misp-circl-feed/feeds/circl/stix-2.1/5b1e79b9-cf9c-4072-b420-4be0950d210f.json

2283 lines
97 KiB
JSON
Raw Permalink Normal View History

2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--5b1e79b9-cf9c-4072-b420-4be0950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T12:10:13.000Z",
"modified": "2018-06-13T12:10:13.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5b1e79b9-cf9c-4072-b420-4be0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T12:10:13.000Z",
"modified": "2018-06-13T12:10:13.000Z",
"name": "OSINT - Roaming Mantis uses DNS hijacking to infect Android smartphones",
"published": "2018-06-13T15:37:17Z",
"object_refs": [
"observed-data--5b1e79cc-e98c-46ed-93cb-4c23950d210f",
"url--5b1e79cc-e98c-46ed-93cb-4c23950d210f",
"x-misp-attribute--5b1e79f5-aff8-412a-a634-453e950d210f",
"indicator--5b1e7a39-c0d0-416b-a377-495e950d210f",
"indicator--5b1e7a39-eafc-442e-8e89-4925950d210f",
"indicator--5b1e7a3a-4acc-4136-9640-48b9950d210f",
"indicator--5b1e7a3b-ddc4-4396-8481-46a6950d210f",
"indicator--5b1e7a3b-73cc-4c50-bfb7-4cbf950d210f",
"indicator--5b1e7a3b-0948-4c99-8daf-4115950d210f",
"indicator--5b1e7a3c-b3bc-489d-bd9f-436c950d210f",
"indicator--5b1e7a3d-59a8-4d91-8cf3-4159950d210f",
"indicator--5b1e7a3d-a4cc-46b1-b27a-4b57950d210f",
"indicator--5b1e7a3e-caa8-486d-b084-420d950d210f",
"indicator--5b1e7a3f-d154-48fe-b4b0-4add950d210f",
"indicator--5b1e7b08-e348-4cc8-a3de-ef08950d210f",
"indicator--5b1e7b09-e690-4abf-a0be-ef08950d210f",
"indicator--5b1e7b09-8488-4e07-ac20-ef08950d210f",
"indicator--5b1e7b0b-c3d0-44da-bf91-ef08950d210f",
"indicator--5b1e7b0b-8c9c-400e-99cb-ef08950d210f",
"indicator--5b1e7b0c-8b64-4d60-acfd-ef08950d210f",
"indicator--5b1e7b0c-b198-4ba7-a0f3-ef08950d210f",
"indicator--5b1e7b0d-91c8-46e7-8595-ef08950d210f",
"indicator--5b1e7b0d-126c-4f8e-82c0-ef08950d210f",
"indicator--5b1e7b0e-7b30-4993-9ae7-ef08950d210f",
"indicator--5b1e7b0e-06a4-466d-a5ac-ef08950d210f",
"indicator--5b1e7b0f-b210-471d-b5da-ef08950d210f",
"indicator--5b1e7d4d-f590-41cc-a20e-4a8c950d210f",
"indicator--5b1e7d4e-0dbc-4091-be32-465a950d210f",
"indicator--5b1e7d4f-c838-4b57-b76f-4017950d210f",
"indicator--5b1e7d50-3de4-44b8-acca-4886950d210f",
"indicator--5b1e7d51-61c4-47c2-9e1e-4695950d210f",
"indicator--5b1e7d51-8dd8-481b-aa0b-4ef6950d210f",
"indicator--5b1e7d52-1c88-4857-bd0e-4c9e950d210f",
"indicator--5b1e7d53-d158-407d-a141-46ab950d210f",
"indicator--5b1e7f57-9470-4e10-b576-47cb950d210f",
"indicator--5b1e7f58-fe1c-4183-89d3-4c7a950d210f",
"indicator--5b1e7f58-5938-41ef-9274-4767950d210f",
"indicator--5b1e7f58-0268-40b9-bcc1-417a950d210f",
"indicator--5b1e7f59-772c-4467-8c2e-42ef950d210f",
"indicator--5b1e7f5a-d1a8-405b-8bd0-40e4950d210f",
"indicator--5b1e7f5b-2e0c-4982-b9d3-4b88950d210f",
"indicator--5b1e7f5c-4e44-4842-b85a-4f14950d210f",
"indicator--5b1e81ca-59cc-4694-a29e-49c6950d210f",
"x-misp-object--7895e457-0624-4c5c-8088-f94060e0ed2a",
"x-misp-object--5d5975f7-733d-4fcf-8bab-79244beb3c16",
"x-misp-object--c5db4c67-486b-4072-b0a8-9ea072601c69",
"x-misp-object--482ef333-17f7-4369-9af1-4536fae21f48",
"x-misp-object--8b23deac-1eff-4145-9654-6efc48bc6a97",
"x-misp-object--5cd53d38-3a6e-4eaa-8487-77d44ccc6f81",
"x-misp-object--b57d5a1e-1383-49f6-b9b3-37428f881e5a",
"x-misp-object--e55d60e9-260d-4a88-bb1e-5684e543500f",
"x-misp-object--30574377-3a6c-4e77-bdb4-61579753e382",
"x-misp-object--e181ed3a-699b-4b04-b58c-278508c22b08",
"x-misp-object--e7bb4bfe-107d-40cf-b825-3e4c9381089a",
"x-misp-object--7d628547-f5fe-492c-a7be-f8e6b7a3c126",
"x-misp-object--f00d242d-95f7-4953-a20c-86d3d0ac0876",
"x-misp-object--a0309f0e-4ab2-414b-94e6-4c3d42e69d63",
"x-misp-object--1e6d34b0-4124-44b9-825c-a43babb1fdd7",
"x-misp-object--1451c9ad-c553-4684-9f21-0ca69508b635",
"x-misp-object--387bc28f-7365-4468-b905-aa97603e6716",
"x-misp-object--94181920-5615-453e-b15e-3d00e486ba33",
"x-misp-object--716a2596-713d-4a82-9f0f-caa5e7f30083",
"x-misp-object--8347b39e-3e12-4464-93a3-d8537266d53e",
"x-misp-object--2a5b4e41-d9a5-485a-8fbf-985c28e79496",
"x-misp-object--db97fe12-c0c4-4642-9676-4a41b873011c",
"x-misp-object--57d626b8-a358-44c7-a05f-a4cd3317c728",
"x-misp-object--95ada4d5-b381-45a1-849d-a4f63c529ff9",
"x-misp-object--98056eaf-23b8-4e84-b835-4107362aae17",
"x-misp-object--c5f108b7-9885-4360-b659-64e5a4615790",
"x-misp-object--72d92fc7-ab0f-4d77-b79b-bd7ceb901a5b",
"x-misp-object--b01ac61c-5dd4-45d8-b413-b93ce0d4b225",
"x-misp-object--89f1910f-40e3-456d-9d55-611ac7b06f6f",
"x-misp-object--1683e823-d894-473f-8672-92a02b0c15ad",
"x-misp-object--758eea54-b3b9-44a5-b21d-6ab24868087f",
"x-misp-object--36c393b6-08ec-47e2-9801-1afeaa353e53",
"x-misp-object--5801ede4-b4a9-48c7-8431-a185df616fef",
"x-misp-object--cf9c0b8f-5b53-496c-afff-a98242ce0e8c",
"x-misp-object--a08a8414-3d11-44c2-9477-af49dc306da9",
"x-misp-object--91ab5779-0629-4b3b-9647-35eca7084ea5",
"x-misp-object--9dc5223e-3a11-4fb9-bb5e-3dc048def096",
"x-misp-object--5b9d8777-dffd-4b06-9ac3-29c61edbca1d",
"x-misp-object--e8ce9f63-d621-42b1-a3fb-0012c7ff6ec4",
"x-misp-object--02127bbe-1c57-4f73-bea8-3c478482304f",
"x-misp-object--fce42428-c55d-460f-ac00-77ec2c153a7a",
"x-misp-object--e7967874-9983-4ffe-88e9-ff04a191f4f7",
"x-misp-object--143b8d09-b19c-433d-b23c-c950160d1aa0",
"x-misp-object--c85ff102-0020-4710-9921-e99dcb5ca588",
"x-misp-object--efb63dbe-b6ef-41c9-b491-c3fc374121b0",
"x-misp-object--c6e0b765-789b-4e5a-b239-e708f068662e",
"x-misp-object--b84b8a41-7607-44f9-929f-84af754f63a2",
"x-misp-object--8b706858-0316-41da-be85-d5ed4c9cdbba",
"x-misp-object--bfa0503f-b4cd-4957-a0b2-e298e4ca94bb",
"x-misp-object--42851761-8f1f-489b-b602-be5584e8236f",
"x-misp-object--e141c73c-c72c-432f-ba63-cc0d885b7ffc",
"x-misp-object--335fa9a0-2553-41db-8574-23ef5764e8b3",
"x-misp-object--d04fe5a4-45fc-48b1-8e34-c459f4286e2d",
"x-misp-object--e73f228a-4dc0-4ea7-8d9c-8d1ea347c077",
"x-misp-object--20b0f636-5acb-4d7a-97a5-301603dc165c",
"x-misp-object--52e2d3a7-3f65-48c5-a51a-367f0278f35d",
"x-misp-object--e6c069c8-7e93-4aa9-9c13-f5b1c5c21cbb",
"x-misp-object--36fbb8b3-2919-49f9-aea1-a5b762650f67",
2024-08-07 08:13:15 +00:00
"relationship--68a09441-9952-4251-9740-940071dca8f6",
"relationship--d1372ce6-393e-4a8f-b9b2-c85f0ba8452d",
"relationship--97de3861-4ea6-4bbf-b59b-7d3ec199dfd1",
"relationship--e883ef88-2670-483f-b459-3ad65f84e45a",
"relationship--093e5da9-9630-488a-a3b6-310be8b7a2da",
"relationship--83143300-30d1-4bcc-af1c-2ee0b22d8117",
"relationship--277d965a-29fb-4369-9130-50f36aa1cdda",
"relationship--1cd3f68e-4a13-4c07-99b8-ffa11159b393",
"relationship--dffc870a-e327-4bcc-9700-8a40ec30b2fd",
"relationship--cf6365fd-d97b-48b2-9be8-43c5f31b6dd4",
"relationship--1077c957-118c-4bea-9c31-77d75fbe9e82",
"relationship--d4804536-366c-4e57-9709-c8efc76bbe35",
"relationship--f49d2e0d-195b-46db-8445-3fef5ac9dccc",
"relationship--6b5bf3dd-6c03-45f2-b9b0-386abdb5284e",
"relationship--11feef3e-fe5e-4195-9945-539f7ba40969",
"relationship--20d26df3-f9e1-4cdf-a62f-518bbc489431",
"relationship--6dce1925-f7ee-44d9-bb11-704a7c1370c2",
"relationship--2531cd0e-7a27-4ac5-bb30-313131add2f3",
"relationship--59ae9c49-76e5-4cff-afec-17a3cc007748",
"relationship--2bf67750-1283-47ef-a7a5-f847b53dae0e",
"relationship--63db081f-92f7-4165-84c4-5a5f7898f1fc",
"relationship--8581afb4-84a3-420e-8008-cab964d8d2f2",
"relationship--3e57ec3f-47f3-47b0-8050-f3a215fb2247",
"relationship--ffcbbc25-d06e-4a18-be57-19e25610a9cd",
"relationship--d24560c2-6eb8-428a-a947-7b03ae359565",
"relationship--18f4f29c-db97-4bc8-814e-6ee35c2cc969",
"relationship--cd38bd64-19ed-47e8-9f1c-40a4882d4064",
"relationship--90064d0e-b8ce-4fa4-803e-5fffaa53e98b",
"relationship--cea8967b-2cfa-4d9f-b80f-ae4097c5fb21"
2023-04-21 14:44:17 +00:00
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"circl:incident-classification=\"malware\"",
"osint:source-type=\"blog-post\"",
"Android Malware",
"ms-caro-malware:malware-platform=\"AndroidOS\"",
"ms-caro-malware-full:malware-platform=\"AndroidOS\"",
"misp-galaxy:tool=\"Roaming Mantis\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5b1e79cc-e98c-46ed-93cb-4c23950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:32:19.000Z",
"modified": "2018-06-11T13:32:19.000Z",
"first_observed": "2018-06-11T13:32:19Z",
"last_observed": "2018-06-11T13:32:19Z",
"number_observed": 1,
"object_refs": [
"url--5b1e79cc-e98c-46ed-93cb-4c23950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"blog-post\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5b1e79cc-e98c-46ed-93cb-4c23950d210f",
"value": "https://securelist.com/roaming-mantis-uses-dns-hijacking-to-infect-android-smartphones/85178/"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5b1e79f5-aff8-412a-a634-453e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:32:50.000Z",
"modified": "2018-06-11T13:32:50.000Z",
"labels": [
"misp:type=\"comment\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"blog-post\""
],
"x_misp_category": "External analysis",
"x_misp_type": "comment",
"x_misp_value": "n March 2018, Japanese media reported the hijacking of DNS settings on routers located in Japan, redirecting users to malicious IP addresses. The redirection led to the installation of Trojanized applications named facebook.apk and chrome.apk that contained Android Trojan-Banker. According to our telemetry data, this malware was detected more than 6,000 times, though the reports came from just 150 unique users (from February 9 to April 9, 2018). Of course, this is down to the nature of the malware distribution, but it also suggests a very painful experience for some users, who saw the same malware appear again and again in their network. More than half of the detections were observed targeting the Asian region.\r\n\r\nDuring our research we received some invaluable information about the true scale of this attack. There were thousands of daily connections to the command and control (C2) infrastructure, with the device locale for the majority of victims set to Korean. Since we didn\u00e2\u20ac\u2122t find a pre-existing name for this malware operation, we decided to assign a new one for future reference. Based on its propagation via smartphones roaming between Wi-Fi networks, potentially carrying and spreading the infection, we decided to call it \u00e2\u20ac\u02dcRoaming Mantis\u00e2\u20ac\u2122."
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7a39-c0d0-416b-a377-495e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:33:45.000Z",
"modified": "2018-06-11T13:33:45.000Z",
"description": "Malicious hosts",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '114.44.37.112']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:33:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7a39-eafc-442e-8e89-4925950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:33:45.000Z",
"modified": "2018-06-11T13:33:45.000Z",
"description": "Malicious hosts",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '118.166.1.124']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:33:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7a3a-4acc-4136-9640-48b9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:33:46.000Z",
"modified": "2018-06-11T13:33:46.000Z",
"description": "Malicious hosts",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '118.168.193.123']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:33:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7a3b-ddc4-4396-8481-46a6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:33:47.000Z",
"modified": "2018-06-11T13:33:47.000Z",
"description": "Malicious hosts",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '128.14.50.146']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:33:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7a3b-73cc-4c50-bfb7-4cbf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:33:47.000Z",
"modified": "2018-06-11T13:33:47.000Z",
"description": "Malicious hosts",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '128.14.50.147']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:33:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7a3b-0948-4c99-8daf-4115950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:33:47.000Z",
"modified": "2018-06-11T13:33:47.000Z",
"description": "Malicious hosts",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '220.136.111.66']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:33:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7a3c-b3bc-489d-bd9f-436c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:33:48.000Z",
"modified": "2018-06-11T13:33:48.000Z",
"description": "Malicious hosts",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '220.136.179.5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:33:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7a3d-59a8-4d91-8cf3-4159950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:33:49.000Z",
"modified": "2018-06-11T13:33:49.000Z",
"description": "Malicious hosts",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '220.136.76.200']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:33:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7a3d-a4cc-46b1-b27a-4b57950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:33:49.000Z",
"modified": "2018-06-11T13:33:49.000Z",
"description": "Malicious hosts",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '43.240.14.44']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:33:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7a3e-caa8-486d-b084-420d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:33:50.000Z",
"modified": "2018-06-11T13:33:50.000Z",
"description": "Malicious hosts",
"pattern": "[domain-name:value = 'haoxingfu01.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:33:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7a3f-d154-48fe-b4b0-4add950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:33:51.000Z",
"modified": "2018-06-11T13:33:51.000Z",
"description": "Malicious hosts",
"pattern": "[domain-name:value = 'shaoye11.hopto.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:33:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7b08-e348-4cc8-a3de-ef08950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:37:12.000Z",
"modified": "2018-06-11T13:37:12.000Z",
"description": "Malicious apks",
"pattern": "[file:hashes.MD5 = '03108e7f426416b0eaca9132f082d568']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:37:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7b09-e690-4abf-a0be-ef08950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:37:13.000Z",
"modified": "2018-06-11T13:37:13.000Z",
"description": "Malicious apks",
"pattern": "[file:hashes.MD5 = '1cc88a79424091121a83d58b6886ea7a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:37:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7b09-8488-4e07-ac20-ef08950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:37:13.000Z",
"modified": "2018-06-11T13:37:13.000Z",
"description": "Malicious apks",
"pattern": "[file:hashes.MD5 = '2a1da7e17edaefc0468dbf25a0f60390']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:37:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7b0b-c3d0-44da-bf91-ef08950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:37:15.000Z",
"modified": "2018-06-11T13:37:15.000Z",
"description": "Malicious apks",
"pattern": "[file:hashes.MD5 = '31e61e52d38f19cf3958df2239fba1a7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:37:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7b0b-8c9c-400e-99cb-ef08950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:37:15.000Z",
"modified": "2018-06-11T13:37:15.000Z",
"description": "Malicious apks",
"pattern": "[file:hashes.MD5 = '34efc3ebf51a6511c0d12cce7592db73']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:37:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7b0c-8b64-4d60-acfd-ef08950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:37:16.000Z",
"modified": "2018-06-11T13:37:16.000Z",
"description": "Malicious apks",
"pattern": "[file:hashes.MD5 = '4d9a7e425f8c8b02d598ef0a0a776a58']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:37:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7b0c-b198-4ba7-a0f3-ef08950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:37:16.000Z",
"modified": "2018-06-11T13:37:16.000Z",
"description": "Malicious apks",
"pattern": "[file:hashes.MD5 = '808b186ddfa5e62ee882d5bdb94cc6e2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:37:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7b0d-91c8-46e7-8595-ef08950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:37:17.000Z",
"modified": "2018-06-11T13:37:17.000Z",
"description": "Malicious apks",
"pattern": "[file:hashes.MD5 = '904b4d615c05952bcf58f35acadee5c1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:37:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7b0d-126c-4f8e-82c0-ef08950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:37:17.000Z",
"modified": "2018-06-11T13:37:17.000Z",
"description": "Malicious apks",
"pattern": "[file:hashes.MD5 = 'a21322b2416fce17a1877542d16929d5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:37:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7b0e-7b30-4993-9ae7-ef08950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:37:18.000Z",
"modified": "2018-06-11T13:37:18.000Z",
"description": "Malicious apks",
"pattern": "[file:hashes.MD5 = 'b84b0d5f128a8e0621733a6f3b412e19']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:37:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7b0e-06a4-466d-a5ac-ef08950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:37:18.000Z",
"modified": "2018-06-11T13:37:18.000Z",
"description": "Malicious apks",
"pattern": "[file:hashes.MD5 = 'bd90279ad5c5a813bc34c06093665e55']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:37:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7b0f-b210-471d-b5da-ef08950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:37:19.000Z",
"modified": "2018-06-11T13:37:19.000Z",
"description": "Malicious apks",
"pattern": "[file:hashes.MD5 = 'ff163a92f2622f2b8330a5730d3d636c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:37:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7d4d-f590-41cc-a20e-4a8c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:46:53.000Z",
"modified": "2018-06-11T13:46:53.000Z",
"description": "class.dex",
"pattern": "[file:hashes.MD5 = '19e3daf40460aea22962d98de4bc32d2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:46:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7d4e-0dbc-4091-be32-465a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:46:54.000Z",
"modified": "2018-06-11T13:46:54.000Z",
"description": "class.dex",
"pattern": "[file:hashes.MD5 = '36b2609a98aa39c730c2f5b49097d0ad']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:46:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7d4f-c838-4b57-b76f-4017950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:46:55.000Z",
"modified": "2018-06-11T13:46:55.000Z",
"description": "class.dex",
"pattern": "[file:hashes.MD5 = '3ba4882dbf2dd6bd4fc0f54ec1373f4c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:46:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7d50-3de4-44b8-acca-4886950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:46:56.000Z",
"modified": "2018-06-11T13:46:56.000Z",
"description": "class.dex",
"pattern": "[file:hashes.MD5 = '6cac4c9eda750a69e435c801a7ca7b8d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:46:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7d51-61c4-47c2-9e1e-4695950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:46:57.000Z",
"modified": "2018-06-11T13:46:57.000Z",
"description": "class.dex",
"pattern": "[file:hashes.MD5 = '8a4ed9c4a66d7ccb3d155f85383ea3b3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:46:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7d51-8dd8-481b-aa0b-4ef6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:46:57.000Z",
"modified": "2018-06-11T13:46:57.000Z",
"description": "class.dex",
"pattern": "[file:hashes.MD5 = 'b43335b043212355619fd827b01be9a0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:46:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7d52-1c88-4857-bd0e-4c9e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:46:58.000Z",
"modified": "2018-06-11T13:46:58.000Z",
"description": "class.dex",
"pattern": "[file:hashes.MD5 = 'b7afa4b2dafb57886fc47a1355824199']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:46:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7d53-d158-407d-a141-46ab950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:46:59.000Z",
"modified": "2018-06-11T13:46:59.000Z",
"description": "class.dex",
"pattern": "[file:hashes.MD5 = 'f89214bfa4b4ac9000087e4253e7f754']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:46:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7f57-9470-4e10-b576-47cb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:55:35.000Z",
"modified": "2018-06-11T13:55:35.000Z",
"description": "test.dex",
"pattern": "[file:hashes.MD5 = '1bd7815bece1b54b7728b8dd16f1d3a9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:55:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7f58-fe1c-4183-89d3-4c7a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:55:36.000Z",
"modified": "2018-06-11T13:55:36.000Z",
"description": "test.dex",
"pattern": "[file:hashes.MD5 = '307d2780185ba2b8c5ad4c9256407504']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:55:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7f58-5938-41ef-9274-4767950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:55:36.000Z",
"modified": "2018-06-11T13:55:36.000Z",
"description": "test.dex",
"pattern": "[file:hashes.MD5 = '3e4bff0e8ed962f3c420692a35d2e503']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:55:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7f58-0268-40b9-bcc1-417a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:55:36.000Z",
"modified": "2018-06-11T13:55:36.000Z",
"description": "test.dex",
"pattern": "[file:hashes.MD5 = '57abbe642b85fa00b1f76f62acad4d3b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:55:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7f59-772c-4467-8c2e-42ef950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:55:37.000Z",
"modified": "2018-06-11T13:55:37.000Z",
"description": "test.dex",
"pattern": "[file:hashes.MD5 = '6e1926d548ffac0f6cedfb4a4f49196e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:55:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7f5a-d1a8-405b-8bd0-40e4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:55:38.000Z",
"modified": "2018-06-11T13:55:38.000Z",
"description": "test.dex",
"pattern": "[file:hashes.MD5 = '7714321baf6a54b09baa6a777b9742ef']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:55:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7f5b-2e0c-4982-b9d3-4b88950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:55:39.000Z",
"modified": "2018-06-11T13:55:39.000Z",
"description": "test.dex",
"pattern": "[file:hashes.MD5 = '7aa46b4d67c3ab07caa53e8d8df3005c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:55:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e7f5c-4e44-4842-b85a-4f14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T13:55:40.000Z",
"modified": "2018-06-11T13:55:40.000Z",
"description": "test.dex",
"pattern": "[file:hashes.MD5 = 'a0f88c77b183da227b9902968862c2b9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T13:55:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b1e81ca-59cc-4694-a29e-49c6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-11T14:06:02.000Z",
"modified": "2018-06-11T14:06:02.000Z",
"pattern": "[file:hashes.MD5 = 'f3ca571b2d1f0ecff371fb82119d1afe' AND file:name = 'chrome.apk' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-06-11T14:06:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--7895e457-0624-4c5c-8088-f94060e0ed2a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:24:46.000Z",
"modified": "2018-06-13T07:24:46.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5d5975f7-733d-4fcf-8bab-79244beb3c16",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:24:45.000Z",
"modified": "2018-06-13T07:24:45.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--c5db4c67-486b-4072-b0a8-9ea072601c69",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:24:48.000Z",
"modified": "2018-06-13T07:24:48.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--482ef333-17f7-4369-9af1-4536fae21f48",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:24:47.000Z",
"modified": "2018-06-13T07:24:47.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--8b23deac-1eff-4145-9654-6efc48bc6a97",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:24:51.000Z",
"modified": "2018-06-13T07:24:51.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5cd53d38-3a6e-4eaa-8487-77d44ccc6f81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:24:50.000Z",
"modified": "2018-06-13T07:24:50.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--b57d5a1e-1383-49f6-b9b3-37428f881e5a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:24:54.000Z",
"modified": "2018-06-13T07:24:54.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e55d60e9-260d-4a88-bb1e-5684e543500f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:24:52.000Z",
"modified": "2018-06-13T07:24:52.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--30574377-3a6c-4e77-bdb4-61579753e382",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:24:56.000Z",
"modified": "2018-06-13T07:24:56.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e181ed3a-699b-4b04-b58c-278508c22b08",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:24:54.000Z",
"modified": "2018-06-13T07:24:54.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e7bb4bfe-107d-40cf-b825-3e4c9381089a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:24:58.000Z",
"modified": "2018-06-13T07:24:58.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--7d628547-f5fe-492c-a7be-f8e6b7a3c126",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:24:56.000Z",
"modified": "2018-06-13T07:24:56.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--f00d242d-95f7-4953-a20c-86d3d0ac0876",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:01.000Z",
"modified": "2018-06-13T07:25:01.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--a0309f0e-4ab2-414b-94e6-4c3d42e69d63",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:24:59.000Z",
"modified": "2018-06-13T07:24:59.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--1e6d34b0-4124-44b9-825c-a43babb1fdd7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:03.000Z",
"modified": "2018-06-13T07:25:03.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--1451c9ad-c553-4684-9f21-0ca69508b635",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:01.000Z",
"modified": "2018-06-13T07:25:01.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--387bc28f-7365-4468-b905-aa97603e6716",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:05.000Z",
"modified": "2018-06-13T07:25:05.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--94181920-5615-453e-b15e-3d00e486ba33",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:04.000Z",
"modified": "2018-06-13T07:25:04.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--716a2596-713d-4a82-9f0f-caa5e7f30083",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:08.000Z",
"modified": "2018-06-13T07:25:08.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--8347b39e-3e12-4464-93a3-d8537266d53e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:06.000Z",
"modified": "2018-06-13T07:25:06.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--2a5b4e41-d9a5-485a-8fbf-985c28e79496",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:10.000Z",
"modified": "2018-06-13T07:25:10.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--db97fe12-c0c4-4642-9676-4a41b873011c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:08.000Z",
"modified": "2018-06-13T07:25:08.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--57d626b8-a358-44c7-a05f-a4cd3317c728",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:12.000Z",
"modified": "2018-06-13T07:25:12.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--95ada4d5-b381-45a1-849d-a4f63c529ff9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:10.000Z",
"modified": "2018-06-13T07:25:10.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--98056eaf-23b8-4e84-b835-4107362aae17",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:14.000Z",
"modified": "2018-06-13T07:25:14.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--c5f108b7-9885-4360-b659-64e5a4615790",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:13.000Z",
"modified": "2018-06-13T07:25:13.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--72d92fc7-ab0f-4d77-b79b-bd7ceb901a5b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:17.000Z",
"modified": "2018-06-13T07:25:17.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--b01ac61c-5dd4-45d8-b413-b93ce0d4b225",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:15.000Z",
"modified": "2018-06-13T07:25:15.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--89f1910f-40e3-456d-9d55-611ac7b06f6f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:19.000Z",
"modified": "2018-06-13T07:25:19.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--1683e823-d894-473f-8672-92a02b0c15ad",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:17.000Z",
"modified": "2018-06-13T07:25:17.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--758eea54-b3b9-44a5-b21d-6ab24868087f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:21.000Z",
"modified": "2018-06-13T07:25:21.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--36c393b6-08ec-47e2-9801-1afeaa353e53",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:20.000Z",
"modified": "2018-06-13T07:25:20.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5801ede4-b4a9-48c7-8431-a185df616fef",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:24.000Z",
"modified": "2018-06-13T07:25:24.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--cf9c0b8f-5b53-496c-afff-a98242ce0e8c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:22.000Z",
"modified": "2018-06-13T07:25:22.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--a08a8414-3d11-44c2-9477-af49dc306da9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:26.000Z",
"modified": "2018-06-13T07:25:26.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--91ab5779-0629-4b3b-9647-35eca7084ea5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:24.000Z",
"modified": "2018-06-13T07:25:24.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--9dc5223e-3a11-4fb9-bb5e-3dc048def096",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:28.000Z",
"modified": "2018-06-13T07:25:28.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5b9d8777-dffd-4b06-9ac3-29c61edbca1d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:26.000Z",
"modified": "2018-06-13T07:25:26.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e8ce9f63-d621-42b1-a3fb-0012c7ff6ec4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:30.000Z",
"modified": "2018-06-13T07:25:30.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--02127bbe-1c57-4f73-bea8-3c478482304f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:29.000Z",
"modified": "2018-06-13T07:25:29.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--fce42428-c55d-460f-ac00-77ec2c153a7a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:32.000Z",
"modified": "2018-06-13T07:25:32.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e7967874-9983-4ffe-88e9-ff04a191f4f7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:31.000Z",
"modified": "2018-06-13T07:25:31.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--143b8d09-b19c-433d-b23c-c950160d1aa0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:35.000Z",
"modified": "2018-06-13T07:25:35.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--c85ff102-0020-4710-9921-e99dcb5ca588",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:33.000Z",
"modified": "2018-06-13T07:25:33.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--efb63dbe-b6ef-41c9-b491-c3fc374121b0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:37.000Z",
"modified": "2018-06-13T07:25:37.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--c6e0b765-789b-4e5a-b239-e708f068662e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:36.000Z",
"modified": "2018-06-13T07:25:36.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--b84b8a41-7607-44f9-929f-84af754f63a2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:40.000Z",
"modified": "2018-06-13T07:25:40.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--8b706858-0316-41da-be85-d5ed4c9cdbba",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:38.000Z",
"modified": "2018-06-13T07:25:38.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--bfa0503f-b4cd-4957-a0b2-e298e4ca94bb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:42.000Z",
"modified": "2018-06-13T07:25:42.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--42851761-8f1f-489b-b602-be5584e8236f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:41.000Z",
"modified": "2018-06-13T07:25:41.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e141c73c-c72c-432f-ba63-cc0d885b7ffc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:45.000Z",
"modified": "2018-06-13T07:25:45.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--335fa9a0-2553-41db-8574-23ef5764e8b3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:43.000Z",
"modified": "2018-06-13T07:25:43.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--d04fe5a4-45fc-48b1-8e34-c459f4286e2d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:47.000Z",
"modified": "2018-06-13T07:25:47.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e73f228a-4dc0-4ea7-8d9c-8d1ea347c077",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:45.000Z",
"modified": "2018-06-13T07:25:45.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--20b0f636-5acb-4d7a-97a5-301603dc165c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:49.000Z",
"modified": "2018-06-13T07:25:49.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--52e2d3a7-3f65-48c5-a51a-367f0278f35d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:47.000Z",
"modified": "2018-06-13T07:25:47.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e6c069c8-7e93-4aa9-9c13-f5b1c5c21cbb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:51.000Z",
"modified": "2018-06-13T07:25:51.000Z",
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\""
],
"x_misp_meta_category": "file",
"x_misp_name": "file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--36fbb8b3-2919-49f9-aea1-a5b762650f67",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-06-13T07:25:50.000Z",
"modified": "2018-06-13T07:25:50.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--68a09441-9952-4251-9740-940071dca8f6",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:51.000Z",
"modified": "2018-06-13T07:25:51.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--7895e457-0624-4c5c-8088-f94060e0ed2a",
"target_ref": "x-misp-object--5d5975f7-733d-4fcf-8bab-79244beb3c16"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--d1372ce6-393e-4a8f-b9b2-c85f0ba8452d",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:51.000Z",
"modified": "2018-06-13T07:25:51.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--c5db4c67-486b-4072-b0a8-9ea072601c69",
"target_ref": "x-misp-object--482ef333-17f7-4369-9af1-4536fae21f48"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--97de3861-4ea6-4bbf-b59b-7d3ec199dfd1",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:51.000Z",
"modified": "2018-06-13T07:25:51.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--8b23deac-1eff-4145-9654-6efc48bc6a97",
"target_ref": "x-misp-object--5cd53d38-3a6e-4eaa-8487-77d44ccc6f81"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--e883ef88-2670-483f-b459-3ad65f84e45a",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:52.000Z",
"modified": "2018-06-13T07:25:52.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--b57d5a1e-1383-49f6-b9b3-37428f881e5a",
"target_ref": "x-misp-object--e55d60e9-260d-4a88-bb1e-5684e543500f"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--093e5da9-9630-488a-a3b6-310be8b7a2da",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:52.000Z",
"modified": "2018-06-13T07:25:52.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--30574377-3a6c-4e77-bdb4-61579753e382",
"target_ref": "x-misp-object--e181ed3a-699b-4b04-b58c-278508c22b08"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--83143300-30d1-4bcc-af1c-2ee0b22d8117",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:52.000Z",
"modified": "2018-06-13T07:25:52.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--e7bb4bfe-107d-40cf-b825-3e4c9381089a",
"target_ref": "x-misp-object--7d628547-f5fe-492c-a7be-f8e6b7a3c126"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--277d965a-29fb-4369-9130-50f36aa1cdda",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:52.000Z",
"modified": "2018-06-13T07:25:52.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--f00d242d-95f7-4953-a20c-86d3d0ac0876",
"target_ref": "x-misp-object--a0309f0e-4ab2-414b-94e6-4c3d42e69d63"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--1cd3f68e-4a13-4c07-99b8-ffa11159b393",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:52.000Z",
"modified": "2018-06-13T07:25:52.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--1e6d34b0-4124-44b9-825c-a43babb1fdd7",
"target_ref": "x-misp-object--1451c9ad-c553-4684-9f21-0ca69508b635"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--dffc870a-e327-4bcc-9700-8a40ec30b2fd",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:52.000Z",
"modified": "2018-06-13T07:25:52.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--387bc28f-7365-4468-b905-aa97603e6716",
"target_ref": "x-misp-object--94181920-5615-453e-b15e-3d00e486ba33"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--cf6365fd-d97b-48b2-9be8-43c5f31b6dd4",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:53.000Z",
"modified": "2018-06-13T07:25:53.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--716a2596-713d-4a82-9f0f-caa5e7f30083",
"target_ref": "x-misp-object--8347b39e-3e12-4464-93a3-d8537266d53e"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--1077c957-118c-4bea-9c31-77d75fbe9e82",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:53.000Z",
"modified": "2018-06-13T07:25:53.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--2a5b4e41-d9a5-485a-8fbf-985c28e79496",
"target_ref": "x-misp-object--db97fe12-c0c4-4642-9676-4a41b873011c"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--d4804536-366c-4e57-9709-c8efc76bbe35",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:53.000Z",
"modified": "2018-06-13T07:25:53.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--57d626b8-a358-44c7-a05f-a4cd3317c728",
"target_ref": "x-misp-object--95ada4d5-b381-45a1-849d-a4f63c529ff9"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--f49d2e0d-195b-46db-8445-3fef5ac9dccc",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:53.000Z",
"modified": "2018-06-13T07:25:53.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--98056eaf-23b8-4e84-b835-4107362aae17",
"target_ref": "x-misp-object--c5f108b7-9885-4360-b659-64e5a4615790"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--6b5bf3dd-6c03-45f2-b9b0-386abdb5284e",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:53.000Z",
"modified": "2018-06-13T07:25:53.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--72d92fc7-ab0f-4d77-b79b-bd7ceb901a5b",
"target_ref": "x-misp-object--b01ac61c-5dd4-45d8-b413-b93ce0d4b225"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--11feef3e-fe5e-4195-9945-539f7ba40969",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:53.000Z",
"modified": "2018-06-13T07:25:53.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--89f1910f-40e3-456d-9d55-611ac7b06f6f",
"target_ref": "x-misp-object--1683e823-d894-473f-8672-92a02b0c15ad"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--20d26df3-f9e1-4cdf-a62f-518bbc489431",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:53.000Z",
"modified": "2018-06-13T07:25:53.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--758eea54-b3b9-44a5-b21d-6ab24868087f",
"target_ref": "x-misp-object--36c393b6-08ec-47e2-9801-1afeaa353e53"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--6dce1925-f7ee-44d9-bb11-704a7c1370c2",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:53.000Z",
"modified": "2018-06-13T07:25:53.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--5801ede4-b4a9-48c7-8431-a185df616fef",
"target_ref": "x-misp-object--cf9c0b8f-5b53-496c-afff-a98242ce0e8c"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--2531cd0e-7a27-4ac5-bb30-313131add2f3",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:53.000Z",
"modified": "2018-06-13T07:25:53.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--a08a8414-3d11-44c2-9477-af49dc306da9",
"target_ref": "x-misp-object--91ab5779-0629-4b3b-9647-35eca7084ea5"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--59ae9c49-76e5-4cff-afec-17a3cc007748",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:53.000Z",
"modified": "2018-06-13T07:25:53.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--9dc5223e-3a11-4fb9-bb5e-3dc048def096",
"target_ref": "x-misp-object--5b9d8777-dffd-4b06-9ac3-29c61edbca1d"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--2bf67750-1283-47ef-a7a5-f847b53dae0e",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:53.000Z",
"modified": "2018-06-13T07:25:53.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--e8ce9f63-d621-42b1-a3fb-0012c7ff6ec4",
"target_ref": "x-misp-object--02127bbe-1c57-4f73-bea8-3c478482304f"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--63db081f-92f7-4165-84c4-5a5f7898f1fc",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:53.000Z",
"modified": "2018-06-13T07:25:53.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--fce42428-c55d-460f-ac00-77ec2c153a7a",
"target_ref": "x-misp-object--e7967874-9983-4ffe-88e9-ff04a191f4f7"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--8581afb4-84a3-420e-8008-cab964d8d2f2",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:53.000Z",
"modified": "2018-06-13T07:25:53.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--143b8d09-b19c-433d-b23c-c950160d1aa0",
"target_ref": "x-misp-object--c85ff102-0020-4710-9921-e99dcb5ca588"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--3e57ec3f-47f3-47b0-8050-f3a215fb2247",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:53.000Z",
"modified": "2018-06-13T07:25:53.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--efb63dbe-b6ef-41c9-b491-c3fc374121b0",
"target_ref": "x-misp-object--c6e0b765-789b-4e5a-b239-e708f068662e"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--ffcbbc25-d06e-4a18-be57-19e25610a9cd",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:53.000Z",
"modified": "2018-06-13T07:25:53.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--b84b8a41-7607-44f9-929f-84af754f63a2",
"target_ref": "x-misp-object--8b706858-0316-41da-be85-d5ed4c9cdbba"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--d24560c2-6eb8-428a-a947-7b03ae359565",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:53.000Z",
"modified": "2018-06-13T07:25:53.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--bfa0503f-b4cd-4957-a0b2-e298e4ca94bb",
"target_ref": "x-misp-object--42851761-8f1f-489b-b602-be5584e8236f"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--18f4f29c-db97-4bc8-814e-6ee35c2cc969",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:53.000Z",
"modified": "2018-06-13T07:25:53.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--e141c73c-c72c-432f-ba63-cc0d885b7ffc",
"target_ref": "x-misp-object--335fa9a0-2553-41db-8574-23ef5764e8b3"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--cd38bd64-19ed-47e8-9f1c-40a4882d4064",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:54.000Z",
"modified": "2018-06-13T07:25:54.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--d04fe5a4-45fc-48b1-8e34-c459f4286e2d",
"target_ref": "x-misp-object--e73f228a-4dc0-4ea7-8d9c-8d1ea347c077"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--90064d0e-b8ce-4fa4-803e-5fffaa53e98b",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:54.000Z",
"modified": "2018-06-13T07:25:54.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--20b0f636-5acb-4d7a-97a5-301603dc165c",
"target_ref": "x-misp-object--52e2d3a7-3f65-48c5-a51a-367f0278f35d"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--cea8967b-2cfa-4d9f-b80f-ae4097c5fb21",
2023-04-21 14:44:17 +00:00
"created": "2018-06-13T07:25:54.000Z",
"modified": "2018-06-13T07:25:54.000Z",
"relationship_type": "analysed-with",
"source_ref": "x-misp-object--e6c069c8-7e93-4aa9-9c13-f5b1c5c21cbb",
"target_ref": "x-misp-object--36fbb8b3-2919-49f9-aea1-a5b762650f67"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}