301 lines
1.7 MiB
JSON
301 lines
1.7 MiB
JSON
|
{
|
||
|
"type": "bundle",
|
||
|
"id": "bundle--599fface-7180-4d35-ad21-4808950d210f",
|
||
|
"objects": [
|
||
|
{
|
||
|
"type": "identity",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2017-08-25T11:30:06.000Z",
|
||
|
"modified": "2017-08-25T11:30:06.000Z",
|
||
|
"name": "CIRCL",
|
||
|
"identity_class": "organization"
|
||
|
},
|
||
|
{
|
||
|
"type": "report",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "report--599fface-7180-4d35-ad21-4808950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2017-08-25T11:30:06.000Z",
|
||
|
"modified": "2017-08-25T11:30:06.000Z",
|
||
|
"name": "OSINT - New Version of \u00e2\u20ac\u0153Trickbot\u00e2\u20ac\u009d Adds Worm Propagation Module",
|
||
|
"published": "2017-08-25T13:29:00Z",
|
||
|
"object_refs": [
|
||
|
"observed-data--59a0074f-1610-4e0e-8bac-429e950d210f",
|
||
|
"url--59a0074f-1610-4e0e-8bac-429e950d210f",
|
||
|
"x-misp-attribute--59a007de-d9e8-4fdf-80cf-4dbb950d210f",
|
||
|
"observed-data--59a008d3-e8e8-4e9a-a62f-432f950d210f",
|
||
|
"file--59a008d3-e8e8-4e9a-a62f-432f950d210f",
|
||
|
"artifact--59a008d3-e8e8-4e9a-a62f-432f950d210f",
|
||
|
"observed-data--59a008e1-2680-42a5-b898-4c8f950d210f",
|
||
|
"file--59a008e1-2680-42a5-b898-4c8f950d210f",
|
||
|
"artifact--59a008e1-2680-42a5-b898-4c8f950d210f",
|
||
|
"observed-data--59a008f1-9290-40af-95e1-4d2d950d210f",
|
||
|
"file--59a008f1-9290-40af-95e1-4d2d950d210f",
|
||
|
"artifact--59a008f1-9290-40af-95e1-4d2d950d210f",
|
||
|
"observed-data--59a008fe-b2e8-4bdd-8587-4dc5950d210f",
|
||
|
"file--59a008fe-b2e8-4bdd-8587-4dc5950d210f",
|
||
|
"artifact--59a008fe-b2e8-4bdd-8587-4dc5950d210f",
|
||
|
"observed-data--59a008ff-61c8-42fa-8dea-4516950d210f",
|
||
|
"file--59a008ff-61c8-42fa-8dea-4516950d210f",
|
||
|
"artifact--59a008ff-61c8-42fa-8dea-4516950d210f",
|
||
|
"observed-data--59a008ff-67ac-45b8-b693-4b86950d210f",
|
||
|
"file--59a008ff-67ac-45b8-b693-4b86950d210f",
|
||
|
"artifact--59a008ff-67ac-45b8-b693-4b86950d210f"
|
||
|
],
|
||
|
"labels": [
|
||
|
"Threat-Report",
|
||
|
"misp:tool=\"MISP-STIX-Converter\"",
|
||
|
"misp-galaxy:tool=\"Trick Bot\"",
|
||
|
"type:OSINT",
|
||
|
"osint:source-type=\"blog-post\"",
|
||
|
"trickbot"
|
||
|
],
|
||
|
"object_marking_refs": [
|
||
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--59a0074f-1610-4e0e-8bac-429e950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2017-08-25T11:17:35.000Z",
|
||
|
"modified": "2017-08-25T11:17:35.000Z",
|
||
|
"first_observed": "2017-08-25T11:17:35Z",
|
||
|
"last_observed": "2017-08-25T11:17:35Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--59a0074f-1610-4e0e-8bac-429e950d210f"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--59a0074f-1610-4e0e-8bac-429e950d210f",
|
||
|
"value": "https://www.flashpoint-intel.com/blog/new-version-trickbot-adds-worm-propagation-module/"
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-attribute",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-attribute--59a007de-d9e8-4fdf-80cf-4dbb950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2017-08-25T11:19:58.000Z",
|
||
|
"modified": "2017-08-25T11:19:58.000Z",
|
||
|
"labels": [
|
||
|
"misp:type=\"comment\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
],
|
||
|
"x_misp_category": "External analysis",
|
||
|
"x_misp_type": "comment",
|
||
|
"x_misp_value": "On July 27, 2017, in coordination with Luciano Martins, Director of Cyber Risk Services at Deloitte, Flashpoint observed a new version \u00e2\u20ac\u201c \u00e2\u20ac\u01531000029\u00e2\u20ac\u009d \u00e2\u20ac\u201c of the formidable \u00e2\u20ac\u0153Trickbot\u00e2\u20ac\u009d banking Trojan with a new \u00e2\u20ac\u0153worm64Dll\u00e2\u20ac\u009d module, spread via the email spam vector, impersonating invoices from a large international financial institution."
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--59a008d3-e8e8-4e9a-a62f-432f950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2017-08-25T11:24:03.000Z",
|
||
|
"modified": "2017-08-25T11:24:03.000Z",
|
||
|
"first_observed": "2017-08-25T11:24:03Z",
|
||
|
"last_observed": "2017-08-25T11:24:03Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"file--59a008d3-e8e8-4e9a-a62f-432f950d210f",
|
||
|
"artifact--59a008d3-e8e8-4e9a-a62f-432f950d210f"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"attachment\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "file",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "file--59a008d3-e8e8-4e9a-a62f-432f950d210f",
|
||
|
"name": "image1.png",
|
||
|
"content_ref": "artifact--59a008d3-e8e8-4e9a-a62f-432f950d210f"
|
||
|
},
|
||
|
{
|
||
|
"type": "artifact",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "artifact--59a008d3-e8e8-4e9a-a62f-432f950d210f",
|
||
|
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAAA84AAAFfCAYAAACfsJWXAAAABGdBTUEAALGPC/xhBQAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAACXBIWXMAABcSAAAXEgFnn9JSAAABWWlUWHRYTUw6Y29tLmFkb2JlLnhtcAAAAAAAPHg6eG1wbWV0YSB4bWxuczp4PSJhZG9iZTpuczptZXRhLyIgeDp4bXB0az0iWE1QIENvcmUgNS40LjAiPgogICA8cmRmOlJERiB4bWxuczpyZGY9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkvMDIvMjItcmRmLXN5bnRheC1ucyMiPgogICAgICA8cmRmOkRlc2NyaXB0aW9uIHJkZjphYm91dD0iIgogICAgICAgICAgICB4bWxuczp0aWZmPSJodHRwOi8vbnMuYWRvYmUuY29tL3RpZmYvMS4wLyI+CiAgICAgICAgIDx0aWZmOk9yaWVudGF0aW9uPjE8L3RpZmY6T3JpZW50YXRpb24+CiAgICAgIDwvcmRmOkRlc2NyaXB0aW9uPgogICA8L3JkZjpSREY+CjwveDp4bXBtZXRhPgpMwidZAABAAElEQVR4AexdB3wVRRP/pxcSEgIESCih996l6KeIYsGOiEoRpIrSO1KkSZcqHRFQQCkWVFREQKSXEHogBJIQkpCQ3vO+/9y9e3kvjQQCgt78snm3t31uy8zs7KzV+vXrDR4eHmjTpg3S09Ohg44BDQPW1ta4fv06SpUqhbCwMJQtWxaurq5asP77H8dASEgIYmJiULx4cWRkZDx4bFhZwdEqBWvmT8I1z44Y170VUpPSYGebgpXjByC5xUcY8EJDWNkkYsuUsViz/zzraI8uo2ehcfJujP3mOhbPnAgvdxtc+O0LDFv8NyYtmIsGpR2Qmp7ZHjsHOxz6egZm7ozC7AWTUaGIDWysrbB9yRhc8HwFo95oCYNNHDZ8PAYbDvuzDEe8PXIG3n6iGlLjQjB75BBU7TYPrzcpjYyEq5gwcA6aDBiJjo28kJpqNudaWcMuIwFrZw3FlgPBRny6YcC0uXiuvqdl3AeP7TxLlLni5MmTKFOmjDJf/CP9IYca2tnZ4dTOpRiz+AcltHTbt7F0WBfY0Jd44zCGfTQR1zNqYOTQp7F152EMHTke3i789ja2CDv7K4YPn4+0ck9jVPdymLvzJhaN7Ydi9qnYumwiln1/Ci6VmmHetEko5xCCGcOHY49/PLqPm4fnKoVjyHsTEF6sJSYPboBZm/zw2cSh+GXZCIRXfQ8fvVAHSalpsGH9ws79hpHD5iGCdXKr3h6LZg6G482DGPrRZFxLNPBda8z/ZAyKO6ZynBlyaOXD98qKYzMhIQF+fn5o3LgxpH88KmBvZ4OfV03Agq3HLar8eNcxaOd4EFuDymJ8/y5wRiI2LZ2C8yWfx5R3W+PM7+sxfNo6lKr7Bnq0z8DKw05Y/tHTmDr5YzTuMgkdG5fG0e1L8fUpe4wb0xtOoUfRd+ZXGDhyEtyubMOgT9YhiSXW6vA+pvV/BUhPsSj/UfZIf0hJScGJEyfQsGFD2Nvbw2B4ePuyLef8S7s3YMysjfzKQPFK/8PMCZ2xdNaneKrnVLSr44bdq6djT1xtjBjwGhCwD70/+wFTJkzCvs/ewtqL7vC+HYJQVy988uk8NPa2R4a1A4IPbsSHU9YhxWCLLqPmoesTVXHb/y+MW7oD/Yd/gmoe4FrCuef0TgwatRhpxR/D1AlP4rMRUxGYZECxmo9j/uSRKObw6MwFufVbGxsbhb6Mjo5GnTp1Hnr+w8raFlYxARg3ajh8g2SkqmDr6oH2bRph/7lIzJ0+Ed7utrjw+xcYsfQIxo/ojBkzxsCjSC0ER1xDtfbvYfoHr8M6IxV2SMH6OcOxce9VuFZugXlTx6OsmxV+WzsRf6Q9hsnvPY3UtHQ4kp7ZOHMc1v15Hv/rNBzNXY5hxurdSuEvDJiOAc/VQ3JqqladR/ZXaAahKatVq/bP0JMFwJyVxji3bdv2oe+4BWiXHrUQMCDEzrVr13TGuRBw+W/M4h9nnI1ItbW1gxXSuchkMru2dvZARhrSjAywMCi2RuI9LTUFGVY2sLcRYi4VQr7JomhvZ41UEnc58SbWNnYgPW2KL0XbsFxrA8s1liFlCkMtIGWkKxlZwY5EYkaaud+O/lRjuBLd4p95PpZ5WUR7qDwPK+MsSLImIWpnK6wyidKMdKSQYVWAggp7e+k7BkUoYWvD708CRCPnraxtYGdHYkm+cZoBttJfjGnl20t8ZmjsE/Kd2R/IICjf3mCl5s1w6ZcSN4V529jaM7/Mfin1sGJftLNnOXw2SFkpaTCY6ibvmIexnyr1fgT+PcqMs6DX9H3NcK2MWVjDxor9hQStFk/mgBR+Y2syAvbsL9LHJNjWxsBvnsE+xPGero536YvSbVKlH8k35qSSJn1O5iOmFchITzPlr7z4F/x71BhnQbmMf+2bKGOQ30zWmnTO5TK1W/PZBjK++bGN31L6xrIRL2KPex98O/lNJCUlWqwp5nma1ghJy/kplWuCJkswxZP5hcJVmVuU+YHMhfkc9Sh3jUeNcVZxra7nxmXeiH4DeacMZe03pyccHB2RfGUPnu85BqM+34XnazgiITnVYmyb1nrTOpKlXxlL0OiXdM4jGQYK2I3rWTr7jEbjPMp9Qer+KDHOykwtk1pQUNBDz+U/6h3jUau/TNQiJZYJTgcdAw8rBtK4eGQFIUrMIZ3EqUrqam/TkGz2wkAmOzlZC8v+K4SveXyJIYuWWRYKw2RkycwyIJGdYp6x+C3rZhZZeZS6Z88nayzdn18MCCOSTJcNhFgx++gpZHjMQWGyzT56SqZcRv32Fllm/a5kmnLIW4jurCDMcopZOUp4lrplTaP77y8GlLFt8X218jLIKmWCNgeQhFIY5mSz76j1l1SzuUj6oqmbKcSyMTf2AfO0mSXoT/8UBmT8Z/0mFt+S87+pLxi/pQMFIR5lKqG8SxEkJSYiOctcn1OeivCNAhZzyBrPfC4xj6c/P2gMZF3PM8s3ny4UeiIpGem2zqhUuTKcrFORmGRFIbsmllXT5bTWi4DOsjeQ1rCgXzJyXs8yq6I/3WcMKIyzm3sxVRJumtHvc6l69g8IA8L63gtQTdDJWWec7wWFelodAzoGdAzoGNAxoGPgX4+BZO4OvzhgLl6k3kpWpvlf33i9gRYYMFAd27pELSxc+LlyLCElC9NsEVn3PFIYsJXd5uMn/NCqVQsKvlRpiAhNRS3x0TmV9Ejh/MFUljyzqIOlp1EOJuLwuwAbqrYGBF7HE21bKmpCd5GFnuRfjgE5p6a5f3lT9eblgQHzPmD+nEcSPehfjgHpBwJ6f/iXf+h8Nk/rD//2PmHeznyi5j8ZzXxeMH/+tyFD7w/5+6KCJ+FHNZe/VP9MLFuprLOzExrUq22qQRIZZ0ddO9eEj0f1QdSKUpJTlI54N22Q831x8QnK+Q1b2wy4iNEcHXQMGDFgz3OZ6TRgk5qapB/z+I/3CtX4U4beH/7j/UBrvhA/aWnJXHvkTGYyjYPdnfBWy0//fbQxIP1BzuZq/YHKp4pA5dFulV77e8FARgZPiHNX1kCbD0JD6MaJ7wWbj35aMXwpZ7hTU0hP8ujDwwyKqrYm7ZHD2bK8cX4D7VrQ0MnDXHW9bnlhQF2oxMhI2l0zzpK/9Ak7uwxaR/XEgnmuNHiTV6kPLszOwYBWTxxVC7Q8NvLgKvEfLyk+Ph6BNB4nBpF00DGgrB9WYfc03+hY/PdggLooXD8MOHthv66x9O/5rHfdElmmZY44d/GA3h/uGov/roQa73HsxI1/V8P01hQYAzI/SH/4c/9FPhQ4+QNNoJpxfKBF6oU9ahiQ3eZLFz2wcOnDpLyfiMa/WOHYqTp5otNgcMwzXA/UMaBjQMeAjgEdAzoGdAzoGNAx8F/EgJWVuWmz/yIGCtZmnXEuGL7+s7FtbER14uHR31fYYYMz66Qzxv/ZTqk3XMeAjgEdAzoGdAzoGNA
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--59a008e1-2680-42a5-b898-4c8f950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2017-08-25T11:24:17.000Z",
|
||
|
"modified": "2017-08-25T11:24:17.000Z",
|
||
|
"first_observed": "2017-08-25T11:24:17Z",
|
||
|
"last_observed": "2017-08-25T11:24:17Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"file--59a008e1-2680-42a5-b898-4c8f950d210f",
|
||
|
"artifact--59a008e1-2680-42a5-b898-4c8f950d210f"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"attachment\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "file",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "file--59a008e1-2680-42a5-b898-4c8f950d210f",
|
||
|
"name": "image2.png",
|
||
|
"content_ref": "artifact--59a008e1-2680-42a5-b898-4c8f950d210f"
|
||
|
},
|
||
|
{
|
||
|
"type": "artifact",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "artifact--59a008e1-2680-42a5-b898-4c8f950d210f",
|
||
|
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAAB5wAAAPaCAYAAABLaiQiAAAMFGlDQ1BJQ0MgUHJvZmlsZQAASImVVwdYU8kWnltSCAktEOmE3pEiXXrvSAcbIQkQSoSEoGIviwquBRUL2NBVERXXAsiiIqJYWATs9YGIysq6WLCh8iYFdH3te+f7JvfPmXPO/Ofcc+ebAUDRlpWXl4MqAZDLLxDEBPkyk5JTmKRegAAUDiugxWIL83yio8MBlLHn3+XdLWgJ5bq1ONa/zv9XUeZwhWwAkGiI0zhCdi7EJwDA1dl5ggIACO1Qbzi7IE+MhyBWFUCCABBxMc6QYnUxTpNiK4lNXIwfxN4AkKksliADAAUxb2YhOwPGURBztOVzeHyIKyH2ZGeyOBA/gNgqN3cWxIpkiM3SvouT8beYaeMxWayMcSzNRSJkf54wL4c19/8sx/+W3BzR2BoGcFAzBcEx4pxh3Q5kzwoTYyrETfy0yCiIVSC+xONI7MX4XqYoOF5mP8gW+sGaAQaAL5vD8g+DWBtihig73keG7VkCiS+0RyN5BSFxMpwmmBUji48W8nMiw2VxVmZyQ8bwDq4wIHbMJp0XGAIx7DT0RFFmXKKUJ9payEuIhFgB4k5hdmyYzPdRUaZf5JiNQBQj5mwE8dt0QWCM1AZTzxWO5YXZsFmStWAvYN4FmXHBUl8siStMCh/jwOH6B0g5YBwuP17GDYPd5Rsj8y3Oy4mW2WM7uDlBMdI6Y0eFhbFjvt0FsMGkdcAeZ7FCo2VrvcsriI6TcsNREA78gD9gAhEcaWAWyAK8jsH6QfhPOhMIWEAAMgAXWMs0Yx6Jkhk+/I0FReBPiLhAOO7nK5nlgkKo/zKulf5ag3TJbKHEIxs8hTgX18Q9cXc8HP56w2GPu+CuY35MxbFViQFEf2IwMZBoPs6DDVnnwCEAvH+jC4NPLsxOzIU/lsO3eISnhC7CY8JNQg/hLkgATyRRZFYzeUsFPzBnggjQA6MFyrJLgzEHxmxwE8jaEffFPSB/yB1n4JrAGp8EM/HBvWBujlD7PUPROLdvtfxxPTHr7/OR6RUsFBxlLNLG34zfuNWPUfy+qxEHPsN+tMRWYsexNuwcdhlrwuoBEzuLNWDt2GkxHu+EJ5JOGFstRsItG8bhjdnY1tgO2H7+YW2WbH1xvYQF3DkF4o/Bb1beXAEvI7OA6QN3Yy4zhM+2sWLa29o5AyDe26VbxxuGZM9GGFe+6fKbAXAtgcqMbzqWIQCnngJAf/dNZ/gatvs6AE53skWCQqlOvB0DAqAARfhVaABdYAjMYD72wAm4A28QAEJBFIgDyWAGrHgmyIWcZ4P5YAkoBqVgHdgEtoGdYA84AA6DY6AeNIFz4CK4CjrBTXAf9kU/eAGGwDswgiAICaEhdEQD0UOMEUvEHnFBPJEAJByJQZKRVCQD4SMiZD6yDClFypBtyG6kGvkVOYWcQy4jXchdpBcZQF4jn1AMpaKqqA5qgk5EXVAfNAyNQ6ejGWg+WoQuR9egW9Aq9BBah55Dr6I30R70BTqMAUweY2D6mDXmgvlhUVgKlo4JsIVYCVaOVWFHsEb4nq9jPdgg9hEn4nSciVvD3gzG43E2no8vxFfj2/ADeB3eil/He/Eh/CuBRtAmWBLcCCGEJEIGYTahmFBO2Ec4SbgAv5t+wjsikcggmhKd4XeZTMwiziOuJm4n1hKbiV3EPuIwiUTSIFmSPEhRJBapgFRM2ko6RDpL6ib1kz6Q5cl6ZHtyIDmFzCcvJZeTD5LPkLvJz8gjckpyxnJuclFyHLm5cmvl9so1yl2T65cboShTTCkelDhKFmUJZQvlCOUC5QHljby8vIG8q/wUeZ78Yvkt8kflL8n3yn+kqlAtqH7UaVQRdQ11P7WZepf6hkajmdC8aSm0AtoaWjXtPO0R7YMCXcFGIUSBo7BIoUKhTqFb4aWinKKxoo/iDMUixXLF44rXFAeV5JRMlPyUWEoLlSqUTindVhpWpivbKUcp5yqvVj6ofFn5uQpJxUQlQIWjslxlj8p5lT46Rjek+9HZ9GX0vfQL9H5Voqqpaohqlmqp6mHVDtUhNRW1SWoJanPUKtROq/UwMIYJI4SRw1jLOMa4xfg0QWeCzwTuhFUTjkzonvBeXUvdW52rXqJeq35T/ZMGUyNAI1tjvUa9xkNNXNNCc4rmbM0dmhc0B7VUtdy12FolWse07mmj2hbaMdrztPdot2sP6+jqBOnk6WzVOa8zqMvQ9dbN0t2oe0Z3QI+u56nH09uod1bvD6Ya04eZw9zCbGUO6WvrB+uL9Hfrd+iPGJgaxBssNag1eGhIMXQxTDfcaNhiOGSkZxRhNN+oxuiesZyxi3Gm8WbjNuP3JqYmiSYrTOpNnpuqm4aYFpnWmD4wo5l5meWbVZndMCeau5hnm28377RALRwtMi0qLK5ZopZOljzL7ZZdVgQrVyu+VZXVbWuqtY91oXWNda8NwybcZqlNvc3LiUYTUyaun9g28auto22O7V7b+3YqdqF2S+0a7V7bW9iz7SvsbzjQHAIdFjk0OLyaZDmJO2nHpDuOdMcIxxWOLY5fnJydBE5HnAacjZxTnSudb7uoukS7rHa55Epw9XVd5Nrk+tHNya3A7ZjbX+7W7tnuB92fTzadzJ28d3Kfh4EHy2O3R48n0zPVc5dnj5e+F8uryuuxt6E3x3uf9zMfc58sn0M+L31tfQW+J33f+7n5LfBr9sf8g/xL/DsCVALiA7YFPAo0CMwIrAkcCnIMmhfUHEwIDgteH3w7RCeEHVIdMhTqHLogtDWMGhYbti3scbhFuCC8MQKNCI3YEPEg0jiSH1kfBaJCojZEPYw2jc6P/m0KcUr0lIopT2PsYubHtMXSY2fGHox9F+cbtzbufrxZvCi+JUExYVpCdcL7RP/EssSepIlJC5KuJmsm85IbUkgpCSn7UoanBkzdNLV/muO04mm3pptOnzP98gzNGTkzTs9UnMmaeTyVkJqYejD1MyuKVcUaTgtJq0wbYvuxN7NfcLw5GzkDXA9uGfdZukd6WfrzDI+MDRkDmV6Z5ZmDPD/eNt6rrOCsnVnvs6Oy92eP5iTm1OaSc1NzT/FV+Nn81lm6s+bM6sqzzCvO68l3y9+UPyQIE+wTIsLpwoYCVXjMaReZiX4S9RZ6FlYUfpidMPv4HOU5/Dntcy3mrpr7rCiw6Jd5+Dz2vJb5+vOXzO9d4LNg90JkYdrClkWGi5Yv6l8ctPjAEsqS7CW/L7VdWrb07bLEZY3LdZYvXt73U9BPNcUKxYLi2yvcV+xcia/krexY5bBq66qvJZySK6W2peWln1ezV1/52e7nLT+Prklf07HWae2OdcR1/HW31nutP1CmXFZU1rchYkPdRubGko1vN83cdLl8UvnOzZTNos09W8K3NGw12rpu6+dtmdtuVvhW1FZqV66qfL+ds717h/eOIzt1dpbu/LSLt+vO7qDddVUmVeV7iHsK9zzdm7C37ReXX6r3ae4r3fdlP39/z4GYA63VztXVB7UPrq1Ba0Q1A4emHeo87H+44Yj1kd21jNrSo+Co6Ogfv6b+eutY2LGW4y7Hj5wwPlF5kn6ypA6pm1s3VJ9Z39OQ3NB1KvRUS6N748nfbH7b36TfVHFa7fTaM5Qzy8+Mni06O9yc1zx4LuNcX8vMlvvnk87faJ3S2nEh7MKli4EXz7f5tJ295HGp6bLb5VNXXK7UX3W6Wtfu2H7yd8ffT3Y4ddRdc77W0Ona2dg1uetMt1f3uev+1y/eCLlx9Wbkza5b8bfu3J52u+cO587zuzl3X90rvDdyf/EDwoOSh0oPyx9pP6r6h/k/anucek73+ve2P459fL+P3ffiifDJ5/7lT2lPy5/pPat+bv+8aSBwoPOPqX/0v8h7MTJY/Kfyn5UvzV6e+Mv7r/ahpKH+V4JXo69Xv9F4s//tpLctw9HDj97lvht5X/JB48OBjy4f2z4lfno2Mvsz6fOWL+ZfGr+GfX0wmjs6mscSsCRHAQwOND0dgNf7AaAlw7NDJwAUBendSyKI9L4oQeA/Yen9TCJOAOz3BiB
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--59a008f1-9290-40af-95e1-4d2d950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2017-08-25T11:24:33.000Z",
|
||
|
"modified": "2017-08-25T11:24:33.000Z",
|
||
|
"first_observed": "2017-08-25T11:24:33Z",
|
||
|
"last_observed": "2017-08-25T11:24:33Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"file--59a008f1-9290-40af-95e1-4d2d950d210f",
|
||
|
"artifact--59a008f1-9290-40af-95e1-4d2d950d210f"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"attachment\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "file",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "file--59a008f1-9290-40af-95e1-4d2d950d210f",
|
||
|
"name": "image3.png",
|
||
|
"content_ref": "artifact--59a008f1-9290-40af-95e1-4d2d950d210f"
|
||
|
},
|
||
|
{
|
||
|
"type": "artifact",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "artifact--59a008f1-9290-40af-95e1-4d2d950d210f",
|
||
|
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAAA84AAAFmCAYAAAC8xcPyAAAABGdBTUEAALGPC/xhBQAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAACXBIWXMAABcSAAAXEgFnn9JSAAABWWlUWHRYTUw6Y29tLmFkb2JlLnhtcAAAAAAAPHg6eG1wbWV0YSB4bWxuczp4PSJhZG9iZTpuczptZXRhLyIgeDp4bXB0az0iWE1QIENvcmUgNS40LjAiPgogICA8cmRmOlJERiB4bWxuczpyZGY9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkvMDIvMjItcmRmLXN5bnRheC1ucyMiPgogICAgICA8cmRmOkRlc2NyaXB0aW9uIHJkZjphYm91dD0iIgogICAgICAgICAgICB4bWxuczp0aWZmPSJodHRwOi8vbnMuYWRvYmUuY29tL3RpZmYvMS4wLyI+CiAgICAgICAgIDx0aWZmOk9yaWVudGF0aW9uPjE8L3RpZmY6T3JpZW50YXRpb24+CiAgICAgIDwvcmRmOkRlc2NyaXB0aW9uPgogICA8L3JkZjpSREY+CjwveDp4bXBtZXRhPgpMwidZAABAAElEQVR4AexdB3gVRRe96QVIQg01CSX0joAKIioIVixgL6AoxYZSFEQpUgQFVMCu2FDs8qMoFgRFAem9J5QAIYEQEtLbf87um5d9Ly8hCYmSZO73nd3ZaTtzZnZ37szsjNuKFStysrOz5dSpU+Lm5ia9e/eW8iDu7u4SHR0t/v7+EhAQILGxsZKcnCy1atUS5ldL2WSA5cq6GhkZKZ06dZKcnJyymZFylmqWy7Fjx6RJkyZSqVKlcpY7nR0ysGnTJqlTp47xndCMlG0G+LyyPOvVq1cmv4lePl6y8Ys35atdnnLt1a0les1n8uwHsfLNio+kZWWRzGz9XWAN5fdx/fr10qpVK+O9rL+XZf+55Xf25MmT0q5dO8nKyirbGSpnqc/MzJSNGzdK+/btxcfHR7dP/+Xy9fDwkIiICElLS5MWLVqU2vPhac0XbxoVFVUuFEt2ApC8KlWqWLOozZoBzYBmQDOgGdAMlGEGsrPdpG6zENk17wVZ/kOO+FZpLq9+NF2aV/aA0pxZhnOmk64Z0AxoBjQDFzIDdsWZo7D169eXsLAwYa9JeRAqz+xh1b2s5aE0dR40A5oBzYBmQDMgkpWRLjVa9pFvfu+L77tgFoQ7kCMZGeWj7aLLWDOgGdAMaAYuTAbsijOVS04t4NTm8iSJiYlGdqhEU7QibdBQZg/W8rOay2yGyknCdVmUk4I8RzZYzlrKPgOqHNVzq67LUs5yME01W89ULbDIVLmW5XIuMIMVzFGX54Vd4Lp8/tvyUfwzFeqdVxopsivOpRH5hRNnlri7J4mHRxJ6pf2A//4f5+xsTCnL9BBTnb9wmLrQU+Lu7ob/FjLAW45kYtTB+qBc6Gkvz+lzQ7nk5GSJj7dXec5mhc4bfovFiF6auGN0T0vZZoDvUT6v2VmZeI+m4fcs3SFStkvUdeox3w4O2WhrpKOcvfT30jVNZcZWtX9YpnwXZ2f9923ZMkPev5DQTLxP1fPmYbxj9Xv1X6DdfovsbHfju8ZvW2k+H25qcbCYmBhp2bKltGnTxp6I8mBISzsrGzckyatzoqEwuxm4EPJVq/YpCW8RiY9ZBem7KFHSc4z/8N3dPUo0Vh3Z+TCQg44pDyzI0FI8PXWdPh8mL9SwBw4ckISEM3iHasX5Qi2joqQrG8O15hRn3X1bFN7Kml+WMxeDw4T2spZ0nV4XDKiRNHcPlKnWy1ww9N9a6eftP+Qfrzisdm08FsY7r5Sej3LfwvXwyJGjUYHy+VfB/2Fp5r11s/oR8r/kRhIZVzuvo7bRDJRJBviW4tzJUnpblUlOylOiw5EZrTSXpxLVedEMaAY0A5oBzYBmoPAMlHvFmVS4u194DXlvv2w5E8X/yb0LX1rap2ZAM6AZ0AxoBjQDmgHNgGZAM6AZ0Az86wzo4YN/nfLcG/I/XS2aAc2AZqC4DAwfclC+/Xa19Op+qrhR6HCaAc2AZkAzoBnQDGgGNAOFYMBhxFmpcepciPAXvJdz5aVyNZGmg0Sqt8LINNg4e1TkwFci0RsKlzX2PMydt0WyMt3kyRFtjYmqKuSIxyOkc5dTMmdqc1m/61/cT3oGUtATmAQsBQojK+DJD/AF+CtUGtAbiAeKIqvhOQW4siiByqbf117ZKlUCzO1PsrLcZMxDbSROch+pOwcck2tvOGosAufpmSU//1hHPv6svj2zVVBbZr21Tby8zAU+kpI85dHH2trdaXhkaKR0veQUFkRzxz/E2fL+m41kxWpUWps08k2R59/YhQURuCVLtkQf95NnxqEyO8nokQekdZvT+DfcHf8gZ8v8l8NlzdZAB19NqqTIhPk7ZNeOQJk2g9NyHWX61J1SvUaa+PpmyQtPtJJ98awwpvTvFy233HZYlnxXTz77sp6ydjjzj/Q54MzHN9tIw6jB7eS0OP6nfu+dUXJFrxiDk2VLa8sni3L5CpYMmfbuNswgYV5FTsd5yZMjc9dkeG7cXgkJSzJmmBi/9OF+Pj6Z8vF7jeTH5TXk0g7x8tjovZKaapYROcvEcxt3yjsPZxOe2yP1GyRjl4FMeWlCc9l8IO/z2zb0rIyZsgtrKFSX2a80csgrL16euV0CAjOQhiwZN7CNHBUfBz/k7Lp+x5DebFn1Ry155/0Qu3sNyZTpb2+T+NNeMvrp1nZ7Z0ODkGRp2y5OqtVMd3YyrkPxID/3zk6jfiSd9ZQRT+XyRQ/kLLxZgkx5spXsjcstT5eRaUvNgGZAM6AZ0AxoBjQDFZgBNEErrlRvKXL5WyKNbxEJ7ixSq6NIg14iXSaLdH4GeqRjOzcPUV6wodLcvsNpadUmHiqTo5reuMlZ6dApTqrWcN2ozRNhSVk0Q0RdgLpFiLCbLcxUnB8FagHLgRZAUeRieL6kKAHKnl8/lDOV5pat4+XDtxrK/JeaSI2aqTLng81CRYVy311RMnjoftm6parhvmljNRn00AEZeM8Rw72epMur722ROnWT5fWXm8j7bzSSZs3PyLy5W6SyrfvlsUci5bY7D0GpqmnEcSLaT0aP3yU3X3/CiKN1yFmZ/gEUUShmTMMXn4TKxZeelBen7TTc1WH0yP1yQ78j8uuy2vLKC02hKPrIuCk7pGfXOOVFWtROkslvbpeWreKlSVNzCze7o83QrEWCXHJprHwP5fhgPHtYcqVO/RSjrtdrwF4T18K/n1u3jZcOHU/Jog9D8yjNDBVcJ1W694g2OgBWLGIlNIVK/ayPN0tQ1XQjrx+/Gybt8NzNmbXNrnpTAbyo80lZ8Vuw4YecvPpiM1m3PMiIZMemKvLK9GaG29wXw+XLhSFGWtp3zOXBfr/wBOl2WYzR2bHnQCVlbT93aJIo42fuNPjic+5KWrRKQMfZSfl6UYgcd1Ka6b9GrTS5tHu0nIn3ll8WOK7B4IdVU9u0PY06dsZV1Ha7l55tKjd07ylLvnUMrzx4+ORIx04nJTTsrHz4epiytp/JWbv2cRIQnGG30wbNgGZAM6AZ0AxoBjQDmoG8DOQOj+V1K9c2/LO4+f1ovLbHqFMyFpA3Bw7FHdpwAAZ+qj+MQdcEka2v56WBytGo1/aIt3c2GsaxkpjojaXP8/ZBZGa4SXqauyQnecg1V56Uvjcck5+W1DVGv/LGep42cxCeA40cwFODlmqPy96wGw6sAF4FKBxV/gaIAYYApr4n8gXMFOpm6EwQDh7uAuinL4DReFkIXAQ8C2wGOLJN+Qtg3wFr1UrAxqlcBbOSx2G4FgDP0B1FPgEYn1UW46KyxYJpY5gLRKjUdLwoDuXuKSvWVjVSlXDGEyN/p6VKCDJ92AcdKWekYaNEObC3CmYbBEitumnywOBUadbCVEoD62bIJd1iZNfOIFm3M8CIIy3NA0pOnPgj/rMoyE4XnZK69ZJl5+YAI46ukZXk2uujJKxxkuE/uEGadO56Un79uZ7hHrQLq+Q+L0j
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--59a008fe-b2e8-4bdd-8587-4dc5950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2017-08-25T11:24:46.000Z",
|
||
|
"modified": "2017-08-25T11:24:46.000Z",
|
||
|
"first_observed": "2017-08-25T11:24:46Z",
|
||
|
"last_observed": "2017-08-25T11:24:46Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"file--59a008fe-b2e8-4bdd-8587-4dc5950d210f",
|
||
|
"artifact--59a008fe-b2e8-4bdd-8587-4dc5950d210f"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"attachment\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "file",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "file--59a008fe-b2e8-4bdd-8587-4dc5950d210f",
|
||
|
"name": "image4.png",
|
||
|
"content_ref": "artifact--59a008fe-b2e8-4bdd-8587-4dc5950d210f"
|
||
|
},
|
||
|
{
|
||
|
"type": "artifact",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "artifact--59a008fe-b2e8-4bdd-8587-4dc5950d210f",
|
||
|
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAAB5wAAAJYCAYAAAC+ZZpFAAAMFGlDQ1BJQ0MgUHJvZmlsZQAASImVVwdYU8kWnltSCAktEOmE3pEiXXrvSAcbIQkQSoSEoGIviwquBRUL2NBVERXXAsiiIqJYWATs9YGIysq6WLCh8iYFdH3te+f7JvfPmXPO/Ofcc+ebAUDRlpWXl4MqAZDLLxDEBPkyk5JTmKRegAAUDiugxWIL83yio8MBlLHn3+XdLWgJ5bq1ONa/zv9XUeZwhWwAkGiI0zhCdi7EJwDA1dl5ggIACO1Qbzi7IE+MhyBWFUCCABBxMc6QYnUxTpNiK4lNXIwfxN4AkKksliADAAUxb2YhOwPGURBztOVzeHyIKyH2ZGeyOBA/gNgqN3cWxIpkiM3SvouT8beYaeMxWayMcSzNRSJkf54wL4c19/8sx/+W3BzR2BoGcFAzBcEx4pxh3Q5kzwoTYyrETfy0yCiIVSC+xONI7MX4XqYoOF5mP8gW+sGaAQaAL5vD8g+DWBtihig73keG7VkCiS+0RyN5BSFxMpwmmBUji48W8nMiw2VxVmZyQ8bwDq4wIHbMJp0XGAIx7DT0RFFmXKKUJ9payEuIhFgB4k5hdmyYzPdRUaZf5JiNQBQj5mwE8dt0QWCM1AZTzxWO5YXZsFmStWAvYN4FmXHBUl8siStMCh/jwOH6B0g5YBwuP17GDYPd5Rsj8y3Oy4mW2WM7uDlBMdI6Y0eFhbFjvt0FsMGkdcAeZ7FCo2VrvcsriI6TcsNREA78gD9gAhEcaWAWyAK8jsH6QfhPOhMIWEAAMgAXWMs0Yx6Jkhk+/I0FReBPiLhAOO7nK5nlgkKo/zKulf5ag3TJbKHEIxs8hTgX18Q9cXc8HP56w2GPu+CuY35MxbFViQFEf2IwMZBoPs6DDVnnwCEAvH+jC4NPLsxOzIU/lsO3eISnhC7CY8JNQg/hLkgATyRRZFYzeUsFPzBnggjQA6MFyrJLgzEHxmxwE8jaEffFPSB/yB1n4JrAGp8EM/HBvWBujlD7PUPROLdvtfxxPTHr7/OR6RUsFBxlLNLG34zfuNWPUfy+qxEHPsN+tMRWYsexNuwcdhlrwuoBEzuLNWDt2GkxHu+EJ5JOGFstRsItG8bhjdnY1tgO2H7+YW2WbH1xvYQF3DkF4o/Bb1beXAEvI7OA6QN3Yy4zhM+2sWLa29o5AyDe26VbxxuGZM9GGFe+6fKbAXAtgcqMbzqWIQCnngJAf/dNZ/gatvs6AE53skWCQqlOvB0DAqAARfhVaABdYAjMYD72wAm4A28QAEJBFIgDyWAGrHgmyIWcZ4P5YAkoBqVgHdgEtoGdYA84AA6DY6AeNIFz4CK4CjrBTXAf9kU/eAGGwDswgiAICaEhdEQD0UOMEUvEHnFBPJEAJByJQZKRVCQD4SMiZD6yDClFypBtyG6kGvkVOYWcQy4jXchdpBcZQF4jn1AMpaKqqA5qgk5EXVAfNAyNQ6ejGWg+WoQuR9egW9Aq9BBah55Dr6I30R70BTqMAUweY2D6mDXmgvlhUVgKlo4JsIVYCVaOVWFHsEb4nq9jPdgg9hEn4nSciVvD3gzG43E2no8vxFfj2/ADeB3eil/He/Eh/CuBRtAmWBLcCCGEJEIGYTahmFBO2Ec4SbgAv5t+wjsikcggmhKd4XeZTMwiziOuJm4n1hKbiV3EPuIwiUTSIFmSPEhRJBapgFRM2ko6RDpL6ib1kz6Q5cl6ZHtyIDmFzCcvJZeTD5LPkLvJz8gjckpyxnJuclFyHLm5cmvl9so1yl2T65cboShTTCkelDhKFmUJZQvlCOUC5QHljby8vIG8q/wUeZ78Yvkt8kflL8n3yn+kqlAtqH7UaVQRdQ11P7WZepf6hkajmdC8aSm0AtoaWjXtPO0R7YMCXcFGIUSBo7BIoUKhTqFb4aWinKKxoo/iDMUixXLF44rXFAeV5JRMlPyUWEoLlSqUTindVhpWpivbKUcp5yqvVj6ofFn5uQpJxUQlQIWjslxlj8p5lT46Rjek+9HZ9GX0vfQL9H5Voqqpaohqlmqp6mHVDtUhNRW1SWoJanPUKtROq/UwMIYJI4SRw1jLOMa4xfg0QWeCzwTuhFUTjkzonvBeXUvdW52rXqJeq35T/ZMGUyNAI1tjvUa9xkNNXNNCc4rmbM0dmhc0B7VUtdy12FolWse07mmj2hbaMdrztPdot2sP6+jqBOnk6WzVOa8zqMvQ9dbN0t2oe0Z3QI+u56nH09uod1bvD6Ya04eZw9zCbGUO6WvrB+uL9Hfrd+iPGJgaxBssNag1eGhIMXQxTDfcaNhiOGSkZxRhNN+oxuiesZyxi3Gm8WbjNuP3JqYmiSYrTOpNnpuqm4aYFpnWmD4wo5l5meWbVZndMCeau5hnm28377RALRwtMi0qLK5ZopZOljzL7ZZdVgQrVyu+VZXVbWuqtY91oXWNda8NwybcZqlNvc3LiUYTUyaun9g28auto22O7V7b+3YqdqF2S+0a7V7bW9iz7SvsbzjQHAIdFjk0OLyaZDmJO2nHpDuOdMcIxxWOLY5fnJydBE5HnAacjZxTnSudb7uoukS7rHa55Epw9XVd5Nrk+tHNya3A7ZjbX+7W7tnuB92fTzadzJ28d3Kfh4EHy2O3R48n0zPVc5dnj5e+F8uryuuxt6E3x3uf9zMfc58sn0M+L31tfQW+J33f+7n5LfBr9sf8g/xL/DsCVALiA7YFPAo0CMwIrAkcCnIMmhfUHEwIDgteH3w7RCeEHVIdMhTqHLogtDWMGhYbti3scbhFuCC8MQKNCI3YEPEg0jiSH1kfBaJCojZEPYw2jc6P/m0KcUr0lIopT2PsYubHtMXSY2fGHox9F+cbtzbufrxZvCi+JUExYVpCdcL7RP/EssSepIlJC5KuJmsm85IbUkgpCSn7UoanBkzdNLV/muO04mm3pptOnzP98gzNGTkzTs9UnMmaeTyVkJqYejD1MyuKVcUaTgtJq0wbYvuxN7NfcLw5GzkDXA9uGfdZukd6WfrzDI+MDRkDmV6Z5ZmDPD/eNt6rrOCsnVnvs6Oy92eP5iTm1OaSc1NzT/FV+Nn81lm6s+bM6sqzzCvO68l3y9+UPyQIE+wTIsLpwoYCVXjMaReZiX4S9RZ6FlYUfpidMPv4HOU5/Dntcy3mrpr7rCiw6Jd5+Dz2vJb5+vOXzO9d4LNg90JkYdrClkWGi5Yv6l8ctPjAEsqS7CW/L7VdWrb07bLEZY3LdZYvXt73U9BPNcUKxYLi2yvcV+xcia/krexY5bBq66qvJZySK6W2peWln1ezV1/52e7nLT+Prklf07HWae2OdcR1/HW31nutP1CmXFZU1rchYkPdRubGko1vN83cdLl8UvnOzZTNos09W8K3NGw12rpu6+dtmdtuVvhW1FZqV66qfL+ds717h/eOIzt1dpbu/LSLt+vO7qDddVUmVeV7iHsK9zzdm7C37ReXX6r3ae4r3fdlP39/z4GYA63VztXVB7UPrq1Ba0Q1A4emHeo87H+44Yj1kd21jNrSo+Co6Ogfv6b+eutY2LGW4y7Hj5wwPlF5kn6ypA6pm1s3VJ9Z39OQ3NB1KvRUS6N748nfbH7b36TfVHFa7fTaM5Qzy8+Mni06O9yc1zx4LuNcX8vMlvvnk87faJ3S2nEh7MKli4EXz7f5tJ295HGp6bLb5VNXXK7UX3W6Wtfu2H7yd8ffT3Y4ddRdc77W0Ona2dg1uetMt1f3uev+1y/eCLlx9Wbkza5b8bfu3J52u+cO587zuzl3X90rvDdyf/EDwoOSh0oPyx9pP6r6h/k/anucek73+ve2P459fL+P3ffiifDJ5/7lT2lPy5/pPat+bv+8aSBwoPOPqX/0v8h7MTJY/Kfyn5UvzV6e+Mv7r/ahpKH+V4JXo69Xv9F4s//tpLctw9HDj97lvht5X/JB48OBjy4f2z4lfno2Mvsz6fOWL+ZfGr+GfX0wmjs6mscSsCRHAQwOND0dgNf7AaAlw7NDJwAUBendSyKI9L4oQeA/Yen9TCJOAOz3BiB
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--59a008ff-61c8-42fa-8dea-4516950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2017-08-25T11:24:47.000Z",
|
||
|
"modified": "2017-08-25T11:24:47.000Z",
|
||
|
"first_observed": "2017-08-25T11:24:47Z",
|
||
|
"last_observed": "2017-08-25T11:24:47Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"file--59a008ff-61c8-42fa-8dea-4516950d210f",
|
||
|
"artifact--59a008ff-61c8-42fa-8dea-4516950d210f"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"attachment\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "file",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "file--59a008ff-61c8-42fa-8dea-4516950d210f",
|
||
|
"name": "image5.png",
|
||
|
"content_ref": "artifact--59a008ff-61c8-42fa-8dea-4516950d210f"
|
||
|
},
|
||
|
{
|
||
|
"type": "artifact",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "artifact--59a008ff-61c8-42fa-8dea-4516950d210f",
|
||
|
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAAA8wAAAIVCAYAAAAEbnY9AAAABGdBTUEAALGPC/xhBQAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAACXBIWXMAABcSAAAXEgFnn9JSAAABWWlUWHRYTUw6Y29tLmFkb2JlLnhtcAAAAAAAPHg6eG1wbWV0YSB4bWxuczp4PSJhZG9iZTpuczptZXRhLyIgeDp4bXB0az0iWE1QIENvcmUgNS40LjAiPgogICA8cmRmOlJERiB4bWxuczpyZGY9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkvMDIvMjItcmRmLXN5bnRheC1ucyMiPgogICAgICA8cmRmOkRlc2NyaXB0aW9uIHJkZjphYm91dD0iIgogICAgICAgICAgICB4bWxuczp0aWZmPSJodHRwOi8vbnMuYWRvYmUuY29tL3RpZmYvMS4wLyI+CiAgICAgICAgIDx0aWZmOk9yaWVudGF0aW9uPjE8L3RpZmY6T3JpZW50YXRpb24+CiAgICAgIDwvcmRmOkRlc2NyaXB0aW9uPgogICA8L3JkZjpSREY+CjwveDp4bXBtZXRhPgpMwidZAABAAElEQVR4AeydBbgVVffGt4FYGKiI/kUBMVCxsQPs+OwWA0XFTrA7Pzs/u7vjsxO7WxQLRQS7PwsV5//+9jlr7j7DOTeQC1fvWs+zzszsnnfmzMy7195rT3TYYYdlwcURcAQcAUfAEXAEHAFHwBFwBBwBR8ARcAQqEJh0nnnmqQjwA0fAEXAEHAFHwBFwBBwBR8ARcAQcAUfAEQhhoiFDhriF2e8ER8ARcAQcAUfAEXAEHAFHwBFwBBwBR6CAwESZpBDmh46AI+AIOAKOgCPgCDgCjoAj4Ag4Ao5Aq0dg4laPgAPgCDgCjoAj4Ag4Ao6AI+AIOAKOgCPgCFRBYNIqYa0qaLDOtsfoP8OpV1wepvjll5BNNFGrOv/WerKT/fZbeHqJJcPz884b9rjm6jB6kklaKxR+3o6AI+AItAgEjt1u+7DhU0+Fhd56M/w+aav/PGkR18Qb4Qg4Ao6AIxBCq38j/cRdoFHpI7/8MrT78cfw5zgkzBOprD/++CP8+eefgf1Jyx8A7BNGnAlxE088sZrS8Aj5NH+bNm1i2eQjnO3vv/9uxcYyKbsx5eaZWsHO5KNGhXd0vd/UNfji00+Tj7OJhNmfulZ1GALHn39OoutV+ru0afO7jicOo0dDsrleE4U0bKKJMh3/RrYodXkJ/yPmIz95dcli2j/+aBPLLJVXzlh1M1GYZJLRsY2//94mllFKNma7R4+eNGlj1cI80BFwBByBFoPAp3ovfvD992EWPZNH6d3m4gg4Ao6AI+AItAQEKgnzzz+HcNttYgej69o2sb7oJ9WLa621Q2jXLoSPPgrh8cfq4ldaOYT/+7+641tvCeGnSENDmGmmENZYsy6OvW+/DeHBB0LYYEOYQl2cXpThphtDkOUvSqdOIfTqXdp/4P4Qvvyqsl3ELLtcCF27ltLwe8ftISy0cAidO9eF3a7z+d//6o45n0l02iusGMKss4rqlGQSkdWJZWWEdI4rgRB3Vfvat2+v0/otvP3227FowmeYYYYwxxxz5FUNGzZM0HwrMtSwpROy3U7XgrIpc/To0vWCFJN/wQUXzMv54Ycfwvvvv5+T9bzCVr7DtW5TvtbsG+6Q3R9/nC58+H7XMoEt3Q/TTPt96Db3u5GAvjNkwdB+hq/DTB2+iESaPG+/tVCYcaYvY9ioUW3DKy8uJoRLeadv/03oMufQSLjfGtwjzDLrJ4EwiHSWTRQGv7Zg+L9OI8J0038bw+q7NJNO+kf47NNZwvffTR/mmuedPD0k+ocfpgtD350rz95pjo9ie4zo5xG+4wg4Ao5AC0Vg0vK72J7JLbSZ3ixHwBFwBByBVoRAJWH+7rsQdt8qhDrDpwis0EDffbdEhCGlh+xdB9Gp54ew/gZBrDCEoe+HcOBeIXw6shS/0BIhzDV3icBCBNVzHO65J4StVAfEebrpSuk0FDq8PSSEvbcO4UdVDs9YYfUQ5ugcQpcuIey8TQgffhHC1KXk+e9F15YIMxbV4cNL7bj4ohD67VBKgrX2yIPUrnfyLHHnR/1C7CHtzSiQ2sUWWyzMNddcIjM/RHILqZ1yyikDy3ktv/zyOUEfNGhQGDx4cPj111/zsGpNI3/btm1Dt27dwoYbbhhOPPHE3FKNtXnGGWcMq666ak6QR4wYEb6U9fxndYa4lbkaopVhEM/PP+0Ybr5N97RufNn8Y4KuHUaGmWb+IkwzzffhhuvWC717PyPiO1IdIW11vbJw7fUbhjVXeySS5pEfdwp33LFG2fYcwrydPwgzdvgyTDHFz+H6GzcJ66/735gOKzOE+YabNw6bbHhrmGHGr0SAa7sVoJ6ffpoqPP/kkuHd1+YMA497K6Yn/Oefp4xk+Y47Vi/Xm4XevZ4Jiy/1vOrVVAPV4+IIOAKOgCPgCDgCjoAj4Ag4Ak1DoJIwy+Iavi0RhLyYDz8skdJpphFx3bEU/L8kzaq9ShbnY44TM+gewiefhDDLLKV0LzwfxOxkHf4yiMmFcPllIsX7lOJSS+5TT4aw6moiy2KyU01Vir/n7lK9WJ4z6VlnhrDHnqW44q9IYayH8MmnqIuljldLVt08EGssQ6PT+vPIcbeDFbh///7hiSeeCDfddFOYbLLJYuFYmrfYYotIXo8//vhIfgnbbrvtQufOncO1114bw2q1hLRLLbVUWGONNaLV2tJhZcbi3KdPn3DSSSeFURpyTFj37t3DXnvtFcPSIeCWz7djIgABRQ4++FRdi1GyPo8OQ96cL5x88r7hiCOOCVOISE8yacmqb7knV1jbyUfJ0jxfJM9HHHFCJNKTTTYqPPfM0uGUE/cIhx/1byUXCdeQ70opDbGuDBvzCOvyNaduFYb/NlvoNInu+bJQxx3XbxA+HTJzOOb4o3VfTKZ2/xquu3SrcM3JfcIux5wbib2l960j4Ag4Ao6AI+AIOAKOgCPgCDQOATHHeuReWYN3kdVXQ3oj4f1DllyGZ6dy5XUa4izr8aciyogRXvYnn5xfEd4ywe67XQgdO4aw+Ral8Fq/hx8awvEi4GZRhjBbWdXyzDZbqY0LdwthtCzUtQQr9PxzhPDM0/L0tWCtVH8p3IZLb7/99uGWW27RCPaPZAX8M5JbI81/pQLKePnll9W38GPYYAOsoHXCHGiGsUGqjTBDmrE8uzQdgckmEwkW8YQwozbEur6SShbiNjEfxBtdaJFXQ5euH+ZW3jaaH025E088Oh9SXV+ZFsfQ6j77XR0efaB3GPpSFwuO299/axPUSpU7SnX+GbfZnxOF30b7ta8Ayg8cAUfAEXAEHAFHwBFwBByBJiBQmzCfcnIIg18P4RQNuZ5zztpFmjUZQnvbrSH06xvCz+U5zB1mDuHO/4Yw7bSl/Gxnn712WZDtPXcvDe8+UEOpTzihlHYqDd0+7fgQbtcwapPzNPTayoIQ0kbOxsi5pbPtoEdkpT4jhHOvCGGxxSvnT1uacbSFuDJvuXfv3pG4cgzBhUDbsGgj0cyZhuBy3Bgh/S8awv69hren860hyp/Iun/zzTeHzTbbTGSs5EDsf5q/fcUVV+TznBtTR2tPYxbmK07fNkzS9s8wsUjv1O1/DFtufkOZOFdHaPQfk4TOIsZrr3FfuPSMHeLACFLOtcjQsMrq9+seaBcm03yHR27uFV55YlFdk4l0v0pFdCeauNypVL3oGMqw6umm+zZMObWG15fnRxPx+++ThRXXeDQMfa9buOCkXWK5k0z6Z+g0z4iw7CpPaci+k+Z6YPUoR8ARcAQcAUfAEXAEHAFHoCYC1SdM3nxTCO9p3m/3+UPYeJOamSsiIKoaBqyxx6Vh0QyNZugzYSmJZUh0UUQCo1x4QQhfy7nXir1CWHMtOflKEmLZpkxTy5Mkqbn70IMhoAw533qbZiXL1gaIMYqFl6HQeKru2bOnDOWTxzAI9TLLLBOHV7OdTvO5m0KaIcR
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--59a008ff-67ac-45b8-b693-4b86950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2017-08-25T11:24:47.000Z",
|
||
|
"modified": "2017-08-25T11:24:47.000Z",
|
||
|
"first_observed": "2017-08-25T11:24:47Z",
|
||
|
"last_observed": "2017-08-25T11:24:47Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"file--59a008ff-67ac-45b8-b693-4b86950d210f",
|
||
|
"artifact--59a008ff-67ac-45b8-b693-4b86950d210f"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"attachment\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "file",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "file--59a008ff-67ac-45b8-b693-4b86950d210f",
|
||
|
"name": "image6.png",
|
||
|
"content_ref": "artifact--59a008ff-67ac-45b8-b693-4b86950d210f"
|
||
|
},
|
||
|
{
|
||
|
"type": "artifact",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "artifact--59a008ff-67ac-45b8-b693-4b86950d210f",
|
||
|
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAAB5QAAALCCAYAAAART++UAAAMFGlDQ1BJQ0MgUHJvZmlsZQAASImVVwdYU8kWnltSCAktEOmE3pEiXXrvSAcbIQkQSoSEoGIviwquBRUL2NBVERXXAsiiIqJYWATs9YGIysq6WLCh8iYFdH3te+f7JvfPmXPO/Ofcc+ebAUDRlpWXl4MqAZDLLxDEBPkyk5JTmKRegAAUDiugxWIL83yio8MBlLHn3+XdLWgJ5bq1ONa/zv9XUeZwhWwAkGiI0zhCdi7EJwDA1dl5ggIACO1Qbzi7IE+MhyBWFUCCABBxMc6QYnUxTpNiK4lNXIwfxN4AkKksliADAAUxb2YhOwPGURBztOVzeHyIKyH2ZGeyOBA/gNgqN3cWxIpkiM3SvouT8beYaeMxWayMcSzNRSJkf54wL4c19/8sx/+W3BzR2BoGcFAzBcEx4pxh3Q5kzwoTYyrETfy0yCiIVSC+xONI7MX4XqYoOF5mP8gW+sGaAQaAL5vD8g+DWBtihig73keG7VkCiS+0RyN5BSFxMpwmmBUji48W8nMiw2VxVmZyQ8bwDq4wIHbMJp0XGAIx7DT0RFFmXKKUJ9payEuIhFgB4k5hdmyYzPdRUaZf5JiNQBQj5mwE8dt0QWCM1AZTzxWO5YXZsFmStWAvYN4FmXHBUl8siStMCh/jwOH6B0g5YBwuP17GDYPd5Rsj8y3Oy4mW2WM7uDlBMdI6Y0eFhbFjvt0FsMGkdcAeZ7FCo2VrvcsriI6TcsNREA78gD9gAhEcaWAWyAK8jsH6QfhPOhMIWEAAMgAXWMs0Yx6Jkhk+/I0FReBPiLhAOO7nK5nlgkKo/zKulf5ag3TJbKHEIxs8hTgX18Q9cXc8HP56w2GPu+CuY35MxbFViQFEf2IwMZBoPs6DDVnnwCEAvH+jC4NPLsxOzIU/lsO3eISnhC7CY8JNQg/hLkgATyRRZFYzeUsFPzBnggjQA6MFyrJLgzEHxmxwE8jaEffFPSB/yB1n4JrAGp8EM/HBvWBujlD7PUPROLdvtfxxPTHr7/OR6RUsFBxlLNLG34zfuNWPUfy+qxEHPsN+tMRWYsexNuwcdhlrwuoBEzuLNWDt2GkxHu+EJ5JOGFstRsItG8bhjdnY1tgO2H7+YW2WbH1xvYQF3DkF4o/Bb1beXAEvI7OA6QN3Yy4zhM+2sWLa29o5AyDe26VbxxuGZM9GGFe+6fKbAXAtgcqMbzqWIQCnngJAf/dNZ/gatvs6AE53skWCQqlOvB0DAqAARfhVaABdYAjMYD72wAm4A28QAEJBFIgDyWAGrHgmyIWcZ4P5YAkoBqVgHdgEtoGdYA84AA6DY6AeNIFz4CK4CjrBTXAf9kU/eAGGwDswgiAICaEhdEQD0UOMEUvEHnFBPJEAJByJQZKRVCQD4SMiZD6yDClFypBtyG6kGvkVOYWcQy4jXchdpBcZQF4jn1AMpaKqqA5qgk5EXVAfNAyNQ6ejGWg+WoQuR9egW9Aq9BBah55Dr6I30R70BTqMAUweY2D6mDXmgvlhUVgKlo4JsIVYCVaOVWFHsEb4nq9jPdgg9hEn4nSciVvD3gzG43E2no8vxFfj2/ADeB3eil/He/Eh/CuBRtAmWBLcCCGEJEIGYTahmFBO2Ec4SbgAv5t+wjsikcggmhKd4XeZTMwiziOuJm4n1hKbiV3EPuIwiUTSIFmSPEhRJBapgFRM2ko6RDpL6ib1kz6Q5cl6ZHtyIDmFzCcvJZeTD5LPkLvJz8gjckpyxnJuclFyHLm5cmvl9so1yl2T65cboShTTCkelDhKFmUJZQvlCOUC5QHljby8vIG8q/wUeZ78Yvkt8kflL8n3yn+kqlAtqH7UaVQRdQ11P7WZepf6hkajmdC8aSm0AtoaWjXtPO0R7YMCXcFGIUSBo7BIoUKhTqFb4aWinKKxoo/iDMUixXLF44rXFAeV5JRMlPyUWEoLlSqUTindVhpWpivbKUcp5yqvVj6ofFn5uQpJxUQlQIWjslxlj8p5lT46Rjek+9HZ9GX0vfQL9H5Voqqpaohqlmqp6mHVDtUhNRW1SWoJanPUKtROq/UwMIYJI4SRw1jLOMa4xfg0QWeCzwTuhFUTjkzonvBeXUvdW52rXqJeq35T/ZMGUyNAI1tjvUa9xkNNXNNCc4rmbM0dmhc0B7VUtdy12FolWse07mmj2hbaMdrztPdot2sP6+jqBOnk6WzVOa8zqMvQ9dbN0t2oe0Z3QI+u56nH09uod1bvD6Ya04eZw9zCbGUO6WvrB+uL9Hfrd+iPGJgaxBssNag1eGhIMXQxTDfcaNhiOGSkZxRhNN+oxuiesZyxi3Gm8WbjNuP3JqYmiSYrTOpNnpuqm4aYFpnWmD4wo5l5meWbVZndMCeau5hnm28377RALRwtMi0qLK5ZopZOljzL7ZZdVgQrVyu+VZXVbWuqtY91oXWNda8NwybcZqlNvc3LiUYTUyaun9g28auto22O7V7b+3YqdqF2S+0a7V7bW9iz7SvsbzjQHAIdFjk0OLyaZDmJO2nHpDuOdMcIxxWOLY5fnJydBE5HnAacjZxTnSudb7uoukS7rHa55Epw9XVd5Nrk+tHNya3A7ZjbX+7W7tnuB92fTzadzJ28d3Kfh4EHy2O3R48n0zPVc5dnj5e+F8uryuuxt6E3x3uf9zMfc58sn0M+L31tfQW+J33f+7n5LfBr9sf8g/xL/DsCVALiA7YFPAo0CMwIrAkcCnIMmhfUHEwIDgteH3w7RCeEHVIdMhTqHLogtDWMGhYbti3scbhFuCC8MQKNCI3YEPEg0jiSH1kfBaJCojZEPYw2jc6P/m0KcUr0lIopT2PsYubHtMXSY2fGHox9F+cbtzbufrxZvCi+JUExYVpCdcL7RP/EssSepIlJC5KuJmsm85IbUkgpCSn7UoanBkzdNLV/muO04mm3pptOnzP98gzNGTkzTs9UnMmaeTyVkJqYejD1MyuKVcUaTgtJq0wbYvuxN7NfcLw5GzkDXA9uGfdZukd6WfrzDI+MDRkDmV6Z5ZmDPD/eNt6rrOCsnVnvs6Oy92eP5iTm1OaSc1NzT/FV+Nn81lm6s+bM6sqzzCvO68l3y9+UPyQIE+wTIsLpwoYCVXjMaReZiX4S9RZ6FlYUfpidMPv4HOU5/Dntcy3mrpr7rCiw6Jd5+Dz2vJb5+vOXzO9d4LNg90JkYdrClkWGi5Yv6l8ctPjAEsqS7CW/L7VdWrb07bLEZY3LdZYvXt73U9BPNcUKxYLi2yvcV+xcia/krexY5bBq66qvJZySK6W2peWln1ezV1/52e7nLT+Prklf07HWae2OdcR1/HW31nutP1CmXFZU1rchYkPdRubGko1vN83cdLl8UvnOzZTNos09W8K3NGw12rpu6+dtmdtuVvhW1FZqV66qfL+ds717h/eOIzt1dpbu/LSLt+vO7qDddVUmVeV7iHsK9zzdm7C37ReXX6r3ae4r3fdlP39/z4GYA63VztXVB7UPrq1Ba0Q1A4emHeo87H+44Yj1kd21jNrSo+Co6Ogfv6b+eutY2LGW4y7Hj5wwPlF5kn6ypA6pm1s3VJ9Z39OQ3NB1KvRUS6N748nfbH7b36TfVHFa7fTaM5Qzy8+Mni06O9yc1zx4LuNcX8vMlvvnk87faJ3S2nEh7MKli4EXz7f5tJ295HGp6bLb5VNXXK7UX3W6Wtfu2H7yd8ffT3Y4ddRdc77W0Ona2dg1uetMt1f3uev+1y/eCLlx9Wbkza5b8bfu3J52u+cO587zuzl3X90rvDdyf/EDwoOSh0oPyx9pP6r6h/k/anucek73+ve2P459fL+P3ffiifDJ5/7lT2lPy5/pPat+bv+8aSBwoPOPqX/0v8h7MTJY/Kfyn5UvzV6e+Mv7r/ahpKH+V4JXo69Xv9F4s//tpLctw9HDj97lvht5X/JB48OBjy4f2z4lfno2Mvsz6fOWL+ZfGr+GfX0wmjs6mscSsCRHAQwOND0dgNf7AaAlw7NDJwAUBendSyKI9L4oQeA/Yen9TCJOAOz3BiB
|
||
|
},
|
||
|
{
|
||
|
"type": "marking-definition",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
||
|
"created": "2017-01-20T00:00:00.000Z",
|
||
|
"definition_type": "tlp",
|
||
|
"name": "TLP:WHITE",
|
||
|
"definition": {
|
||
|
"tlp": "white"
|
||
|
}
|
||
|
}
|
||
|
]
|
||
|
}
|