misp-circl-feed/feeds/circl/stix-2.1/5cae46c1-c198-49cb-9036-4a34950d210f.json

6082 lines
677 KiB
JSON
Raw Permalink Normal View History

2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--5cae46c1-c198-49cb-9036-4a34950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-09-09T11:00:08.000Z",
"modified": "2021-09-09T11:00:08.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5cae46c1-c198-49cb-9036-4a34950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-09-09T11:00:08.000Z",
"modified": "2021-09-09T11:00:08.000Z",
"name": "Malware Analysis Report (AR19-100A) MAR-10135536-8 \u00e2\u20ac\u201c North Korean Trojan: HOPLIGHT MAR-10135536.r8.v1",
"published": "2021-09-09T11:01:32Z",
"object_refs": [
"x-misp-attribute--5e467348-32d1-47d4-9a18-f52265ff5294",
"x-misp-attribute--7cc187fb-ca19-4786-bc4c-902f8197c54a",
"x-misp-attribute--c8a6e23e-304b-4bc4-a895-0856488ba1e5",
"x-misp-attribute--aef17f31-c143-4862-8e5e-afb944ec51d6",
"x-misp-attribute--4205f3b8-0878-4286-9fc0-b98718e3a838",
"x-misp-attribute--8c604b84-78ae-40cc-af41-6a39ccf913dc",
"x-misp-attribute--66c7ad51-1cfe-413e-8697-a15d695c883c",
"x-misp-attribute--ccf4f3c2-365f-4c77-a640-d7f86a8e8244",
"x-misp-attribute--13b173ea-f663-487b-962c-68c963883a85",
"x-misp-attribute--18c83f34-ed5a-4e61-a1dd-ef01bfd7e82e",
"x-misp-attribute--4fc843e5-e45e-4727-b4f4-5b377860c252",
"x-misp-attribute--47f96d91-741d-4458-a13b-9d2f57bdf6ed",
"observed-data--5e64eddb-9dc7-4976-9c08-4884f931c92e",
"network-traffic--5e64eddb-9dc7-4976-9c08-4884f931c92e",
"ipv4-addr--5e64eddb-9dc7-4976-9c08-4884f931c92e",
"observed-data--0031ec2d-46ed-4835-93ef-e6b868a26e40",
"network-traffic--0031ec2d-46ed-4835-93ef-e6b868a26e40",
"ipv4-addr--0031ec2d-46ed-4835-93ef-e6b868a26e40",
"observed-data--9b5d58a8-fedd-424b-9e95-1fa9dee6113b",
"network-traffic--9b5d58a8-fedd-424b-9e95-1fa9dee6113b",
"ipv4-addr--9b5d58a8-fedd-424b-9e95-1fa9dee6113b",
"observed-data--a7455d44-d858-472a-96ee-edea677be659",
"network-traffic--a7455d44-d858-472a-96ee-edea677be659",
"ipv4-addr--a7455d44-d858-472a-96ee-edea677be659",
"observed-data--aa8e532e-3b80-47e4-bb04-22d666a10bd7",
"network-traffic--aa8e532e-3b80-47e4-bb04-22d666a10bd7",
"ipv4-addr--aa8e532e-3b80-47e4-bb04-22d666a10bd7",
"observed-data--3d25e903-29f5-4b88-bf80-bd6bd8a9616b",
"network-traffic--3d25e903-29f5-4b88-bf80-bd6bd8a9616b",
"ipv4-addr--3d25e903-29f5-4b88-bf80-bd6bd8a9616b",
"observed-data--bc976e66-b5d6-464d-9adc-0d53da3ec01a",
"network-traffic--bc976e66-b5d6-464d-9adc-0d53da3ec01a",
"ipv4-addr--bc976e66-b5d6-464d-9adc-0d53da3ec01a",
"observed-data--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3",
"network-traffic--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3",
"ipv4-addr--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3",
"observed-data--dfa5812c-f91e-42b8-811d-718121a46fd9",
"network-traffic--dfa5812c-f91e-42b8-811d-718121a46fd9",
"ipv4-addr--dfa5812c-f91e-42b8-811d-718121a46fd9",
"observed-data--930261a1-dfbe-4f99-957b-27f14a50a397",
"network-traffic--930261a1-dfbe-4f99-957b-27f14a50a397",
"ipv4-addr--930261a1-dfbe-4f99-957b-27f14a50a397",
"observed-data--4fb3c39a-2c59-46d9-be12-028f54e577c9",
"network-traffic--4fb3c39a-2c59-46d9-be12-028f54e577c9",
"ipv4-addr--4fb3c39a-2c59-46d9-be12-028f54e577c9",
"observed-data--e773193c-a490-442a-a41f-63e402cf3865",
"network-traffic--e773193c-a490-442a-a41f-63e402cf3865",
"ipv4-addr--e773193c-a490-442a-a41f-63e402cf3865",
"observed-data--d959b41a-72bb-478a-b453-5dfac6fe0dc1",
"network-traffic--d959b41a-72bb-478a-b453-5dfac6fe0dc1",
"ipv4-addr--d959b41a-72bb-478a-b453-5dfac6fe0dc1",
"observed-data--378c38f0-377c-4626-949c-5eaa0a6367ae",
"network-traffic--378c38f0-377c-4626-949c-5eaa0a6367ae",
"ipv4-addr--378c38f0-377c-4626-949c-5eaa0a6367ae",
"observed-data--206ae99c-1cda-41e0-a81f-8e0e8c433156",
"network-traffic--206ae99c-1cda-41e0-a81f-8e0e8c433156",
"ipv4-addr--206ae99c-1cda-41e0-a81f-8e0e8c433156",
"indicator--eea5fb73-96a6-4aae-9d36-74cdbefbe4e7",
"indicator--adad988c-643d-4c25-a6fb-50d3e07c62e6",
"indicator--7e8543c5-336f-4337-a217-c88bf569d8c6",
"indicator--70971c87-fa69-4300-882e-5ce6e256496f",
"indicator--6e32e619-e0ca-4e75-b7dc-01f5d1917d9a",
"indicator--2dd85ad6-0987-4542-822b-df9e89eb9e65",
"indicator--2612714e-52b6-481c-8fb6-75d5b889548b",
"indicator--6ab25fb7-8818-49cc-9ace-c227806fe342",
"indicator--27db0397-2a1b-429b-8bae-d0427d55c164",
"indicator--f431fcf2-94fe-495a-8fe2-f39c15e442f2",
"observed-data--9379eade-cf5a-477a-a8b4-6eb2199c340b",
"file--9379eade-cf5a-477a-a8b4-6eb2199c340b",
"observed-data--22effacf-e4e2-4e50-b638-8246fd0e093e",
"file--22effacf-e4e2-4e50-b638-8246fd0e093e",
"observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9",
"file--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9",
"x-misp-object--3dacf4c2-9dfc-46e4-8617-4786537e8ae8",
"x-misp-object--fca17017-c7b9-4985-ae07-bf616a36f172",
"x-misp-object--16d9cbf2-43e4-4e6f-adf5-ec883d2e5091",
"x-misp-object--2c63c35f-d552-4324-a60b-ecf98f7cfd99",
"observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca",
"file--f7d0f16d-6367-4770-ae6e-db03c68a82ca",
"observed-data--e245ed73-c585-4e0b-9190-38647d7f215d",
"file--e245ed73-c585-4e0b-9190-38647d7f215d",
"observed-data--ebf0b816-7fdf-425a-8298-134f91e7cdf2",
"file--ebf0b816-7fdf-425a-8298-134f91e7cdf2",
"x-misp-object--26db93d0-b8c2-48c0-9068-e8ddce10b2ac",
"observed-data--6c10ee1b-a1c9-414d-92cc-8574decc8af4",
"file--6c10ee1b-a1c9-414d-92cc-8574decc8af4",
"observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90",
"file--02f5bf02-c1ac-4142-be6b-978554a19a90",
"x-misp-object--5e26a8e6-9554-46b4-9b95-e31d69198ea6",
"x-misp-object--f08a32dc-ddbc-4164-8f6d-a564d7a7e31c",
"x-misp-object--6e01219a-94b3-47e9-86c4-7f770ccb0fbb",
"x-misp-object--d3914c3e-70f1-4dc8-9748-009b973cacc2",
"x-misp-object--b5d6f570-a5ec-4760-8d47-ae9c8d2533b6",
"x-misp-object--2ba66826-3848-41e9-a0b0-18433680ff80",
"x-misp-object--955a399e-186e-4973-b937-eac9a78c3caa",
"x-misp-object--a5e80ae2-c3ea-4d96-ae64-9e67bb8823b8",
"x-misp-object--476563e7-aac9-4a76-b8d8-c33020d34baf",
"x-misp-object--5053da1b-c011-42ca-b739-3cf3d1a9e05e",
"observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2",
"file--d090d7bd-5ff5-4f00-be49-c6d7436144d2",
"observed-data--454b39cf-332b-4236-8015-6d343c883f40",
"file--454b39cf-332b-4236-8015-6d343c883f40",
"observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c",
"file--ec166754-a5ff-4729-ac26-ac79ce02133c",
"observed-data--dc846c76-af3d-4aab-ba62-ccc9a5582e5d",
"file--dc846c76-af3d-4aab-ba62-ccc9a5582e5d",
"observed-data--03272933-d90e-4e38-87fa-5490bd1c37d8",
"file--03272933-d90e-4e38-87fa-5490bd1c37d8",
"observed-data--ec5b0828-fc8e-4d29-9a2a-59806d987175",
"file--ec5b0828-fc8e-4d29-9a2a-59806d987175",
"x-misp-object--5cae46d6-3cf8-4a8c-9ffc-46e0950d210f",
"x-misp-object--b2d62cb5-8052-47f2-997e-dd4238004f97",
"x-misp-object--42d5dff2-e1f0-428f-a415-b83a757b7768",
"x-misp-object--a314859d-026b-4b02-bcf5-09d7e3c08026",
"x-misp-object--2fc2e78c-c6e8-424c-9ad7-e166e7737e9c",
"x-misp-object--603e0902-44f7-4457-9d0e-6246e8fce379",
"x-misp-object--1c222ada-8f9b-4a30-9cb1-fc81cd47dee8",
"x-misp-object--1cba5ef3-2f91-4b11-855e-9480c7fb943d",
"x-misp-object--c8b6f1f2-e727-4120-8d78-62dabe459c41",
"x-misp-object--e25a593a-6702-4694-90f3-f0858a21b5e1",
"x-misp-object--d0962325-2049-4b8a-9cc0-8597888ef490",
"x-misp-object--c6acfd6b-0a6a-40cc-8f76-c2fdf02f41d9",
"x-misp-object--292b76e3-83c8-4bb0-89c8-8105cf22899d",
"x-misp-object--ae92ce2a-cac9-4284-8ce9-641e2a6d948b",
"indicator--a10931bb-7045-47ad-bc16-e2684051e353",
"indicator--335302ab-5969-43ef-aae3-ded36c7331b5",
"indicator--d047f984-e129-4e7d-95f7-b3883eb4d380",
"indicator--738d6709-4996-4265-b9db-a44258b97eca",
"indicator--d158344a-e9a9-4e03-9832-fb1264c3d1aa",
"indicator--8ac82864-35d9-4232-ad60-e3e6fab47b66",
"indicator--c2881aa4-04fd-45b9-922b-93273fd2f4a7",
"indicator--ab715c6a-5b26-4280-a328-6d748e83e680",
"indicator--4bef19cc-01f6-4b03-9f08-6b51796cb5ca",
"indicator--cb4560bb-f70e-44a7-9496-1d7d017e9880",
"x-misp-object--6a82a81c-cc1c-4568-95e8-65da2aa8a8ec",
"x-misp-object--132d7802-77e5-432c-8cf6-7648b90e7acd",
"x-misp-object--51c3c827-4e60-4f91-b6b4-b1e99fab0df8",
"x-misp-object--a4f1d6f8-842e-42f9-8d2c-b69a2d04a1ea",
"x-misp-object--a61f2333-075a-4f7e-9145-b7e624c99d43",
"x-misp-object--904eab59-fca8-4005-ae01-fa802500e52c",
"x-misp-object--e02bda87-4522-4849-b60b-cd07a598b48f",
"x-misp-object--21bbfcf1-6d03-46ab-926e-8c513e3c9c6f",
"x-misp-object--23520dbd-c625-44d0-816a-fff60adf8c08",
"x-misp-object--8c51db87-a216-44c0-bd75-69239348d2a1",
"x-misp-object--b4eb4fd7-5fee-43e6-8ecd-63c87632d4c0",
"x-misp-object--d7d9f6b7-4b64-49a9-843a-a675d8130f4b",
"x-misp-object--b6b3a355-04df-468c-b334-3553062b12c7",
"x-misp-object--99a21cae-aca7-4dc5-a057-c31d995c3de7",
"x-misp-object--81b7d5fc-2afa-4313-b589-1773e410cd85",
"x-misp-object--b0039524-0831-4150-9367-0c01132e1f6d",
"x-misp-object--dbc2c668-6778-40ee-a1d2-0a8eed89d382",
"x-misp-object--08b33dc6-0d4c-4441-85b9-19177bfce17f",
"x-misp-object--cf24fa43-ec76-41ac-a2c9-c76a86ccd334",
"x-misp-object--06b00c8c-78e4-4833-a79a-c70ac79d8b25",
"x-misp-object--7b055b6f-f844-470b-958f-918ada8231bc",
"x-misp-object--3014952d-8c6c-47f4-9e95-a2e07d248668",
"x-misp-object--03f59ed6-d83e-4769-a8ac-611f258d0429",
"x-misp-object--681912d6-af0d-4b11-af8f-576123bb2ef7",
"x-misp-object--a2dfae6d-1e63-4f17-aa63-b82b363d2000",
"x-misp-object--cb37303a-fd4b-4a66-a6e8-ff5dffc84ac7",
"x-misp-object--737ccfd6-1e0e-494d-bcdc-5cbf6ae072f7",
"x-misp-object--d032374b-36e3-4c4b-895b-c3a776cb60c4",
"x-misp-object--9c760cfe-2e23-4e32-b35b-d7097fd4c799",
"x-misp-object--34135ff1-138a-4297-afe6-6e17271fbeec",
"x-misp-object--1435e56d-5f38-40c6-a7c7-d85df67a37ea",
"x-misp-object--b29bf9b8-09d1-41ec-8cf6-1556913a36b7",
"x-misp-object--409a8ca2-3740-4465-be76-e1ebed4570e6",
"x-misp-object--855ac261-1c2a-412b-8320-1aa8d22f8c33",
"x-misp-object--5760f7f9-6817-48fb-be8f-112dbd443f0a",
"x-misp-object--081fda7a-462f-411a-b541-1c85411baee2",
"x-misp-object--2c3e7740-a7bc-46d7-bed6-5da54b4327f0",
"x-misp-object--8e875ae8-911f-4dcd-b7bb-8a9072d3644e",
"x-misp-object--f4844fcb-3d68-4d09-8bbb-7619a0942846",
"x-misp-object--8da40bf6-a137-4af6-b7d2-4a6fec51aecd",
"x-misp-object--6f0934e5-279f-4bd3-93e1-b881f5c59504",
"x-misp-object--11f10ac7-5b61-4363-bd6a-59ac0b8fcc9e",
"x-misp-object--1b766990-d382-462f-a49c-1f5c53715ed4",
"x-misp-object--eb73eb8b-04c4-4e27-b803-b60d56347fec",
"x-misp-object--0145ba7f-231a-4fd8-aba1-438b70fae9fa",
"x-misp-object--f20d5f20-e19c-49e3-a2e0-d47a0e0b499e",
"x-misp-object--542776ab-dc9a-49f5-8504-4201f4eb85f7",
"x-misp-object--001f3b62-1dc5-46b7-a5d1-0d172470284f",
"x-misp-object--b144f1bb-4a25-4b2f-9e73-640f10889fec",
"x-misp-object--06738787-de97-4d46-b799-b0492c57d3e5",
"x-misp-object--6cd4ce4a-6876-4fc6-a865-3a078c3f63e8",
"x-misp-object--ac51556a-91c0-4267-9e61-de0a0dbabf05",
"x-misp-object--ea7cc58d-1fe6-4a0b-8070-4fe5b38cb690",
"x-misp-object--c57a6cf7-e544-4364-adba-a72ea3e6573f",
"x-misp-object--1746f20a-4522-4af5-b779-165a2b829958",
"x-misp-object--9500fb1e-bb08-45d5-a3eb-3b82f649c624",
"x-misp-object--0f41e5c5-7f40-44a1-885b-7f9597eb99f9",
"x-misp-object--2c0897ef-be21-4b08-a096-899c8545c0a6",
"x-misp-object--6fa43c7f-c294-43cf-8b40-d00655aaa96e",
"x-misp-object--ce21b7c4-404c-4a76-96c8-e50ba9773a30",
2024-08-07 08:13:15 +00:00
"relationship--05e1b177-1db7-47ca-8a7c-ae4472cedc6b",
"relationship--144dd0b1-094d-47b3-8128-041b1e0e9a2e",
"relationship--da1cb4fd-a201-4adb-8403-fe46e6e8f565",
"relationship--2643aa2b-ff05-4107-acdc-9536ee692c0d",
"relationship--8da3cc68-2668-43b9-bc75-87d1f19fcabc",
"relationship--382876a6-dee9-4d16-9b37-e24c7f35474d",
"relationship--22281002-f2f0-426f-92a1-7bbea03ba01e",
"relationship--070ebebc-c949-4189-950b-d4fba0520002",
"relationship--d30eb859-12cd-40eb-ba88-540ec74bc50e",
"relationship--6f7cf2ee-b82b-4dd4-8f1e-a658e55d9e2b",
"relationship--a9577516-3173-4b83-b48d-19e7d7249f8f",
"relationship--43d624cf-c80f-440c-b386-80bf42d18df5",
"relationship--d1768ae0-0578-4f0e-ba36-0375e774b26e",
"relationship--a26c30d4-2322-4630-85dd-f4362c730fe9",
"relationship--69632831-ed53-4372-a549-3868163161aa",
"relationship--a82af0aa-9992-45eb-9626-2db734b449d6",
"relationship--313bb8cc-d1ab-412e-bed4-1d111edcd1dd",
"relationship--adf3a474-37f8-4f92-86e4-fd0357813e65",
"relationship--b9688684-df4d-4352-8000-a8aa6af6679f",
"relationship--9f9edb40-83cc-47e4-9067-47398bd5c6b4",
"relationship--099ce63b-b513-43fd-b2a3-2649df615dac",
"relationship--34460dbb-e1b5-4867-b485-9824da4b6f0e",
"relationship--4b4e68b5-3daf-4a42-b4aa-fc6e02785f10",
"relationship--0cd17079-357d-4575-845a-1fe05253dbd5",
"relationship--67337b98-dce2-4a9a-a7d3-942cdd6e8ff9",
"relationship--d444c318-d2e5-4bc9-bfbb-04f0f4686b69",
"relationship--88237c4c-e86b-4f7d-a527-321be3eaecf8",
"relationship--3f2053aa-b036-46d5-b008-d19b2c6c391d",
"relationship--877ea53b-b231-407f-88ff-d8ac094a9488",
"relationship--389b4328-70a6-4af9-864b-54e786503037",
"relationship--ad856d0b-83d8-4395-9039-87a011bfd254",
"relationship--c2f6ba64-5fe0-4dce-92f5-01e44adbb1ef",
"relationship--faf1d97e-1661-4a94-95c0-d518d05b4821",
"relationship--c9da5526-c79d-4f18-8644-82dcf115bf0c",
"relationship--44624e65-1694-4722-8ad1-b5467f33ea72",
"relationship--ba2b3caa-0b6a-4231-a5cf-31d4f0e9603a",
"relationship--f9a598e7-c224-4060-b5da-860aa786202f",
"relationship--dd7597f0-fb1c-4386-b98e-56dcdeb0105f",
"relationship--c29a65fc-3166-4403-810a-614a16d42c73",
"relationship--09a7242c-ed43-4962-8137-ea0a933ac15c",
"relationship--006e2e08-b9ba-41f4-8442-9711d3125a27",
"relationship--0adb562b-5185-47f0-82bf-f608c070a376",
"relationship--99e65d47-ed19-4ce1-ade4-e4a9ab9013f8",
"relationship--e08ca098-168b-471a-b577-3bd29f10c389",
"relationship--6f0f61ef-f76a-4125-82d5-6f614f0e9441",
"relationship--ee6aa2cc-b314-4b04-b056-520a0b016aae",
"relationship--145e2935-3459-4df6-b544-98d9b5bb6015",
"relationship--6d00bf8c-a8c5-4598-8dfe-e7efc62faa74",
"relationship--ce7e0e24-e024-44d8-b375-d5c87f245426",
"relationship--d1dadc09-d175-495d-9a83-dc90cd34c4a6",
"relationship--1f5d1a76-767b-41f3-810e-78d71e9bcedc",
"relationship--4d3a918e-9bc7-496a-b71e-c01e1b1b6b50",
"relationship--f4738c3c-d47d-4d07-8bea-bfd8407fe180",
"relationship--53097655-841b-4969-b159-91cbc4c66394",
"relationship--3a118909-7b09-46e9-b192-247b16c742d0",
"relationship--526af43b-b7fa-4fb8-a24e-6d2e769b6d08",
"relationship--4d47bf2f-665c-4238-be30-6cf1ff9bfb50",
"relationship--75410ac6-751a-4995-a8c9-235f0256962a",
"relationship--d5e9496e-1cf6-4fe2-8f76-a14e7fade55e",
"relationship--7f1d24c7-5d36-4412-9387-8f948b78e255",
"relationship--7755b50d-ed8d-4c08-b386-7a5124ccd4fd",
"relationship--801450e8-9347-4846-89bf-44bf18aa2de1",
"relationship--6d6b11e7-1b19-4737-907c-9f7c8687a3a6",
"relationship--57a22479-6d7f-40b3-ac18-e984a096ee8c",
"relationship--bdc7d799-4d71-4e63-aa41-a77012df1949"
2023-04-21 14:44:17 +00:00
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\"",
"misp-galaxy:mitre-enterprise-attack-intrusion-set=\"Lazarus Group\"",
"misp-galaxy:mitre-intrusion-set=\"Lazarus Group\"",
"misp-galaxy:threat-actor=\"COVELLITE\"",
"misp-galaxy:threat-actor=\"Lazarus Group\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5e467348-32d1-47d4-9a18-f52265ff5294",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"labels": [
"misp:type=\"port\"",
"misp:category=\"Network activity\""
],
"x_misp_category": "Network activity",
"x_misp_type": "port",
"x_misp_value": "7443"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--7cc187fb-ca19-4786-bc4c-902f8197c54a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"labels": [
"misp:type=\"port\"",
"misp:category=\"Network activity\""
],
"x_misp_category": "Network activity",
"x_misp_type": "port",
"x_misp_value": "443"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--c8a6e23e-304b-4bc4-a895-0856488ba1e5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"labels": [
"misp:type=\"port\"",
"misp:category=\"Network activity\""
],
"x_misp_category": "Network activity",
"x_misp_type": "port",
"x_misp_value": "23164"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--aef17f31-c143-4862-8e5e-afb944ec51d6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"labels": [
"misp:type=\"port\"",
"misp:category=\"Network activity\""
],
"x_misp_category": "Network activity",
"x_misp_type": "port",
"x_misp_value": "59681"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--4205f3b8-0878-4286-9fc0-b98718e3a838",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"labels": [
"misp:type=\"port\"",
"misp:category=\"Network activity\""
],
"x_misp_category": "Network activity",
"x_misp_type": "port",
"x_misp_value": "23397"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--8c604b84-78ae-40cc-af41-6a39ccf913dc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"labels": [
"misp:type=\"port\"",
"misp:category=\"Network activity\""
],
"x_misp_category": "Network activity",
"x_misp_type": "port",
"x_misp_value": "59067"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--66c7ad51-1cfe-413e-8697-a15d695c883c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"labels": [
"misp:type=\"port\"",
"misp:category=\"Network activity\""
],
"x_misp_category": "Network activity",
"x_misp_type": "port",
"x_misp_value": "17770"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--ccf4f3c2-365f-4c77-a640-d7f86a8e8244",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"labels": [
"misp:type=\"port\"",
"misp:category=\"Network activity\""
],
"x_misp_category": "Network activity",
"x_misp_type": "port",
"x_misp_value": "2248"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--13b173ea-f663-487b-962c-68c963883a85",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"labels": [
"misp:type=\"port\"",
"misp:category=\"Network activity\""
],
"x_misp_category": "Network activity",
"x_misp_type": "port",
"x_misp_value": "64694"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--18c83f34-ed5a-4e61-a1dd-ef01bfd7e82e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"labels": [
"misp:type=\"port\"",
"misp:category=\"Network activity\""
],
"x_misp_category": "Network activity",
"x_misp_type": "port",
"x_misp_value": "37120"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--4fc843e5-e45e-4727-b4f4-5b377860c252",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"labels": [
"misp:type=\"port\"",
"misp:category=\"Network activity\""
],
"x_misp_category": "Network activity",
"x_misp_type": "port",
"x_misp_value": "52884"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--47f96d91-741d-4458-a13b-9d2f57bdf6ed",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"labels": [
"misp:type=\"port\"",
"misp:category=\"Network activity\""
],
"x_misp_category": "Network activity",
"x_misp_type": "port",
"x_misp_value": "65292"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5e64eddb-9dc7-4976-9c08-4884f931c92e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"first_observed": "2019-04-10T19:40:49Z",
"last_observed": "2019-04-10T19:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--5e64eddb-9dc7-4976-9c08-4884f931c92e",
"ipv4-addr--5e64eddb-9dc7-4976-9c08-4884f931c92e"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--5e64eddb-9dc7-4976-9c08-4884f931c92e",
"dst_ref": "ipv4-addr--5e64eddb-9dc7-4976-9c08-4884f931c92e",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--5e64eddb-9dc7-4976-9c08-4884f931c92e",
"value": "112.175.92.57"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--0031ec2d-46ed-4835-93ef-e6b868a26e40",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"first_observed": "2019-04-10T19:40:49Z",
"last_observed": "2019-04-10T19:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--0031ec2d-46ed-4835-93ef-e6b868a26e40",
"ipv4-addr--0031ec2d-46ed-4835-93ef-e6b868a26e40"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--0031ec2d-46ed-4835-93ef-e6b868a26e40",
"dst_ref": "ipv4-addr--0031ec2d-46ed-4835-93ef-e6b868a26e40",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--0031ec2d-46ed-4835-93ef-e6b868a26e40",
"value": "84.49.242.125"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--9b5d58a8-fedd-424b-9e95-1fa9dee6113b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"first_observed": "2019-04-10T19:40:49Z",
"last_observed": "2019-04-10T19:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--9b5d58a8-fedd-424b-9e95-1fa9dee6113b",
"ipv4-addr--9b5d58a8-fedd-424b-9e95-1fa9dee6113b"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--9b5d58a8-fedd-424b-9e95-1fa9dee6113b",
"dst_ref": "ipv4-addr--9b5d58a8-fedd-424b-9e95-1fa9dee6113b",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--9b5d58a8-fedd-424b-9e95-1fa9dee6113b",
"value": "81.94.192.147"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--a7455d44-d858-472a-96ee-edea677be659",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"first_observed": "2019-04-10T19:40:49Z",
"last_observed": "2019-04-10T19:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--a7455d44-d858-472a-96ee-edea677be659",
"ipv4-addr--a7455d44-d858-472a-96ee-edea677be659"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--a7455d44-d858-472a-96ee-edea677be659",
"dst_ref": "ipv4-addr--a7455d44-d858-472a-96ee-edea677be659",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--a7455d44-d858-472a-96ee-edea677be659",
"value": "128.200.115.228"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--aa8e532e-3b80-47e4-bb04-22d666a10bd7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"first_observed": "2019-04-10T19:40:49Z",
"last_observed": "2019-04-10T19:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--aa8e532e-3b80-47e4-bb04-22d666a10bd7",
"ipv4-addr--aa8e532e-3b80-47e4-bb04-22d666a10bd7"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--aa8e532e-3b80-47e4-bb04-22d666a10bd7",
"dst_ref": "ipv4-addr--aa8e532e-3b80-47e4-bb04-22d666a10bd7",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--aa8e532e-3b80-47e4-bb04-22d666a10bd7",
"value": "47.206.4.145"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--3d25e903-29f5-4b88-bf80-bd6bd8a9616b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"first_observed": "2019-04-10T19:40:49Z",
"last_observed": "2019-04-10T19:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--3d25e903-29f5-4b88-bf80-bd6bd8a9616b",
"ipv4-addr--3d25e903-29f5-4b88-bf80-bd6bd8a9616b"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--3d25e903-29f5-4b88-bf80-bd6bd8a9616b",
"dst_ref": "ipv4-addr--3d25e903-29f5-4b88-bf80-bd6bd8a9616b",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--3d25e903-29f5-4b88-bf80-bd6bd8a9616b",
"value": "70.224.36.194"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--bc976e66-b5d6-464d-9adc-0d53da3ec01a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"first_observed": "2019-04-10T19:40:49Z",
"last_observed": "2019-04-10T19:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--bc976e66-b5d6-464d-9adc-0d53da3ec01a",
"ipv4-addr--bc976e66-b5d6-464d-9adc-0d53da3ec01a"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--bc976e66-b5d6-464d-9adc-0d53da3ec01a",
"dst_ref": "ipv4-addr--bc976e66-b5d6-464d-9adc-0d53da3ec01a",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--bc976e66-b5d6-464d-9adc-0d53da3ec01a",
"value": "197.211.212.59"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"first_observed": "2019-04-10T19:40:49Z",
"last_observed": "2019-04-10T19:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3",
"ipv4-addr--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3",
"dst_ref": "ipv4-addr--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3",
"value": "113.114.117.122"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--dfa5812c-f91e-42b8-811d-718121a46fd9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"first_observed": "2019-04-10T19:40:49Z",
"last_observed": "2019-04-10T19:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--dfa5812c-f91e-42b8-811d-718121a46fd9",
"ipv4-addr--dfa5812c-f91e-42b8-811d-718121a46fd9"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--dfa5812c-f91e-42b8-811d-718121a46fd9",
"dst_ref": "ipv4-addr--dfa5812c-f91e-42b8-811d-718121a46fd9",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--dfa5812c-f91e-42b8-811d-718121a46fd9",
"value": "21.252.107.198"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--930261a1-dfbe-4f99-957b-27f14a50a397",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"first_observed": "2019-04-10T19:40:49Z",
"last_observed": "2019-04-10T19:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--930261a1-dfbe-4f99-957b-27f14a50a397",
"ipv4-addr--930261a1-dfbe-4f99-957b-27f14a50a397"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--930261a1-dfbe-4f99-957b-27f14a50a397",
"dst_ref": "ipv4-addr--930261a1-dfbe-4f99-957b-27f14a50a397",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--930261a1-dfbe-4f99-957b-27f14a50a397",
"value": "81.94.192.10"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--4fb3c39a-2c59-46d9-be12-028f54e577c9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"first_observed": "2019-04-10T19:40:49Z",
"last_observed": "2019-04-10T19:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--4fb3c39a-2c59-46d9-be12-028f54e577c9",
"ipv4-addr--4fb3c39a-2c59-46d9-be12-028f54e577c9"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--4fb3c39a-2c59-46d9-be12-028f54e577c9",
"dst_ref": "ipv4-addr--4fb3c39a-2c59-46d9-be12-028f54e577c9",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--4fb3c39a-2c59-46d9-be12-028f54e577c9",
"value": "186.169.2.237"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--e773193c-a490-442a-a41f-63e402cf3865",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"first_observed": "2019-04-10T19:40:49Z",
"last_observed": "2019-04-10T19:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--e773193c-a490-442a-a41f-63e402cf3865",
"ipv4-addr--e773193c-a490-442a-a41f-63e402cf3865"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--e773193c-a490-442a-a41f-63e402cf3865",
"dst_ref": "ipv4-addr--e773193c-a490-442a-a41f-63e402cf3865",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--e773193c-a490-442a-a41f-63e402cf3865",
"value": "181.39.135.126"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--d959b41a-72bb-478a-b453-5dfac6fe0dc1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"first_observed": "2019-04-10T19:40:49Z",
"last_observed": "2019-04-10T19:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--d959b41a-72bb-478a-b453-5dfac6fe0dc1",
"ipv4-addr--d959b41a-72bb-478a-b453-5dfac6fe0dc1"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--d959b41a-72bb-478a-b453-5dfac6fe0dc1",
"dst_ref": "ipv4-addr--d959b41a-72bb-478a-b453-5dfac6fe0dc1",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--d959b41a-72bb-478a-b453-5dfac6fe0dc1",
"value": "97.90.44.200"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--378c38f0-377c-4626-949c-5eaa0a6367ae",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"first_observed": "2019-04-10T19:40:49Z",
"last_observed": "2019-04-10T19:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--378c38f0-377c-4626-949c-5eaa0a6367ae",
"ipv4-addr--378c38f0-377c-4626-949c-5eaa0a6367ae"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--378c38f0-377c-4626-949c-5eaa0a6367ae",
"dst_ref": "ipv4-addr--378c38f0-377c-4626-949c-5eaa0a6367ae",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--378c38f0-377c-4626-949c-5eaa0a6367ae",
"value": "26.165.218.44"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--206ae99c-1cda-41e0-a81f-8e0e8c433156",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"first_observed": "2019-04-10T19:40:49Z",
"last_observed": "2019-04-10T19:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--206ae99c-1cda-41e0-a81f-8e0e8c433156",
"ipv4-addr--206ae99c-1cda-41e0-a81f-8e0e8c433156"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--206ae99c-1cda-41e0-a81f-8e0e8c433156",
"dst_ref": "ipv4-addr--206ae99c-1cda-41e0-a81f-8e0e8c433156",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--206ae99c-1cda-41e0-a81f-8e0e8c433156",
"value": "137.139.135.151"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--eea5fb73-96a6-4aae-9d36-74cdbefbe4e7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"pattern": "[file:hashes.MD5 = '23e27e5482e3f55bf828dab885569033' AND file:hashes.SHA1 = '139b25e1ae32a8768238935a8c878bfbe2f89ef4' AND file:hashes.SHA256 = '05feed9762bc46b47a7dc5c469add9f163c16df4ddaafe81983a628da5714461']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-04-10T19:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--adad988c-643d-4c25-a6fb-50d3e07c62e6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"pattern": "[file:hashes.MD5 = '5c3898ac7670da30cf0b22075f3e8ed6' AND file:hashes.SHA1 = '91110c569a48b3ba92d771c5666a05781fdd6a57' AND file:hashes.SHA256 = '2151c1977b4555a1761c12f151969f8e853e26c396fa1a7b74ccbaf3a48f4525']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-04-10T19:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7e8543c5-336f-4337-a217-c88bf569d8c6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"pattern": "[file:hashes.MD5 = 'c5dc53a540abe95e02008a04a0d56d6c' AND file:hashes.SHA1 = '4cfe9e353b1a91a2add627873846a3ad912ea96b' AND file:hashes.SHA256 = '4c372df691fc699552f81c3d3937729f1dde2a2393f36c92ccc2bd2a033a0818']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-04-10T19:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--70971c87-fa69-4300-882e-5ce6e256496f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:49.000Z",
"modified": "2019-04-10T19:40:49.000Z",
"pattern": "[file:hashes.MD5 = 'be588cd29b9dc6f8cfc4d0aa5e5c79aa' AND file:hashes.SHA1 = '06be4fe1f26bc3e4bef057ec83ae81bd3199c7fc' AND file:hashes.SHA256 = 'ddea408e178f0412ae78ff5d5adf2439251f68cad4fd853ee466a3c74649642d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-04-10T19:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6e32e619-e0ca-4e75-b7dc-01f5d1917d9a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:50.000Z",
"modified": "2019-04-10T19:40:50.000Z",
"pattern": "[file:hashes.MD5 = '868036e102df4ce414b0e6700825b319' AND file:hashes.SHA1 = '7f1e68d78e455aa14de9020abd2293c3b8ec6cf8' AND file:hashes.SHA256 = '12480585e08855109c5972e85d99cda7701fe992bc1754f1a0736f1eebcb004d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-04-10T19:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2dd85ad6-0987-4542-822b-df9e89eb9e65",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:50.000Z",
"modified": "2019-04-10T19:40:50.000Z",
"pattern": "[file:hashes.MD5 = 'dc268b166fe4c1d1c8595dccf857c476' AND file:hashes.SHA1 = '8264556c8a6e460760dc6bb72ecc6f0f966a16b8' AND file:hashes.SHA256 = '49757cf85657757704656c079785c072bbc233cab942418d99d1f63d43f28359']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-04-10T19:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2612714e-52b6-481c-8fb6-75d5b889548b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:50.000Z",
"modified": "2019-04-10T19:40:50.000Z",
"pattern": "[file:hashes.MD5 = '42682d4a78fe5c2eda988185a344637d' AND file:hashes.SHA1 = '4975de2be0a1f7202037f5a504d738fe512191b7' AND file:hashes.SHA256 = '4a74a9fd40b63218f7504f806fce71dffefc1b1d6ca4bbaadd720b6a89d47761']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-04-10T19:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6ab25fb7-8818-49cc-9ace-c227806fe342",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:50.000Z",
"modified": "2019-04-10T19:40:50.000Z",
"pattern": "[file:hashes.MD5 = '3021b9ef74c7bddf59656a035f94fd08' AND file:hashes.SHA1 = '05ad5f346d0282e43360965373eb2a8d39735137' AND file:hashes.SHA256 = '83228075a604e955d59edc760e4c4ed16eedabfc8f6ac291cf21b4fcbcd1f70a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-04-10T19:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--27db0397-2a1b-429b-8bae-d0427d55c164",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:50.000Z",
"modified": "2019-04-10T19:40:50.000Z",
"pattern": "[file:hashes.MD5 = '61e3571b8d9b2e9ccfadc3dde10fb6e1' AND file:hashes.SHA1 = '55daa1fca210ebf66b1a1d2db1aa3373b06da680' AND file:hashes.SHA256 = '70034b33f59c6698403293cdc28676c7daa8c49031089efa6eefce41e22dccb3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-04-10T19:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f431fcf2-94fe-495a-8fe2-f39c15e442f2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:50.000Z",
"modified": "2019-04-10T19:40:50.000Z",
"pattern": "[file:hashes.MD5 = '0893e206274cb98189d51a284c2a8c83' AND file:hashes.SHA1 = 'd1f4cf4250e7ba186c1d0c6d8876f5a644f457a4' AND file:hashes.SHA256 = 'cd5ff67ff773cc60c98c35f9e9d514b597cbd148789547ba152ba67bfc0fec8f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-04-10T19:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--9379eade-cf5a-477a-a8b4-6eb2199c340b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:50.000Z",
"modified": "2019-04-10T19:40:50.000Z",
"first_observed": "2019-04-10T19:40:50Z",
"last_observed": "2019-04-10T19:40:50Z",
"number_observed": 1,
"object_refs": [
"file--9379eade-cf5a-477a-a8b4-6eb2199c340b"
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"False\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--9379eade-cf5a-477a-a8b4-6eb2199c340b",
"hashes": {
"MD5": "c4103f122d27677c9db144cae1394a66",
"SHA-1": "1489f923c4dca729178b3e3233458550d8dddf29",
"SHA-256": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7"
}
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--22effacf-e4e2-4e50-b638-8246fd0e093e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:15.000Z",
"modified": "2019-04-12T09:38:15.000Z",
"first_observed": "2019-04-12T09:38:15Z",
"last_observed": "2019-04-12T09:38:15Z",
"number_observed": 1,
"object_refs": [
"file--22effacf-e4e2-4e50-b638-8246fd0e093e"
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"False\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--22effacf-e4e2-4e50-b638-8246fd0e093e",
"hashes": {
"MD5": "23e27e5482e3f55bf828dab885569033",
"SHA-1": "139b25e1ae32a8768238935a8c878bfbe2f89ef4",
"SHA-256": "05feed9762bc46b47a7dc5c469add9f163c16df4ddaafe81983a628da5714461",
"SHA-512": "2c481ef42dfc9a7a30575293d09a6f81943e307836ec5b8a346354ab5832c15046dd4015a65201311e33f944763fc55dd44fbe390245be5be7a216026ecfb28b",
"SSDEEP": "6144:YnDlYMzUvLFOL9wqk6+pqC8iooIBgajvQlm/Z0cp1:alYiXiooIKajvQeZ3"
},
"size": 242688,
"name": "23E27E5482E3F55BF828DAB885569033",
"x_misp_entropy": "6.537337",
"x_misp_mimetype": "PE32 executable (GUI) Intel 80386, for MS Windows"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:15.000Z",
"modified": "2019-04-12T09:38:15.000Z",
"first_observed": "2019-04-12T09:38:15Z",
"last_observed": "2019-04-12T09:38:15Z",
"number_observed": 1,
"object_refs": [
"file--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9"
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"False\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9",
"hashes": {
"MD5": "5c3898ac7670da30cf0b22075f3e8ed6",
"SHA-1": "91110c569a48b3ba92d771c5666a05781fdd6a57",
"SHA-256": "2151c1977b4555a1761c12f151969f8e853e26c396fa1a7b74ccbaf3a48f4525",
"SHA-512": "700ec4d923cf0090f4428ac3d4d205b551c3e48368cf90d37f9831d8a57e73c73eb507d1731662321c723362c9318c3f019716991073dc9a4cc829ce01540337",
"SSDEEP": "3072:nKBzqEHcJw0sqz7vLFOLBAqui1mqLK1VaU9BzNRyHmdMaF0QqWN0Qjpthmu:nKg0cJ19z7vLFOLSqp0q7syHeFhnhm"
},
"size": 221184,
"name": "5C3898AC7670DA30CF0B22075F3E8ED6",
"x_misp_entropy": "6.346504",
"x_misp_mimetype": "PE32 executable (GUI) Intel 80386, for MS Windows"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--3dacf4c2-9dfc-46e4-8617-4786537e8ae8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:52.000Z",
"modified": "2019-04-10T19:40:52.000Z",
"labels": [
"misp:name=\"whois\"",
"misp:meta-category=\"network\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "text",
"value": "inetnum: 197.211.208.0 - 197.211.215.255\nnetname: ZOL-16e-MOBILE-CUSTOMERS\ndescr: ZOL Customers on ZTE Mobile WiMAX Platform\ncountry: ZW\nadmin-c: BS10-AFRINIC\nadmin-c: GJ1-AFRINIC\nadmin-c: JHM1-AFRINIC\ntech-c: BS10-AFRINIC\ntech-c: GJ1-AFRINIC\ntech-c: JHM1-AFRINIC\nstatus: ASSIGNED PA\nmnt-by: LIQUID-TOL-MNT\nsource: AFRINIC # Filtered\nparent: 197.211.192.0 - 197.211.255.255\n\nperson: B Siwela\naddress: 3rd Floor Greenbridge South\naddress: Eastgate Center\naddress: R. Mugabe Road\naddress: Harare\naddress: Zimbabwe\nphone: +263774673452\nfax-no: +2634702375\nnic-hdl: BS10-AFRINIC\nmnt-by: GENERATED-DVCNVXWBH3VN3XZXTRPHOT0OJ77GUNN3-MNT\nsource: AFRINIC # Filtered\n\nperson: G Jaya\naddress: 3rd Floor Greenbridge South\naddress: Eastgate Center\naddress: R. Mugabe Road\naddress: Harare\naddress: Zimbabwe\nphone: +263773373135\nfax-no: +2634702375\nnic-hdl: GJ1-AFRINIC\nmnt-by: GENERATED-QPEEUIPPW1WPRZ5HLHRXAVHDOKWLC9UC-MNT\nsource: AFRINIC # Filtered\n\nperson: John H Mwangi\naddress: Liquid Telecom Kenya\naddress: P.O.Box 62499 - 00200\naddress: Nairobi Kenya\naddress: Nairobi, Kenya\naddress: Kenya\nphone: + 254 20 556 755",
"category": "Other",
"uuid": "82790198-9c25-4f4b-9a46-3b13150e6b81"
}
],
"x_misp_meta_category": "network",
"x_misp_name": "whois"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--fca17017-c7b9-4985-ae07-bf616a36f172",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:52.000Z",
"modified": "2019-04-10T19:40:52.000Z",
"labels": [
"misp:name=\"whois\"",
"misp:meta-category=\"network\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "text",
"value": "inetnum: 181.39.135.120/29\nstatus: reallocated\nowner: Clientes Guayaquil\nownerid: EC-CLGU1-LACNIC\nresponsible: Tomislav Topic\naddress: Kennedy Norte Mz. 109 Solar 21, 5, Piso 2\naddress: 5934 - Guayaquil - GY\ncountry: EC\nphone: +593 4 2680555 [101]\nowner-c: SEL\ntech-c: SEL\nabuse-c: SEL\ncreated: 20160720\nchanged: 20160720\ninetnum-up: 181.39/16\n\nnic-hdl: SEL\nperson: Carlos Montero\ne-mail: networking@TELCONET.EC\naddress: Kennedy Norte MZ, 109, Solar 21\naddress: 59342 - Guayaquil - \ncountry: EC\nphone: +593 42680555 [4601]\ncreated: 20021004\nchanged: 20170323",
"category": "Other",
"uuid": "35e253e4-588e-4e66-b8bd-fe491f62b43c"
}
],
"x_misp_meta_category": "network",
"x_misp_name": "whois"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--16d9cbf2-43e4-4e6f-adf5-ec883d2e5091",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:52.000Z",
"modified": "2019-04-10T19:40:52.000Z",
"labels": [
"misp:name=\"whois\"",
"misp:meta-category=\"network\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "text",
"value": "inetnum: 112.160.0.0 - 112.191.255.255\nnetname: KORNET\ndescr: Korea Telecom\nadmin-c: IM667-AP\ntech-c: IM667-AP\ncountry: KR\nstatus: ALLOCATED PORTABLE\nmnt-by: MNT-KRNIC-AP\nmnt-irt: IRT-KRNIC-KR\nlast-modified: 2017-02-03T02:21:58Z\nsource: APNIC\n\nirt: IRT-KRNIC-KR\naddress: Seocho-ro 398, Seocho-gu, Seoul, Korea\ne-mail: hostmaster@nic.or.kr\nabuse-mailbox: hostmaster@nic.or.kr\nadmin-c: IM574-AP\ntech-c: IM574-AP\nauth: # Filtered\nmnt-by: MNT-KRNIC-AP\nlast-modified: 2017-10-19T07:36:36Z\nsource: APNIC\n\nperson: IP Manager\naddress: Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro 90\ncountry: KR\nphone: +82-2-500-6630\ne-mail: kornet_ip@kt.com\nnic-hdl: IM667-AP\nmnt-by: MNT-KRNIC-AP\nlast-modified: 2017-03-28T06:37:04Z\nsource: APNIC",
"category": "Other",
"uuid": "45b63232-b1a0-4e64-ab06-b46e02bcb55a"
}
],
"x_misp_meta_category": "network",
"x_misp_name": "whois"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--2c63c35f-d552-4324-a60b-ecf98f7cfd99",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:52.000Z",
"modified": "2019-04-10T19:40:52.000Z",
"labels": [
"misp:name=\"whois\"",
"misp:meta-category=\"network\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "text",
"value": "inetnum: 81.94.192.0 - 81.94.192.255\nnetname: IOMARTHOSTING\ndescr: iomart Hosting Limited\ncountry: GB\nadmin-c: RA1415-RIPE\ntech-c: RA1415-RIPE\nstatus: ASSIGNED PA\nremarks: ABUSE REPORTS: abuse@redstation.com\nmnt-by: REDSTATION-MNT\nmnt-domains: REDSTATION-MNT\nmnt-routes: REDSTATION-MNT\ncreated: 2016-02-14T11:44:25Z\nlast-modified: 2016-02-14T11:44:25Z\nsource: RIPE\n\nrole: Redstation Admin Role\naddress: Redstation Limited\naddress: 2 Frater Gate Business Park\naddress: Aerodrome Road\naddress: Gosport\naddress: Hampshire\naddress: PO13 0GW\naddress: UNITED KINGDOM\nabuse-mailbox: abuse@redstation.com\ne-mail: abuse@redstation.com\nnic-hdl: RA1415-RIPE\nmnt-by: REDSTATION-MNT\ncreated: 2005-04-22T17:34:33Z\nlast-modified: 2017-05-02T09:47:13Z\nsource: RIPE\n\n% Information related to '81.94.192.0/24AS20860'\n\nroute: 81.94.192.0/24\ndescr: Wayne Dalton - Redstation Ltd\norigin: AS20860\nmnt-by: GB10488-RIPE-MNT\ncreated: 2015-11-03T12:58:00Z\nlast-modified: 2015-11-03T12:58:00Z\nsource: RIPE",
"category": "Other",
"uuid": "e7ab133f-dd4d-47ae-9a68-6127ff4539ae"
}
],
"x_misp_meta_category": "network",
"x_misp_name": "whois"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:15.000Z",
"modified": "2019-04-12T09:38:15.000Z",
"first_observed": "2019-04-12T09:38:15Z",
"last_observed": "2019-04-12T09:38:15Z",
"number_observed": 1,
"object_refs": [
"file--f7d0f16d-6367-4770-ae6e-db03c68a82ca"
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"False\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--f7d0f16d-6367-4770-ae6e-db03c68a82ca",
"hashes": {
"MD5": "ae829f55db0198a0a36b227addcdeeff",
"SHA-1": "04833210fa57ea70a209520f4f2a99d049e537f2",
"SHA-256": "70902623c9cd0cccc8513850072b70732d02c266c7b7e96d2d5b2ed4f5edc289",
"SHA-512": "1b4509102ac734ce310b6f8631b1bedd772a38582b4feda9fee09f1edd096006cf5ba528435c844effa97f95984b07bd2c111aa480bb22f4bcfbc751f069868d",
"SSDEEP": "3:ElclFUl8GlFcmzkXIil23X1ll:ElcUXmQkXQ3"
},
"size": 1171,
"name": "udbcgiut.dat",
"x_misp_entropy": "0.395693",
"x_misp_mimetype": "data"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--e245ed73-c585-4e0b-9190-38647d7f215d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:15.000Z",
"modified": "2019-04-12T09:38:15.000Z",
"first_observed": "2019-04-12T09:38:15Z",
"last_observed": "2019-04-12T09:38:15Z",
"number_observed": 1,
"object_refs": [
"file--e245ed73-c585-4e0b-9190-38647d7f215d"
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"False\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--e245ed73-c585-4e0b-9190-38647d7f215d",
"hashes": {
"MD5": "c5dc53a540abe95e02008a04a0d56d6c",
"SHA-1": "4cfe9e353b1a91a2add627873846a3ad912ea96b",
"SHA-256": "4c372df691fc699552f81c3d3937729f1dde2a2393f36c92ccc2bd2a033a0818",
"SHA-512": "fc33c99facfbc98d164e63167353bdcff7c1704810e4bb64f7e56812412d84099b224086c04aea66e321cd546d8cf6f14196f5b58d5e931c68064d659c33b6a2",
"SSDEEP": "6144:LA5cWD93YuzTvLFOLoqbWbnuX7ZEAV6efA/Pawzq:Xc93YbLZEAV6mX"
},
"size": 241152,
"name": "C5DC53A540ABE95E02008A04A0D56D6C",
"x_misp_entropy": "6.534884",
"x_misp_mimetype": "PE32 executable (GUI) Intel 80386, for MS Windows"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--ebf0b816-7fdf-425a-8298-134f91e7cdf2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:15.000Z",
"modified": "2019-04-12T09:38:15.000Z",
"first_observed": "2019-04-12T09:38:15Z",
"last_observed": "2019-04-12T09:38:15Z",
"number_observed": 1,
"object_refs": [
"file--ebf0b816-7fdf-425a-8298-134f91e7cdf2"
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"False\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--ebf0b816-7fdf-425a-8298-134f91e7cdf2",
"hashes": {
"MD5": "be588cd29b9dc6f8cfc4d0aa5e5c79aa",
"SHA-1": "06be4fe1f26bc3e4bef057ec83ae81bd3199c7fc",
"SHA-256": "ddea408e178f0412ae78ff5d5adf2439251f68cad4fd853ee466a3c74649642d",
"SHA-512": "c074ec876350b3ee3f82208041152c0ecf25cc8600c8277eec389c253c12372e78da59182a6df8331b05e0eefb07c142172951115a582606f68b824e1d48f30d",
"SSDEEP": "6144:UEFpmt3md/iA3uiyzOvLFOLYqnHGZlDwf/OYy85eqmJKRPg:/PQ3mJxeigqi/OYy+/g"
},
"size": 267776,
"name": "BE588CD29B9DC6F8CFC4D0AA5E5C79AA",
"x_misp_entropy": "6.554499",
"x_misp_mimetype": "PE32 executable (GUI) Intel 80386, for MS Windows"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--26db93d0-b8c2-48c0-9068-e8ddce10b2ac",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:55.000Z",
"modified": "2019-04-10T19:40:55.000Z",
"labels": [
"misp:name=\"whois\"",
"misp:meta-category=\"network\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "text",
"value": "Domain name:\n redstation.net.uk\n\n Registrant:\n Redstation Limited\n\n Registrant type:\n UK Limited Company, (Company number: 3590745)\n\n Registrant's address:\n 2 Frater Gate Business Park\n Aerodrome Road\n Gosport\n Hampshire\n PO13 0GW\n United Kingdom\n\n Data validation:\n Nominet was able to match the registrant's name and address against a 3rd party data source on 21-Feb-2017\n\n Registrar:\n Easyspace Ltd [Tag = EASYSPACE]\n URL: https://www.easyspace.com/domain-names/extensions/uk\n\n Relevant dates:\n Registered on: 11-Apr-2005\n Expiry date: 11-Apr-2019\n Last updated: 12-Apr-2017\n\n Registration status:\n Registered until expiry date.\n\n Name servers:\n ns1.redstation.com\n ns2.redstation.com",
"category": "Other",
"uuid": "4e134e95-f503-4166-8d49-a60a39733d96"
}
],
"x_misp_meta_category": "network",
"x_misp_name": "whois"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--6c10ee1b-a1c9-414d-92cc-8574decc8af4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:16.000Z",
"modified": "2019-04-12T09:38:16.000Z",
"first_observed": "2019-04-12T09:38:16Z",
"last_observed": "2019-04-12T09:38:16Z",
"number_observed": 1,
"object_refs": [
"file--6c10ee1b-a1c9-414d-92cc-8574decc8af4"
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"False\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--6c10ee1b-a1c9-414d-92cc-8574decc8af4",
"hashes": {
"MD5": "868036e102df4ce414b0e6700825b319",
"SHA-1": "7f1e68d78e455aa14de9020abd2293c3b8ec6cf8",
"SHA-256": "12480585e08855109c5972e85d99cda7701fe992bc1754f1a0736f1eebcb004d",
"SHA-512": "724d83493dbe86cfcee7f655272d2c733baa5470d7da986e956c789aa1b8f518ad94b575e655b4fe5f6f7d426b9aa7d8304fc879b82a385142b8924e0d454363",
"SSDEEP": "12288:eb/3G8vg+Rg1cvAHtE0MLa07rt5POui6z:+/3G8vg+pvi9Sa07rt4ui6z"
},
"size": 453791,
"name": "868036E102DF4CE414B0E6700825B319",
"x_misp_entropy": "7.713852",
"x_misp_mimetype": "PE32+ executable (GUI) x86-64, for MS Windows"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:16.000Z",
"modified": "2019-04-12T09:38:16.000Z",
"first_observed": "2019-04-12T09:38:16Z",
"last_observed": "2019-04-12T09:38:16Z",
"number_observed": 1,
"object_refs": [
"file--02f5bf02-c1ac-4142-be6b-978554a19a90"
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"False\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--02f5bf02-c1ac-4142-be6b-978554a19a90",
"hashes": {
"MD5": "dc268b166fe4c1d1c8595dccf857c476",
"SHA-1": "8264556c8a6e460760dc6bb72ecc6f0f966a16b8",
"SHA-256": "49757cf85657757704656c079785c072bbc233cab942418d99d1f63d43f28359",
"SHA-512": "b47c4caa0b5c17c982fcd040c7171d36ec962fe32e9b8bec567ee14b187507fe90e026aa05eec17d36c49a924eeaed55e66c95a111cfa9dcae0e305ab9515cac",
"SSDEEP": "6144:jfsTC8amAXJeZP6BPjIDeLkigDxcvAHjVXjhtBGshMLa1Mj7rtlkiP60dwtudIye:jvg+Rg1cvAHtE0MLa07rt5POui6"
},
"size": 391680,
"name": "rdpproto.dll",
"x_misp_entropy": "7.893665",
"x_misp_mimetype": "PE32+ executable (DLL) (console) x86-64, for MS Windows"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5e26a8e6-9554-46b4-9b95-e31d69198ea6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:57.000Z",
"modified": "2019-04-10T19:40:57.000Z",
"labels": [
"misp:name=\"whois\"",
"misp:meta-category=\"network\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "text",
"value": "NetRange: 21.0.0.0 - 21.255.255.255\nCIDR: 21.0.0.0/8\nNetName: DNIC-SNET-021\nNetHandle: NET-21-0-0-0-1\nParent: ()\nNetType: Direct Allocation\nOriginAS: \nOrganization: DoD Network Information Center (DNIC)\nRegDate: 1991-06-30\nUpdated: 2009-06-19\nRef: https://whois.arin.net/rest/net/NET-21-0-0-0-1\n\n\nOrgName: DoD Network Information Center\nOrgId: DNIC\nAddress: 3990 E. Broad Street\nCity: Columbus\nStateProv: OH\nPostalCode: 43218\nCountry: US\nRegDate: \nUpdated: 2011-08-17\nRef: https://whois.arin.net/rest/org/DNIC",
"category": "Other",
"uuid": "06c3dfcd-ff56-433f-b0c4-f0d3f9267690"
}
],
"x_misp_meta_category": "network",
"x_misp_name": "whois"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--f08a32dc-ddbc-4164-8f6d-a564d7a7e31c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:57.000Z",
"modified": "2019-04-10T19:40:57.000Z",
"labels": [
"misp:name=\"whois\"",
"misp:meta-category=\"network\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "text",
"value": "Domain Name: AMERITECH.NET\n Registry Domain ID: 81816_DOMAIN_NET-VRSN\n Registrar WHOIS Server: whois.corporatedomains.com\n Registrar URL: http://www.cscglobal.com/global/web/csc/digital-brand-services.html\n Updated Date: 2017-06-09T05:27:34Z\n Creation Date: 1996-06-14T04:00:00Z\n Registry Expiry Date: 2018-06-13T04:00:00Z\n Registrar: CSC Corporate Domains, Inc.\n Registrar IANA ID: 299\n Registrar Abuse Contact Email: domainabuse@cscglobal.com\n Registrar Abuse Contact Phone: 8887802723\n Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited\n Name Server: NS1.ATTDNS.COM\n Name Server: NS2.ATTDNS.COM\n Name Server: NS3.ATTDNS.COM\n Name Server: NS4.ATTDNS.COM\n DNSSEC: unsigned\n\nDomain Name: ameritech.net\nRegistry Domain ID: 81816_DOMAIN_NET-VRSN\nRegistrar WHOIS Server: whois.corporatedomains.com\nRegistrar URL: www.cscprotectsbrands.com\nUpdated Date: 2017-06-09T05:27:34Z\nCreation Date: 1996-06-14T04:00:00Z\nRegistrar Registration Expiration Date: 2018-06-13T04:00:00Z\nRegistrar: CSC CORPORATE DOMAINS, INC.\nRegistrar IANA ID: 299\nRegistrar Abuse Contact Email: domainabuse@cscglobal.com\nRegistrar Abuse Contact Phone: +1.8887802723\nDomain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited\nRegistry Registrant ID: \nRegistrant Name: Domain Administrator\nRegistrant Organization: AT&T SERVICES, INC.\nRegistrant Street: 801 Chestnut Street\nRegistrant City: Saint Louis\nRegistrant State/Province: MO\nRegistrant Postal Code: 63101\nRegistrant Country: US\nRegistrant Phone: +1.3142358168\nRegistrant Phone Ext: \nRegistrant Fax: +1.3142358168\nRegistrant Fax Ext: \nRegistrant Email: att-domains@att.com\nRegistry Admin ID: \nAdmin Name: Domain Administrator\nAdmin Organization: AT&T SERVICES, INC.\nAdmin Street: 801 Chestnut Street\nAdmin City: Saint Louis\nAdmin State/Province: MO\nAdmin Postal Code: 63101\nAdmin Country: US\nAdmin Phone: +1.3142358168\nAdmin Phone Ext: \nAdmin Fax: +1.3142358168\nAdmin Fax Ext: \nAdmin Email: att-domains@att.com\nRegistry Tech ID: \nTech Name: Domain Administrator\nTech Organization: AT&T SERVICES, INC.\nTech Street: 801 Chestnut Street\nTech City: Saint Louis\nTech State/Province: MO\nTech Postal Code: 63101\nTech Country: US\nTech Phone: +1.3142358168\nTech Phone Ext: \nTech Fax: +1.3142358168\nTech Fax Ext: \nTech Email: att-domains@att.com\nName Server: ns3.attdns.com\nName Server: ns1.attdns.com\nName Server: ns2.attdns.com\nName Server: ns4.attdns.com\nDNSSEC: unsigned",
"category": "Other",
"uuid": "d29145ee-e6d4-42f3-a004-5fd763446416"
}
],
"x_misp_meta_category": "network",
"x_misp_name": "whois"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--6e01219a-94b3-47e9-86c4-7f770ccb0fbb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:57.000Z",
"modified": "2019-04-10T19:40:57.000Z",
"labels": [
"misp:name=\"whois\"",
"misp:meta-category=\"network\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "text",
"value": "inetnum: 113.112.0.0 - 113.119.255.255\nnetname: CHINANET-GD\ndescr: CHINANET Guangdong province network\ndescr: Data Communication Division\ndescr: China Telecom\ncountry: CN\nadmin-c: CH93-AP\ntech-c: IC83-AP\nremarks: service provider\nstatus: ALLOCATED PORTABLE\nmnt-by: APNIC-HM\nmnt-lower: MAINT-CHINANET-GD\nmnt-routes: MAINT-CHINANET-GD\nlast-modified: 2016-05-04T00:15:17Z\nsource: APNIC\nmnt-irt: IRT-CHINANET-CN\n\nirt: IRT-CHINANET-CN\naddress: No.31 ,jingrong street,beijing\naddress: 100032\ne-mail: anti-spam@ns.chinanet.cn.net\nabuse-mailbox: anti-spam@ns.chinanet.cn.net\nadmin-c: CH93-AP\ntech-c: CH93-AP\nauth: # Filtered\nmnt-by: MAINT-CHINANET\nlast-modified: 2010-11-15T00:31:55Z\nsource: APNIC\n\nperson: Chinanet Hostmaster\nnic-hdl: CH93-AP\ne-mail: anti-spam@ns.chinanet.cn.net\naddress: No.31 ,jingrong street,beijing\naddress: 100032\nphone: +86-10-58501724\nfax-no: +86-10-58501724\ncountry: CN\nmnt-by: MAINT-CHINANET\nlast-modified: 2014-02-27T03:37:38Z\nsource: APNIC\n\nperson: IPMASTER CHINANET-GD\nnic-hdl: IC83-AP\ne-mail: gdnoc_HLWI@189.cn\naddress: NO.18,RO. ZHONGSHANER,YUEXIU DISTRIC,GUANGZHOU\nphone: +86-20-87189274\nfax-no: +86-20-87189274\ncountry: CN\nmnt-by: MAINT-CHINANET-GD\nremarks: IPMASTER is not for spam complaint,please send spam complaint to abuse_gdnoc@189.cn\nabuse-mailbox: antispam_gdnoc@189.cn\nlast-modified: 2014-09-22T04:41:26Z\nsource: APNIC",
"category": "Other",
"uuid": "3c6983a5-708a-4dd9-ac00-19a783aeaf1b"
}
],
"x_misp_meta_category": "network",
"x_misp_name": "whois"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--d3914c3e-70f1-4dc8-9748-009b973cacc2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:57.000Z",
"modified": "2019-04-10T19:40:57.000Z",
"labels": [
"misp:name=\"whois\"",
"misp:meta-category=\"network\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "text",
"value": "Domain Name: FRONTIERNET.NET\n Registry Domain ID: 4305589_DOMAIN_NET-VRSN\n Registrar WHOIS Server: whois.register.com\n Registrar URL: http://www.register.com\n Updated Date: 2017-09-14T07:53:05Z\n Creation Date: 1995-10-14T04:00:00Z\n Registry Expiry Date: 2018-10-13T04:00:00Z\n Registrar: Register.com, Inc.\n Registrar IANA ID: 9\n Registrar Abuse Contact Email: abuse@web.com\n Registrar Abuse Contact Phone: +1.8003337680\n Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited\n Name Server: AUTH.DLLS.PA.FRONTIERNET.NET\n Name Server: AUTH.FRONTIERNET.NET\n Name Server: AUTH.LKVL.MN.FRONTIERNET.NET\n Name Server: AUTH.ROCH.NY.FRONTIERNET.NET\n DNSSEC: unsigned\n\nDomain Name: FRONTIERNET.NET\nRegistry Domain ID: 4305589_DOMAIN_NET-VRSN\nRegistrar WHOIS Server: whois.register.com\nRegistrar URL: www.register.com\nUpdated Date: 2017-09-14T00:53:05.00Z\nCreation Date: 1995-10-14T04:00:00.00Z\nRegistrar Registration Expiration Date: 2018-10-13T04:00:00.00Z\nRegistrar: REGISTER.COM, INC.\nRegistrar IANA ID: 9\nDomain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited\nRegistry Registrant ID: \nRegistrant Name: FRONTIERNET HOSTMASTER\nRegistrant Organization: \nRegistrant Street: 95 N. FITZHUGH ST.\nRegistrant City: ROCHESTER\nRegistrant State/Province: NY\nRegistrant Postal Code: 14614-1212\nRegistrant Country: US\nRegistrant Phone: +1.8664747662\nRegistrant Phone Ext: \nRegistrant Fax: \nRegistrant Fax Ext:\nRegistrant Email: HOSTMASTER@FRONTIERNET.NET\nRegistry Admin ID: \nAdmin Name: FRONTIERNET HOSTMASTER\nAdmin Organization: \nAdmin Street: 95 N. FITZHUGH ST.\nAdmin City: ROCHESTER\nAdmin State/Province: NY\nAdmin Postal Code: 14614-1212\nAdmin Country: US\nAdmin Phone: +1.8664747662\nAdmin Phone Ext: \nAdmin Fax: \nAdmin Fax Ext:\nAdmin Email: HOSTMASTER@FRONTIERNET.NET\nRegistry Tech ID: \nTech Name: FRONTIERNET HOSTMASTER\nTech Organization: \nTech Street: 95 N. FITZHUGH ST.\nTech City: ROCHESTER\nTech State/Province: NY\nTech Postal Code: 14614-1212\nTech Country: US\nTech Phone: +1.8664747662\nTech Phone Ext: \nTech Fax: \nTech Fax Ext: \nTech Email: HOSTMASTER@FRONTIERNET.NET\nName Server: AUTH.DLLS.PA.FRONTIERNET.NET\nName Server: AUTH.FRONTIERNET.NET\nName Server: AUTH.LKVL.MN.FRONTIERNET.NET\nName Server: AUTH.ROCH.NY.FRONTIERNET.NET\nDNSSEC: unSigned",
"category": "Other",
"uuid": "f4d8f03d-4796-49d5-858b-9e3ae235dc64"
}
],
"x_misp_meta_category": "network",
"x_misp_name": "whois"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--b5d6f570-a5ec-4760-8d47-ae9c8d2533b6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:57.000Z",
"modified": "2019-04-10T19:40:57.000Z",
"labels": [
"misp:name=\"whois\"",
"misp:meta-category=\"network\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "text",
"value": "Domain Name: NEXTGENTEL.COM\n Registry Domain ID: 13395561_DOMAIN_COM-VRSN\n Registrar WHOIS Server: whois.domaininfo.com\n Registrar URL: http://www.ports.domains\n Updated Date: 2017-11-10T23:44:50Z\n Creation Date: 1999-11-17T15:47:51Z\n Registry Expiry Date: 2018-11-17T15:47:51Z\n Registrar: Ports Group AB\n Registrar IANA ID: 73\n Registrar Abuse Contact Email: abuse@portsgroup.se\n Registrar Abuse Contact Phone: +46.707260017\n Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited\n Name Server: ANYADNS1.NEXTGENTEL.NET\n Name Server: ANYADNS2.NEXTGENTEL.NET\n DNSSEC: unsigned\n\nDomain Name: nextgentel.com\nRegistry Domain ID: 13395561_DOMAIN_COM-VRSN\nRegistrar WHOIS Server: whois.domaininfo.com\nRegistrar URL: ports.domains\nUpdated Date: 2017-11-10T23:44:50Z\nCreation Date: 1999-11-17T15:47:51Z\nRegistrar Registration Expiration Date: 2018-11-17T15:47:51Z\nRegistrar: PortsGroup AB\nRegistrar IANA ID: 73\nRegistrar Abuse Contact Email: abuse@portsgroup.se\nRegistrar Abuse Contact Phone: +46.317202000\nDomain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited\nRegistry Registrant ID: \nRegistrant Name: Hostmaster\nRegistrant Organization: NextGenTel AS\nRegistrant Street: Sandslimarka 31\nRegistrant City: SANDSLI\nRegistrant State/Province: \nRegistrant Postal Code: 5254\nRegistrant Country: NO\nRegistrant Phone: +47.55527900\nRegistrant Fax: +47.55527910\nRegistrant Email: hostmaster@nextgentel.com\nRegistry Admin ID: \nAdmin Name: Hostmaster\nAdmin Organization: NextGenTel AS\nAdmin Street: Sandslimarka 31\nAdmin City: Sandsli\nAdmin State/Province: \nAdmin Postal Code: 5254\nAdmin Country: NO\nAdmin Phone: +47.55527900\nAdmin Fax: +47.55527910\nAdmin Email: hostmaster@nextgentel.com\nRegistry Tech ID: \nTech Name: Hostmaster v/ Eivind Olsen\nTech Organization: NextGenTel AS\nTech Street: Postboks 3 Sandsli\nTech City: Bergen\nTech State/Province: \nTech Postal Code: 5861\nTech Country: NO\nTech Phone: +47.41649322\nTech Fax: +47.55527910\nTech Email: hostmaster@nextgentel.com\nName Server: ANYADNS1.NEXTGENTEL.NET\nName Server: ANYADNS2.NEXTGENTEL.NET\nDNSSEC: unsigned",
"category": "Other",
"uuid": "43efc76a-063e-402f-95b1-adda61922cc1"
}
],
"x_misp_meta_category": "network",
"x_misp_name": "whois"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--2ba66826-3848-41e9-a0b0-18433680ff80",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:57.000Z",
"modified": "2019-04-10T19:40:57.000Z",
"labels": [
"misp:name=\"whois\"",
"misp:meta-category=\"network\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "text",
"value": "NetRange: 26.0.0.0 - 26.255.255.255\nCIDR: 26.0.0.0/8\nNetName: DISANET26\nNetHandle: NET-26-0-0-0-1\nParent: ()\nNetType: Direct Allocation\nOriginAS: \nOrganization: DoD Network Information Center (DNIC)\nRegDate: 1995-04-30\nUpdated: 2009-06-19\nRef: https://whois.arin.net/rest/net/NET-26-0-0-0-1\n\n\nOrgName: DoD Network Information Center\nOrgId: DNIC\nAddress: 3990 E. Broad Street\nCity: Columbus\nStateProv: OH\nPostalCode: 43218\nCountry: US\nRegDate: \nUpdated: 2011-08-17\nRef: https://whois.arin.net/rest/org/DNIC\n\n\nOrgTechHandle: MIL-HSTMST-ARIN\nOrgTechName: Network DoD\nOrgTechPhone: +1-844-347-2457 \nOrgTechEmail: disa.columbus.ns.mbx.hostmaster-dod-nic@mail.mil\nOrgTechRef: https://whois.arin.net/rest/poc/MIL-HSTMST-ARIN\n\nOrgAbuseHandle: REGIS10-ARIN\nOrgAbuseName: Registration\nOrgAbusePhone: +1-844-347-2457 \nOrgAbuseEmail: disa.columbus.ns.mbx.arin-registrations@mail.mil\nOrgAbuseRef: https://whois.arin.net/rest/poc/REGIS10-ARIN\n\nOrgTechHandle: REGIS10-ARIN\nOrgTechName: Registration\nOrgTechPhone: +1-844-347-2457 \nOrgTechEmail: disa.columbus.ns.mbx.arin-registrations@mail.mil\nOrgTechRef: https://whois.arin.net/rest/poc/REGIS10-ARIN",
"category": "Other",
"uuid": "7f7c6c2b-9522-48cb-8251-4ebdc47299a4"
}
],
"x_misp_meta_category": "network",
"x_misp_name": "whois"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--955a399e-186e-4973-b937-eac9a78c3caa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:57.000Z",
"modified": "2019-04-10T19:40:57.000Z",
"labels": [
"misp:name=\"whois\"",
"misp:meta-category=\"network\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "text",
"value": "NetRange: 137.139.0.0 - 137.139.255.255\nCIDR: 137.139.0.0/16\nNetName: SUC-OLDWEST\nNetHandle: NET-137-139-0-0-1\nParent: NET137 (NET-137-0-0-0-0)\nNetType: Direct Assignment\nOriginAS: \nOrganization: SUNY College at Old Westbury (SCAOW)\nRegDate: 1989-11-29\nUpdated: 2014-02-18\nRef: https://whois.arin.net/rest/net/NET-137-139-0-0-1\n\n\nOrgName: SUNY College at Old Westbury\nOrgId: SCAOW\nAddress: 223 Store Hill Road\nCity: Old Westbury\nStateProv: NY\nPostalCode: 11568\nCountry: US\nRegDate: 1989-11-29\nUpdated: 2011-09-24\nRef: https://whois.arin.net/rest/org/SCAOW\n\n\nOrgTechHandle: SUNYO-ARIN\nOrgTechName: SUNYOWNOC\nOrgTechPhone: +1-516-876-3379 \nOrgTechEmail: sunyownoc@oldwestbury.edu\nOrgTechRef: https://whois.arin.net/rest/poc/SUNYO-ARIN\n\nOrgAbuseHandle: SUNYO-ARIN\nOrgAbuseName: SUNYOWNOC\nOrgAbusePhone: +1-516-876-3379 \nOrgAbuseEmail: sunyownoc@oldwestbury.edu\nOrgAbuseRef: https://whois.arin.net/rest/poc/SUNYO-ARIN\n\nRAbuseHandle: SUNYO-ARIN\nRAbuseName: SUNYOWNOC\nRAbusePhone: +1-516-876-3379 \nRAbuseEmail: sunyownoc@oldwestbury.edu\nRAbuseRef: https://whois.arin.net/rest/poc/SUNYO-ARIN\n\nRTechHandle: SUNYO-ARIN\nRTechName: SUNYOWNOC\nRTechPhone: +1-516-876-3379 \nRTechEmail: sunyownoc@oldwestbury.edu\nRTechRef: https://whois.arin.net/rest/poc/SUNYO-ARIN\n\nRNOCHandle: SUNYO-ARIN\nRNOCName: SUNYOWNOC\nRNOCPhone: +1-516-876-3379 \nRNOCEmail: sunyownoc@oldwestbury.edu\nRNOCRef: https://whois.arin.net/rest/poc/SUNYO-ARIN",
"category": "Other",
"uuid": "7f35fda5-8e4e-4ce1-b8ee-8b13d75f5361"
}
],
"x_misp_meta_category": "network",
"x_misp_name": "whois"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--a5e80ae2-c3ea-4d96-ae64-9e67bb8823b8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:57.000Z",
"modified": "2019-04-10T19:40:57.000Z",
"labels": [
"misp:name=\"whois\"",
"misp:meta-category=\"network\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "text",
"value": "Domain Name: CHARTER.COM\n Registry Domain ID: 340223_DOMAIN_COM-VRSN\n Registrar WHOIS Server: whois.markmonitor.com\n Registrar URL: http://www.markmonitor.com\n Updated Date: 2017-07-03T04:22:18Z\n Creation Date: 1994-07-30T04:00:00Z\n Registry Expiry Date: 2019-07-29T04:00:00Z\n Registrar: MarkMonitor Inc.\n Registrar IANA ID: 292\n Registrar Abuse Contact Email: abusecomplaints@markmonitor.com\n Registrar Abuse Contact Phone: +1.2083895740\n Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited\n Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited\n Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited\n Name Server: NS1.CHARTER.COM\n Name Server: NS2.CHARTER.COM\n Name Server: NS3.CHARTER.COM\n Name Server: NS4.CHARTER.COM\n DNSSEC: unsigned\n\nDomain Name: charter.com\nRegistry Domain ID: 340223_DOMAIN_COM-VRSN\nRegistrar WHOIS Server: whois.markmonitor.com\nRegistrar URL: http://www.markmonitor.com\nUpdated Date: 2017-12-18T04:00:14-0800\nCreation Date: 1994-07-29T21:00:00-0700\nRegistrar Registration Expiration Date: 2019-07-28T21:00:00-0700\nRegistrar: MarkMonitor, Inc.\nRegistrar IANA ID: 292\nRegistrar Abuse Contact Email: abusecomplaints@markmonitor.com\nRegistrar Abuse Contact Phone: +1.2083895740\nDomain Status: clientUpdateProhibited (https://www.icann.org/epp#clientUpdateProhibited)\nDomain Status: clientTransferProhibited (https://www.icann.org/epp#clientTransferProhibited)\nDomain Status: clientDeleteProhibited (https://www.icann.org/epp#clientDeleteProhibited)\nRegistry Registrant ID: \nRegistrant Name: Domain Admin\nRegistrant Organization: Charter Communications Operating, LLC\nRegistrant Street: 12405 Powerscourt Drive, \nRegistrant City: Saint Louis\nRegistrant State/Province: MO\nRegistrant Postal Code: 63131\nRegistrant Country: US\nRegistrant Phone: +1.3149650555\nRegistrant Phone Ext: \nRegistrant Fax: +1.9064010617\nRegistrant Fax Ext: \nRegistrant Email: hostmaster@charter.com\nRegistry Admin ID: \nAdmin Name: Domain Admin\nAdmin Organization: Charter Communications Operating, LLC\nAdmin Street: 12405 Powerscourt Drive, \nAdmin City: Saint Louis\nAdmin State/Province: MO\nAdmin Postal Code: 63131\nAdmin Country: US\nAdmin Phone: +1.3149650555\nAdmin Phone Ext: \nAdmin Fax: +1.9064010617\nAdmin Fax Ext: \nAdmin Email: hostmaster@charter.com\nRegistry Tech ID: \nTech Name: Charter Communications Internet Security and Abuse\nTech Organization: Charter Communications Operating, LLC\nTech Street: 12405 Powerscourt Drive, \nTech City: Saint Louis\nTech State/Province: MO\nTech Postal Code: 63131\nTech Country: US\nTech Phone: +1.3142883111\nTech Phone Ext: \nTech Fax: +1.3149090609\nTech Fax Ext: \nTech Email: abuse@charter.net\nName Server: ns4.charter.com\nName Server: ns3.charter.com\nName Server: ns1.charter.com\nName Server: ns2.charter.com\nDNSSEC: unsigned",
"category": "Other",
"uuid": "8d02a0d2-c5f2-4f89-83fc-fd5998ef9bc4"
}
],
"x_misp_meta_category": "network",
"x_misp_name": "whois"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--476563e7-aac9-4a76-b8d8-c33020d34baf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:57.000Z",
"modified": "2019-04-10T19:40:57.000Z",
"labels": [
"misp:name=\"whois\"",
"misp:meta-category=\"network\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "text",
"value": "Domain Name: UCI.EDU\n\nRegistrant:\n University of California, Irvine\n 6366 Ayala Science Library\n Irvine, CA 92697-1175\n UNITED STATES\n\nAdministrative Contact:\n Con Wieland\n University of California, Irvine\n Office of Information Technology\n 6366 Ayala Science Library\n Irvine, CA 92697-1175\n UNITED STATES\n (949) 824-2222\n oit-nsp@uci.edu\n\nTechnical Contact:\n Con Wieland\n University of California, Irvine\n Office of Information Technology\n 6366 Ayala Science Library\n Irvine, CA 92697-1175\n UNITED STATES\n (949) 824-2222\n oit-nsp@uci.edu\n\nName Servers: \n NS4.SERVICE.UCI.EDU 128.200.59.190\n NS5.SERVICE.UCI.EDU 52.26.131.47\n\nDomain record activated: 30-Sep-1985\nDomain record last updated: 07-Jul-2016\nDomain expires: 31-Jul-2018",
"category": "Other",
"uuid": "29d96991-79d7-4b7d-a669-091ccc08a7cd"
}
],
"x_misp_meta_category": "network",
"x_misp_name": "whois"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5053da1b-c011-42ca-b739-3cf3d1a9e05e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:58.000Z",
"modified": "2019-04-10T19:40:58.000Z",
"labels": [
"misp:name=\"whois\"",
"misp:meta-category=\"network\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "text",
"value": "inetnum: 186.168/15\nstatus: allocated\naut-num: N/A\nowner: COLOMBIA TELECOMUNICACIONES S.A. ESP\nownerid: CO-CTSE-LACNIC\nresponsible: Administradores Internet\naddress: Transversal 60, 114, A 55\naddress: N - BOGOTA - Cu\ncountry: CO\nphone: +57 1 5339833 []\nowner-c: CTE7\ntech-c: CTE7\nabuse-c: CTE7\ninetrev: 186.169/16\nnserver: DNS5.TELECOM.COM.CO \nnsstat: 20171220 AA\nnslastaa: 20171220\nnserver: DNS.TELECOM.COM.CO \nnsstat: 20171220 AA\nnslastaa: 20171220\ncreated: 20110404\nchanged: 20141111\n\nnic-hdl: CTE7\nperson: Grupo de Administradores Internet\ne-mail: admin.internet@TELECOM.COM.CO\naddress: Transversal, 60, 114 A, 55\naddress: 571111 - BOGOTA DC - CU\ncountry: CO\nphone: +57 1 7050000 [71360]\ncreated: 20140220\nchanged: 20140220",
"category": "Other",
"uuid": "eb87ff45-c8bd-4a00-943a-933c59fd836b"
}
],
"x_misp_meta_category": "network",
"x_misp_name": "whois"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:16.000Z",
"modified": "2019-04-12T09:38:16.000Z",
"first_observed": "2019-04-12T09:38:16Z",
"last_observed": "2019-04-12T09:38:16Z",
"number_observed": 1,
"object_refs": [
"file--d090d7bd-5ff5-4f00-be49-c6d7436144d2"
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"False\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--d090d7bd-5ff5-4f00-be49-c6d7436144d2",
"hashes": {
"MD5": "42682d4a78fe5c2eda988185a344637d",
"SHA-1": "4975de2be0a1f7202037f5a504d738fe512191b7",
"SHA-256": "4a74a9fd40b63218f7504f806fce71dffefc1b1d6ca4bbaadd720b6a89d47761",
"SHA-512": "213e4a0afbfac0bd884ab262ac87aee7d9a175cff56ba11aa4c75a4feb6a96c5e4e2c26adbe765f637c783df7552a56e4781a3b17be5fda2cf7894e58eb873ec",
"SSDEEP": "6144:nCgsFAkxS1rrtZQXTip12P04nTnvze6lxjWV346vze6lpjWV34Evze6lSjWV34a7:nCgsukxS1vtZ+5nvze6lxjWV346vze6N"
},
"size": 346624,
"name": "42682D4A78FE5C2EDA988185A344637D",
"x_misp_entropy": "6.10281",
"x_misp_mimetype": "PE32+ executable (DLL) (console) x86-64, for MS Windows"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--454b39cf-332b-4236-8015-6d343c883f40",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:16.000Z",
"modified": "2019-04-12T09:38:16.000Z",
"first_observed": "2019-04-12T09:38:16Z",
"last_observed": "2019-04-12T09:38:16Z",
"number_observed": 1,
"object_refs": [
"file--454b39cf-332b-4236-8015-6d343c883f40"
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"False\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--454b39cf-332b-4236-8015-6d343c883f40",
"hashes": {
"MD5": "3021b9ef74c7bddf59656a035f94fd08",
"SHA-1": "05ad5f346d0282e43360965373eb2a8d39735137",
"SHA-256": "83228075a604e955d59edc760e4c4ed16eedabfc8f6ac291cf21b4fcbcd1f70a",
"SHA-512": "f8fcc5ed34b7bf144fc708d01d9685f0cb2e678c173d014987d6ecbf4a7c3ed539452819237173a2ab14609a913cf46c3bd618cffe7b5990c63cfe805a7144ff",
"SSDEEP": "6144:4+ZmN/ix9bd+Rvze6lxjWV346vze6lpjWV34Evze6lSjWV34avze6lkjWV34z5FT:4+ZmN/ix9b8Rvze6lxjWV346vze6lpjn"
},
"size": 245760,
"name": "3021B9EF74c&BDDF59656A035F94FD08",
"x_misp_entropy": "5.93339",
"x_misp_mimetype": "PE32+ executable (DLL) (console) x86-64, for MS Windows"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:16.000Z",
"modified": "2019-04-12T09:38:16.000Z",
"first_observed": "2019-04-12T09:38:16Z",
"last_observed": "2019-04-12T09:38:16Z",
"number_observed": 1,
"object_refs": [
"file--ec166754-a5ff-4729-ac26-ac79ce02133c"
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"False\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--ec166754-a5ff-4729-ac26-ac79ce02133c",
"hashes": {
"MD5": "61e3571b8d9b2e9ccfadc3dde10fb6e1",
"SHA-1": "55daa1fca210ebf66b1a1d2db1aa3373b06da680",
"SHA-256": "70034b33f59c6698403293cdc28676c7daa8c49031089efa6eefce41e22dccb3",
"SHA-512": "235f7b920f54c4d316386cbf6cc14db1929029e8053270e730be15acc8e9f333231d2d984681bea26013a1d1cf4670528ba0989337be13ad4ada3eeba33bdfe8",
"SSDEEP": "6144:d71TKN7LBHvS+bujAfrsxwkm1Ka5l7gTtJUGx:dxKHPuj8WR0K6VgTtZx"
},
"size": 258052,
"name": "61E3571B8D9B2E9CCFADC3DDE10FB6E1",
"x_misp_entropy": "7.82959",
"x_misp_mimetype": "PE32 executable (GUI) Intel 80386, for MS Windows"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--dc846c76-af3d-4aab-ba62-ccc9a5582e5d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:16.000Z",
"modified": "2019-04-12T09:38:16.000Z",
"first_observed": "2019-04-12T09:38:16Z",
"last_observed": "2019-04-12T09:38:16Z",
"number_observed": 1,
"object_refs": [
"file--dc846c76-af3d-4aab-ba62-ccc9a5582e5d"
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"False\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--dc846c76-af3d-4aab-ba62-ccc9a5582e5d",
"hashes": {
"MD5": "0893e206274cb98189d51a284c2a8c83",
"SHA-1": "d1f4cf4250e7ba186c1d0c6d8876f5a644f457a4",
"SHA-256": "cd5ff67ff773cc60c98c35f9e9d514b597cbd148789547ba152ba67bfc0fec8f",
"SHA-512": "8042356ff8dc69fa84f2de10a4c34685c3ffa798d5520382d4fbcdcb43ae17e403a208be9891cca6cf2bc297f767229a57f746ca834f6b79056a0ff1202941cf",
"SSDEEP": "3072:WsyjTzEvLFOL8AqCiueLt1VFu9+zcSywy0mcj90nSJ5NatCmtWwNQLK:W/zEvLFOLdq9uebdSwHN9n5wtkwNwK"
},
"size": 221184,
"name": "UDPTrcSvc.dll",
"x_misp_entropy": "6.359677",
"x_misp_mimetype": "PE32 executable (DLL) (GUI) Intel 80386, for MS Windows"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--03272933-d90e-4e38-87fa-5490bd1c37d8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:16.000Z",
"modified": "2019-04-12T09:38:16.000Z",
"first_observed": "2019-04-12T09:38:16Z",
"last_observed": "2019-04-12T09:38:16Z",
"number_observed": 1,
"object_refs": [
"file--03272933-d90e-4e38-87fa-5490bd1c37d8"
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"False\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--03272933-d90e-4e38-87fa-5490bd1c37d8",
"hashes": {
"MD5": "c4103f122d27677c9db144cae1394a66",
"SHA-1": "1489f923c4dca729178b3e3233458550d8dddf29",
"SHA-256": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7",
"SHA-512": "5ea71dc6d0b4f57bf39aadd07c208c35f06cd2bac5fde210397f70de11d439c62ec1cdf3183758865fd387fcea0bada2f6c37a4a17851dd1d78fefe6f204ee54",
"SSDEEP": "3::"
},
"size": 2,
"name": "MSDFMAPI.INI",
"x_misp_entropy": "0.0",
"x_misp_mimetype": "data"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--ec5b0828-fc8e-4d29-9a2a-59806d987175",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:16.000Z",
"modified": "2019-04-12T09:38:16.000Z",
"first_observed": "2019-04-12T09:38:16Z",
"last_observed": "2019-04-12T09:38:16Z",
"number_observed": 1,
"object_refs": [
"file--ec5b0828-fc8e-4d29-9a2a-59806d987175"
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"False\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--ec5b0828-fc8e-4d29-9a2a-59806d987175",
"hashes": {
"MD5": "f8d26f2b8dd2ac4889597e1f2fd1f248",
"SHA-1": "dd132f76a4aff9862923d6a10e54dca26f26b1b4",
"SHA-256": "d77fdabe17cdba62a8e728cbe6c740e2c2e541072501f77988674e07a05dfb39",
"SHA-512": "34f8d10ebcab6f10c5140e94cf858761e9fa2e075db971b8e49c7334e1d55237f844ed6cf8ce735e984203f58d6b5032813b55e29a59af4bfff3853b1d07bc44",
"SSDEEP": "12288:MG31DF/ubokxmgF8JsVusikiWxdj3tIQLYe:NlI0UV0ou1kiWvm4Ye"
},
"size": 456241,
"name": "F8D26F2B8DD2AC4889597E1F2FD1F248",
"x_misp_entropy": "7.99935",
"x_misp_mimetype": "data"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5cae46d6-3cf8-4a8c-9ffc-46e0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:41:10.000Z",
"modified": "2019-04-10T19:41:10.000Z",
"labels": [
"misp:name=\"original-imported-file\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "attachment",
"object_relation": "imported-sample",
"value": "MAR-10135536-8.stix.xml",
"category": "External analysis",
"uuid": "5cae46d6-58f0-4c3c-9c58-4ff5950d210f",
"data": "PHN0aXg6U1RJWF9QYWNrYWdlIHhtbG5zOmN5Ym94Q29tbW9uPSJodHRwOi8vY3lib3gubWl0cmUub3JnL2NvbW1vbi0yIiB4bWxuczpjeWJveD0iaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9jeWJveC0yIiB4bWxuczpjeWJveFZvY2Ficz0iaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9kZWZhdWx0X3ZvY2FidWxhcmllcy0yIiB4bWxuczpBZGRyZXNzT2JqPSJodHRwOi8vY3lib3gubWl0cmUub3JnL29iamVjdHMjQWRkcmVzc09iamVjdC0yIiB4bWxuczpGaWxlT2JqPSJodHRwOi8vY3lib3gubWl0cmUub3JnL29iamVjdHMjRmlsZU9iamVjdC0yIiB4bWxuczpQb3J0T2JqPSJodHRwOi8vY3lib3gubWl0cmUub3JnL29iamVjdHMjUG9ydE9iamVjdC0yIiB4bWxuczpXaG9pc09iaj0iaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9vYmplY3RzI1dob2lzT2JqZWN0LTIiIHhtbG5zOldpbkV4ZWN1dGFibGVGaWxlT2JqPSJodHRwOi8vY3lib3gubWl0cmUub3JnL29iamVjdHMjV2luRXhlY3V0YWJsZUZpbGVPYmplY3QtMiIgeG1sbnM6V2luRmlsZU9iaj0iaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9vYmplY3RzI1dpbkZpbGVPYmplY3QtMiIgeG1sbnM6bWFya2luZz0iaHR0cDovL2RhdGEtbWFya2luZy5taXRyZS5vcmcvTWFya2luZy0xIiB4bWxuczp0bHBNYXJraW5nPSJodHRwOi8vZGF0YS1tYXJraW5nLm1pdHJlLm9yZy9leHRlbnNpb25zL01hcmtpbmdTdHJ1Y3R1cmUjVExQLTEiIHhtbG5zOlRPVU1hcmtpbmc9Imh0dHA6Ly9kYXRhLW1hcmtpbmcubWl0cmUub3JnL2V4dGVuc2lvbnMvTWFya2luZ1N0cnVjdHVyZSNUZXJtc19PZl9Vc2UtMSIgeG1sbnM6bWFlY0J1bmRsZT0iaHR0cDovL21hZWMubWl0cmUub3JnL1hNTFNjaGVtYS9tYWVjLWJ1bmRsZS00IiB4bWxuczptYWVjUGFja2FnZT0iaHR0cDovL21hZWMubWl0cmUub3JnL1hNTFNjaGVtYS9tYWVjLXBhY2thZ2UtMiIgeG1sbnM6bWFlY1ZvY2Ficz0iaHR0cDovL21hZWMubWl0cmUub3JnL2RlZmF1bHRfdm9jYWJ1bGFyaWVzLTEiIHhtbG5zOmluY2lkZW50PSJodHRwOi8vc3RpeC5taXRyZS5vcmcvSW5jaWRlbnQtMSIgeG1sbnM6aW5kaWNhdG9yPSJodHRwOi8vc3RpeC5taXRyZS5vcmcvSW5kaWNhdG9yLTIiIHhtbG5zOnR0cD0iaHR0cDovL3N0aXgubWl0cmUub3JnL1RUUC0xIiB4bWxuczpzdGl4Q29tbW9uPSJodHRwOi8vc3RpeC5taXRyZS5vcmcvY29tbW9uLTEiIHhtbG5zOnN0aXhWb2NhYnM9Imh0dHA6Ly9zdGl4Lm1pdHJlLm9yZy9kZWZhdWx0X3ZvY2FidWxhcmllcy0xIiB4bWxuczpzdGl4LW1hZWM9Imh0dHA6Ly9zdGl4Lm1pdHJlLm9yZy9leHRlbnNpb25zL01hbHdhcmUjTUFFQzQuMS0xIiB4bWxuczp5YXJhVE09Imh0dHA6Ly9zdGl4Lm1pdHJlLm9yZy9leHRlbnNpb25zL1Rlc3RNZWNoYW5pc20jWUFSQS0xIiB4bWxuczpzdGl4PSJodHRwOi8vc3RpeC5taXRyZS5vcmcvc3RpeC0xIiB4bWxuczpOQ0NJQz0iaHR0cDovL3d3dy51cy1jZXJ0Lmdvdi8iIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTpzY2hlbWFMb2NhdGlvbj0iICBodHRwOi8vY3lib3gubWl0cmUub3JnL2NvbW1vbi0yIGh0dHA6Ly9jeWJveC5taXRyZS5vcmcvWE1MU2NoZW1hL2NvbW1vbi8yLjEvY3lib3hfY29tbW9uLnhzZCAgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9jeWJveC0yIGh0dHA6Ly9jeWJveC5taXRyZS5vcmcvWE1MU2NoZW1hL2NvcmUvMi4xL2N5Ym94X2NvcmUueHNkICBodHRwOi8vY3lib3gubWl0cmUub3JnL2RlZmF1bHRfdm9jYWJ1bGFyaWVzLTIgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9YTUxTY2hlbWEvZGVmYXVsdF92b2NhYnVsYXJpZXMvMi4xL2N5Ym94X2RlZmF1bHRfdm9jYWJ1bGFyaWVzLnhzZCAgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9vYmplY3RzI0FkZHJlc3NPYmplY3QtMiBodHRwOi8vY3lib3gubWl0cmUub3JnL1hNTFNjaGVtYS9vYmplY3RzL0FkZHJlc3MvMi4xL0FkZHJlc3NfT2JqZWN0LnhzZCAgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9vYmplY3RzI0ZpbGVPYmplY3QtMiBodHRwOi8vY3lib3gubWl0cmUub3JnL1hNTFNjaGVtYS9vYmplY3RzL0ZpbGUvMi4xL0ZpbGVfT2JqZWN0LnhzZCAgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9vYmplY3RzI1BvcnRPYmplY3QtMiBodHRwOi8vY3lib3gubWl0cmUub3JnL1hNTFNjaGVtYS9vYmplY3RzL1BvcnQvMi4xL1BvcnRfT2JqZWN0LnhzZCAgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9vYmplY3RzI1dob2lzT2JqZWN0LTIgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9YTUxTY2hlbWEvb2JqZWN0cy9XaG9pcy8yLjEvV2hvaXNfT2JqZWN0LnhzZCAgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9vYmplY3RzI1dpbkV4ZWN1dGFibGVGaWxlT2JqZWN0LTIgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9YTUxTY2hlbWEvb2JqZWN0cy9XaW5fRXhlY3V0YWJsZV9GaWxlLzIuMS9XaW5fRXhlY3V0YWJsZV9GaWxlX09iamVjdC54c2QgIGh0dHA6Ly9jeWJveC5taXRyZS5vcmcvb2JqZWN0cyNXaW5GaWxlT2JqZWN0LTIgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9YTUxTY2hlbWEvb2JqZWN0cy9XaW5fRmlsZS8yLjEvV2luX0ZpbGVfT2JqZWN0LnhzZCAgaHR0cDovL2RhdGEtbWFya2luZy5taXRyZS5vcmcvTWFya2luZy0xIGh0dHA6Ly9zdGl4Lm1pdHJlLm9yZy9YTUxTY2hlbWEvZGF0YV9tYXJraW5nLzEuMS4xL2RhdGFfbWFya2luZy54c2QgIGh0dHA6Ly9kYXRhLW1hcmtpbmcubWl0cmUub3JnL2V4dGVuc2lvbnMvTWFya2luZ1N0cnVjdHVyZSNUTFAtMSBodHRwOi8vc3RpeC5taXRyZS5vcmcvWE1MU2NoZW1hL2V4dGVuc2lvbnMvbWFya2luZy90bHAvMS4xLjEvdGxwX21hcmtpbmcueHNkICBodHRwOi8vZGF0YS1tYXJraW5nLm1pdHJlLm9yZy9leHRlbnNpb25zL01hcmtpbmdTdHJ1Y3R1cmUjVGVybXNfT2ZfVXNlLTEgaHR0cDovL3N0aXgubWl0cmUub3JnL1hNTFNjaGVtYS9leHRlbnNpb25zL21hcmtpbmcvdGVybXNfb2ZfdXNlLzEuMC4xL3Rlcm1zX29mX3VzZV9tYXJraW5nLnhzZCAgaHR0cDovL21hZWMubWl0cmUub3
},
{
"type": "text",
"object_relation": "format",
"value": "STIX 1.1",
"category": "Other",
"uuid": "5cae46d6-51a8-4570-bb84-4554950d210f"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "original-imported-file"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--b2d62cb5-8052-47f2-997e-dd4238004f97",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:17.000Z",
"modified": "2019-04-12T09:38:17.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-04-12T06:44:27",
"category": "Other",
"uuid": "93b8dd2e-154d-429c-baa1-1d816c2861b6"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/05feed9762bc46b47a7dc5c469add9f163c16df4ddaafe81983a628da5714461/analysis/1555051467/",
"category": "Payload delivery",
"uuid": "4798f052-f860-455d-ad72-5c5675dbc0bc"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "26/69",
"category": "Payload delivery",
"uuid": "e0f10253-c995-4301-9c64-01c080c5b856"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--42d5dff2-e1f0-428f-a415-b83a757b7768",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:17.000Z",
"modified": "2019-04-12T09:38:17.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-04-12T06:23:19",
"category": "Other",
"uuid": "a2315c49-5b25-45c9-935a-609ba79bb4ba"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/4c372df691fc699552f81c3d3937729f1dde2a2393f36c92ccc2bd2a033a0818/analysis/1555050199/",
"category": "Payload delivery",
"uuid": "62d7f6e0-a7f6-4cf7-a869-21c0c2fa1075"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "20/65",
"category": "Payload delivery",
"uuid": "0040fd7e-fb3e-45e9-abe3-06275410051c"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--a314859d-026b-4b02-bcf5-09d7e3c08026",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:18.000Z",
"modified": "2019-04-12T09:38:18.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-04-12T06:53:02",
"category": "Other",
"uuid": "880f50d2-bceb-4345-8793-672b75760927"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/ddea408e178f0412ae78ff5d5adf2439251f68cad4fd853ee466a3c74649642d/analysis/1555051982/",
"category": "Payload delivery",
"uuid": "8bc328ed-c422-47c2-92c7-d9b341cc7ede"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "24/71",
"category": "Payload delivery",
"uuid": "46a21555-699d-4092-9486-b14e92c112d7"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--2fc2e78c-c6e8-424c-9ad7-e166e7737e9c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:18.000Z",
"modified": "2019-04-12T09:38:18.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-04-12T00:08:18",
"category": "Other",
"uuid": "d1f5c894-44c4-49c2-a97d-49a37c85698d"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/cd5ff67ff773cc60c98c35f9e9d514b597cbd148789547ba152ba67bfc0fec8f/analysis/1555027698/",
"category": "Payload delivery",
"uuid": "58dd4071-eaa2-4fb5-befb-d115f8e03c27"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "45/71",
"category": "Payload delivery",
"uuid": "be07e165-b34e-4e5e-982a-1955428d583c"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--603e0902-44f7-4457-9d0e-6246e8fce379",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:18.000Z",
"modified": "2019-04-12T09:38:18.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-04-12T06:23:14",
"category": "Other",
"uuid": "e68c58c8-9662-4509-91a2-f64bd137ce3c"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/2151c1977b4555a1761c12f151969f8e853e26c396fa1a7b74ccbaf3a48f4525/analysis/1555050194/",
"category": "Payload delivery",
"uuid": "d67172a0-b4e2-4d36-846b-36f234b07ec4"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "25/68",
"category": "Payload delivery",
"uuid": "0eb206aa-c688-497f-8faf-ed7b99a0e18b"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--1c222ada-8f9b-4a30-9cb1-fc81cd47dee8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:18.000Z",
"modified": "2019-04-12T09:38:18.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-04-12T07:05:39",
"category": "Other",
"uuid": "169375e9-1b58-4214-866d-e2c4a3c5c84e"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/49757cf85657757704656c079785c072bbc233cab942418d99d1f63d43f28359/analysis/1555052739/",
"category": "Payload delivery",
"uuid": "2f3db7b8-d698-4e25-8daa-32276f0a3898"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "36/70",
"category": "Payload delivery",
"uuid": "5d7317e9-1b1e-4918-82ab-5d104080f463"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--1cba5ef3-2f91-4b11-855e-9480c7fb943d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:19.000Z",
"modified": "2019-04-12T09:38:19.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-04-12T07:13:35",
"category": "Other",
"uuid": "e6bfbca4-2d0d-43fd-b802-54656eed2ed7"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7/analysis/1555053215/",
"category": "Payload delivery",
"uuid": "5c7e5387-5ac8-429e-9723-0b09fb85a125"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "0/55",
"category": "Payload delivery",
"uuid": "9ab6b257-3660-495e-9b89-4a5e2dd5cd9b"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--c8b6f1f2-e727-4120-8d78-62dabe459c41",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:19.000Z",
"modified": "2019-04-12T09:38:19.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-04-12T06:58:29",
"category": "Other",
"uuid": "ca6344f5-5e95-4271-a592-96ccf0314ee7"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/70902623c9cd0cccc8513850072b70732d02c266c7b7e96d2d5b2ed4f5edc289/analysis/1555052309/",
"category": "Payload delivery",
"uuid": "11acd5c2-b8ea-4c81-a710-332791eafeb2"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "1/58",
"category": "Payload delivery",
"uuid": "8f3057df-8a46-4914-b1c2-daf7cc935600"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e25a593a-6702-4694-90f3-f0858a21b5e1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:19.000Z",
"modified": "2019-04-12T09:38:19.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-04-12T06:23:12",
"category": "Other",
"uuid": "60a0984e-0134-4ff8-a960-91448d364c54"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/12480585e08855109c5972e85d99cda7701fe992bc1754f1a0736f1eebcb004d/analysis/1555050192/",
"category": "Payload delivery",
"uuid": "4be1742a-c1cb-42d4-acdc-3d3b458b082b"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "25/68",
"category": "Payload delivery",
"uuid": "d0ffa81e-eb31-409d-8fbb-ed9b5b60b2de"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--d0962325-2049-4b8a-9cc0-8597888ef490",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:19.000Z",
"modified": "2019-04-12T09:38:19.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-04-12T07:16:31",
"category": "Other",
"uuid": "ec85be6d-aa4e-44a6-88ba-d88198d2618a"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/d77fdabe17cdba62a8e728cbe6c740e2c2e541072501f77988674e07a05dfb39/analysis/1555053391/",
"category": "Payload delivery",
"uuid": "69cedfb6-f6a1-4369-9e41-1a7fd072f9fc"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "1/58",
"category": "Payload delivery",
"uuid": "9c254329-ec28-4e83-b7de-de5a3689e449"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--c6acfd6b-0a6a-40cc-8f76-c2fdf02f41d9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:19.000Z",
"modified": "2019-04-12T09:38:19.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-04-12T07:19:07",
"category": "Other",
"uuid": "210beb7e-7b30-4996-bb9c-983da46c984c"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/4a74a9fd40b63218f7504f806fce71dffefc1b1d6ca4bbaadd720b6a89d47761/analysis/1555053547/",
"category": "Payload delivery",
"uuid": "8b0d2ddb-72ae-4c60-956d-c33e57acb25a"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "22/71",
"category": "Payload delivery",
"uuid": "848f612d-4a00-4188-adf7-42a0f95a1111"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--292b76e3-83c8-4bb0-89c8-8105cf22899d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:19.000Z",
"modified": "2019-04-12T09:38:19.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-04-12T06:23:21",
"category": "Other",
"uuid": "66962cf2-1f81-405b-a0cc-9c327b5d5e50"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/70034b33f59c6698403293cdc28676c7daa8c49031089efa6eefce41e22dccb3/analysis/1555050201/",
"category": "Payload delivery",
"uuid": "c91547fb-0ccd-47ea-b791-305f804ae8df"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "39/72",
"category": "Payload delivery",
"uuid": "0c36ffa3-a0fd-44bd-96bf-13e85d0438b1"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--ae92ce2a-cac9-4284-8ce9-641e2a6d948b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-12T09:38:19.000Z",
"modified": "2019-04-12T09:38:19.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-04-12T06:59:12",
"category": "Other",
"uuid": "7f5f4ca8-184b-4f77-bae9-35bb13903da1"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/83228075a604e955d59edc760e4c4ed16eedabfc8f6ac291cf21b4fcbcd1f70a/analysis/1555052352/",
"category": "Payload delivery",
"uuid": "affa8f4f-0bba-4b33-b4fd-8515e13f42dd"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "8/70",
"category": "Payload delivery",
"uuid": "e58118be-80c3-4569-b3a5-441bcd6d7b63"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a10931bb-7045-47ad-bc16-e2684051e353",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:51.000Z",
"modified": "2019-04-10T19:40:51.000Z",
"pattern": "[file:extensions.'windows-pebinary-ext'.number_of_sections = '6' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = '23E27E5482E3F55BF828DAB885569033' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = '23E27E5482E3F55BF828DAB885569033']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-04-10T19:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"pe\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--335302ab-5969-43ef-aae3-ded36c7331b5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:52.000Z",
"modified": "2019-04-10T19:40:52.000Z",
"pattern": "[file:extensions.'windows-pebinary-ext'.number_of_sections = '5' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = '5C3898AC7670DA30CF0B22075F3E8ED6' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = '5C3898AC7670DA30CF0B22075F3E8ED6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-04-10T19:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"pe\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d047f984-e129-4e7d-95f7-b3883eb4d380",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:54.000Z",
"modified": "2019-04-10T19:40:54.000Z",
"pattern": "[file:extensions.'windows-pebinary-ext'.number_of_sections = '6' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = 'C5DC53A540ABE95E02008A04A0D56D6C' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = 'C5DC53A540ABE95E02008A04A0D56D6C']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-04-10T19:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"pe\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--738d6709-4996-4265-b9db-a44258b97eca",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:54.000Z",
"modified": "2019-04-10T19:40:54.000Z",
"pattern": "[file:extensions.'windows-pebinary-ext'.number_of_sections = '6' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = 'BE588CD29B9DC6F8CFC4D0AA5E5C79AA' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = 'BE588CD29B9DC6F8CFC4D0AA5E5C79AA']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-04-10T19:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"pe\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d158344a-e9a9-4e03-9832-fb1264c3d1aa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:56.000Z",
"modified": "2019-04-10T19:40:56.000Z",
"pattern": "[file:extensions.'windows-pebinary-ext'.number_of_sections = '7' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = '868036E102DF4CE414B0E6700825B319' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = '868036E102DF4CE414B0E6700825B319']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-04-10T19:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"pe\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8ac82864-35d9-4232-ad60-e3e6fab47b66",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:57.000Z",
"modified": "2019-04-10T19:40:57.000Z",
"pattern": "[file:extensions.'windows-pebinary-ext'.number_of_sections = '7' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = 'rdpproto.dll' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = 'rdpproto.dll']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-04-10T19:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"pe\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c2881aa4-04fd-45b9-922b-93273fd2f4a7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:59.000Z",
"modified": "2019-04-10T19:40:59.000Z",
"pattern": "[file:extensions.'windows-pebinary-ext'.number_of_sections = '7' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = '42682D4A78FE5C2EDA988185A344637D' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = '42682D4A78FE5C2EDA988185A344637D']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-04-10T19:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"pe\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ab715c6a-5b26-4280-a328-6d748e83e680",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:41:00.000Z",
"modified": "2019-04-10T19:41:00.000Z",
"pattern": "[file:extensions.'windows-pebinary-ext'.number_of_sections = '7' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = '3021B9EF74c&BDDF59656A035F94FD08' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = '3021B9EF74c&BDDF59656A035F94FD08']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-04-10T19:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"pe\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4bef19cc-01f6-4b03-9f08-6b51796cb5ca",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:41:01.000Z",
"modified": "2019-04-10T19:41:01.000Z",
"pattern": "[file:extensions.'windows-pebinary-ext'.number_of_sections = '4' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = '61E3571B8D9B2E9CCFADC3DDE10FB6E1' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = '61E3571B8D9B2E9CCFADC3DDE10FB6E1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-04-10T19:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"pe\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cb4560bb-f70e-44a7-9496-1d7d017e9880",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:41:02.000Z",
"modified": "2019-04-10T19:41:02.000Z",
"pattern": "[file:extensions.'windows-pebinary-ext'.number_of_sections = '5' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = 'UDPTrcSvc.dll' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = 'UDPTrcSvc.dll']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-04-10T19:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"pe\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--6a82a81c-cc1c-4568-95e8-65da2aa8a8ec",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:50.000Z",
"modified": "2019-04-10T19:40:50.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "float",
"object_relation": "entropy",
"value": "2.542817",
"category": "Other",
"uuid": "026bccf0-af5e-4d04-ba13-941a2b97c9fd"
},
{
"type": "md5",
"object_relation": "md5",
"value": "c06924120c87e2cb79505e4ab0c2e192",
"category": "Payload delivery",
"to_ids": true,
"uuid": "61eab12c-88a3-4fec-bff1-1f0cea073fb0"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "1024",
"category": "Other",
"uuid": "98e8e9d7-8239-498d-9068-2f72767e6848"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--132d7802-77e5-432c-8cf6-7648b90e7acd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:50.000Z",
"modified": "2019-04-10T19:40:50.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "3368eda2d5820605a055596c7c438f0f",
"category": "Payload delivery",
"to_ids": true,
"uuid": "b8f8095e-4611-4431-b56c-73bd427ffc79"
},
{
"type": "float",
"object_relation": "entropy",
"value": "6.441545",
"category": "Other",
"uuid": "22f6639e-4e1c-4c21-9e66-4c6f2dd58e8e"
},
{
"type": "text",
"object_relation": "name",
"value": ".text",
"category": "Other",
"uuid": "10ae0529-05da-4c1a-9647-e674df77194a"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "197120",
"category": "Other",
"uuid": "c89bb820-7efd-49de-987e-0466ab07af24"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--51c3c827-4e60-4f91-b6b4-b1e99fab0df8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:50.000Z",
"modified": "2019-04-10T19:40:50.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "ec1f06839fa9bc10ad8e183b6bf7c1b5",
"category": "Payload delivery",
"to_ids": true,
"uuid": "4da7482c-3d35-4d8f-88f6-e73a14c294dd"
},
{
"type": "float",
"object_relation": "entropy",
"value": "5.956914",
"category": "Other",
"uuid": "10b07ecf-448e-4c7a-8349-19241d4f640d"
},
{
"type": "text",
"object_relation": "name",
"value": ".rdata",
"category": "Other",
"uuid": "9040e2be-7b8c-4c63-a13d-7e273b3f6a93"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "27136",
"category": "Other",
"uuid": "d4d042f6-ffa1-4314-81d7-4d5dc65e75d7"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--a4f1d6f8-842e-42f9-8d2c-b69a2d04a1ea",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:51.000Z",
"modified": "2019-04-10T19:40:51.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "1e62b7d9f7cc48162e0651f7de314c8a",
"category": "Payload delivery",
"to_ids": true,
"uuid": "d520e839-76ab-4991-bcfc-4f67bb4fd738"
},
{
"type": "float",
"object_relation": "entropy",
"value": "4.147893",
"category": "Other",
"uuid": "5eec8273-6d98-4ef8-ad6a-d00a95b2092b"
},
{
"type": "text",
"object_relation": "name",
"value": ".data",
"category": "Other",
"uuid": "63afbe8b-03ca-46bc-82c7-7b6669057e5c"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "8192",
"category": "Other",
"uuid": "c7ab30e9-837a-4262-8acd-a7d3b3dfd3c4"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--a61f2333-075a-4f7e-9145-b7e624c99d43",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:51.000Z",
"modified": "2019-04-10T19:40:51.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "980effd28a6c674865537f313318733a",
"category": "Payload delivery",
"to_ids": true,
"uuid": "5aa67187-ff2d-4c6d-bf7e-56ba932ae292"
},
{
"type": "float",
"object_relation": "entropy",
"value": "5.090362",
"category": "Other",
"uuid": "e4739013-d1f6-4da4-8d81-af28aaafe34d"
},
{
"type": "text",
"object_relation": "name",
"value": ".rsrc",
"category": "Other",
"uuid": "d0be3f42-d87b-4da7-9113-6d7829fd1676"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "512",
"category": "Other",
"uuid": "959005d0-0b35-495e-8681-16f0eadcb7b2"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--904eab59-fca8-4005-ae01-fa802500e52c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:51.000Z",
"modified": "2019-04-10T19:40:51.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "696fd5cac6e744f336e8ab68a4708fcf",
"category": "Payload delivery",
"to_ids": true,
"uuid": "edfedbf3-79b4-4209-8df0-98687d42d22b"
},
{
"type": "float",
"object_relation": "entropy",
"value": "5.247502",
"category": "Other",
"uuid": "4ef97107-db6e-40f9-a63c-1a574c8f1b28"
},
{
"type": "text",
"object_relation": "name",
"value": ".reloc",
"category": "Other",
"uuid": "fbf5d6fd-a566-4bda-bddf-f6ef93f7ca1f"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "8704",
"category": "Other",
"uuid": "0cc130d4-bada-4e9f-8cfc-46a5c5451d89"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e02bda87-4522-4849-b60b-cd07a598b48f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:51.000Z",
"modified": "2019-04-10T19:40:51.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "float",
"object_relation": "entropy",
"value": "0.69566",
"category": "Other",
"uuid": "f37c7c4b-d577-45fd-9b5a-8e329adc6efb"
},
{
"type": "md5",
"object_relation": "md5",
"value": "adb596d3ceae66510778e3bf5d4d9582",
"category": "Payload delivery",
"to_ids": true,
"uuid": "ac76124e-2c79-469d-9bfd-e7757a82ab72"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "4096",
"category": "Other",
"uuid": "2b01230e-a2b5-4db5-be8f-11385fab0af6"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--21bbfcf1-6d03-46ab-926e-8c513e3c9c6f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:51.000Z",
"modified": "2019-04-10T19:40:51.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "6453931a0b6192e0bbd6476e736ca63f",
"category": "Payload delivery",
"to_ids": true,
"uuid": "35ecbbc7-b2c8-4899-973d-5e7aa032cff1"
},
{
"type": "float",
"object_relation": "entropy",
"value": "6.343388",
"category": "Other",
"uuid": "8f2641a0-9602-41b2-8fff-1fabf68ba6e5"
},
{
"type": "text",
"object_relation": "name",
"value": ".text",
"category": "Other",
"uuid": "7bacab93-e050-4b5e-9f1f-faa1ef0edc7f"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "184320",
"category": "Other",
"uuid": "cf5634c9-4d41-4bae-976f-90f3af3f5239"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--23520dbd-c625-44d0-816a-fff60adf8c08",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:51.000Z",
"modified": "2019-04-10T19:40:51.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "0ba1433cc62ba7903ada2f1e57603e83",
"category": "Payload delivery",
"to_ids": true,
"uuid": "f28e5c61-c02f-4c96-849f-8bc5bbd65493"
},
{
"type": "float",
"object_relation": "entropy",
"value": "6.246206",
"category": "Other",
"uuid": "d17e2071-59be-42fc-85a8-20b4ef814576"
},
{
"type": "text",
"object_relation": "name",
"value": ".rdata",
"category": "Other",
"uuid": "3a25c314-d3b4-482a-ab56-5553ef8dbb97"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "16384",
"category": "Other",
"uuid": "53662898-0a16-4d57-b8b7-0553c2fb83aa"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--8c51db87-a216-44c0-bd75-69239348d2a1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:51.000Z",
"modified": "2019-04-10T19:40:51.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "76a08265777f68f08e5e6ed2102cb31d",
"category": "Payload delivery",
"to_ids": true,
"uuid": "95db93c0-facd-405f-8631-382bb0f6bb90"
},
{
"type": "float",
"object_relation": "entropy",
"value": "4.050945",
"category": "Other",
"uuid": "c1d0f8d4-dc5a-42fa-b143-f45763e3812f"
},
{
"type": "text",
"object_relation": "name",
"value": ".data",
"category": "Other",
"uuid": "c0404d60-1075-4886-8265-5065d61c3412"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "12288",
"category": "Other",
"uuid": "8041a49e-2e44-46bd-9cde-5aa2e51df8b6"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--b4eb4fd7-5fee-43e6-8ecd-63c87632d4c0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:52.000Z",
"modified": "2019-04-10T19:40:52.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "cb8939d6bc1cd076acd850c3850bdf78",
"category": "Payload delivery",
"to_ids": true,
"uuid": "cb311e88-2f90-47d9-89c0-f054fa6e8f5b"
},
{
"type": "float",
"object_relation": "entropy",
"value": "3.289605",
"category": "Other",
"uuid": "51d75451-596f-46ec-b8da-a3448f8d96ec"
},
{
"type": "text",
"object_relation": "name",
"value": ".rsrc",
"category": "Other",
"uuid": "7f9cea95-46bb-4e9f-a65f-28c1ce230732"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "4096",
"category": "Other",
"uuid": "f8eb93ea-77d3-4237-8084-2bfb1d5a3ee5"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--d7d9f6b7-4b64-49a9-843a-a675d8130f4b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:53.000Z",
"modified": "2019-04-10T19:40:53.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "float",
"object_relation": "entropy",
"value": "2.625229",
"category": "Other",
"uuid": "1f81d0b9-4e31-4c6a-bd10-80c9785ee32e"
},
{
"type": "md5",
"object_relation": "md5",
"value": "64cb3246aafa83129f7fd6b25d572a9f",
"category": "Payload delivery",
"to_ids": true,
"uuid": "37634b09-9c3d-45d6-8005-444aa186e704"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "1024",
"category": "Other",
"uuid": "0a15b2f9-e41c-4482-ae9d-af5bdd042ab1"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--b6b3a355-04df-468c-b334-3553062b12c7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:53.000Z",
"modified": "2019-04-10T19:40:53.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "e8c15e136370c12020eb23545085b9f6",
"category": "Payload delivery",
"to_ids": true,
"uuid": "258993a2-b254-4071-b133-cb5dde33da2e"
},
{
"type": "float",
"object_relation": "entropy",
"value": "6.431942",
"category": "Other",
"uuid": "b6d6ca82-504b-4c7d-b143-600efa72354d"
},
{
"type": "text",
"object_relation": "name",
"value": ".text",
"category": "Other",
"uuid": "c81e9ee1-deb7-4ba8-bf6c-166939c37b5d"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "196096",
"category": "Other",
"uuid": "6a19d2df-7ce7-4818-b01a-f40617f79ba9"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--99a21cae-aca7-4dc5-a057-c31d995c3de7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:53.000Z",
"modified": "2019-04-10T19:40:53.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "cf0eb4ad22ac1ca687b87a0094999ac8",
"category": "Payload delivery",
"to_ids": true,
"uuid": "597380cc-7507-4998-b3a8-45dd517520dd"
},
{
"type": "float",
"object_relation": "entropy",
"value": "5.990247",
"category": "Other",
"uuid": "3d0b10a1-d06f-49ba-a9dc-7290e8750906"
},
{
"type": "text",
"object_relation": "name",
"value": ".rdata",
"category": "Other",
"uuid": "7d0c309a-d05b-4889-87b8-45f628def06c"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "26624",
"category": "Other",
"uuid": "7655cba8-e280-43fb-b777-6b972ec4e8df"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--81b7d5fc-2afa-4313-b589-1773e410cd85",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:53.000Z",
"modified": "2019-04-10T19:40:53.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "b246681e20b3c8ff43e1fcf6c0335287",
"category": "Payload delivery",
"to_ids": true,
"uuid": "86206141-3aa8-4886-8e2a-3222156bb54e"
},
{
"type": "float",
"object_relation": "entropy",
"value": "4.116777",
"category": "Other",
"uuid": "cf0de307-928e-41b2-899f-df59d845d57a"
},
{
"type": "text",
"object_relation": "name",
"value": ".data",
"category": "Other",
"uuid": "2a18117d-c785-41a1-9892-4ddc3bc79b92"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "8192",
"category": "Other",
"uuid": "5273e830-5273-4de5-bea8-0ba4505390e5"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--b0039524-0831-4150-9367-0c01132e1f6d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:53.000Z",
"modified": "2019-04-10T19:40:53.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "6545248a1e3449e95314cbc874837096",
"category": "Payload delivery",
"to_ids": true,
"uuid": "0c0c80fe-1642-485b-983a-19f311bcc4f9"
},
{
"type": "float",
"object_relation": "entropy",
"value": "5.112624",
"category": "Other",
"uuid": "6410bfcc-e96b-4d8d-8111-d6652828a391"
},
{
"type": "text",
"object_relation": "name",
"value": ".rsrc",
"category": "Other",
"uuid": "1afb96a6-68c2-43bf-ba04-abab50a34d9c"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "512",
"category": "Other",
"uuid": "98c12a6a-6401-44ce-98c3-e3e07ac92d6c"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--dbc2c668-6778-40ee-a1d2-0a8eed89d382",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:54.000Z",
"modified": "2019-04-10T19:40:54.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "31a7ab6f707799d327b8425f6693c220",
"category": "Payload delivery",
"to_ids": true,
"uuid": "3893e4f3-e5a9-45c5-b83c-247b16b3d1de"
},
{
"type": "float",
"object_relation": "entropy",
"value": "5.176231",
"category": "Other",
"uuid": "3f641459-6fb8-4335-a615-d74c599119fc"
},
{
"type": "text",
"object_relation": "name",
"value": ".reloc",
"category": "Other",
"uuid": "2ed36d70-6684-4085-812c-1a0d0f194ca8"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "8704",
"category": "Other",
"uuid": "501634fd-b6bd-48fc-b476-269bb07d6134"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--08b33dc6-0d4c-4441-85b9-19177bfce17f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:54.000Z",
"modified": "2019-04-10T19:40:54.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "float",
"object_relation": "entropy",
"value": "2.658486",
"category": "Other",
"uuid": "f00fe537-cd14-47b8-b6df-b8d7ccb8e6d4"
},
{
"type": "md5",
"object_relation": "md5",
"value": "59b5d567b9b7b9da0ca0936675fd95fe",
"category": "Payload delivery",
"to_ids": true,
"uuid": "24e2ea0e-520b-4a6b-b877-9d2f01ed84b2"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "1024",
"category": "Other",
"uuid": "7e807666-5bbb-4405-ac7a-4bef7a82fb39"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--cf24fa43-ec76-41ac-a2c9-c76a86ccd334",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:54.000Z",
"modified": "2019-04-10T19:40:54.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "c0b6929e0f01a7b61bde3d7400a801e0",
"category": "Payload delivery",
"to_ids": true,
"uuid": "c02b02bf-849a-4907-b494-430749daae3a"
},
{
"type": "float",
"object_relation": "entropy",
"value": "6.470188",
"category": "Other",
"uuid": "4d8fa4ef-96e9-45d2-8bde-428a80c7ccb5"
},
{
"type": "text",
"object_relation": "name",
"value": ".text",
"category": "Other",
"uuid": "efcc600f-6886-45e6-84d3-aad00c22a98d"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "218624",
"category": "Other",
"uuid": "bb55c1f6-41dc-4ed7-9a69-3da4204317dc"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--06b00c8c-78e4-4833-a79a-c70ac79d8b25",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:54.000Z",
"modified": "2019-04-10T19:40:54.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "ce1e5ab830fcfaa2d7bea92f56e9026e",
"category": "Payload delivery",
"to_ids": true,
"uuid": "2a4ab050-8faf-4fb7-85b5-1dbb1d2a9713"
},
{
"type": "float",
"object_relation": "entropy",
"value": "5.962575",
"category": "Other",
"uuid": "10d55f20-9e31-4f11-abdd-af997378272b"
},
{
"type": "text",
"object_relation": "name",
"value": ".rdata",
"category": "Other",
"uuid": "eb6d6bc4-a200-42cd-b20c-4e10d1101aa4"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "27136",
"category": "Other",
"uuid": "5993ae0b-3a39-4f4a-96c0-3635d726430d"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--7b055b6f-f844-470b-958f-918ada8231bc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:54.000Z",
"modified": "2019-04-10T19:40:54.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "006bad003b65738ed203a576205cc546",
"category": "Payload delivery",
"to_ids": true,
"uuid": "bb646ce2-6204-44d1-93e7-d1e3db024e50"
},
{
"type": "float",
"object_relation": "entropy",
"value": "4.157373",
"category": "Other",
"uuid": "788ceb35-b02b-4c4e-840b-28c8c33e341b"
},
{
"type": "text",
"object_relation": "name",
"value": ".data",
"category": "Other",
"uuid": "8cda33eb-b153-4886-9057-9bcaee63ec25"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "8192",
"category": "Other",
"uuid": "d77b76f2-16b7-4585-8a8f-cc476e3934a2"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--3014952d-8c6c-47f4-9e95-a2e07d248668",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:54.000Z",
"modified": "2019-04-10T19:40:54.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "992987e022da39fcdbeede8ddd48f226",
"category": "Payload delivery",
"to_ids": true,
"uuid": "4103dce2-1897-412a-abcd-38a36bfcbb02"
},
{
"type": "float",
"object_relation": "entropy",
"value": "5.51187",
"category": "Other",
"uuid": "ea603899-a8a5-4bd6-8a79-1ddf566188d9"
},
{
"type": "text",
"object_relation": "name",
"value": ".rsrc",
"category": "Other",
"uuid": "7bf18fef-03c0-4d57-817d-d766ac8edb97"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "3072",
"category": "Other",
"uuid": "daf93f17-ff50-49e0-a4d8-16a5ca8304ca"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--03f59ed6-d83e-4769-a8ac-611f258d0429",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:54.000Z",
"modified": "2019-04-10T19:40:54.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "4be460324f0f4dc1f6a0983752094cce",
"category": "Payload delivery",
"to_ids": true,
"uuid": "16ba4695-e9a1-41f9-b742-8f8be584c06f"
},
{
"type": "float",
"object_relation": "entropy",
"value": "5.303151",
"category": "Other",
"uuid": "027fec2c-9566-42ed-b068-ee943edbf127"
},
{
"type": "text",
"object_relation": "name",
"value": ".reloc",
"category": "Other",
"uuid": "7e444bcf-fd06-47da-919a-cfd945b62f32"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "9728",
"category": "Other",
"uuid": "d4cb0580-7068-42db-84e8-f41fc287146d"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--681912d6-af0d-4b11-af8f-576123bb2ef7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:55.000Z",
"modified": "2019-04-10T19:40:55.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "float",
"object_relation": "entropy",
"value": "2.4864",
"category": "Other",
"uuid": "50c7c57c-4dfa-4686-9335-81a231fa8d6c"
},
{
"type": "md5",
"object_relation": "md5",
"value": "e772c7a04c7e3d53c58fdb8a88bb0c02",
"category": "Payload delivery",
"to_ids": true,
"uuid": "547b1937-09b0-4973-9534-a614404ff7ad"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "1024",
"category": "Other",
"uuid": "514ca7d3-9ed2-430e-8756-e9cb867f4c0c"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--a2dfae6d-1e63-4f17-aa63-b82b363d2000",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:55.000Z",
"modified": "2019-04-10T19:40:55.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "a6a2750e5b57470403299e0327553042",
"category": "Payload delivery",
"to_ids": true,
"uuid": "71d5ae1c-3f38-4e9b-bfca-9136c7680eac"
},
{
"type": "float",
"object_relation": "entropy",
"value": "6.29743",
"category": "Other",
"uuid": "0a32cf4f-d40f-4d99-b929-1d7fa681f215"
},
{
"type": "text",
"object_relation": "name",
"value": ".text",
"category": "Other",
"uuid": "b1e8091d-8c41-4f1c-a945-9df2404d1e12"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "34816",
"category": "Other",
"uuid": "29c9c5d2-9c05-4ea5-8241-df4da93e68d8"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--cb37303a-fd4b-4a66-a6e8-ff5dffc84ac7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:55.000Z",
"modified": "2019-04-10T19:40:55.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "cc5d69374e9b0266a4b1119e5274d392",
"category": "Payload delivery",
"to_ids": true,
"uuid": "1fe9839e-bc54-4e3c-9527-4178f7349491"
},
{
"type": "float",
"object_relation": "entropy",
"value": "4.71565",
"category": "Other",
"uuid": "44db3c73-4453-4765-ae4a-24ac4ade8e7c"
},
{
"type": "text",
"object_relation": "name",
"value": ".rdata",
"category": "Other",
"uuid": "0b3ef129-e647-4a3d-ba0a-fd1112842f5b"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "12288",
"category": "Other",
"uuid": "93d6e715-42d5-430f-9218-6c89a6d6b407"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--737ccfd6-1e0e-494d-bcdc-5cbf6ae072f7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:55.000Z",
"modified": "2019-04-10T19:40:55.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "ac4ee21fcb2501656efc217d139ec804",
"category": "Payload delivery",
"to_ids": true,
"uuid": "9577dd42-7be8-4cfe-991e-1fc03c133857"
},
{
"type": "float",
"object_relation": "entropy",
"value": "1.87695",
"category": "Other",
"uuid": "f95c7a9c-cb91-490a-8433-e1081597f624"
},
{
"type": "text",
"object_relation": "name",
"value": ".data",
"category": "Other",
"uuid": "35fdd5fa-da9b-47d4-9173-8bf7d37146d4"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "5120",
"category": "Other",
"uuid": "b14dfab0-e748-473d-8139-6709571fdd82"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--d032374b-36e3-4c4b-895b-c3a776cb60c4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:55.000Z",
"modified": "2019-04-10T19:40:55.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "359af12d4a14ced423d39736dfec613a",
"category": "Payload delivery",
"to_ids": true,
"uuid": "41865ad4-aa5e-4136-ba7c-75121c62071c"
},
{
"type": "float",
"object_relation": "entropy",
"value": "3.878158",
"category": "Other",
"uuid": "adb4a29e-b7ed-4423-a7fd-997974098aad"
},
{
"type": "text",
"object_relation": "name",
"value": ".pdata",
"category": "Other",
"uuid": "4758b794-15c2-4581-826c-123da5633274"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "2560",
"category": "Other",
"uuid": "90ac40d2-8e52-4fd9-8365-b59b6dd23e6a"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--9c760cfe-2e23-4e32-b35b-d7097fd4c799",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:55.000Z",
"modified": "2019-04-10T19:40:55.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "097e0e4be076b795a7316f1746bace8a",
"category": "Payload delivery",
"to_ids": true,
"uuid": "82e679ce-0fc0-4e34-aef5-6d3d57faecd5"
},
{
"type": "float",
"object_relation": "entropy",
"value": "5.514584",
"category": "Other",
"uuid": "e0bee652-9e86-4116-bbc1-ba2397c1b2cc"
},
{
"type": "text",
"object_relation": "name",
"value": ".rsrc",
"category": "Other",
"uuid": "fcfd25bb-b089-4178-818f-4d310fb1d282"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "3072",
"category": "Other",
"uuid": "5370431c-1840-481c-b92a-d10424739227"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--34135ff1-138a-4297-afe6-6e17271fbeec",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:56.000Z",
"modified": "2019-04-10T19:40:56.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "5849f380266933d6f3c5c4740334b041",
"category": "Payload delivery",
"to_ids": true,
"uuid": "3b692804-a934-4dd7-9b14-3942beb53f23"
},
{
"type": "float",
"object_relation": "entropy",
"value": "2.517963",
"category": "Other",
"uuid": "8360ac22-47cf-4aa7-b1cb-900c73d04360"
},
{
"type": "text",
"object_relation": "name",
"value": ".reloc",
"category": "Other",
"uuid": "10335091-e394-4085-a76a-fe8f960b2f5d"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "1024",
"category": "Other",
"uuid": "2188d52b-4fa7-4da7-8c82-68f51b9506ec"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--1435e56d-5f38-40c6-a7c7-d85df67a37ea",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:56.000Z",
"modified": "2019-04-10T19:40:56.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "float",
"object_relation": "entropy",
"value": "2.524087",
"category": "Other",
"uuid": "92189470-ebf6-48eb-b9e1-017745671592"
},
{
"type": "md5",
"object_relation": "md5",
"value": "3bb2a7d6aab283c82ab853f536157ce2",
"category": "Payload delivery",
"to_ids": true,
"uuid": "668ce866-63af-4400-8034-46a423aacdc0"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "1024",
"category": "Other",
"uuid": "eaab7e4e-bf2e-4444-843e-e30d6a32dff0"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--b29bf9b8-09d1-41ec-8cf6-1556913a36b7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:56.000Z",
"modified": "2019-04-10T19:40:56.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "b0bf8ec7b067fd3592c0053702e34504",
"category": "Payload delivery",
"to_ids": true,
"uuid": "cfa05f87-32cb-4909-bbc4-d75395fb29f6"
},
{
"type": "float",
"object_relation": "entropy",
"value": "6.180871",
"category": "Other",
"uuid": "2fa44e3b-b752-4a79-b504-ed631a606d80"
},
{
"type": "text",
"object_relation": "name",
"value": ".text",
"category": "Other",
"uuid": "48a309fb-c98c-4cdc-b0dd-c0232816918d"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "23552",
"category": "Other",
"uuid": "39d0c30a-cdc5-4d17-81f4-3db9a0103744"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--409a8ca2-3740-4465-be76-e1ebed4570e6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:56.000Z",
"modified": "2019-04-10T19:40:56.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "6cc98c5fef3ea1b782262e355b5c5862",
"category": "Payload delivery",
"to_ids": true,
"uuid": "c7b0a953-b4d4-414b-a877-fbe638908f7e"
},
{
"type": "float",
"object_relation": "entropy",
"value": "4.635336",
"category": "Other",
"uuid": "0348e323-2dbb-4624-aa70-578dbb3f8406"
},
{
"type": "text",
"object_relation": "name",
"value": ".rdata",
"category": "Other",
"uuid": "d26ecbd6-9a8f-4e1c-a5de-2854df69de70"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "10752",
"category": "Other",
"uuid": "efe9abd5-8b25-46ce-a86e-9896ee4d00f4"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--855ac261-1c2a-412b-8320-1aa8d22f8c33",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:56.000Z",
"modified": "2019-04-10T19:40:56.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "484d4698d46b3b5ad033c1a80ba83acf",
"category": "Payload delivery",
"to_ids": true,
"uuid": "6e59c926-ab16-40b1-adb0-afe8910a3f8a"
},
{
"type": "float",
"object_relation": "entropy",
"value": "2.145716",
"category": "Other",
"uuid": "30d54d2a-b152-44b1-839e-d14bd9c417d1"
},
{
"type": "text",
"object_relation": "name",
"value": ".data",
"category": "Other",
"uuid": "cca4242d-3ffb-43a8-aa9f-a2249f5d83e0"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "4096",
"category": "Other",
"uuid": "5048f385-c6b7-41a5-9b37-237f095ea990"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5760f7f9-6817-48fb-be8f-112dbd443f0a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:56.000Z",
"modified": "2019-04-10T19:40:56.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "a07c8f17c18c6789a3e757aec183aea6",
"category": "Payload delivery",
"to_ids": true,
"uuid": "03b83675-3bf2-46c5-b2e8-763f307a218f"
},
{
"type": "float",
"object_relation": "entropy",
"value": "3.729952",
"category": "Other",
"uuid": "f56959d1-7bc3-4f78-a720-d1d8db5b5658"
},
{
"type": "text",
"object_relation": "name",
"value": ".pdata",
"category": "Other",
"uuid": "617de1d1-ee07-442b-adf7-48cddada1c7c"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "2048",
"category": "Other",
"uuid": "2baf96ce-c355-49ba-8f27-27a371939dcd"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--081fda7a-462f-411a-b541-1c85411baee2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:56.000Z",
"modified": "2019-04-10T19:40:56.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "fae0d0885944745d98849422bd799457",
"category": "Payload delivery",
"to_ids": true,
"uuid": "963374ec-28f8-41a7-8ef1-c95b11ca1871"
},
{
"type": "float",
"object_relation": "entropy",
"value": "7.997488",
"category": "Other",
"uuid": "45171fb5-f9e2-401e-ae58-28133036e763"
},
{
"type": "text",
"object_relation": "name",
"value": ".rsrc",
"category": "Other",
"uuid": "d4df59cd-c664-4518-a52e-791db071d717"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "348672",
"category": "Other",
"uuid": "edaf8327-0cc0-409d-9da9-f64e17a9fb8b"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--2c3e7740-a7bc-46d7-bed6-5da54b4327f0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:56.000Z",
"modified": "2019-04-10T19:40:56.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "0c1c23e1fb129b1b1966f70fc75cf20e",
"category": "Payload delivery",
"to_ids": true,
"uuid": "79a36606-0756-4edd-931d-e722b7abb09f"
},
{
"type": "float",
"object_relation": "entropy",
"value": "1.737829",
"category": "Other",
"uuid": "bd534413-3c43-4ded-b48b-8d4e8b1364bc"
},
{
"type": "text",
"object_relation": "name",
"value": ".reloc",
"category": "Other",
"uuid": "fef32f0d-fc22-497c-aad3-e38597529c54"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "1536",
"category": "Other",
"uuid": "08d78bd6-8f79-4146-9011-77bb8367ad70"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--8e875ae8-911f-4dcd-b7bb-8a9072d3644e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:58.000Z",
"modified": "2019-04-10T19:40:58.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "float",
"object_relation": "entropy",
"value": "2.628651",
"category": "Other",
"uuid": "2ecc3fc2-c6cf-4b52-9363-9c39b33928ff"
},
{
"type": "md5",
"object_relation": "md5",
"value": "40d66d1a2f846d7c3bf291c604c9fca3",
"category": "Payload delivery",
"to_ids": true,
"uuid": "563ab654-eb9d-4c19-94ea-b0b7f774ebcb"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "1024",
"category": "Other",
"uuid": "8ac6a441-1e36-4d9a-894e-3cf3f5332c97"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--f4844fcb-3d68-4d09-8bbb-7619a0942846",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:58.000Z",
"modified": "2019-04-10T19:40:58.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "d061ffec6721133c433386c96520bc55",
"category": "Payload delivery",
"to_ids": true,
"uuid": "a4ab07b8-96f9-4084-97f2-9b7345af7ef5"
},
{
"type": "float",
"object_relation": "entropy",
"value": "5.999734",
"category": "Other",
"uuid": "93b3e0f4-a3d4-4020-8575-a13ab52c5119"
},
{
"type": "text",
"object_relation": "name",
"value": ".text",
"category": "Other",
"uuid": "0a7b1c24-9d95-4f16-aacd-418ef62ed999"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "284160",
"category": "Other",
"uuid": "fcadb683-a76d-4312-a5e1-6dc74687ddea"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--8da40bf6-a137-4af6-b7d2-4a6fec51aecd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:58.000Z",
"modified": "2019-04-10T19:40:58.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "cbbc6550dcbdcaf012bdbf758a377779",
"category": "Payload delivery",
"to_ids": true,
"uuid": "e1d6425e-ea48-4ae1-a60a-1f2cfe667de7"
},
{
"type": "float",
"object_relation": "entropy",
"value": "5.789426",
"category": "Other",
"uuid": "844ade24-22b9-4573-a4f7-762db4dafa74"
},
{
"type": "text",
"object_relation": "name",
"value": ".rdata",
"category": "Other",
"uuid": "895270ad-3f06-4b36-a994-d1c35f4ac2f2"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "38912",
"category": "Other",
"uuid": "0af1ce03-ad1c-4fbd-ab39-178c0fe622fa"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--6f0934e5-279f-4bd3-93e1-b881f5c59504",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:59.000Z",
"modified": "2019-04-10T19:40:59.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "c83bcaab05056d5b84fc609f41eed210",
"category": "Payload delivery",
"to_ids": true,
"uuid": "07c0c5d4-576b-4e71-8de4-1b8ac6de8207"
},
{
"type": "float",
"object_relation": "entropy",
"value": "3.105496",
"category": "Other",
"uuid": "69a184b6-4076-4fff-a3ff-5d1b902c2f23"
},
{
"type": "text",
"object_relation": "name",
"value": ".data",
"category": "Other",
"uuid": "3fe5fa7d-004c-4a10-be99-64cd94fbbb52"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "7680",
"category": "Other",
"uuid": "0b76128c-6581-41a8-9735-400bfcf05401"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--11f10ac7-5b61-4363-bd6a-59ac0b8fcc9e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:59.000Z",
"modified": "2019-04-10T19:40:59.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "b9fc36206883aa1902566b5d01c27473",
"category": "Payload delivery",
"to_ids": true,
"uuid": "07a02acc-d3c4-4306-a3fa-8e36d31996f4"
},
{
"type": "float",
"object_relation": "entropy",
"value": "5.319307",
"category": "Other",
"uuid": "a09e668c-24aa-440f-ae05-685d59ecfb43"
},
{
"type": "text",
"object_relation": "name",
"value": ".pdata",
"category": "Other",
"uuid": "10921a52-79ef-4432-87e6-f33b55588ff8"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "8704",
"category": "Other",
"uuid": "3fd44ca1-7d53-446b-b261-df018a620fb0"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--1b766990-d382-462f-a49c-1f5c53715ed4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:59.000Z",
"modified": "2019-04-10T19:40:59.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "1c1d46056b4cb4627a5f92112b7e09f7",
"category": "Payload delivery",
"to_ids": true,
"uuid": "93a4f8d0-362b-4044-98cc-688f8601efd4"
},
{
"type": "float",
"object_relation": "entropy",
"value": "5.608168",
"category": "Other",
"uuid": "ad08798d-2954-4bb0-95bc-72d35355bcbe"
},
{
"type": "text",
"object_relation": "name",
"value": ".rsrc",
"category": "Other",
"uuid": "bd3d6eeb-cc89-4470-adcf-10adcf41ce62"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "4096",
"category": "Other",
"uuid": "a4033d18-8a40-488e-86fd-b1bb3374ef7c"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--eb73eb8b-04c4-4e27-b803-b60d56347fec",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:59.000Z",
"modified": "2019-04-10T19:40:59.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "3baedaa3d6b6d6dc9fb0ec4f5c3b007c",
"category": "Payload delivery",
"to_ids": true,
"uuid": "aca886e2-51f8-4835-9211-f22190c5b67c"
},
{
"type": "float",
"object_relation": "entropy",
"value": "2.331154",
"category": "Other",
"uuid": "958a5c3d-aa8d-4777-b150-2baffe03db3b"
},
{
"type": "text",
"object_relation": "name",
"value": ".reloc",
"category": "Other",
"uuid": "59065f07-43bc-439b-93f0-979fb6753c5b"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "2048",
"category": "Other",
"uuid": "6edf96a2-b96d-4757-9f8c-ece9fd724147"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--0145ba7f-231a-4fd8-aba1-438b70fae9fa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:59.000Z",
"modified": "2019-04-10T19:40:59.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "float",
"object_relation": "entropy",
"value": "2.790421",
"category": "Other",
"uuid": "db437369-40d5-4e00-b6ed-1b9982d76ca8"
},
{
"type": "md5",
"object_relation": "md5",
"value": "83ec15e3cf335f784144db4208b328c9",
"category": "Payload delivery",
"to_ids": true,
"uuid": "65391001-38d1-49da-a085-fe8d94fac44c"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "1024",
"category": "Other",
"uuid": "94fb4869-9255-4e12-b8ae-73b14e8c0bdf"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--f20d5f20-e19c-49e3-a2e0-d47a0e0b499e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:59.000Z",
"modified": "2019-04-10T19:40:59.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "036c57e89ea3a6afa819c242c5816b70",
"category": "Payload delivery",
"to_ids": true,
"uuid": "85966b57-2605-4b90-8185-1f067b403afb"
},
{
"type": "float",
"object_relation": "entropy",
"value": "5.688491",
"category": "Other",
"uuid": "5048c911-a599-4242-8e80-643ed510c239"
},
{
"type": "text",
"object_relation": "name",
"value": ".text",
"category": "Other",
"uuid": "e1e462b9-3697-4156-b7ff-92def9365b19"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "206848",
"category": "Other",
"uuid": "0146e69e-8919-4bd2-9673-5a00b9eed22e"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--542776ab-dc9a-49f5-8504-4201f4eb85f7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:40:59.000Z",
"modified": "2019-04-10T19:40:59.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "4812d2f39e9a8ae569370d423ba31344",
"category": "Payload delivery",
"to_ids": true,
"uuid": "5e1aa619-0ba2-46bc-9477-fa14a9b12a8e"
},
{
"type": "float",
"object_relation": "entropy",
"value": "6.000116",
"category": "Other",
"uuid": "0068ee23-e6cb-455c-ac4e-fc2a134bdbc4"
},
{
"type": "text",
"object_relation": "name",
"value": ".rdata",
"category": "Other",
"uuid": "1eb93258-18d5-49bc-87d8-49083789e777"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "26112",
"category": "Other",
"uuid": "8f7dfe97-825a-48b1-82db-7f24295e739b"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--001f3b62-1dc5-46b7-a5d1-0d172470284f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:41:00.000Z",
"modified": "2019-04-10T19:41:00.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "cb41e8f63b7c22c401a0634cb4fe1909",
"category": "Payload delivery",
"to_ids": true,
"uuid": "1a677867-4ba8-4281-a03b-6e4d45e2285e"
},
{
"type": "float",
"object_relation": "entropy",
"value": "4.748331",
"category": "Other",
"uuid": "30879ef1-7c9a-460e-8ad8-b6c0644c831b"
},
{
"type": "text",
"object_relation": "name",
"value": ".data",
"category": "Other",
"uuid": "2d888451-fc78-444a-a4cc-24e8b0a28d44"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "2048",
"category": "Other",
"uuid": "86c1f0d6-d21b-4d7f-b657-fd1754ebcf48"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--b144f1bb-4a25-4b2f-9e73-640f10889fec",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:41:00.000Z",
"modified": "2019-04-10T19:41:00.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "3cc7651747904bfe94ed18f44354a706",
"category": "Payload delivery",
"to_ids": true,
"uuid": "554acd1f-4c9c-4c1d-99af-58b7493522d9"
},
{
"type": "float",
"object_relation": "entropy",
"value": "4.962073",
"category": "Other",
"uuid": "485f0bf4-7faf-4d96-b4ee-d871ef6c3f62"
},
{
"type": "text",
"object_relation": "name",
"value": ".pdata",
"category": "Other",
"uuid": "120e916d-363b-4ffe-851d-ee9818ded5e1"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "5120",
"category": "Other",
"uuid": "33b99c6d-6c65-4304-b196-797a6db2e55f"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--06738787-de97-4d46-b799-b0492c57d3e5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:41:00.000Z",
"modified": "2019-04-10T19:41:00.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "9e92c54604ea67e76210c3c914e9608c",
"category": "Payload delivery",
"to_ids": true,
"uuid": "1c3aec0a-33b8-47a0-a9a5-5dc05b30c9fb"
},
{
"type": "float",
"object_relation": "entropy",
"value": "5.606351",
"category": "Other",
"uuid": "a2cf0031-d02f-4fa8-b812-7998b837a54f"
},
{
"type": "text",
"object_relation": "name",
"value": ".rsrc",
"category": "Other",
"uuid": "a9255c91-81cc-4d09-8a49-5f6e45a73929"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "4096",
"category": "Other",
"uuid": "a3f1fa7f-70b9-45f4-8426-c15950f11c34"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--6cd4ce4a-6876-4fc6-a865-3a078c3f63e8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:41:00.000Z",
"modified": "2019-04-10T19:41:00.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "71dcfb1ec7257ee58dcc20cafb0be691",
"category": "Payload delivery",
"to_ids": true,
"uuid": "88fadd04-362b-4da3-945c-46123d71b107"
},
{
"type": "float",
"object_relation": "entropy",
"value": "0.673424",
"category": "Other",
"uuid": "32113860-4289-480d-86df-f54d932dc94d"
},
{
"type": "text",
"object_relation": "name",
"value": ".reloc",
"category": "Other",
"uuid": "20ce954c-9c3a-4f34-8beb-17efb4536d2e"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "512",
"category": "Other",
"uuid": "dd0b1837-0a06-4993-9788-d3ed36dd6202"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--ac51556a-91c0-4267-9e61-de0a0dbabf05",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:41:00.000Z",
"modified": "2019-04-10T19:41:00.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "float",
"object_relation": "entropy",
"value": "0.586304",
"category": "Other",
"uuid": "879e9228-23e9-4d97-8009-e046b91b7aeb"
},
{
"type": "md5",
"object_relation": "md5",
"value": "84f39a6860555231d60a55c72d07bc5e",
"category": "Payload delivery",
"to_ids": true,
"uuid": "59e51ead-2783-4216-b44e-90e11857d672"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "4096",
"category": "Other",
"uuid": "ea1ff8d3-922c-4b4a-a44e-7714d6076a12"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--ea7cc58d-1fe6-4a0b-8070-4fe5b38cb690",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:41:00.000Z",
"modified": "2019-04-10T19:41:00.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "649c24790b60bda1cf2a85516bfc7fa0",
"category": "Payload delivery",
"to_ids": true,
"uuid": "6cc732da-7efb-4ebb-9633-3822c5e4a0ff"
},
{
"type": "float",
"object_relation": "entropy",
"value": "5.98329",
"category": "Other",
"uuid": "f00c1d4a-87b9-4472-b6b8-29f642a56a18"
},
{
"type": "text",
"object_relation": "name",
"value": ".text",
"category": "Other",
"uuid": "70fe749e-dffd-4d2e-b5a2-9814b70979eb"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "24576",
"category": "Other",
"uuid": "545f156d-000a-4918-a06f-e47c76fe7371"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--c57a6cf7-e544-4364-adba-a72ea3e6573f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:41:00.000Z",
"modified": "2019-04-10T19:41:00.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "fbd6ca444ef8c0667aed75820cc99dce",
"category": "Payload delivery",
"to_ids": true,
"uuid": "3608a534-9bc9-4ba9-a43f-c61d21088d0d"
},
{
"type": "float",
"object_relation": "entropy",
"value": "3.520964",
"category": "Other",
"uuid": "90bf5690-047d-40fe-ad8b-5c5f1bc77dc1"
},
{
"type": "text",
"object_relation": "name",
"value": ".rdata",
"category": "Other",
"uuid": "38646942-7e2b-49b9-88d7-5e04432cf143"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "4096",
"category": "Other",
"uuid": "b9d05716-e01d-40e6-bb96-4f0dfae88e2b"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--1746f20a-4522-4af5-b779-165a2b829958",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:41:01.000Z",
"modified": "2019-04-10T19:41:01.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "0ecb4bcb0a1ef1bf8ea4157fabdd7357",
"category": "Payload delivery",
"to_ids": true,
"uuid": "24142516-e506-44b7-a682-b34babb0c972"
},
{
"type": "float",
"object_relation": "entropy",
"value": "3.988157",
"category": "Other",
"uuid": "b443d7d9-2096-43c3-b1b4-c812fbf7193e"
},
{
"type": "text",
"object_relation": "name",
"value": ".data",
"category": "Other",
"uuid": "4baa5798-34b6-4f6a-aa94-3e3b596a2f3b"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "4096",
"category": "Other",
"uuid": "6ff4b78b-140f-4592-9ee3-aa1c2f1f5d03"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--9500fb1e-bb08-45d5-a3eb-3b82f649c624",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:41:01.000Z",
"modified": "2019-04-10T19:41:01.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "float",
"object_relation": "entropy",
"value": "0.709908",
"category": "Other",
"uuid": "c6cfb719-d72b-4ad4-9a65-3a0ff972a444"
},
{
"type": "md5",
"object_relation": "md5",
"value": "d37b95aa17fa132415b37ec777f439ff",
"category": "Payload delivery",
"to_ids": true,
"uuid": "9ad2ded7-a7a2-494b-8aed-219afe98ca52"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "4096",
"category": "Other",
"uuid": "ae4061f1-85ca-455e-a60b-71f835ade07c"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--0f41e5c5-7f40-44a1-885b-7f9597eb99f9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:41:01.000Z",
"modified": "2019-04-10T19:41:01.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "badbc93c35554aec904ab0c34f05fbe0",
"category": "Payload delivery",
"to_ids": true,
"uuid": "37b2712d-92e1-4c80-a022-276c885a225f"
},
{
"type": "float",
"object_relation": "entropy",
"value": "6.295472",
"category": "Other",
"uuid": "7079daf0-c047-40ea-a6be-b187d0309922"
},
{
"type": "text",
"object_relation": "name",
"value": ".text",
"category": "Other",
"uuid": "b93f8d55-2f20-4533-bd95-8adca4c452e6"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "180224",
"category": "Other",
"uuid": "be0569ad-b5e9-481f-85bd-d4ff38268bf2"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--2c0897ef-be21-4b08-a096-899c8545c0a6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:41:01.000Z",
"modified": "2019-04-10T19:41:01.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "64f7a9cafdad34003aba4547bba0e25b",
"category": "Payload delivery",
"to_ids": true,
"uuid": "1aabb47b-2cfb-4fa6-9795-44bf2e0822b1"
},
{
"type": "float",
"object_relation": "entropy",
"value": "6.372911",
"category": "Other",
"uuid": "b639555c-1b57-4035-9579-1a73c3b3a53c"
},
{
"type": "text",
"object_relation": "name",
"value": ".rdata",
"category": "Other",
"uuid": "a88e067c-fccc-4459-a3e3-09575de7d068"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "16384",
"category": "Other",
"uuid": "add355d4-1e45-486e-ac73-b46318451e43"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--6fa43c7f-c294-43cf-8b40-d00655aaa96e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:41:01.000Z",
"modified": "2019-04-10T19:41:01.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "c792eb0c57577f4f3649775cbf32b253",
"category": "Payload delivery",
"to_ids": true,
"uuid": "06af0417-7d0a-4485-9377-1a3c1fd33790"
},
{
"type": "float",
"object_relation": "entropy",
"value": "3.996008",
"category": "Other",
"uuid": "cdbb482d-f5c6-4212-96fe-3c2d12ef61de"
},
{
"type": "text",
"object_relation": "name",
"value": ".data",
"category": "Other",
"uuid": "c7e1a6b2-a4c5-4f90-a690-6732494c6f7e"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "12288",
"category": "Other",
"uuid": "326b7108-c787-4182-9b80-2c64576d2fb5"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--ce21b7c4-404c-4a76-96c8-e50ba9773a30",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-04-10T19:41:01.000Z",
"modified": "2019-04-10T19:41:01.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "md5",
"object_relation": "md5",
"value": "8791f715ae89ffe2c7d832c1be821edc",
"category": "Payload delivery",
"to_ids": true,
"uuid": "f661d161-f743-4ce2-91c6-9bad164daf22"
},
{
"type": "float",
"object_relation": "entropy",
"value": "5.154376",
"category": "Other",
"uuid": "74fc1c8e-65fb-49f5-ad8f-190e6cdeda2d"
},
{
"type": "text",
"object_relation": "name",
"value": ".reloc",
"category": "Other",
"uuid": "09bb0227-98c7-4da1-9c08-047314d51f89"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "8192",
"category": "Other",
"uuid": "a3f93751-1090-4b2f-ad63-9bc7b55932e5"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--05e1b177-1db7-47ca-8a7c-ae4472cedc6b",
2023-04-21 14:44:17 +00:00
"created": "2019-04-12T09:38:20.000Z",
"modified": "2019-04-12T09:38:20.000Z",
"relationship_type": "analysed-with",
"source_ref": "observed-data--22effacf-e4e2-4e50-b638-8246fd0e093e",
"target_ref": "x-misp-object--b2d62cb5-8052-47f2-997e-dd4238004f97"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--144dd0b1-094d-47b3-8128-041b1e0e9a2e",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:03.000Z",
"modified": "2019-04-10T19:41:03.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9",
"target_ref": "observed-data--9b5d58a8-fedd-424b-9e95-1fa9dee6113b"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--da1cb4fd-a201-4adb-8403-fe46e6e8f565",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:03.000Z",
"modified": "2019-04-10T19:41:03.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9",
"target_ref": "observed-data--5e64eddb-9dc7-4976-9c08-4884f931c92e"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--2643aa2b-ff05-4107-acdc-9536ee692c0d",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:03.000Z",
"modified": "2019-04-10T19:41:03.000Z",
"relationship_type": "related-to",
"source_ref": "observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9",
"target_ref": "observed-data--e773193c-a490-442a-a41f-63e402cf3865"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--8da3cc68-2668-43b9-bc75-87d1f19fcabc",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:04.000Z",
"modified": "2019-04-10T19:41:04.000Z",
"relationship_type": "related-to",
"source_ref": "observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9",
"target_ref": "observed-data--bc976e66-b5d6-464d-9adc-0d53da3ec01a"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--382876a6-dee9-4d16-9b37-e24c7f35474d",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:04.000Z",
"modified": "2019-04-10T19:41:04.000Z",
"relationship_type": "related-to",
"source_ref": "observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9",
"target_ref": "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--22281002-f2f0-426f-92a1-7bbea03ba01e",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:04.000Z",
"modified": "2019-04-10T19:41:04.000Z",
"relationship_type": "dropped",
"source_ref": "observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9",
"target_ref": "observed-data--03272933-d90e-4e38-87fa-5490bd1c37d8"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--070ebebc-c949-4189-950b-d4fba0520002",
2023-04-21 14:44:17 +00:00
"created": "2019-04-12T09:38:20.000Z",
"modified": "2019-04-12T09:38:20.000Z",
"relationship_type": "analysed-with",
"source_ref": "observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9",
"target_ref": "x-misp-object--603e0902-44f7-4457-9d0e-6246e8fce379"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--d30eb859-12cd-40eb-ba88-540ec74bc50e",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:04.000Z",
"modified": "2019-04-10T19:41:04.000Z",
"relationship_type": "dropped-by",
"source_ref": "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca",
"target_ref": "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--6f7cf2ee-b82b-4dd4-8f1e-a658e55d9e2b",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:04.000Z",
"modified": "2019-04-10T19:41:04.000Z",
"relationship_type": "related-to",
"source_ref": "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca",
"target_ref": "observed-data--ebf0b816-7fdf-425a-8298-134f91e7cdf2"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--a9577516-3173-4b83-b48d-19e7d7249f8f",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:04.000Z",
"modified": "2019-04-10T19:41:04.000Z",
"relationship_type": "related-to",
"source_ref": "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca",
"target_ref": "observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--43d624cf-c80f-440c-b386-80bf42d18df5",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:04.000Z",
"modified": "2019-04-10T19:41:04.000Z",
"relationship_type": "related-to",
"source_ref": "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca",
"target_ref": "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--d1768ae0-0578-4f0e-ba36-0375e774b26e",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:04.000Z",
"modified": "2019-04-10T19:41:04.000Z",
"relationship_type": "related-to",
"source_ref": "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca",
"target_ref": "observed-data--6c10ee1b-a1c9-414d-92cc-8574decc8af4"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--a26c30d4-2322-4630-85dd-f4362c730fe9",
2023-04-21 14:44:17 +00:00
"created": "2019-04-12T09:38:20.000Z",
"modified": "2019-04-12T09:38:20.000Z",
"relationship_type": "analysed-with",
"source_ref": "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca",
"target_ref": "x-misp-object--c8b6f1f2-e727-4120-8d78-62dabe459c41"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--69632831-ed53-4372-a549-3868163161aa",
2023-04-21 14:44:17 +00:00
"created": "2019-04-12T09:38:20.000Z",
"modified": "2019-04-12T09:38:20.000Z",
"relationship_type": "analysed-with",
"source_ref": "observed-data--e245ed73-c585-4e0b-9190-38647d7f215d",
"target_ref": "x-misp-object--42d5dff2-e1f0-428f-a415-b83a757b7768"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--a82af0aa-9992-45eb-9626-2db734b449d6",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:05.000Z",
"modified": "2019-04-10T19:41:05.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--ebf0b816-7fdf-425a-8298-134f91e7cdf2",
"target_ref": "observed-data--9b5d58a8-fedd-424b-9e95-1fa9dee6113b"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--313bb8cc-d1ab-412e-bed4-1d111edcd1dd",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:05.000Z",
"modified": "2019-04-10T19:41:05.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--ebf0b816-7fdf-425a-8298-134f91e7cdf2",
"target_ref": "observed-data--5e64eddb-9dc7-4976-9c08-4884f931c92e"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--adf3a474-37f8-4f92-86e4-fd0357813e65",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:05.000Z",
"modified": "2019-04-10T19:41:05.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--ebf0b816-7fdf-425a-8298-134f91e7cdf2",
"target_ref": "observed-data--e773193c-a490-442a-a41f-63e402cf3865"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--b9688684-df4d-4352-8000-a8aa6af6679f",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:05.000Z",
"modified": "2019-04-10T19:41:05.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--ebf0b816-7fdf-425a-8298-134f91e7cdf2",
"target_ref": "observed-data--bc976e66-b5d6-464d-9adc-0d53da3ec01a"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--9f9edb40-83cc-47e4-9067-47398bd5c6b4",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:05.000Z",
"modified": "2019-04-10T19:41:05.000Z",
"relationship_type": "related-to",
"source_ref": "observed-data--ebf0b816-7fdf-425a-8298-134f91e7cdf2",
"target_ref": "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--099ce63b-b513-43fd-b2a3-2649df615dac",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:05.000Z",
"modified": "2019-04-10T19:41:05.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--ebf0b816-7fdf-425a-8298-134f91e7cdf2",
"target_ref": "observed-data--930261a1-dfbe-4f99-957b-27f14a50a397"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--34460dbb-e1b5-4867-b485-9824da4b6f0e",
2023-04-21 14:44:17 +00:00
"created": "2019-04-12T09:38:20.000Z",
"modified": "2019-04-12T09:38:20.000Z",
"relationship_type": "analysed-with",
"source_ref": "observed-data--ebf0b816-7fdf-425a-8298-134f91e7cdf2",
"target_ref": "x-misp-object--a314859d-026b-4b02-bcf5-09d7e3c08026"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--4b4e68b5-3daf-4a42-b4aa-fc6e02785f10",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:05.000Z",
"modified": "2019-04-10T19:41:05.000Z",
"relationship_type": "related-to",
"source_ref": "observed-data--6c10ee1b-a1c9-414d-92cc-8574decc8af4",
"target_ref": "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--0cd17079-357d-4575-845a-1fe05253dbd5",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:05.000Z",
"modified": "2019-04-10T19:41:05.000Z",
"relationship_type": "dropped",
"source_ref": "observed-data--6c10ee1b-a1c9-414d-92cc-8574decc8af4",
"target_ref": "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--67337b98-dce2-4a9a-a7d3-942cdd6e8ff9",
2023-04-21 14:44:17 +00:00
"created": "2019-04-12T09:38:21.000Z",
"modified": "2019-04-12T09:38:21.000Z",
"relationship_type": "analysed-with",
"source_ref": "observed-data--6c10ee1b-a1c9-414d-92cc-8574decc8af4",
"target_ref": "x-misp-object--e25a593a-6702-4694-90f3-f0858a21b5e1"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--d444c318-d2e5-4bc9-bfbb-04f0f4686b69",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:06.000Z",
"modified": "2019-04-10T19:41:06.000Z",
"relationship_type": "dropped-by",
"source_ref": "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90",
"target_ref": "observed-data--6c10ee1b-a1c9-414d-92cc-8574decc8af4"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--88237c4c-e86b-4f7d-a527-321be3eaecf8",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:06.000Z",
"modified": "2019-04-10T19:41:06.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90",
"target_ref": "observed-data--dfa5812c-f91e-42b8-811d-718121a46fd9"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--3f2053aa-b036-46d5-b008-d19b2c6c391d",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:06.000Z",
"modified": "2019-04-10T19:41:06.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90",
"target_ref": "observed-data--3d25e903-29f5-4b88-bf80-bd6bd8a9616b"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--877ea53b-b231-407f-88ff-d8ac094a9488",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:06.000Z",
"modified": "2019-04-10T19:41:06.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90",
"target_ref": "observed-data--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--389b4328-70a6-4af9-864b-54e786503037",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:06.000Z",
"modified": "2019-04-10T19:41:06.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90",
"target_ref": "observed-data--aa8e532e-3b80-47e4-bb04-22d666a10bd7"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--ad856d0b-83d8-4395-9039-87a011bfd254",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:06.000Z",
"modified": "2019-04-10T19:41:06.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90",
"target_ref": "observed-data--0031ec2d-46ed-4835-93ef-e6b868a26e40"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--c2f6ba64-5fe0-4dce-92f5-01e44adbb1ef",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:06.000Z",
"modified": "2019-04-10T19:41:06.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90",
"target_ref": "observed-data--378c38f0-377c-4626-949c-5eaa0a6367ae"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--faf1d97e-1661-4a94-95c0-d518d05b4821",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:06.000Z",
"modified": "2019-04-10T19:41:06.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90",
"target_ref": "observed-data--206ae99c-1cda-41e0-a81f-8e0e8c433156"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--c9da5526-c79d-4f18-8644-82dcf115bf0c",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:06.000Z",
"modified": "2019-04-10T19:41:06.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90",
"target_ref": "observed-data--d959b41a-72bb-478a-b453-5dfac6fe0dc1"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--44624e65-1694-4722-8ad1-b5467f33ea72",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:06.000Z",
"modified": "2019-04-10T19:41:06.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90",
"target_ref": "observed-data--a7455d44-d858-472a-96ee-edea677be659"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--ba2b3caa-0b6a-4231-a5cf-31d4f0e9603a",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:07.000Z",
"modified": "2019-04-10T19:41:07.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90",
"target_ref": "observed-data--4fb3c39a-2c59-46d9-be12-028f54e577c9"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--f9a598e7-c224-4060-b5da-860aa786202f",
2023-04-21 14:44:17 +00:00
"created": "2019-04-12T09:38:21.000Z",
"modified": "2019-04-12T09:38:21.000Z",
"relationship_type": "analysed-with",
"source_ref": "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90",
"target_ref": "x-misp-object--1c222ada-8f9b-4a30-9cb1-fc81cd47dee8"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--dd7597f0-fb1c-4386-b98e-56dcdeb0105f",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:07.000Z",
"modified": "2019-04-10T19:41:07.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2",
"target_ref": "observed-data--dfa5812c-f91e-42b8-811d-718121a46fd9"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--c29a65fc-3166-4403-810a-614a16d42c73",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:07.000Z",
"modified": "2019-04-10T19:41:07.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2",
"target_ref": "observed-data--3d25e903-29f5-4b88-bf80-bd6bd8a9616b"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--09a7242c-ed43-4962-8137-ea0a933ac15c",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:08.000Z",
"modified": "2019-04-10T19:41:08.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2",
"target_ref": "observed-data--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--006e2e08-b9ba-41f4-8442-9711d3125a27",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:08.000Z",
"modified": "2019-04-10T19:41:08.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2",
"target_ref": "observed-data--aa8e532e-3b80-47e4-bb04-22d666a10bd7"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--0adb562b-5185-47f0-82bf-f608c070a376",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:08.000Z",
"modified": "2019-04-10T19:41:08.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2",
"target_ref": "observed-data--0031ec2d-46ed-4835-93ef-e6b868a26e40"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--99e65d47-ed19-4ce1-ade4-e4a9ab9013f8",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:08.000Z",
"modified": "2019-04-10T19:41:08.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2",
"target_ref": "observed-data--378c38f0-377c-4626-949c-5eaa0a6367ae"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--e08ca098-168b-471a-b577-3bd29f10c389",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:08.000Z",
"modified": "2019-04-10T19:41:08.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2",
"target_ref": "observed-data--206ae99c-1cda-41e0-a81f-8e0e8c433156"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--6f0f61ef-f76a-4125-82d5-6f614f0e9441",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:08.000Z",
"modified": "2019-04-10T19:41:08.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2",
"target_ref": "observed-data--d959b41a-72bb-478a-b453-5dfac6fe0dc1"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--ee6aa2cc-b314-4b04-b056-520a0b016aae",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:08.000Z",
"modified": "2019-04-10T19:41:08.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2",
"target_ref": "observed-data--a7455d44-d858-472a-96ee-edea677be659"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--145e2935-3459-4df6-b544-98d9b5bb6015",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:08.000Z",
"modified": "2019-04-10T19:41:08.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2",
"target_ref": "observed-data--4fb3c39a-2c59-46d9-be12-028f54e577c9"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--6d00bf8c-a8c5-4598-8dfe-e7efc62faa74",
2023-04-21 14:44:17 +00:00
"created": "2019-04-12T09:38:21.000Z",
"modified": "2019-04-12T09:38:21.000Z",
"relationship_type": "analysed-with",
"source_ref": "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2",
"target_ref": "x-misp-object--c6acfd6b-0a6a-40cc-8f76-c2fdf02f41d9"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--ce7e0e24-e024-44d8-b375-d5c87f245426",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:09.000Z",
"modified": "2019-04-10T19:41:09.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--454b39cf-332b-4236-8015-6d343c883f40",
"target_ref": "observed-data--5e64eddb-9dc7-4976-9c08-4884f931c92e"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--d1dadc09-d175-495d-9a83-dc90cd34c4a6",
2023-04-21 14:44:17 +00:00
"created": "2019-04-12T09:38:21.000Z",
"modified": "2019-04-12T09:38:21.000Z",
"relationship_type": "analysed-with",
"source_ref": "observed-data--454b39cf-332b-4236-8015-6d343c883f40",
"target_ref": "x-misp-object--ae92ce2a-cac9-4284-8ce9-641e2a6d948b"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--1f5d1a76-767b-41f3-810e-78d71e9bcedc",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:09.000Z",
"modified": "2019-04-10T19:41:09.000Z",
"relationship_type": "dropped",
"source_ref": "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c",
"target_ref": "observed-data--dc846c76-af3d-4aab-ba62-ccc9a5582e5d"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--4d3a918e-9bc7-496a-b71e-c01e1b1b6b50",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:09.000Z",
"modified": "2019-04-10T19:41:09.000Z",
"relationship_type": "dropped",
"source_ref": "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c",
"target_ref": "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--f4738c3c-d47d-4d07-8bea-bfd8407fe180",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:09.000Z",
"modified": "2019-04-10T19:41:09.000Z",
"relationship_type": "dropped",
"source_ref": "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c",
"target_ref": "observed-data--03272933-d90e-4e38-87fa-5490bd1c37d8"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--53097655-841b-4969-b159-91cbc4c66394",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:09.000Z",
"modified": "2019-04-10T19:41:09.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c",
"target_ref": "observed-data--9b5d58a8-fedd-424b-9e95-1fa9dee6113b"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--3a118909-7b09-46e9-b192-247b16c742d0",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:09.000Z",
"modified": "2019-04-10T19:41:09.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c",
"target_ref": "observed-data--5e64eddb-9dc7-4976-9c08-4884f931c92e"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--526af43b-b7fa-4fb8-a24e-6d2e769b6d08",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:09.000Z",
"modified": "2019-04-10T19:41:09.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c",
"target_ref": "observed-data--e773193c-a490-442a-a41f-63e402cf3865"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--4d47bf2f-665c-4238-be30-6cf1ff9bfb50",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:09.000Z",
"modified": "2019-04-10T19:41:09.000Z",
"relationship_type": "connected-to",
"source_ref": "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c",
"target_ref": "observed-data--bc976e66-b5d6-464d-9adc-0d53da3ec01a"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--75410ac6-751a-4995-a8c9-235f0256962a",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:10.000Z",
"modified": "2019-04-10T19:41:10.000Z",
"relationship_type": "related-to",
"source_ref": "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c",
"target_ref": "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--d5e9496e-1cf6-4fe2-8f76-a14e7fade55e",
2023-04-21 14:44:17 +00:00
"created": "2019-04-12T09:38:22.000Z",
"modified": "2019-04-12T09:38:22.000Z",
"relationship_type": "analysed-with",
"source_ref": "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c",
"target_ref": "x-misp-object--292b76e3-83c8-4bb0-89c8-8105cf22899d"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--7f1d24c7-5d36-4412-9387-8f948b78e255",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:10.000Z",
"modified": "2019-04-10T19:41:10.000Z",
"relationship_type": "dropped-by",
"source_ref": "observed-data--dc846c76-af3d-4aab-ba62-ccc9a5582e5d",
"target_ref": "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--7755b50d-ed8d-4c08-b386-7a5124ccd4fd",
2023-04-21 14:44:17 +00:00
"created": "2019-04-12T09:38:22.000Z",
"modified": "2019-04-12T09:38:22.000Z",
"relationship_type": "analysed-with",
"source_ref": "observed-data--dc846c76-af3d-4aab-ba62-ccc9a5582e5d",
"target_ref": "x-misp-object--2fc2e78c-c6e8-424c-9ad7-e166e7737e9c"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--801450e8-9347-4846-89bf-44bf18aa2de1",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:10.000Z",
"modified": "2019-04-10T19:41:10.000Z",
"relationship_type": "dropped-by",
"source_ref": "observed-data--03272933-d90e-4e38-87fa-5490bd1c37d8",
"target_ref": "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--6d6b11e7-1b19-4737-907c-9f7c8687a3a6",
2023-04-21 14:44:17 +00:00
"created": "2019-04-10T19:41:10.000Z",
"modified": "2019-04-10T19:41:10.000Z",
"relationship_type": "dropped-by",
"source_ref": "observed-data--03272933-d90e-4e38-87fa-5490bd1c37d8",
"target_ref": "observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--57a22479-6d7f-40b3-ac18-e984a096ee8c",
2023-04-21 14:44:17 +00:00
"created": "2019-04-12T09:38:22.000Z",
"modified": "2019-04-12T09:38:22.000Z",
"relationship_type": "analysed-with",
"source_ref": "observed-data--03272933-d90e-4e38-87fa-5490bd1c37d8",
"target_ref": "x-misp-object--1cba5ef3-2f91-4b11-855e-9480c7fb943d"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--bdc7d799-4d71-4e63-aa41-a77012df1949",
2023-04-21 14:44:17 +00:00
"created": "2019-04-12T09:38:22.000Z",
"modified": "2019-04-12T09:38:22.000Z",
"relationship_type": "analysed-with",
"source_ref": "observed-data--ec5b0828-fc8e-4d29-9a2a-59806d987175",
"target_ref": "x-misp-object--d0962325-2049-4b8a-9cc0-8597888ef490"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}