The dark cloud around GCP service accounts | Red Canary
Common Information
Type Value
UUID 4bc271dc-d94b-47d6-bf76-c0f57c2cff9b
Fingerprint 3fa8d091136610c5
Analysis status DONE
Considered CTI value 0
Text language
Published Dec. 5, 2024, midnight
Added to db Dec. 5, 2024, 11:24 p.m.
Last updated Dec. 24, 2024, 2:50 p.m.
Headline UNKNOWN
Title The dark cloud around GCP service accounts | Red Canary
Detected Hints/Tags/Attributes 49/1/37
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 360 Red Canary https://www.redcanary.co/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 4
iam.gserviceaccount.com
Details Domain 3
project-id.iam.gserviceaccount.com
Details Domain 60
accounts.google.com
Details Domain 9
oauth2.googleapis.com
Details Domain 31
www.googleapis.com
Details Domain 19
googleapis.com
Details Domain 2
project.iam.gserviceaccount.com
Details Domain 1
request.name
Details Domain 5
type.googleapis.com
Details Domain 7
google.cloud
Details Domain 6
iam.googleapis.com
Details Domain 4
cloudaudit.googleapis.com
Details Domain 72
cloud.google.com
Details Email 1
some-name@project-id.iam.gserviceaccount.com
Details Email 1
test-account@project.iam.gserviceaccount.com
Details Email 1
serviceaccounts/test-account@project.iam.gserviceaccount.com
Details Email 1
svc-acct@project.iam.gserviceaccount.com
Details Email 1
iam.googleapis.com/projects/project/serviceaccounts/svc-acct@project.iam.gserviceaccount.com
Details Email 1
projects/-/serviceaccounts/svc-acct@project.iam.gserviceaccount.com
Details Email 1
projects/project/serviceaccounts/svc-acct@project.iam.gserviceaccount.com
Details File 1
access_key.json
Details File 9
request.json
Details File 84
response.json
Details File 2
access.json
Details File 10
access_tokens.db
Details File 11
credentials.db
Details File 1
service-accounts.key
Details md5 1
4ecd39c540d5451199b2c2d11f93ec5c
Details sha1 3
0123456789012345678901234567890123456789
Details IPv4 677
0.0.0.0
Details Url 1
https://iam.googleapis.com/v1/projects/<project>/serviceaccounts/test-account@<project-id>.iam.gserviceaccount.com/keys
Details Url 3
https://accounts.google.com/o/oauth2/auth
Details Url 4
https://oauth2.googleapis.com/token
Details Url 3
https://www.googleapis.com/oauth2/v1/certs
Details Url 1
https://www.googleapis.com/robot/v1/metadata/x509
Details Url 1
https://cloud.google.com/docs/authentication/token-types#access
Details Url 1
https://cloud.google.com/iam/docs/service-account-creds#short