misp-circl-feed/feeds/circl/stix-2.1/5dc12abf-dbec-4acb-83a5-419d950d210f.json

890 lines
38 KiB
JSON
Raw Normal View History

2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--5dc12abf-dbec-4acb-83a5-419d950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-10T09:26:08.000Z",
"modified": "2019-12-10T09:26:08.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5dc12abf-dbec-4acb-83a5-419d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-10T09:26:08.000Z",
"modified": "2019-12-10T09:26:08.000Z",
"name": "OSINT - Turla/Venomous Bear Implants",
"published": "2019-12-10T09:28:18Z",
"object_refs": [
"x-misp-object--5dc12b04-4520-4f4d-bdc4-43fa950d210f",
"indicator--c329341a-9840-40f5-a7bc-ed64a2ec7820",
"indicator--ff441ee8-3fda-4c78-800f-fa48072df42b",
"indicator--896deec8-8e3c-4a6b-926e-de60c02d9c47",
"indicator--12b2a838-6f7c-4b4a-a1e6-46c033185348",
"indicator--77802fc2-8e23-4b3f-8c0b-e06ea8570015",
"indicator--ae94dbdf-74c8-4d41-bbe4-f92e921b960a",
"indicator--cf81da33-c913-4f1e-b78f-a8acab71f9cb",
"indicator--ced4d2d6-f1fb-4722-b7b5-7791ef662199",
"indicator--5942762c-c826-4076-90ff-9e4beb34430e",
"x-misp-object--8beecab4-010e-4450-8dac-a31df82c3279",
"indicator--4e097b0f-e05c-400b-98d3-af0ce5432479",
"x-misp-object--8940fb6d-41a6-4268-96fa-a9a0c9d36780",
"indicator--ba9b7334-d60e-48dd-a675-8f99e0291e0a",
"x-misp-object--a82564a5-e84b-4697-83a4-d70c3ff8b320",
"indicator--0755c767-324a-4687-b231-d565cfaf10ec",
"x-misp-object--4ece2478-f095-4408-85c8-23dc011fadcc",
"indicator--75b7df34-d401-46d9-99f1-e6ef1e4f9cc2",
"x-misp-object--dcf6461e-eabe-4050-b75a-183f1fca9199",
"indicator--529f959d-3e86-4c0a-8a74-617284841a81",
"x-misp-object--7e6ffeb9-c041-45ab-bd40-12f1827d706a",
"indicator--21d50aa1-ce06-4e01-b17b-650b0a4259fb",
"x-misp-object--624f5fe8-f2a2-45e4-bdc6-9f84e0d9ae7b",
"indicator--62c2c068-3e13-4646-a264-2498ecdc21dc",
"x-misp-object--00429de3-12c5-4a51-a22a-ebfb1c3cd3eb",
2024-04-05 12:15:17 +00:00
"relationship--e2996645-d5dd-452d-b1bc-93ddd739b838",
"relationship--949a3257-bb7b-48a2-830f-d420cb9b37ab",
"relationship--995d9f4d-749b-432c-84b9-656f581b828d",
"relationship--0cd4db75-71a2-4fcd-bfce-dffad5114cb1",
"relationship--fe353085-f399-4eb8-843f-3eb0ca83b7fc",
"relationship--53075dec-cba2-43d3-94eb-5c25fcc3025b",
"relationship--83ee9762-1254-48ea-9423-ff45dffc6547",
"relationship--30e7543e-6408-4576-8dbb-a8f1a83c9892"
2023-04-21 14:44:17 +00:00
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\"",
"misp-galaxy:malpedia=\"Turla RAT\"",
"misp-galaxy:mitre-enterprise-attack-intrusion-set=\"Turla\"",
"misp-galaxy:mitre-enterprise-attack-intrusion-set=\"Turla - G0010\"",
"misp-galaxy:mitre-intrusion-set=\"Turla\"",
"misp-galaxy:mitre-intrusion-set=\"Turla - G0010\"",
"misp-galaxy:threat-actor=\"Turla Group\"",
"misp-galaxy:tool=\"Turla\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5dc12b04-4520-4f4d-bdc4-43fa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-11-05T07:55:48.000Z",
"modified": "2019-11-05T07:55:48.000Z",
"labels": [
"misp:name=\"microblog\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "post",
"value": "Casey Brooks\r\n@DrunkBinary\r\nTurla/Venomous Bear Implants\r\n687d7ddb080fb769b26a0c054f4cd422\r\n5b3ff56e7fe3e3a71fca4c844d1e02db\r\n535e67930dfbec1a0ae2671b63e2ef8e\r\n2d4578a2bbf5418de1fd4783e555f100\r\n198ee041e8f3eb12a19bc321f86ccb88\r\n1753424464a00c628d7166152cc30d1e\r\n6e4b7f13178ebc04304ee2b5ee646d09",
"category": "Other",
"uuid": "5dc12b04-c32c-4304-a463-4b3b950d210f"
},
{
"type": "link",
"object_relation": "link",
"value": "https://mobile.twitter.com/DrunkBinary/status/1191382141579476998",
"category": "External analysis",
"uuid": "5dc12b05-07c4-4553-bf3a-45a1950d210f"
},
{
"type": "text",
"object_relation": "type",
"value": "Twitter",
"category": "Other",
"uuid": "5dc12b05-8388-4289-b089-439e950d210f"
},
{
"type": "text",
"object_relation": "username",
"value": "DrunkBinary",
"category": "Other",
"uuid": "5dc12b05-603c-418d-8712-477d950d210f"
},
{
"type": "text",
"object_relation": "state",
"value": "Informative",
"category": "Other",
"uuid": "5dc12b05-08ac-4652-9e94-44f0950d210f"
},
{
"type": "datetime",
"object_relation": "creation-date",
"value": "2019-11-04T16:50:00",
"category": "Other",
"uuid": "5dc12b05-81e8-4306-b82f-4968950d210f"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "microblog"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c329341a-9840-40f5-a7bc-ed64a2ec7820",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-11-05T07:58:40.000Z",
"modified": "2019-11-05T07:58:40.000Z",
"pattern": "[file:hashes.MD5 = '687d7ddb080fb769b26a0c054f4cd422']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-11-05T07:58:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ff441ee8-3fda-4c78-800f-fa48072df42b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-11-05T07:58:40.000Z",
"modified": "2019-11-05T07:58:40.000Z",
"pattern": "[file:hashes.MD5 = '5b3ff56e7fe3e3a71fca4c844d1e02db']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-11-05T07:58:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--896deec8-8e3c-4a6b-926e-de60c02d9c47",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-11-05T07:58:41.000Z",
"modified": "2019-11-05T07:58:41.000Z",
"pattern": "[file:hashes.MD5 = '535e67930dfbec1a0ae2671b63e2ef8e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-11-05T07:58:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--12b2a838-6f7c-4b4a-a1e6-46c033185348",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-11-05T07:58:41.000Z",
"modified": "2019-11-05T07:58:41.000Z",
"pattern": "[file:hashes.MD5 = '2d4578a2bbf5418de1fd4783e555f100']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-11-05T07:58:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--77802fc2-8e23-4b3f-8c0b-e06ea8570015",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-11-05T07:58:42.000Z",
"modified": "2019-11-05T07:58:42.000Z",
"pattern": "[file:hashes.MD5 = '198ee041e8f3eb12a19bc321f86ccb88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-11-05T07:58:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ae94dbdf-74c8-4d41-bbe4-f92e921b960a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-11-05T07:58:43.000Z",
"modified": "2019-11-05T07:58:43.000Z",
"pattern": "[file:hashes.MD5 = '1753424464a00c628d7166152cc30d1e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-11-05T07:58:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cf81da33-c913-4f1e-b78f-a8acab71f9cb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-11-05T07:58:43.000Z",
"modified": "2019-11-05T07:58:43.000Z",
"pattern": "[file:hashes.MD5 = '6e4b7f13178ebc04304ee2b5ee646d09']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-11-05T07:58:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ced4d2d6-f1fb-4722-b7b5-7791ef662199",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-11-05T07:58:44.000Z",
"modified": "2019-11-05T07:58:44.000Z",
"pattern": "[file:hashes.MD5 = 'afcf3936639b706221d5f67afa75d80b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-11-05T07:58:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5942762c-c826-4076-90ff-9e4beb34430e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-10T09:25:35.000Z",
"modified": "2019-12-10T09:25:35.000Z",
"pattern": "[file:hashes.MD5 = '6e4b7f13178ebc04304ee2b5ee646d09' AND file:hashes.SHA1 = '663a78cb5e6f3ab54cd0d3f67bd8c9545b341d6f' AND file:hashes.SHA256 = '24fe571f3066045497b1d8316040734c81c71dcb1747f1d7026cda810085fad7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-10T09:25:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--8beecab4-010e-4450-8dac-a31df82c3279",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-10T09:25:40.000Z",
"modified": "2019-12-10T09:25:40.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-10-23T13:06:09",
"category": "Other",
"uuid": "39464f1b-abd9-4278-8984-ed2605ebc764"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/24fe571f3066045497b1d8316040734c81c71dcb1747f1d7026cda810085fad7/analysis/1571835969/",
"category": "Payload delivery",
"uuid": "009c4163-da4a-425e-baa8-9f39a81f47c2"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "43/67",
"category": "Payload delivery",
"uuid": "88b75e39-9615-4833-9bfb-912eb249492e"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4e097b0f-e05c-400b-98d3-af0ce5432479",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-10T09:25:42.000Z",
"modified": "2019-12-10T09:25:42.000Z",
"pattern": "[file:hashes.MD5 = '198ee041e8f3eb12a19bc321f86ccb88' AND file:hashes.SHA1 = 'ee583451c832b07d8f2b4d6b8dd36ccb280ff421' AND file:hashes.SHA256 = 'c63f425d96365d906604b1529611eefe5524432545a7977ebe2ac8c79f90ad7e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-10T09:25:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--8940fb6d-41a6-4268-96fa-a9a0c9d36780",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-10T09:25:51.000Z",
"modified": "2019-12-10T09:25:51.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-11-12T15:05:11",
"category": "Other",
"uuid": "db8e2be8-5902-4322-9da5-536f77a869cc"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/c63f425d96365d906604b1529611eefe5524432545a7977ebe2ac8c79f90ad7e/analysis/1573571111/",
"category": "Payload delivery",
"uuid": "13f2f09d-83ec-4f87-a0c3-b2b48db6c7bf"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "47/70",
"category": "Payload delivery",
"uuid": "cbe967c3-f348-4174-b1f9-d56f84af11cf"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ba9b7334-d60e-48dd-a675-8f99e0291e0a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-10T09:26:02.000Z",
"modified": "2019-12-10T09:26:02.000Z",
"pattern": "[file:hashes.MD5 = '535e67930dfbec1a0ae2671b63e2ef8e' AND file:hashes.SHA1 = '3b203f328048b837030b6f0ff595968486cc1b44' AND file:hashes.SHA256 = 'db9902cb42f6dc9f1c02bd3413ab3969d345eb6b0660bd8356a0c328f1ec0c07']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-10T09:26:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--a82564a5-e84b-4697-83a4-d70c3ff8b320",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-10T09:26:05.000Z",
"modified": "2019-12-10T09:26:05.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-10-23T13:07:53",
"category": "Other",
"uuid": "9687daad-0e1b-4197-ac07-af6faedc2130"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/db9902cb42f6dc9f1c02bd3413ab3969d345eb6b0660bd8356a0c328f1ec0c07/analysis/1571836073/",
"category": "Payload delivery",
"uuid": "47135dc2-701d-433d-9930-d692cf6bdb9d"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "42/69",
"category": "Payload delivery",
"uuid": "5f598518-92a3-4dda-b5fa-852e10d79a01"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0755c767-324a-4687-b231-d565cfaf10ec",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-10T09:26:06.000Z",
"modified": "2019-12-10T09:26:06.000Z",
"pattern": "[file:hashes.MD5 = 'afcf3936639b706221d5f67afa75d80b' AND file:hashes.SHA1 = 'd98643af5619781280b4418d224a07c36d462a84' AND file:hashes.SHA256 = '43eb5196379c3394f60014335871457b19a6784dd1de5fd490042a3801a9fa89']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-10T09:26:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--4ece2478-f095-4408-85c8-23dc011fadcc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-10T09:26:06.000Z",
"modified": "2019-12-10T09:26:06.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-10-23T13:05:51",
"category": "Other",
"uuid": "859a70c4-0b4d-4fa1-86dc-1a23c2409f73"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/43eb5196379c3394f60014335871457b19a6784dd1de5fd490042a3801a9fa89/analysis/1571835951/",
"category": "Payload delivery",
"uuid": "c88401f1-1d62-4b5a-960b-4ba03e10518d"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "46/67",
"category": "Payload delivery",
"uuid": "e5c2c08c-79ef-47a5-9ee3-55d93a159361"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--75b7df34-d401-46d9-99f1-e6ef1e4f9cc2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-10T09:26:06.000Z",
"modified": "2019-12-10T09:26:06.000Z",
"pattern": "[file:hashes.MD5 = '1753424464a00c628d7166152cc30d1e' AND file:hashes.SHA1 = '05071cf5da3040d6cbdfd9413a79029e605ac364' AND file:hashes.SHA256 = '7bd3ff9ba43020688acaa05ce4e0a8f92f53d9d9264053255a5937cbd7a5465e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-10T09:26:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--dcf6461e-eabe-4050-b75a-183f1fca9199",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-10T09:26:06.000Z",
"modified": "2019-12-10T09:26:06.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-10-23T13:06:27",
"category": "Other",
"uuid": "202ca9e6-3d55-4e52-ab2f-5c0164d2d9fa"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/7bd3ff9ba43020688acaa05ce4e0a8f92f53d9d9264053255a5937cbd7a5465e/analysis/1571835987/",
"category": "Payload delivery",
"uuid": "dff115c3-2d30-4f79-a525-27fbdb3054d1"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "45/68",
"category": "Payload delivery",
"uuid": "f0645ffb-2291-48ef-a6d7-4d0233af89eb"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--529f959d-3e86-4c0a-8a74-617284841a81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-10T09:26:07.000Z",
"modified": "2019-12-10T09:26:07.000Z",
"pattern": "[file:hashes.MD5 = '2d4578a2bbf5418de1fd4783e555f100' AND file:hashes.SHA1 = '6c24db5a4d30a8287c36d21c16c0d45050a975c4' AND file:hashes.SHA256 = '5f56627cf168fcf5ffc3f5bcb9bf7f968f8428d53d8b2e00c1622c2da67965cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-10T09:26:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--7e6ffeb9-c041-45ab-bd40-12f1827d706a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-10T09:26:07.000Z",
"modified": "2019-12-10T09:26:07.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-10-23T13:07:36",
"category": "Other",
"uuid": "97bbdbe3-56cc-435b-8365-4e34e19147c8"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/5f56627cf168fcf5ffc3f5bcb9bf7f968f8428d53d8b2e00c1622c2da67965cf/analysis/1571836056/",
"category": "Payload delivery",
"uuid": "19a18bf2-de93-48e2-a6b9-4333cbeaaef5"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "44/69",
"category": "Payload delivery",
"uuid": "f11e5be1-6cfb-4e2a-a983-5e176a12b585"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--21d50aa1-ce06-4e01-b17b-650b0a4259fb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-10T09:26:07.000Z",
"modified": "2019-12-10T09:26:07.000Z",
"pattern": "[file:hashes.MD5 = '5b3ff56e7fe3e3a71fca4c844d1e02db' AND file:hashes.SHA1 = '1b8e06751ecc87826bd258d5182ab33c1e20c8f7' AND file:hashes.SHA256 = 'ba9a2b8573282e9f449e53142542acd2e854206b67db12058a4195cfbd692f79']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-10T09:26:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--624f5fe8-f2a2-45e4-bdc6-9f84e0d9ae7b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-10T09:26:07.000Z",
"modified": "2019-12-10T09:26:07.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-10-23T13:41:54",
"category": "Other",
"uuid": "4812d651-6871-44c6-951f-e5d047e26e46"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/ba9a2b8573282e9f449e53142542acd2e854206b67db12058a4195cfbd692f79/analysis/1571838114/",
"category": "Payload delivery",
"uuid": "26a72c15-240b-4d2a-ae5a-9dfad7d14c3e"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "43/68",
"category": "Payload delivery",
"uuid": "30609a1d-5955-4c9c-a353-6794ebad86b4"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--62c2c068-3e13-4646-a264-2498ecdc21dc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-10T09:26:07.000Z",
"modified": "2019-12-10T09:26:07.000Z",
"pattern": "[file:hashes.MD5 = '687d7ddb080fb769b26a0c054f4cd422' AND file:hashes.SHA1 = '3227e0b8181f05e393be41d633b08da07fadf194' AND file:hashes.SHA256 = '66893ab83a7d4e298720da28cd2ea4a860371ae938cdd86035ce920b933c9d85']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-12-10T09:26:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--00429de3-12c5-4a51-a22a-ebfb1c3cd3eb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-12-10T09:26:08.000Z",
"modified": "2019-12-10T09:26:08.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-11-14T08:28:17",
"category": "Other",
"uuid": "93ec40f8-6f63-41ff-a27e-1891c57b456b"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/66893ab83a7d4e298720da28cd2ea4a860371ae938cdd86035ce920b933c9d85/analysis/1573720097/",
"category": "Payload delivery",
"uuid": "eda19702-19eb-4e5a-9c8d-31de2e456e05"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "47/70",
"category": "Payload delivery",
"uuid": "6c063632-74a2-4192-8570-2501e90ac8ab"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-04-05 12:15:17 +00:00
"id": "relationship--e2996645-d5dd-452d-b1bc-93ddd739b838",
2023-04-21 14:44:17 +00:00
"created": "2019-12-10T09:26:08.000Z",
"modified": "2019-12-10T09:26:08.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--5942762c-c826-4076-90ff-9e4beb34430e",
"target_ref": "x-misp-object--8beecab4-010e-4450-8dac-a31df82c3279"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-04-05 12:15:17 +00:00
"id": "relationship--949a3257-bb7b-48a2-830f-d420cb9b37ab",
2023-04-21 14:44:17 +00:00
"created": "2019-12-10T09:26:08.000Z",
"modified": "2019-12-10T09:26:08.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--4e097b0f-e05c-400b-98d3-af0ce5432479",
"target_ref": "x-misp-object--8940fb6d-41a6-4268-96fa-a9a0c9d36780"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-04-05 12:15:17 +00:00
"id": "relationship--995d9f4d-749b-432c-84b9-656f581b828d",
2023-04-21 14:44:17 +00:00
"created": "2019-12-10T09:26:08.000Z",
"modified": "2019-12-10T09:26:08.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--ba9b7334-d60e-48dd-a675-8f99e0291e0a",
"target_ref": "x-misp-object--a82564a5-e84b-4697-83a4-d70c3ff8b320"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-04-05 12:15:17 +00:00
"id": "relationship--0cd4db75-71a2-4fcd-bfce-dffad5114cb1",
2023-04-21 14:44:17 +00:00
"created": "2019-12-10T09:26:08.000Z",
"modified": "2019-12-10T09:26:08.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--0755c767-324a-4687-b231-d565cfaf10ec",
"target_ref": "x-misp-object--4ece2478-f095-4408-85c8-23dc011fadcc"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-04-05 12:15:17 +00:00
"id": "relationship--fe353085-f399-4eb8-843f-3eb0ca83b7fc",
2023-04-21 14:44:17 +00:00
"created": "2019-12-10T09:26:08.000Z",
"modified": "2019-12-10T09:26:08.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--75b7df34-d401-46d9-99f1-e6ef1e4f9cc2",
"target_ref": "x-misp-object--dcf6461e-eabe-4050-b75a-183f1fca9199"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-04-05 12:15:17 +00:00
"id": "relationship--53075dec-cba2-43d3-94eb-5c25fcc3025b",
2023-04-21 14:44:17 +00:00
"created": "2019-12-10T09:26:08.000Z",
"modified": "2019-12-10T09:26:08.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--529f959d-3e86-4c0a-8a74-617284841a81",
"target_ref": "x-misp-object--7e6ffeb9-c041-45ab-bd40-12f1827d706a"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-04-05 12:15:17 +00:00
"id": "relationship--83ee9762-1254-48ea-9423-ff45dffc6547",
2023-04-21 14:44:17 +00:00
"created": "2019-12-10T09:26:08.000Z",
"modified": "2019-12-10T09:26:08.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--21d50aa1-ce06-4e01-b17b-650b0a4259fb",
"target_ref": "x-misp-object--624f5fe8-f2a2-45e4-bdc6-9f84e0d9ae7b"
},
{
"type": "relationship",
"spec_version": "2.1",
2024-04-05 12:15:17 +00:00
"id": "relationship--30e7543e-6408-4576-8dbb-a8f1a83c9892",
2023-04-21 14:44:17 +00:00
"created": "2019-12-10T09:26:08.000Z",
"modified": "2019-12-10T09:26:08.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--62c2c068-3e13-4646-a264-2498ecdc21dc",
"target_ref": "x-misp-object--00429de3-12c5-4a51-a22a-ebfb1c3cd3eb"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}