2023-04-21 14:44:17 +00:00
{
"type" : "bundle" ,
"id" : "bundle--5c4a2972-fd10-4470-936d-4d2a02de0b81" ,
"objects" : [
{
"type" : "identity" ,
"spec_version" : "2.1" ,
"id" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:10:13.000Z" ,
"modified" : "2019-01-24T21:10:13.000Z" ,
"name" : "CIRCL" ,
"identity_class" : "organization"
} ,
{
"type" : "report" ,
"spec_version" : "2.1" ,
"id" : "report--5c4a2972-fd10-4470-936d-4d2a02de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:10:13.000Z" ,
"modified" : "2019-01-24T21:10:13.000Z" ,
"name" : "IOCs Associated with DNS Infrastructure Tampering" ,
"published" : "2019-01-24T21:10:52Z" ,
"object_refs" : [
"x-misp-attribute--95924852-631e-42e7-aa8b-c6a33b8b6f55" ,
"indicator--e0bc1d90-2009-11e9-82a3-d89ef344f46d" ,
"indicator--e0bc1d93-2009-11e9-88e3-d89ef344f46d" ,
"indicator--e0bc1d96-2009-11e9-9efa-d89ef344f46d" ,
"indicator--e0bc1d99-2009-11e9-9294-d89ef344f46d" ,
"indicator--e0bc1d9c-2009-11e9-af0f-d89ef344f46d" ,
"indicator--e0bc1d9f-2009-11e9-8bc6-d89ef344f46d" ,
"indicator--e0bc1da2-2009-11e9-9b93-d89ef344f46d" ,
"indicator--e0bc1db7-2009-11e9-b508-d89ef344f46d" ,
"indicator--e0bc1da5-2009-11e9-b493-d89ef344f46d" ,
"indicator--e0bc1da8-2009-11e9-b8b3-d89ef344f46d" ,
"indicator--e0bc1db1-2009-11e9-8d13-d89ef344f46d" ,
"indicator--e0bc1dab-2009-11e9-9492-d89ef344f46d" ,
"indicator--e0bc1dae-2009-11e9-881a-d89ef344f46d" ,
"indicator--e0bc1db4-2009-11e9-a9d7-d89ef344f46d" ,
"indicator--e0bc1dba-2009-11e9-babc-d89ef344f46d" ,
"indicator--e0be6782-2009-11e9-b60b-d89ef344f46d" ,
"indicator--e0be6785-2009-11e9-9867-d89ef344f46d" ,
"indicator--e0be6788-2009-11e9-9b1e-d89ef344f46d" ,
"x-misp-object--5c4a2973-421c-4138-9787-4b8902de0b81" ,
"x-misp-object--1b2a8dae-f9e6-4d7a-bb5a-e5e27d5966e0" ,
"x-misp-object--a576549e-7bae-4dd1-a5f3-4e0a66209a64" ,
"x-misp-object--d6bc7998-9cad-4353-851f-f31860ed8366" ,
2024-04-05 12:15:17 +00:00
"relationship--170e9eda-9cab-4160-9eb1-9f8e71c4c3d1" ,
"relationship--3f80a3e8-2d7a-44cb-87fc-53689c1c4e73" ,
"relationship--a64e661f-bd15-43e8-8e44-43cff4ef72d2"
2023-04-21 14:44:17 +00:00
] ,
"labels" : [
"Threat-Report" ,
"misp:tool=\"MISP-STIX-Converter\"" ,
"type:OSINT" ,
"osint:lifetime=\"perpetual\""
] ,
"object_marking_refs" : [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
} ,
{
"type" : "x-misp-attribute" ,
"spec_version" : "2.1" ,
"id" : "x-misp-attribute--95924852-631e-42e7-aa8b-c6a33b8b6f55" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:07.000Z" ,
"modified" : "2019-01-24T21:09:07.000Z" ,
"labels" : [
"misp:type=\"comment\"" ,
"misp:category=\"Other\""
] ,
"x_misp_category" : "Other" ,
"x_misp_comment" : "Imported from STIX header description" ,
"x_misp_type" : "comment" ,
"x_misp_value" : "The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a global Domain Name System (DNS) infrastructure hijacking campaign. Using compromised credentials, an attacker can modify the location to which an organization\u00e2\u20ac\u2122s domain name resources resolve. This enables the attacker to redirect user traffic to attacker-controlled infrastructure and obtain valid encryption certificates for an organization\u00e2\u20ac\u2122s domain names, enabling man-in-the-middle attacks."
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e0bc1d90-2009-11e9-82a3-d89ef344f46d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:07.000Z" ,
"modified" : "2019-01-24T21:09:07.000Z" ,
"pattern" : "[url:value = 'http://hr-suncor.com/Suncor_employment_form.doc']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-01-24T21:09:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e0bc1d93-2009-11e9-88e3-d89ef344f46d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:07.000Z" ,
"modified" : "2019-01-24T21:09:07.000Z" ,
"pattern" : "[url:value = 'http://hr-wipro.com/Wipro_Working_Conditions.doc']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-01-24T21:09:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e0bc1d96-2009-11e9-9efa-d89ef344f46d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:07.000Z" ,
"modified" : "2019-01-24T21:09:07.000Z" ,
"pattern" : "[domain-name:value = 'hr-wipro.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-01-24T21:09:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e0bc1d99-2009-11e9-9294-d89ef344f46d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:07.000Z" ,
"modified" : "2019-01-24T21:09:07.000Z" ,
"pattern" : "[domain-name:value = 'hr-suncor.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-01-24T21:09:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e0bc1d9c-2009-11e9-af0f-d89ef344f46d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:07.000Z" ,
"modified" : "2019-01-24T21:09:07.000Z" ,
"pattern" : "[domain-name:value = '0ffice36o.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-01-24T21:09:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e0bc1d9f-2009-11e9-8bc6-d89ef344f46d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:07.000Z" ,
"modified" : "2019-01-24T21:09:07.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.20.184.138']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-01-24T21:09:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e0bc1da2-2009-11e9-9b93-d89ef344f46d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:07.000Z" ,
"modified" : "2019-01-24T21:09:07.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.161.211.72']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-01-24T21:09:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e0bc1db7-2009-11e9-b508-d89ef344f46d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:07.000Z" ,
"modified" : "2019-01-24T21:09:07.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.161.23.204']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-01-24T21:09:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e0bc1da5-2009-11e9-b493-d89ef344f46d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:07.000Z" ,
"modified" : "2019-01-24T21:09:07.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.20.187.8']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-01-24T21:09:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e0bc1da8-2009-11e9-b8b3-d89ef344f46d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:07.000Z" ,
"modified" : "2019-01-24T21:09:07.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.174.101.168']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-01-24T21:09:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e0bc1db1-2009-11e9-8d13-d89ef344f46d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:07.000Z" ,
"modified" : "2019-01-24T21:09:07.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.161.187.200']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-01-24T21:09:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e0bc1dab-2009-11e9-9492-d89ef344f46d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:07.000Z" ,
"modified" : "2019-01-24T21:09:07.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.161.211.79']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-01-24T21:09:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e0bc1dae-2009-11e9-881a-d89ef344f46d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:07.000Z" ,
"modified" : "2019-01-24T21:09:07.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.236.78.63']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-01-24T21:09:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e0bc1db4-2009-11e9-a9d7-d89ef344f46d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:07.000Z" ,
"modified" : "2019-01-24T21:09:07.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '209.141.38.71']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-01-24T21:09:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e0bc1dba-2009-11e9-babc-d89ef344f46d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:07.000Z" ,
"modified" : "2019-01-24T21:09:07.000Z" ,
"pattern" : "[file:hashes.MD5 = '9c8507a1fd7d2579777723b53fee1f3e' AND file:hashes.SHA1 = '48b620df71087bd333284c91e52f0cfed1f2d00e' AND file:hashes.SHA256 = '82285b6743cc5e3545d8e67740a4d04c5aed138d9f31d7c16bd11188a2042969']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-01-24T21:09:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e0be6782-2009-11e9-b60b-d89ef344f46d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:49.000Z" ,
"modified" : "2019-01-24T21:09:49.000Z" ,
"pattern" : "[file:hashes.MD5 = '807482efce3397ece64a1ded3d436139' AND file:hashes.SHA1 = '9ea865e000e3e15cec15efc466801bb181ba40a1' AND file:hashes.SHA256 = '9ea577a4b3faaf04a3bddbfcb934c9752bed0d0fc579f2152751c5f6923f7e14' AND file:hashes.SSDEEP = '6144:2LOUuU4uDIOjsHFtXwIUPgTiN13sh/2xWoV/hGkWC92Vr3Lu19RmAMZQzm18IBHf:tU4jdltXwnQ01txj4kB257qmJkm1ldU' AND file:name = 'Suncor_employment_form.doc' AND file:size = '623616']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-01-24T21:09:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e0be6785-2009-11e9-9867-d89ef344f46d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:49.000Z" ,
"modified" : "2019-01-24T21:09:49.000Z" ,
"pattern" : "[file:hashes.MD5 = 'c00c9f6ebf2979292d524acff19dd306' AND file:hashes.SHA1 = '1022620da25db2497dc237adedb53755e6b859e3' AND file:hashes.SHA256 = '45a9edb24d4174592c69d9d37a534a518fbe2a88d3817fc0cc739e455883b8ff' AND file:hashes.SSDEEP = '3072:t3zwUAyRvKFnQStbQQYZrmQC2mCe0t4zu9Cv/QQ3TFnDSF0bNg0+B0tguKtEfT5s:dydXtbiktzu96QItD46NgjA0mFs' AND file:size = '368640']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-01-24T21:09:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e0be6788-2009-11e9-9b1e-d89ef344f46d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:49.000Z" ,
"modified" : "2019-01-24T21:09:49.000Z" ,
"pattern" : "[file:hashes.MD5 = 'd2052cb9016dab6592c532d5ea47cb7e' AND file:hashes.SHA1 = '1c1fbda6ffc4d19be63a630bd2483f3d2f7aa1f5' AND file:hashes.SHA256 = '2010f38ef300be4349e7bc287e720b1ecec678cacbf0ea0556bcf765f6e073ec' AND file:hashes.SSDEEP = '3072:OL1w0Cyf/TYsq6wjRbQC2mCr2v4Q/DfvBgLCOledbqIyWu0jPhVyWxg/MB/RzS:Oz4xI1Q/DxWleNqgu0jpjZS' AND file:size = '372736']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-01-24T21:09:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--5c4a2973-421c-4138-9787-4b8902de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:07.000Z" ,
"modified" : "2019-01-24T21:09:07.000Z" ,
"labels" : [
"misp:name=\"original-imported-file\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "attachment" ,
"object_relation" : "imported-sample" ,
"value" : "AA19-024_IOCs.stix.xml" ,
"category" : "External analysis" ,
"uuid" : "5c4a2974-2724-4cc3-a3f4-44a402de0b81" ,
"data" : " P C E t L S B H Z W 5 l c m F 0 Z W Q g Y n k g S U J U b 29 s I H Y x L j F 0 I G 9 u I D A x L z I 0 L z I w M T k g L S 0 + C j x z d G l 4 O l N U S V h f U G F j a 2 F n Z S B 4 b W x u c z p j e W J v e E N v b W 1 v b j 0 i a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 j b 21 t b 24 t M i I g e G 1 s b n M 6 Y 3 l i b 3 g 9 I m h 0 d H A 6 L y 9 j e W J v e C 5 t a X R y Z S 5 v c m c v Y 3 l i b 3 g t M i I g e G 1 s b n M 6 Y 3 l i b 3 h W b 2 N h Y n M 9 I m h 0 d H A 6 L y 9 j e W J v e C 5 t a X R y Z S 5 v c m c v Z G V m Y X V s d F 92 b 2 N h Y n V s Y X J p Z X M t M i I g e G 1 s b n M 6 Q W R k c m V z c 0 9 i a j 0 i a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 v Y m p l Y 3 R z I 0 F k Z H J l c 3 N P Y m p l Y 3 Q t M i I g e G 1 s b n M 6 R G 9 t Y W l u T m F t Z U 9 i a j 0 i a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 v Y m p l Y 3 R z I 0 R v b W F p b k 5 h b W V P Y m p l Y 3 Q t M S I g e G 1 s b n M 6 R m l s Z U 9 i a j 0 i a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 v Y m p l Y 3 R z I 0 Z p b G V P Y m p l Y 3 Q t M i I g e G 1 s b n M 6 V V J J T 2 J q P S J o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 29 i a m V j d H M j V V J J T 2 J q Z W N 0 L T I i I H h t b G 5 z O m 1 h c m t p b m c 9 I m h 0 d H A 6 L y 9 k Y X R h L W 1 h c m t p b m c u b W l 0 c m U u b 3 J n L 0 1 h c m t p b m c t M S I g e G 1 s b n M 6 d G x w T W F y a 2 l u Z z 0 i a H R 0 c D o v L 2 R h d G E t b W F y a 2 l u Z y 5 t a X R y Z S 5 v c m c v Z X h 0 Z W 5 z a W 9 u c y 9 N Y X J r a W 5 n U 3 R y d W N 0 d X J l I 1 R M U C 0 x I i B 4 b W x u c z p U T 1 V N Y X J r a W 5 n P S J o d H R w O i 8 v Z G F 0 Y S 1 t Y X J r a W 5 n L m 1 p d H J l L m 9 y Z y 9 l e H R l b n N p b 25 z L 0 1 h c m t p b m d T d H J 1 Y 3 R 1 c m U j V G V y b X N f T 2 Z f V X N l L T E i I H h t b G 5 z O m l u Z G l j Y X R v c j 0 i a H R 0 c D o v L 3 N 0 a X g u b W l 0 c m U u b 3 J n L 0 l u Z G l j Y X R v c i 0 y I i B 4 b W x u c z p z d G l 4 Q 29 t b W 9 u P S J o d H R w O i 8 v c 3 R p e C 5 t a X R y Z S 5 v c m c v Y 29 t b W 9 u L T E i I H h t b G 5 z O n N 0 a X h W b 2 N h Y n M 9 I m h 0 d H A 6 L y 9 z d G l 4 L m 1 p d H J l L m 9 y Z y 9 k Z W Z h d W x 0 X 3 Z v Y 2 F i d W x h c m l l c y 0 x I i B 4 b W x u c z p z d G l 4 P S J o d H R w O i 8 v c 3 R p e C 5 t a X R y Z S 5 v c m c v c 3 R p e C 0 x I i B 4 b W x u c z p O Q 0 N J Q z 0 i a H R 0 c D o v L 3 d 3 d y 51 c y 1 j Z X J 0 L m d v d i 9 u Y 2 N p Y y I g e G 1 s b n M 6 Q 0 l T Q 1 A 9 I m h 0 d H A 6 L y 91 c y 1 j Z X J 0 L m d v d i 9 j a X N j c C I g e G 1 s b n M 6 e H N p P S J o d H R w O i 8 v d 3 d 3 L n c z L m 9 y Z y 8 y M D A x L 1 h N T F N j a G V t Y S 1 p b n N 0 Y W 5 j Z S I g e H N p O n N j a G V t Y U x v Y 2 F 0 a W 9 u P S I g I G h 0 d H A 6 L y 9 j e W J v e C 5 t a X R y Z S 5 v c m c v Y 29 t b W 9 u L T I g a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 Y T U x T Y 2 h l b W E v Y 29 t b W 9 u L z I u M S 9 j e W J v e F 9 j b 21 t b 24 u e H N k I C B o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 2 N 5 Y m 94 L T I g a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 Y T U x T Y 2 h l b W E v Y 29 y Z S 8 y L j E v Y 3 l i b 3 h f Y 29 y Z S 54 c 2 Q g I G h 0 d H A 6 L y 9 j e W J v e C 5 t a X R y Z S 5 v c m c v Z G V m Y X V s d F 92 b 2 N h Y n V s Y X J p Z X M t M i B o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 1 h N T F N j a G V t Y S 9 k Z W Z h d W x 0 X 3 Z v Y 2 F i d W x h c m l l c y 8 y L j E v Y 3 l i b 3 h f Z G V m Y X V s d F 92 b 2 N h Y n V s Y X J p Z X M u e H N k I C B o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 29 i a m V j d H M j Q W R k c m V z c 0 9 i a m V j d C 0 y I G h 0 d H A 6 L y 9 j e W J v e C 5 t a X R y Z S 5 v c m c v W E 1 M U 2 N o Z W 1 h L 29 i a m V j d H M v Q W R k c m V z c y 8 y L j E v Q W R k c m V z c 19 P Y m p l Y 3 Q u e H N k I C B o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 29 i a m V j d H M j R G 9 t Y W l u T m F t Z U 9 i a m V j d C 0 x I G h 0 d H A 6 L y 9 j e W J v e C 5 t a X R y Z S 5 v c m c v W E 1 M U 2 N o Z W 1 h L 29 i a m V j d H M v R G 9 t Y W l u X 0 5 h b W U v M S 4 w L 0 R v b W F p b l 9 O Y W 1 l X 0 9 i a m V j d C 54 c 2 Q g I G h 0 d H A 6 L y 9 j e W J v e C 5 t a X R y Z S 5 v c m c v b 2 J q Z W N 0 c y N G a W x l T 2 J q Z W N 0 L T I g a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 Y T U x T Y 2 h l b W E v b 2 J q Z W N 0 c y 9 G a W x l L z I u M S 9 G a W x l X 0 9 i a m V j d C 54 c 2 Q g I G h 0 d H A 6 L y 9 j e W J v e C 5 t a X R y Z S 5 v c m c v b 2 J q Z W N 0 c y N V U k l P Y m p l Y 3 Q t M i B o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 1 h N T F N j a G V t Y S 9 v Y m p l Y 3 R z L 1 V S S S 8 y L j E v V V J J X 0 9 i a m V j d C 54 c 2 Q g I G h 0 d H A 6 L y 9 k Y X R h L W 1 h c m t p b m c u b W l 0 c m U u b 3 J n L 0 1 h c m t p b m c t M S B o d H R w O i 8 v c 3 R p e C 5 t a X R y Z S 5 v c m c v W E 1 M U 2 N o Z W 1 h L 2 R h d G F f b W F y a 2 l u Z y 8 x L j E u M S 9 k Y X R h X 21 h c m t p b m c u e H N k I C B o d H R w O i 8 v Z G F 0 Y S 1 t Y X J r a W 5 n L m 1 p d H J l L m 9 y Z y 9 l e H R l b n N p b 25 z L 0 1 h c m t p b m d T d H J 1 Y 3 R 1 c m U j V E x Q L T E g a H R 0 c D o v L 3 N 0 a X g u b W l 0 c m U u b 3 J n L 1 h N T F N j a G V t Y S 9 l e H R l b n N p b 25 z L 21 h c m t p b m c v d G x w L z E u M S 4 x L 3 R s c F 9 t Y X J r a W 5 n L n h z Z C A g a H R 0 c D o v L 2 R h d G E t b W F y a 2 l u Z y 5 t a X R y Z S 5 v c m c v Z X h 0 Z W 5 z a W 9 u c y 9 N Y X J r a W 5 n U 3 R y d W N 0 d X J l I 1 R l c m 1 z X 0 9 m X 1 V z Z S 0 x I G h 0 d H A 6 L y 9 z d G l 4 L m 1 p d H J l L m 9 y Z y 9 Y T U x T Y 2 h l b W E v Z X h 0 Z W 5 z a W 9 u c y 9 t Y X J r a W 5 n L 3 R l c m 1 z X 29 m X 3 V z Z S 8 x L j A u M S 90 Z X J t c 19 v Z l 91 c 2 V f b W F y a 2 l u Z y 54 c 2 Q g I G h 0 d H A 6 L y 9 z d G l 4 L m 1 p d H J l L m 9 y Z y 9 J b m R p Y 2 F 0 b 3 I t M i B o d H R w O i 8 v c 3 R p e C 5 t a X R y Z S 5 v c m c v W E 1 M U 2 N o Z W 1 h L 2 l u Z G l j Y X R v c i 8 y L j E u M S 9 p b m R p Y 2 F 0 b 3 I u e H N k I C B o d H R w O i 8 v c 3 R p e C 5 t a X R y Z S 5 v c m c v Y 29 t b W 9 u L T E g a H R 0 c D o v L 3 N 0 a X g u b W l 0 c m U u b 3 J n L 1 h N T F N j a G V t Y S 9 j b 21 t b 24 v M S 4 x L j E v c 3 R p e F 9 j b 21 t b 24 u e H N k I C B o d H R w O i 8 v c 3 R p e C 5 t a X R y Z S 5 v c m c v Z G V m Y X V s d F 92 b 2 N h Y n V s Y X J p Z X M t M S B o d H R w O i 8 v c 3 R p e C 5 t a X R y Z S 5 v c m c v W E 1 M U 2 N o Z W 1 h L 2 R l Z m F 1 b H R f d m 9 j Y W J 1 b G F y a W V z L z E u M S 4 x L 3 N 0 a X h f Z G V m Y X V s d F 92 b 2 N h Y n V s Y X J p Z X M u e H N k I C B o d H R w O i 8 v c 3 R p e C 5 t a X R y Z S 5 v c m c v c 3 R p e C 0 x I G h 0 d H A 6 L y 9 z d G l 4 L m 1 p d H J l L m 9 y Z y 9 Y T U x T Y 2 h l b W E v Y 29 y Z S 8 x L j E u M S 9 z d G l 4 X 2 N v c m U u e H N k I C A g I C B o d H R w O i 8 v d X M t Y 2 V y d C 5 n b 3 Y v Y 2 l z Y 3 A g a H R 0 c D o v L 3 d 3 d y 51 c y 1 j Z X J 0 L m d v d i 9 z a X R l c y 9 k Z W Z h d W x 0 L 2 Z p b G V z L 1 N U S V h f T m F t Z X N w Y W N l L 2 N p c 2 N w X 3 Z v Y 2 F i X 3 Y x L j E u M S 54 c 2 Q i I G l k P S J B Q T E 5 L T A y N C I g d m V y c 2 l v b j 0 i M S 4 x L j E i I H R p b W V z d G F t c D 0 i M j A x O S 0 w M S 0 y N F Q x O T o w O D o z N i 4 y M T A w M D A r M D A 6 M D A i P g o g I C A g P H N 0 a X g 6 U 1 R J W F 9 I Z W F k Z X I + C i A g I C A g I C A g P H N 0 a X g 6 V G l 0 b G U + S U 9 D c y B B c 3 N v Y 2 l h d G V k I H d p d G g g R E 5 T I E l u Z n J h c 3 R y d W N 0 d X J l I F R h b X B l c m l u Z z w v c 3 R p e D p U a X R s Z T 4 K I C A g I C A g I C A 8 c 3 R p e D p Q Y W N r Y W d l X 0 l u d G V u d C B 4 c 2 k 6 d H l w Z T 0 i c 3 R p e F Z v Y 2 F i c z p Q Y W
} ,
{
"type" : "text" ,
"object_relation" : "format" ,
"value" : "STIX 1.1" ,
"category" : "Other" ,
"uuid" : "5c4a2974-7748-4706-8091-4c4802de0b81"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "original-imported-file"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--1b2a8dae-f9e6-4d7a-bb5a-e5e27d5966e0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:49.000Z" ,
"modified" : "2019-01-24T21:09:49.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-12-21T08:26:28" ,
"category" : "Other" ,
"uuid" : "cfe9477f-3ede-4bce-8564-222ef3d4cda5"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/2010f38ef300be4349e7bc287e720b1ecec678cacbf0ea0556bcf765f6e073ec/analysis/1545380788/" ,
"category" : "External analysis" ,
"uuid" : "f20424f6-7426-4b05-888f-29ecb1ba2442"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "47/69" ,
"category" : "Other" ,
"uuid" : "255ad5e5-bbea-4778-9210-91b1f6dc2b55"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--a576549e-7bae-4dd1-a5f3-4e0a66209a64" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:50.000Z" ,
"modified" : "2019-01-24T21:09:50.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-01-24T11:12:00" ,
"category" : "Other" ,
"uuid" : "a7fc880f-5658-46fb-93f5-d846f65d468b"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/45a9edb24d4174592c69d9d37a534a518fbe2a88d3817fc0cc739e455883b8ff/analysis/1548328320/" ,
"category" : "External analysis" ,
"uuid" : "8565d497-f3c7-4a33-9e07-9188424467be"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "45/68" ,
"category" : "Other" ,
"uuid" : "949483e4-f6f1-423e-8a7a-1401a5ff37a4"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--d6bc7998-9cad-4353-851f-f31860ed8366" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-01-24T21:09:50.000Z" ,
"modified" : "2019-01-24T21:09:50.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-12-22T03:41:06" ,
"category" : "Other" ,
"uuid" : "7fb9f7c7-be46-49b9-a7c3-f8138f713052"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/9ea577a4b3faaf04a3bddbfcb934c9752bed0d0fc579f2152751c5f6923f7e14/analysis/1545450066/" ,
"category" : "External analysis" ,
"uuid" : "ccb14e9f-f755-496f-be9a-ec2bbb0f74e4"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "36/60" ,
"category" : "Other" ,
"uuid" : "6777c875-4914-40a7-a8ab-1e0d02b1f494"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-04-05 12:15:17 +00:00
"id" : "relationship--170e9eda-9cab-4160-9eb1-9f8e71c4c3d1" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-01-24T21:09:50.000Z" ,
"modified" : "2019-01-24T21:09:50.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--e0be6782-2009-11e9-b60b-d89ef344f46d" ,
"target_ref" : "x-misp-object--d6bc7998-9cad-4353-851f-f31860ed8366"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-04-05 12:15:17 +00:00
"id" : "relationship--3f80a3e8-2d7a-44cb-87fc-53689c1c4e73" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-01-24T21:09:50.000Z" ,
"modified" : "2019-01-24T21:09:50.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--e0be6785-2009-11e9-9867-d89ef344f46d" ,
"target_ref" : "x-misp-object--a576549e-7bae-4dd1-a5f3-4e0a66209a64"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-04-05 12:15:17 +00:00
"id" : "relationship--a64e661f-bd15-43e8-8e44-43cff4ef72d2" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-01-24T21:09:50.000Z" ,
"modified" : "2019-01-24T21:09:50.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--e0be6788-2009-11e9-9b1e-d89ef344f46d" ,
"target_ref" : "x-misp-object--1b2a8dae-f9e6-4d7a-bb5a-e5e27d5966e0"
} ,
{
"type" : "marking-definition" ,
"spec_version" : "2.1" ,
"id" : "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ,
"created" : "2017-01-20T00:00:00.000Z" ,
"definition_type" : "tlp" ,
"name" : "TLP:WHITE" ,
"definition" : {
"tlp" : "white"
}
}
]
}
