misp-circl-feed/feeds/circl/stix-2.1/5df37253-ecc0-40ff-9ab9-4c44950d210f.json

2110 lines
89 KiB
JSON
Raw Permalink Normal View History

2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--5df37253-ecc0-40ff-9ab9-4c44950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-16T08:27:45.000Z",
"modified": "2019-12-16T08:27:45.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5df37253-ecc0-40ff-9ab9-4c44950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-16T08:27:45.000Z",
"modified": "2019-12-16T08:27:45.000Z",
"name": "OSINT - GALLIUM: Targeting global telecom",
"published": "2019-12-16T08:34:35Z",
"object_refs": [
"observed-data--5df372b8-5b40-478d-a93d-4cf1950d210f",
"url--5df372b8-5b40-478d-a93d-4cf1950d210f",
"indicator--5df37fb5-e9a4-4ed8-9abe-4850950d210f",
"indicator--5df37fba-2648-4954-980c-444a950d210f",
"indicator--5df37fc0-7bf4-4030-bf71-4e71950d210f",
"indicator--5df37fc6-d1d4-4b40-a7ac-46e3950d210f",
"indicator--5df37fc6-48d8-4b0d-af0b-4814950d210f",
"indicator--5df37fc7-46b0-42c1-8578-4923950d210f",
"indicator--5df37fc7-7f30-479f-8358-43f4950d210f",
"x-misp-attribute--5df38aa1-7a6c-4df4-bbfa-4ca0950d210f",
"observed-data--5df399d4-fa1c-48d7-bca2-48b4950d210f",
"url--5df399d4-fa1c-48d7-bca2-48b4950d210f",
"indicator--1ab9b5d3-f394-4a58-b890-e4ec2f6c7f58",
"indicator--9c77c3fa-73df-450c-b5b3-ce88e70e25c6",
"indicator--6841f72d-d8d2-4cea-bff0-ecd5e746cb44",
"indicator--0d9e0fdd-9a73-472b-9de0-3eb7b1a3ce73",
"indicator--81b35f61-e33f-4ce5-9264-a42e4061dc89",
"indicator--34fb3676-5716-43dd-8a1c-8b180f793c25",
"indicator--10f1f733-c7ee-41a9-bfc7-de76c69a386e",
"indicator--55309c26-5c02-464f-939a-d71ccd33e1a2",
"indicator--52ea1550-80eb-4398-9011-e294c4b04153",
"indicator--fd50853a-5080-4c08-875a-13b25c64f6fb",
"indicator--473b147e-5cd4-4acb-ae0d-03cbe777e19a",
"indicator--c609fe42-cc46-4ff3-bda8-83175257560a",
"indicator--826b488e-d80e-46eb-81d0-a2d7f255c391",
"indicator--5ae707a9-1413-40e1-9bfb-0ab797935daf",
"indicator--2ff483f1-bfd4-4bc0-834a-6090bd524eb7",
"indicator--887e619e-e714-4276-88ab-5bee4ce7e1bf",
"indicator--9714d7cb-273f-451a-bbe2-46a44d787eb5",
"indicator--9a81a9ad-91c8-415b-9a7d-a24f2cd80fc7",
"indicator--af74e22f-def9-4891-a20e-3ba3717f3023",
"indicator--2fb968c9-e5e3-4b24-8b1d-efd3ada12b7b",
"indicator--da89646f-07af-4568-9b31-2c65c6b02730",
"indicator--6e35ecff-22ac-425f-a762-9be0777ba592",
"indicator--996a2bc0-ccfe-498c-8c90-76cc314ce0d2",
"indicator--bbac27c8-bbc2-4b2f-a6eb-14a3a2a8372f",
"indicator--f263f4bd-a56e-4765-ab3d-a0119f26e56e",
"indicator--08f20998-85ef-4436-babb-88289b5eb454",
"indicator--3d8a573b-fb90-4313-ba6d-947ba1898b88",
"indicator--227aa6db-279d-4d22-913b-c1c913c53bca",
"indicator--05335725-d07e-4334-a7b2-1955bc6986af",
"indicator--f853a427-6331-46ab-b63c-3af015ff2e9c",
"indicator--18187a32-3e83-48fb-b46f-0a1f393cee30",
"indicator--8866af47-785b-49c3-8434-6e9e9645bce9",
"indicator--ec7c6a1d-bcdb-4b78-b97d-dc882cd85149",
"indicator--a53cd17d-fea7-4aa3-a253-49d0fd227668",
"indicator--453c9095-c7d4-4f7b-8e18-5592705bb6cc",
"indicator--97b788de-edb1-441f-87eb-77692b92d705",
"indicator--e2f4d2bb-d70b-4c5e-9993-9770649645ea",
"indicator--656bff64-0ad2-4a70-889b-ef9a0a41f8a5",
"indicator--693e7281-40be-4cb3-8d42-f1b88c69afd9",
"x-misp-object--5792ac9e-9214-4610-b440-f5afaa5d1539",
"indicator--70155b79-cdd0-440e-bedd-0386e13c85eb",
"x-misp-object--ce794ae7-39c0-4845-8bf8-38b89a365563",
"indicator--102841b3-7248-485e-b1a8-9cc72ed1efbb",
"x-misp-object--33bc1e10-c0af-465f-96e8-cf37ab9202bf",
"indicator--b6b3ac5a-b33a-422f-93c1-17a9ea2530b1",
"x-misp-object--3d5fb681-223c-43f5-95ca-1fd0a5901117",
"indicator--978422c6-1b76-46fe-8ee6-09cf6b05a382",
"x-misp-object--5cf9c477-54ee-4314-8618-94b32a714bd2",
"indicator--db7f46ee-b12d-4740-b7f4-2a6a75d4d220",
"x-misp-object--cd155fb0-ffa7-4c2d-9abe-9da8b19e38a9",
"indicator--39743303-990f-4a10-ab79-e6d47f402ed7",
"x-misp-object--b72db847-00e8-40b7-98f4-4f75dfb66774",
"indicator--0437445d-8bc7-47a2-96a6-4f86ad3906bc",
"x-misp-object--bbc49ff1-0987-4ad0-8546-454088138ebd",
"indicator--53bc836d-94d5-4620-b23a-ce3bf3cc4b2e",
"x-misp-object--34935b31-c353-4fff-bbf8-6138b7a1509a",
"indicator--cdcde630-7eb0-4b15-ac5b-de2ce5429c42",
"x-misp-object--e7833a09-cac6-42ca-8b1a-945a7bfec0f6",
"indicator--57ef2d67-fc65-4c12-ab9f-10ea2a89f9e0",
"x-misp-object--0cc004d1-66e1-471f-af25-5ed9301bc765",
"indicator--98de906b-cea2-4397-b05f-17ca7375d016",
"x-misp-object--59638fcb-5d31-4187-8809-1ea84b8f6941",
2024-08-07 08:13:15 +00:00
"relationship--ce4bab44-39db-47ea-990a-2a5293294d6b",
"relationship--b77948fd-90d2-4c7f-b886-6d0801aaa8e4",
"relationship--f55c9f92-7566-4ae0-8a40-8ecee8f9975b",
"relationship--d23a87ac-9344-4de7-a554-12922b1db624",
"relationship--a97a70eb-f1ca-4c6d-92bb-d22e29d57d76",
"relationship--a09a0713-8835-4966-aff0-35565e7be988",
"relationship--f1d7ec7e-41f4-44d4-aaf3-788a5d06b4fa",
"relationship--48556c3b-1f92-4d7f-897a-a10fd1d773ad",
"relationship--c40afe6e-3c60-4aba-a4c0-6f3dfc6c4921",
"relationship--aa58f756-6999-47b6-9dd8-2b0bc6f8f10c",
"relationship--a7bafd83-7519-4b9a-9919-9bfa0d5f30c6",
"relationship--d0d6b12c-8718-419d-bfd6-59c8463439d0"
2023-04-21 14:44:17 +00:00
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"misp-galaxy:malpedia=\"HTran\"",
"misp-galaxy:mitre-enterprise-attack-tool=\"HTRAN\"",
"misp-galaxy:mitre-enterprise-attack-tool=\"HTRAN - S0040\"",
"misp-galaxy:mitre-tool=\"HTRAN\"",
"misp-galaxy:mitre-tool=\"HTRAN - S0040\"",
"misp-galaxy:tool=\"Htran\"",
"misp-galaxy:malpedia=\"MimiKatz\"",
"misp-galaxy:mitre-enterprise-attack-tool=\"Mimikatz\"",
"misp-galaxy:mitre-enterprise-attack-tool=\"Mimikatz - S0002\"",
"misp-galaxy:mitre-tool=\"Mimikatz\"",
"misp-galaxy:mitre-tool=\"Mimikatz - S0002\"",
"misp-galaxy:tool=\"Mimikatz\"",
"misp-galaxy:mitre-enterprise-attack-tool=\"PsExec\"",
"misp-galaxy:mitre-enterprise-attack-tool=\"PsExec - S0029\"",
"misp-galaxy:mitre-tool=\"PsExec\"",
"misp-galaxy:mitre-tool=\"PsExec - S0029\"",
"misp-galaxy:tool=\"PsExec\"",
"misp-galaxy:mitre-enterprise-attack-tool=\"Windows Credential Editor\"",
"misp-galaxy:mitre-enterprise-attack-tool=\"Windows Credential Editor - S0005\"",
"misp-galaxy:mitre-tool=\"Windows Credential Editor\"",
"misp-galaxy:mitre-tool=\"Windows Credential Editor - S0005\"",
"misp-galaxy:tool=\"Windows Credential Editor\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:source-type=\"blog-post\"",
"misp-galaxy:mitre-enterprise-attack-malware=\"China Chopper\"",
"misp-galaxy:mitre-enterprise-attack-malware=\"China Chopper - S0020\"",
"misp-galaxy:mitre-malware=\"China Chopper\"",
"misp-galaxy:mitre-malware=\"China Chopper - S0020\"",
"misp-galaxy:tool=\"China Chopper\"",
"misp-galaxy:malpedia=\"Poison Ivy\"",
"misp-galaxy:mitre-enterprise-attack-malware=\"PoisonIvy\"",
"misp-galaxy:mitre-enterprise-attack-malware=\"PoisonIvy - S0012\"",
"misp-galaxy:mitre-malware=\"PoisonIvy\"",
"misp-galaxy:mitre-malware=\"PoisonIvy - S0012\"",
"misp-galaxy:rat=\"PoisonIvy\"",
"misp-galaxy:tool=\"Poison Ivy\"",
"misp-galaxy:tool=\"poisonivy\"",
"misp-galaxy:microsoft-activity-group=\"GALLIUM\"",
"misp-galaxy:tool=\"Netcat\"",
"misp-galaxy:tool=\"NBTScan\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5df372b8-5b40-478d-a93d-4cf1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T11:15:04.000Z",
"modified": "2019-12-13T11:15:04.000Z",
"first_observed": "2019-12-13T11:15:04Z",
"last_observed": "2019-12-13T11:15:04Z",
"number_observed": 1,
"object_refs": [
"url--5df372b8-5b40-478d-a93d-4cf1950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5df372b8-5b40-478d-a93d-4cf1950d210f",
"value": "https://www.microsoft.com/security/blog/2019/12/12/gallium-targeting-global-telecom/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5df37fb5-e9a4-4ed8-9abe-4850950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:10:29.000Z",
"modified": "2019-12-13T12:10:29.000Z",
"pattern": "[domain-name:value = 'asyspy256.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:10:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5df37fba-2648-4954-980c-444a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:10:34.000Z",
"modified": "2019-12-13T12:10:34.000Z",
"pattern": "[domain-name:value = 'hotkillmail9sddcc.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:10:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5df37fc0-7bf4-4030-bf71-4e71950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:10:40.000Z",
"modified": "2019-12-13T12:10:40.000Z",
"pattern": "[domain-name:value = 'rosaf112.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:10:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5df37fc6-d1d4-4b40-a7ac-46e3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:10:46.000Z",
"modified": "2019-12-13T12:10:46.000Z",
"pattern": "[domain-name:value = 'cvdfhjh1231.myftp.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:10:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5df37fc6-48d8-4b0d-af0b-4814950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:10:46.000Z",
"modified": "2019-12-13T12:10:46.000Z",
"pattern": "[domain-name:value = 'sz2016rose.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:10:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5df37fc7-46b0-42c1-8578-4923950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:10:47.000Z",
"modified": "2019-12-13T12:10:47.000Z",
"pattern": "[domain-name:value = 'dffwescwer4325.myftp.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:10:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5df37fc7-7f30-479f-8358-43f4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:10:47.000Z",
"modified": "2019-12-13T12:10:47.000Z",
"pattern": "[domain-name:value = 'cvdfhjh1231.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:10:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5df38aa1-7a6c-4df4-bbfa-4ca0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:57:05.000Z",
"modified": "2019-12-13T12:57:05.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"Antivirus detection\""
],
"x_misp_category": "Antivirus detection",
"x_misp_type": "text",
"x_misp_value": "TrojanDropper:Win32/BlackMould.A!dha\r\nTrojan:Win32/BlackMould.B!dha\r\nTrojan:Win32/QuarkBandit.A!dha\r\nTrojan:Win32/Sidelod.A!dha"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5df399d4-fa1c-48d7-bca2-48b4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T14:01:56.000Z",
"modified": "2019-12-13T14:01:56.000Z",
"first_observed": "2019-12-13T14:01:56Z",
"last_observed": "2019-12-13T14:01:56Z",
"number_observed": 1,
"object_refs": [
"url--5df399d4-fa1c-48d7-bca2-48b4950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5df399d4-fa1c-48d7-bca2-48b4950d210f",
"value": "https://github.com/Azure/Azure-Sentinel/blob/master/Detections/MultipleDataSources/GalliumIOCs.yaml"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1ab9b5d3-f394-4a58-b890-e4ec2f6c7f58",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:57:49.000Z",
"modified": "2019-12-13T12:57:49.000Z",
"pattern": "[file:hashes.SHA256 = '9ae7c4a4e1cfe9b505c3a47e66551eb1357affee65bfefb0109d02f4e97c06dd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:57:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9c77c3fa-73df-450c-b5b3-ce88e70e25c6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:57:50.000Z",
"modified": "2019-12-13T12:57:50.000Z",
"pattern": "[file:hashes.SHA256 = '7772d624e1aed327abcd24ce2068063da0e31bb1d5d3bf2841fc977e198c6c5b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:57:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6841f72d-d8d2-4cea-bff0-ecd5e746cb44",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:57:50.000Z",
"modified": "2019-12-13T12:57:50.000Z",
"pattern": "[file:hashes.SHA256 = '657fc7e6447e0065d488a7db2caab13071e44741875044f9024ca843fe4e86b5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:57:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0d9e0fdd-9a73-472b-9de0-3eb7b1a3ce73",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:57:51.000Z",
"modified": "2019-12-13T12:57:51.000Z",
"pattern": "[file:hashes.SHA256 = '2ef157a97e28574356e1d871abf75deca7d7a1ea662f38b577a06dd039dbae29']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:57:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--81b35f61-e33f-4ce5-9264-a42e4061dc89",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:57:51.000Z",
"modified": "2019-12-13T12:57:51.000Z",
"pattern": "[file:hashes.SHA256 = '52fd7b90d7144ac448af4008be639d4d45c252e51823f4311011af3207a5fc77']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:57:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--34fb3676-5716-43dd-8a1c-8b180f793c25",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:57:52.000Z",
"modified": "2019-12-13T12:57:52.000Z",
"pattern": "[file:hashes.SHA256 = 'a370e47cb97b35f1ae6590d14ada7561d22b4a73be0cb6df7e851d85054b1ac3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:57:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--10f1f733-c7ee-41a9-bfc7-de76c69a386e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:57:52.000Z",
"modified": "2019-12-13T12:57:52.000Z",
"pattern": "[file:hashes.SHA256 = '5bf80b871278a29f356bd42af1e35428aead20cd90b0c7642247afcaaa95b022']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:57:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55309c26-5c02-464f-939a-d71ccd33e1a2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:57:53.000Z",
"modified": "2019-12-13T12:57:53.000Z",
"pattern": "[file:hashes.SHA256 = '6f690ccfd54c2b02f0c3cb89c938162c10cbeee693286e809579c540b07ed883']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:57:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--52ea1550-80eb-4398-9011-e294c4b04153",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:57:54.000Z",
"modified": "2019-12-13T12:57:54.000Z",
"pattern": "[file:hashes.SHA256 = '3c884f776fbd16597c072afd81029e8764dd57ee79d798829ca111f5e170bd8e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:57:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fd50853a-5080-4c08-875a-13b25c64f6fb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:57:54.000Z",
"modified": "2019-12-13T12:57:54.000Z",
"pattern": "[file:hashes.SHA256 = '1922a419f57afb351b58330ed456143cc8de8b3ebcbd236d26a219b03b3464d7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:57:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--473b147e-5cd4-4acb-ae0d-03cbe777e19a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:57:54.000Z",
"modified": "2019-12-13T12:57:54.000Z",
"pattern": "[file:hashes.SHA256 = 'fe0e4ef832b62d49b43433e10c47dc51072959af93963c790892efc20ec422f1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:57:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c609fe42-cc46-4ff3-bda8-83175257560a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:57:55.000Z",
"modified": "2019-12-13T12:57:55.000Z",
"pattern": "[file:hashes.SHA256 = '7ce9e1c5562c8a5c93878629a47fe6071a35d604ed57a8f918f3eadf82c11a9c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:57:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--826b488e-d80e-46eb-81d0-a2d7f255c391",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:57:56.000Z",
"modified": "2019-12-13T12:57:56.000Z",
"pattern": "[file:hashes.SHA256 = '178d5ee8c04401d332af331087a80fb4e5e2937edfba7266f9be34a5029b6945']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:57:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5ae707a9-1413-40e1-9bfb-0ab797935daf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:57:56.000Z",
"modified": "2019-12-13T12:57:56.000Z",
"pattern": "[file:hashes.SHA256 = '51f70956fa8c487784fd21ab795f6ba2199b5c2d346acdeef1de0318a4c729d9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:57:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2ff483f1-bfd4-4bc0-834a-6090bd524eb7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:58:12.000Z",
"modified": "2019-12-13T12:58:12.000Z",
"pattern": "[file:hashes.SHA256 = '889bca95f1a69e94aaade1e959ed0d3620531dc0fc563be9a8decf41899b4d79']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:58:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--887e619e-e714-4276-88ab-5bee4ce7e1bf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:58:12.000Z",
"modified": "2019-12-13T12:58:12.000Z",
"pattern": "[file:hashes.SHA256 = '332ddaa00e2eb862742cb8d7e24ce52a5d38ffb22f6c8bd51162bd35e84d7ddf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:58:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9714d7cb-273f-451a-bbe2-46a44d787eb5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:58:13.000Z",
"modified": "2019-12-13T12:58:13.000Z",
"pattern": "[file:hashes.SHA256 = '44bcf82fa536318622798504e8369e9dcdb32686b95fcb44579f0b4efa79df08']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:58:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9a81a9ad-91c8-415b-9a7d-a24f2cd80fc7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:58:13.000Z",
"modified": "2019-12-13T12:58:13.000Z",
"pattern": "[file:hashes.SHA256 = '63552772fdd8c947712a2cff00dfe25c7a34133716784b6d486227384f8cf3ef']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:58:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--af74e22f-def9-4891-a20e-3ba3717f3023",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T12:58:14.000Z",
"modified": "2019-12-13T12:58:14.000Z",
"pattern": "[file:hashes.SHA256 = '056744a3c371b5938d63c396fe094afce8fb153796a65afa5103e1bffd7ca070']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T12:58:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2fb968c9-e5e3-4b24-8b1d-efd3ada12b7b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:51:10.000Z",
"modified": "2019-12-13T13:51:10.000Z",
"pattern": "[file:hashes.SHA1 = '53a44c2396d15c3a03723fa5e5db54cafd527635']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:51:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--da89646f-07af-4568-9b31-2c65c6b02730",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:51:14.000Z",
"modified": "2019-12-13T13:51:14.000Z",
"pattern": "[file:hashes.SHA1 = '9c5e496921e3bc882dc40694f1dcc3746a75db19']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:51:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6e35ecff-22ac-425f-a762-9be0777ba592",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:51:15.000Z",
"modified": "2019-12-13T13:51:15.000Z",
"pattern": "[file:hashes.SHA1 = 'aeb573accfd95758550cf30bf04f389a92922844']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:51:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--996a2bc0-ccfe-498c-8c90-76cc314ce0d2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:51:15.000Z",
"modified": "2019-12-13T13:51:15.000Z",
"pattern": "[file:hashes.SHA1 = '79ef78a797403a4ed1a616c68e07fff868a8650a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:51:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bbac27c8-bbc2-4b2f-a6eb-14a3a2a8372f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:51:15.000Z",
"modified": "2019-12-13T13:51:15.000Z",
"pattern": "[file:hashes.SHA1 = '4f6f38b4cec35e895d91c052b1f5a83d665c2196']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:51:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f263f4bd-a56e-4765-ab3d-a0119f26e56e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:51:16.000Z",
"modified": "2019-12-13T13:51:16.000Z",
"pattern": "[file:hashes.SHA1 = '1e8c2cac2e4ce7cbd33c3858eb2e24531cb8a84d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:51:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--08f20998-85ef-4436-babb-88289b5eb454",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:51:16.000Z",
"modified": "2019-12-13T13:51:16.000Z",
"pattern": "[file:hashes.SHA1 = 'e841a63e47361a572db9a7334af459ddca11347a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:51:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3d8a573b-fb90-4313-ba6d-947ba1898b88",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:51:17.000Z",
"modified": "2019-12-13T13:51:17.000Z",
"pattern": "[file:hashes.SHA1 = 'c28f606df28a9bc8df75a4d5e5837fc5522dd34d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:51:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--227aa6db-279d-4d22-913b-c1c913c53bca",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:51:17.000Z",
"modified": "2019-12-13T13:51:17.000Z",
"pattern": "[file:hashes.SHA1 = '2e94b305d6812a9f96e6781c888e48c7fb157b6b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:51:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--05335725-d07e-4334-a7b2-1955bc6986af",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:51:18.000Z",
"modified": "2019-12-13T13:51:18.000Z",
"pattern": "[file:hashes.SHA1 = 'dd44133716b8a241957b912fa6a02efde3ce3025']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:51:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f853a427-6331-46ab-b63c-3af015ff2e9c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:51:18.000Z",
"modified": "2019-12-13T13:51:18.000Z",
"pattern": "[file:hashes.SHA1 = '8793bf166cb89eb55f0593404e4e933ab605e803']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:51:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--18187a32-3e83-48fb-b46f-0a1f393cee30",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:51:19.000Z",
"modified": "2019-12-13T13:51:19.000Z",
"pattern": "[file:hashes.SHA1 = 'a39b57032dbb2335499a51e13470a7cd5d86b138']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:51:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8866af47-785b-49c3-8434-6e9e9645bce9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:51:20.000Z",
"modified": "2019-12-13T13:51:20.000Z",
"pattern": "[file:hashes.SHA1 = '41cc2b15c662bc001c0eb92f6cc222934f0beeea']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:51:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ec7c6a1d-bcdb-4b78-b97d-dc882cd85149",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:51:20.000Z",
"modified": "2019-12-13T13:51:20.000Z",
"pattern": "[file:hashes.SHA1 = 'd209430d6af54792371174e70e27dd11d3def7a7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:51:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a53cd17d-fea7-4aa3-a253-49d0fd227668",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:51:20.000Z",
"modified": "2019-12-13T13:51:20.000Z",
"pattern": "[file:hashes.SHA1 = '1c6452026c56efd2c94cea7e0f671eb55515edb0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:51:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--453c9095-c7d4-4f7b-8e18-5592705bb6cc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:51:33.000Z",
"modified": "2019-12-13T13:51:33.000Z",
"pattern": "[file:hashes.SHA1 = 'c6b41d3afdcdcaf9f442bbe772f5da871801fd5a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:51:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--97b788de-edb1-441f-87eb-77692b92d705",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:51:34.000Z",
"modified": "2019-12-13T13:51:34.000Z",
"pattern": "[file:hashes.SHA1 = '4923d460e22fbbf165bbbaba168e5a46b8157d9f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:51:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e2f4d2bb-d70b-4c5e-9993-9770649645ea",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:51:34.000Z",
"modified": "2019-12-13T13:51:34.000Z",
"pattern": "[file:hashes.SHA1 = 'f201504bd96e81d0d350c3a8332593ee1c9e09de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:51:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--656bff64-0ad2-4a70-889b-ef9a0a41f8a5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:51:35.000Z",
"modified": "2019-12-13T13:51:35.000Z",
"pattern": "[file:hashes.SHA1 = 'ddd2db1127632a2a52943a2fe516a2e7d05d70d2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:51:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--693e7281-40be-4cb3-8d42-f1b88c69afd9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:32.000Z",
"modified": "2019-12-13T13:57:32.000Z",
"pattern": "[file:hashes.MD5 = '96f56b9aff235a11ed946b50344edabd' AND file:hashes.SHA1 = 'c28f606df28a9bc8df75a4d5e5837fc5522dd34d' AND file:hashes.SHA256 = '6f690ccfd54c2b02f0c3cb89c938162c10cbeee693286e809579c540b07ed883']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:57:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5792ac9e-9214-4610-b440-f5afaa5d1539",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:32.000Z",
"modified": "2019-12-13T13:57:32.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-12-13T05:17:42",
"category": "Other",
"uuid": "d91da7de-b335-49e1-9593-9b2f71a3d378"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/6f690ccfd54c2b02f0c3cb89c938162c10cbeee693286e809579c540b07ed883/analysis/1576214262/",
"category": "Payload delivery",
"uuid": "4aebae14-d216-4f01-86cf-bfe16625140c"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "34/70",
"category": "Payload delivery",
"uuid": "b863ee68-dc5a-4623-9a84-17475c017e36"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--70155b79-cdd0-440e-bedd-0386e13c85eb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:32.000Z",
"modified": "2019-12-13T13:57:32.000Z",
"pattern": "[file:hashes.MD5 = 'c990e02f274127e7be060f40c9c79e8b' AND file:hashes.SHA1 = '1e8c2cac2e4ce7cbd33c3858eb2e24531cb8a84d' AND file:hashes.SHA256 = 'a370e47cb97b35f1ae6590d14ada7561d22b4a73be0cb6df7e851d85054b1ac3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:57:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--ce794ae7-39c0-4845-8bf8-38b89a365563",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:33.000Z",
"modified": "2019-12-13T13:57:33.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-12-13T08:46:40",
"category": "Other",
"uuid": "e64cc1e0-3a43-4c86-8aea-73d544222bb7"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/a370e47cb97b35f1ae6590d14ada7561d22b4a73be0cb6df7e851d85054b1ac3/analysis/1576226800/",
"category": "Payload delivery",
"uuid": "a1309c7b-f004-4c14-bbb2-b620d7abb255"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "20/70",
"category": "Payload delivery",
"uuid": "6ff64900-8e27-4c01-8e22-47c02f4b4b0c"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--102841b3-7248-485e-b1a8-9cc72ed1efbb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:33.000Z",
"modified": "2019-12-13T13:57:33.000Z",
"pattern": "[file:hashes.MD5 = '3586f78ad5596f68536dfd75df54db1e' AND file:hashes.SHA1 = '53a44c2396d15c3a03723fa5e5db54cafd527635' AND file:hashes.SHA256 = '9ae7c4a4e1cfe9b505c3a47e66551eb1357affee65bfefb0109d02f4e97c06dd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:57:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--33bc1e10-c0af-465f-96e8-cf37ab9202bf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:33.000Z",
"modified": "2019-12-13T13:57:33.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-12-13T11:02:11",
"category": "Other",
"uuid": "34ae0591-d663-4bf6-8b97-619c6facf553"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/9ae7c4a4e1cfe9b505c3a47e66551eb1357affee65bfefb0109d02f4e97c06dd/analysis/1576234931/",
"category": "Payload delivery",
"uuid": "feff165f-3940-4e94-bf82-c1226cd73755"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "18/70",
"category": "Payload delivery",
"uuid": "083a323a-4de3-4a03-bd8a-675014dcf4f2"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b6b3ac5a-b33a-422f-93c1-17a9ea2530b1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:33.000Z",
"modified": "2019-12-13T13:57:33.000Z",
"pattern": "[file:hashes.MD5 = '723a98a3b0f9db7e15533848abe1fdfb' AND file:hashes.SHA1 = 'aeb573accfd95758550cf30bf04f389a92922844' AND file:hashes.SHA256 = '657fc7e6447e0065d488a7db2caab13071e44741875044f9024ca843fe4e86b5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:57:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--3d5fb681-223c-43f5-95ca-1fd0a5901117",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:33.000Z",
"modified": "2019-12-13T13:57:33.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-12-13T05:07:33",
"category": "Other",
"uuid": "e07c14a6-4666-40b2-b3f6-7026967aa5da"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/657fc7e6447e0065d488a7db2caab13071e44741875044f9024ca843fe4e86b5/analysis/1576213653/",
"category": "Payload delivery",
"uuid": "eafe9e21-8c9d-4faa-bcfd-cada8479116b"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "28/69",
"category": "Payload delivery",
"uuid": "eeb1e6dc-a639-41e8-96f8-6e45e582a02f"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--978422c6-1b76-46fe-8ee6-09cf6b05a382",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:33.000Z",
"modified": "2019-12-13T13:57:33.000Z",
"pattern": "[file:hashes.MD5 = '55053850260a402fba7661a0c7920457' AND file:hashes.SHA1 = '4f6f38b4cec35e895d91c052b1f5a83d665c2196' AND file:hashes.SHA256 = '52fd7b90d7144ac448af4008be639d4d45c252e51823f4311011af3207a5fc77']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:57:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5cf9c477-54ee-4314-8618-94b32a714bd2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:33.000Z",
"modified": "2019-12-13T13:57:33.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-12-13T05:13:03",
"category": "Other",
"uuid": "09c31cff-f211-4f0c-81a7-0b92fc02d931"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/52fd7b90d7144ac448af4008be639d4d45c252e51823f4311011af3207a5fc77/analysis/1576213983/",
"category": "Payload delivery",
"uuid": "02adb680-af12-432e-83c0-4e3bc1eeeb17"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "19/70",
"category": "Payload delivery",
"uuid": "67e13421-5ecb-4dd3-b55f-b912a978fb42"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--db7f46ee-b12d-4740-b7f4-2a6a75d4d220",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:34.000Z",
"modified": "2019-12-13T13:57:34.000Z",
"pattern": "[file:hashes.MD5 = '7824babea1ebfc326648659cb69544f3' AND file:hashes.SHA1 = '2e94b305d6812a9f96e6781c888e48c7fb157b6b' AND file:hashes.SHA256 = '3c884f776fbd16597c072afd81029e8764dd57ee79d798829ca111f5e170bd8e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:57:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--cd155fb0-ffa7-4c2d-9abe-9da8b19e38a9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:34.000Z",
"modified": "2019-12-13T13:57:34.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-12-13T05:16:05",
"category": "Other",
"uuid": "b42cf5fe-00da-4f57-bbc8-6a980ad19874"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/3c884f776fbd16597c072afd81029e8764dd57ee79d798829ca111f5e170bd8e/analysis/1576214165/",
"category": "Payload delivery",
"uuid": "e250b83b-9623-47d4-a980-f036c0d1724e"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "27/70",
"category": "Payload delivery",
"uuid": "4e1fff20-4041-45b9-a25a-42faccf6e274"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--39743303-990f-4a10-ab79-e6d47f402ed7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:34.000Z",
"modified": "2019-12-13T13:57:34.000Z",
"pattern": "[file:hashes.MD5 = '2e834d8dde313e992997cbda050a15f1' AND file:hashes.SHA1 = '9c5e496921e3bc882dc40694f1dcc3746a75db19' AND file:hashes.SHA256 = '7772d624e1aed327abcd24ce2068063da0e31bb1d5d3bf2841fc977e198c6c5b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:57:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--b72db847-00e8-40b7-98f4-4f75dfb66774",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:34.000Z",
"modified": "2019-12-13T13:57:34.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-12-13T05:06:11",
"category": "Other",
"uuid": "985d4c3a-1472-4c08-9f3b-c85db8f3eb43"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/7772d624e1aed327abcd24ce2068063da0e31bb1d5d3bf2841fc977e198c6c5b/analysis/1576213571/",
"category": "Payload delivery",
"uuid": "809bee2f-38d3-46fa-967f-ad880079bf1f"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "27/69",
"category": "Payload delivery",
"uuid": "abccc32d-fad9-443d-bc3e-a0208d8bdf8d"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0437445d-8bc7-47a2-96a6-4f86ad3906bc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:34.000Z",
"modified": "2019-12-13T13:57:34.000Z",
"pattern": "[file:hashes.MD5 = '07de7a95efb47958b6f61e91e396f8e1' AND file:hashes.SHA1 = '8793bf166cb89eb55f0593404e4e933ab605e803' AND file:hashes.SHA256 = 'fe0e4ef832b62d49b43433e10c47dc51072959af93963c790892efc20ec422f1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:57:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--bbc49ff1-0987-4ad0-8546-454088138ebd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:34.000Z",
"modified": "2019-12-13T13:57:34.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-12-13T05:21:00",
"category": "Other",
"uuid": "3ba1c6dc-bc42-4ec7-aec3-4d2513c454aa"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/fe0e4ef832b62d49b43433e10c47dc51072959af93963c790892efc20ec422f1/analysis/1576214460/",
"category": "Payload delivery",
"uuid": "9929cdda-8240-4fcb-8e10-e11bbc49b53f"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "34/70",
"category": "Payload delivery",
"uuid": "5b3b1dbd-56bc-4055-bd17-7c2614059c01"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--53bc836d-94d5-4620-b23a-ce3bf3cc4b2e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:34.000Z",
"modified": "2019-12-13T13:57:34.000Z",
"pattern": "[file:hashes.MD5 = 'a2d9b9d9e2207168206ea47644325cfc' AND file:hashes.SHA1 = '41cc2b15c662bc001c0eb92f6cc222934f0beeea' AND file:hashes.SHA256 = '178d5ee8c04401d332af331087a80fb4e5e2937edfba7266f9be34a5029b6945']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:57:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--34935b31-c353-4fff-bbf8-6138b7a1509a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:35.000Z",
"modified": "2019-12-13T13:57:35.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-12-13T05:20:05",
"category": "Other",
"uuid": "bee7bb03-3869-47f8-92e1-92caf4de588c"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/178d5ee8c04401d332af331087a80fb4e5e2937edfba7266f9be34a5029b6945/analysis/1576214405/",
"category": "Payload delivery",
"uuid": "0546eeff-6ac3-4e73-95c8-a7367eebeef3"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "37/70",
"category": "Payload delivery",
"uuid": "92b72726-f2f8-4031-bee1-3cebda095f1d"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cdcde630-7eb0-4b15-ac5b-de2ce5429c42",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:35.000Z",
"modified": "2019-12-13T13:57:35.000Z",
"pattern": "[file:hashes.MD5 = 'c1836091070bf23af23e9eaf62d45380' AND file:hashes.SHA1 = 'a39b57032dbb2335499a51e13470a7cd5d86b138' AND file:hashes.SHA256 = '7ce9e1c5562c8a5c93878629a47fe6071a35d604ed57a8f918f3eadf82c11a9c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:57:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e7833a09-cac6-42ca-8b1a-945a7bfec0f6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:35.000Z",
"modified": "2019-12-13T13:57:35.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-12-13T05:19:25",
"category": "Other",
"uuid": "25f4e334-dfa0-4571-82cd-632e8f09bc97"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/7ce9e1c5562c8a5c93878629a47fe6071a35d604ed57a8f918f3eadf82c11a9c/analysis/1576214365/",
"category": "Payload delivery",
"uuid": "874c5a63-8f12-4c6b-a7d4-7d5e96f0bdec"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "31/70",
"category": "Payload delivery",
"uuid": "460c13d4-ec16-4513-b28f-de1554c90499"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ef2d67-fc65-4c12-ab9f-10ea2a89f9e0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:35.000Z",
"modified": "2019-12-13T13:57:35.000Z",
"pattern": "[file:hashes.MD5 = '9a97ddbb141d01ce0b1b994399cfb7dc' AND file:hashes.SHA1 = 'e841a63e47361a572db9a7334af459ddca11347a' AND file:hashes.SHA256 = '5bf80b871278a29f356bd42af1e35428aead20cd90b0c7642247afcaaa95b022']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:57:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--0cc004d1-66e1-471f-af25-5ed9301bc765",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:35.000Z",
"modified": "2019-12-13T13:57:35.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-12-13T05:13:50",
"category": "Other",
"uuid": "1470140e-a854-4eff-876f-296372ed2b6f"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/5bf80b871278a29f356bd42af1e35428aead20cd90b0c7642247afcaaa95b022/analysis/1576214030/",
"category": "Payload delivery",
"uuid": "eb72bc03-9c83-4050-ade5-242671cf68a4"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "48/69",
"category": "Payload delivery",
"uuid": "aee60370-6aa3-49fc-b8fe-f370a4b083aa"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--98de906b-cea2-4397-b05f-17ca7375d016",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:35.000Z",
"modified": "2019-12-13T13:57:35.000Z",
"pattern": "[file:hashes.MD5 = 'fee9bc26f55c2049e1b64616a442dc7b' AND file:hashes.SHA1 = '79ef78a797403a4ed1a616c68e07fff868a8650a' AND file:hashes.SHA256 = '2ef157a97e28574356e1d871abf75deca7d7a1ea662f38b577a06dd039dbae29']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-13T13:57:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--59638fcb-5d31-4187-8809-1ea84b8f6941",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-13T13:57:36.000Z",
"modified": "2019-12-13T13:57:36.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2018-11-20T16:14:01",
"category": "Other",
"uuid": "274253ce-2484-430a-b650-d496e365efb7"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/2ef157a97e28574356e1d871abf75deca7d7a1ea662f38b577a06dd039dbae29/analysis/1542730441/",
"category": "Payload delivery",
"uuid": "edcc66d8-48c3-4d2b-9728-87b7904e6e5b"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "33/65",
"category": "Payload delivery",
"uuid": "73195f2e-781b-4453-8169-7acff91432c6"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--ce4bab44-39db-47ea-990a-2a5293294d6b",
2023-04-21 14:44:17 +00:00
"created": "2019-12-13T13:57:36.000Z",
"modified": "2019-12-13T13:57:36.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--693e7281-40be-4cb3-8d42-f1b88c69afd9",
"target_ref": "x-misp-object--5792ac9e-9214-4610-b440-f5afaa5d1539"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--b77948fd-90d2-4c7f-b886-6d0801aaa8e4",
2023-04-21 14:44:17 +00:00
"created": "2019-12-13T13:57:37.000Z",
"modified": "2019-12-13T13:57:37.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--70155b79-cdd0-440e-bedd-0386e13c85eb",
"target_ref": "x-misp-object--ce794ae7-39c0-4845-8bf8-38b89a365563"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--f55c9f92-7566-4ae0-8a40-8ecee8f9975b",
2023-04-21 14:44:17 +00:00
"created": "2019-12-13T13:57:37.000Z",
"modified": "2019-12-13T13:57:37.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--102841b3-7248-485e-b1a8-9cc72ed1efbb",
"target_ref": "x-misp-object--33bc1e10-c0af-465f-96e8-cf37ab9202bf"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--d23a87ac-9344-4de7-a554-12922b1db624",
2023-04-21 14:44:17 +00:00
"created": "2019-12-13T13:57:37.000Z",
"modified": "2019-12-13T13:57:37.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--b6b3ac5a-b33a-422f-93c1-17a9ea2530b1",
"target_ref": "x-misp-object--3d5fb681-223c-43f5-95ca-1fd0a5901117"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--a97a70eb-f1ca-4c6d-92bb-d22e29d57d76",
2023-04-21 14:44:17 +00:00
"created": "2019-12-13T13:57:37.000Z",
"modified": "2019-12-13T13:57:37.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--978422c6-1b76-46fe-8ee6-09cf6b05a382",
"target_ref": "x-misp-object--5cf9c477-54ee-4314-8618-94b32a714bd2"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--a09a0713-8835-4966-aff0-35565e7be988",
2023-04-21 14:44:17 +00:00
"created": "2019-12-13T13:57:37.000Z",
"modified": "2019-12-13T13:57:37.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--db7f46ee-b12d-4740-b7f4-2a6a75d4d220",
"target_ref": "x-misp-object--cd155fb0-ffa7-4c2d-9abe-9da8b19e38a9"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--f1d7ec7e-41f4-44d4-aaf3-788a5d06b4fa",
2023-04-21 14:44:17 +00:00
"created": "2019-12-13T13:57:37.000Z",
"modified": "2019-12-13T13:57:37.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--39743303-990f-4a10-ab79-e6d47f402ed7",
"target_ref": "x-misp-object--b72db847-00e8-40b7-98f4-4f75dfb66774"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--48556c3b-1f92-4d7f-897a-a10fd1d773ad",
2023-04-21 14:44:17 +00:00
"created": "2019-12-13T13:57:37.000Z",
"modified": "2019-12-13T13:57:37.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--0437445d-8bc7-47a2-96a6-4f86ad3906bc",
"target_ref": "x-misp-object--bbc49ff1-0987-4ad0-8546-454088138ebd"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--c40afe6e-3c60-4aba-a4c0-6f3dfc6c4921",
2023-04-21 14:44:17 +00:00
"created": "2019-12-13T13:57:37.000Z",
"modified": "2019-12-13T13:57:37.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--53bc836d-94d5-4620-b23a-ce3bf3cc4b2e",
"target_ref": "x-misp-object--34935b31-c353-4fff-bbf8-6138b7a1509a"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--aa58f756-6999-47b6-9dd8-2b0bc6f8f10c",
2023-04-21 14:44:17 +00:00
"created": "2019-12-13T13:57:37.000Z",
"modified": "2019-12-13T13:57:37.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--cdcde630-7eb0-4b15-ac5b-de2ce5429c42",
"target_ref": "x-misp-object--e7833a09-cac6-42ca-8b1a-945a7bfec0f6"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--a7bafd83-7519-4b9a-9919-9bfa0d5f30c6",
2023-04-21 14:44:17 +00:00
"created": "2019-12-13T13:57:37.000Z",
"modified": "2019-12-13T13:57:37.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--57ef2d67-fc65-4c12-ab9f-10ea2a89f9e0",
"target_ref": "x-misp-object--0cc004d1-66e1-471f-af25-5ed9301bc765"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-08-07 08:13:15 +00:00
"id": "relationship--d0d6b12c-8718-419d-bfd6-59c8463439d0",
2023-04-21 14:44:17 +00:00
"created": "2019-12-13T13:57:37.000Z",
"modified": "2019-12-13T13:57:37.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--98de906b-cea2-4397-b05f-17ca7375d016",
"target_ref": "x-misp-object--59638fcb-5d31-4187-8809-1ea84b8f6941"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}