misp-circl-feed/feeds/circl/stix-2.1/5bc04e41-a054-4315-ba69-3686950d210f.json

{
    "type": "bundle",
    "id": "bundle--5bc04e41-a054-4315-ba69-3686950d210f",
    "objects": [
        {
            "type": "identity",
            "spec_version": "2.1",
            "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2018-10-13T14:04:31.000Z",
            "modified": "2018-10-13T14:04:31.000Z",
            "name": "CIRCL",
            "identity_class": "organization"
        },
        {
            "type": "grouping",
            "spec_version": "2.1",
            "id": "grouping--5bc04e41-a054-4315-ba69-3686950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2018-10-13T14:04:31.000Z",
            "modified": "2018-10-13T14:04:31.000Z",
            "name": "OSINT - New Sextortion Scam Pretends to Come from Your Hacked Email Account",
            "context": "suspicious-activity",
            "object_refs": [
                "observed-data--5bc04f34-d078-405a-ad5f-1b53950d210f",
                "url--5bc04f34-d078-405a-ad5f-1b53950d210f",
                "observed-data--5bc052c3-71b0-4475-b539-4a31950d210f",
                "file--5bc052c3-71b0-4475-b539-4a31950d210f",
                "artifact--5bc052c3-71b0-4475-b539-4a31950d210f",
                "observed-data--5bc052eb-5368-4531-bcaf-4cf7950d210f",
                "file--5bc052eb-5368-4531-bcaf-4cf7950d210f",
                "artifact--5bc052eb-5368-4531-bcaf-4cf7950d210f",
                "x-misp-attribute--5bc054b9-7080-4bad-95cc-54b3950d210f"
            ],
            "labels": [
                "Threat-Report",
                "misp:tool=\"MISP-STIX-Converter\"",
                "osint:source-type=\"blog-post\"",
                "circl:incident-classification=\"scam\"",
                "veris:action:social:variety=\"Scam\"",
                "riskiq:threat-type=\"scam\"",
                "riskiq:threat-name=\"scam-scareware\"",
                "veris:action:social:variety=\"Extortion\"",
                "workflow:todo=\"add-tagging\"",
                "workflow:todo=\"review\""
            ],
            "object_marking_refs": [
                "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
            ]
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--5bc04f34-d078-405a-ad5f-1b53950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2018-10-12T08:02:05.000Z",
            "modified": "2018-10-12T08:02:05.000Z",
            "first_observed": "2018-10-12T08:02:05Z",
            "last_observed": "2018-10-12T08:02:05Z",
            "number_observed": 1,
            "object_refs": [
                "url--5bc04f34-d078-405a-ad5f-1b53950d210f"
            ],
            "labels": [
                "misp:type=\"link\"",
                "misp:category=\"External analysis\"",
                "osint:source-type=\"blog-post\""
            ]
        },
        {
            "type": "url",
            "spec_version": "2.1",
            "id": "url--5bc04f34-d078-405a-ad5f-1b53950d210f",
            "value": "https://www.bleepingcomputer.com/news/security/new-sextortion-scam-pretends-to-come-from-your-hacked-email-account/"
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--5bc052c3-71b0-4475-b539-4a31950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2018-10-12T07:52:35.000Z",
            "modified": "2018-10-12T07:52:35.000Z",
            "first_observed": "2018-10-12T07:52:35Z",
            "last_observed": "2018-10-12T07:52:35Z",
            "number_observed": 1,
            "object_refs": [
                "file--5bc052c3-71b0-4475-b539-4a31950d210f",
                "artifact--5bc052c3-71b0-4475-b539-4a31950d210f"
            ],
            "labels": [
                "misp:type=\"attachment\"",
                "misp:category=\"Payload delivery\""
            ]
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--5bc052c3-71b0-4475-b539-4a31950d210f",
            "name": "dutch-version.jpg",
            "content_ref": "artifact--5bc052c3-71b0-4475-b539-4a31950d210f"
        },
        {
            "type": "artifact",
            "spec_version": "2.1",
            "id": "artifact--5bc052c3-71b0-4475-b539-4a31950d210f",
            "payload_bin": "/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAUDBAQEAwUEBAQFBQUGBwwIBwcHBw8LCwkMEQ8SEhEPERETFhwXExQaFRERGCEYGh0dHx8fExciJCIeJBweHx7/2wBDAQUFBQcGBw4ICA4eFBEUHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh7/wgARCAKgAqYDASIAAhEBAxEB/8QAGwABAAMBAQEBAAAAAAAAAAAAAAQFBgMCAQf/xAAUAQEAAAAAAAAAAAAAAAAAAAAA/9oADAMBAAIQAxAAAAH9WKYuVV5LdRSC1UtyfQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMZs+Zk2t5GJ0Fv0MdcWfMmgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUN9SldqsXtDCaWHGLGTWVxrK+RTHbS/mf6MZvrXzTR5+2wRsfmdklhoaa9MVdV8g9VEuEaLrnJ5YwJYmQ/sIj9+ObP0/O32VLKPWyDv2k4w1/2HYk2nmU5Oi2Xk90Pv0WMfn8LnnPrCBqMbsjPyc1JNVRWNCXddXdyz7+4BLiRZZ64+JReZPaUx850fkkaPP2x7qZUc6WFL1LBEnlyAAAAAAeD2czo8exAn+D2AAAABAnhAn+D2AAeD2Bm9IOXXn0AAAABzOgAEaSOPYIlZddAAAAAAAAAAAeD2A8ewABm9JVFLPk151r5fEgWkKUd5caeea/zKI/L1ZnejtaYkwZcQm2fkVEqaIPP7DLXx88lframeQ4vGyIlhzrD3YVfwta+xHqun1h6rLCvLWa9HiJ2jHiL3lk7L3FIXsC26lU5+zpytvpBrZ0I1+X0uYJyFKLOguqY8yYNkerPjzKufWzSRH6dyhu+A6TIFmQokWYRo0rwS5MWIR53r6Sb7O3JJAOB3AR/p3AOB3AcPp2AAOJ2AidO4OB3AAePh0AAAcO4AAAOJ2R/R2PB7Q5gABx7AAA49oJN+uJ2AAAVvItwAAAAKG+rTMW0qMQJPvuZe8k2Bxdq4y2/o9GZCXb1xW+LryTa/QV5Cq9FWlVKtZBXx7KEUve17DGbaCe1lyKPR0WjM7E00UrOFv1MT+m5rTmGleppSTrKWZjX0ujMjNiSzxJ5zjjR6GrNBkdfljvHsZpwy2ygHyntpJSR9HyLrHa+vKXx2nFV7uYh8izfhF53v0xN12nkLS13Qo7Hj9MZq/FqRL6sswAAAeD2A4dwBz6A4dwAAAAqLU9OHcAIcwAEYkoksEMmOHcAPHsAAAAAAAAHg9gI3c9AAAAAAAAAAAZDXwSk4aKnOHbxNKvhczCyyOvpDxDuxXVE+UeuM6mPWaurAq+130Mrpe00qsTseJoMxrM8UfnRfSxptNSFbwsu54xv6DUHHlbciDGtckW1tJllB1u4RV0eyiHiPHkEad4uypi6PAG2yuviFPJtJZ0zmqzJ7+TPZmJ113KVd15VeLv2V0yWKrjZfTPSLv6fKnVV5nKfcQTxJshOAAAAAAAAAOJ2fPoAIpKQJ4QvJPAAK8sAAAAAADgdysLNmb4kOHAnAAFeWDh3ACBPDh3CptgAr+hMAAAcO4AAAAAAyespip538Qr4mvGRkyJZ8zmk7Gb7aaMVmrqrEytbpex0x36BUmekXUs8Ut7FKqn13YoOd3yMVeWs8lZbYURnJc7sQfEuzMtNlW5QrnwUELQzSfSWnkhxulqZudbfTOc9PWFHeTK4h9pkoi0+q+FfX6CEUkXUVxWbaHPMDfSpRXU+qqT5nNzEKGv1sQt8rts2QO8mWeM9oO5X6WvsAAAAAARiS8czuprU6OPkkIvokI3gmI/07o3c9K7sS0YSXjydXLiSyIS0aSEX2d3HwSUf4SXPydkWUEYSXjydUT4THEdnDySWZvSS+RySjdj2rpp0Q/ZJc+BLRJB7cPJJVVgdUTgWTnyJKukElG6nRE9ElGEl4py7cfp1cewAxW1pyhup3kyfja8jO9buSYW3v8AqcM9rIxnarWSCj1HP0UNRcXJg7ydaFJV6/gZuDsOpIwm7qDN6jndGU9T5BmuGv6lBSb2AZe0vOxmLTpbH53eTrQpPF99MpH2XEoJdkMp211WQOemrzLT9VXFd3uxnOGr4mXlT7Qpetr9MxC2cUzrQxiBx1IxMu1tDJxtnAKmj/Rasr5V0K+puBSd7GxMV72FSUnvUeSNdePYAKws1F8L5ntAfVHNJ6n9lqgRi4VsokK/iWykuD2rexMUd4FPyL1USiaz9gWCHALtDilsz/YujKGrR4ZaKL6Xjj2AAAAAAAAAAAAAAAAAAAAAAGU1ccxPrb8Srv8AxzMddTOZF9XYxEX9B4FRB1nkyv3V8Sn63IzMXW8jI6vnZGOp/wBA6mF1sjuZX3pPhkfOy5GW9XEYjZj9O4HfFbiGYSx2scoYGy8HmT49gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgk5Gkg8HsB49hx6n0AB59AAAAAAA8HsAAAAAAB4+HQAAAAAAAAAAABz+ns8HsB59AAACnuMqSo/TgabC7uhHPn2KjY5TUlJI8C3oLugLDx8HDQ53UmNl+uQ6xfZ5saG5PtbP8AZ34cuBe0llQE7j97FrAlfTO3dDbHWqkwi47fZBDTeByhyZx9rJ9cTJCOVWjy+pK1z+nP3xtSq+yBG7xupHk9OR7gy68sfvqQIEfoTPsyGU9rVaIW9LZFLEtKs1GF3dCOHzoVmwyunJgAAAAABxOxHJAAAAAHLqKW64dwCv8AU4ca24AACvsBBnAOB3AOB3PJ6iduoAIJOR/R2AA4fYhYuPYAAAI/07gAAEckAAAAYXdZ8qIul8kC59DlWzvZGg2HgyWq5TTzI5eCBX+b4rOtlNK6De0p25yeZD+zppY5PY0J7qrKAdHUeeF3UHj1ylFzjt1Rmd3NTamf59uxn7SfMPD2MzsMvqzC3/v4c8lsoRo87psmW/SD7K37afSBntGPnC66kGDc1ZXdLWwI8LrPMLovsorJvwQfVNtyXmNVmD13h2BMy+roSJcrInAAAEMmOPYIsoAIsoEQl+ayxOUkABFJQDx7ACN3PQAPHsAAAACHMAACLKHj50Of32CJLBCJqptgcDuA4dwAiSyJLA4ciR0AAAAABntDXGbmTpplvN6Ke7+2ZnVyPzvXeLYzci+EOHdxzNz+d4VvqzFJQbqsKLb19ufn158llbwtJ5l1/wCSDE0wp5sz2Yiysp5Gh20QiVV/nzU0ulpCliajwXWP2kAxOg79Ct9T7AztFvqog6qFamLaWIZi0nzDHbWNbGTnx7Exmzh3JR5PWeTR5LYZko5Nz2PfK7pyqhaGuIX2++lNrc5pzD28kUffpOKzr3tCcARiShTQAAAgTwAgzgUhdqW6Dj1PoAACvsAQScAAAgTw8cCUAAQCeAA4cCcAr7AAAHE7IE8AEYkuHcAHM6PHsAAAAZ7Q0BU62h0Z+e3lxzKSNooZUbKJZmD66TwZ2k30Ar9QhlxidtXmcrNvEM5r+FofnUjSdTLSreyK+Bfwyl+3E4zPmVeHinu45UVmnoTQ0etpTPRdnCLrI7OtKSPruBnOlhEOq07mer9ZUHPrdiupdZyJOX09WZ2DtYREh3PcqrLvZFLS6niZ2BpJBRdr2KWOT3GZIne2+FBzt7MoImm5lHaz68hZr9GqiqlXXYlgAEYkvEYmOPw7uHU9I1OaFw9HV55HdF7HRHhlojdDqjQy1Rex0cfh3RhJc+RJRux7Rup0eORIcPJJeYxLcO4RvJLR/Z1cagvSMSXEdnjydUbodUYSUaOWLhzJbzwJKNVl64jsQyYqvZZI/gluHQ9uVaW6nsTu5+TsheSeBltTwMT211WRY999Kr7feDNcNBIMnNv/AAVfe1imdiaWxKHlpRjOl3OK+l0vkzfC+tT
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--5bc052eb-5368-4531-bcaf-4cf7950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2018-10-12T07:53:15.000Z",
            "modified": "2018-10-12T07:53:15.000Z",
            "first_observed": "2018-10-12T07:53:15Z",
            "last_observed": "2018-10-12T07:53:15Z",
            "number_observed": 1,
            "object_refs": [
                "file--5bc052eb-5368-4531-bcaf-4cf7950d210f",
                "artifact--5bc052eb-5368-4531-bcaf-4cf7950d210f"
            ],
            "labels": [
                "misp:type=\"attachment\"",
                "misp:category=\"Payload delivery\""
            ]
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--5bc052eb-5368-4531-bcaf-4cf7950d210f",
            "name": "english-version.jpg",
            "content_ref": "artifact--5bc052eb-5368-4531-bcaf-4cf7950d210f"
        },
        {
            "type": "artifact",
            "spec_version": "2.1",
            "id": "artifact--5bc052eb-5368-4531-bcaf-4cf7950d210f",
            "payload_bin": "/9j/4QCsRXhpZgAASUkqAAgAAAADADEBAgAcAAAAMgAAADIBAgAaAAAATgAAAGmHBAABAAAAaAAAAAAAAABBZG9iZSBQaG90b3Nob3AgQ1M1IFdpbmRvd3MAMjAxOC0xMC0xMVQxNzo0NDo0MC0wNDowMAAEAACQBwAEAAAAMDIyMAmSAwABAAAA4TQAAAKgBAABAAAAQQQAAAOgBAABAAAAtAEAAAAAAAC0AQAAAAD/7AARRHVja3kAAQAEAAAAPAAA/+ED72h0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC8APD94cGFja2V0IGJlZ2luPSLvu78iIGlkPSJXNU0wTXBDZWhpSHpyZVN6TlRjemtjOWQiPz4gPHg6eG1wbWV0YSB4bWxuczp4PSJhZG9iZTpuczptZXRhLyIgeDp4bXB0az0iQWRvYmUgWE1QIENvcmUgNS4wLWMwNjAgNjEuMTM0Nzc3LCAyMDEwLzAyLzEyLTE3OjMyOjAwICAgICAgICAiPiA8cmRmOlJERiB4bWxuczpyZGY9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkvMDIvMjItcmRmLXN5bnRheC1ucyMiPiA8cmRmOkRlc2NyaXB0aW9uIHJkZjphYm91dD0iIiB4bWxuczp4bXA9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC8iIHhtbG5zOmRjPSJodHRwOi8vcHVybC5vcmcvZGMvZWxlbWVudHMvMS4xLyIgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9tbS8iIHhtbG5zOnN0UmVmPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVzb3VyY2VSZWYjIiB4bXA6Q3JlYXRvclRvb2w9IkFkb2JlIFBob3Rvc2hvcCBDUzUgV2luZG93cyIgeG1wOkNyZWF0ZURhdGU9IjIwMTgtMTAtMTFUMDk6MzY6NTYtMDQ6MDAiIHhtcDpNb2RpZnlEYXRlPSIyMDE4LTEwLTExVDE3OjQ0OjQwLTA0OjAwIiB4bXA6TWV0YWRhdGFEYXRlPSIyMDE4LTEwLTExVDE3OjQ0OjQwLTA0OjAwIiBkYzpmb3JtYXQ9ImltYWdlL2pwZWciIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6REI1QzREQjdDRDlFMTFFOEEyM0NDNUIwNkEyNDRFNjEiIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6REI1QzREQjhDRDlFMTFFOEEyM0NDNUIwNkEyNDRFNjEiPiA8eG1wTU06RGVyaXZlZEZyb20gc3RSZWY6aW5zdGFuY2VJRD0ieG1wLmlpZDpEQjVDNERCNUNEOUUxMUU4QTIzQ0M1QjA2QTI0NEU2MSIgc3RSZWY6ZG9jdW1lbnRJRD0ieG1wLmRpZDpEQjVDNERCNkNEOUUxMUU4QTIzQ0M1QjA2QTI0NEU2MSIvPiA8L3JkZjpEZXNjcmlwdGlvbj4gPC9yZGY6UkRGPiA8L3g6eG1wbWV0YT4gPD94cGFja2V0IGVuZD0iciI/Pv/iCXRJQ0NfUFJPRklMRQABAQAACWQAAAAAAgAAAG1udHJSR0IgWFlaIAfUAAwAFwAJAAEACWFjc3BNU0ZUAAAAAFNFQyBGUEQgAAAAAAAAAAAAAAABAAD21QABAAAAANMsU0VDIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADWNwcnQAAAEgAAAAOGRlc2MAAAFYAAAAgGRtbmQAAAHYAAAAemRtZGQAAAJUAAAAYnJYWVoAAAK4AAAAFGdYWVoAAALMAAAAFGJYWVoAAALgAAAAFHd0cHQAAAL0AAAAFHJUUkMAAAMIAAACDGdUUkMAAAUUAAACDGJUUkMAAAcgAAACDGNhbHQAAAksAAAAFHZpZXcAAAlAAAAAJHRleHQAAAAAQ29weXJpZ2h0IChjKSAyMDAzIFNhbXN1bmcgRWxlY3Ryb25pY3MgQ28uLCBMdGQAZGVzYwAAAAAAAAAkU2Ftc3VuZyAtIE5hdHVyYWwgQ29sb3IgUHJvIDEuMCBJQ00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABkZXNjAAAAAAAAAB1TYW1zdW5nIEVsZWN0cm9uaWNzIENvLiwgTHRkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZGVzYwAAAAAAAAAFICAgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhZWiAAAAAAAAB8NAAAQwwAAAHTWFlaIAAAAAAAAFVBAACkJgAAGFZYWVogAAAAAAAAJWAAABjRAAC5A1hZWiAAAAAAAADzPgABAAAAARZwY3VydgAAAAAAAAEAAAAAAAABAAMABwALABEAGAAgACkANABBAE4AXQBuAIAAlACpAMAA2ADyAQ0BKgFJAWkBiwGvAdQB+wIkAk8CewKpAtkDCgM9A3IDqQPiBBwEWQSXBNcFGQVdBaIF6gYzBn4GywcaB2sHvggTCGoIwwkdCXoJ2Qo5CpwLAQtnC9AMOgynDRYNhg35Dm4O5Q9eD9kQVhDVEVYR2RJeEuYTbxP7FIkVGRWqFj8W1RdtGAgYpBlDGeQahxssG9Qcfh0pHdcehx86H+4gpSFeIhki1yOWJFglHCXjJqsndihDKRIp5Cq3K44sZi1ALh0u/C/eMMExpzKQM3o0ZzVWNkg3PDgyOSo6JTsiPCE9Iz4nPy5ANkFBQk9DX0RxRYVGnEe1SNFJ70sPTDJNV05/T6lQ1VIEUzVUaFWeVtdYEVlOWo5b0F0UXltfpGDwYj5jj2TiZjdnj2jpakZrpW0Hbmtv0nE7cqd0FXWFdvh4bnnme2B83X5df9+BY4LqhHOF/4eOiR+KsoxIjeGPfJEZkrmUXJYBl6mZU5sAnK+eYaAVocyjhqVCpwGowqqFrEyuFa/gsa6zf7VStyi5ALrbvLi+mMB7wmDESMYyyCDKD8wBzfbP7tHo0+XV5Nfm2erb8d374AjiF+Qo5j3oVOpt7InuqPDK8u71Ffc++Wr7mf3K//9jdXJ2AAAAAAAAAQAAAAAAAAEAAwAHAAsAEQAYACAAKQA0AEEATgBdAG4AgACUAKkAwADYAPIBDQEqAUkBaQGLAa8B1AH7AiQCTwJ7AqkC2QMKAz0DcgOpA+IEHARZBJcE1wUZBV0FogXqBjMGfgbLBxoHawe+CBMIagjDCR0JegnZCjkKnAsBC2cL0Aw6DKcNFg2GDfkObg7lD14P2RBWENURVhHZEl4S5hNvE/sUiRUZFaoWPxbVF20YCBikGUMZ5BqHGywb1Bx+HSkd1x6HHzof7iClIV4iGSLXI5YkWCUcJeMmqyd2KEMpEinkKrcrjixmLUAuHS78L94wwTGnMpAzejRnNVY2SDc8ODI5KjolOyI8IT0jPic/LkA2QUFCT0NfRHFFhUacR7VI0UnvSw9MMk1XTn9PqVDVUgRTNVRoVZ5W11gRWU5ajlvQXRReW1+kYPBiPmOPZOJmN2ePaOlqRmulbQdua2/ScTtyp3QVdYV2+HhueeZ7YHzdfl1/34FjguqEc4X/h46JH4qyjEiN4Y98kRmSuZRclgGXqZlTmwCcr55hoBWhzKOGpUKnAajCqoWsTK4Vr+CxrrN/tVK3KLkAutu8uL6YwHvCYMRIxjLIIMoPzAHN9s/u0ejT5dXk1+bZ6tvx3fvgCOIX5CjmPehU6m3sie6o8Mry7vUV9z75avuZ/cr//2N1cnY
        },
        {
            "type": "x-misp-attribute",
            "spec_version": "2.1",
            "id": "x-misp-attribute--5bc054b9-7080-4bad-95cc-54b3950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2018-10-12T08:12:29.000Z",
            "modified": "2018-10-12T08:12:29.000Z",
            "labels": [
                "misp:type=\"text\"",
                "misp:category=\"External analysis\"",
                "osint:source-type=\"blog-post\""
            ],
            "x_misp_category": "External analysis",
            "x_misp_type": "text",
            "x_misp_value": "Sextortion scams are when an attacker sends emails to people stating that their computer is hacked and that the attackers have been recording the screen and webcam as the user visits adult sites. The scammers then blackmail the recipients by stating they will release the videos if they do not receive a payment in bitcoins.\r\n\r\nIn the past, the sextortion emails would just include a target's password that the attackers found from a data breach dump in order to scare the victim into thinking that the threats were real. Now the scammers are also pretending to have access to the target's email account by spoofing the sender of the scam email to be the same email as the victim.\r\n\r\nThese scams have become very profitable, with scammers making over $50K in one week, and this new variant is no different. According to reporting by Dani\u00ebl Verlaan, this new variant was first seen targeting victims in the Netherlands where the scammers made \u20ac40,000.\r\n\r\nAfter learning about this new campaign, a security researcher known as SecGuru, who has been monitoring these scams, found a similar variant in English. SecGuru told BleepingComputer that the subject of these emails is \"[email address] + 48 hours to pay\".\r\n\r\nFor example, if my email address was example@example.com, the subject of the sextortion email would read \"example@example.com 48 hours to pay\" and sender of the email would be my own email account."
        },
        {
            "type": "marking-definition",
            "spec_version": "2.1",
            "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
            "created": "2017-01-20T00:00:00.000Z",
            "definition_type": "tlp",
            "name": "TLP:WHITE",
            "definition": {
                "tlp": "white"
            }
        }
    ]
}
chg: [misp-stix] STIX 2.1 export added 2023-04-21 14:44:17 +00:00			`{`
			`"type": "bundle",`
			`"id": "bundle--5bc04e41-a054-4315-ba69-3686950d210f",`
			`"objects": [`
			`{`
			`"type": "identity",`
			`"spec_version": "2.1",`
			`"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2018-10-13T14:04:31.000Z",`
			`"modified": "2018-10-13T14:04:31.000Z",`
			`"name": "CIRCL",`
			`"identity_class": "organization"`
			`},`
			`{`
			`"type": "grouping",`
			`"spec_version": "2.1",`
			`"id": "grouping--5bc04e41-a054-4315-ba69-3686950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2018-10-13T14:04:31.000Z",`
			`"modified": "2018-10-13T14:04:31.000Z",`
			`"name": "OSINT - New Sextortion Scam Pretends to Come from Your Hacked Email Account",`
			`"context": "suspicious-activity",`
			`"object_refs": [`
			`"observed-data--5bc04f34-d078-405a-ad5f-1b53950d210f",`
			`"url--5bc04f34-d078-405a-ad5f-1b53950d210f",`
			`"observed-data--5bc052c3-71b0-4475-b539-4a31950d210f",`
			`"file--5bc052c3-71b0-4475-b539-4a31950d210f",`
			`"artifact--5bc052c3-71b0-4475-b539-4a31950d210f",`
			`"observed-data--5bc052eb-5368-4531-bcaf-4cf7950d210f",`
			`"file--5bc052eb-5368-4531-bcaf-4cf7950d210f",`
			`"artifact--5bc052eb-5368-4531-bcaf-4cf7950d210f",`
			`"x-misp-attribute--5bc054b9-7080-4bad-95cc-54b3950d210f"`
			`],`
			`"labels": [`
			`"Threat-Report",`
			`"misp:tool=\"MISP-STIX-Converter\"",`
			`"osint:source-type=\"blog-post\"",`
			`"circl:incident-classification=\"scam\"",`
			`"veris:action:social:variety=\"Scam\"",`
			`"riskiq:threat-type=\"scam\"",`
			`"riskiq:threat-name=\"scam-scareware\"",`
			`"veris:action:social:variety=\"Extortion\"",`
			`"workflow:todo=\"add-tagging\"",`
			`"workflow:todo=\"review\""`
			`],`
			`"object_marking_refs": [`
			`"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"`
			`]`
			`},`
			`{`
			`"type": "observed-data",`
			`"spec_version": "2.1",`
			`"id": "observed-data--5bc04f34-d078-405a-ad5f-1b53950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2018-10-12T08:02:05.000Z",`
			`"modified": "2018-10-12T08:02:05.000Z",`
			`"first_observed": "2018-10-12T08:02:05Z",`
			`"last_observed": "2018-10-12T08:02:05Z",`
			`"number_observed": 1,`
			`"object_refs": [`
			`"url--5bc04f34-d078-405a-ad5f-1b53950d210f"`
			`],`
			`"labels": [`
			`"misp:type=\"link\"",`
			`"misp:category=\"External analysis\"",`
			`"osint:source-type=\"blog-post\""`
			`]`
			`},`
			`{`
			`"type": "url",`
			`"spec_version": "2.1",`
			`"id": "url--5bc04f34-d078-405a-ad5f-1b53950d210f",`
			`"value": "https://www.bleepingcomputer.com/news/security/new-sextortion-scam-pretends-to-come-from-your-hacked-email-account/"`
			`},`
			`{`
			`"type": "observed-data",`
			`"spec_version": "2.1",`
			`"id": "observed-data--5bc052c3-71b0-4475-b539-4a31950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2018-10-12T07:52:35.000Z",`
			`"modified": "2018-10-12T07:52:35.000Z",`
			`"first_observed": "2018-10-12T07:52:35Z",`
			`"last_observed": "2018-10-12T07:52:35Z",`
			`"number_observed": 1,`
			`"object_refs": [`
			`"file--5bc052c3-71b0-4475-b539-4a31950d210f",`
			`"artifact--5bc052c3-71b0-4475-b539-4a31950d210f"`
			`],`
			`"labels": [`
			`"misp:type=\"attachment\"",`
			`"misp:category=\"Payload delivery\""`
			`]`
			`},`
			`{`
			`"type": "file",`
			`"spec_version": "2.1",`
			`"id": "file--5bc052c3-71b0-4475-b539-4a31950d210f",`
			`"name": "dutch-version.jpg",`
			`"content_ref": "artifact--5bc052c3-71b0-4475-b539-4a31950d210f"`
			`},`
			`{`
			`"type": "artifact",`
			`"spec_version": "2.1",`
			`"id": "artifact--5bc052c3-71b0-4475-b539-4a31950d210f",`
			"payload_bin": "/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAUDBAQEAwUEBAQFBQUGBwwIBwcHBw8LCwkMEQ8SEhEPERETFhwXExQaFRERGCEYGh0dHx8fExciJCIeJBweHx7/2wBDAQUFBQcGBw4ICA4eFBEUHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh7/wgARCAKgAqYDASIAAhEBAxEB/8QAGwABAAMBAQEBAAAAAAAAAAAAAAQFBgMCAQf/xAAUAQEAAAAAAAAAAAAAAAAAAAAA/9oADAMBAAIQAxAAAAH9WKYuVV5LdRSC1UtyfQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMZs+Zk2t5GJ0Fv0MdcWfMmgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUN9SldqsXtDCaWHGLGTWVxrK+RTHbS/mf6MZvrXzTR5+2wRsfmdklhoaa9MVdV8g9VEuEaLrnJ5YwJYmQ/sIj9+ObP0/O32VLKPWyDv2k4w1/2HYk2nmU5Oi2Xk90Pv0WMfn8LnnPrCBqMbsjPyc1JNVRWNCXddXdyz7+4BLiRZZ64+JReZPaUx850fkkaPP2x7qZUc6WFL1LBEnlyAAAAAAeD2czo8exAn+D2AAAABAnhAn+D2AAeD2Bm9IOXXn0AAAABzOgAEaSOPYIlZddAAAAAAAAAAAeD2A8ewABm9JVFLPk151r5fEgWkKUd5caeea/zKI/L1ZnejtaYkwZcQm2fkVEqaIPP7DLXx88lframeQ4vGyIlhzrD3YVfwta+xHqun1h6rLCvLWa9HiJ2jHiL3lk7L3FIXsC26lU5+zpytvpBrZ0I1+X0uYJyFKLOguqY8yYNkerPjzKufWzSRH6dyhu+A6TIFmQokWYRo0rwS5MWIR53r6Sb7O3JJAOB3AR/p3AOB3AcPp2AAOJ2AidO4OB3AAePh0AAAcO4AAAOJ2R/R2PB7Q5gABx7AAA49oJN+uJ2AAAVvItwAAAAKG+rTMW0qMQJPvuZe8k2Bxdq4y2/o9GZCXb1xW+LryTa/QV5Cq9FWlVKtZBXx7KEUve17DGbaCe1lyKPR0WjM7E00UrOFv1MT+m5rTmGleppSTrKWZjX0ujMjNiSzxJ5zjjR6GrNBkdfljvHsZpwy2ygHyntpJSR9HyLrHa+vKXx2nFV7uYh8izfhF53v0xN12nkLS13Qo7Hj9MZq/FqRL6sswAAAeD2A4dwBz6A4dwAAAAqLU9OHcAIcwAEYkoksEMmOHcAPHsAAAAAAAAHg9gI3c9AAAAAAAAAAAZDXwSk4aKnOHbxNKvhczCyyOvpDxDuxXVE+UeuM6mPWaurAq+130Mrpe00qsTseJoMxrM8UfnRfSxptNSFbwsu54xv6DUHHlbciDGtckW1tJllB1u4RV0eyiHiPHkEad4uypi6PAG2yuviFPJtJZ0zmqzJ7+TPZmJ113KVd15VeLv2V0yWKrjZfTPSLv6fKnVV5nKfcQTxJshOAAAAAAAAAOJ2fPoAIpKQJ4QvJPAAK8sAAAAAADgdysLNmb4kOHAnAAFeWDh3ACBPDh3CptgAr+hMAAAcO4AAAAAAyespip538Qr4mvGRkyJZ8zmk7Gb7aaMVmrqrEytbpex0x36BUmekXUs8Ut7FKqn13YoOd3yMVeWs8lZbYURnJc7sQfEuzMtNlW5QrnwUELQzSfSWnkhxulqZudbfTOc9PWFHeTK4h9pkoi0+q+FfX6CEUkXUVxWbaHPMDfSpRXU+qqT5nNzEKGv1sQt8rts2QO8mWeM9oO5X6WvsAAAAAARiS8czuprU6OPkkIvokI3gmI/07o3c9K7sS0YSXjydXLiSyIS0aSEX2d3HwSUf4SXPydkWUEYSXjydUT4THEdnDySWZvSS+RySjdj2rpp0Q/ZJc+BLRJB7cPJJVVgdUTgWTnyJKukElG6nRE9ElGEl4py7cfp1cewAxW1pyhup3kyfja8jO9buSYW3v8AqcM9rIxnarWSCj1HP0UNRcXJg7ydaFJV6/gZuDsOpIwm7qDN6jndGU9T5BmuGv6lBSb2AZe0vOxmLTpbH53eTrQpPF99MpH2XEoJdkMp211WQOemrzLT9VXFd3uxnOGr4mXlT7Qpetr9MxC2cUzrQxiBx1IxMu1tDJxtnAKmj/Rasr5V0K+puBSd7GxMV72FSUnvUeSNdePYAKws1F8L5ntAfVHNJ6n9lqgRi4VsokK/iWykuD2rexMUd4FPyL1USiaz9gWCHALtDilsz/YujKGrR4ZaKL6Xjj2AAAAAAAAAAAAAAAAAAAAAAGU1ccxPrb8Srv8AxzMddTOZF9XYxEX9B4FRB1nkyv3V8Sn63IzMXW8jI6vnZGOp/wBA6mF1sjuZX3pPhkfOy5GW9XEYjZj9O4HfFbiGYSx2scoYGy8HmT49gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgk5Gkg8HsB49hx6n0AB59AAAAAAA8HsAAAAAAB4+HQAAAAAAAAAAABz+ns8HsB59AAACnuMqSo/TgabC7uhHPn2KjY5TUlJI8C3oLugLDx8HDQ53UmNl+uQ6xfZ5saG5PtbP8AZ34cuBe0llQE7j97FrAlfTO3dDbHWqkwi47fZBDTeByhyZx9rJ9cTJCOVWjy+pK1z+nP3xtSq+yBG7xupHk9OR7gy68sfvqQIEfoTPsyGU9rVaIW9LZFLEtKs1GF3dCOHzoVmwyunJgAAAAABxOxHJAAAAAHLqKW64dwCv8AU4ca24AACvsBBnAOB3AOB3PJ6iduoAIJOR/R2AA4fYhYuPYAAAI/07gAAEckAAAAYXdZ8qIul8kC59DlWzvZGg2HgyWq5TTzI5eCBX+b4rOtlNK6De0p25yeZD+zppY5PY0J7qrKAdHUeeF3UHj1ylFzjt1Rmd3NTamf59uxn7SfMPD2MzsMvqzC3/v4c8lsoRo87psmW/SD7K37afSBntGPnC66kGDc1ZXdLWwI8LrPMLovsorJvwQfVNtyXmNVmD13h2BMy+roSJcrInAAAEMmOPYIsoAIsoEQl+ayxOUkABFJQDx7ACN3PQAPHsAAAACHMAACLKHj50Of32CJLBCJqptgcDuA4dwAiSyJLA4ciR0AAAAABntDXGbmTpplvN6Ke7+2ZnVyPzvXeLYzci+EOHdxzNz+d4VvqzFJQbqsKLb19ufn158llbwtJ5l1/wCSDE0wp5sz2Yiysp5Gh20QiVV/nzU0ulpCliajwXWP2kAxOg79Ct9T7AztFvqog6qFamLaWIZi0nzDHbWNbGTnx7Exmzh3JR5PWeTR5LYZko5Nz2PfK7pyqhaGuIX2++lNrc5pzD28kUffpOKzr3tCcARiShTQAAAgTwAgzgUhdqW6Dj1PoAACvsAQScAAAgTw8cCUAAQCeAA4cCcAr7AAAHE7IE8AEYkuHcAHM6PHsAAAAZ7Q0BU62h0Z+e3lxzKSNooZUbKJZmD66TwZ2k30Ar9QhlxidtXmcrNvEM5r+FofnUjSdTLSreyK+Bfwyl+3E4zPmVeHinu45UVmnoTQ0etpTPRdnCLrI7OtKSPruBnOlhEOq07mer9ZUHPrdiupdZyJOX09WZ2DtYREh3PcqrLvZFLS6niZ2BpJBRdr2KWOT3GZIne2+FBzt7MoImm5lHaz68hZr9GqiqlXXYlgAEYkvEYmOPw7uHU9I1OaFw9HV55HdF7HRHhlojdDqjQy1Rex0cfh3RhJc+RJRux7Rup0eORIcPJJeYxLcO4RvJLR/Z1cagvSMSXEdnjydUbodUYSUaOWLhzJbzwJKNVl64jsQyYqvZZI/gluHQ9uVaW6nsTu5+TsheSeBltTwMT211WRY999Kr7feDNcNBIMnNv/AAVfe1imdiaWxKHlpRjOl3OK+l0vkzfC+tT
			`},`
			`{`
			`"type": "observed-data",`
			`"spec_version": "2.1",`
			`"id": "observed-data--5bc052eb-5368-4531-bcaf-4cf7950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2018-10-12T07:53:15.000Z",`
			`"modified": "2018-10-12T07:53:15.000Z",`
			`"first_observed": "2018-10-12T07:53:15Z",`
			`"last_observed": "2018-10-12T07:53:15Z",`
			`"number_observed": 1,`
			`"object_refs": [`
			`"file--5bc052eb-5368-4531-bcaf-4cf7950d210f",`
			`"artifact--5bc052eb-5368-4531-bcaf-4cf7950d210f"`
			`],`
			`"labels": [`
			`"misp:type=\"attachment\"",`
			`"misp:category=\"Payload delivery\""`
			`]`
			`},`
			`{`
			`"type": "file",`
			`"spec_version": "2.1",`
			`"id": "file--5bc052eb-5368-4531-bcaf-4cf7950d210f",`
			`"name": "english-version.jpg",`
			`"content_ref": "artifact--5bc052eb-5368-4531-bcaf-4cf7950d210f"`
			`},`
			`{`
			`"type": "artifact",`
			`"spec_version": "2.1",`
			`"id": "artifact--5bc052eb-5368-4531-bcaf-4cf7950d210f",`
			"payload_bin": "/9j/4QCsRXhpZgAASUkqAAgAAAADADEBAgAcAAAAMgAAADIBAgAaAAAATgAAAGmHBAABAAAAaAAAAAAAAABBZG9iZSBQaG90b3Nob3AgQ1M1IFdpbmRvd3MAMjAxOC0xMC0xMVQxNzo0NDo0MC0wNDowMAAEAACQBwAEAAAAMDIyMAmSAwABAAAA4TQAAAKgBAABAAAAQQQAAAOgBAABAAAAtAEAAAAAAAC0AQAAAAD/7AARRHVja3kAAQAEAAAAPAAA/+ED72h0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC8APD94cGFja2V0IGJlZ2luPSLvu78iIGlkPSJXNU0wTXBDZWhpSHpyZVN6TlRjemtjOWQiPz4gPHg6eG1wbWV0YSB4bWxuczp4PSJhZG9iZTpuczptZXRhLyIgeDp4bXB0az0iQWRvYmUgWE1QIENvcmUgNS4wLWMwNjAgNjEuMTM0Nzc3LCAyMDEwLzAyLzEyLTE3OjMyOjAwICAgICAgICAiPiA8cmRmOlJERiB4bWxuczpyZGY9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkvMDIvMjItcmRmLXN5bnRheC1ucyMiPiA8cmRmOkRlc2NyaXB0aW9uIHJkZjphYm91dD0iIiB4bWxuczp4bXA9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC8iIHhtbG5zOmRjPSJodHRwOi8vcHVybC5vcmcvZGMvZWxlbWVudHMvMS4xLyIgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9tbS8iIHhtbG5zOnN0UmVmPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVzb3VyY2VSZWYjIiB4bXA6Q3JlYXRvclRvb2w9IkFkb2JlIFBob3Rvc2hvcCBDUzUgV2luZG93cyIgeG1wOkNyZWF0ZURhdGU9IjIwMTgtMTAtMTFUMDk6MzY6NTYtMDQ6MDAiIHhtcDpNb2RpZnlEYXRlPSIyMDE4LTEwLTExVDE3OjQ0OjQwLTA0OjAwIiB4bXA6TWV0YWRhdGFEYXRlPSIyMDE4LTEwLTExVDE3OjQ0OjQwLTA0OjAwIiBkYzpmb3JtYXQ9ImltYWdlL2pwZWciIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6REI1QzREQjdDRDlFMTFFOEEyM0NDNUIwNkEyNDRFNjEiIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6REI1QzREQjhDRDlFMTFFOEEyM0NDNUIwNkEyNDRFNjEiPiA8eG1wTU06RGVyaXZlZEZyb20gc3RSZWY6aW5zdGFuY2VJRD0ieG1wLmlpZDpEQjVDNERCNUNEOUUxMUU4QTIzQ0M1QjA2QTI0NEU2MSIgc3RSZWY6ZG9jdW1lbnRJRD0ieG1wLmRpZDpEQjVDNERCNkNEOUUxMUU4QTIzQ0M1QjA2QTI0NEU2MSIvPiA8L3JkZjpEZXNjcmlwdGlvbj4gPC9yZGY6UkRGPiA8L3g6eG1wbWV0YT4gPD94cGFja2V0IGVuZD0iciI/Pv/iCXRJQ0NfUFJPRklMRQABAQAACWQAAAAAAgAAAG1udHJSR0IgWFlaIAfUAAwAFwAJAAEACWFjc3BNU0ZUAAAAAFNFQyBGUEQgAAAAAAAAAAAAAAABAAD21QABAAAAANMsU0VDIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADWNwcnQAAAEgAAAAOGRlc2MAAAFYAAAAgGRtbmQAAAHYAAAAemRtZGQAAAJUAAAAYnJYWVoAAAK4AAAAFGdYWVoAAALMAAAAFGJYWVoAAALgAAAAFHd0cHQAAAL0AAAAFHJUUkMAAAMIAAACDGdUUkMAAAUUAAACDGJUUkMAAAcgAAACDGNhbHQAAAksAAAAFHZpZXcAAAlAAAAAJHRleHQAAAAAQ29weXJpZ2h0IChjKSAyMDAzIFNhbXN1bmcgRWxlY3Ryb25pY3MgQ28uLCBMdGQAZGVzYwAAAAAAAAAkU2Ftc3VuZyAtIE5hdHVyYWwgQ29sb3IgUHJvIDEuMCBJQ00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABkZXNjAAAAAAAAAB1TYW1zdW5nIEVsZWN0cm9uaWNzIENvLiwgTHRkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZGVzYwAAAAAAAAAFICAgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhZWiAAAAAAAAB8NAAAQwwAAAHTWFlaIAAAAAAAAFVBAACkJgAAGFZYWVogAAAAAAAAJWAAABjRAAC5A1hZWiAAAAAAAADzPgABAAAAARZwY3VydgAAAAAAAAEAAAAAAAABAAMABwALABEAGAAgACkANABBAE4AXQBuAIAAlACpAMAA2ADyAQ0BKgFJAWkBiwGvAdQB+wIkAk8CewKpAtkDCgM9A3IDqQPiBBwEWQSXBNcFGQVdBaIF6gYzBn4GywcaB2sHvggTCGoIwwkdCXoJ2Qo5CpwLAQtnC9AMOgynDRYNhg35Dm4O5Q9eD9kQVhDVEVYR2RJeEuYTbxP7FIkVGRWqFj8W1RdtGAgYpBlDGeQahxssG9Qcfh0pHdcehx86H+4gpSFeIhki1yOWJFglHCXjJqsndihDKRIp5Cq3K44sZi1ALh0u/C/eMMExpzKQM3o0ZzVWNkg3PDgyOSo6JTsiPCE9Iz4nPy5ANkFBQk9DX0RxRYVGnEe1SNFJ70sPTDJNV05/T6lQ1VIEUzVUaFWeVtdYEVlOWo5b0F0UXltfpGDwYj5jj2TiZjdnj2jpakZrpW0Hbmtv0nE7cqd0FXWFdvh4bnnme2B83X5df9+BY4LqhHOF/4eOiR+KsoxIjeGPfJEZkrmUXJYBl6mZU5sAnK+eYaAVocyjhqVCpwGowqqFrEyuFa/gsa6zf7VStyi5ALrbvLi+mMB7wmDESMYyyCDKD8wBzfbP7tHo0+XV5Nfm2erb8d374AjiF+Qo5j3oVOpt7InuqPDK8u71Ffc++Wr7mf3K//9jdXJ2AAAAAAAAAQAAAAAAAAEAAwAHAAsAEQAYACAAKQA0AEEATgBdAG4AgACUAKkAwADYAPIBDQEqAUkBaQGLAa8B1AH7AiQCTwJ7AqkC2QMKAz0DcgOpA+IEHARZBJcE1wUZBV0FogXqBjMGfgbLBxoHawe+CBMIagjDCR0JegnZCjkKnAsBC2cL0Aw6DKcNFg2GDfkObg7lD14P2RBWENURVhHZEl4S5hNvE/sUiRUZFaoWPxbVF20YCBikGUMZ5BqHGywb1Bx+HSkd1x6HHzof7iClIV4iGSLXI5YkWCUcJeMmqyd2KEMpEinkKrcrjixmLUAuHS78L94wwTGnMpAzejRnNVY2SDc8ODI5KjolOyI8IT0jPic/LkA2QUFCT0NfRHFFhUacR7VI0UnvSw9MMk1XTn9PqVDVUgRTNVRoVZ5W11gRWU5ajlvQXRReW1+kYPBiPmOPZOJmN2ePaOlqRmulbQdua2/ScTtyp3QVdYV2+HhueeZ7YHzdfl1/34FjguqEc4X/h46JH4qyjEiN4Y98kRmSuZRclgGXqZlTmwCcr55hoBWhzKOGpUKnAajCqoWsTK4Vr+CxrrN/tVK3KLkAutu8uL6YwHvCYMRIxjLIIMoPzAHN9s/u0ejT5dXk1+bZ6tvx3fvgCOIX5CjmPehU6m3sie6o8Mry7vUV9z75avuZ/cr//2N1cnY
			`},`
			`{`
			`"type": "x-misp-attribute",`
			`"spec_version": "2.1",`
			`"id": "x-misp-attribute--5bc054b9-7080-4bad-95cc-54b3950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2018-10-12T08:12:29.000Z",`
			`"modified": "2018-10-12T08:12:29.000Z",`
			`"labels": [`
			`"misp:type=\"text\"",`
			`"misp:category=\"External analysis\"",`
			`"osint:source-type=\"blog-post\""`
			`],`
			`"x_misp_category": "External analysis",`
			`"x_misp_type": "text",`
			"x_misp_value": "Sextortion scams are when an attacker sends emails to people stating that their computer is hacked and that the attackers have been recording the screen and webcam as the user visits adult sites. The scammers then blackmail the recipients by stating they will release the videos if they do not receive a payment in bitcoins.\r\n\r\nIn the past, the sextortion emails would just include a target's password that the attackers found from a data breach dump in order to scare the victim into thinking that the threats were real. Now the scammers are also pretending to have access to the target's email account by spoofing the sender of the scam email to be the same email as the victim.\r\n\r\nThese scams have become very profitable, with scammers making over $50K in one week, and this new variant is no different. According to reporting by Dani\u00ebl Verlaan, this new variant was first seen targeting victims in the Netherlands where the scammers made \u20ac40,000.\r\n\r\nAfter learning about this new campaign, a security researcher known as SecGuru, who has been monitoring these scams, found a similar variant in English. SecGuru told BleepingComputer that the subject of these emails is \"[email address] + 48 hours to pay\".\r\n\r\nFor example, if my email address was example@example.com, the subject of the sextortion email would read \"example@example.com 48 hours to pay\" and sender of the email would be my own email account."
			`},`
			`{`
			`"type": "marking-definition",`
			`"spec_version": "2.1",`
			`"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",`
			`"created": "2017-01-20T00:00:00.000Z",`
			`"definition_type": "tlp",`
			`"name": "TLP:WHITE",`
			`"definition": {`
			`"tlp": "white"`
			`}`
			`}`
			`]`
			`}`