2023-04-21 14:44:17 +00:00
{
"type" : "bundle" ,
"id" : "bundle--5d498330-f574-4889-bcc9-c53c950d210f" ,
"objects" : [
{
"type" : "identity" ,
"spec_version" : "2.1" ,
"id" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:35:08.000Z" ,
"modified" : "2019-08-23T09:35:08.000Z" ,
"name" : "CIRCL" ,
"identity_class" : "organization"
} ,
{
"type" : "report" ,
"spec_version" : "2.1" ,
"id" : "report--5d498330-f574-4889-bcc9-c53c950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:35:08.000Z" ,
"modified" : "2019-08-23T09:35:08.000Z" ,
"name" : "OSINT - Sharpening the Machete" ,
"published" : "2019-08-23T09:35:22Z" ,
"object_refs" : [
"observed-data--5d49833d-2ac8-489d-a0bb-4535950d210f" ,
"url--5d49833d-2ac8-489d-a0bb-4535950d210f" ,
"observed-data--5d4988ee-55fc-4a68-813f-44d4950d210f" ,
"url--5d4988ee-55fc-4a68-813f-44d4950d210f" ,
"indicator--5d517330-22ac-4be8-93c4-49c9950d210f" ,
"indicator--5d517330-1658-4540-a753-46e0950d210f" ,
"indicator--5d517330-bd80-44e7-91bc-438c950d210f" ,
"indicator--5d517330-9d60-41b3-8436-4e39950d210f" ,
"indicator--5d517330-25f8-447c-93fc-4b86950d210f" ,
"indicator--5d517330-59a8-4798-9b8f-419d950d210f" ,
"indicator--5d517331-6070-446d-a363-4ddf950d210f" ,
"indicator--5d517331-ae34-454b-b2fe-4dec950d210f" ,
"indicator--5d517331-4b84-4341-afd9-41a6950d210f" ,
"indicator--5d517331-4108-4e33-a7ac-42d2950d210f" ,
"indicator--5d517331-c47c-413c-8047-497e950d210f" ,
"indicator--5d517331-e328-4744-8529-4088950d210f" ,
"indicator--5d517331-d6dc-4648-9b62-4404950d210f" ,
"indicator--5d51737a-b680-46c6-9b58-4ff0950d210f" ,
"indicator--5d51737b-39c8-46cc-87bb-4342950d210f" ,
"indicator--5d51737b-c5d4-42e3-9991-43ca950d210f" ,
"indicator--5d51737b-d2ec-4a93-9e4a-4623950d210f" ,
"indicator--5d51737b-cb90-492c-bc50-49da950d210f" ,
"indicator--5d51737b-e68c-4cf8-8484-4c8f950d210f" ,
"x-misp-attribute--5d52631c-1110-4600-a024-d9c8950d210f" ,
"indicator--8a692de1-9181-4a14-b03b-33eff84dd2dd" ,
"indicator--33584ba5-ffb6-4b6d-a583-2ed8be8b13a8" ,
"indicator--b1fe24c7-e0d6-4ad6-bded-71e94646e1de" ,
"indicator--a438f26a-8ac2-48fa-92db-eeabe8bf2ea1" ,
"indicator--0c8e9a07-b77f-4d99-88bc-90e01491881d" ,
"indicator--ea7d0d1f-8fa6-4e26-9d70-ff1ad56265af" ,
"indicator--04a81d9f-75c8-44eb-8775-7938c5303ab2" ,
"indicator--dba87e0c-17e3-43c0-af22-6f6a55bda3e0" ,
"indicator--dd47f065-a663-4fbb-ad78-66fb372704ca" ,
"indicator--6c19c316-14d6-469a-a122-f2b13c21cc8e" ,
"indicator--4f751950-e0d0-400a-90e0-bbab853a48dd" ,
"indicator--191b4c43-86e6-402b-a206-44cbc16f8ffa" ,
"indicator--7acd2cf2-c80b-4dbf-850d-7168fe00298c" ,
"indicator--957251b4-6f97-4058-97b4-a70ed80ac6e6" ,
"indicator--3c0badfe-f235-436e-aad3-c91be69b2ec5" ,
"indicator--fe11a26b-5e51-4278-8527-77a9757e2c8d" ,
"indicator--c7c69120-a89c-4b14-8a38-36acd6488961" ,
"indicator--f708b2e6-8236-4b45-8180-28f20c5cb105" ,
"indicator--45b5ad6f-62d6-43e1-865e-f815a37fa34f" ,
"indicator--a9f76724-fbcc-43a9-aad4-6737bb8a9ece" ,
"indicator--0754c7c6-7a21-4a8a-be8d-32fa887c756b" ,
"indicator--c51b58e9-416e-43d5-9ef0-651536573149" ,
"indicator--a4be316a-1342-490b-935d-3cb667a02ad6" ,
"indicator--588bbb6f-9390-42d4-9839-3b595d31de69" ,
"indicator--962c51b9-615d-454d-8977-a22a1f583868" ,
"indicator--87939249-448c-4cb5-bf42-596cb88cb9ee" ,
"indicator--aee6c86f-91c9-4ed9-8a11-841fa8d848d3" ,
"indicator--ddb03882-2048-41c3-bb11-8dff8b9aa4ac" ,
"indicator--b7167cb2-4240-43fe-8821-80897f4087b3" ,
"indicator--05e6b2ff-953c-4841-bd39-8ad0c2e69e65" ,
"indicator--d04d25ce-44a8-45dc-b7ed-a0d85596a811" ,
"indicator--aee23dbf-5457-415c-9594-4133bf65ea0c" ,
"indicator--4bee8233-b6ac-45c5-881d-10c15a37a780" ,
"indicator--579ad8ab-1805-4eee-aa81-d0ad072ec3a8" ,
"indicator--68862694-1745-4e74-b07d-61b8137c6bbf" ,
"indicator--0f47af76-83e0-4020-b5a3-68754f9ef4af" ,
"indicator--39e99e19-f532-45f5-8224-c934bde72c32" ,
"indicator--6a2f26f5-deda-419e-bbfe-a330c3758928" ,
"indicator--cc82fda6-bc09-40fd-848a-45d0db504746" ,
"indicator--9830f7a9-07cc-49f8-8d97-dd0c94ba75d3" ,
"indicator--cba4d0e1-654f-4a15-81a0-e2c9945e97bb" ,
"indicator--a62cf322-51d8-4052-a4d6-9ce43578c2f5" ,
"indicator--8836295d-7d9e-4d50-a08b-b95b25c8b3c5" ,
"indicator--bc5d7cb4-8876-4e95-9dcd-e3a71c95396d" ,
"indicator--b7706f37-e171-41a3-bc49-3fde53dc498f" ,
"indicator--a8fe9e04-bb0d-4131-9ad6-018ec7a0ca99" ,
"indicator--434f775b-b36c-4fb2-8007-4e7b2e7aff88" ,
"indicator--dfa37ef0-abf3-46cd-88c0-a071db75f2c8" ,
"indicator--e03bb791-42ae-4009-83a4-15fdb9e4a56a" ,
"indicator--68b09380-602b-460c-b512-affb7278bf17" ,
"indicator--003e685d-79fb-4e9d-aa32-aae946e9c2f2" ,
"indicator--8a3219fe-e008-4649-9f69-ec729c23436d" ,
"indicator--12aea0bf-6d93-421b-a3bb-66bf707580e4" ,
"indicator--1970c2a4-9c10-4a8e-8d37-2e7df057cba7" ,
"indicator--244d330e-4a9a-42a4-a98b-c324916fc138" ,
"indicator--e9d12a70-06f1-46d0-b97c-3e2f8b93a3bc" ,
"indicator--5a90220f-2373-49bc-be7c-5b5d4734e51a" ,
"indicator--b3b62b88-c1f6-4f7d-9a09-1df9e947bc61" ,
"indicator--05981ed3-609f-46bb-b71a-df778d89535d" ,
"indicator--cceb870e-4117-48e0-8ce1-e1c440250917" ,
"indicator--93e52ad7-7f4c-47a5-99ae-8a4e6e567ec3" ,
"indicator--638b2381-d20d-42a0-a652-375b1fa87686" ,
"indicator--708dab6c-4d36-43f7-aeca-4e26adb0bb16" ,
"indicator--d6490a36-18cb-460b-b2b5-9a7619606148" ,
"indicator--b3e77c71-4406-4b96-b6e0-13ed5e4e30f4" ,
"indicator--90b99f0c-945a-46c6-9b0c-039cdab1dbed" ,
"indicator--13f08889-deee-4943-b161-0187ef57d7e1" ,
"indicator--c366394b-76d5-4c9b-a560-081a5370446b" ,
"indicator--1a9b7f44-10e5-471c-8489-09d7096dc753" ,
"indicator--6f54982a-7a31-4544-a758-9693169e1abf" ,
"indicator--4fe3a100-4b92-4752-8e50-c5c19ee6a301" ,
"indicator--13128f4c-5532-4b72-8d01-57a76a4d07c3" ,
"indicator--f63769dd-f98c-497e-a91f-99d8674be835" ,
"indicator--981f4ee3-dfc4-42ba-927f-6117c0001c8c" ,
"indicator--c58c0483-3472-4669-9d00-cae7a8fff636" ,
"indicator--111cb2a8-af64-43a1-8afc-ec6a7c6a5c74" ,
"indicator--b875174e-4422-4899-83c8-98d0b805da24" ,
"indicator--661c06e3-3f9d-4142-a37c-b516ec9721e6" ,
"indicator--d2030374-8a32-48dd-b565-da4f7e9de8eb" ,
"indicator--6dab62aa-030a-4e3b-a926-9820679ff41a" ,
"indicator--f0543d5a-af97-4bc8-8d0b-9101a0c05f34" ,
"indicator--dec8fd50-628a-4eb2-ba23-557d57eb9535" ,
"indicator--6929d2e4-27f5-464a-8b4b-2ae80e9ea564" ,
"indicator--1edaf6f6-1670-4f0b-aa3c-72c7a51e211b" ,
"indicator--1a037ed0-53ea-42a7-8694-62f4a728a7cd" ,
"indicator--7ac1b131-48fc-41b2-894c-c4c3c0852a4b" ,
"indicator--14924a9c-5c0f-425d-9531-fa15c3f1c817" ,
"indicator--8e9c45d9-800f-45f9-b6bf-bbde6f3649e4" ,
"indicator--55835c18-a3c4-456a-be2e-fafce0254df0" ,
"indicator--3e0f2078-e764-413e-98ff-5113ef415da8" ,
"indicator--31fe0063-09d0-4b0a-8188-d46e5bb46307" ,
"indicator--1b8256fb-12f9-4029-9e33-68d895c4e754" ,
"indicator--1c6174ac-7253-4918-9932-4c25d16b7fa9" ,
"indicator--94508ba6-a7b7-45a8-a02f-18b59d6f1774" ,
"indicator--8ee128fd-b41e-4e8b-a333-0597b474be67" ,
"indicator--7935732e-59a4-4383-9fc9-546da0ea26f9" ,
"indicator--52156c2a-4c6a-450f-981c-433a42dfb7aa" ,
"indicator--19082ad9-3e50-49f4-9018-78ff4f222c7f" ,
"indicator--683c399f-d3c8-4f32-8c8c-c3df2989c515" ,
"indicator--7647bee2-58a4-4293-94f5-1540cbe51994" ,
"indicator--a42282ff-d32e-48d7-afda-ca8056c40b2c" ,
"indicator--70f89732-c74b-4b50-860e-4fdcfbcab28b" ,
"indicator--cc71714f-98d6-4d0e-9047-fb16480a3d65" ,
"indicator--5755a9b4-0b6d-4edb-b41d-1fa6eebf677b" ,
"x-misp-object--57e72629-e86a-4591-b071-dc72988a11dd" ,
"indicator--90ba774e-2d3c-4681-aa3c-2f72306df89e" ,
"x-misp-object--46245f77-2cae-4804-a5d1-c6c09bb69ef8" ,
"indicator--f23f0b2b-985e-4e21-80dc-e59c3c28c45f" ,
"x-misp-object--0da0d94b-fd1a-48df-a95f-33f250100eb4" ,
"indicator--b05ef68e-17cd-4a85-af71-414145036bba" ,
"x-misp-object--6847ec0c-770d-4bb0-b6b5-64286a072bb9" ,
"indicator--531a0491-51fb-4487-8d23-083a61d6749c" ,
"x-misp-object--b5567de3-b632-4c8e-a2b2-843367a3b89c" ,
"indicator--6bed7582-d749-4f0e-972a-704520e046dc" ,
"x-misp-object--fdd40616-8544-40b7-8f04-79ab0dd41097" ,
"indicator--fe215d82-4e07-46c1-8545-1d395fa890ce" ,
"x-misp-object--f4cd93cd-e5cd-42b3-8fe9-28685d552703" ,
"indicator--7047fe89-3ddd-4bff-aa2a-11d986cde08b" ,
"x-misp-object--4cbc7e29-5a6c-4775-8002-cdba10392a10" ,
"indicator--50fedb9b-0e14-43fb-8512-8f989ac34305" ,
"x-misp-object--5028f0e4-43d2-4832-a500-813be2f633b3" ,
"indicator--51d2647f-b8ad-4664-a17d-7ae19f413a11" ,
"x-misp-object--24acd52e-a969-4d69-bb88-e57c51a43e42" ,
"indicator--b6decb0d-6c64-4c13-a035-00e4867fb2dd" ,
"x-misp-object--7f0397a0-ca35-463e-ba29-48807fde401b" ,
"indicator--68f1d019-274d-43e4-b014-ce9b23560d4e" ,
"x-misp-object--d006038d-e562-4505-aa6a-26272c6906c5" ,
"indicator--a5b82f72-0f15-4329-a3ae-a1443c7c20f9" ,
"x-misp-object--ef7058b0-ee9a-42e7-84e4-571560201656" ,
"indicator--a7f25b8a-bc21-44ec-88e6-fe0d358f36b5" ,
"x-misp-object--a15e1912-b799-484e-8596-3a929eb5b849" ,
"indicator--fbbe7063-4dc9-40d9-8a70-5e10d25ae1be" ,
"x-misp-object--3dccc6fd-ccf2-4995-8770-41075c7981c0" ,
"indicator--4671a7c1-3b72-427b-b486-a9076c743c39" ,
"x-misp-object--601cbe62-0b1b-4765-9a08-23a989a76447" ,
"indicator--b8629f7c-4f7b-403e-9b5e-8343238e99cf" ,
"x-misp-object--e400655d-93d4-46a7-9116-738530e06ea7" ,
"indicator--e8a2c8f3-145e-47a6-83fe-139a0629e77c" ,
"x-misp-object--3cf7cf8e-f19a-4306-bd46-e65583216baa" ,
"indicator--cd784941-a6e5-4ff2-b4d2-8e0201d5fabd" ,
"x-misp-object--116175d9-f786-4417-91c1-e787621fc175" ,
"indicator--583f80b7-150f-43b8-984c-507183734547" ,
"x-misp-object--7c9894ca-7a08-4157-a60a-2dbfdead61bb" ,
"indicator--7e7268fb-a0fc-4c93-bc16-ba606b5e988b" ,
"x-misp-object--8e631b4f-7877-4d15-8bae-4026529a128a" ,
"indicator--2b52403a-fe7b-4b5e-9b93-ca6d6eed3654" ,
"x-misp-object--73744f82-718a-484b-8057-e78bf0d1f92d" ,
"indicator--c7f78389-8821-43ca-8d46-687afc70fa6a" ,
"x-misp-object--b97cd856-8dae-4602-aa2f-db8daf1f1129" ,
"indicator--477d1696-bc96-462f-afed-7aac5dac22e3" ,
"x-misp-object--2d8d71da-d2e0-4004-9cc1-fc2b68fca4e3" ,
"indicator--2c001844-70ba-431f-b9e2-c81f88058ed8" ,
"x-misp-object--8aa45243-df40-4d10-bf17-d3e2599fed0a" ,
"indicator--58281799-2547-4047-98cd-60e10f04c1bd" ,
"x-misp-object--87010e33-7b38-419d-8421-5eaa07cb8c4b" ,
"indicator--ac105d47-7fab-4260-ad19-e2827a659096" ,
"x-misp-object--63dce8e1-33e9-48be-8523-b5db67038282" ,
"indicator--206578ce-144d-4490-b193-f64ae055a583" ,
"x-misp-object--0dc7048e-96ee-4e68-a2eb-403dd3883ae3" ,
"indicator--928ffbe0-4d94-455a-97cf-8202e79d6626" ,
"x-misp-object--0a71b5ae-12ea-4aa3-bb82-6f031ff3765b" ,
"indicator--b2e3f716-6a47-4f4c-8d2d-f329559a4cad" ,
"x-misp-object--56045c01-e584-420e-97ad-340f8364c026" ,
"indicator--2d52e790-2148-4c46-af5a-3a9cca5167c2" ,
"x-misp-object--924cdf00-0662-44d7-9abe-db984b87a890" ,
"indicator--780ea6a4-143e-435e-80ce-a9d640727387" ,
"x-misp-object--171b844c-e483-40b1-9be6-3a72552cad24" ,
"indicator--e85ade4d-1b48-4843-919b-fbb40e56ea8e" ,
"x-misp-object--6d64d31b-f6d3-4aab-8422-536fb14900a9" ,
"indicator--0435b47e-3fda-4c7f-8c7d-300f6c81e5cc" ,
"x-misp-object--ef0ac1b1-06ab-4882-a73a-963968e5d9d5" ,
"indicator--fa6162c5-05ef-48dc-9617-96c574f6f8ee" ,
"x-misp-object--30af6744-2ff9-4462-a0fa-be7dfcd5e537" ,
"indicator--41e8c744-0833-4720-abf8-e40fd4b0a6ec" ,
"x-misp-object--debdafab-84f5-4c5f-8f4a-3d873d95895c" ,
"indicator--6a1850ce-88ff-4602-b863-1c5a8eb3e7d5" ,
"x-misp-object--e39a8261-d7fc-4e65-a763-eb2d49bdcf6b" ,
2024-08-07 08:13:15 +00:00
"relationship--3b1d47e5-d5aa-4d56-8011-0e6c271d8a8c" ,
"relationship--2dd0755c-1e57-428e-b822-5d780ad8bd74" ,
"relationship--1368a551-9200-4cf2-a6a7-73232f7c33a6" ,
"relationship--2d2f908e-d8fb-4183-95be-64e0b04f38e2" ,
"relationship--921c9004-1f62-4bf9-af7c-256ad152096f" ,
"relationship--a3918add-b66a-459b-8dd3-1475ace6d904" ,
"relationship--8475c5f0-b345-4f62-b8dc-c268d225cecb" ,
"relationship--7ed98fd5-bc69-41b0-81d9-df855488b55b" ,
"relationship--62f9bea8-4b11-4770-b06e-b95fe80915ae" ,
"relationship--a405d7ec-5247-4318-b625-2bd405058ce5" ,
"relationship--5c8255de-7df1-4f2c-bdf4-eee4cc424853" ,
"relationship--c40cc3a0-a670-4276-8549-6ebb290fb264" ,
"relationship--64280654-6da2-4333-9ccf-a15939fa57a3" ,
"relationship--65413621-277f-4651-93df-cc6acf602d1a" ,
"relationship--47fa697e-d234-4bbd-b24d-436168dca93d" ,
"relationship--d6727a26-4386-4b2f-8485-71b67d3690a0" ,
"relationship--41eb47dc-7358-4ce2-874a-b0fcfca06efe" ,
"relationship--6398f885-0d4f-4866-b62a-72c8c6e41a5f" ,
"relationship--83ed3d30-46de-4a25-8654-edc0a6d8eba5" ,
"relationship--0f6a478e-2856-410a-b53d-304269243d4e" ,
"relationship--aed1230c-a59c-4848-9439-325a445e0a33" ,
"relationship--fae845fc-22fa-46ea-86f1-8389b40c9c2f" ,
"relationship--908b38af-12b9-4267-92ab-55d9b7db8a06" ,
"relationship--9f5bb937-2ae7-4717-a152-f6dbcb8cc66c" ,
"relationship--cda5e29a-74ca-47dc-bdb7-9647807e97a6" ,
"relationship--ac7c1671-8444-4244-84cd-ba5ef2a2753f" ,
"relationship--88133e2f-00b8-48e6-a7a4-091126048cbc" ,
"relationship--baaded4e-c172-44dc-9802-1f28aa3abba7" ,
"relationship--4c45bf8f-de89-4c61-90da-1627c63b2db1" ,
"relationship--ef237c26-64bf-40d8-ba0d-86dc9ab5df35" ,
"relationship--7ee97a0a-c471-4a63-86ad-d7d02022066e" ,
"relationship--fb78981e-524f-49cd-968f-42c64ae2d818" ,
"relationship--b2546ed6-15c1-4924-9770-00cb8f85f3c7" ,
"relationship--3fa8b609-56c7-42e5-bb99-fac1a8c83c55" ,
"relationship--7e14d0e9-289f-4451-b0fb-2f32830c4f4f" ,
"relationship--18d0a123-955b-4d55-b5c0-9a92952986bd" ,
"relationship--bbad76f5-5ce2-420c-be44-9336af03fac3" ,
"relationship--2ec52d43-6a0d-4aef-9580-fc683a281f52"
2023-04-21 14:44:17 +00:00
] ,
"labels" : [
"Threat-Report" ,
"misp:tool=\"MISP-STIX-Converter\"" ,
"misp-galaxy:malpedia=\"Machete\"" ,
"misp-galaxy:threat-actor=\"El Machete\"" ,
"misp-galaxy:mitre-attack-pattern=\"Spearphishing Attachment - T1193\"" ,
"misp-galaxy:mitre-attack-pattern=\"Spearphishing Link - T1192\"" ,
"misp-galaxy:mitre-attack-pattern=\"User Execution - T1204\"" ,
"misp-galaxy:mitre-attack-pattern=\"Scheduled Task - T1053\"" ,
"misp-galaxy:mitre-attack-pattern=\"Hidden Files and Directories - T1158\"" ,
"misp-galaxy:mitre-attack-pattern=\"Obfuscated Files or Information - T1027\"" ,
"misp-galaxy:mitre-attack-pattern=\"Software Packing - T1045\"" ,
"misp-galaxy:mitre-attack-pattern=\"Masquerading - T1036\"" ,
"misp-galaxy:mitre-attack-pattern=\"Private Keys - T1145\"" ,
"misp-galaxy:mitre-attack-pattern=\"Credentials in Files - T1081\"" ,
"misp-galaxy:mitre-attack-pattern=\"System Network Connections Discovery - T1049\"" ,
"misp-galaxy:mitre-attack-pattern=\"Peripheral Device Discovery - T1120\"" ,
"misp-galaxy:mitre-attack-pattern=\"File and Directory Discovery - T1083\"" ,
"misp-galaxy:mitre-attack-pattern=\"Browser Bookmark Discovery - T1217\"" ,
"misp-galaxy:mitre-attack-pattern=\"Process Discovery - T1057\"" ,
"misp-galaxy:mitre-attack-pattern=\"Application Window Discovery - T1010\"" ,
"misp-galaxy:mitre-attack-pattern=\"Clipboard Data - T1115\"" ,
"misp-galaxy:mitre-attack-pattern=\"Data from Local System - T1005\"" ,
"misp-galaxy:mitre-attack-pattern=\"Data from Removable Media - T1025\"" ,
"misp-galaxy:mitre-attack-pattern=\"Data Staged - T1074\"" ,
"misp-galaxy:mitre-attack-pattern=\"Input Capture - T1056\"" ,
"misp-galaxy:mitre-attack-pattern=\"Screen Capture - T1113\"" ,
"misp-galaxy:mitre-attack-pattern=\"Commonly Used Port - T1043\"" ,
"misp-galaxy:mitre-attack-pattern=\"Fallback Channels - T1008\"" ,
"misp-galaxy:mitre-attack-pattern=\"Standard Application Layer Protocol - T1071\"" ,
"misp-galaxy:mitre-attack-pattern=\"Remote File Copy - T1105\"" ,
"misp-galaxy:mitre-attack-pattern=\"Automated Exfiltration - T1020\"" ,
"misp-galaxy:mitre-attack-pattern=\"Data Compressed - T1002\"" ,
"misp-galaxy:mitre-attack-pattern=\"Data Encrypted - T1022\"" ,
"misp-galaxy:mitre-attack-pattern=\"Exfiltration Over Command and Control Channel - T1041\"" ,
"misp-galaxy:mitre-attack-pattern=\"Exfiltration Over Physical Medium - T1052\"" ,
"misp-galaxy:mitre-attack-pattern=\"Scheduled Transfer - T1029\"" ,
"type:OSINT" ,
"osint:lifetime=\"perpetual\"" ,
"osint:certainty=\"50\"" ,
"enisa:nefarious-activity-abuse=\"spear-phishing-attacks\""
] ,
"object_marking_refs" : [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d49833d-2ac8-489d-a0bb-4535950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-06T13:40:13.000Z" ,
"modified" : "2019-08-06T13:40:13.000Z" ,
"first_observed" : "2019-08-06T13:40:13Z" ,
"last_observed" : "2019-08-06T13:40:13Z" ,
"number_observed" : 1 ,
"object_refs" : [
"url--5d49833d-2ac8-489d-a0bb-4535950d210f"
] ,
"labels" : [
"misp:type=\"link\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "url" ,
"spec_version" : "2.1" ,
"id" : "url--5d49833d-2ac8-489d-a0bb-4535950d210f" ,
"value" : "https://www.welivesecurity.com/2019/08/05/sharpening-machete-cyberespionage/"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d4988ee-55fc-4a68-813f-44d4950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-06T14:04:30.000Z" ,
"modified" : "2019-08-06T14:04:30.000Z" ,
"first_observed" : "2019-08-06T14:04:30Z" ,
"last_observed" : "2019-08-06T14:04:30Z" ,
"number_observed" : 1 ,
"object_refs" : [
"url--5d4988ee-55fc-4a68-813f-44d4950d210f"
] ,
"labels" : [
"misp:type=\"link\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "url" ,
"spec_version" : "2.1" ,
"id" : "url--5d4988ee-55fc-4a68-813f-44d4950d210f" ,
"value" : "https://www.welivesecurity.com/wp-content/uploads/2019/08/ESET_Machete.pdf"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d517330-22ac-4be8-93c4-49c9950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:09:52.000Z" ,
"modified" : "2019-08-12T14:09:52.000Z" ,
"pattern" : "[domain-name:value = 'tobabean.expert']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:09:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d517330-1658-4540-a753-46e0950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:09:52.000Z" ,
"modified" : "2019-08-12T14:09:52.000Z" ,
"pattern" : "[domain-name:value = 'koliast.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:09:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d517330-bd80-44e7-91bc-438c950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:09:52.000Z" ,
"modified" : "2019-08-12T14:09:52.000Z" ,
"pattern" : "[domain-name:value = 'u929489355.hostingerapp.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:09:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d517330-9d60-41b3-8436-4e39950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:09:52.000Z" ,
"modified" : "2019-08-12T14:09:52.000Z" ,
"pattern" : "[domain-name:value = 'u154611594.hostingerapp.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:09:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d517330-25f8-447c-93fc-4b86950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:09:52.000Z" ,
"modified" : "2019-08-12T14:09:52.000Z" ,
"pattern" : "[domain-name:value = '6e24a5fb.ngrok.io']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:09:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d517330-59a8-4798-9b8f-419d950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:09:52.000Z" ,
"modified" : "2019-08-12T14:09:52.000Z" ,
"pattern" : "[domain-name:value = 'f9527d03.ngrok.io']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:09:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d517331-6070-446d-a363-4ddf950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:09:53.000Z" ,
"modified" : "2019-08-12T14:09:53.000Z" ,
"pattern" : "[domain-name:value = 'adtiomtardecessd.zapto.org']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:09:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d517331-ae34-454b-b2fe-4dec950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:09:53.000Z" ,
"modified" : "2019-08-12T14:09:53.000Z" ,
"pattern" : "[domain-name:value = 'mcsi.gotdns.ch']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:09:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d517331-4b84-4341-afd9-41a6950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:09:53.000Z" ,
"modified" : "2019-08-12T14:09:53.000Z" ,
"pattern" : "[domain-name:value = 'djcaps.gotdns.ch']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:09:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d517331-4108-4e33-a7ac-42d2950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:09:53.000Z" ,
"modified" : "2019-08-12T14:09:53.000Z" ,
"pattern" : "[domain-name:value = 'tokeiss.ddns.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:09:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d517331-c47c-413c-8047-497e950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:09:53.000Z" ,
"modified" : "2019-08-12T14:09:53.000Z" ,
"pattern" : "[domain-name:value = 'artyomt.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:09:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d517331-e328-4744-8529-4088950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:09:53.000Z" ,
"modified" : "2019-08-12T14:09:53.000Z" ,
"pattern" : "[domain-name:value = 'lawyersofficial.mipropia.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:09:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d517331-d6dc-4648-9b62-4404950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:09:53.000Z" ,
"modified" : "2019-08-12T14:09:53.000Z" ,
"pattern" : "[domain-name:value = 'ceofanb18.mipropia.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:09:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d51737a-b680-46c6-9b58-4ff0950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:11:06.000Z" ,
"modified" : "2019-08-12T14:11:06.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.224.137.63']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:11:06Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d51737b-39c8-46cc-87bb-4342950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:11:07.000Z" ,
"modified" : "2019-08-12T14:11:07.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '156.67.222.88']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:11:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d51737b-c5d4-42e3-9991-43ca950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:11:07.000Z" ,
"modified" : "2019-08-12T14:11:07.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '158.69.9.209']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:11:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d51737b-d2ec-4a93-9e4a-4623950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:11:07.000Z" ,
"modified" : "2019-08-12T14:11:07.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '142.44.236.215']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:11:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d51737b-cb90-492c-bc50-49da950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:11:07.000Z" ,
"modified" : "2019-08-12T14:11:07.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '199.79.63.188']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:11:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d51737b-e68c-4cf8-8484-4c8f950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:11:07.000Z" ,
"modified" : "2019-08-12T14:11:07.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.61.164.33']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:11:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-attribute" ,
"spec_version" : "2.1" ,
"id" : "x-misp-attribute--5d52631c-1110-4600-a024-d9c8950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-13T07:13:32.000Z" ,
"modified" : "2019-08-13T07:13:32.000Z" ,
"labels" : [
"misp:type=\"text\"" ,
"misp:category=\"External analysis\""
] ,
"x_misp_category" : "External analysis" ,
"x_misp_type" : "text" ,
"x_misp_value" : "Latin America is often overlooked when it comes to persistent threats and groups with politically motivated targets. There is, however, an ongoing case of cyberespionage against high-profile organizations that has managed to stay under the radar. The group behind these attacks has stolen gigabytes of confidential documents, mostly from Venezuelan government organizations. It is still very active at the time of this publication, regularly introducing changes to its malware, infrastructure and spearphishing campaigns.\r\n\r\nESET has been tracking a new version of Machete (the group\u00e2\u20ac\u2122s Python-based toolset) that was first seen in April 2018. While the main functionality of the backdoor remains the same as in previous versions, it has been extended with new features over the course of a year."
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8a692de1-9181-4a14-b03b-33eff84dd2dd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-08T09:14:25.000Z" ,
"modified" : "2019-08-08T09:14:25.000Z" ,
"pattern" : "[file:hashes.SHA1 = '048c40eb606da3def08c9f6997c1948afbbc959b' AND file:name = 'GoogleUpdate.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-08T09:14:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--33584ba5-ffb6-4b6d-a583-2ed8be8b13a8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-08T09:14:26.000Z" ,
"modified" : "2019-08-08T09:14:26.000Z" ,
"pattern" : "[file:hashes.SHA1 = '2e8d8508096caa38493414f6ba788d0041ea9e15' AND file:name = 'GoogleUpdate.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-08T09:14:26Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b1fe24c7-e0d6-4ad6-bded-71e94646e1de" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-08T09:19:49.000Z" ,
"modified" : "2019-08-08T09:19:49.000Z" ,
"pattern" : "[file:hashes.SHA1 = '85bdd7d871108c737701ac30c14a2d343cbdef94' AND file:name = 'GoogleUpdate.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-08T09:19:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a438f26a-8ac2-48fa-92db-eeabe8bf2ea1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-08T09:14:27.000Z" ,
"modified" : "2019-08-08T09:14:27.000Z" ,
"pattern" : "[file:hashes.SHA1 = '8ed8cb784512f7dadd147347fc94e945faf16338' AND file:name = 'GoogleUpdate.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-08T09:14:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0c8e9a07-b77f-4d99-88bc-90e01491881d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-08T09:14:27.000Z" ,
"modified" : "2019-08-08T09:14:27.000Z" ,
"pattern" : "[file:hashes.SHA1 = '9c413075aab7ef7876b8dc8d7b7c1b9b96842c6e' AND file:name = 'GoogleUpdate.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-08T09:14:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ea7d0d1f-8fa6-4e26-9d70-ff1ad56265af" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-08T09:14:28.000Z" ,
"modified" : "2019-08-08T09:14:28.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'ab8dd6b0cc950618589603012863b57f7adb9d9b' AND file:name = 'GoogleUpdate.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-08T09:14:28Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--04a81d9f-75c8-44eb-8775-7938c5303ab2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T10:53:46.000Z" ,
"modified" : "2019-08-12T10:53:46.000Z" ,
"pattern" : "[file:hashes.SHA1 = '318496b58cf5052efd49a95c721d9165278e9fce' AND file:name = 'Chrome.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T10:53:46Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--dba87e0c-17e3-43c0-af22-6f6a55bda3e0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T10:53:47.000Z" ,
"modified" : "2019-08-12T10:53:47.000Z" ,
"pattern" : "[file:hashes.SHA1 = '3bb345032b6d0226d6771ba65fe4da0faf628631' AND file:name = 'Chrome.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T10:53:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--dd47f065-a663-4fbb-ad78-66fb372704ca" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T10:53:47.000Z" ,
"modified" : "2019-08-12T10:53:47.000Z" ,
"pattern" : "[file:hashes.SHA1 = '946a24dfbd0ae94209ef7c284d3f462548566a3c' AND file:name = 'Chrome.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T10:53:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6c19c316-14d6-469a-a122-f2b13c21cc8e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T10:53:48.000Z" ,
"modified" : "2019-08-12T10:53:48.000Z" ,
"pattern" : "[file:hashes.SHA1 = '984b9202a6dbd7d3dd696cae1220338a68092dc9' AND file:name = 'Chrome.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T10:53:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4f751950-e0d0-400a-90e0-bbab853a48dd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T10:53:49.000Z" ,
"modified" : "2019-08-12T10:53:49.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'eabd45d0a86113f5ccff9fd292c1e482a5727815' AND file:name = 'Chrome.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T10:53:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--191b4c43-86e6-402b-a206-44cbc16f8ffa" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T10:53:49.000Z" ,
"modified" : "2019-08-12T10:53:49.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'f05bc018c90b560dc4932758956adffbc10588ce' AND file:name = 'Chrome.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T10:53:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7acd2cf2-c80b-4dbf-850d-7168fe00298c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T10:53:50.000Z" ,
"modified" : "2019-08-12T10:53:50.000Z" ,
"pattern" : "[file:hashes.SHA1 = '204a2850548e5994d4696e9002f90dfccbe2093a' AND file:name = 'GoogleCrash.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T10:53:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--957251b4-6f97-4058-97b4-a70ed80ac6e6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T10:59:38.000Z" ,
"modified" : "2019-08-12T10:59:38.000Z" ,
"pattern" : "[file:hashes.SHA1 = '3792588edc809270e6666a4677ec85a3400ba4cf' AND file:name = 'GoogleCrash.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T10:59:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3c0badfe-f235-436e-aad3-c91be69b2ec5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:17.000Z" ,
"modified" : "2019-08-12T11:00:17.000Z" ,
"pattern" : "[file:hashes.SHA1 = '4899a2c2ceceb92d2cc4ed17d092d1d599379284' AND file:name = 'GoogleCrash.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:17Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--fe11a26b-5e51-4278-8527-77a9757e2c8d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:19.000Z" ,
"modified" : "2019-08-12T11:00:19.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'a42756280aa352f4612bed85aabf7f3267e676c2' AND file:name = 'GoogleCrash.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:19Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c7c69120-a89c-4b14-8a38-36acd6488961" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:20.000Z" ,
"modified" : "2019-08-12T11:00:20.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'a97cf05ad7f3102bde45e4b4947ed435efea1968' AND file:name = 'GoogleCrash.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f708b2e6-8236-4b45-8180-28f20c5cb105" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:20.000Z" ,
"modified" : "2019-08-12T11:00:20.000Z" ,
"pattern" : "[file:hashes.SHA1 = '00397da69b8e748720aedfd80d78166573c33ec8' AND file:name = 'ders.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--45b5ad6f-62d6-43e1-865e-f815a37fa34f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:21.000Z" ,
"modified" : "2019-08-12T11:00:21.000Z" ,
"pattern" : "[file:hashes.SHA1 = '03929a5530639c1d9dbd395a298c59fd7eff1dec' AND file:name = 'chrome.sfx.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a9f76724-fbcc-43a9-aad4-6737bb8a9ece" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:21.000Z" ,
"modified" : "2019-08-12T11:00:21.000Z" ,
"pattern" : "[file:hashes.SHA1 = '0922defb82ff1140bbe3481bab27564bb966d50b' AND file:name = 'ChrOme_UpdAte.sfx.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0754c7c6-7a21-4a8a-be8d-32fa887c756b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:22.000Z" ,
"modified" : "2019-08-12T11:00:22.000Z" ,
"pattern" : "[file:hashes.SHA1 = '0ac64e08e63601ad9d6a4ef019e5b374784af80a' AND file:name = 'chrome.sfx.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:22Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c51b58e9-416e-43d5-9ef0-651536573149" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:22.000Z" ,
"modified" : "2019-08-12T11:00:22.000Z" ,
"pattern" : "[file:hashes.SHA1 = '0ba5bce133b50ef80fd9241c3ea5cb9135ca4eb1' AND file:name = 'ders.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:22Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a4be316a-1342-490b-935d-3cb667a02ad6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:23.000Z" ,
"modified" : "2019-08-12T11:00:23.000Z" ,
"pattern" : "[file:hashes.SHA1 = '161629f63422ab34108854662313f87a278dd7f5' AND file:name = 'chrome.sfx.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:23Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--588bbb6f-9390-42d4-9839-3b595d31de69" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:24.000Z" ,
"modified" : "2019-08-12T11:00:24.000Z" ,
"pattern" : "[file:hashes.SHA1 = '24752dab28c3add4c31591f2ec480ce3ca83e0aa' AND file:name = 'python27.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:24Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--962c51b9-615d-454d-8977-a22a1f583868" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:24.000Z" ,
"modified" : "2019-08-12T11:00:24.000Z" ,
"pattern" : "[file:hashes.SHA1 = '341f2efa0fd11b4480d8503bfb81c62af667d72d' AND file:name = 'chrome_Up.sfx.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:24Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--87939249-448c-4cb5-bf42-596cb88cb9ee" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:25.000Z" ,
"modified" : "2019-08-12T11:00:25.000Z" ,
"pattern" : "[file:hashes.SHA1 = '4c130aa110b290a0cf4ff1c099ea2a705081a9cb' AND file:name = 'Chrome_Update.sfx.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--aee6c86f-91c9-4ed9-8a11-841fa8d848d3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:25.000Z" ,
"modified" : "2019-08-12T11:00:25.000Z" ,
"pattern" : "[file:hashes.SHA1 = '50c23690c23ee070ad3a20fced7311bfdf098833' AND file:name = 'ders.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ddb03882-2048-41c3-bb11-8dff8b9aa4ac" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:26.000Z" ,
"modified" : "2019-08-12T11:00:26.000Z" ,
"pattern" : "[file:hashes.SHA1 = '67ecbc1e9a66719c599e6dded33a85f70daca13e' AND file:name = 'chrome.sfx.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:26Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b7167cb2-4240-43fe-8821-80897f4087b3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:26.000Z" ,
"modified" : "2019-08-12T11:00:26.000Z" ,
"pattern" : "[file:hashes.SHA1 = '6a69a2a2d4a2f8690b71386f0f092b04ea5a647d' AND file:name = 'ders.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:26Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--05e6b2ff-953c-4841-bd39-8ad0c2e69e65" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:27.000Z" ,
"modified" : "2019-08-12T11:00:27.000Z" ,
"pattern" : "[file:hashes.SHA1 = '92c56af6815597c0135c21ef5a35d41b0e2a460f' AND file:name = 'Python_27.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d04d25ce-44a8-45dc-b7ed-a0d85596a811" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:27.000Z" ,
"modified" : "2019-08-12T11:00:27.000Z" ,
"pattern" : "[file:hashes.SHA1 = '9e52e1c015b97d4fb2cac888f8fc69d729af78f5' AND file:name = 'finaser.aes']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--aee23dbf-5457-415c-9594-4133bf65ea0c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:28.000Z" ,
"modified" : "2019-08-12T11:00:28.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'a48a71b9d1c00a683397f97c02e0dbb3f4606863' AND file:name = 'ders.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:28Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4bee8233-b6ac-45c5-881d-10c15a37a780" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:29.000Z" ,
"modified" : "2019-08-12T11:00:29.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'b6e436a0fff117a1c3d3d70947f62d4cac66c95e' AND file:name = 'ders.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:29Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--579ad8ab-1805-4eee-aa81-d0ad072ec3a8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:29.000Z" ,
"modified" : "2019-08-12T11:00:29.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'c4accf6071f51ade102190c6fa350435fc202654' AND file:name = 'Python.27.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:29Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--68862694-1745-4e74-b07d-61b8137c6bbf" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:30.000Z" ,
"modified" : "2019-08-12T11:00:30.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'd5238cde036eefcc6d8d686b3a00247f27da894c' AND file:name = 'Python.27.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:30Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0f47af76-83e0-4020-b5a3-68754f9ef4af" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:30.000Z" ,
"modified" : "2019-08-12T11:00:30.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'dda105d8d894f73b16518d546270e4f783cb5178' AND file:name = 'python27.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:30Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--39e99e19-f532-45f5-8224-c934bde72c32" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:31.000Z" ,
"modified" : "2019-08-12T11:00:31.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'e85c1ef38c39b6087ea9ac8171ddd1416b9a5306' AND file:name = 'python27.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:31Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6a2f26f5-deda-419e-bbfe-a330c3758928" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:31.000Z" ,
"modified" : "2019-08-12T11:00:31.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'fd52b10e9d4e5d343e589627444a6766357d5e47' AND file:name = 'Security.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:31Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cc82fda6-bc09-40fd-848a-45d0db504746" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:33.000Z" ,
"modified" : "2019-08-12T11:00:33.000Z" ,
"pattern" : "[file:hashes.SHA1 = '69109287d41c002fa70bb3d6238c4056b2b24b2f' AND file:name = 'Mapa_monitoreo_WRF_ind02052018.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:33Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9830f7a9-07cc-49f8-8d97-dd0c94ba75d3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:34.000Z" ,
"modified" : "2019-08-12T11:00:34.000Z" ,
"pattern" : "[file:hashes.SHA1 = '89c0fdeed36a69099e935a590a103339b0cbe525' AND file:name = 'Mapa_monitoreo_WRF_ind02052018.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:34Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cba4d0e1-654f-4a15-81a0-e2c9945e97bb" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:34.000Z" ,
"modified" : "2019-08-12T11:00:34.000Z" ,
"pattern" : "[file:hashes.SHA1 = '9ea7832d83c74c839a49580b4211e627a24571be' AND file:name = 'Programa Formacion en Contratacion Publica.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:34Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a62cf322-51d8-4052-a4d6-9ce43578c2f5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:35.000Z" ,
"modified" : "2019-08-12T11:00:35.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'bfd0cbef5b9c329792b38274474f04bd8109df66' AND file:name = 'RGMA0_1_629.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:35Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8836295d-7d9e-4d50-a08b-b95b25c8b3c5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:36.000Z" ,
"modified" : "2019-08-12T11:00:36.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'fde89fcec30fcaabb3d42ed87180843f3e760cd8' AND file:name = 'Mapa_monitoreo_WRF_ind02052018.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:36Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--bc5d7cb4-8876-4e95-9dcd-e3a71c95396d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:36.000Z" ,
"modified" : "2019-08-12T11:00:36.000Z" ,
"pattern" : "[file:hashes.SHA1 = '52b680f472ae463436979da325db7ad64d5af1ef' AND file:name = 'Mapa_monitoreo_WRF_ind02052018.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:36Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b7706f37-e171-41a3-bc49-3fde53dc498f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:40.000Z" ,
"modified" : "2019-08-12T11:00:40.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'fb871aaca0ddcf2f009a2d11ecf672cfb61b7357' AND file:name = 'CALENDARIO_ACTIVIDADES_COLCO_EC.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a8fe9e04-bb0d-4131-9ad6-018ec7a0ca99" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:41.000Z" ,
"modified" : "2019-08-12T11:00:41.000Z" ,
"pattern" : "[file:hashes.SHA1 = '9912bdbe08179122dc3797a2585d463573d1b5a5' AND file:name = '04Down.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:41Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--434f775b-b36c-4fb2-8007-4e7b2e7aff88" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:42.000Z" ,
"modified" : "2019-08-12T11:00:42.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'ab16808b5b4706b6265c5ff5fef8b8460c8a51f8' AND file:name = '4Down.sfx.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:42Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--dfa37ef0-abf3-46cd-88c0-a071db75f2c8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:42.000Z" ,
"modified" : "2019-08-12T11:00:42.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'bdaab0b356ec9fe61fee1723e1dd52e39ddc6699' AND file:name = '04Down.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:42Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e03bb791-42ae-4009-83a4-15fdb9e4a56a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:43.000Z" ,
"modified" : "2019-08-12T11:00:43.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'ded6509458df62d3ce60c68f3a2a87e59f1f96be' AND file:name = 'Down.sfx.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:43Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--68b09380-602b-460c-b512-affb7278bf17" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:43.000Z" ,
"modified" : "2019-08-12T11:00:43.000Z" ,
"pattern" : "[file:hashes.SHA1 = '2b7404f6b0075bc1192d61d4af135d521d5f08a3' AND file:name = 'RdrCEF.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:43Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--003e685d-79fb-4e9d-aa32-aae946e9c2f2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:44.000Z" ,
"modified" : "2019-08-12T11:00:44.000Z" ,
"pattern" : "[file:hashes.SHA1 = '53102e57b40feacb64566c26d101d9242dece77c' AND file:name = 'Down.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:44Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8a3219fe-e008-4649-9f69-ec729c23436d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:45.000Z" ,
"modified" : "2019-08-12T11:00:45.000Z" ,
"pattern" : "[file:hashes.SHA1 = '56e8743e0773286a4b9e055147d96d53a43beca1' AND file:name = 'Down.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--12aea0bf-6d93-421b-a3bb-66bf707580e4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:45.000Z" ,
"modified" : "2019-08-12T11:00:45.000Z" ,
"pattern" : "[file:hashes.SHA1 = '71f69f04307c8f5675dcadeaa80b8c2b95691b01' AND file:name = 'Down.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1970c2a4-9c10-4a8e-8d37-2e7df057cba7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:46.000Z" ,
"modified" : "2019-08-12T11:00:46.000Z" ,
"pattern" : "[file:hashes.SHA1 = '904137b61f1ded66c8ca76ebf198dec1b638b5d4' AND file:name = 'Down.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:46Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--244d330e-4a9a-42a4-a98b-c324916fc138" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:46.000Z" ,
"modified" : "2019-08-12T11:00:46.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'fbb485b40477f5a014e7096747b1b4a494ce50ef' AND file:name = 'Down.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:46Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e9d12a70-06f1-46d0-b97c-3e2f8b93a3bc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:47.000Z" ,
"modified" : "2019-08-12T11:00:47.000Z" ,
"pattern" : "[file:hashes.SHA1 = '0468d3776435e527dba52b9da61d38c076dda09a' AND file:name = 'FORMATO UNICO DE RENDIMIENTO OPERATIVO GNB 11JUNIO2019 CZGNB-13 xlsx.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a90220f-2373-49bc-be7c-5b5d4734e51a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:47.000Z" ,
"modified" : "2019-08-12T11:00:47.000Z" ,
"pattern" : "[file:hashes.SHA1 = '10eb152039cb0a379daab272151bc1baa8c6d4db' AND file:name = 'Radiograma 004026_pdf.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b3b62b88-c1f6-4f7d-9a09-1df9e947bc61" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T11:00:47.000Z" ,
"modified" : "2019-08-12T11:00:47.000Z" ,
"pattern" : "[file:hashes.SHA1 = '173664de0a9a08218098abfb86d2c64f25b5ee37' AND file:name = 'Dise\u00c3\u00b1o_pptx.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T11:00:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--05981ed3-609f-46bb-b71a-df778d89535d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:38.000Z" ,
"modified" : "2019-08-12T13:50:38.000Z" ,
"pattern" : "[file:hashes.SHA1 = '29ea8a983e56229ac69fff9958319b66c006020b' AND file:name = 'RDGMA 1101 001 jpg.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cceb870e-4117-48e0-8ce1-e1c440250917" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:38.000Z" ,
"modified" : "2019-08-12T13:50:38.000Z" ,
"pattern" : "[file:hashes.SHA1 = '3562cb8d37e68025787c31a0b4654a1ce209e62f' AND file:name = '20190611101428 pdf.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--93e52ad7-7f4c-47a5-99ae-8a4e6e567ec3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:39.000Z" ,
"modified" : "2019-08-12T13:50:39.000Z" ,
"pattern" : "[file:hashes.SHA1 = '35e4ecb61f1fa09bec8a4528c592d982d33b6c6b' AND file:name = 'INVITADOS_MEXICANOS.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:39Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--638b2381-d20d-42a0-a652-375b1fa87686" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:40.000Z" ,
"modified" : "2019-08-12T13:50:40.000Z" ,
"pattern" : "[file:hashes.SHA1 = '5c56ac14ca7159804a9d53fe037cfd0d99d45ab1' AND file:name = 'JUNIO_19_PROPUESTA_CLARO_RENOVACION.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--708dab6c-4d36-43f7-aeca-4e26adb0bb16" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:40.000Z" ,
"modified" : "2019-08-12T13:50:40.000Z" ,
"pattern" : "[file:hashes.SHA1 = '61de62436b3806a3a645c96677d7ad9d802e30a8' AND file:name = 'FORMATO DE NOVEDADES PARA DC PERSONAL xls.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d6490a36-18cb-460b-b2b5-9a7619606148" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:41.000Z" ,
"modified" : "2019-08-12T13:50:41.000Z" ,
"pattern" : "[file:hashes.SHA1 = '62800d245a3726ca390d08b7bf17fe2c37f2b3cf' AND file:name = '20190611101331.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:41Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b3e77c71-4406-4b96-b6e0-13ed5e4e30f4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:41.000Z" ,
"modified" : "2019-08-12T13:50:41.000Z" ,
"pattern" : "[file:hashes.SHA1 = '64f1322bf2a898278aa1e73803fdd500b6e5e7c7' AND file:name = 'RAD_N_0961_21MAY19.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:41Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--90b99f0c-945a-46c6-9b0c-039cdab1dbed" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:42.000Z" ,
"modified" : "2019-08-12T13:50:42.000Z" ,
"pattern" : "[file:hashes.SHA1 = '79ac512389ef9e27a3598ca2968573db4f5fd58f' AND file:name = 'RAD OFL0120_jpg.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:42Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--13f08889-deee-4943-b161-0187ef57d7e1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:42.000Z" ,
"modified" : "2019-08-12T13:50:42.000Z" ,
"pattern" : "[file:hashes.SHA1 = '7a1ad75a1aa73ec72ee21b213fcca55d57a0cd58' AND file:name = 'S_E_ARLETTE_MARENCO_NOTA_INFORMANDO_TER-MINO_DE_MISION_001.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:42Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c366394b-76d5-4c9b-a560-081a5370446b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:43.000Z" ,
"modified" : "2019-08-12T13:50:43.000Z" ,
"pattern" : "[file:hashes.SHA1 = '8e0ac29b8bd0c086b20c23b254cf047aa30a0529' AND file:name = '07_1379.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:43Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1a9b7f44-10e5-471c-8489-09d7096dc753" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:43.000Z" ,
"modified" : "2019-08-12T13:50:43.000Z" ,
"pattern" : "[file:hashes.SHA1 = '91f2c7eed2ee92d11bc6b8fd8d3cba0b02c8d074' AND file:name = 'Blason.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:43Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6f54982a-7a31-4544-a758-9693169e1abf" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:44.000Z" ,
"modified" : "2019-08-12T13:50:44.000Z" ,
"pattern" : "[file:hashes.SHA1 = '97edcdfd6e674591c1e809381c7e68f11dfa81fc' AND file:name = '08_1159.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:44Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4fe3a100-4b92-4752-8e50-c5c19ee6a301" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:45.000Z" ,
"modified" : "2019-08-12T13:50:45.000Z" ,
"pattern" : "[file:hashes.SHA1 = '9d65b55168526161a79f4743a37b1a7358c67037' AND file:name = 'INSTRUCCIONES DEL JSO 08JUN19 docx.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--13128f4c-5532-4b72-8d01-57a76a4d07c3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:46.000Z" ,
"modified" : "2019-08-12T13:50:46.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'a94916f9696d861fe040891634b3f2da09557f13' AND file:name = 'REPORTE OPERACIONAL 10JUN19 pdf.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:46Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f63769dd-f98c-497e-a91f-99d8674be835" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:46.000Z" ,
"modified" : "2019-08-12T13:50:46.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'b451f623fe9f315eb886b83f27139fc236a07ec9' AND file:name = '20190611101428.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:46Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--981f4ee3-dfc4-42ba-927f-6117c0001c8c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:47.000Z" ,
"modified" : "2019-08-12T13:50:47.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'c39b9d966aed0372619b3989995ab9ad12f94d38' AND file:name = 'NOTA_CICR_00079.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c58c0483-3472-4669-9d00-cae7a8fff636" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:47.000Z" ,
"modified" : "2019-08-12T13:50:47.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'cf10e0313177ff4c9c588232218078eb870c0079' AND file:name = 'BOLETA DE PERMISO NELSON GUERERE docx.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--111cb2a8-af64-43a1-8afc-ec6a7c6a5c74" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:48.000Z" ,
"modified" : "2019-08-12T13:50:48.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'e8bbcb0f6538d1543bfa3f7a66f20155ebc2bcc8' AND file:name = 'JUNIO_27_PROPUESTA_CLARO_RENOVACION.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b875174e-4422-4899-83c8-98d0b805da24" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:49.000Z" ,
"modified" : "2019-08-12T13:50:49.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'ea3d823df9f0e41ad1da2fd3492b418693bed8bd' AND file:name = '20190611101331 pdf.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--661c06e3-3f9d-4142-a37c-b516ec9721e6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:49.000Z" ,
"modified" : "2019-08-12T13:50:49.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'eb82401ce6b2497aeb1fc666697d7d9ce66e4d5b' AND file:name = 'Asimilacion.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d2030374-8a32-48dd-b565-da4f7e9de8eb" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:50.000Z" ,
"modified" : "2019-08-12T13:50:50.000Z" ,
"pattern" : "[file:hashes.SHA1 = '1b3723651e1d321d4f34f2a243d7751d17288257' AND file:name = '_hashlbi.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6dab62aa-030a-4e3b-a926-9820679ff41a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:50.000Z" ,
"modified" : "2019-08-12T13:50:50.000Z" ,
"pattern" : "[file:hashes.SHA1 = '7ffb9c7da20c536b694e78538b65726eacb1b055' AND file:name = '_hashlbi.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f0543d5a-af97-4bc8-8d0b-9101a0c05f34" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:51.000Z" ,
"modified" : "2019-08-12T13:50:51.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'b1adf4b46350fb801ce54da9c93a4ef79674f3f5' AND file:name = '_hashlbi.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--dec8fd50-628a-4eb2-ba23-557d57eb9535" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:51.000Z" ,
"modified" : "2019-08-12T13:50:51.000Z" ,
"pattern" : "[file:hashes.SHA1 = '0c33b75f6c4fc0413abdbcda1c5e18c907f13dc3' AND file:name = '_bsdbd.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6929d2e4-27f5-464a-8b4b-2ae80e9ea564" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:52.000Z" ,
"modified" : "2019-08-12T13:50:52.000Z" ,
"pattern" : "[file:hashes.SHA1 = '314d9b4c25dd69453d86e4c7062dce6dedda0533' AND file:name = '_bsdbd.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1edaf6f6-1670-4f0b-aa3c-72c7a51e211b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:53.000Z" ,
"modified" : "2019-08-12T13:50:53.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'd4cf22f3db78bdc1ceb55431857d88166ce677d4' AND file:name = '_bsdbd.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1a037ed0-53ea-42a7-8694-62f4a728a7cd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:53.000Z" ,
"modified" : "2019-08-12T13:50:53.000Z" ,
"pattern" : "[file:hashes.SHA1 = '26fb301af7393b5e564b8c802f5795edebd7cecf' AND file:name = '_clypes.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7ac1b131-48fc-41b2-894c-c4c3c0852a4b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:53.000Z" ,
"modified" : "2019-08-12T13:50:53.000Z" ,
"pattern" : "[file:hashes.SHA1 = '979859b5a177650ef0549c81fd66d36e9dea8078' AND file:name = '_clypes.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--14924a9c-5c0f-425d-9531-fa15c3f1c817" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:54.000Z" ,
"modified" : "2019-08-12T13:50:54.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'a07e38df9887ea7811369cd72c57fd6d44523cd6' AND file:name = '_clypes.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:54Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8e9c45d9-800f-45f9-b6bf-bbde6f3649e4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:55.000Z" ,
"modified" : "2019-08-12T13:50:55.000Z" ,
"pattern" : "[file:hashes.SHA1 = '07e383e9ff04f587769845306dc4bfe75630baaa' AND file:name = '_elementree.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:55Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--55835c18-a3c4-456a-be2e-fafce0254df0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:56.000Z" ,
"modified" : "2019-08-12T13:50:56.000Z" ,
"pattern" : "[file:hashes.SHA1 = '3b6f5cb20ff3ac0ee3813a68a937aae92ebc46d3' AND file:name = '_elementree.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:56Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3e0f2078-e764-413e-98ff-5113ef415da8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:56.000Z" ,
"modified" : "2019-08-12T13:50:56.000Z" ,
"pattern" : "[file:hashes.SHA1 = '56765b7511372a8e9be017f48a764d141f485474' AND file:name = '_elementree.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:56Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--31fe0063-09d0-4b0a-8188-d46e5bb46307" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:57.000Z" ,
"modified" : "2019-08-12T13:50:57.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'cf2dc40926d8747aec572dfd711bbfd766aadb10' AND file:name = '_elementree.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:57Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1b8256fb-12f9-4029-9e33-68d895c4e754" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:57.000Z" ,
"modified" : "2019-08-12T13:50:57.000Z" ,
"pattern" : "[file:hashes.SHA1 = '6b42091ca2f89a59f4e27e30acdacf32eb83f824' AND file:name = '_mssi.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:57Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1c6174ac-7253-4918-9932-4c25d16b7fa9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:58.000Z" ,
"modified" : "2019-08-12T13:50:58.000Z" ,
"pattern" : "[file:hashes.SHA1 = '708f159f2cfe22ff0c4464f2fedaa0501868bdd8' AND file:name = '_mssi.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--94508ba6-a7b7-45a8-a02f-18b59d6f1774" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:58.000Z" ,
"modified" : "2019-08-12T13:50:58.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'de639618b550dbe9071e999aaa5b4fc81f63a5a6' AND file:name = '_mssi.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8ee128fd-b41e-4e8b-a333-0597b474be67" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:50:59.000Z" ,
"modified" : "2019-08-12T13:50:59.000Z" ,
"pattern" : "[file:hashes.SHA1 = '0b6f61af3e2c6551f15e0f888177eec91f20ba99' AND file:name = '_multiproccessing.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:50:59Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7935732e-59a4-4383-9fc9-546da0ea26f9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:51:00.000Z" ,
"modified" : "2019-08-12T13:51:00.000Z" ,
"pattern" : "[file:hashes.SHA1 = '76aabc0af5d487a80bcba19555191b46766139fa' AND file:name = '_multiproccessing.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:51:00Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--52156c2a-4c6a-450f-981c-433a42dfb7aa" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:51:00.000Z" ,
"modified" : "2019-08-12T13:51:00.000Z" ,
"pattern" : "[file:hashes.SHA1 = '7ff87649ca1d9178a02cd9942856d1b590652c6e' AND file:name = '_multiproccessing.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:51:00Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--19082ad9-3e50-49f4-9018-78ff4f222c7f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:51:01.000Z" ,
"modified" : "2019-08-12T13:51:01.000Z" ,
"pattern" : "[file:hashes.SHA1 = '8692eb1e620f2bcddaf28f0cb726cec2aa1c230d' AND file:name = '_multiproccessing.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:51:01Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--683c399f-d3c8-4f32-8c8c-c3df2989c515" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:51:01.000Z" ,
"modified" : "2019-08-12T13:51:01.000Z" ,
"pattern" : "[file:hashes.SHA1 = '8af19aa3f18cb35f12ee3966931e11799c3ac5a4' AND file:name = '_multiproccessing.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:51:01Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7647bee2-58a4-4293-94f5-1540cbe51994" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T13:51:01.000Z" ,
"modified" : "2019-08-12T13:51:01.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'e1bc4ec7f82fa06924dc4b43fbbb485d8c86d9cd' AND file:name = '_multiproccessing.pyw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T13:51:01Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a42282ff-d32e-48d7-afda-ca8056c40b2c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:10:37.000Z" ,
"modified" : "2019-08-12T14:10:37.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'a19648a5576e0b9fc449d89addc569ba1350ecff']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:10:37Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--70f89732-c74b-4b50-860e-4fdcfbcab28b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:10:38.000Z" ,
"modified" : "2019-08-12T14:10:38.000Z" ,
"pattern" : "[file:hashes.SHA1 = '442e6cc28d118cfaf1a5482e2000c7dc00d9a7b9']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:10:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cc71714f-98d6-4d0e-9047-fb16480a3d65" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-12T14:10:38.000Z" ,
"modified" : "2019-08-12T14:10:38.000Z" ,
"pattern" : "[file:hashes.SHA1 = '212f3697117d17ec3f299d037845cf3db20ce88a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-12T14:10:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5755a9b4-0b6d-4edb-b41d-1fa6eebf677b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:39.000Z" ,
"modified" : "2019-08-23T09:33:39.000Z" ,
"pattern" : "[file:hashes.MD5 = 'c8ca25bd428818277968ac3239cfc573' AND file:hashes.SHA1 = 'a42756280aa352f4612bed85aabf7f3267e676c2' AND file:hashes.SHA256 = '3cf929b0a52e297d8d24af326f94f7114913a285f2f859ba7d4be38bd425fedd']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:39Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--57e72629-e86a-4591-b071-dc72988a11dd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:40.000Z" ,
"modified" : "2019-08-23T09:33:40.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-07T06:30:18" ,
"category" : "Other" ,
"uuid" : "16e71265-a838-4f9e-99b4-48db8a7350d1"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/3cf929b0a52e297d8d24af326f94f7114913a285f2f859ba7d4be38bd425fedd/analysis/1565159418/" ,
"category" : "Payload delivery" ,
"uuid" : "170d2949-1c3d-48ac-a9cc-77caa6912374"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "8/67" ,
"category" : "Payload delivery" ,
"uuid" : "8e373bd7-6180-42ba-b287-0f4813c31d2d"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--90ba774e-2d3c-4681-aa3c-2f72306df89e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:41.000Z" ,
"modified" : "2019-08-23T09:33:41.000Z" ,
"pattern" : "[file:hashes.MD5 = '3239f2d8acee4742f9b4d919e61b8983' AND file:hashes.SHA1 = '4899a2c2ceceb92d2cc4ed17d092d1d599379284' AND file:hashes.SHA256 = '2e3dc1c6b6c5d9015a18d6ee3578381eeefffd5126abf87635f448006c63f58c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:41Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--46245f77-2cae-4804-a5d1-c6c09bb69ef8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:41.000Z" ,
"modified" : "2019-08-23T09:33:41.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-09T16:22:18" ,
"category" : "Other" ,
"uuid" : "8ac9b96c-780d-43c5-ab9a-e5d07d149620"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/2e3dc1c6b6c5d9015a18d6ee3578381eeefffd5126abf87635f448006c63f58c/analysis/1565367738/" ,
"category" : "Payload delivery" ,
"uuid" : "a788f6e0-08f3-4844-aab6-a9b7c5e02386"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "14/66" ,
"category" : "Payload delivery" ,
"uuid" : "1e920924-74ad-4ecd-9964-8b93c3869666"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f23f0b2b-985e-4e21-80dc-e59c3c28c45f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:41.000Z" ,
"modified" : "2019-08-23T09:33:41.000Z" ,
"pattern" : "[file:hashes.MD5 = '4bfd79b34234060f9d4dc26bd23c67c9' AND file:hashes.SHA1 = 'a97cf05ad7f3102bde45e4b4947ed435efea1968' AND file:hashes.SHA256 = '1b6926c9fcea7681c6ed4f62b404e8a1c332fbbc26e872ddb53afc6e818f1cd4']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:41Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--0da0d94b-fd1a-48df-a95f-33f250100eb4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:41.000Z" ,
"modified" : "2019-08-23T09:33:41.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-06T00:39:40" ,
"category" : "Other" ,
"uuid" : "a54da0c4-02da-4ca0-8f17-bdb8ee6eea1d"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/1b6926c9fcea7681c6ed4f62b404e8a1c332fbbc26e872ddb53afc6e818f1cd4/analysis/1565051980/" ,
"category" : "Payload delivery" ,
"uuid" : "889c7867-90a4-453f-9697-08f66acc5729"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "5/73" ,
"category" : "Payload delivery" ,
"uuid" : "255635cd-f3b4-4d57-a4df-462db4c66801"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b05ef68e-17cd-4a85-af71-414145036bba" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:41.000Z" ,
"modified" : "2019-08-23T09:33:41.000Z" ,
"pattern" : "[file:hashes.MD5 = 'ca0bdef2b365c70733aa61ad2224475b' AND file:hashes.SHA1 = 'e8bbcb0f6538d1543bfa3f7a66f20155ebc2bcc8' AND file:hashes.SHA256 = 'a2c938629dd6a1b3061603e212fbec11cd5a499b52acff25d93448c326d314f0']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:41Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--6847ec0c-770d-4bb0-b6b5-64286a072bb9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:41.000Z" ,
"modified" : "2019-08-23T09:33:41.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-06T12:02:11" ,
"category" : "Other" ,
"uuid" : "78b95690-31cf-46e3-a7b1-09f0245658aa"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/a2c938629dd6a1b3061603e212fbec11cd5a499b52acff25d93448c326d314f0/analysis/1565092931/" ,
"category" : "Payload delivery" ,
"uuid" : "f9d4f0e9-6bb1-49b3-b819-968be3b0ef79"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "23/62" ,
"category" : "Payload delivery" ,
"uuid" : "bf93c74b-63c5-4894-a6a4-b8e08f530058"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--531a0491-51fb-4487-8d23-083a61d6749c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:42.000Z" ,
"modified" : "2019-08-23T09:33:42.000Z" ,
"pattern" : "[file:hashes.MD5 = '69e8e8258fbda29a140fb820c93afbcc' AND file:hashes.SHA1 = '67ecbc1e9a66719c599e6dded33a85f70daca13e' AND file:hashes.SHA256 = 'e52516e6881c7b073d68903099db0c85ddf465c71054e9da639f66a62d0cc528']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:42Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--b5567de3-b632-4c8e-a2b2-843367a3b89c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:42.000Z" ,
"modified" : "2019-08-23T09:33:42.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-16T10:42:18" ,
"category" : "Other" ,
"uuid" : "294a9cbf-196c-4886-a723-d133defb95cf"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/e52516e6881c7b073d68903099db0c85ddf465c71054e9da639f66a62d0cc528/analysis/1565952138/" ,
"category" : "Payload delivery" ,
"uuid" : "0c69ff89-5fc6-4a8a-83ff-2d9fe5f88468"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "41/70" ,
"category" : "Payload delivery" ,
"uuid" : "19dc37b7-9d14-442e-8537-21aff19abb8f"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6bed7582-d749-4f0e-972a-704520e046dc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:42.000Z" ,
"modified" : "2019-08-23T09:33:42.000Z" ,
"pattern" : "[file:hashes.MD5 = '19b049ab19fd3e8c6f5b36c6a41024fe' AND file:hashes.SHA1 = '97edcdfd6e674591c1e809381c7e68f11dfa81fc' AND file:hashes.SHA256 = '217c351a6b80b94b933c6429b27c205466381f72485398f452b18cdd6bb97cc7']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:42Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--fdd40616-8544-40b7-8f04-79ab0dd41097" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:42.000Z" ,
"modified" : "2019-08-23T09:33:42.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-20T15:42:21" ,
"category" : "Other" ,
"uuid" : "4a3be05f-8620-40c3-bfb1-be0cd9a14c99"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/217c351a6b80b94b933c6429b27c205466381f72485398f452b18cdd6bb97cc7/analysis/1566315741/" ,
"category" : "Payload delivery" ,
"uuid" : "da9d743d-d207-439e-9fef-2b9812a1f478"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "33/69" ,
"category" : "Payload delivery" ,
"uuid" : "527111d0-8515-4364-9465-1cc4e24e2822"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--fe215d82-4e07-46c1-8545-1d395fa890ce" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:43.000Z" ,
"modified" : "2019-08-23T09:33:43.000Z" ,
"pattern" : "[file:hashes.MD5 = 'f84f600384a857b583fa5d24de290de4' AND file:hashes.SHA1 = 'a19648a5576e0b9fc449d89addc569ba1350ecff' AND file:hashes.SHA256 = '9445e4f838103f8032646a37074cf8900c0165088d9f88438c8ea93f21576811']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:43Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--f4cd93cd-e5cd-42b3-8fe9-28685d552703" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:43.000Z" ,
"modified" : "2019-08-23T09:33:43.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-20T15:42:17" ,
"category" : "Other" ,
"uuid" : "ba5bab65-12eb-47dc-ad32-5435d5704253"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/9445e4f838103f8032646a37074cf8900c0165088d9f88438c8ea93f21576811/analysis/1566315737/" ,
"category" : "Payload delivery" ,
"uuid" : "877c5e64-aafb-4795-b634-911d36bbd8c5"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "39/69" ,
"category" : "Payload delivery" ,
"uuid" : "bdaa0ade-94b4-42fa-aab5-a94291a17081"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7047fe89-3ddd-4bff-aa2a-11d986cde08b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:43.000Z" ,
"modified" : "2019-08-23T09:33:43.000Z" ,
"pattern" : "[file:hashes.MD5 = '04fa52b44178bec611232d260ec18c03' AND file:hashes.SHA1 = 'dda105d8d894f73b16518d546270e4f783cb5178' AND file:hashes.SHA256 = '2674fc7ac47f8a0b5ff07335a18fb9168c532ea3690d2ddacb0f9486711eeeb1']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:43Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--4cbc7e29-5a6c-4775-8002-cdba10392a10" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:43.000Z" ,
"modified" : "2019-08-23T09:33:43.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-20T15:42:17" ,
"category" : "Other" ,
"uuid" : "3a0c915a-3958-4817-824e-21c93a3e03af"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/2674fc7ac47f8a0b5ff07335a18fb9168c532ea3690d2ddacb0f9486711eeeb1/analysis/1566315737/" ,
"category" : "Payload delivery" ,
"uuid" : "5b1a2506-a2cb-4b11-ad1d-cb0a5bb8184b"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "37/67" ,
"category" : "Payload delivery" ,
"uuid" : "c0c12f49-c195-43c7-83a6-9d0aa86e7201"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--50fedb9b-0e14-43fb-8512-8f989ac34305" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:44.000Z" ,
"modified" : "2019-08-23T09:33:44.000Z" ,
"pattern" : "[file:hashes.MD5 = '7163167a07b2ba31d6064297167cc19f' AND file:hashes.SHA1 = 'bfd0cbef5b9c329792b38274474f04bd8109df66' AND file:hashes.SHA256 = 'b4919db508e9d54c77ff101c0e1155a6ab4e12e61a16708810fdc5c2d23f3e43']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:44Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--5028f0e4-43d2-4832-a500-813be2f633b3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:44.000Z" ,
"modified" : "2019-08-23T09:33:44.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-14T15:50:08" ,
"category" : "Other" ,
"uuid" : "a90202a3-93b9-4d67-9b6c-e06361e1d187"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/b4919db508e9d54c77ff101c0e1155a6ab4e12e61a16708810fdc5c2d23f3e43/analysis/1565797808/" ,
"category" : "Payload delivery" ,
"uuid" : "3b7e9886-4153-4c8a-adeb-f7ed1c68e48f"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "38/66" ,
"category" : "Payload delivery" ,
"uuid" : "ee1a20eb-cc0b-4983-a26a-49b7379fd6a0"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--51d2647f-b8ad-4664-a17d-7ae19f413a11" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:44.000Z" ,
"modified" : "2019-08-23T09:33:44.000Z" ,
"pattern" : "[file:hashes.MD5 = '33aac948ba9f11ff8e8fba02127e2c34' AND file:hashes.SHA1 = '85bdd7d871108c737701ac30c14a2d343cbdef94' AND file:hashes.SHA256 = '60c1c4fbeeb9629a0867e091c6012765507797e5f7f9eb42701bc41dcc2f811d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:44Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--24acd52e-a969-4d69-bb88-e57c51a43e42" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:44.000Z" ,
"modified" : "2019-08-23T09:33:44.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-07T04:53:37" ,
"category" : "Other" ,
"uuid" : "219060ce-47cc-4ca5-9c7a-16d761b1299f"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/60c1c4fbeeb9629a0867e091c6012765507797e5f7f9eb42701bc41dcc2f811d/analysis/1565153617/" ,
"category" : "Payload delivery" ,
"uuid" : "fe7003d9-62e1-4819-90d4-b4945ccdf90e"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "14/73" ,
"category" : "Payload delivery" ,
"uuid" : "7c17bc6d-f8dd-4585-b5fe-c90096f32550"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b6decb0d-6c64-4c13-a035-00e4867fb2dd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:44.000Z" ,
"modified" : "2019-08-23T09:33:44.000Z" ,
"pattern" : "[file:hashes.MD5 = '8d92e51008d4ec7530bb16b3caa63fbb' AND file:hashes.SHA1 = '341f2efa0fd11b4480d8503bfb81c62af667d72d' AND file:hashes.SHA256 = '8bd1d2d8b037df18c1f0345b092434e2055f2ac01c7a86decc2c0f35685227ef']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:44Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--7f0397a0-ca35-463e-ba29-48807fde401b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:45.000Z" ,
"modified" : "2019-08-23T09:33:45.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-06T00:39:47" ,
"category" : "Other" ,
"uuid" : "83ebad06-2bae-4a9b-96d5-2bd4e40dd638"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/8bd1d2d8b037df18c1f0345b092434e2055f2ac01c7a86decc2c0f35685227ef/analysis/1565051987/" ,
"category" : "Payload delivery" ,
"uuid" : "5bb822f7-3f6b-4881-a172-057784d4c6eb"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "28/71" ,
"category" : "Payload delivery" ,
"uuid" : "dbd8d2f0-9510-45c1-ab41-c62dbf5800ed"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--68f1d019-274d-43e4-b014-ce9b23560d4e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:45.000Z" ,
"modified" : "2019-08-23T09:33:45.000Z" ,
"pattern" : "[file:hashes.MD5 = 'c312d1a4ac706d910c611ad8f600fe68' AND file:hashes.SHA1 = '984b9202a6dbd7d3dd696cae1220338a68092dc9' AND file:hashes.SHA256 = 'da31a5bfc103a47899171289ead4b53735b736766cb8501f5a5164097889a518']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--d006038d-e562-4505-aa6a-26272c6906c5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:45.000Z" ,
"modified" : "2019-08-23T09:33:45.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-08T01:57:24" ,
"category" : "Other" ,
"uuid" : "53d53b85-9e84-44e4-969d-9e29438cf291"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/da31a5bfc103a47899171289ead4b53735b736766cb8501f5a5164097889a518/analysis/1565229444/" ,
"category" : "Payload delivery" ,
"uuid" : "2bec80c0-cea9-452e-9617-0a94082f4eb8"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "18/71" ,
"category" : "Payload delivery" ,
"uuid" : "2774491e-f14f-4e59-b8d1-9768d3d9056a"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a5b82f72-0f15-4329-a3ae-a1443c7c20f9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:45.000Z" ,
"modified" : "2019-08-23T09:33:45.000Z" ,
"pattern" : "[file:hashes.MD5 = 'ec9e0092505743e000bd95c3e4677aff' AND file:hashes.SHA1 = '62800d245a3726ca390d08b7bf17fe2c37f2b3cf' AND file:hashes.SHA256 = 'fdc8f48fcf98ce9eb4d9bc4633dec64a26019a6e3738641eefbbc087e32f4bd1']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--ef7058b0-ee9a-42e7-84e4-571560201656" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:46.000Z" ,
"modified" : "2019-08-23T09:33:46.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-06T00:39:54" ,
"category" : "Other" ,
"uuid" : "c6b26a28-5edd-40de-ad18-bb0c215ac34d"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/fdc8f48fcf98ce9eb4d9bc4633dec64a26019a6e3738641eefbbc087e32f4bd1/analysis/1565051994/" ,
"category" : "Payload delivery" ,
"uuid" : "ed4fab8d-0c41-4b01-a8e7-2bf647460b0f"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "24/69" ,
"category" : "Payload delivery" ,
"uuid" : "30d2cff9-88a6-4ed3-abf4-96ab979282a8"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a7f25b8a-bc21-44ec-88e6-fe0d358f36b5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:46.000Z" ,
"modified" : "2019-08-23T09:33:46.000Z" ,
"pattern" : "[file:hashes.MD5 = '624a23ea378b4422beb4189ac75a478d' AND file:hashes.SHA1 = '904137b61f1ded66c8ca76ebf198dec1b638b5d4' AND file:hashes.SHA256 = 'fdb55a207260a62b190f307fe6021158f45fd8342718e60018467129424b10d4']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:46Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--a15e1912-b799-484e-8596-3a929eb5b849" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:46.000Z" ,
"modified" : "2019-08-23T09:33:46.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-07T02:34:38" ,
"category" : "Other" ,
"uuid" : "fa27b39d-1e85-43ec-88d6-52a8038374f2"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/fdb55a207260a62b190f307fe6021158f45fd8342718e60018467129424b10d4/analysis/1565145278/" ,
"category" : "Payload delivery" ,
"uuid" : "57752b95-4183-4d8c-bf10-6aab97c03a48"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "35/66" ,
"category" : "Payload delivery" ,
"uuid" : "a70a2829-6306-4be7-ad16-76e4b3ae29ca"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--fbbe7063-4dc9-40d9-8a70-5e10d25ae1be" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:46.000Z" ,
"modified" : "2019-08-23T09:33:46.000Z" ,
"pattern" : "[file:hashes.MD5 = 'f76ee4d0e496fd22bc87e685653a296b' AND file:hashes.SHA1 = '204a2850548e5994d4696e9002f90dfccbe2093a' AND file:hashes.SHA256 = '83a40a07de648eaeaac0d3675a692def343a32dbf03655befe2a91a7bf221257']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:46Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--3dccc6fd-ccf2-4995-8770-41075c7981c0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:47.000Z" ,
"modified" : "2019-08-23T09:33:47.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-16T11:50:35" ,
"category" : "Other" ,
"uuid" : "70af704c-fbf7-47e7-b4a4-be254b7b4c8a"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/83a40a07de648eaeaac0d3675a692def343a32dbf03655befe2a91a7bf221257/analysis/1565956235/" ,
"category" : "Payload delivery" ,
"uuid" : "e10eaccb-73be-4264-a23f-724c4bea7914"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "32/68" ,
"category" : "Payload delivery" ,
"uuid" : "ff2dac80-68f8-450a-bf65-3757bd5e77c0"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4671a7c1-3b72-427b-b486-a9076c743c39" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:47.000Z" ,
"modified" : "2019-08-23T09:33:47.000Z" ,
"pattern" : "[file:hashes.MD5 = 'a3f35e1ec2a70df31296deef93129904' AND file:hashes.SHA1 = 'eabd45d0a86113f5ccff9fd292c1e482a5727815' AND file:hashes.SHA256 = '470aaf51761c15d9942aa156a9a6cc07fde5b1be54e73692ec71567df8a387b6']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--601cbe62-0b1b-4765-9a08-23a989a76447" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:47.000Z" ,
"modified" : "2019-08-23T09:33:47.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-06T00:39:44" ,
"category" : "Other" ,
"uuid" : "0a76d50d-7732-4ca0-85ee-d66016d2fddd"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/470aaf51761c15d9942aa156a9a6cc07fde5b1be54e73692ec71567df8a387b6/analysis/1565051984/" ,
"category" : "Payload delivery" ,
"uuid" : "130e74c3-5eb2-4057-826a-e755c8190225"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "7/71" ,
"category" : "Payload delivery" ,
"uuid" : "0bd98a79-8f30-4041-bc0d-dc6e6bc2beae"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b8629f7c-4f7b-403e-9b5e-8343238e99cf" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:47.000Z" ,
"modified" : "2019-08-23T09:33:47.000Z" ,
"pattern" : "[file:hashes.MD5 = '95a9f742768e75c5ac4614ed0645c510' AND file:hashes.SHA1 = '212f3697117d17ec3f299d037845cf3db20ce88a' AND file:hashes.SHA256 = 'ce2eee86b841a8db264b93cd2e7a791102b05f7d6e2a0a2850cd02be86e7bb3c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--e400655d-93d4-46a7-9116-738530e06ea7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:47.000Z" ,
"modified" : "2019-08-23T09:33:47.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-22T18:46:16" ,
"category" : "Other" ,
"uuid" : "2c293c03-35c5-46fb-82c3-94527dc522bc"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/ce2eee86b841a8db264b93cd2e7a791102b05f7d6e2a0a2850cd02be86e7bb3c/analysis/1566499576/" ,
"category" : "Payload delivery" ,
"uuid" : "aa385878-0160-488b-b432-3611843e48db"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "31/69" ,
"category" : "Payload delivery" ,
"uuid" : "dd913565-aaec-4b25-83fd-7ff0a49706bf"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e8a2c8f3-145e-47a6-83fe-139a0629e77c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:48.000Z" ,
"modified" : "2019-08-23T09:33:48.000Z" ,
"pattern" : "[file:hashes.MD5 = 'dd4389198abe57219d74928d6e775f6b' AND file:hashes.SHA1 = 'ded6509458df62d3ce60c68f3a2a87e59f1f96be' AND file:hashes.SHA256 = '82535c7c8c1d8d49ffefe1731c7a57b9e78fd96a864c39cdc4296b5d3afb5503']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--3cf7cf8e-f19a-4306-bd46-e65583216baa" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:48.000Z" ,
"modified" : "2019-08-23T09:33:48.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-22T08:12:24" ,
"category" : "Other" ,
"uuid" : "2e203312-afc1-41aa-8d9c-307a0bdfe179"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/82535c7c8c1d8d49ffefe1731c7a57b9e78fd96a864c39cdc4296b5d3afb5503/analysis/1566461544/" ,
"category" : "Payload delivery" ,
"uuid" : "d3b34e11-ebaa-4824-a540-bbf287bc401f"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "38/67" ,
"category" : "Payload delivery" ,
"uuid" : "c02cb983-e0e4-4d5c-9938-aeb916fbd602"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cd784941-a6e5-4ff2-b4d2-8e0201d5fabd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:48.000Z" ,
"modified" : "2019-08-23T09:33:48.000Z" ,
"pattern" : "[file:hashes.MD5 = 'b9806b73c97d1eab5c4dde19fb20a403' AND file:hashes.SHA1 = '03929a5530639c1d9dbd395a298c59fd7eff1dec' AND file:hashes.SHA256 = '14996a7f925bb15609d7d10a15813054ffbff083291925417ecaf257e38e5fa9']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--116175d9-f786-4417-91c1-e787621fc175" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:48.000Z" ,
"modified" : "2019-08-23T09:33:48.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-22T14:12:20" ,
"category" : "Other" ,
"uuid" : "b0318569-a903-42a8-93de-dca09af7e090"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/14996a7f925bb15609d7d10a15813054ffbff083291925417ecaf257e38e5fa9/analysis/1566483140/" ,
"category" : "Payload delivery" ,
"uuid" : "b799a68a-ee70-474a-a245-da4ede841dbf"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "42/69" ,
"category" : "Payload delivery" ,
"uuid" : "e74ef843-3680-41d3-b7db-1b0b83d01166"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--583f80b7-150f-43b8-984c-507183734547" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:49.000Z" ,
"modified" : "2019-08-23T09:33:49.000Z" ,
"pattern" : "[file:hashes.MD5 = 'fd301450a00094407729b9139c6c544a' AND file:hashes.SHA1 = 'b6e436a0fff117a1c3d3d70947f62d4cac66c95e' AND file:hashes.SHA256 = '242a1b8f9253b678c03507f137ade7a369c43964a9e2ee21b88289feeb61d208']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--7c9894ca-7a08-4157-a60a-2dbfdead61bb" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:51.000Z" ,
"modified" : "2019-08-23T09:33:51.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-14T06:12:12" ,
"category" : "Other" ,
"uuid" : "97cc9c37-8a59-4b7b-a326-5bd60584ea2b"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/242a1b8f9253b678c03507f137ade7a369c43964a9e2ee21b88289feeb61d208/analysis/1565763132/" ,
"category" : "Payload delivery" ,
"uuid" : "6cb2c50f-c405-48f2-a762-d671baef749a"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "31/70" ,
"category" : "Payload delivery" ,
"uuid" : "0bc7ec5f-3179-44d6-bdf4-725b3ff81715"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7e7268fb-a0fc-4c93-bc16-ba606b5e988b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:52.000Z" ,
"modified" : "2019-08-23T09:33:52.000Z" ,
"pattern" : "[file:hashes.MD5 = '4da12f54f0b7413d04f6832d26ee4633' AND file:hashes.SHA1 = '0ac64e08e63601ad9d6a4ef019e5b374784af80a' AND file:hashes.SHA256 = '86fca593acbcac34c59797cb38d5ca32986f66555875c79648cc57d3a443a46d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--8e631b4f-7877-4d15-8bae-4026529a128a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:52.000Z" ,
"modified" : "2019-08-23T09:33:52.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-14T06:10:43" ,
"category" : "Other" ,
"uuid" : "45d6a88e-cb2a-4a2a-bc10-acfdc2242299"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/86fca593acbcac34c59797cb38d5ca32986f66555875c79648cc57d3a443a46d/analysis/1565763043/" ,
"category" : "Payload delivery" ,
"uuid" : "33a390cf-e3e9-4759-9fbe-070928b8502e"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "34/67" ,
"category" : "Payload delivery" ,
"uuid" : "634fb5ab-2337-4cf5-a1b8-0a94da62accc"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2b52403a-fe7b-4b5e-9b93-ca6d6eed3654" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:52.000Z" ,
"modified" : "2019-08-23T09:33:52.000Z" ,
"pattern" : "[file:hashes.MD5 = '9bc58a40aa36674fe4a44abfd938a8db' AND file:hashes.SHA1 = '2b7404f6b0075bc1192d61d4af135d521d5f08a3' AND file:hashes.SHA256 = '446b37b0b0ffcb59ae0df18cf9125f62e128d475eb8f5a9a2caa7a3c3448565d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--73744f82-718a-484b-8057-e78bf0d1f92d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:52.000Z" ,
"modified" : "2019-08-23T09:33:52.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-06T00:39:44" ,
"category" : "Other" ,
"uuid" : "0a3f9499-cb4c-4465-8a81-cf1449a787d2"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/446b37b0b0ffcb59ae0df18cf9125f62e128d475eb8f5a9a2caa7a3c3448565d/analysis/1565051984/" ,
"category" : "Payload delivery" ,
"uuid" : "2138e29b-82c9-416c-88bd-1a2e06ddf352"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "33/71" ,
"category" : "Payload delivery" ,
"uuid" : "f87df041-8e64-402b-9fd2-90d3a7441ed9"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c7f78389-8821-43ca-8d46-687afc70fa6a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:53.000Z" ,
"modified" : "2019-08-23T09:33:53.000Z" ,
"pattern" : "[file:hashes.MD5 = '33edc43992137c0d4b07a4c1ed389e1e' AND file:hashes.SHA1 = '4c130aa110b290a0cf4ff1c099ea2a705081a9cb' AND file:hashes.SHA256 = '590bfc6b7fbd89e629e551fa9d70f1cdc0773d73dfea503d204a05014a8f0191']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--b97cd856-8dae-4602-aa2f-db8daf1f1129" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:53.000Z" ,
"modified" : "2019-08-23T09:33:53.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-06T00:39:45" ,
"category" : "Other" ,
"uuid" : "c6f36377-9234-426a-8fca-68c4bcc1eb56"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/590bfc6b7fbd89e629e551fa9d70f1cdc0773d73dfea503d204a05014a8f0191/analysis/1565051985/" ,
"category" : "Payload delivery" ,
"uuid" : "8c941c57-845a-4350-9a91-f53cc2b55ac4"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "25/69" ,
"category" : "Payload delivery" ,
"uuid" : "fa07a4cc-cc41-4975-bf41-8004cf0077c0"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--477d1696-bc96-462f-afed-7aac5dac22e3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:53.000Z" ,
"modified" : "2019-08-23T09:33:53.000Z" ,
"pattern" : "[file:hashes.MD5 = '22b2718408aa6dbbfb05066325838468' AND file:hashes.SHA1 = '442e6cc28d118cfaf1a5482e2000c7dc00d9a7b9' AND file:hashes.SHA256 = '1c0a896f8627e0974e113143fe0d9d7991ca170d250eec92359ec00b3296db82']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--2d8d71da-d2e0-4004-9cc1-fc2b68fca4e3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:53.000Z" ,
"modified" : "2019-08-23T09:33:53.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-06T00:39:40" ,
"category" : "Other" ,
"uuid" : "ad9aed51-be2a-46dd-a742-c6a015593afe"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/1c0a896f8627e0974e113143fe0d9d7991ca170d250eec92359ec00b3296db82/analysis/1565051980/" ,
"category" : "Payload delivery" ,
"uuid" : "463bca38-c5db-45cf-b071-3a5f94bfe081"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "16/72" ,
"category" : "Payload delivery" ,
"uuid" : "7c62ad0a-b7ac-422c-abce-155d4a93cfb2"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2c001844-70ba-431f-b9e2-c81f88058ed8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:53.000Z" ,
"modified" : "2019-08-23T09:33:53.000Z" ,
"pattern" : "[file:hashes.MD5 = '6370323a5960f06b77a61487b75aabe3' AND file:hashes.SHA1 = '3bb345032b6d0226d6771ba65fe4da0faf628631' AND file:hashes.SHA256 = 'cd43a176d2476cd717395a5d106cc4bc48aa4ca9b3a4e2047426c6f9aa045ea0']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--8aa45243-df40-4d10-bf17-d3e2599fed0a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:54.000Z" ,
"modified" : "2019-08-23T09:33:54.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-22T14:12:48" ,
"category" : "Other" ,
"uuid" : "7c423234-eff8-4a80-837c-88b7c3d8e4b0"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/cd43a176d2476cd717395a5d106cc4bc48aa4ca9b3a4e2047426c6f9aa045ea0/analysis/1566483168/" ,
"category" : "Payload delivery" ,
"uuid" : "55977d96-b891-4b8c-a209-037aaf4a20d0"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "32/69" ,
"category" : "Payload delivery" ,
"uuid" : "88b8201a-6590-44c4-8415-e0ed322698bc"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--58281799-2547-4047-98cd-60e10f04c1bd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:54.000Z" ,
"modified" : "2019-08-23T09:33:54.000Z" ,
"pattern" : "[file:hashes.MD5 = '15e50c8efe8f72064d51fc04437bed26' AND file:hashes.SHA1 = '8ed8cb784512f7dadd147347fc94e945faf16338' AND file:hashes.SHA256 = '337016b4f74c35030c825bffb7e5bfb56e61c8522183ce14a995ea9e032e7505']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:54Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--87010e33-7b38-419d-8421-5eaa07cb8c4b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:54.000Z" ,
"modified" : "2019-08-23T09:33:54.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-06T00:39:42" ,
"category" : "Other" ,
"uuid" : "8e530b7b-d673-41d1-8fc0-31c2d6b98b6e"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/337016b4f74c35030c825bffb7e5bfb56e61c8522183ce14a995ea9e032e7505/analysis/1565051982/" ,
"category" : "Payload delivery" ,
"uuid" : "7cb2e7db-f8be-4f73-84bb-d4b9479ccede"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "4/72" ,
"category" : "Payload delivery" ,
"uuid" : "7d9d1334-1e67-4587-89e4-fefc1747c19f"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ac105d47-7fab-4260-ad19-e2827a659096" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:54.000Z" ,
"modified" : "2019-08-23T09:33:54.000Z" ,
"pattern" : "[file:hashes.MD5 = '48e6c558a87577281a6b1f37e426f8ed' AND file:hashes.SHA1 = '946a24dfbd0ae94209ef7c284d3f462548566a3c' AND file:hashes.SHA256 = '3a4d8962e6deb2c0bf79b039695d25db85ac91f5b46e86397190b8c4a0ad95ef']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:54Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--63dce8e1-33e9-48be-8523-b5db67038282" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:55.000Z" ,
"modified" : "2019-08-23T09:33:55.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-06T00:39:42" ,
"category" : "Other" ,
"uuid" : "f153494c-3b6b-4b22-b71a-34646d965d1e"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/3a4d8962e6deb2c0bf79b039695d25db85ac91f5b46e86397190b8c4a0ad95ef/analysis/1565051982/" ,
"category" : "Payload delivery" ,
"uuid" : "3ced7f8f-fcf5-4de2-96ed-d9edf0311de3"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "8/71" ,
"category" : "Payload delivery" ,
"uuid" : "d7483c8e-d038-4ba3-9e98-9cf015824ac9"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--206578ce-144d-4490-b193-f64ae055a583" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:55.000Z" ,
"modified" : "2019-08-23T09:33:55.000Z" ,
"pattern" : "[file:hashes.MD5 = '396b6502c46b45d9f5efff728fa27055' AND file:hashes.SHA1 = 'f05bc018c90b560dc4932758956adffbc10588ce' AND file:hashes.SHA256 = '7980a1af165c711aaafcd1e60151cb66a58f4ccd3a0394fbecf2ba903ad50b55']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:55Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--0dc7048e-96ee-4e68-a2eb-403dd3883ae3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:55.000Z" ,
"modified" : "2019-08-23T09:33:55.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-06T00:39:45" ,
"category" : "Other" ,
"uuid" : "4dd18883-857f-44f7-8f46-86510c0528ec"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/7980a1af165c711aaafcd1e60151cb66a58f4ccd3a0394fbecf2ba903ad50b55/analysis/1565051985/" ,
"category" : "Payload delivery" ,
"uuid" : "883d7cd4-16f2-4eb4-98a1-6ee7fdf566a3"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "4/71" ,
"category" : "Payload delivery" ,
"uuid" : "35c1a363-34b0-4f3d-9e48-fb1e4be6a548"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--928ffbe0-4d94-455a-97cf-8202e79d6626" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:56.000Z" ,
"modified" : "2019-08-23T09:33:56.000Z" ,
"pattern" : "[file:hashes.MD5 = '1acc3b68da6b0a800cd58af30d47b01e' AND file:hashes.SHA1 = '9c413075aab7ef7876b8dc8d7b7c1b9b96842c6e' AND file:hashes.SHA256 = 'f1d4cc1e08d99497e19a29f9f915b813611b1f569a961bb7bd1ebc41a0b5af08']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:56Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--0a71b5ae-12ea-4aa3-bb82-6f031ff3765b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:57.000Z" ,
"modified" : "2019-08-23T09:33:57.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-06T00:39:52" ,
"category" : "Other" ,
"uuid" : "197c6b8b-8408-4769-acbb-f4dfdcc9dac0"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/f1d4cc1e08d99497e19a29f9f915b813611b1f569a961bb7bd1ebc41a0b5af08/analysis/1565051992/" ,
"category" : "Payload delivery" ,
"uuid" : "10aa9680-4f6f-4568-a5fc-274bf7e91101"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "9/71" ,
"category" : "Payload delivery" ,
"uuid" : "0c650060-f835-4d2f-a161-2836b9f2d7a0"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b2e3f716-6a47-4f4c-8d2d-f329559a4cad" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:57.000Z" ,
"modified" : "2019-08-23T09:33:57.000Z" ,
"pattern" : "[file:hashes.MD5 = 'b2975864ad694469b04165bd09277421' AND file:hashes.SHA1 = '0922defb82ff1140bbe3481bab27564bb966d50b' AND file:hashes.SHA256 = '0e0181499e50fb9ce8029767afdcf60ce21eea2819ce7ada1a3def4d8899c7dc']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:57Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--56045c01-e584-420e-97ad-340f8364c026" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:57.000Z" ,
"modified" : "2019-08-23T09:33:57.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-06T00:39:41" ,
"category" : "Other" ,
"uuid" : "962d2dae-deae-49fe-9bc2-23c4a3f46cad"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/0e0181499e50fb9ce8029767afdcf60ce21eea2819ce7ada1a3def4d8899c7dc/analysis/1565051981/" ,
"category" : "Payload delivery" ,
"uuid" : "6666edb2-556e-4e0c-aced-1f03fb89648f"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "21/71" ,
"category" : "Payload delivery" ,
"uuid" : "78f14ca4-ded4-4fa4-afa8-a4ca6ea0fa4c"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2d52e790-2148-4c46-af5a-3a9cca5167c2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:58.000Z" ,
"modified" : "2019-08-23T09:33:58.000Z" ,
"pattern" : "[file:hashes.MD5 = '5a46d793cf82822cb334b70609a9acd7' AND file:hashes.SHA1 = '56e8743e0773286a4b9e055147d96d53a43beca1' AND file:hashes.SHA256 = 'cde4b654e9bb29d3ace2b3dcd3520039bf8b42f905ac8d9e77845d8b911846e8']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--924cdf00-0662-44d7-9abe-db984b87a890" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:58.000Z" ,
"modified" : "2019-08-23T09:33:58.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-06T00:39:50" ,
"category" : "Other" ,
"uuid" : "17dadadd-111e-46a8-92b3-1fe16369945a"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/cde4b654e9bb29d3ace2b3dcd3520039bf8b42f905ac8d9e77845d8b911846e8/analysis/1565051990/" ,
"category" : "Payload delivery" ,
"uuid" : "baef6a31-bc30-4c2a-a6d8-e0539ef8dc11"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "37/70" ,
"category" : "Payload delivery" ,
"uuid" : "026e02d8-4c19-4f54-969d-6572c629dcff"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--780ea6a4-143e-435e-80ce-a9d640727387" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:58.000Z" ,
"modified" : "2019-08-23T09:33:58.000Z" ,
"pattern" : "[file:hashes.MD5 = '2adb5b013ba4de9a20c7c9e185930675' AND file:hashes.SHA1 = '173664de0a9a08218098abfb86d2c64f25b5ee37' AND file:hashes.SHA256 = 'eecb72fdd8f19a6ec78b27f47aa978eefbaf0c80c85481292b91e8010da95bd0']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--171b844c-e483-40b1-9be6-3a72552cad24" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:59.000Z" ,
"modified" : "2019-08-23T09:33:59.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-06T00:39:52" ,
"category" : "Other" ,
"uuid" : "69c83f72-bdb7-4652-b926-6a2e851907a5"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/eecb72fdd8f19a6ec78b27f47aa978eefbaf0c80c85481292b91e8010da95bd0/analysis/1565051992/" ,
"category" : "Payload delivery" ,
"uuid" : "702ec67b-808d-45e2-aa3d-96bc5dc257fb"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "17/71" ,
"category" : "Payload delivery" ,
"uuid" : "29ca6fa8-ca51-42c3-b074-5072810b5798"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e85ade4d-1b48-4843-919b-fbb40e56ea8e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:59.000Z" ,
"modified" : "2019-08-23T09:33:59.000Z" ,
"pattern" : "[file:hashes.MD5 = 'de8b61ae73f510eba526684f85b7cacb' AND file:hashes.SHA1 = '71f69f04307c8f5675dcadeaa80b8c2b95691b01' AND file:hashes.SHA256 = '433d0ca49bf2d80f3d61dcf97cd5af0ee52be83d5f8a070560cbf26ff840a676']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:33:59Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--6d64d31b-f6d3-4aab-8422-536fb14900a9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:33:59.000Z" ,
"modified" : "2019-08-23T09:33:59.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-20T16:43:56" ,
"category" : "Other" ,
"uuid" : "a749b13e-1cfc-4d34-8a55-fbe15a6a1b0f"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/433d0ca49bf2d80f3d61dcf97cd5af0ee52be83d5f8a070560cbf26ff840a676/analysis/1566319436/" ,
"category" : "Payload delivery" ,
"uuid" : "51849d9a-e13d-43e3-a26d-f0d4393471d5"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "37/69" ,
"category" : "Payload delivery" ,
"uuid" : "409c26da-bc69-40f8-adab-b2533fb55f6a"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0435b47e-3fda-4c7f-8c7d-300f6c81e5cc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:34:00.000Z" ,
"modified" : "2019-08-23T09:34:00.000Z" ,
"pattern" : "[file:hashes.MD5 = 'bdede8c167b85250401c7605d81d05f2' AND file:hashes.SHA1 = 'fbb485b40477f5a014e7096747b1b4a494ce50ef' AND file:hashes.SHA256 = '57566f1261b6b05e14aa9b579a7f5cbc2feb361baf897600eaa07da863532eb6']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:34:00Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--ef0ac1b1-06ab-4882-a73a-963968e5d9d5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:34:00.000Z" ,
"modified" : "2019-08-23T09:34:00.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-06T00:39:45" ,
"category" : "Other" ,
"uuid" : "94762121-aaee-40e3-9e1c-53a94ef7f108"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/57566f1261b6b05e14aa9b579a7f5cbc2feb361baf897600eaa07da863532eb6/analysis/1565051985/" ,
"category" : "Payload delivery" ,
"uuid" : "baf99690-03f5-49a4-8f2b-6448cd8e0c31"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "32/71" ,
"category" : "Payload delivery" ,
"uuid" : "b6cfd9ef-a7c3-4d1f-9ce0-c8a4de6257d1"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--fa6162c5-05ef-48dc-9617-96c574f6f8ee" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:34:00.000Z" ,
"modified" : "2019-08-23T09:34:00.000Z" ,
"pattern" : "[file:hashes.MD5 = 'a23d27688c57fb8d1b4979c4643c7dbc' AND file:hashes.SHA1 = '53102e57b40feacb64566c26d101d9242dece77c' AND file:hashes.SHA256 = 'd945cca810a8eb7c3e778515c28ceabae296378e5558bc40b125a8df3d4d6fa5']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:34:00Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--30af6744-2ff9-4462-a0fa-be7dfcd5e537" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:34:00.000Z" ,
"modified" : "2019-08-23T09:34:00.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-06T12:02:06" ,
"category" : "Other" ,
"uuid" : "356119c2-4238-44fd-85a9-44e7a88bf048"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/d945cca810a8eb7c3e778515c28ceabae296378e5558bc40b125a8df3d4d6fa5/analysis/1565092926/" ,
"category" : "Payload delivery" ,
"uuid" : "5ee8ca89-dbc7-425e-968e-7f9a4073d9ba"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "37/66" ,
"category" : "Payload delivery" ,
"uuid" : "784cb14b-2405-4a42-90cd-513689cb429b"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--41e8c744-0833-4720-abf8-e40fd4b0a6ec" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:34:00.000Z" ,
"modified" : "2019-08-23T09:34:00.000Z" ,
"pattern" : "[file:hashes.MD5 = '84d0eb92a62f095271fd7a22352144d4' AND file:hashes.SHA1 = '048c40eb606da3def08c9f6997c1948afbbc959b' AND file:hashes.SHA256 = '5aa84aa5c90ec34b7f7d75eb350349ae3aa5060f3ad6dd0520e851626e9f8354']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:34:00Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--debdafab-84f5-4c5f-8f4a-3d873d95895c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:34:01.000Z" ,
"modified" : "2019-08-23T09:34:01.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-13T12:22:09" ,
"category" : "Other" ,
"uuid" : "4dcdd982-7bae-4fa3-aab4-a7bba1a08e35"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/5aa84aa5c90ec34b7f7d75eb350349ae3aa5060f3ad6dd0520e851626e9f8354/analysis/1565698929/" ,
"category" : "Payload delivery" ,
"uuid" : "e3705fc2-0b09-44d9-aae2-674202792f4a"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "37/70" ,
"category" : "Payload delivery" ,
"uuid" : "1f05cf26-dc13-4a0f-ac1e-8b8e7bd557fc"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6a1850ce-88ff-4602-b863-1c5a8eb3e7d5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:34:01.000Z" ,
"modified" : "2019-08-23T09:34:01.000Z" ,
"pattern" : "[file:hashes.MD5 = '9eb9af0f63644fee49d083c1c330226b' AND file:hashes.SHA1 = '79ac512389ef9e27a3598ca2968573db4f5fd58f' AND file:hashes.SHA256 = 'defebfcc7affc31a00400e387b1994baf1d75704aa682803584e2c87ad154ec1']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-23T09:34:01Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--e39a8261-d7fc-4e65-a763-eb2d49bdcf6b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-23T09:34:01.000Z" ,
"modified" : "2019-08-23T09:34:01.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-06T00:39:51" ,
"category" : "Other" ,
"uuid" : "7fd29b15-6b70-40b6-8308-816eee3a7113"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/defebfcc7affc31a00400e387b1994baf1d75704aa682803584e2c87ad154ec1/analysis/1565051991/" ,
"category" : "Payload delivery" ,
"uuid" : "86fb6e82-743e-41fa-8f4b-b06cc7c61b88"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "31/69" ,
"category" : "Payload delivery" ,
"uuid" : "4e46ad7a-a5d9-46fc-bf0d-7efc850aa1dc"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--3b1d47e5-d5aa-4d56-8011-0e6c271d8a8c" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-08T09:19:49.000Z" ,
"modified" : "2019-08-08T09:19:49.000Z" ,
"relationship_type" : "drops" ,
"source_ref" : "indicator--b1fe24c7-e0d6-4ad6-bded-71e94646e1de" ,
"target_ref" : "indicator--33584ba5-ffb6-4b6d-a583-2ed8be8b13a8"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--2dd0755c-1e57-428e-b822-5d780ad8bd74" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:01.000Z" ,
"modified" : "2019-08-23T09:34:01.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--5755a9b4-0b6d-4edb-b41d-1fa6eebf677b" ,
"target_ref" : "x-misp-object--57e72629-e86a-4591-b071-dc72988a11dd"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--1368a551-9200-4cf2-a6a7-73232f7c33a6" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:01.000Z" ,
"modified" : "2019-08-23T09:34:01.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--90ba774e-2d3c-4681-aa3c-2f72306df89e" ,
"target_ref" : "x-misp-object--46245f77-2cae-4804-a5d1-c6c09bb69ef8"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--2d2f908e-d8fb-4183-95be-64e0b04f38e2" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:01.000Z" ,
"modified" : "2019-08-23T09:34:01.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--f23f0b2b-985e-4e21-80dc-e59c3c28c45f" ,
"target_ref" : "x-misp-object--0da0d94b-fd1a-48df-a95f-33f250100eb4"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--921c9004-1f62-4bf9-af7c-256ad152096f" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:01.000Z" ,
"modified" : "2019-08-23T09:34:01.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--b05ef68e-17cd-4a85-af71-414145036bba" ,
"target_ref" : "x-misp-object--6847ec0c-770d-4bb0-b6b5-64286a072bb9"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--a3918add-b66a-459b-8dd3-1475ace6d904" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:02.000Z" ,
"modified" : "2019-08-23T09:34:02.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--531a0491-51fb-4487-8d23-083a61d6749c" ,
"target_ref" : "x-misp-object--b5567de3-b632-4c8e-a2b2-843367a3b89c"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--8475c5f0-b345-4f62-b8dc-c268d225cecb" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:02.000Z" ,
"modified" : "2019-08-23T09:34:02.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--6bed7582-d749-4f0e-972a-704520e046dc" ,
"target_ref" : "x-misp-object--fdd40616-8544-40b7-8f04-79ab0dd41097"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--7ed98fd5-bc69-41b0-81d9-df855488b55b" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:02.000Z" ,
"modified" : "2019-08-23T09:34:02.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--fe215d82-4e07-46c1-8545-1d395fa890ce" ,
"target_ref" : "x-misp-object--f4cd93cd-e5cd-42b3-8fe9-28685d552703"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--62f9bea8-4b11-4770-b06e-b95fe80915ae" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:02.000Z" ,
"modified" : "2019-08-23T09:34:02.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--7047fe89-3ddd-4bff-aa2a-11d986cde08b" ,
"target_ref" : "x-misp-object--4cbc7e29-5a6c-4775-8002-cdba10392a10"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--a405d7ec-5247-4318-b625-2bd405058ce5" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:02.000Z" ,
"modified" : "2019-08-23T09:34:02.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--50fedb9b-0e14-43fb-8512-8f989ac34305" ,
"target_ref" : "x-misp-object--5028f0e4-43d2-4832-a500-813be2f633b3"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--5c8255de-7df1-4f2c-bdf4-eee4cc424853" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:02.000Z" ,
"modified" : "2019-08-23T09:34:02.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--51d2647f-b8ad-4664-a17d-7ae19f413a11" ,
"target_ref" : "x-misp-object--24acd52e-a969-4d69-bb88-e57c51a43e42"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--c40cc3a0-a670-4276-8549-6ebb290fb264" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:02.000Z" ,
"modified" : "2019-08-23T09:34:02.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--b6decb0d-6c64-4c13-a035-00e4867fb2dd" ,
"target_ref" : "x-misp-object--7f0397a0-ca35-463e-ba29-48807fde401b"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--64280654-6da2-4333-9ccf-a15939fa57a3" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:02.000Z" ,
"modified" : "2019-08-23T09:34:02.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--68f1d019-274d-43e4-b014-ce9b23560d4e" ,
"target_ref" : "x-misp-object--d006038d-e562-4505-aa6a-26272c6906c5"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--65413621-277f-4651-93df-cc6acf602d1a" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:02.000Z" ,
"modified" : "2019-08-23T09:34:02.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--a5b82f72-0f15-4329-a3ae-a1443c7c20f9" ,
"target_ref" : "x-misp-object--ef7058b0-ee9a-42e7-84e4-571560201656"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--47fa697e-d234-4bbd-b24d-436168dca93d" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:02.000Z" ,
"modified" : "2019-08-23T09:34:02.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--a7f25b8a-bc21-44ec-88e6-fe0d358f36b5" ,
"target_ref" : "x-misp-object--a15e1912-b799-484e-8596-3a929eb5b849"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--d6727a26-4386-4b2f-8485-71b67d3690a0" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:02.000Z" ,
"modified" : "2019-08-23T09:34:02.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--fbbe7063-4dc9-40d9-8a70-5e10d25ae1be" ,
"target_ref" : "x-misp-object--3dccc6fd-ccf2-4995-8770-41075c7981c0"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--41eb47dc-7358-4ce2-874a-b0fcfca06efe" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:02.000Z" ,
"modified" : "2019-08-23T09:34:02.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--4671a7c1-3b72-427b-b486-a9076c743c39" ,
"target_ref" : "x-misp-object--601cbe62-0b1b-4765-9a08-23a989a76447"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--6398f885-0d4f-4866-b62a-72c8c6e41a5f" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:02.000Z" ,
"modified" : "2019-08-23T09:34:02.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--b8629f7c-4f7b-403e-9b5e-8343238e99cf" ,
"target_ref" : "x-misp-object--e400655d-93d4-46a7-9116-738530e06ea7"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--83ed3d30-46de-4a25-8654-edc0a6d8eba5" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:03.000Z" ,
"modified" : "2019-08-23T09:34:03.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--e8a2c8f3-145e-47a6-83fe-139a0629e77c" ,
"target_ref" : "x-misp-object--3cf7cf8e-f19a-4306-bd46-e65583216baa"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--0f6a478e-2856-410a-b53d-304269243d4e" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:03.000Z" ,
"modified" : "2019-08-23T09:34:03.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--cd784941-a6e5-4ff2-b4d2-8e0201d5fabd" ,
"target_ref" : "x-misp-object--116175d9-f786-4417-91c1-e787621fc175"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--aed1230c-a59c-4848-9439-325a445e0a33" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:03.000Z" ,
"modified" : "2019-08-23T09:34:03.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--583f80b7-150f-43b8-984c-507183734547" ,
"target_ref" : "x-misp-object--7c9894ca-7a08-4157-a60a-2dbfdead61bb"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--fae845fc-22fa-46ea-86f1-8389b40c9c2f" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:03.000Z" ,
"modified" : "2019-08-23T09:34:03.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--7e7268fb-a0fc-4c93-bc16-ba606b5e988b" ,
"target_ref" : "x-misp-object--8e631b4f-7877-4d15-8bae-4026529a128a"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--908b38af-12b9-4267-92ab-55d9b7db8a06" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:03.000Z" ,
"modified" : "2019-08-23T09:34:03.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--2b52403a-fe7b-4b5e-9b93-ca6d6eed3654" ,
"target_ref" : "x-misp-object--73744f82-718a-484b-8057-e78bf0d1f92d"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--9f5bb937-2ae7-4717-a152-f6dbcb8cc66c" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:03.000Z" ,
"modified" : "2019-08-23T09:34:03.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--c7f78389-8821-43ca-8d46-687afc70fa6a" ,
"target_ref" : "x-misp-object--b97cd856-8dae-4602-aa2f-db8daf1f1129"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--cda5e29a-74ca-47dc-bdb7-9647807e97a6" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:03.000Z" ,
"modified" : "2019-08-23T09:34:03.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--477d1696-bc96-462f-afed-7aac5dac22e3" ,
"target_ref" : "x-misp-object--2d8d71da-d2e0-4004-9cc1-fc2b68fca4e3"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--ac7c1671-8444-4244-84cd-ba5ef2a2753f" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:03.000Z" ,
"modified" : "2019-08-23T09:34:03.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--2c001844-70ba-431f-b9e2-c81f88058ed8" ,
"target_ref" : "x-misp-object--8aa45243-df40-4d10-bf17-d3e2599fed0a"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--88133e2f-00b8-48e6-a7a4-091126048cbc" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:03.000Z" ,
"modified" : "2019-08-23T09:34:03.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--58281799-2547-4047-98cd-60e10f04c1bd" ,
"target_ref" : "x-misp-object--87010e33-7b38-419d-8421-5eaa07cb8c4b"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--baaded4e-c172-44dc-9802-1f28aa3abba7" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:03.000Z" ,
"modified" : "2019-08-23T09:34:03.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--ac105d47-7fab-4260-ad19-e2827a659096" ,
"target_ref" : "x-misp-object--63dce8e1-33e9-48be-8523-b5db67038282"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--4c45bf8f-de89-4c61-90da-1627c63b2db1" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:03.000Z" ,
"modified" : "2019-08-23T09:34:03.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--206578ce-144d-4490-b193-f64ae055a583" ,
"target_ref" : "x-misp-object--0dc7048e-96ee-4e68-a2eb-403dd3883ae3"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--ef237c26-64bf-40d8-ba0d-86dc9ab5df35" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:04.000Z" ,
"modified" : "2019-08-23T09:34:04.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--928ffbe0-4d94-455a-97cf-8202e79d6626" ,
"target_ref" : "x-misp-object--0a71b5ae-12ea-4aa3-bb82-6f031ff3765b"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--7ee97a0a-c471-4a63-86ad-d7d02022066e" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:04.000Z" ,
"modified" : "2019-08-23T09:34:04.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--b2e3f716-6a47-4f4c-8d2d-f329559a4cad" ,
"target_ref" : "x-misp-object--56045c01-e584-420e-97ad-340f8364c026"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--fb78981e-524f-49cd-968f-42c64ae2d818" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:04.000Z" ,
"modified" : "2019-08-23T09:34:04.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--2d52e790-2148-4c46-af5a-3a9cca5167c2" ,
"target_ref" : "x-misp-object--924cdf00-0662-44d7-9abe-db984b87a890"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--b2546ed6-15c1-4924-9770-00cb8f85f3c7" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:04.000Z" ,
"modified" : "2019-08-23T09:34:04.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--780ea6a4-143e-435e-80ce-a9d640727387" ,
"target_ref" : "x-misp-object--171b844c-e483-40b1-9be6-3a72552cad24"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--3fa8b609-56c7-42e5-bb99-fac1a8c83c55" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:04.000Z" ,
"modified" : "2019-08-23T09:34:04.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--e85ade4d-1b48-4843-919b-fbb40e56ea8e" ,
"target_ref" : "x-misp-object--6d64d31b-f6d3-4aab-8422-536fb14900a9"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--7e14d0e9-289f-4451-b0fb-2f32830c4f4f" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:04.000Z" ,
"modified" : "2019-08-23T09:34:04.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--0435b47e-3fda-4c7f-8c7d-300f6c81e5cc" ,
"target_ref" : "x-misp-object--ef0ac1b1-06ab-4882-a73a-963968e5d9d5"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--18d0a123-955b-4d55-b5c0-9a92952986bd" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:04.000Z" ,
"modified" : "2019-08-23T09:34:04.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--fa6162c5-05ef-48dc-9617-96c574f6f8ee" ,
"target_ref" : "x-misp-object--30af6744-2ff9-4462-a0fa-be7dfcd5e537"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--bbad76f5-5ce2-420c-be44-9336af03fac3" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:04.000Z" ,
"modified" : "2019-08-23T09:34:04.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--41e8c744-0833-4720-abf8-e40fd4b0a6ec" ,
"target_ref" : "x-misp-object--debdafab-84f5-4c5f-8f4a-3d873d95895c"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-08-07 08:13:15 +00:00
"id" : "relationship--2ec52d43-6a0d-4aef-9580-fc683a281f52" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-23T09:34:04.000Z" ,
"modified" : "2019-08-23T09:34:04.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--6a1850ce-88ff-4602-b863-1c5a8eb3e7d5" ,
"target_ref" : "x-misp-object--e39a8261-d7fc-4e65-a763-eb2d49bdcf6b"
} ,
{
"type" : "marking-definition" ,
"spec_version" : "2.1" ,
"id" : "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ,
"created" : "2017-01-20T00:00:00.000Z" ,
"definition_type" : "tlp" ,
"name" : "TLP:WHITE" ,
"definition" : {
"tlp" : "white"
}
}
]
}