misp-circl-feed/feeds/circl/stix-2.1/5d159a21-59d4-4881-a9e6-41ca02de0b81.json

434 lines
257 KiB
JSON
Raw Permalink Normal View History

2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--5d159a21-59d4-4881-a9e6-41ca02de0b81",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-28T08:42:04.000Z",
"modified": "2019-06-28T08:42:04.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5d159a21-59d4-4881-a9e6-41ca02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-28T08:42:04.000Z",
"modified": "2019-06-28T08:42:04.000Z",
"name": "OSINT - OSX/Linker: New Mac malware attempts zero-day Gatekeeper bypass",
"published": "2019-06-28T08:50:58Z",
"object_refs": [
"observed-data--5d159a36-2c3c-49c1-8f94-40a102de0b81",
"url--5d159a36-2c3c-49c1-8f94-40a102de0b81",
"x-misp-attribute--5d159ac3-a82c-4763-bf23-458102de0b81",
"observed-data--5d159ae8-17fc-4746-a7de-eac102de0b81",
"url--5d159ae8-17fc-4746-a7de-eac102de0b81",
"indicator--5d159b0b-d57c-453b-989a-eac102de0b81",
"indicator--5d159b9d-39c0-44b3-8927-4a4802de0b81",
"indicator--5d159b9e-b564-4227-bfdd-464602de0b81",
"indicator--5d159be0-51a8-406b-858b-48b602de0b81",
"indicator--5d159be2-63dc-4773-94bc-498502de0b81",
"x-misp-object--4b8b54b1-b3a1-4ed4-a324-468df8df0874",
"x-misp-object--acffc28c-bf93-447e-b63c-68c2dd2b85eb",
"x-misp-object--818eadb9-e542-4def-b9e9-a8ecee1b9737",
"x-misp-object--a2ed7979-f68c-402d-a8fa-701ea3ef90d4",
2024-08-07 08:13:15 +00:00
"relationship--f44921cb-ab7d-48ec-b168-f3c8557f4384",
"relationship--b15a7ad0-8089-4093-9f2c-b2610a5da50d",
"relationship--02c95179-cf38-4842-940c-d7755e57d45a",
"relationship--53ded315-70c8-4bea-aed7-2c13872155c9"
2023-04-21 14:44:17 +00:00
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\"",
"ms-caro-malware-full:malware-platform=\"MacOS_X\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5d159a36-2c3c-49c1-8f94-40a102de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-28T04:40:22.000Z",
"modified": "2019-06-28T04:40:22.000Z",
"first_observed": "2019-06-28T04:40:22Z",
"last_observed": "2019-06-28T04:40:22Z",
"number_observed": 1,
"object_refs": [
"url--5d159a36-2c3c-49c1-8f94-40a102de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5d159a36-2c3c-49c1-8f94-40a102de0b81",
"value": "https://www.intego.com/mac-security-blog/osx-linker-new-mac-malware-attempts-zero-day-gatekeeper-bypass/"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5d159ac3-a82c-4763-bf23-458102de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-28T04:42:43.000Z",
"modified": "2019-06-28T04:42:43.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "Last week, Intego researchers discovered new Mac malware, OSX/Linker, that attempts to leverage a recently disclosed zero-day flaw in macOS' Gatekeeper protection.\r\n\r\nLet's examine what we know about this latest Mac malware campaign.\r\nWhat is the back story?\r\n\r\nBefore digging into the OSX/Linker malware, it would be helpful, for context, to discuss the \"MacOS X GateKeeper Bypass\" vulnerability that was publicly disclosed by Filippo Cavallarin on May 24. Gatekeeper is a technology included in macOS that is supposed to check apps downloaded from the Internet for either a revoked developer signature, or for certain specific malware that Apple chooses to detect, before allowing an app to run."
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5d159ae8-17fc-4746-a7de-eac102de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-28T04:43:20.000Z",
"modified": "2019-06-28T04:43:20.000Z",
"first_observed": "2019-06-28T04:43:20Z",
"last_observed": "2019-06-28T04:43:20Z",
"number_observed": 1,
"object_refs": [
"url--5d159ae8-17fc-4746-a7de-eac102de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5d159ae8-17fc-4746-a7de-eac102de0b81",
"value": "https://www.virustotal.com/gui/ip-address/108.168.175.167/relations"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d159b0b-d57c-453b-989a-eac102de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-28T04:43:55.000Z",
"modified": "2019-06-28T04:43:55.000Z",
"description": "you can check whether any Macs connected to the following IP address over NFS ports (e.g. TCP or UDP ports 111 or 875, or TCP port 2049) between May 24 and June 18",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.168.175.167']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-06-28T04:43:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d159b9d-39c0-44b3-8927-4a4802de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-28T08:41:19.000Z",
"modified": "2019-06-28T08:41:19.000Z",
"pattern": "[file:hashes.MD5 = '6dc1854ab497d70dfc4a07d05ee59ad4' AND file:hashes.SHA1 = 'ef628dc0b4e861827d4acce584f5740de16e86e3' AND file:hashes.SHA256 = 'f6bf5b8bb2400aad4ac844f2b94a4e556907f35b44c5ff462fb4e70c0208c9de' AND file:name = 'f6bf5b8bb2400aad4ac844f2b94a4e556907f35b44c5ff462fb4e70c0208c9de' AND file:size = '48822' AND (file:content_ref.payload_bin = 'UEsDBBQACQAIAMsl3E7qQXWQPqEAALa+AAAgABwANmRjMTg1NGFiNDk3ZDcwZGZjNGEwN2QwNWVlNTlhZDRVVAkAA52bFV2dmxVddXgLAAEEIQAAAAQhAAAA1V7os/H/2Ip5z1g8KQgg2NZN/PW9/WnEYpAuFy7MYxMszUlVRGpeTCIr2Mucx38za3mgySFxXb0VhlQFPmNDmoZsEvTEEtBywWFGiI7ezJWHS1tWPQXh6PUAyGmU3dYDP6hmm/dHB/G7P7jh8kl1FhNaf+079xarmCNFWGWfnRPz5WWX6ms6B9qehn3wlCDwpbumYiWB1r8Ev0KRKqt/M9t4fiJQUodjP44FgRUf6dfTeU0u9pUcxOYcQUiUdPCPFB5a3ldC8YnxEdXD4CdMOwEDIv9yE5SH/mvMHofB4DAvWNDtKczQZY4n5y59ms+7A5fNqMAQUZ8mNzqj/co1RakhScqp8peBCMMGvcZgto9vRZfVvkaM51a/hF1kewuqQYlXsyRwUG/5mc2cQQINWliC2oSi2nx+Es0kXfyQ5o0jKHnuSW9PRvO8jRyOhLm5VrTFeGRrLruaPHVse69iMRSxqvV6jW4ge1ug+ewjTrRdwjf0dGUTZX95544gK4nN1iywonIh37/e49toelsQelMNO7xZSN7zsv1pePo6bxzDbGDxwTtfhg5QFCPLbn+dR0oObJwCcbRh44874IB6AANYnNOnVtJ8kjn+gz7LM5h8NR9Ge1/8YnEiZrclTI5jGNUPBOT26QlTRBRRms8PHRJQ4IAnVD1RxFZWdeNx6DBuxffnl9cO2tI/BNMY/kMMd10lcNazj/iNVbz1yx3xZnm/hlFwQS+GosZw7taikun3fXjjzL7kePadFdU5L4H83gLuzchPI+dQ6IujqDofhgwGg1Td3gjwxkG660tTeI/+0pgTFEGYf03+hFqCZDgwdB6bJ8NofjW8Flb7NkOpKm/n0gNJDYyOUUoUkeGZ9Ltt8NuUx8Ib2YdFOOKgw4bXtsnriwS9BW/gq706wxWiV8GB0xTgg2Fj2Xkk/pfut3koI5/nmVNgBCSJw+9BsWR3FBjdeXGmY0Ye3Bzwr9HprWQB71ja4U+YAOznbJUBxw+zgJO/CX28aFGe5BtZI8qq/ByBbRRiMbvieUbKnZd7p1X3EXL+ZPzTs0/qwRm2RfpnbPfaNsXHa6ibTabisEr1mcQoF3BMs4TAHnXPKO6nsy1qcabTifreaguroH+hJEhKZbnVvuPpGv3DgWnI4NK9TmykUATrxnOYFa/6+mfIa9JPPX8nAvrErDSlR0v50tWMe+BUmQaEQ2cKGXzbgk40D5r6oPHuHpW/47FWalph2SwyNs+KlEE4cn7hmx0nk5G2bQCiLalusQhXa8L7Se3Heh3yvEC38EBeUICqdwxjuFq+DlXICYT+vyRTX11p3sy7p5/CgsSKA2bIqbUntw0FNlfK1zVdQ/SZaeIip7DVkztqiQGK04ULeQ9XNK2ZGqzSdi2YXXPQbBynfJQ96N79cn1nlzHOlTq5lIbTYPo6L+qI+8d1s3JIRP52vmaux9ezxSvTtDIcxUA5qu2lU0Qgr+/UKcI7Ieu0pbSy5xiaScWNK9qM7MABVghZXqR/EZlS/BmGA3hbTU8fvvX89ZidxG8W0slQ1TvViceIgSURGakxT7xJ4WHL/Rt9aUPoTlLu2IpOjrDo9nYWpNWYHppsi7sOwtb8OZi9b6uJV4yBGN3OtZ/suufa61tLI8S3YszgHfpKxmXxst3KR2HeER9yxQ/SsPa8kpe+03QZ0mjiUnKuOZry7FmcrZiyCHoRe2fTbhXkZ0oLCm0Th5vIA21TaJ/kv2XpKF6f3N5hcnaF/d0YInJnpuO4rILIOdmFSWmpFWKhIWbHGxCWHxc40VBEJf76m82qfQs9HwxbP+r1zuMoRJHliATC2XrNR4pfEn+uFWV+wCFenGSJtDJZMpqJFiLQqhwBNtf1BADZVYhV3JI9fTMTm3/e8d/f2bZmcQCIXs1xvsGTbgEoT7uXo90WMbUeSpg4hnUwTsTzqrImaD4R5vJQgVep2oseT5u6TP4fjDa1oAryaeE2JrMOH5leZJSFvRe4fjKvmTU/r5OEgCwqaJL3jaMvE0h2u/EgJJ6tpgICB/+3G2oBbka19w7raVvrRf+4gd14wLVIw+jUmzKQ2TPGA3Y9J1UQ0Qu6TkxNkDe8mIgv/W5UdvtUW+97iXGY9HYERwxLI++bd93NN+MnutCISVAGSzQOQhNPhjM2WNufNks4O55oYroKf+6EZvRZ/Ai+5TAhav4MZHb7ReFpL7/UnXgm6pOJzpJk1S1eA+us0LxeMJt/JHOM1zg3ezsPs4Imbw9C9blxvGwu25IVN19Mrp91DCXeZNQdxVYzx3ftVwyjXU+6bNH7693vnmzDkEvdLZRLiCQSv2dbDlc/9lQ/4pEJ2vvB3akJ+GNZVc0EPX54yhrojc8gq09RLm7A/HhtPFKvgcL9e+GJgXgGDCOQS6Jn4H5N9Bpka4kOCdaFWXoUiFg30uZh6uNbBizmUV6eIDL6StxJhmzYQjj8D0hoJTOeIR5Lwb3mcMDwyMDkOX5J0QHQr9o/SSJKYHYXro2J/vW06ir5EZdSCuNYKGXVyMY+lm/kly0Ypy82DJnWmnlRcwXwKEQjxvYx7jKRRMUyejuzFMgPb4Sp4RrSclx2WaHPHir2on+71cS2c4F3ZmWhtRw35X9nP9uL/sf/bI/gkr05LzPLRzKVFzxmXyUODlSCk1cLJ8BFM0/YHF7grhYRPEX/ZxO3a+eH3r7dqINnH9AUSlI+aUMYGUDPkSyTqLHvPHFjab444MWjSFNa7487CpvzcP6cPUyLyLNh6jaKcwE7cZ8MFU+dHguxa9AtpzMTFlQGFVFASnp5HAcfIQJ+QnUi4/wgS7KlDhkwo7D+kTppLc+HAOL9wgT4NF3kBNpp42Lbnv9Qm8ptPMlcdKDUtgREXCRTe/VSvPZDbRh0tpgpoUxy00o8YgkRabnGvwKCNQxhJ3lVJbIN/NOUsfJ9+KruTgV0xbVL4y44iGn0g1hBrLi7r1sF5woeX3rgJCoM4jKY/m1KOlUg5tmpzdMy429EX9+z03QTLWiZLs8+97cvnH0SlGRtajiVKFRTIgmIDreVmQQSHLkGyEWxaQLwnkMGfelnI0uotK9f9xTGlZE5mTReC/dXFTY44BTD+ERls6VtiTLlwVRNNI9LYNHRxS28HYkvxN/6dEx2z5o9fxfgcyVIh924lt3w3Es1Xj3apUW/P55F5kcvx9suDbvW+81feGEvEc1+2taJg6yaFCvzsJTEmO/lYZK/2zW37RJc+dYqnftgePOHEo7JnlQio+cvKRFVTmeMdFy5IOrsvH/xqOQJjNYtqBXrnGAAxIC7MNR0Q1YUYR1AZCHEPQ4DMiG6h/vrBL46YFC53fTIilrccUa21uCKjQ/OB82hWZ7tH+xa2LJsHsJ0MnKC8RDPBrWIco0Am+AuDCNT38kjzUwzO5Uqc1QthOFP4UvTUCtq+vkNUnkagIuxQxXoshAUZDChVc1joNaRhzuzGB6ManZEuiew2kX1ZN5d6XEtbuVKcbi5UkeDOOEyTBnm6zKIOK2oJBvfua+LwfF3mOEf/j+Gai3AnnE0Hxse5OYZTofQ38tH6eb35/zb0Qw2fiuyurAGvGEQLpEUC9+n5TCc4Cp
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-06-28T08:41:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d159b9e-b564-4227-bfdd-464602de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-28T08:41:19.000Z",
"modified": "2019-06-28T08:41:19.000Z",
"pattern": "[file:hashes.MD5 = '03bc7b51c1ecbe3fb833ce3464d5e36f' AND file:hashes.SHA1 = '22c26271ec6c901d74936520e14ee0330f097ab6' AND file:hashes.SHA256 = 'd53ebf9fe70bce05a00fb6dded971f49b070ed8e10beb0e40d48e3495b274a23' AND file:name = 'd53ebf9fe70bce05a00fb6dded971f49b070ed8e10beb0e40d48e3495b274a23' AND file:size = '58305' AND (file:content_ref.payload_bin = 'UEsDBBQACQAIAMsl3E5YO88/BLUAAMHjAAAgABwAMDNiYzdiNTFjMWVjYmUzZmI4MzNjZTM0NjRkNWUzNmZVVAkAA56bFV2emxVddXgLAAEEIQAAAAQhAAAAaM/A5eqKvTAbxdPLem5JkS7rbIg7zM0zBKR1jsHJ9dTuQL1fSWO6vyFl9HCJ6hARM3aVqiGC45ZIdrs7yuzP8aa8FxtkGV+Po4Mm2sGzORG10boWcP3hANOCgBT5tLhmT5rD0WaYXmH/+UgIQ+4wL2WDmcqvLNjR2UkShykVagAxMd/ZYK/FxG7pm0stZrtSX+B0Jowhq2X9P9R6WLnJTbkLkcOtDd7zFRjNCD0OamjHL/1awk/9JdZ9ez7o6aHvxl/If5/bEuomW1dOzfDFMGONreXlvbGH8jVBTtW8tGmsjOfeiIX5bUEc8MgVz56VNaTj//267FljH5DrBhSfloUvbKVPtmRuuwoGoPamg+jTety6VgAsrt/qeWaBOzkw8IFqv/hO5UJemJ37BwARV+9GUEB3q0qHeEnrRvGT4qNTTw3/GhZkw05vZQpGhR3gKJTCH44nqmcyp0Znt/XBuXbQ6u62DAOGc6sYv0sxoysJNQzXQ4K+o1ZS8U+CB1z+oV+Brj4i2i/72gFAKr6cX4f89JIpA2oPMoN2TZDyy0IDvKTQFHkQ2AWUkVNkX5ansG1Fp+pQ6HwNWnmk+XfBQTRRX/wofppqcJfbyWp32XZTnAmOQ0ezQWSQDNN/I/4y1XBvgoOE81sumOFNyGpeLPrEW84pPIQOtX0lCXkCWO26OpgeifzoIFFaVKKjdZ8FzJOf3BzZKcVLq8rAO6V2pJ28OdFJHG3g4O5diju36E0Wkgpeu5JPZ3frtW6amyiVBQ4VrtKvYnmyjD7lFUAlBZWLDw5BMHO+3YRkA9QtdkdfKbpe1WN7RXKqLKlXOHgiHj0Nw42wSzjlsoVmP/5kj2j4clBIqJa8QsOJvULeXe6MiDap1hbgp1nGCSvQXjAf1DOunuwyFAilLA9RzQR1gJfSo0jECo3Dyhy+mI2Gh+rEVgIm1aqw2ywWyk7VQ3riy1sIVfcRcDTb09esfkGacW17IxxPyMsVuqrxrXdO3MfxR1FYVoh7Xf5wrhPzTk26b1OJtNZUPoc2c/kFWY+hEhnaSWo0BB+1Y+O3t/FvKCkm/wAPdjb+rpNlO1qMVyG7LyjYsksyCStjPMTBAUm2bS6Az5cy6EwB8UAHTjYD6c3S0hwxs2WMcy2B61Y//vXCxoeReApvpaF2bkMlo5Wvu76fT+ykiLFzsCNBAWkzJCws973B4Ijc8JE2/JzWJAji81d+mErHgxC5HsLmKnpzBDuKqDMxSzjxTXKW/GXRRtpHhChukVIh5Yg6bRLdNAr3A+MH5Eot84CyQyHxJv93J8Etq1iTy235SVYV5ljSTeBPL7ZGBpbZflwAowcdNASEoaAF4cexi7qFXqyo+/kwGv/VuoYfcFJXVXVTqfelbuODeCw4mpA1mN74GEa5LO9entu0Q+gYVcrFYNsCHfTsQKX37oKdPdZUgUtRIvBlukEjB8Fcno4trVOI4EfC/enYmsMA6fUwAOzdTDR571UTs598MjHh+S2CvcEF7oVkvvt8vIhA0S6Z/ISf/FrJiA6lWxAXgZzBedU6800rzA7Fv0/gLRETf8OG/57YLOqBHOD48KIfgFmokzsVGKq0g+U7hK0q9s1b2VKYFjz1/V9hJyBz+vh7a8qqxFrMt2kmc2TnTC1uHwCkTC2SsFfbCwrYKtJ7+1HqNBgT7rAXXH6kGl60urgTQJzGfYiCr4NNMu/qDBFfi7pYoOVP5j0bgCCTHtVf8BClRbqRRxqNdHYXoxMlRomd8as27Ba/oDGYgTdwlP13RDo460CYG1Wj5P4rEAnGRvfpy3SxdZTbkoIF2ZeSLRyM/zGpie0F4lFzYKIp/9BGw/sht6xR12g9fl4gvcdEZxaYh/B3OLFsJUyeDqvX2ble0UbIn25r9akJvmdUIaLH5LJ51tItvYWrUlSzU+v+V/C17ymlrBRq7Ks0bTcPW14Cj5nHVVAM6imyQQbn6saGizrhLvqJICz2EIjSJAll27WthkRwayonvq/Uy2D3w/qVdi8WOlBLtsJ//Urbj3Ak4Ll+dlmjM47yfpB+JZe7JV4vtRdzKQEsbcwJm+gefeHbDzTvOa/lrMeBGIGxJGuhJ+xaSFuXSjAQoB7y/Vj4yhpvkrnW+FtvUMyNB5TbQWWOkN3Sytgltv7z9U94b2WDk+CTQ2mga2H9/+QMns4fUYFQ/u6jnU1BWvY9eowYQ948tbNANS5kiFmVibMBT9D8NWIz/ijpat+6l8iLg/wjilTHil90x9Q9DmcqaCLgwIWQGxAMlucYJ/RLDfqTRxNF/o4TIeNW4VXISV0KxNepgsV4LZCf+CclGc2cDYcXCnsgbdqqZAS9cKbMbXwPbOs01C5NfaU0CXxnYcZMAdBmboUcThj23zdcTlRRTC/U2lxaWohK0Y4a5BvNS0bWK67rukM3tH2Ka4UoX3EDwxxowLqVB6oiKDJE1nIy4pe479gfWxOCklhq2pqeVonjiudnrw8C2WIMo6exqygBoZnefsrX/3okgCj7MBkQOBStjRqKnlINS5sM3PVjg5uqjV+ien0F0SX9P1sYeQoJA3Kx4IsXQaJ4AVzuqrObsmBFk56D7AahBruPpEzub6OPlB/V2IpKxzVjxkjg2oQk5aj+GVK5ai/idt3i8cv3yiHG3glivYad8d31cn15Ly8QbKmh85OqEs/15xtXQ8cbVziVlSeelmbJAEU3HjJX/w4wDt1WvuZ2qnqRrM44Qza9vkj8WCn5kjKb2do6k7LfGBsRR5XxdKZyU8J+FhWN1XaGbjqoMneZ/3yXCYCxSzMacWMH1gdnWymyOyIaQGxpku7M4K1boE/5PqvOskfE+z5r4E8gCz8amxA0LoHrDMpc1yIPbXQmwbOy74SQuD8/hQ07GhvbcVeNMoxQkZL5tGd7X1Hg5Ohm/dEAXaZFOWoYJ5nrpw5sxn9faQ+2IITN1AIg7C4Ky5Zg9+i7LSE/srEm7/lwQ/qQGEJoK33bGi3nOpFfJ//HUXI53NuFPZLDKfIeuaMWioBPKNHfgruUzYK7b8qSU/rIC1TNzSxSZhCaNWm4LwLfkuyaWz4U2e7P7XrVlZ7GzV7a3TFsIOCSsQlC3Vf5E94JVugmg5vdPZZDsZxUQzWMk9OXMhCEps0QD7jSeH9f0AWlcb0j6PYTiO3BMJY6QZFwwaSNDKzs5+l4fJtKsjxYQ6YH3qYA31n5JnAKqGhu/pCwO7dxcbJtckLsG70hQJQxZK6+f2msjo9bmohAGMfaqNa2N3PyWhdiPwbCRfmzQMZ33qui6Nep1PzrygwCC3hzs9IXrsX9JtJ4NbnCpZAi34cQvAxlJt8zrXXfLcIONCtMJ5iBDSNZIJ8txceD9PxTwPllurvdYgxl3GyaoEUPsb67699XpaN9uSvgiB+reErPjT3v5wd/E1HpabF0urwlUAcrQBdgpKyoelAbJ9ywiozNJkc3z/MADH5Ew0h5MQPrNmktmUcsnlRJAsmdGrxlP7C3Aq/eAY5GEl0WnsEYZ7IpWK9t61IWElbiG+zHCSQtoPQkQnRURxlubvQfC9LKWt03pPvqK94wNmfAeBSO0Fqduv91t6FXsHTKCNnsM4B
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-06-28T08:41:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d159be0-51a8-406b-858b-48b602de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-28T08:41:19.000Z",
"modified": "2019-06-28T08:41:19.000Z",
"pattern": "[file:hashes.MD5 = 'b928172c67689b98c94d1db283a8cf15' AND file:hashes.SHA1 = '826b1abf68c39a6ab56a5eb6da16a5e4084a0a75' AND file:hashes.SHA256 = '9356ef24e81ae6c4c38839383156a2a00c3f183a31860b7bc566f92f1f1a3f9c' AND file:name = '9356ef24e81ae6c4c38839383156a2a00c3f183a31860b7bc566f92f1f1a3f9c' AND file:size = '921600' AND (file:content_ref.payload_bin = 'UEsDBBQACQAIAO4l3E4ibnMm6pUAAAAQDgAgABwAYjkyODE3MmM2NzY4OWI5OGM5NGQxZGIyODNhOGNmMTVVVAkAA+CbFV3gmxVddXgLAAEEIQAAAAQhAAAAO42hAyCM7fPo1EvHMXkZxXoKkM18dxzfGLdBEQ00sjH5pINOFzJXsZsmKx1wO8pdTTd4gWhJXaq+ZVie5zlqXjGH9OB7rd82wYlroeXelCtc/5d2u6JpnerKhaq3hz9/HoG00mCfnM61YaKCRHohByqEcoHgbKfxoQpghYXnkf0ABoDXq5SMufxmcvf3iPmcIEivsDQQtx1m27y/InaU2MedBtQufGnt7VtXWb88aDcvT6zICw9T+/CP9dLkh6/ZbkTg98FyH7Pbo86ZHdDaEUc7KMBCAKlhEAvCvpalDHIssQy9s1BhfKcfXOTf/tlJHKkoiulHG/l0BAHxz4PgLv1/XApISxoXDlt0sazo3yxto8dMcEi1rCORGwT3FxoDe73cgK3a/n5Y0pxmP7Nqu3cdo9ERUQ//ulQd86k5daZSAY/x5y/7MtH0LVSfq+curdcoSEpvzaH96gHzy453mKOOfKT5Yyr6YTJccTA9VfY1mE3dL0Tym54SeWudK6ZrGI6ZYNT5J1t36kSUKl519OdJFQDwZp4mbb5JJCgmSLCV12i+TnbUXzOBDjs6od50pZ81S1M83p6zx/zJX9n0eP+4IIDqyJu4hTR6Tu2+rw+7JvV/uDQDcVosPfgiqMR+6CegEIcye1A/Oi9TJ5kfqYQQgHOZDQ9VZFz0qglWqKUeCx6yMCOnixX1warRhg55RnB4S90SJF9sq9YYxkHL61EyuoZotV49PkOQI66+n4BwqW6nZ5bwQO231WivjFPsmLLgkctUShHwZBVGNFx8dv0mfzf5EGOSti3o6yRdXQwrAW/gASFcHEmI+bg3AIWd3kcoQJ9/M6TKqinJQT090aFhWrcofXKYWd8mZ2vEwEya58m/Z9S6h83QjuqgV3m7mt4wODiY+/7V5GDGpA4OLLMIc9xV0vuyCJjoCAxZp5fVNKtc3dtQo/ip5X1zoGFvyy+tOvxzXVSZmiLrF4etaYIvJiujcvF+3rhXdqpDCu3bWg3kYU1leIKDL2wQEJRA/CPt4G0Rv70H/RY2A7rJVIvXn32uo7kQlWt84XskLL9uzQtAaEr0cmsWqE9FMMvNPDeYAwbArS2nOlb/FdOSvCT+W5wZJPuP56OhcGnttO61WHAVLw+BQ8ozAiwA7HFuT5EhwCT+7IHFVVJCgTBPtrkT59sjJeUnUBp3hkXLrXBJ4Tr+jTAgKwd+0kiVBDx/QYN2fsaqHm9ON9By4SDEyB1kQtsDIJj3JTrorBpB/BQj1hitRcbLmLSQe/DcLtkG2aWZVmtukAD0bag0wjjWyJes6kadQ7Y1pSnbtPBi4041RMWkiXHgh9DTQcQJBCFpFTHFyxGrD/v+no1180ObTbtS6/cys7eBI0hp9yV2WCJxGDiMcjsicO+uSlpXx6hVGPS8YHu390FAyyNtjTG6tIiMUpO5w9Wjq3cj67tlLJLIkd6Ey8UPBKyttgzWFNaxYUFIJ4scbhoB69J9R8vwhmU06l7GZ4OeXW08/hqAUr4IEPGjMZnKZV0jm5CdFqFA4CLRyju+EIFzmjtQyFnurvaIJB9UQJVRpe74gXHj56Txc8fpwstfwZspZIds2yqFMkV+kpV7T0c4GBaPU3VfQR692ZDl/EuS0692WfKlocFRdQ2yGAOKJI8upnh8Urm8kLESMACjkzi9RDMsadjacLhbu9uCnC4jGzcL3sM5BAyL6KEYgCsx6RZkaUF92Q30zYFbLScfnq7sW32rpD6NDI5eZ0yZFUOhHA0DGqH+BK/tq6cQjgI+YJVXFlu3jTI0XDKX2i9c9u4eFffTcd2nLriY1+O7wAoh2NVr0VBhTZbzUWD2kFa/NEwEYl1NgUBOtFuMO29+BIDOEnMyWLXWCl66HBbcePX0u+9RCMI4j1uXTX+HoHATFjDzxSHZInUMzbv8OuigWfl7Z/kSsQIZP1pUs/x9vOGModb3yqfjy6fiRYefgg71t1jwX251gPWgL4qXngfONDflMmWCkqcGT//WnkKogHdXsB5f0O6FshZghLsfIa7t57AQUJuDCe9xDpzvR4x60kKw7DlMZKSecE83rfBjsEopsys6XJC0/cg+DJd/sIH1CxAKBwpVkuPRjWrIfnArgA0FHTFCMAzTJZEgFdS4p9IajQKk2D+zGWLxpkBSgKubk41FauioDhgvk71nHI548DKk9PXFi13pawc4tFmQqOchRQCXyydf/wyQ0s1KGniUfWq5scdEHw+wnLx9dCrZZHSrocb4UGEbz4ivNOXIlXob6jyn2hHQwUDdzDoAsRfUB0qOMkj/MEKtX3e01zzoipZuu2QkmJZUyaEx4UOzU5mDXbGtyl+i4CVQ7gTlOLxFSPyOyDmH4Cwz0HmAISCfbAjX9G6yCHj3mNHCZRLfaYIgbFZDD7rP8HXByYOlBwDGf5MMTPNVOzr9kN9SiL2Rz1vvEBgCmWP7cmwuF0ubhiTaHd7Comr+lYOcPFjE5lkOSPBsOEZDNUp4pNfEJwpCQSMGaAyWbQnc1w1WzypgsY8Ds5GFZBvkYRo255tPARmhGNAwMTkCMj1dojE7682n16YF4xQpqfMUzq9Sy5WUhVOm9Sq3weFwp7ojy9FTM9StdjS+og1swMKAcTnkMrbA30q9wGLl1emOZPweT+D953JktXnV7FaXbVzC7Al6Gs0Nq/UWtpz0qxKfXfNtoPPB+1kV7Bgz9zOjSZZDS/2zdR967gYvQnUlAl0top80CKukdcxoMZokAsrjh3f0P/drcrDPnMoOjp90Eua8lPwo7p8+g5Tkin1SLdrCiokXJs9mw2BVj2VrpWGmVvynXswqi7YNgN34riSYHzDvaWpSowR9Vp48U0AXfl2qHsnENViWPLb537mN50dHIVDNgFpmzFYSp+h9GmmVZenLg8u0pJnNRTPWK7YeciDmyb9GzRYhZhVKIBmOnNohxQhFLD6IoSn3P49BO9W/lPdtFT4NRr4r2FnkQw9X66escU/4xPLe0vGYL27PaxkzhT3tUcfUls+jC8zHSbdZFmtuW3BEGGnSteNL++IEeL32zTjdPJupt0QdJ+Ls3RWxI8QHQgPnglIyoBODPr0OXfngP7fwVdXVvI+DxeloFddIVlAVbR3NUrRBFkUta7RXAjJIlcH8CUPyjNWgKFq+JwwwaFF5BGSD7+vY7TTq/rpxElg0Ln2qiSHbH8GWq7IF9FxfCFMl8hPqlGe/h4rwN2Fe5T58mPAcsy/fO7NG74UDLKKPvyTjmBcZvr9aW0Kmvej5ShntYR0UsxwqLBkDubQs9leO93Sohc2a0Ed2y27hplvkpgjU6wFPamYhMhUZvUNBaIWuSk7W7aVy+A1FOPdEawKneAcZISHMuY0lpy5xoEbexIU0iSkukJUYZSEb9HG60BpCTeB+kOqCOJui1sJ/qYsC7NjPkJNb1IUDEJaQDsaVNVVX1NrIdKsDDlGJ8mGAUto0OVWnKtMGOo9ylXwcNv9un8fYoJL3uNx5j4bU1deJprOmiCpnxTiAUPLdVksfYi9fcQzXyDiPrqdfu/bDHcDoGVbvpI5PWupf0FxVsPmpfmgnxuZ+ibyweX7h32knoQ+X/R
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-06-28T08:41:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d159be2-63dc-4773-94bc-498502de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-28T08:41:19.000Z",
"modified": "2019-06-28T08:41:19.000Z",
"pattern": "[file:hashes.MD5 = '89357a1b2e32f2b9bddff94b8136810b' AND file:hashes.SHA1 = '56f2779d7ba90aa83a463be40f6ef9d9d030355e' AND file:hashes.SHA256 = 'cdf9137b9dd78d79532a8f8c2f65917601b87f8f25b68027b139db88c6529145' AND file:name = 'cdf9137b9dd78d79532a8f8c2f65917601b87f8f25b68027b139db88c6529145' AND file:size = '10485760' AND (file:content_ref.payload_bin = 'UEsDBBQACQAIAO8l3E7JyOjxWs4AAAAAoAAgABwAODkzNTdhMWIyZTMyZjJiOWJkZGZmOTRiODEzNjgxMGJVVAkAA+KbFV3imxVddXgLAAEEIQAAAAQhAAAA20NyTyDNylXhOGKROlWRDMXaEKDk2BeWQ/t4s8oHGILeinqPJXdl7hFO30kwlmpOfKbx0S1HwqTp3lYwdS0OETV2/u+L7kJuWYtUZ3QWrBO7QoKUL5bALVjtBRqBaWNdxAWzWZeCj/YeFIt2cyX3k/oCwSm1BmfPY3CMSqQsWNCByLN/YvnAMzxy2qAnnNDw19Em23KQ6ZRmmU68cXpD/2k8J+DU2ouVA2ec1pPe/LOhqHEj3grZ4oB9mZks+q9osTC4J4yIm7uo58fxiXF91SsnqtSwXii9SgduP4duGHoBafLMKJPcuvUGyVp95FE4hx/4HBgrmafViWWw39wwumPPtf5EExQ0IanGwLdwar4p3vC2YR8fftaFYD9QSMi5X3oJxweVp4As9IkWyGWNXhSXkB1QFI0g5SOTLaTmPyVWhgr7t1Vj0w7b9s7UthLm3ESboOjqOgL6Lk6blTndsOKuep0BQP8D+SNzmFNhWw/lHohQIaHzEU9lIwBTd21BnmS47OlQlPLanY1rUXhBvoLldnbWp3S4p4SJ41Ctd45kM42waz+c0FrKRn8dEqDiAs4TILNXMk+PXB0mAEV6sKU6RUkjAmfCuKW2VEs9srKLrJBMLDXPd3S5Ti9AKpRA6iaVf5HP0j9nnEkxUIVM7wyF1ZZ94JeJi7vXOl0mwwCdEUIBDf9B67oAU3AV0tI2cFxhZKmGNnmFMQfD5aXPARCBpRicq/Ca1qpVBA2KAShBg8piCmuO7DjMFA9JcuL8C2HWImdzw1dXi1x7lNvdYyHyg2MBF25yDxVTBwsYCY71FIvUFdzKtbWO0aNvGMhle2fLl7+AYHvhIiJYUHhRg3J2fb7lc4gbLvtPguR2Fq3mhFaEjDEmXrE2puBImCX8TH7tPsyNKy3twaRFkV8cj40wTIsb4N/4S5pEDhUN3ZY4o/T6nUEJTlaR5P17Gkn02XfVbZn/YKgiFFdn7uL6uTLXmK9w+4YSpCA2pCdsy0q+i//X/NQlZdKBkiwfIVDwdt9tJolPKCuT+ARNabh1abQsIJOYX0k2ORNgfRa/lYmantfa+yHpYG+OAbu2OiWmMT4CdKEFO1TEYvhEdizddQQExEu1eY6Gha9bHmY0fWnOx5ioBPsiS5RXvTSdahaJ4fLuyF9ZvDVur3FfciLJZ13kZ/GsXJJ4fb1A1lTaBHwWlYBIjq6TsoNP3aL42vdy3CzAkCuINZkWewsHSYJAw5oYUL1hhQQsNfLYbrXbIBj8YvwmJC5VKw58xsjEAIgCi1RmHCNBf+eWTtY8D/KM/TM2r3fkqabBdQfvfoy2cpLuOTFtw3uBqwh+tkRryssmNFZi/sBbTcWt5mY5ZWZNREqR+jHC94B/TD5QY9OK3hM63rZDfoFGTcpUcjNnYAz5Qt8pKHcf6bvTPnf4esrrPt6QhBjk8VMcb4qlAqD42WvGY4MdDM61Uro/osRZleYFAY40dRrluyuKhYAfUdDgs7lnVTMCEUbshYLqCdJ0cPP9HWxAIE/OORi3YW2PdpL1H77Z+rx4PwZowiNbxaSIg6c7jjdS7RiZwzH5pUpcmPLcn+W17DjgnQT3+esn+sC+ik/ry12N4aC6V5eBlIqriIfLYIYbFSLRh+DXYuWrT+C3iMtphjkUIdUqZl2VBUfIKxN3QpfLX76inu1AhY6DbWyCsypIsydmM3PI+bFs70cDjP0gWC3lE3QQjh3170Af9IuW48YXpIacFj7EqDiw3J64aTXbTkirgFtmsdx+/iPifBUYaXmhwA5FYflvzKfM9766xDMtN4juPrSgYo4WMJ2q7/AjLq4+AA2BCduIkUv3XrGAGGr+GAYieruOvDTPHh0qawiJXHOU0sLiYkx4Fmbf/Trj2rZJmIcYjhUfj+QVLtkALj21duk7cGCuJ7WuRCsEdeOT8jKtGD8imdWL36T6neiNu/wrMUBbcApw0rvxPecML8d5jQpl5IOIbE7rpttSYhH570+ndJOmmswzDWElK2un/eYEzKVRBE9w7yh8CXZSoeLZkb4hrJHKT+gsX4EVhNRb2CYXphIWvxPa11KRU/r+8CzmGHuXcz69QZnfCV2RUeFhmxvii0ku1FFDqI80hp7ROvu+nfBZYa8/KNVNRZ+XmJ8jllpjFREQNtZIwhAG7FUzOt5aSeW5kFUt/lJKhb9aRaPpwA9e6vnSxCqXApYhDFlWCFot68GGpu/HISV9HXPHqx707qenF7tokptVW3oxtJz/ie49sTNfVbw3OJrpo5hwWw2T53w6nbT6sfwUI4iyLZdB3WzfuAN3i8E3NRR6W6tCExOoBKx1O5oeXVILiUs2xqF2i+xmgJQxwNFuY4jstJZk4dCIFaq5og1QK+BkmBfi/maiaVZg1Bdk6cCNQtL5vbgbkr9CTAhTZ24IDXhFJGexLZbz2fKZe14EuhQIha7O0cbN1793bSTq7TlqfsHJ7JEglyXwHOq4wv9J+wt1qOuhXmL51AqAk1Wvgkr3MKqdlRqiLz1J36xDGOaaYlAEdCa12ec7ISxr1pDYWtyXTobWrYiDFoPaPRa54+AqhnKlvoIIJnIgYoydxMY0YuFRTVLyXgZeMW2OuyY7QIVt3PX3lL34/AHNO5cEtLvUPm4NZ1+CKZ454cbdfedxcIDKOcTJpEHnO4jxkCU+GLlvZIPuSPKxzFOK615QbK8uc9jHDYli7ZtnS4uox7BR2/qElUkimQHkahQkQt6JM23dqM7FOAqcYBYIsG0rKgauD8QLE9g3C+Qbx162etnj0cBpktqBltpWJxV5BLhkOft+BmfUBpqAn+d+I1m3HTOd1RhAK8NsDFp32dTq6H722N5PePvPomARNhGvJz0PRMl0Ek06n6+U5PG6V5SJoSEKj+vxkJkP7M+qZ0D1kISmgz89WNKlrPnlEAebokNj301OFKVL+DPlt7fON3Ip3luy78gk8lDhQOpL+E+GIWl2tf/nXvRhmvTUkkIz4ZgrFKQ4mwWM1/KOAUobSz2Oha0+u9whZpFqpVyO6n/oNiJ27LpnZoBJYL8sgzPz0lZ3Mf7Xm1ePuxZG439v6Pn1FTsMUCoNM+0twOnXJYCS1CG1clC6VqNa6qvgcRpe95Z1vd0yAj4jKTcIv3lEcL7LyOYaQZdR5Gq48crNjb6YZqLzf8PL9603eMZJzyOYuOFvc6Wl1wqU51y1XqZRTU33uPLyPJbnKQtMv7pv8px0l8PCquu5YEOvvDSXu9T8px9DKMonV8X3eowhmWxyqlw30cXuoqcnpLrJexQMXUA7M395IBrZwlsaDfLfdit0T7/PtH6LdGyS1zIrXUnlbh7JHbFdQ40bTAnu+DnCmQmHfjSxNyz/8x3uKn8491K0Hhq6UmHEoD3hgcd4Mw9844Zb18FpeQ+C1Tg+bxKcCutcuGMbLXue/my+FcelJQKCHJH5wyG1ZgDE428HXLs7HzAiBn2nUB4WMjanjG+CFgxqor68tlpdhrCSiv29geJzVA6uCsK6x0JWTpQbztQWx7xrrP80mttPmOZgEhb3mrKid9R28Ywk2KPaaDYeBNue4htG9x3ltdRKMJ7oRpW3Sfnjn1Yi
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-06-28T08:41:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--4b8b54b1-b3a1-4ed4-a324-468df8df0874",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-28T08:41:19.000Z",
"modified": "2019-06-28T08:41:19.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-06-28T03:10:00",
"category": "Other",
"uuid": "eccd6e7a-052f-432b-88b2-790c76d89f47"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/d53ebf9fe70bce05a00fb6dded971f49b070ed8e10beb0e40d48e3495b274a23/analysis/1561691400/",
"category": "Payload delivery",
"uuid": "029edbb5-a154-4db0-a3e1-632521a58ce8"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "12/55",
"category": "Payload delivery",
"uuid": "002fe056-a0a5-4311-8807-0c91c3f87678"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--acffc28c-bf93-447e-b63c-68c2dd2b85eb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-28T08:41:19.000Z",
"modified": "2019-06-28T08:41:19.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-06-28T03:29:24",
"category": "Other",
"uuid": "7f85ac63-9dc1-48ab-a228-2f9b70fef7e6"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/9356ef24e81ae6c4c38839383156a2a00c3f183a31860b7bc566f92f1f1a3f9c/analysis/1561692564/",
"category": "Payload delivery",
"uuid": "bef88d9e-1dc1-4f97-ad3b-468f6a2a19c3"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "9/54",
"category": "Payload delivery",
"uuid": "2379bbf3-23d5-4ebf-96d3-0a1a77f4e1f8"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--818eadb9-e542-4def-b9e9-a8ecee1b9737",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-28T08:41:20.000Z",
"modified": "2019-06-28T08:41:20.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-06-28T03:10:12",
"category": "Other",
"uuid": "5bd40a85-9bc4-4c28-adda-8fa3821d47b5"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/f6bf5b8bb2400aad4ac844f2b94a4e556907f35b44c5ff462fb4e70c0208c9de/analysis/1561691412/",
"category": "Payload delivery",
"uuid": "aac8c9f0-111b-46c0-b7ab-e287effa62b5"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "11/58",
"category": "Payload delivery",
"uuid": "8ed97b32-2310-4c7e-a2b7-b1a2f10ea6bb"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--a2ed7979-f68c-402d-a8fa-701ea3ef90d4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-28T08:41:20.000Z",
"modified": "2019-06-28T08:41:20.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-06-28T03:09:09",
"category": "Other",
"uuid": "219e65be-3ab2-4fe3-8a96-fb4f81d7ab7a"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/cdf9137b9dd78d79532a8f8c2f65917601b87f8f25b68027b139db88c6529145/analysis/1561691349/",
"category": "Payload delivery",
"uuid": "6630b0d4-6947-423d-a0a5-517579836259"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "3/54",
"category": "Payload delivery",
"uuid": "be04d14c-b55e-459f-a5de-a6bc9febb98f"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--f44921cb-ab7d-48ec-b168-f3c8557f4384",
2023-04-21 14:44:17 +00:00
"created": "2019-06-28T08:41:20.000Z",
"modified": "2019-06-28T08:41:20.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--5d159b9d-39c0-44b3-8927-4a4802de0b81",
"target_ref": "x-misp-object--818eadb9-e542-4def-b9e9-a8ecee1b9737"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--b15a7ad0-8089-4093-9f2c-b2610a5da50d",
2023-04-21 14:44:17 +00:00
"created": "2019-06-28T08:41:20.000Z",
"modified": "2019-06-28T08:41:20.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--5d159b9e-b564-4227-bfdd-464602de0b81",
"target_ref": "x-misp-object--4b8b54b1-b3a1-4ed4-a324-468df8df0874"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--02c95179-cf38-4842-940c-d7755e57d45a",
2023-04-21 14:44:17 +00:00
"created": "2019-06-28T08:41:20.000Z",
"modified": "2019-06-28T08:41:20.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--5d159be0-51a8-406b-858b-48b602de0b81",
"target_ref": "x-misp-object--acffc28c-bf93-447e-b63c-68c2dd2b85eb"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--53ded315-70c8-4bea-aed7-2c13872155c9",
2023-04-21 14:44:17 +00:00
"created": "2019-06-28T08:41:20.000Z",
"modified": "2019-06-28T08:41:20.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--5d159be2-63dc-4773-94bc-498502de0b81",
"target_ref": "x-misp-object--a2ed7979-f68c-402d-a8fa-701ea3ef90d4"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}