{ "type": "bundle", "id": "bundle--7cd8c0ca-393f-42f6-a0b2-ad4473ca33d4", "spec_version": "2.0", "objects": [ { "modified": "2022-10-24T15:09:07.609Z", "name": "X-Agent for Android", "description": "[X-Agent for Android](https://attack.mitre.org/software/S0314) is Android malware that was placed in a repackaged version of a Ukrainian artillery targeting application. The malware reportedly retrieved general location data on where the victim device was used, and therefore could likely indicate the potential location of Ukrainian artillery. (Citation: CrowdStrike-Android) Is it tracked separately from the [CHOPSTICK](https://attack.mitre.org/software/S0023).", "labels": [ "malware" ], "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5", "x_mitre_domains": [ "mobile-attack" ], "x_mitre_version": "1.0", "x_mitre_attack_spec_version": "2.1.0", "type": "malware", "id": "malware--56660521-6db4-4e5a-a927-464f22954b7c", "created": "2017-10-25T14:48:42.034Z", "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5", "external_references": [ { "source_name": "mitre-attack", "url": "https://attack.mitre.org/software/S0314", "external_id": "S0314" }, { "source_name": "X-Agent for Android", "description": "(Citation: CrowdStrike-Android)" }, { "source_name": "CrowdStrike-Android", "description": "CrowdStrike Global Intelligence Team. (2016). Use of Fancy Bear Android Malware in Tracking of Ukrainian FIeld Artillery Units. Retrieved February 6, 2017.", "url": "https://www.crowdstrike.com/wp-content/brochures/FancyBearTracksUkrainianArtillery.pdf" } ], "object_marking_refs": [ "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168" ] } ] }