2023-04-21 14:44:17 +00:00
{
"type" : "bundle" ,
"id" : "bundle--5a3cbdf8-172c-4738-9b96-c31d950d210f" ,
"objects" : [
{
"type" : "identity" ,
"spec_version" : "2.1" ,
"id" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-10-30T14:28:47.000Z" ,
"modified" : "2018-10-30T14:28:47.000Z" ,
"name" : "CIRCL" ,
"identity_class" : "organization"
} ,
{
"type" : "grouping" ,
"spec_version" : "2.1" ,
"id" : "grouping--5a3cbdf8-172c-4738-9b96-c31d950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-10-30T14:28:47.000Z" ,
"modified" : "2018-10-30T14:28:47.000Z" ,
"name" : "OSINT - Digmine Cryptocurrency Miner Spreading via Facebook Messenger" ,
"context" : "suspicious-activity" ,
"object_refs" : [
"observed-data--5a3cbe23-e3fc-4f14-8aad-55ea950d210f" ,
"url--5a3cbe23-e3fc-4f14-8aad-55ea950d210f" ,
"x-misp-attribute--5a5cbdca-e130-4082-b292-44c2950d210f" ,
"indicator--5a5cbf71-02d0-4661-94ac-48c4950d210f" ,
"indicator--5a5cbf72-c6a8-4c3e-902e-40e3950d210f" ,
"indicator--5a5cbf73-2cc8-4645-ab88-464f950d210f" ,
"indicator--5a5cbf73-8c2c-4b1d-be95-40dd950d210f" ,
"indicator--5a5cbf73-59d0-4ddb-a95d-4a41950d210f" ,
"indicator--5a5cbf74-d9c4-4822-a6da-498a950d210f" ,
"indicator--5a5cbf74-2274-4921-aa86-40ef950d210f" ,
"indicator--5a5cbf75-d1c4-47b5-b69d-4f2e950d210f" ,
"indicator--5a5cbf76-2460-4448-970d-4de2950d210f" ,
"indicator--5a5cbf76-0f24-480e-a813-4d2e950d210f" ,
"indicator--5a5cbf76-4d2c-4785-9161-430b950d210f" ,
"indicator--5a5cbfe3-c574-4f96-978e-42b7950d210f" ,
"indicator--5a5cbfe4-f630-44c2-9af1-4329950d210f" ,
"indicator--5a5cbfe4-cd54-4c67-8652-4b98950d210f" ,
"indicator--c9227520-0ad9-46ab-95c3-cbccbfca0d41" ,
"x-misp-object--84ba4228-3be2-4c13-875f-52799e79680f" ,
"indicator--96f46bd7-e112-46d4-b676-1bbb1d0065a4" ,
"x-misp-object--e48a8058-0d5c-45fe-b3a3-5b1a52e928e6" ,
2024-04-05 12:15:17 +00:00
"relationship--7895f26f-c839-4bc9-b222-1ed407edebd0" ,
"relationship--fc1da9a6-0ca9-4a0b-8865-e687134ed26d"
2023-04-21 14:44:17 +00:00
] ,
"labels" : [
"Threat-Report" ,
"misp:tool=\"MISP-STIX-Converter\"" ,
"misp-galaxy:tool=\"Digmine\"" ,
"dnc:malware-type=\"CoinMiner\"" ,
"workflow:state=\"complete\""
] ,
"object_marking_refs" : [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5a3cbe23-e3fc-4f14-8aad-55ea950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T14:01:54.000Z" ,
"modified" : "2018-02-09T14:01:54.000Z" ,
"first_observed" : "2018-02-09T14:01:54Z" ,
"last_observed" : "2018-02-09T14:01:54Z" ,
"number_observed" : 1 ,
"object_refs" : [
"url--5a3cbe23-e3fc-4f14-8aad-55ea950d210f"
] ,
"labels" : [
"misp:type=\"link\"" ,
"misp:category=\"External analysis\"" ,
"osint:source-type=\"blog-post\""
]
} ,
{
"type" : "url" ,
"spec_version" : "2.1" ,
"id" : "url--5a3cbe23-e3fc-4f14-8aad-55ea950d210f" ,
"value" : "http://blog.trendmicro.com/trendlabs-security-intelligence/digmine-cryptocurrency-miner-spreading-via-facebook-messenger/"
} ,
{
"type" : "x-misp-attribute" ,
"spec_version" : "2.1" ,
"id" : "x-misp-attribute--5a5cbdca-e130-4082-b292-44c2950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T14:01:55.000Z" ,
"modified" : "2018-02-09T14:01:55.000Z" ,
"labels" : [
"misp:type=\"comment\"" ,
"misp:category=\"External analysis\"" ,
"osint:source-type=\"blog-post\""
] ,
"x_misp_category" : "External analysis" ,
"x_misp_type" : "comment" ,
"x_misp_value" : "We found a new cryptocurrency-mining bot spreading through Facebook Messenger, which we first observed in South Korea. We named this Digmine based on the moniker (\ube44\ud2b8\ucf54\uc778 \ucc44\uad74\uae30 bot) it was referred to in a report of recent related incidents in South Korea. We\u2019ve also seen Digmine spreading in other regions such as Vietnam, Azerbaijan, Ukraine, Vietnam, Philippines, Thailand, and Venezuela. It\u2019s not far-off for Digmine to reach other countries given the way it propagates."
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a5cbf71-02d0-4661-94ac-48c4950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T14:01:55.000Z" ,
"modified" : "2018-02-09T14:01:55.000Z" ,
"description" : "C&C" ,
"pattern" : "[domain-name:value = 'vijus.bid']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T14:01:55Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a5cbf72-c6a8-4c3e-902e-40e3950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T14:01:55.000Z" ,
"modified" : "2018-02-09T14:01:55.000Z" ,
"description" : "C&C" ,
"pattern" : "[domain-name:value = 'ozivu.bid']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T14:01:55Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a5cbf73-2cc8-4645-ab88-464f950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T14:01:56.000Z" ,
"modified" : "2018-02-09T14:01:56.000Z" ,
"description" : "C&C" ,
"pattern" : "[domain-name:value = 'thisdayfunnyday.space']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T14:01:56Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a5cbf73-8c2c-4b1d-be95-40dd950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T14:01:56.000Z" ,
"modified" : "2018-02-09T14:01:56.000Z" ,
"description" : "C&C" ,
"pattern" : "[domain-name:value = 'thisaworkstation.space']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T14:01:56Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a5cbf73-59d0-4ddb-a95d-4a41950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T14:01:57.000Z" ,
"modified" : "2018-02-09T14:01:57.000Z" ,
"description" : "C&C" ,
"pattern" : "[domain-name:value = 'mybigthink.space']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T14:01:57Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a5cbf74-d9c4-4822-a6da-498a950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T14:01:57.000Z" ,
"modified" : "2018-02-09T14:01:57.000Z" ,
"description" : "C&C" ,
"pattern" : "[domain-name:value = 'mokuz.bid']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T14:01:57Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a5cbf74-2274-4921-aa86-40ef950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T14:01:57.000Z" ,
"modified" : "2018-02-09T14:01:57.000Z" ,
"description" : "C&C" ,
"pattern" : "[domain-name:value = 'pabus.bid']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T14:01:57Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a5cbf75-d1c4-47b5-b69d-4f2e950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T14:01:58.000Z" ,
"modified" : "2018-02-09T14:01:58.000Z" ,
"description" : "C&C" ,
"pattern" : "[domain-name:value = 'yezav.bid']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T14:01:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a5cbf76-2460-4448-970d-4de2950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T14:01:58.000Z" ,
"modified" : "2018-02-09T14:01:58.000Z" ,
"description" : "C&C" ,
"pattern" : "[domain-name:value = 'bigih.bid']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T14:01:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a5cbf76-0f24-480e-a813-4d2e950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T14:01:59.000Z" ,
"modified" : "2018-02-09T14:01:59.000Z" ,
"description" : "C&C" ,
"pattern" : "[domain-name:value = 'taraz.bid']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T14:01:59Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a5cbf76-4d2c-4785-9161-430b950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T14:01:59.000Z" ,
"modified" : "2018-02-09T14:01:59.000Z" ,
"description" : "C&C" ,
"pattern" : "[domain-name:value = 'megu.info']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T14:01:59Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a5cbfe3-c574-4f96-978e-42b7950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-15T14:51:15.000Z" ,
"modified" : "2018-01-15T14:51:15.000Z" ,
"description" : "detected as TROJ_DIGMINEIN.A" ,
"pattern" : "[file:hashes.SHA256 = 'beb7274d78c63aa44515fe6bbfd324f49ec2cc0b8650aeb2d6c8ab61a0ae9f1d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-15T14:51:15Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a5cbfe4-f630-44c2-9af1-4329950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-15T14:51:16.000Z" ,
"modified" : "2018-01-15T14:51:16.000Z" ,
"description" : "detected as BREX_DIGMINEEX.A" ,
"pattern" : "[file:hashes.SHA256 = '5a5b8551a82c57b683f9bd8ba49aefeab3d7c9d299a2d2cb446816cd15d3b3e9']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-15T14:51:16Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a5cbfe4-cd54-4c67-8652-4b98950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-15T14:51:16.000Z" ,
"modified" : "2018-01-15T14:51:16.000Z" ,
"description" : "detected as TROJ_DIGMINE.A" ,
"pattern" : "[file:hashes.SHA256 = 'f7e0398ae1f5a2f48055cf712b08972a1b6eb14579333bf038d37ed862c55909']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-15T14:51:16Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c9227520-0ad9-46ab-95c3-cbccbfca0d41" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T14:02:03.000Z" ,
"modified" : "2018-02-09T14:02:03.000Z" ,
"pattern" : "[file:hashes.MD5 = 'd0857aba2c626d554c6982d2d2d4db8a' AND file:hashes.SHA1 = '772e3fab70b1c8339064d2a8b75413819d9e4a5d' AND file:hashes.SHA256 = 'beb7274d78c63aa44515fe6bbfd324f49ec2cc0b8650aeb2d6c8ab61a0ae9f1d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T14:02:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--84ba4228-3be2-4c13-875f-52799e79680f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T14:02:01.000Z" ,
"modified" : "2018-02-09T14:02:01.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/beb7274d78c63aa44515fe6bbfd324f49ec2cc0b8650aeb2d6c8ab61a0ae9f1d/analysis/1515510769/" ,
"category" : "External analysis" ,
"comment" : "detected as TROJ_DIGMINEIN.A" ,
"uuid" : "5a7da9d9-1868-4623-acc4-7f4202de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "47/67" ,
"category" : "Other" ,
"comment" : "detected as TROJ_DIGMINEIN.A" ,
"uuid" : "5a7da9da-8140-46c2-be5b-7f4202de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-09 15:12:49" ,
"category" : "Other" ,
"comment" : "detected as TROJ_DIGMINEIN.A" ,
"uuid" : "5a7da9da-16a0-438f-abe8-7f4202de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--96f46bd7-e112-46d4-b676-1bbb1d0065a4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T14:02:05.000Z" ,
"modified" : "2018-02-09T14:02:05.000Z" ,
"pattern" : "[file:hashes.MD5 = '8f7ac245965e43d521bf6870ef3ff924' AND file:hashes.SHA1 = 'c5db86423e0f50a46daea2f3025fad7d9b7b0d1c' AND file:hashes.SHA256 = 'f7e0398ae1f5a2f48055cf712b08972a1b6eb14579333bf038d37ed862c55909']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T14:02:05Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--e48a8058-0d5c-45fe-b3a3-5b1a52e928e6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T14:02:04.000Z" ,
"modified" : "2018-02-09T14:02:04.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/f7e0398ae1f5a2f48055cf712b08972a1b6eb14579333bf038d37ed862c55909/analysis/1515510846/" ,
"category" : "External analysis" ,
"comment" : "detected as TROJ_DIGMINE.A" ,
"uuid" : "5a7da9dc-fb64-4968-bff4-7f4202de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "45/67" ,
"category" : "Other" ,
"comment" : "detected as TROJ_DIGMINE.A" ,
"uuid" : "5a7da9dc-2c44-478f-90d7-7f4202de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-09 15:14:06" ,
"category" : "Other" ,
"comment" : "detected as TROJ_DIGMINE.A" ,
"uuid" : "5a7da9dd-d220-4017-b954-7f4202de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-04-05 12:15:17 +00:00
"id" : "relationship--7895f26f-c839-4bc9-b222-1ed407edebd0" ,
2023-04-21 14:44:17 +00:00
"created" : "2018-02-16T08:56:38.000Z" ,
"modified" : "2018-02-16T08:56:38.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--c9227520-0ad9-46ab-95c3-cbccbfca0d41" ,
"target_ref" : "x-misp-object--84ba4228-3be2-4c13-875f-52799e79680f"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-04-05 12:15:17 +00:00
"id" : "relationship--fc1da9a6-0ca9-4a0b-8865-e687134ed26d" ,
2023-04-21 14:44:17 +00:00
"created" : "2018-02-16T08:56:38.000Z" ,
"modified" : "2018-02-16T08:56:38.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--96f46bd7-e112-46d4-b676-1bbb1d0065a4" ,
"target_ref" : "x-misp-object--e48a8058-0d5c-45fe-b3a3-5b1a52e928e6"
} ,
{
"type" : "marking-definition" ,
"spec_version" : "2.1" ,
"id" : "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ,
"created" : "2017-01-20T00:00:00.000Z" ,
"definition_type" : "tlp" ,
"name" : "TLP:WHITE" ,
"definition" : {
"tlp" : "white"
}
}
]
}