cti/mobile-attack/x-mitre-analytic/x-mitre-analytic--72604d06-ac1b-4d57-adb4-f303f2f82055.json

{
    "type": "bundle",
    "id": "bundle--56982b1c-0872-47a5-b28e-fc7abd623656",
    "spec_version": "2.0",
    "objects": [
        {
            "type": "x-mitre-analytic",
            "id": "x-mitre-analytic--72604d06-ac1b-4d57-adb4-f303f2f82055",
            "created": "2025-10-21T15:10:28.402Z",
            "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "external_references": [
                {
                    "source_name": "mitre-attack",
                    "url": "https://attack.mitre.org/detectionstrategies/DET0681#AN1787",
                    "external_id": "AN1787"
                }
            ],
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
            "modified": "2025-10-21T15:10:28.402Z",
            "name": "Analytic 1787",
            "description": "The user can view permissions granted to an application in device settings. \nApplication vetting services typically flag permissions requested by an application, which can be reviewed by an administrator. Certain dangerous permissions, such as `RECEIVE_SMS`, could receive additional scrutiny.",
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "x_mitre_version": "1.0",
            "x_mitre_attack_spec_version": "3.3.0",
            "x_mitre_domains": [
                "mobile-attack"
            ],
            "x_mitre_platforms": [
                "iOS"
            ],
            "x_mitre_log_source_references": [
                {
                    "x_mitre_data_component_ref": "x-mitre-data-component--56c2b384-77f8-461f-a71a-76f7888ebfb6",
                    "name": "User Interface",
                    "channel": "None"
                },
                {
                    "x_mitre_data_component_ref": "x-mitre-data-component--b1e0bb80-23d4-44f2-b919-7e9c54898f43",
                    "name": "Application Vetting",
                    "channel": "None"
                }
            ],
            "x_mitre_deprecated": false
        }
    ]
}