{
  "type": "malware",
  "spec_version": "2.1",
  "id": "malware--5a5dca4c-03c1-4b99-bfcf-c206e20aa663",
  "created": "2020-06-26T15:12:39.648Z",
  "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
  "external_references": [
    {
      "source_name": "mitre-attack",
      "url": "https://attack.mitre.org/software/S0479",
      "external_id": "S0479"
    },
    {
      "source_name": "ESET DEFENSOR ID",
      "description": "L. Stefanko. (2020, May 22). Insidious Android malware gives up all malicious features but one to gain stealth. Retrieved June 26, 2020.",
      "url": "https://www.welivesecurity.com/2020/05/22/insidious-android-malware-gives-up-all-malicious-features-but-one-gain-stealth/"
    }
  ],
  "object_marking_refs": [
    "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
  ],
  "modified": "2025-04-25T14:40:27.329Z",
  "name": "DEFENSOR ID",
  "description": "[DEFENSOR ID](https://attack.mitre.org/software/S0479) is a banking trojan capable of clearing a victim’s bank account or cryptocurrency wallet and taking over email or social media accounts. [DEFENSOR ID](https://attack.mitre.org/software/S0479) performs the majority of its malicious functionality by abusing Android’s accessibility service.(Citation: ESET DEFENSOR ID) ",
  "is_family": true,
  "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
  "x_mitre_platforms": [
    "Android"
  ],
  "x_mitre_deprecated": false,
  "x_mitre_domains": [
    "mobile-attack"
  ],
  "x_mitre_version": "1.0",
  "x_mitre_attack_spec_version": "3.2.0",
  "x_mitre_contributors": [
    "Lukáš Štefanko, ESET"
  ],
  "x_mitre_aliases": [
    "DEFENSOR ID"
  ]
}