Scanning your iPhone for Pegasus, NSO Group's malware
Tags
| attack-pattern: | Data Model Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | c1106000-4664-43dd-93b1-64fbc1b3ac0d |
| Fingerprint | bc48830c0127d3c2 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | July 25, 2021, midnight |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Nov. 17, 2024, 11:40 p.m. |
| Headline | Scanning your iPhone for Pegasus, NSO Group's malware |
| Title | Scanning your iPhone for Pegasus, NSO Group's malware |
| Detected Hints/Tags/Attributes | 36/1/15 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4128 | github.com |
|
| Details | Domain | 291 | raw.githubusercontent.com |
|
| Details | File | 1 | cache_files.json |
|
| Details | File | 1 | net_usage.json |
|
| Details | File | 1 | safari_favicon.json |
|
| Details | File | 1 | version_history.json |
|
| Details | File | 1 | webkit_indexeddb.json |
|
| Details | File | 1 | webkit_local_storage.json |
|
| Details | File | 1 | webkit_safari_view_service.json |
|
| Details | File | 1 | favicon.db |
|
| Details | File | 1 | _detected.json |
|
| Details | Github username | 4 | mvt-project |
|
| Details | Github username | 6 | amnestytech |
|
| Details | Url | 1 | https://github.com/mvt-project/mvt.git |
|
| Details | Url | 1 | https://raw.githubusercontent.com/amnestytech/investigations/master/2021-07-18_nso/pegasus.stix2 |