12:58:43.416507Z", | |
| "indicator_types": [ | |
| "malicious-activity" | |
| ], | |
| "pattern": "[domain-name:value='commodityutopia.net']", | |
| "pattern_type": "stix", | |
| "pattern_version": "2.1", | |
| "valid_from": "2023-03-29T12:58:43.416507Z" | |
| }, | |
| { | |
| "type": "relationship", | |
| "spec_version": "2.1", | |
| "id": "relationship--5496b6bc-7b3a-4fc6-881f-bc95deb42771", | |
| "created": "2023-03-29T12:58:43.417173Z", | |
| "modified": "2023-03-29T12:58:43.417173Z", | |
| "relationship_type": "indicates", | |
| "source_ref": "indicator--b00ddb28-b4bc-4b26-87ed-807fef683a31", | |
| "target_ref": "malware--7ea102c5-2b7e-4088-b102-46691b1b84e5" | |
| }, | |
| { | |
| "type": "indicator", | |
| "spec_version": "2.1", | |
| "id": "indicator--e9076301-d1c6-417a-bf59-01ecfde4c34b", | |
| "created": "2023-03-29T12:58:43.417346Z", | |
| "modified": "2023-03-29T12:58:43.417346Z", | |
| "indicator_types": [ | |
| "malicious-activity" | |
| ], | |
| "pattern": "[domain-name:value='glidingcoral.net']", | |
| "pattern_type": "stix", | |
| "pattern_version": "2.1", | |
| "valid_from": "2023-03-29T12:58:43.417346Z" | |
| }, | |
| { | |
| "type": "relationship", | |
| "spec_version": "2.1", | |
| "id": "relationship--516f160d-c1a5-480c-be33-c7a9c14ee857", | |
| "created": "2023-03-29T12:58:43.418088Z", | |
| "modified": "2023-03-29T12:58:43.418088Z", | |
| "relationship_type": "indicates", | |
| "source_ref": "indicator--e9076301-d1c6-417a-bf59-01ecfde4c34b", | |
| "target_ref": "malware--7ea102c5-2b7e-4088-b102-46691b1b84e5" | |
| }, | |
| { | |
| "type": "indicator", | |
| "spec_version": "2.1", | |
| "id": "indicator--f5e783ff-7847-4268-b9c4-b73977312e9b", | |
| "created": "2023-03-29T12:58:43.418278Z", | |
| "modified": "2023-03-29T12:58:43.418278Z", | |
| "indicator_types": [ | |
| "malicious-activity" | |
| ], | |
| "pattern": "[domain-name:value='gemcopackages.net']", | |
| "pattern_type": "stix", | |
| "pattern_version": "2.1", | |
| "valid_from": "2023-03-29T12:58:43.418278Z" | |
| }, | |
| { | |
| "type": "relationship", | |
| "spec_version": "2.1", | |
| "id": "relationship--e3cf8aaf-5153-4b62-ba31-d258fc17007f", | |
| "created": "2023-03-29T12:58:43.418939Z", | |
| "modified": "2023-03-29T12:58:43.418939Z", | |
| "relationship_type": "indicates", | |
| "source_ref": "indicator--f5e783ff-7847-4268-b9c4-b73977312e9b", | |
| "target_ref": "malware--7ea102c5-2b7e-4088-b102-46691b1b84e5" | |
| }, | |
| { | |
| "type": "indicator", | |
| "spec_version": "2.1", | |
| "id": "indicator--63fc5ec4-4c19-43a9-99a0-8a5df371a2e5", | |
| "created": "2023-03-29T12:58:43.419116Z", | |
| "modified": "2023-03-29T12:58:43.419116Z", | |
| "indicator_types": [ | |
| "malicious-activity" | |
| ], | |
| "pattern": "[domain-name:value='scarinessembattled.com']", | |
| "pattern_type": "stix", | |
| "pattern_version": "2.1", | |
| "valid_from": "2023-03-29T12:58:43.419116Z" | |
| }, | |
| { | |
| "type": "relationship", | |
| "spec_version": "2.1", | |
| "id": "relationship--20a2fdc8-fe6f-408c-b1f6-9d4506269e11", | |
| "created": "2023-03-29T12:58:43.419776Z", | |
| "modified": "2023-03-29T12:58:43.419776Z", | |
| "relationship_type": "indicates", | |
| "source_ref": "indicator--63fc5ec4-4c19-43a9-99a0-8a5df371a2e5", | |
| "target_ref": "malware--7ea102c5-2b7e-4088-b102-46691b1b84e5" | |
| } | |
| ] | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment