misp-circl-feed/feeds/circl/stix-2.1/5474459d-1c60-456a-b057-4bdc950d210b.json

685 lines
28 KiB
JSON
Raw Permalink Normal View History

2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--5474459d-1c60-456a-b057-4bdc950d210b",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-26T10:52:09.000Z",
"modified": "2015-01-26T10:52:09.000Z",
"name": "CthulhuSPRL.be",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5474459d-1c60-456a-b057-4bdc950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-26T10:52:09.000Z",
"modified": "2015-01-26T10:52:09.000Z",
"name": "OSINT Operation Double Tap from FireEye",
"published": "2015-01-26T16:53:53Z",
"object_refs": [
"observed-data--547445a7-3164-46d3-9c23-4e61950d210b",
"url--547445a7-3164-46d3-9c23-4e61950d210b",
"x-misp-attribute--547445c3-5b5c-49a6-a928-45a5950d210b",
"x-misp-attribute--547445c3-24b8-4f71-bd6c-4ccd950d210b",
"x-misp-attribute--547445c3-eca0-4eda-82aa-493a950d210b",
"x-misp-attribute--547445c3-7c64-41bb-882f-40b8950d210b",
"x-misp-attribute--547445dc-8fa4-48fc-8ba8-9e39950d210b",
"vulnerability--547445f6-b298-4ea9-93fa-f86d950d210b",
"vulnerability--547445f6-e44c-4db8-8e83-f86d950d210b",
"indicator--54744638-bbb8-480b-a710-476e950d210b",
"indicator--54744638-9f64-4b40-b6b3-476e950d210b",
"indicator--54744638-5f98-4012-a6ed-476e950d210b",
"indicator--54744638-10bc-4f77-9945-476e950d210b",
"x-misp-attribute--54744678-280c-4a9c-ae2d-4d12950d210b",
"x-misp-attribute--54744678-2fd4-45f2-a1a1-49db950d210b",
"x-misp-attribute--54744678-8284-4572-b6ea-4112950d210b",
"indicator--547446a9-8200-4d85-b473-4eae950d210b",
"indicator--547446a9-90e4-4653-ab99-4ddf950d210b",
"indicator--547446a9-409c-428c-ba14-4d62950d210b",
"indicator--547446a9-799c-4f23-a52f-4871950d210b",
"indicator--547446c2-a09c-4a4b-8f91-44a4950d210b",
"indicator--547446c2-bef4-4f07-88b0-48f5950d210b",
"indicator--547446e7-7414-4a27-9505-4d81950d210b",
"indicator--547446e7-d078-4cbf-9780-49fe950d210b",
"indicator--5474472c-1498-40ec-94a9-402d950d210b",
"indicator--54744751-3e1c-47e7-b3ba-428b950d210b",
"indicator--54744751-596c-4935-81e9-4238950d210b",
"indicator--54744751-2a40-4cad-89da-4e6c950d210b",
"observed-data--5474477a-bf40-4c76-8817-476e950d210b",
"url--5474477a-bf40-4c76-8817-476e950d210b",
"x-misp-attribute--547447f6-e394-440d-9044-4066950d210b",
"x-misp-attribute--547447f6-39d0-4340-8a51-4986950d210b"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT"
],
"object_marking_refs": [
"marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--547445a7-3164-46d3-9c23-4e61950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:02:31.000Z",
"modified": "2014-11-25T09:02:31.000Z",
"first_observed": "2014-11-25T09:02:31Z",
"last_observed": "2014-11-25T09:02:31Z",
"number_observed": 1,
"object_refs": [
"url--547445a7-3164-46d3-9c23-4e61950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--547445a7-3164-46d3-9c23-4e61950d210b",
"value": "https://www.fireeye.com/blog/threat-research/2014/11/operation_doubletap.html"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--547445c3-5b5c-49a6-a928-45a5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:02:59.000Z",
"modified": "2014-11-25T09:02:59.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "APT3"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--547445c3-24b8-4f71-bd6c-4ccd950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:02:59.000Z",
"modified": "2014-11-25T09:02:59.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "UPS"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--547445c3-eca0-4eda-82aa-493a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:02:59.000Z",
"modified": "2014-11-25T09:02:59.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "Operation Clandestine Fox"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--547445c3-7c64-41bb-882f-40b8950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:02:59.000Z",
"modified": "2014-11-25T09:02:59.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "Clandestine Fox"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--547445dc-8fa4-48fc-8ba8-9e39950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:03:24.000Z",
"modified": "2014-11-25T09:03:24.000Z",
"labels": [
"misp:type=\"comment\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "comment",
"x_misp_value": "Data entered by David ANDRE"
},
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--547445f6-b298-4ea9-93fa-f86d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:03:50.000Z",
"modified": "2014-11-25T09:03:50.000Z",
"name": "CVE-2014-6332",
"labels": [
"misp:type=\"vulnerability\"",
"misp:category=\"Payload delivery\""
],
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2014-6332"
}
]
},
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--547445f6-e44c-4db8-8e83-f86d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:03:50.000Z",
"modified": "2014-11-25T09:03:50.000Z",
"name": "CVE-2014-4113",
"labels": [
"misp:type=\"vulnerability\"",
"misp:category=\"Payload delivery\""
],
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2014-4113"
}
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54744638-bbb8-480b-a710-476e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:04:55.000Z",
"modified": "2014-11-25T09:04:55.000Z",
"pattern": "[file:hashes.MD5 = '5a0c4e1925c76a959ab0588f683ab437']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-11-25T09:04:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54744638-9f64-4b40-b6b3-476e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:04:56.000Z",
"modified": "2014-11-25T09:04:56.000Z",
"pattern": "[file:hashes.MD5 = '492a839a3bf9c61b7065589a18c5aa8d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-11-25T09:04:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54744638-5f98-4012-a6ed-476e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:04:56.000Z",
"modified": "2014-11-25T09:04:56.000Z",
"pattern": "[file:hashes.MD5 = '744a17a3bc6dbd535f568ef1e87d8b9a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-11-25T09:04:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54744638-10bc-4f77-9945-476e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:04:56.000Z",
"modified": "2014-11-25T09:04:56.000Z",
"pattern": "[file:hashes.MD5 = '5c08957f05377004376e6a622406f9aa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-11-25T09:04:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--54744678-280c-4a9c-ae2d-4d12950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:06:00.000Z",
"modified": "2014-11-25T09:06:00.000Z",
"labels": [
"misp:type=\"pattern-in-file\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
],
"x_misp_category": "Artifacts dropped",
"x_misp_type": "pattern-in-file",
"x_misp_value": "%USERPROFILE%\\Documents\\Visual Studio 2008\\Projects\\MShell\\Release\\MShell.pdb"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--54744678-2fd4-45f2-a1a1-49db950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:06:00.000Z",
"modified": "2014-11-25T09:06:00.000Z",
"labels": [
"misp:type=\"pattern-in-file\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
],
"x_misp_category": "Artifacts dropped",
"x_misp_type": "pattern-in-file",
"x_misp_value": "%USERPROFILE%\\Documents\\Visual Studio 2008\\Projects\\4113\\Release\\4113.pdb"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--54744678-8284-4572-b6ea-4112950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:06:00.000Z",
"modified": "2014-11-25T09:06:00.000Z",
"labels": [
"misp:type=\"pattern-in-file\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
],
"x_misp_category": "Artifacts dropped",
"x_misp_type": "pattern-in-file",
"x_misp_value": "%USERPROFILE%\\Documents\\Visual Studio 2010\\Projects\\MyRat\\Client\\Client\\obj\\x86\\Release\\Client.pdb"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--547446a9-8200-4d85-b473-4eae950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:06:49.000Z",
"modified": "2014-11-25T09:06:49.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.157.198.103']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-11-25T09:06:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--547446a9-90e4-4653-ab99-4ddf950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:06:49.000Z",
"modified": "2014-11-25T09:06:49.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.109.99.64']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-11-25T09:06:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--547446a9-409c-428c-ba14-4d62950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:06:49.000Z",
"modified": "2014-11-25T09:06:49.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.184.60.229']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-11-25T09:06:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--547446a9-799c-4f23-a52f-4871950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:06:49.000Z",
"modified": "2014-11-25T09:06:49.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.55.115.71']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-11-25T09:06:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--547446c2-a09c-4a4b-8f91-44a4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:07:14.000Z",
"modified": "2014-11-25T09:07:14.000Z",
"pattern": "[domain-name:value = 'inform.bedircati.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-11-25T09:07:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--547446c2-bef4-4f07-88b0-48f5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:07:14.000Z",
"modified": "2014-11-25T09:07:14.000Z",
"pattern": "[domain-name:value = 'pn.lamb-site.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-11-25T09:07:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--547446e7-7414-4a27-9505-4d81950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:07:51.000Z",
"modified": "2014-11-25T09:07:51.000Z",
"pattern": "[domain-name:value = 'securitywap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-11-25T09:07:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--547446e7-d078-4cbf-9780-49fe950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:07:51.000Z",
"modified": "2014-11-25T09:07:51.000Z",
"pattern": "[domain-name:value = 'www.securitywap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-11-25T09:07:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5474472c-1498-40ec-94a9-402d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:09:00.000Z",
"modified": "2014-11-25T09:09:00.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.151.248.173']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-11-25T09:09:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54744751-3e1c-47e7-b3ba-428b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:09:37.000Z",
"modified": "2014-11-25T09:09:37.000Z",
"pattern": "[domain-name:value = 'join.playboysplus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-11-25T09:09:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54744751-596c-4935-81e9-4238950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:09:37.000Z",
"modified": "2014-11-25T09:09:37.000Z",
"pattern": "[domain-name:value = 'walterclean.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-11-25T09:09:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54744751-2a40-4cad-89da-4e6c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:09:37.000Z",
"modified": "2014-11-25T09:09:37.000Z",
"pattern": "[domain-name:value = 'www.walterclean.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-11-25T09:09:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5474477a-bf40-4c76-8817-476e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:10:18.000Z",
"modified": "2014-11-25T09:10:18.000Z",
"first_observed": "2014-11-25T09:10:18Z",
"last_observed": "2014-11-25T09:10:18Z",
"number_observed": 1,
"object_refs": [
"url--5474477a-bf40-4c76-8817-476e950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5474477a-bf40-4c76-8817-476e950d210b",
"value": "https://github.com/fireeye/iocs/tree/master/APT3"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--547447f6-e394-440d-9044-4066950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:12:22.000Z",
"modified": "2014-11-25T09:12:22.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "Double Tap"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--547447f6-39d0-4340-8a51-4986950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-11-25T09:12:22.000Z",
"modified": "2014-11-25T09:12:22.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "Operation Double Tap"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:GREEN",
"definition": {
"tlp": "green"
}
}
]
}