{ "Event": { "analysis": "2", "date": "2020-06-02", "extends_uuid": "", "info": "[Threat Intel] \"Hadiah.apk\"", "protected": false, "publish_timestamp": "1780039904", "published": true, "threat_level_id": "2", "timestamp": "1772901993", "uuid": "b7e6e5f1-3378-440d-ae62-ffa6387887bc", "Orgc": { "name": "Rectifyq", "uuid": "cd9bd516-61fa-476b-980f-2f8de03992d4" }, "Tag": [ { "colour": "#ffffff", "local": false, "name": "tlp:clear", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" }, { "colour": "#49a260", "local": false, "name": "rectifyq:category=\"threat\"", "relationship_type": "" }, { "colour": "#d92121", "local": false, "name": "rectifyq:target=\"targeted\"", "relationship_type": "" }, { "colour": "#dd2e44", "local": false, "name": "rectifyq:MY-relevancy=\"relevant\"", "relationship_type": "" }, { "colour": "#b94b1d", "local": false, "name": "rectifyq:mitre-att&ck=\"none-from-src\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#915448", "local": false, "name": "misp-galaxy:target-information=\"Malaysia\"", "relationship_type": "" }, { "colour": "#e931d8", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Capture SMS Messages - T1412\"", "relationship_type": "" }, { "colour": "#704a15", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Audio Capture - T1429\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Internet Connection Discovery - T1422.001\"", "relationship_type": "" }, { "colour": "#e1e5b7", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"SMS Control - T1582\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Contact List - T1636.003\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Call Control - T1616\"", "relationship_type": "" }, { "colour": "#3800d9", "local": false, "name": "rectifyq:action-taken=\"VT-comment\"", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1740482827", "to_ids": false, "type": "link", "uuid": "906ea0dd-60b4-4eb4-8137-e9937ea82686", "value": "https://x.com/malwrhunterteam/status/1267766216766173184" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1746815509", "to_ids": true, "type": "url", "uuid": "153a8c44-c1b3-4edd-b889-a7b377046264", "value": "https://fesastatre214s.s3.eu-central-1.amazonaws.com/Hadiah.apk", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] } ], "Object": [ { "comment": "", "deleted": false, "description": "File object describing a file with meta-information", "meta-category": "file", "name": "file", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "template_version": "25", "timestamp": "1746815530", "uuid": "9eedf1e8-6d62-425c-912c-ccac7b2e66fa", "Attribute": [ { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "md5", "timestamp": "1746815530", "to_ids": true, "type": "md5", "uuid": "fc446bd9-2ce2-4670-8309-428845e4e1c2", "value": "b61c8f5157a38a1b40b4294be3e8cb29", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha1", "timestamp": "1746696988", "to_ids": true, "type": "sha1", "uuid": "855fbbe5-b538-480d-ba39-caccb1c25a46", "value": "7e10f666db9ecc143f4aa53ec39e5ce6b2bbe793", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "sha256", "timestamp": "1746696989", "to_ids": true, "type": "sha256", "uuid": "30075da8-5073-4115-920b-b8d6c3e4ee64", "value": "b7cb5ae55f339bafc95c0b69bfb7ac46a71f2df1d3f457abf94659b67829a583", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" } ] }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "ssdeep", "timestamp": "1746696988", "to_ids": true, "type": "ssdeep", "uuid": "79276514-3f01-4557-b1ed-ed3550744345", "value": "24576:3gPp0h6Om+YftITGyNDUMB9h+kHCM4cJM7tSb0lh9MZe3X2/z35FQ7YibISCqf8f:3gx081TftklUOL4c+R8EfE6O+S" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "size-in-bytes", "timestamp": "1746696988", "to_ids": false, "type": "size-in-bytes", "uuid": "93fab78b-2554-43d1-bf1c-ba1e948c76e8", "value": "1476887" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "vhash", "timestamp": "1746696988", "to_ids": true, "type": "vhash", "uuid": "a94ec1c9-a93b-4af3-aaf9-5018875749db", "value": "e76a34f15d1b8cd115c0db4c2ead22b9" }, { "category": "Payload delivery", "comment": "", "deleted": false, "disable_correlation": true, "object_relation": "filename", "timestamp": "1746696988", "to_ids": true, "type": "filename", "uuid": "aa50047f-8798-4c4c-a524-06662c57126f", "value": "Hadiah.apk" }, { "category": "Other", "comment": "Checked: 08/05/2025\nLast-scan\t: 08/07/2021", "deleted": false, "disable_correlation": true, "object_relation": "text", "timestamp": "1746696988", "to_ids": false, "type": "text", "uuid": "cbdb2c7b-5a47-41db-85e1-f27c518f7fae", "value": "Type Description: Android\nMicrosoft: Trojan:Script/Wacatac.B!ml\nVT Total Detection:29/64\nFirst Submission:2020-06-02T01:08:17.000000+00:00\nLast Submission:2020-06-02T01:08:17.000000+00:00" } ] } ] } }