{ "type": "bundle", "id": "bundle--79866e54-18ab-4ca4-93ec-8bf9b6dc4a0e", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--ce40c63e-51d4-4ec5-a85b-2d76cd5ec7d1", "created": "2023-03-08T12:52:07.036238Z", "modified": "2025-06-18T12:58:21.951363Z", "name": "CiscoTalos", "identity_class": "organization" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--81d53885-0f88-429e-9f18-bfd41ab20c4c", "value": "ps.pndsn.com" }, { "type": "file", "spec_version": "2.1", "id": "file--c9555045-62e3-40f1-834b-45364f686bb8", "hashes": { "SHA-256": "90abfe3e4f21b5a16cd1ff3c485f079f73f5e7bbaca816917204858bb08007fc" } }, { "type": "url", "spec_version": "2.1", "id": "url--be6d146c-9169-4689-98d1-281748e70793", "value": "http://ebsmpi.com/ipin/360/desktops.ini" }, { "type": "url", "spec_version": "2.1", "id": "url--b0fdb4e2-6d67-4774-9916-21a2e73fdecb", "value": "http://ebsmpi.com/ipin/360/Ant_3.5.exe" }, { "type": "url", "spec_version": "2.1", "id": "url--fa5df14a-774a-4aa8-9c93-095ad759ddf4", "value": "http://cgalim.com/admin/hr/1.apk" }, { "type": "url", "spec_version": "2.1", "id": "url--737d2e35-f5d1-4991-9e51-5a6e907bafe0", "value": "http://cgalim.com/admin/hr/hr.doc" }, { "type": "url", "spec_version": "2.1", "id": "url--e4e3e649-17f5-40ba-bbcc-25c4344a5f41", "value": "http://ebsmpi.com/ipin/360/Ant_4.5.exe" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--3e4b1849-89f1-499f-850b-eede12cf46c0", "value": "ebsmpi.com" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--46c681f2-bb88-4cea-9fa4-ae8e66106ca5", "value": "cgalim.com" }, { "type": "file", "spec_version": "2.1", "id": "file--65fe78a4-b3ec-48e9-9672-2d2879eec1c8", "hashes": { "SHA-256": "6b1f2dfe805fa0e27139c5a4840042599262dbbf4511a118d3fba3d4ec35f2d7" } }, { "type": "file", "spec_version": "2.1", "id": "file--a97b84de-4747-4621-8a6e-08a77234a70d", "hashes": { "SHA-256": "f33aedfe5ebc918f5489e1f8a9fe19b160f112726e7ac2687e429695723bca6a" } }, { "type": "file", "spec_version": "2.1", "id": "file--7feed3ac-939a-4e73-8b19-838ba5073b59", "hashes": { "SHA-256": "86887ce368d9a3e7fdf9aa62418cd68daeea62269d17afb059ab64201047e378" } }, { "type": "file", "spec_version": "2.1", "id": "file--ce755451-c226-4f4e-b1ad-3e36ddb6f0fc", "hashes": { "SHA-256": "dd3f5ad44a80e7872e826869d270cbd5c0dc4efafff6c958bd1350ce1db973eb" } }, { "type": "file", "spec_version": "2.1", "id": "file--832e86f6-cb0d-4037-b983-947f5782902e", "hashes": { "SHA-256": "7a82cc0330e8974545d5a8cdca95b8d87250224aabc6a4f75a08dddaebb79670" } }, { "type": "file", "spec_version": "2.1", "id": "file--6da7b63b-a426-456a-95fc-e42ba63716d2", "hashes": { "SHA-256": "c015292aab1d41acd0674c98cd8e91379c1a645c31da24f8d017722d9b942235" } }, { "type": "file", "spec_version": "2.1", "id": "file--31186c6c-1e38-4e3d-843e-6805b7f8ae6d", "hashes": { "SHA-256": "d24d1b667829db9871080b97516dbe2e93ffaa3ac6fb0a4050a7616016c10d32" } }, { "type": "file", "spec_version": "2.1", "id": "file--a3964bfa-1cbc-46fd-9002-514f8dab56b5", "hashes": { "SHA-256": "9ff7240c77fca939cde0eb1ffe7f6425c4dcfde2cdd1027dde6d07386c17f878" } }, { "type": "file", "spec_version": "2.1", "id": "file--b8aba20b-5e67-4f31-8a24-49651bf319fb", "hashes": { "SHA-256": "4cb16189f52a428a49916a8b533fdebf0fe95970b4066ce235777d3e95bff95b" } }, { "type": "url", "spec_version": "2.1", "id": "url--792321cc-19ff-43d0-b03f-71b67824ea99", "value": "http://cgalim.com/admin/1211me/Ant_3.5.exe" }, { "type": "url", "spec_version": "2.1", "id": "url--127d76d6-de62-4063-b53c-c2ca6ac29275", "value": "http://cgalim.com/admin/1211me/desktops.ini" }, { "type": "url", "spec_version": "2.1", "id": "url--9f3989ae-4fc4-416e-ae75-b13bfde71776", "value": "http://cgalim.com/admin/hr/pu/pu.php" }, { "type": "url", "spec_version": "2.1", "id": "url--6c20c600-451e-4b55-8479-170662ec79c0", "value": "http://cgalim.com/admin/1211me/Ant_4.5.exe" }, { "type": "threat-actor", "spec_version": "2.1", "id": "threat-actor--d140508f-2dbe-5e4a-b332-91b47b0bfa48", "created": "2026-06-24T22:22:13.25704Z", "modified": "2026-06-24T22:22:13.25704Z", "name": "Group123" }, { "type": "report", "spec_version": "2.1", "id": "report--e3df8f18-4f6a-4977-a2dc-3eefa0067574", "created_by_ref": "identity--ce40c63e-51d4-4ec5-a85b-2d76cd5ec7d1", "created": "2026-06-24T22:22:13.259567Z", "modified": "2026-06-24T22:22:13.259567Z", "name": "Fake AV Investigation Unearths KevDroid, New Android Malware", "published": "2018-04-02T00:00:00Z", "object_refs": [ "identity--ce40c63e-51d4-4ec5-a85b-2d76cd5ec7d1", "domain-name--81d53885-0f88-429e-9f18-bfd41ab20c4c", "file--c9555045-62e3-40f1-834b-45364f686bb8", "url--be6d146c-9169-4689-98d1-281748e70793", "url--b0fdb4e2-6d67-4774-9916-21a2e73fdecb", "url--fa5df14a-774a-4aa8-9c93-095ad759ddf4", "url--737d2e35-f5d1-4991-9e51-5a6e907bafe0", "url--e4e3e649-17f5-40ba-bbcc-25c4344a5f41", "domain-name--3e4b1849-89f1-499f-850b-eede12cf46c0", "domain-name--46c681f2-bb88-4cea-9fa4-ae8e66106ca5", "file--65fe78a4-b3ec-48e9-9672-2d2879eec1c8", "file--a97b84de-4747-4621-8a6e-08a77234a70d", "file--7feed3ac-939a-4e73-8b19-838ba5073b59", "file--ce755451-c226-4f4e-b1ad-3e36ddb6f0fc", "file--832e86f6-cb0d-4037-b983-947f5782902e", "file--6da7b63b-a426-456a-95fc-e42ba63716d2", "file--31186c6c-1e38-4e3d-843e-6805b7f8ae6d", "file--a3964bfa-1cbc-46fd-9002-514f8dab56b5", "file--b8aba20b-5e67-4f31-8a24-49651bf319fb", "url--792321cc-19ff-43d0-b03f-71b67824ea99", "url--127d76d6-de62-4063-b53c-c2ca6ac29275", "url--9f3989ae-4fc4-416e-ae75-b13bfde71776", "url--6c20c600-451e-4b55-8479-170662ec79c0", "threat-actor--d140508f-2dbe-5e4a-b332-91b47b0bfa48" ], "external_references": [ { "source_name": "source", "url": "http://blog.talosintelligence.com/2018/04/fake-av-investigation-unearths-kevdroid.html" } ] } ] }