{
    "id": "1797077",
    "ioc": "jsonapi.biz",
    "ioc_type": "domain",
    "threat_type": "botnet_cc",
    "malware": "unknown",
    "malware_printable": "Unknown malware",
    "malware_alias": null,
    "confidence_level": "49",
    "first_seen": "2026-04-24 08:50:31 UTC",
    "last_seen": null,
    "reporter": null,
    "reference": "https:\/\/www.cyfirma.com\/research\/kycshadow-an-android-banking-malware-exploiting-fake-kyc-workflows-for-credential-and-otp-theft\/",
    "threatfox_link": "https:\/\/threatfox\/ioc\/1797077",
    "tags": [
        "KYCShadow"
    ]
}