{ "Event": { "analysis": "2", "date": "2020-06-27", "extends_uuid": "", "info": "[Threat Intel] MA-789.062020: MyCERT Advisory - StayAtHome malicious APK campaign", "protected": false, "publish_timestamp": "1780039914", "published": true, "threat_level_id": "2", "timestamp": "1780039914", "uuid": "9c2e21c0-3bc1-4868-aa12-9eaaa790ec7a", "Orgc": { "name": "Rectifyq", "uuid": "cd9bd516-61fa-476b-980f-2f8de03992d4" }, "Tag": [ { "colour": "#ffffff", "local": false, "name": "tlp:clear", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" }, { "colour": "#915448", "local": false, "name": "misp-galaxy:target-information=\"Malaysia\"", "relationship_type": "" }, { "colour": "#49a260", "local": false, "name": "rectifyq:category=\"threat\"", "relationship_type": "" }, { "colour": "#130049", "local": false, "name": "rectifyq:sub-category=\"campaign-analysis\"", "relationship_type": "" }, { "colour": "#d92121", "local": false, "name": "rectifyq:target=\"targeted\"", "relationship_type": "" }, { "colour": "#dd2e44", "local": false, "name": "rectifyq:MY-relevancy=\"relevant\"", "relationship_type": "" }, { "colour": "#b94b1d", "local": false, "name": "rectifyq:mitre-att&ck=\"none-from-src\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#3800d9", "local": false, "name": "rectifyq:action-taken=\"VT-comment\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:producer=\"4a61b42d-e3f0-4964-9d88-4aa96e24c31d\"", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740502401", "to_ids": false, "type": "link", "uuid": "0c6bf2d0-adfd-4cdd-ba5c-fd486849fa1e", "value": "https://mycert.org.my/portal/advisory?id=MA-789.062020" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1746832221", "to_ids": true, "type": "url", "uuid": "91a30b1f-d668-47c2-8416-dc857e0a70d6", "value": "https://defase241.s3.eu-central-1.amazonaws.com/StayHomeMalaysia.apk", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1746832242", "to_ids": true, "type": "url", "uuid": "2b5bb152-4abb-4722-9069-c79a335491a6", "value": "https://fewfasdfwerta.s3.eu-central-1.amazonaws.com/StayAtHome.apk", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1746832263", "to_ids": true, "type": "url", "uuid": "77b1514e-3602-439c-a5f8-775afabff8b3", "value": "https://stayinghomemalaysia.s3.eu-central-1.amazonaw.com/StayingHomeMalaysia.apk", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1746832284", "to_ids": true, "type": "url", "uuid": "2567d445-c9db-4bb7-b263-7b3199ab925b", "value": "https://20gbcampings.com/APK/20GBGift.apk", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1746832306", "to_ids": true, "type": "url", "uuid": "eccaafff-ddfc-409e-a3eb-08f6864ca650", "value": "https://fesastatre214s.s3.eu-central-1.amazonaws.com/Hadiah.apk", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1746832327", "to_ids": true, "type": "domain", "uuid": "f17a3530-2884-4fb6-9bc1-f11f86ddecb0", "value": "cabel1lan4ightice2.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1746832348", "to_ids": true, "type": "domain", "uuid": "fbd82450-eef3-4323-9d2f-2a7c9d0b693c", "value": "fe2rltao23ts.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1746832369", "to_ids": true, "type": "domain", "uuid": "43833784-5d5f-4c4f-9347-0ee370b35830", "value": "gladyobreic24e1s.top", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1746832390", "to_ids": true, "type": "domain", "uuid": "2da155df-be46-458a-9919-8da7f42b5878", "value": "ucuzplastk.tk", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1780039912", "to_ids": true, "type": "ip-dst", "uuid": "1a02eebf-288b-473d-bf48-f4b003add637", "value": "47.252.20.45", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" }, { "colour": "#836891", "local": false, "name": "asn:asn=\"45102\"", "relationship_type": "" }, { "colour": "#692b04", "local": false, "name": "asn:as-owner=\"ALIBABA-CN-NET Alibaba US Technology Co., Ltd.\"", "relationship_type": "" }, { "colour": "#9256df", "local": false, "name": "asn:as-country=\"CN\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:country=\"china\"", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1780039914", "to_ids": true, "type": "ip-dst", "uuid": "2afcf0fd-303a-433e-81cd-811436a67f11", "value": "148.66.159.235", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" }, { "colour": "#44f56a", "local": false, "name": "asn:asn=\"26496\"", "relationship_type": "" }, { "colour": "#238399", "local": false, "name": "asn:as-owner=\"AS-26496-GO-DADDY-COM-LLC\"", "relationship_type": "" }, { "colour": "#d16c37", "local": false, "name": "asn:as-country=\"US\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:country=\"united states of america\"", "relationship_type": "" } ] } ], "Object": [ { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "25", "timestamp": "1746832456", "uuid": "2cda4810-8e8b-4356-9c16-4b32d7f71474", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1746832456", "to_ids": true, "type": "md5", "uuid": "683a6b68-ef9f-4f2d-b8b9-45fcd7ba8d69", "value": "b4546bfaa3f339f624a9fe8e64a682e1", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1746697945", "to_ids": true, "type": "sha1", "uuid": "0cb1089e-89b3-4253-a93b-1547af5580a8", "value": "670300e945e534725c411a0fff6a484f91ef2825", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1746697945", "to_ids": true, "type": "sha256", "uuid": "8a6565fe-7ddc-4a3d-baa4-423f19247238", "value": "2c77586ac25becd2c7241a807dd7e408ddaa518a6061dcf95ab6d2f910749555", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1746697944", "to_ids": true, "type": "ssdeep", "uuid": "9b689216-e0dc-4459-9d48-9599f899cb26", "value": "24576:SLUw7EpLn29Uip52nWas/TmidjoWJbIFvZOZPbkbt9DitP5aM4cJM7tSb0lh9MZd:oUw7oL29UM52Was/T5j7Jb+uPbEpaxTd" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1746697944", "to_ids": false, "type": "size-in-bytes", "uuid": "d8f065dd-bb96-4e64-8017-868ee3647bf8", "value": "1409442" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1746697944", "to_ids": true, "type": "vhash", "uuid": "94d67959-d836-4a80-b857-a78eedb0bfd8", "value": "e76a34f15d1b8cd115c0db4c2ead22b9" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1746697944", "to_ids": true, "type": "filename", "uuid": "0785db8d-4027-4862-bd03-9ea71bd7b1c0", "value": "StayHomeMalaysia.apk" }, { "category": "Other", "comment": "Checked: 08/05/2025\nLast-scan\t: 03/06/2020", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1746697944", "to_ids": false, "type": "text", "uuid": "d66e7960-9022-4377-952e-95bfd1b18ed9", "value": "Type Description: Android\nMicrosoft: Trojan:Script/Wacatac.C!ml\nVT Total Detection:16/63\nFirst Submission:2020-06-02T03:59:04.000000+00:00\nLast Submission:2020-06-02T03:59:04.000000+00:00" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "25", "timestamp": "1746832479", "uuid": "6f92abe0-f3f9-4d23-8a6b-1be6cd6585f0", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1746832479", "to_ids": true, "type": "md5", "uuid": "7659cc5a-ac35-4243-b788-288da1d27499", "value": "8ff52a49b6efc41c5bd3f77c406297f3", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1746697966", "to_ids": true, "type": "sha1", "uuid": "3355c5b6-9fed-4a74-846c-562a9badf0ba", "value": "5f7e1f00eef53c3654b406bc097094d4a2727469", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1746697966", "to_ids": true, "type": "sha256", "uuid": "e50b0b20-3cb8-463d-a762-ee7a3cf61737", "value": "4a21ec52a544e3b77ed0ddb5dea5f5fac91714a4aa0a40396cc85663d4e15444", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1746697966", "to_ids": true, "type": "ssdeep", "uuid": "c175b6e3-e410-49fc-8620-959ae5aa21ef", "value": "24576:mpksHl6HVFRbL1yfAuM38WZpVJFZeM4cJM7tSb0lh9MZe3X2/z35FQ7YibISCqfk:mplHIVF9L1hp3NZpzHP4c+Rc9p" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1746697966", "to_ids": false, "type": "size-in-bytes", "uuid": "41ce86f0-3065-4c36-a6dd-511b0e1aca82", "value": "1443411" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1746697966", "to_ids": true, "type": "vhash", "uuid": "3e03c366-735f-4379-9f63-ed2cba9382fb", "value": "e76a34f15d1b8cd115c0db4c2ead22b9" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1746697966", "to_ids": true, "type": "filename", "uuid": "644e6f86-4835-458a-8fca-0f4de4f3f05d", "value": "StayAtHome.apk" }, { "category": "Other", "comment": "Checked: 08/05/2025\nLast-scan\t: 04/06/2020", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1746697966", "to_ids": false, "type": "text", "uuid": "93fd8b64-f9cf-4300-a695-785d8af12043", "value": "Type Description: Android\nMicrosoft: Trojan:Script/Wacatac.C!ml\nVT Total Detection:28/63\nFirst Submission:2020-06-02T02:01:58.000000+00:00\nLast Submission:2020-06-02T02:01:58.000000+00:00" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "25", "timestamp": "1746832505", "uuid": "50df4d56-37d2-4f5f-9ad3-805439d25691", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1746832505", "to_ids": true, "type": "md5", "uuid": "dc0adc3c-cf58-497b-9c3f-d092a8ac4c00", "value": "548bae857891cc7e578031922def6c5a", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1746697988", "to_ids": true, "type": "sha1", "uuid": "0fbb2eb9-96f6-475c-9e89-71b93ce78f1a", "value": "c7f7499262d4619a7dbf03b480883793f9fe4b6f", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1746697988", "to_ids": true, "type": "sha256", "uuid": "69961784-cbf7-463c-b850-afb3a5800a19", "value": "8e36e5f1de62ec48bbdf8eeca4e2ab65c186d4978f1cd715611e06b16aa3fc34", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1746697987", "to_ids": true, "type": "ssdeep", "uuid": "677643b6-d8dc-4415-b5df-bac14304f1cd", "value": "24576:O1e4PXLTvcQFhbQw4z3OqtzHqT1XMYVuM4cJM7tSb0lh9MZe3X2/z35FQ7YibISp:O1e4PU85Qw4LOeD6Xn/4c+K4IBBBBovb" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1746697987", "to_ids": false, "type": "size-in-bytes", "uuid": "9dd6b984-ce49-40d2-9a8f-52c1ba0df88b", "value": "1556104" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1746697987", "to_ids": true, "type": "vhash", "uuid": "80c955fe-fa1b-407b-adc7-799bb6754401", "value": "e76a34f15d1b8cd115c0db4c2ead22b9" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1746697987", "to_ids": true, "type": "filename", "uuid": "7af09d07-1d10-42d8-b9de-ddecb314d65d", "value": "StayingHomeMalaysia.apk" }, { "category": "Other", "comment": "Checked: 08/05/2025\nLast-scan\t: 14/12/2020", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1746697987", "to_ids": false, "type": "text", "uuid": "31514d08-b376-4690-84b0-16d40921224e", "value": "Type Description: Android\nMicrosoft: Trojan:Script/Wacatac.C!ml\nVT Total Detection:37/65\nFirst Submission:2020-06-02T05:51:40.000000+00:00\nLast Submission:2020-06-02T05:51:40.000000+00:00" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "25", "timestamp": "1746832528", "uuid": "ab7a5838-8911-4b36-bd06-43d24c0bd3d1", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1746832528", "to_ids": true, "type": "md5", "uuid": "dcadc375-7b26-49da-8c31-9ee2e614017d", "value": "b61c8f5157a38a1b40b4294be3e8cb29", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1746698009", "to_ids": true, "type": "sha1", "uuid": "c25da0a7-3b24-4d80-ad16-8cccb2e23eaf", "value": "7e10f666db9ecc143f4aa53ec39e5ce6b2bbe793", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1746698009", "to_ids": true, "type": "sha256", "uuid": "71955c69-8875-4bb1-b1cd-146716b06f14", "value": "b7cb5ae55f339bafc95c0b69bfb7ac46a71f2df1d3f457abf94659b67829a583", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1746698009", "to_ids": true, "type": "ssdeep", "uuid": "6524ba3c-ffe0-4ba0-b04f-379c1a8c0266", "value": "24576:3gPp0h6Om+YftITGyNDUMB9h+kHCM4cJM7tSb0lh9MZe3X2/z35FQ7YibISCqf8f:3gx081TftklUOL4c+R8EfE6O+S" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1746698009", "to_ids": false, "type": "size-in-bytes", "uuid": "ccea2399-58a1-4150-a0d9-6fc344408551", "value": "1476887" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1746698009", "to_ids": true, "type": "vhash", "uuid": "ea0feb3c-8b49-4237-b248-0b2c876c7584", "value": "e76a34f15d1b8cd115c0db4c2ead22b9" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1746698009", "to_ids": true, "type": "filename", "uuid": "9250ae06-f156-4ed7-ade4-fe1400694d4a", "value": "Hadiah.apk" }, { "category": "Other", "comment": "Checked: 08/05/2025\nLast-scan\t: 08/07/2021", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1746698009", "to_ids": false, "type": "text", "uuid": "e15a34a7-1dbd-4ee3-9853-cfaa8c08cd94", "value": "Type Description: Android\nMicrosoft: Trojan:Script/Wacatac.B!ml\nVT Total Detection:29/64\nFirst Submission:2020-06-02T01:08:17.000000+00:00\nLast Submission:2020-06-02T01:08:17.000000+00:00" } ] }, { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "25", "timestamp": "1746832549", "uuid": "04618278-b21c-4653-906e-de7fc52114ca", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1746832549", "to_ids": true, "type": "md5", "uuid": "4a33afce-8fbc-4236-b543-63c56d32685e", "value": "69efe778721dcd66bbd7ed1eaf2ae116", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1746698030", "to_ids": true, "type": "sha1", "uuid": "8d181962-d9a4-41e6-b6c2-70778f63ea0b", "value": "486302fd8dee7ad3b1f068e3143edfa603ae54c6", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1746698031", "to_ids": true, "type": "sha256", "uuid": "d003a85d-2e65-449a-8327-a4b35c4c5819", "value": "5386abd90497dc0b97537ae585addfa1772b10cd4353e41b413e90eb07a145fe", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1746698030", "to_ids": true, "type": "ssdeep", "uuid": "68f62fb8-4186-4591-ae5a-60a0f7133bd0", "value": "49152:D9JYfTPf5W/PZO4aCb7veLI4/PffoyLyOyf7Rr:DLYfouCPeLI4XffbjKdr" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1746698030", "to_ids": false, "type": "size-in-bytes", "uuid": "950b4123-3531-4ac4-87c8-afd8316b443a", "value": "1860561" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1746698030", "to_ids": true, "type": "vhash", "uuid": "84e9c6ad-8b88-4231-8550-452318b900a2", "value": "cc95e9dad7fdc0e9fc5341606c7010c4" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1746698030", "to_ids": true, "type": "filename", "uuid": "06cc3a6a-e491-4229-b066-1037ae0b27ed", "value": "20GBGift.apk" }, { "category": "Other", "comment": "Checked: 08/05/2025\nLast-scan\t: 17/06/2020", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1746698030", "to_ids": false, "type": "text", "uuid": "4e064af0-890d-4302-93e5-e01329c7fbdd", "value": "Type Description: Android\nMicrosoft: None\nVT Total Detection:22/64\nFirst Submission:2020-06-11T14:08:01.000000+00:00\nLast Submission:2020-06-11T14:08:01.000000+00:00" } ] } ] } }