cti-ATT-CK-v13.1/mobile-attack/relationship/relationship--085f8397-0233-42d7-855e-3dbd709f2eca.json

{
    "type": "bundle",
    "id": "bundle--40789f29-434e-4bcf-9ad8-2ab627163460",
    "spec_version": "2.0",
    "objects": [
        {
            "type": "relationship",
            "id": "relationship--085f8397-0233-42d7-855e-3dbd709f2eca",
            "created": "2023-01-18T21:39:27.823Z",
            "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "revoked": false,
            "external_references": [
                {
                    "source_name": "nccgroup_sharkbot_0322",
                    "description": "RIFT: Research and Intelligence Fusion Team. (2022, March 3). SharkBot: a \u201cnew\u201d generation Android banking Trojan being distributed on Google Play Store. Retrieved January 18, 2023.",
                    "url": "https://research.nccgroup.com/2022/03/03/sharkbot-a-new-generation-android-banking-trojan-being-distributed-on-google-play-store/"
                }
            ],
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
            "modified": "2023-03-27T18:30:43.093Z",
            "description": "[SharkBot](https://attack.mitre.org/software/S1055) can use the Android \u201cDirect Reply\u201d feature to spread the malware to other devices. It can also download the full version of the malware after initial device compromise.(Citation: nccgroup_sharkbot_0322)",
            "relationship_type": "uses",
            "source_ref": "malware--9cd72f5c-bec0-4f7e-bb6d-296937116291",
            "target_ref": "attack-pattern--6c49d50f-494d-4150-b774-a655022d20a6",
            "x_mitre_deprecated": false,
            "x_mitre_version": "0.1",
            "x_mitre_attack_spec_version": "3.1.0",
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5"
        }
    ]
}