{ "Event": { "analysis": "2", "date": "2022-09-16", "extends_uuid": "", "info": "[Threat Intel] MA-862.092022: MyCERT Alert - MyPetronas Malicious Application", "protected": false, "publish_timestamp": "1780040012", "published": true, "threat_level_id": "2", "timestamp": "1772902014", "uuid": "857353ab-d28e-4b35-8dbd-7fde005ec133", "Orgc": { "name": "Rectifyq", "uuid": "cd9bd516-61fa-476b-980f-2f8de03992d4" }, "Tag": [ { "colour": "#ffffff", "local": false, "name": "tlp:clear", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" }, { "colour": "#49a260", "local": false, "name": "rectifyq:category=\"threat\"", "relationship_type": "" }, { "colour": "#d92121", "local": false, "name": "rectifyq:target=\"targeted\"", "relationship_type": "" }, { "colour": "#dd2e44", "local": false, "name": "rectifyq:MY-relevancy=\"relevant\"", "relationship_type": "" }, { "colour": "#b94b1d", "local": false, "name": "rectifyq:mitre-att&ck=\"none-from-src\"", "relationship_type": "" }, { "colour": "#915448", "local": false, "name": "misp-galaxy:target-information=\"Malaysia\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:f3b46834-6ce9-44ef-852d-d7ac61a12920=\"f8334ef2-9d35-48de-aa5e-bcdcd4c4d714\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:producer=\"4a61b42d-e3f0-4964-9d88-4aa96e24c31d\"", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740761342", "to_ids": false, "type": "link", "uuid": "3192d932-6880-4156-bd61-3e6c34821175", "value": "https://www.mycert.org.my/portal/details?menu=431fab9c-d24c-4a27-ba93-e92edafdefa5&id=90f925b0-f996-42b2-b0a3-64d994199792" }, { "category": "Network activity", "comment": "Landing page URL", "deleted": false, "disable_correlation": false, "timestamp": "1740761511", "to_ids": true, "type": "url", "uuid": "9c42693c-6c76-42d6-9cb1-3cf602e0fd85", "value": "https://pt-gift.store" }, { "category": "Network activity", "comment": "Landing page URL", "deleted": false, "disable_correlation": false, "timestamp": "1740761511", "to_ids": true, "type": "url", "uuid": "660741b1-1aea-440f-a808-9b71236d4efe", "value": "https://petronas-gift.store" }, { "category": "Network activity", "comment": "Landing page URL", "deleted": false, "disable_correlation": false, "timestamp": "1740761511", "to_ids": true, "type": "url", "uuid": "6555b89c-25ec-4f10-abbf-a32d5dd9b9b3", "value": "https://myworkshop.store" }, { "category": "Network activity", "comment": "C&C URL", "deleted": false, "disable_correlation": false, "timestamp": "1740761511", "to_ids": true, "type": "url", "uuid": "bde43ee7-4e30-4503-8895-f9d35cfd2138", "value": "https://lapks.online/skyblue_888a/api/api.php?post_order" }, { "category": "Network activity", "comment": "C&C URL", "deleted": false, "disable_correlation": false, "timestamp": "1740761511", "to_ids": true, "type": "url", "uuid": "baae11a2-8db1-446d-b218-bfc2527413e7", "value": "https://gpost996.online/post.php" }, { "category": "Network activity", "comment": "C&C URL", "deleted": false, "disable_correlation": false, "timestamp": "1740761512", "to_ids": true, "type": "url", "uuid": "524fcfe6-2c33-4624-9858-e641c7e8fe6c", "value": "https://sgbx.online?pass=app168&cmd=sms&sid=%1$s&sms=%2$s" } ], "Object": [ { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "25", "timestamp": "1745908695", "uuid": "a78b421c-9516-492f-84f5-194f2eda484c", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1745908695", "to_ids": true, "type": "md5", "uuid": "7854fb2e-3c1a-4e29-abc1-603418404142", "value": "9b839b76e2fadec2f461b7b440489601", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1745908650", "to_ids": true, "type": "sha1", "uuid": "6f29b1b0-ab8e-4ff4-9fb6-16c87ab80252", "value": "c6fa3333bccfe51ef149b8536eeaa988e1ca6343", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1745908650", "to_ids": true, "type": "sha256", "uuid": "f869dad8-6c21-40f5-9450-68693f2e9778", "value": "954cf238d370b6420908956997f60abfc6153053bc6cc4c458c25320568fc729", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1745908649", "to_ids": true, "type": "ssdeep", "uuid": "97236d41-3f22-4222-8666-b1bbf38b3332", "value": "196608:poNsSIGnT9LNlxlq8xDTRhs9EFdfNSZ0fj91r2pNtRe5YIxTLgTX8q1aNkAqqvnt:eNsSIGnT9pHDTzs9EfNSmfh1ipNngYI9" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1745908649", "to_ids": false, "type": "size-in-bytes", "uuid": "f11d93a5-ab88-492f-aa52-db0ff824a2fa", "value": "10967116" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1745908649", "to_ids": true, "type": "vhash", "uuid": "98d0d0eb-eb5f-4381-be55-ba254b6e286c", "value": "c59cf41efd6fe04b2c0cea61d0412636" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1745908649", "to_ids": true, "type": "filename", "uuid": "1424c50e-4669-4877-a9b6-aea4bcf5ca84", "value": "myworkshop.apk" }, { "category": "Other", "comment": "Checked: 29/04/2025\nLast-scan\t: 22/09/2022", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1745908649", "to_ids": false, "type": "text", "uuid": "938d45be-ec6f-4741-bec0-df48e77e274e", "value": "Type Description: Android\nMicrosoft: Trojan:AndroidOS/Multiverze\nVT Total Detection:23/65\nFirst Submission:2022-09-15T07:30:22.000000+00:00\nLast Submission:2022-09-15T23:25:11.000000+00:00" } ] } ] } }