2023-04-21 13:25:09 +00:00
{
2023-06-14 17:31:25 +00:00
"type" : "bundle" ,
"id" : "bundle--1b2b6e15-3655-4648-afcb-c93214187736" ,
"objects" : [
{
"type" : "identity" ,
"spec_version" : "2.1" ,
"id" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-20T06:22:25.000Z" ,
"modified" : "2022-04-20T06:22:25.000Z" ,
"name" : "CIRCL" ,
"identity_class" : "organization"
} ,
{
"type" : "report" ,
"spec_version" : "2.1" ,
"id" : "report--1b2b6e15-3655-4648-afcb-c93214187736" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-20T06:22:25.000Z" ,
"modified" : "2022-04-20T06:22:25.000Z" ,
"name" : "Related IoCs to https://cert.gov.ua/article/39708 - Cyberattack on state organizations of Ukraine using the topic \"Azovstal\" and the malicious program Cobalt Strike Beacon (CERT-UA # 4490)" ,
"published" : "2022-04-20T06:25:00Z" ,
"object_refs" : [
"indicator--cfeeffe0-0d4b-4bde-82be-c3e4f00ac770" ,
"indicator--2ce189ea-72be-4d9e-bfe1-09a89fc75fe5" ,
"indicator--3c77b174-1b0e-4098-9a75-57d17f3633fa" ,
"indicator--b23b81fe-1dec-49c7-bd8c-c4a8ba03a1d8" ,
"indicator--1dc91cd6-93eb-4201-8fb1-65cd3f7e7336" ,
"indicator--6b16e33c-33b8-4604-af27-c2966171b700" ,
"indicator--bb9b81f6-0f86-40a3-a269-b76a1dcdcfa9" ,
"indicator--066aee0a-674b-4bed-b365-c2db9056a8a2" ,
"indicator--b6357090-bde6-4f7b-b5df-ada2131ba85e" ,
"indicator--bb5336ff-5b37-42ac-877d-4ce2411a4f34" ,
"indicator--62049eb3-e963-46ce-9b81-d5545e85b86b" ,
"indicator--17cffd8c-62e9-4cd2-80c6-40ade431d9ed" ,
"indicator--25e7bbae-b61c-440b-b6af-02de7ee9f80e" ,
"indicator--7041d6a0-cc10-4464-9847-f398a2f6ed7b" ,
"indicator--0de23523-f165-459e-93c0-189aec49ef09" ,
"indicator--c7dbbdde-3d06-4112-a694-1ff68bf12576" ,
"indicator--5953cba9-4fa4-4b0d-b67e-859074a1784e" ,
"indicator--d75195a5-92aa-4e55-9f61-0ffb63f742b3" ,
"indicator--98c5d7ed-32cc-4b81-bbc4-f7f0c78f6dc9" ,
"indicator--21bf9fd1-3dbd-442f-a7e1-76ef0a6f519c" ,
"indicator--cb56d9e7-ff65-4664-a479-42bdda8d8cb3" ,
"indicator--fd55edb9-a125-4048-9cbb-f5d906b125d6" ,
"indicator--749d4786-b472-4bea-8e29-e9ced2a1b4d1" ,
"indicator--bcec041d-5924-47be-a917-98d53a510bd3" ,
"indicator--cf05a2ea-3013-451b-b596-efc6c2ffa0cc" ,
"indicator--600e0fe5-6fc5-4a8f-b73b-7c6d375e99d6" ,
"indicator--b3ab8dc5-0d44-40bb-b00c-fa058627b9c9" ,
"indicator--4c478ec0-5fbf-4ee4-bead-4add23c8ebe4" ,
"indicator--c447a873-9758-4cf6-b856-c0a739ef9191" ,
"indicator--0b22b71b-df3b-4783-a55c-138846d25c3e" ,
"indicator--38ebbd09-486e-416d-b026-c4d5d60969ff" ,
"indicator--7c57fd9b-2c63-47fe-9a4e-f1c676f45f6a" ,
"indicator--befda417-08da-46ae-938c-530b47403aed" ,
"indicator--bf542b70-4cdc-4b1a-8751-9356b62b9de5" ,
"indicator--6d4633e9-ebaa-405b-ae20-a4ad5541c643" ,
"indicator--8a2d2fe1-2c7e-4668-887b-4fd8e6a081ac" ,
"indicator--edefaf19-a841-4689-b56e-123b3efe06ef" ,
"indicator--f54e4b57-a5d0-4771-a556-4484192b636d" ,
"indicator--a7867a75-2882-4497-9fbd-b05cc522e0bf" ,
"indicator--73d9ec3f-9acd-401b-8602-33742ec0c88b" ,
"indicator--48f86dc7-c52c-4a54-8a73-1ea883c5ef83" ,
"indicator--e621c574-0af6-4498-bbe4-a53d9e558201" ,
"indicator--7e6e4ba4-fd5a-4915-9333-ab479f671484" ,
"indicator--24d9270f-b9ee-49f7-98e4-3412fe68d628" ,
"indicator--a8168f09-8001-4e55-a947-183cb0e46ed4" ,
"indicator--31dcc91d-77f0-4dfd-9434-ee552401ce91" ,
"indicator--d05c5391-4984-4627-aa49-876c2cd49c9c" ,
"indicator--26c49fcd-d8ba-47a4-b505-65addccb9aaf" ,
"indicator--cc520f0b-c55f-4041-8b07-08b4b6bcb037" ,
"indicator--578b0451-c007-4ff5-952c-f0a7332e9010" ,
"indicator--c316b3fc-7ed9-4b2b-a5e1-85ab48855746" ,
"indicator--af84df87-9c34-4b11-a3bd-9adb78906b6a" ,
"indicator--1c07fbfe-22cd-4775-8619-b26cec97e1bc" ,
"indicator--70299e93-ff93-45d6-b0bd-e0618f22ec23" ,
"indicator--0f770b42-5423-4d45-89b5-4c8b999865c9" ,
"indicator--b597cff7-58ca-4166-b08f-0374a1d0ebc3" ,
"indicator--fd8dccf8-a87f-4a2f-8930-84321eb1dd5b" ,
"indicator--280b384d-cb64-4edd-983e-c887f0ea4437" ,
"indicator--c3cd6f20-cd40-49bb-b6be-b617f1354389" ,
"indicator--278731e7-fb13-4357-9c87-a75bd712230f" ,
"indicator--f1d045ac-a519-48bd-897c-e0cc4541bca1" ,
"indicator--fb7c602d-9d27-4b32-a119-b11f96223e0b" ,
"indicator--840a46c4-9a71-4773-84da-f72ecfdaaab8" ,
"indicator--93349386-f6b3-429a-9b9f-2b7283c2bb6a" ,
"indicator--0f66306e-3c67-4b44-acda-2312d58f8f25" ,
"indicator--a0f99133-677d-4fa3-90f3-3b65eade4279" ,
"indicator--d23eb6c6-b17e-485c-b2a3-2ae9be8e71bb" ,
"indicator--bf3e79f2-5548-4293-8ccc-45f43acd0337" ,
"indicator--4447dafe-cc48-4b15-bcda-d2683475b01a" ,
"indicator--45bd3293-441c-4cbb-9f8d-1f787470d4ef" ,
"indicator--ada00487-2c2e-4de1-aa5e-53e0b814a023" ,
"indicator--3652f949-f109-4c5a-86b5-f2e976a19656" ,
"indicator--a0df3698-372d-48ab-aafb-0f4fbf9635d1" ,
"indicator--33590d94-5ae3-4853-b03b-62b9a56016f4" ,
"indicator--d295e514-5287-49c1-bc4e-8168dbacc05e" ,
"indicator--66613b64-69c5-4ab4-a7da-77cd07fe8cb7" ,
"indicator--c4a06d91-51e3-4386-b546-2214460e97f0" ,
"x-misp-object--edf044d9-c432-4fcb-868b-df6050828c39" ,
"indicator--1d5d82ed-2bec-4a8a-a8c4-ad72e7771a1f" ,
"indicator--c4725d25-2953-4fbc-be2e-c3c960e68f60" ,
"indicator--5cd304a2-a4c3-4878-95df-6c9da9a7fe29" ,
"x-misp-object--630cc256-f367-4f5f-83f3-757a28c587b1" ,
"observed-data--17746c0d-121f-402a-abe2-c98b8b362a55" ,
"file--1558f253-39fa-52c0-9878-078f8dc5e90a" ,
"x-misp-object--2c263270-3a18-4d23-b950-c5710c490a72" ,
"x-misp-object--230937bc-fea9-4714-8cbf-bdfd69c3da59" ,
"x-misp-object--809a3e46-68ae-46b5-84d3-2e77b2f8c2c2" ,
"x-misp-object--8fdf2a25-528c-4818-ba85-979144dfb69c" ,
"x-misp-object--f73d494f-0ac5-416d-83a2-69f80a69082d" ,
"x-misp-object--5df0d3ad-bc0b-45cb-813f-f6549bd4b098"
] ,
"labels" : [
"Threat-Report" ,
"misp:tool=\"MISP-STIX-Converter\"" ,
"type:OSINT" ,
"osint:lifetime=\"perpetual\"" ,
"osint:certainty=\"50\"" ,
"misp-galaxy:target-information=\"Ukraine\"" ,
"misp-galaxy:tool=\"Cobalt Strike\"" ,
"misp-galaxy:tool=\"Trick Bot\""
] ,
"object_marking_refs" : [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cfeeffe0-0d4b-4bde-82be-c3e4f00ac770" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:27:46.000Z" ,
"modified" : "2022-04-19T13:27:46.000Z" ,
"pattern" : "[file:hashes.SHA256 = '1f1029d94ca4656a577d554cedd79d447658f475af08620084897a5523587052']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:27:46Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2ce189ea-72be-4d9e-bfe1-09a89fc75fe5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:27:46.000Z" ,
"modified" : "2022-04-19T13:27:46.000Z" ,
"pattern" : "[file:hashes.SHA256 = '6f0ddfe6b68ea68b5e450e30b131137b6f01c60cc8383f3c48bea0c8acb6ef1c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:27:46Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3c77b174-1b0e-4098-9a75-57d17f3633fa" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:27:46.000Z" ,
"modified" : "2022-04-19T13:27:46.000Z" ,
"pattern" : "[file:hashes.SHA256 = '9990fe0d8aac0b4a6040d5979afd822c2212d9aec2b90e5d10c0b15dee8d61b1']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:27:46Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b23b81fe-1dec-49c7-bd8c-c4a8ba03a1d8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:27:46.000Z" ,
"modified" : "2022-04-19T13:27:46.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'df58100f881e2bfa694e00dd06bdb326b272a51ff9b75114819498a26bf6504c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:27:46Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1dc91cd6-93eb-4201-8fb1-65cd3f7e7336" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:27:46.000Z" ,
"modified" : "2022-04-19T13:27:46.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'ea9dae45f81fe3527c62ad7b84b03d19629014b1a0e346b6aa933e52b0929d8a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:27:46Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6b16e33c-33b8-4604-af27-c2966171b700" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:29:38.000Z" ,
"modified" : "2022-04-19T13:29:38.000Z" ,
"pattern" : "[url:value = 'https://e5qo83-fedex.us/wzlco?VLakox?80934612']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:29:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--bb9b81f6-0f86-40a3-a269-b76a1dcdcfa9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:29:38.000Z" ,
"modified" : "2022-04-19T13:29:38.000Z" ,
"pattern" : "[url:value = 'http://138.68.229.0/pe.dll']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:29:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--066aee0a-674b-4bed-b365-c2db9056a8a2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:29:38.000Z" ,
"modified" : "2022-04-19T13:29:38.000Z" ,
"pattern" : "[url:value = 'https://138.68.229.0/']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:29:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b6357090-bde6-4f7b-b5df-ada2131ba85e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:29:38.000Z" ,
"modified" : "2022-04-19T13:29:38.000Z" ,
"pattern" : "[url:value = 'https://dezword.com/apiv8/getStatus']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:29:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--bb5336ff-5b37-42ac-877d-4ce2411a4f34" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:29:38.000Z" ,
"modified" : "2022-04-19T13:29:38.000Z" ,
"pattern" : "[url:value = 'http://138.68.229.0/']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:29:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--62049eb3-e963-46ce-9b81-d5545e85b86b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:29:38.000Z" ,
"modified" : "2022-04-19T13:29:38.000Z" ,
"pattern" : "[url:value = 'https://dezword.com/apiv8/updateConfig']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:29:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--17cffd8c-62e9-4cd2-80c6-40ade431d9ed" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:29:38.000Z" ,
"modified" : "2022-04-19T13:29:38.000Z" ,
"pattern" : "[url:value = 'https://dezword.com/']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:29:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--25e7bbae-b61c-440b-b6af-02de7ee9f80e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:29:38.000Z" ,
"modified" : "2022-04-19T13:29:38.000Z" ,
"pattern" : "[url:value = 'http://84.32.188.29/']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:29:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7041d6a0-cc10-4464-9847-f398a2f6ed7b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:29:38.000Z" ,
"modified" : "2022-04-19T13:29:38.000Z" ,
"pattern" : "[url:value = 'http://dezword.com/']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:29:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0de23523-f165-459e-93c0-189aec49ef09" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:29:38.000Z" ,
"modified" : "2022-04-19T13:29:38.000Z" ,
"pattern" : "[url:value = 'http://dezword.com/apiv8/getstatus']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:29:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c7dbbdde-3d06-4112-a694-1ff68bf12576" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:08.000Z" ,
"modified" : "2022-04-19T13:30:08.000Z" ,
"pattern" : "[domain-name:value = 'dezword.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:08Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5953cba9-4fa4-4b0d-b67e-859074a1784e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:08.000Z" ,
"modified" : "2022-04-19T13:30:08.000Z" ,
"pattern" : "[domain-name:value = 'kitchenbath.mckillican.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:08Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d75195a5-92aa-4e55-9f61-0ffb63f742b3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:08.000Z" ,
"modified" : "2022-04-19T13:30:08.000Z" ,
"pattern" : "[domain-name:value = 'www.15ns84-fedex.us']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:08Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--98c5d7ed-32cc-4b81-bbc4-f7f0c78f6dc9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:08.000Z" ,
"modified" : "2022-04-19T13:30:08.000Z" ,
"pattern" : "[domain-name:value = 'www.ba4x83-fedex.us']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:08Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--21bf9fd1-3dbd-442f-a7e1-76ef0a6f519c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:08.000Z" ,
"modified" : "2022-04-19T13:30:08.000Z" ,
"pattern" : "[domain-name:value = 'www.c1tf83-fedex.us']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:08Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cb56d9e7-ff65-4664-a479-42bdda8d8cb3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:08.000Z" ,
"modified" : "2022-04-19T13:30:08.000Z" ,
"pattern" : "[domain-name:value = 'www.enzj84-fedex.us']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:08Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--fd55edb9-a125-4048-9cbb-f5d906b125d6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:08.000Z" ,
"modified" : "2022-04-19T13:30:08.000Z" ,
"pattern" : "[domain-name:value = 'www.fx7u83-fedex.us']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:08Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--749d4786-b472-4bea-8e29-e9ced2a1b4d1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:08.000Z" ,
"modified" : "2022-04-19T13:30:08.000Z" ,
"pattern" : "[domain-name:value = 'www.fx7u84-fedex.us']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:08Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--bcec041d-5924-47be-a917-98d53a510bd3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:08.000Z" ,
"modified" : "2022-04-19T13:30:08.000Z" ,
"pattern" : "[domain-name:value = 'www.glsc83-fedex.us']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:08Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cf05a2ea-3013-451b-b596-efc6c2ffa0cc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:09.000Z" ,
"modified" : "2022-04-19T13:30:09.000Z" ,
"pattern" : "[domain-name:value = 'www.igik83-fedex.us']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:09Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--600e0fe5-6fc5-4a8f-b73b-7c6d375e99d6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:09.000Z" ,
"modified" : "2022-04-19T13:30:09.000Z" ,
"pattern" : "[domain-name:value = 'www.jfws84-fedex.us']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:09Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b3ab8dc5-0d44-40bb-b00c-fa058627b9c9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:09.000Z" ,
"modified" : "2022-04-19T13:30:09.000Z" ,
"pattern" : "[domain-name:value = 'www.k9yr83-fedex.us']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:09Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4c478ec0-5fbf-4ee4-bead-4add23c8ebe4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:09.000Z" ,
"modified" : "2022-04-19T13:30:09.000Z" ,
"pattern" : "[domain-name:value = 'www.koda83-fedex.us']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:09Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c447a873-9758-4cf6-b856-c0a739ef9191" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:09.000Z" ,
"modified" : "2022-04-19T13:30:09.000Z" ,
"pattern" : "[domain-name:value = 'www.mqqo83-fedex.us']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:09Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0b22b71b-df3b-4783-a55c-138846d25c3e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:09.000Z" ,
"modified" : "2022-04-19T13:30:09.000Z" ,
"pattern" : "[domain-name:value = 'www.mqqo84-fedex.us']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:09Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--38ebbd09-486e-416d-b026-c4d5d60969ff" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:09.000Z" ,
"modified" : "2022-04-19T13:30:09.000Z" ,
"pattern" : "[domain-name:value = 'www.nktc83-fedex.us']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:09Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7c57fd9b-2c63-47fe-9a4e-f1c676f45f6a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:09.000Z" ,
"modified" : "2022-04-19T13:30:09.000Z" ,
"pattern" : "[domain-name:value = 'www.nktc84-fedex.us']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:09Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--befda417-08da-46ae-938c-530b47403aed" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:09.000Z" ,
"modified" : "2022-04-19T13:30:09.000Z" ,
"pattern" : "[domain-name:value = 'www.nqe383-fedex.us']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:09Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--bf542b70-4cdc-4b1a-8751-9356b62b9de5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:09.000Z" ,
"modified" : "2022-04-19T13:30:09.000Z" ,
"pattern" : "[domain-name:value = 'www.rl6s84-fedex.us']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:09Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6d4633e9-ebaa-405b-ae20-a4ad5541c643" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:09.000Z" ,
"modified" : "2022-04-19T13:30:09.000Z" ,
"pattern" : "[domain-name:value = 'www.wdhx83-fedex.us']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:09Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8a2d2fe1-2c7e-4668-887b-4fd8e6a081ac" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:09.000Z" ,
"modified" : "2022-04-19T13:30:09.000Z" ,
"pattern" : "[domain-name:value = 'www.wubl84-fedex.us']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:09Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--edefaf19-a841-4689-b56e-123b3efe06ef" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:30:09.000Z" ,
"modified" : "2022-04-19T13:30:09.000Z" ,
"pattern" : "[domain-name:value = 'www.www.dezword.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:30:09Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f54e4b57-a5d0-4771-a556-4484192b636d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '84.32.188.29']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a7867a75-2882-4497-9fbd-b05cc522e0bf" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '138.68.229.0']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--73d9ec3f-9acd-401b-8602-33742ec0c88b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.60.161.225']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--48f86dc7-c52c-4a54-8a73-1ea883c5ef83" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.60.161.74']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e621c574-0af6-4498-bbe4-a53d9e558201" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.60.161.62']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7e6e4ba4-fd5a-4915-9333-ab479f671484" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.60.161.99']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--24d9270f-b9ee-49f7-98e4-3412fe68d628" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.60.161.57']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a8168f09-8001-4e55-a947-183cb0e46ed4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.60.161.75']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--31dcc91d-77f0-4dfd-9434-ee552401ce91" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.60.161.24']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d05c5391-4984-4627-aa49-876c2cd49c9c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.60.161.89']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--26c49fcd-d8ba-47a4-b505-65addccb9aaf" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.60.161.209']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cc520f0b-c55f-4041-8b07-08b4b6bcb037" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.60.161.85']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--578b0451-c007-4ff5-952c-f0a7332e9010" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.60.160.51']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c316b3fc-7ed9-4b2b-a5e1-85ab48855746" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.60.161.226']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--af84df87-9c34-4b11-a3bd-9adb78906b6a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.60.161.216']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1c07fbfe-22cd-4775-8619-b26cec97e1bc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.60.161.163']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--70299e93-ff93-45d6-b0bd-e0618f22ec23" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.60.160.8']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0f770b42-5423-4d45-89b5-4c8b999865c9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.60.161.32']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b597cff7-58ca-4166-b08f-0374a1d0ebc3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.60.161.45']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--fd8dccf8-a87f-4a2f-8930-84321eb1dd5b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.60.161.60']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--280b384d-cb64-4edd-983e-c887f0ea4437" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:20.000Z" ,
"modified" : "2022-04-19T13:39:20.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.60.160.17']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c3cd6f20-cd40-49bb-b6be-b617f1354389" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:21.000Z" ,
"modified" : "2022-04-19T13:39:21.000Z" ,
"pattern" : "[domain-name:value = 'agreminj.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--278731e7-fb13-4357-9c87-a75bd712230f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:21.000Z" ,
"modified" : "2022-04-19T13:39:21.000Z" ,
"pattern" : "[domain-name:value = 'akaluij.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f1d045ac-a519-48bd-897c-e0cc4541bca1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:21.000Z" ,
"modified" : "2022-04-19T13:39:21.000Z" ,
"pattern" : "[domain-name:value = 'anidoz.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--fb7c602d-9d27-4b32-a119-b11f96223e0b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:21.000Z" ,
"modified" : "2022-04-19T13:39:21.000Z" ,
"pattern" : "[domain-name:value = 'apeduze.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--840a46c4-9a71-4773-84da-f72ecfdaaab8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:21.000Z" ,
"modified" : "2022-04-19T13:39:21.000Z" ,
"pattern" : "[domain-name:value = 'apokil.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--93349386-f6b3-429a-9b9f-2b7283c2bb6a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:21.000Z" ,
"modified" : "2022-04-19T13:39:21.000Z" ,
"pattern" : "[domain-name:value = 'arentuk.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0f66306e-3c67-4b44-acda-2312d58f8f25" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:21.000Z" ,
"modified" : "2022-04-19T13:39:21.000Z" ,
"pattern" : "[domain-name:value = 'axikok.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a0f99133-677d-4fa3-90f3-3b65eade4279" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:21.000Z" ,
"modified" : "2022-04-19T13:39:21.000Z" ,
"pattern" : "[domain-name:value = 'azimurs.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d23eb6c6-b17e-485c-b2a3-2ae9be8e71bb" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:21.000Z" ,
"modified" : "2022-04-19T13:39:21.000Z" ,
"pattern" : "[domain-name:value = 'baidencult.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--bf3e79f2-5548-4293-8ccc-45f43acd0337" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:21.000Z" ,
"modified" : "2022-04-19T13:39:21.000Z" ,
"pattern" : "[domain-name:value = 'billiopa.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4447dafe-cc48-4b15-bcda-d2683475b01a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:21.000Z" ,
"modified" : "2022-04-19T13:39:21.000Z" ,
"pattern" : "[domain-name:value = 'blinkij.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--45bd3293-441c-4cbb-9f8d-1f787470d4ef" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:21.000Z" ,
"modified" : "2022-04-19T13:39:21.000Z" ,
"pattern" : "[domain-name:value = 'blopik.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ada00487-2c2e-4de1-aa5e-53e0b814a023" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:21.000Z" ,
"modified" : "2022-04-19T13:39:21.000Z" ,
"pattern" : "[domain-name:value = 'borizhog.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3652f949-f109-4c5a-86b5-f2e976a19656" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:21.000Z" ,
"modified" : "2022-04-19T13:39:21.000Z" ,
"pattern" : "[domain-name:value = 'britxec.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a0df3698-372d-48ab-aafb-0f4fbf9635d1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:21.000Z" ,
"modified" : "2022-04-19T13:39:21.000Z" ,
"pattern" : "[domain-name:value = 'drimzis.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--33590d94-5ae3-4853-b03b-62b9a56016f4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:21.000Z" ,
"modified" : "2022-04-19T13:39:21.000Z" ,
"pattern" : "[domain-name:value = 'fluoxi.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d295e514-5287-49c1-bc4e-8168dbacc05e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:21.000Z" ,
"modified" : "2022-04-19T13:39:21.000Z" ,
"pattern" : "[domain-name:value = 'shikjil.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--66613b64-69c5-4ab4-a7da-77cd07fe8cb7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:21.000Z" ,
"modified" : "2022-04-19T13:39:21.000Z" ,
"pattern" : "[domain-name:value = 'shormanz.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c4a06d91-51e3-4386-b546-2214460e97f0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:39:21.000Z" ,
"modified" : "2022-04-19T13:39:21.000Z" ,
"pattern" : "[domain-name:value = 'verofes.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--edf044d9-c432-4fcb-868b-df6050828c39" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:28:09.000Z" ,
"modified" : "2022-04-19T13:28:09.000Z" ,
"labels" : [
"misp:name=\"report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "link" ,
"value" : "https://pandora.circl.lu/analysis/d71d610b-0bae-4666-9a92-a5e0ea7084f1/seed-d4fz5w8r8y3HHLx-tVbbaioJfkNnwk1DOkXG3Y4s9xg" ,
"category" : "External analysis" ,
"uuid" : "6e184afc-1372-4157-be4f-c574beb1206a"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1d5d82ed-2bec-4a8a-a8c4-ad72e7771a1f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:33:06.000Z" ,
"modified" : "2022-04-19T13:33:06.000Z" ,
"pattern" : " [ f i l e : h a s h e s . M D 5 = ' 877 f 834e8788 d 0 5 b 625 b a 639 b 9318512 ' A N D f i l e : h a s h e s . S H A 1 = ' 96 b d e 83 f 4 d 3 f 29 f b 2801 c d 357 c 1 a b e a 827487e37 ' A N D f i l e : h a s h e s . S H A 256 = ' e a 9 d a e 45 f 81 f e 3527 c 62 a d 7 b 84 b 0 3 d 19629014 b 1 a 0e346 b 6 a a 933e52 b 0 929 d 8 a ' A N D f i l e : h a s h e s . S H A 512 = ' c f 72096 d e e 679 b c e 8 c d e 6 e a c f 922 b 5559 d b a c 9 b 77367 a 7 f 2 a 3 f b a 5022 f d 2 b 1303 a a 1 c 5805167 c 3 c b 8 f b 774e7390 f a b 86 e b 3 d 16585 f c 72 c 31497 a 0 8 b d f 2 b 26518 ' A N D f i l e : h a s h e s . S S D E E P = ' 768 : p d z H D j C x D 6 c z Z 8 K 1 P j O o D l 8 S Z b K s L R G K p b 8 r G Y r M P e l w h K m F V 5 x t e z E s / 48 / d g A X : p V H D j C x D 6 c z Z 8 K 1 P j O o D l 8 S Z b K s L R G K M ' A N D f i l e : n a m e = ' e a 9 d a e 45 f 81 f e 3527 c 62 a d 7 b 84 b 0 3 d 19629014 b 1 a 0e346 b 6 a a 933e52 b 0 929 d 8 a ' A N D f i l e : s i z e = ' 33280 ' A N D ( f i l e : c o n t e n t _ r e f . p a y l o a d _ b i n = ' U E s D B B Q A C Q A I A C N s k 1 S S D K E E t C w A A A C C A A A g A B w A O D c 3 Z j g z N G U 4 N z g 4 Z D A 1 Y j Y y N W J h N j M 5 Y j k z M T g 1 M T J V V A k A A x K 6 X m I S u l 5 i d X g L A A E E I Q A A A A Q h A A A A a x G o M 8 u 4 r V k W O a Y s + a 4 a n q y 1 b X P u v V U U E P H e e y u H H 3 K N 9 P H 164 o B H m 9 r T C h o O O o O g g U K D 72 J J 6 T Q Z W a f o B o I y o e N l Q y s 6 G R a N t A m i Z m v O f R z A c O O w n o a m k p + M v / X n / T P x i 6 S L z U J C z o Q y P 8 / u J p U o F 7 O j i E G b F 286 m c N y M 3 O 4 R T t F E 3 + 4 j p j Z W Z p J d X D S + j o E g A 2 F k 9 M J e c s d q 4 s r m 1 X k v 8 Q T u Z + 9 A o H p l Q Z r k R P i / f 0 G T X 3 L D t o U + x v D 0 w b r F e t f 2 x a p e p p K 9 j S 6 J p C h Q 6 O W h + 0 Z c 5 Z 0 q x B V d W k 3 g Q y z A T D N 8 g i A 2 M 4 G W 0 6 E b / X U i n Z I h v Q x 83 f G 1 j 0 V G M q a 0 8 X 1 T B k 6 q m 3 a 5 U I F Z S 3 y 47 g S Y y F r 8 U I 3 u u 6 N w S L U B X 9 g Y O d Y 7 x p f o l U 8 j N f b A d e + b z M + 0 K J i N u k f N l b k 6 A D r k l 84 b K i G s y D e 2 x a 7 H k g a d O n 184 o T R m p R F W U T Z f y R + m K A 2 p p + 9 j K h l J H w i 0 F X w g u b f C 0 z V q v 0 T 6 B E 7 V q p C T h U o K V h z b 6 D w 1 b J i C n 28 g c x S U z a + 4 E P W v e h R 8 C c u W z Q f o G 5 p R Z t C S q w 4 Y 4 A e t X I L e F Q g d j f P E l N z P X V l 5 J B 6 i R Q G f / 73 R O k h D n g u v + a U O J 4 M u S U u P h T 2 u 588 I Y / q q K A / 90 m Z u f E u 78 j X x f n B G S W o G k y / Y + 3 U 2 n N p E T G 5 X O m Z r 1 N 5 O F R R S i x l V P h c D L h T W d P q p B D r c C x C h S 4 P J R A Z s x v C b 4 o f 23 N 8 L c 4 W H K + 3 W + g O O l 7 t t y 7 Z 6 w q c o b B m O n j w C X q b S + y i 8 L J p p L g x H E v H 3 / S d q 8 V i L o 4 i o G g y E 3 x 4 Q d X s 4 R 8 O 1 k R e T 5 R C V j E t y 0 8 f X E j m U N s q x X / i n T L l o w a h 9 G p 5 W j x W T A g r s h U Y a u m E S c B g x Y A n b s e l U S z A n s G 61 y T R 3 m g V U L Z p T P I 7 c p x A W W f K z 6048 U e y I g p 1 z H o C 6 g 92 + B N 0 R V k y a d / 0 m G c s z a I F M 0 M x V C I 12 l 7 Z u q Q K c r h a 1 / x E C r P f T g t h W o P a 4 h e e 0 H u L g Z 5 k F W w N G 68 F n 60 V m K g G k s J y x z g p K 7 K e c S p / m h 9 p p q k S S + v o T s i Z A 95 M F c f i Y o 0 //k5iKRtvJt1VtwAOMFkNtuIGVCBjsqa+cwx89pN44TTKiLG5JQ4M4hqJbWwKVTEAA/OciSA0Ha72JoQCtvQ9mEj9muEBOBQSVpcsTWL2VaqkXoSgACnUJgHekwmXNDot8cdFnywEtedrcs/weg4S8EOFpmVOEYNJbeWKreCpowhLuughxeEMiHeM39TiMRQrydveKB5ejwhmlwBwNKx6yX/IQD35918Gbo9QIstDIXMUZFyyBxYfHa9cJR3wm4QpZc7mnWWgKGWXU0Yd3tGunXwHZbq8FGREF5Rq2dLfJ6ZYn/krUaRupdFpkfeHRQGvW++7gbPX6c6u7mvPhA5RA8OFa+tpJlM5ShZGo095c2AH4Qm5oENwM6J0pt4fjIj1t+PZYpMAwh7iRMMJYxePw+SldHEvJewBXlfX2nDItwRTpfaBh0OG1BCx19damxw+xm0cQ1EQ3yiCSw9usqkp81LGmV+6rbZ9g76X/OuuD9hbccDtB5epJxTvKwoZYRwWqDtVDZEQs6ZdFdFqQGqUxgjyBLSrNWWFbQan3nm7awvq2I6n4ozsSgtRdydtKq824sBNVW5egCg0jqPGJXE9x8kNwClZ8ImBhVPadgJ1mEHaHhqGMljOeRz6YQMhh1oRcJl4JCW1cEtGLar4obbWdaHUpMaZB4kfm3K3pWhUnyJegTZ+W4SH6lgjtEtbyjgNrW/p/R23TFyoJm1J0BzhfqEegJ5/etX9qyS6xCKw0XP1GfB4vuw7jn57n43gPEJoh1HJ5r7sulKLnQlSgh23C3kNfOZl+TvLgJHcLKYvlz7P94L+nG6dyH+y00Fc40QQkXx08unZFZPna4JATk4mio/y9RN7u7FVcqSo4p/1CV6oTiuZ+GqdaWGrRbYpOqSxAuUpveOVhw+VQw4CGJ587gI07xnKLKAnKSqyPYPyCqwFpCre4AvLw+HkzeFyTFMI/WvZ1/YonRR5PxfvDLsW9Cn47RMobAlmOdQazmOcl7iEUNKgB1HEF4a5WojB5CbA7oDGXLS5MNJ5fQTkvEiF2iE/FGFnQ8qQA3GhfOzSdx9QHo93R2qD1OvBtIk0yCiZjAoIx6PxUTBVWzrYx3JWVkaBGEYQt7fu8BjokC18GLi6dSGHJU+ANgNbuh3v/Q95FI94eucb7hCMVzVDG9W1YJJ4TjjRRsZjEf8TCwtf9VvwyhiGQrkHTraYRyd/EU0y0009GqvJH/+AY/zptsgkWErZiIPJ4QHNizHCTq+hDsho7HfevVqJ0j/g2zQc7cXGJGXmQ2aAl4EfR9b+NRa3pT/tmUDDdqoUbAx0+obNpYyJgpUnxWId/SvyHmrH+6f07DjTvbDvhMchBFaqXx43E5USJEmGc7i+5mGOWFxV207XFAtiIupJ4ItOj3Sonie+vn41C8IiupB/7cQF22a/zIFKy63w6/F+XVLKokYxIZ3GDFTxicZirAHUIv+rmoHiUENmTGkKuF141gbjCdmBv5flVcGZlOZzH5DpgmH9E9R9IMkKUqgsmj0R2HQzaVT5vYs3onfVa2ZuC18LNrcGSCdY8VI6Kf0LpVNMvjctXdryZLkq/zOIZRK2JaWX6AjLAepbBXV2tpxXRpkkyEhpzA9xbmbnu8teYjVEweEE3vNgefqrmTmA5yuE+yhtK9uZBRsadYbNW4aUC7WLi9AT4+3WmGI3QyClc+65mmm1VTkzSS+Vyf0586BIC939xf9sCz/r5AQk2gMgJWXvXbD7kX+TfD4FHiLeAGkSYqkNuo5QUxYxfBsg8BwYpf+bk3WYEpEb2mBrmQhTP1j5WCpVGFD6AGYhB6Xc+mAaQyqcMlYXOreKTyd+cVGxehdNJ5xwvNGBUAb6Iqln56v5xmk1rAtiafiPomoBrwVONqoHZxgY4nONY1zCpvwH1YTWVgPHLWHUgO1ci2oC+mmliN9H7IBKnfB/V6aAX4TZp2axppPnRo49g1YCBvflB5lHw46nEY/2Ozk49bsvZrzy2PTlippg6iDhnEfx0TwKFDRO/D3qYKBhXxprX5xCeXWqIfNhOfxe+xCrgVrwCqesI1/jwkCYBsFhURTov8dpCGzjGzfQSBrkRzk8LY1/FuHURi7ZwIv0rRPeD16ywP+fV5Trxi4/p8T2B7BM5rTuuvMz8noKxH67KA2P3OXvrfyieKwqqojb1RYI5Y/S072HSxYf9S2trJyklbvkE4IIFLOOXk7VJiV2/8SEj4CW0shX2Blao8PVWppqnbMC7zti5NRw
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:33:06Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c4725d25-2953-4fbc-be2e-c3c960e68f60" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:33:07.000Z" ,
"modified" : "2022-04-19T13:33:07.000Z" ,
"pattern" : " [ f i l e : h a s h e s . M D 5 = ' e 28 a c 0 f 94 d f 75519 a 60 e c c 860475e6 b 3 ' A N D f i l e : h a s h e s . S H A 1 = ' 34 b d 51533865 f e 0 3756e7 d c 0 0 f 21e1 d 5 f 477 d b 6 f ' A N D f i l e : h a s h e s . S H A 256 = ' 9990 f e 0 d 8 a a c 0 b 4 a 6040 d 5979 a f d 822 c 2212 d 9 a e c 2 b 90e5 d 10 c 0 b 15 d e e 8 d 61 b 1 ' A N D f i l e : h a s h e s . S H A 512 = ' b e 5171 c a d d 8 f 1881 b b 1 a 9 d e 0 0 6082 e e 0 0 3810979 c 11 b 503 c 511 c 8994 a c f 31 c e b 0 0 2239 e a e 6 a f 8 a 910 d 84 a 7 a b 672 f 257 f 607 e f 11 a d 0 0 b b b e c 8700823 d 88 c d b 0 93 ' A N D f i l e : h a s h e s . S S D E E P = ' 49152 : Y S 74 R W c C A C n 0 4 h d G n i Z H 33 w a e h C 6 C J C R p f B k 0 I I W 9 S + c C s t 0 3 W I b f E W v + t D 1 l F T d : Y S 74 g c C A 94 L y F T ' A N D f i l e : n a m e = ' 9990 f e 0 d 8 a a c 0 b 4 a 6040 d 5979 a f d 822 c 2212 d 9 a e c 2 b 90e5 d 10 c 0 b 15 d e e 8 d 61 b 1 ' A N D f i l e : s i z e = ' 2448384 ' A N D ( f i l e : c o n t e n t _ r e f . p a y l o a d _ b i n = ' U E s D B B Q A C Q A I A C R s k 1 S v q h r F 9 + k O A A B c J Q A g A B w A Z T I 4 Y W M w Z j k 0 Z G Y 3 N T U x O W E 2 M G V j Y z g 2 M D Q 3 N W U 2 Y j N V V A k A A x O 6 X m I T u l 5 i d X g L A A E E I Q A A A A Q h A A A A W Z 8 g H 2 K C S X U a e N s 61 K i p D 1 R Y t 2 i s 2 b g L 87 d 41 b G I H h 6 o 0 A Z / W 5 T G P q R 2 j 4 A B j F 5 u j 3 X 92 Q w X Z Y S D 9 d C z L 0 X r 68 D E Z X w l z F u V Q 9 l 4 w 2 b T I d 9 B Q l 0 Z v Q m p m a P y T Y y + o M s Z F k 140 V 50 h O 7 L 8 W L G M X f 5 P 4 x 2 J U 1 b D 7 p H M A j Z x 7 o R C q r g Y F A b 0 E W / a M X U b V m Y / K T e i b 4 H N o r m F 8 r 5 m V k i X w Q x / G V K 9 a 9 O W Z i l L s n K u J F D G p n t x H M Q M T h J d S A / 3 I C T p t 88 d h g f r A l x s f A O l O r H i f q + I D i y x P W U h 5 g E Y I 9 d U V z q M 6 H J E V u I S 0 f K 64 s M O r U 5 W R y w c Z s G n K l C V 5 X 4 E e 0 X k 2 r U K I t F 6 U f V s h d G i k C A g / w d F z x P e p 7 C 45 f R Q L 4 t J / s Y n l o 9 S b J / I F y k U e u 7 d V J c / f d f k h t S W / a y P T N o 6 z y 2 z M 6 B I V J 85 i V P B y B q G 9 Q K 6 V H V 1 e Q H b J l 1 U V x S X t N i z u j N + r F v 7 c l V F B i 7 Q X q m M H e v 0 i a N l X K S x l l o k u f N Z I g b 3 n 0 m j 0 z 5 x 69 G K J h B 6 C 0 D C 8 n T c Q 0 1 z l X 6 K Y 1 W q 6 + q B Y k Z P Y f O s D X D X j f f Y g 6 s V I R M K G R R u e 3 I K i S z e 4 + J l b c D R 4 c p X + l L / 8 Z l o c r M u D Y v S o o D E 9 M x E 8 c w D j B D p u 0 k O b + D 8 + 9 z H q 7 X P + w I i V u Q K / x Y W B / U T i 79 M 4 B B o O J s I + i S / o n 7 n 0 N r i y N 64 b F E i S F k r e D u a P P G t I I O E 8 T N N E c a Z y H L i B r 2 x C + q u z s X z 0 P n h S c m g s H L R C w W h e S b O 7e2 O M T a 3 Z w L w X B E l F O u b O z y V S g L 7 p u w E v o h c 7 K o N D y o 0 3 e w G 0 c f F K u 1 z 1 M z t R 6 Z Q o M 79 q a d G N w I X t U 3 x m h U x H 4 t 8 h p w 5 W Y s M P u I j Q q o j O Z b 8 m D i Q N n 9 L 507 x a Q Y d L k G h m O D 5 W Z + D M D 5 z Q 8 / 9 M Y c L 4 W M U w z T 4 o s 9 n a M u P M 7 H 7 V Q Q 8 i B C 7 Z i j y l h S a b F G E m F 6 i D f M L a m o D r e Q a R U j X T x D d M K D M S T / 6 z 7 V f l I v / L U J + + Q 43 e D w a l d L Y t Q N W n c x D q Y A P U k 7 P O h B Z X f i O u B M r 39 b 7 + Y P 129 H R g 3 T O r 3 g 8 f o A c Y q A m v F L c e / Y p V V G X 3 E M V 5 O A 7 L v p + r P + E 6 L Z P c f B 9 T / K T U d H B I 9 r q I L Y B 9 y J Q h T i Z 3 L R P K u Z U x P r 1 p 6 H X E 7 e F L / M E 7 B s a g + E g T s x A m E 9 r g f P n W W 9 c T f t 1 d X H 1 M b O 3 y F h + i l a 0 3 / s g k c S f g 17 p e 6 i 3 y a x C B 5 L o V G Q c J a 7 B 31 W 1 D t a K l S Y E A y s e u z C 1 I k y 4 k W 6 i W d 1 F B H E a F p 6 u y Y w q l o w i s x B F N m 1 K x 3 m d b 0 W c 4E9 K f M o 6 i Q 6 v n 5 W B d 65 l U t n m S Z A F S n B O t k B g 8 a P / i Q J M W R 3 t c i 6 Z o e L M Z P q x 1 U p R H 1 g D Y k H A L l C N N I E V w B u v D w T e g 6 e a F E 9 d h i F k L r 0 A E a V w Q y p 3 Z N Q P / d F z 3 e G D A O q t f D I M x 7 r g S H X 6 w q w j M M q 8 u m F + 5 L t R P G o 5 X Z I f p o n g S / 75 R 2 s I V + W M b h q O u X i 9 Z o / X M 2 s f z O A + / U U O 8 F r 7 P 3 X 1 d C C G M y 6 d e B d u i r + r M 4 M A T f A l 8 b h C B C a L 9 A 4 b I f C N J q G + u 7 P 1 w j j e 8 K r H k 3 n C s W p N V R H c 4 i 1 D 3 e u O a n M H v K S r D p f c H C 0 Q C 0 z 4 L x 5 p f e V y U I 6 r q Q 4 r k X I Q N o 190 J X z / x l d 1 O h 9 d L r 13 S F a u y B H 4 Z c q Q k d J n / D d s + O o 8 c g 7 B X w c S U E T r W t 9 U J n B a S c n b 5 s C / L R t d 6 e Z c H U k D 7 V r q K p k i D c s L x 68 o o l b b l B E t U x e X O r n z 5 n H U T V z k J G Z W I H Q P X H u 0 5 / 0 F l 84 / 1 V I a e L R a r W M 2 u G o Y 4 b w S Q N d T X y l k z D 6 E c 2 z 4 R G D n 2 T 6 l 8 L s a W Z O s Z E K V k C 8 i 7 f + t p j X X / D b b E U E D D 3 g B Z L w + S + z R T T f l J O B G 1 q o y b T T 527 j a 9 C 3 u o T v m q x p z u A S 6 D n H r e 94 B o 4 s T X 2 z o I 9 b O Y M b S / E m o 3 j s k C A N Y T Z P / k N X h Z a V V R N 1 x 1 m M y / 1 B B j n 8 V h U b t E S S L n N 5 s C A 6 D M C r w w O 2 R R B Q p 1 J v 0 1 g i Z C 2 Q f S F P o b 7 n f + c h h 0 V 0 e V i R a I N K e O 4 C M T b Y p n h O X k N i u l k w 5 U g q W 9 f J T L B x H g 12 F b Q e F 7 x k o r x u w K k R P a O Y 1 S y K J z x 0 C C S 5 T 1 D C o F T C K W 5 o a U F X 4 n p 3 n l I 5 y 7 O f k 275 J U e T g l V U / W q h q K w 4 n C A Z v h o s Q o U / e b t 3 h A d 0 U v Q t Z z V f P 5 r l v 7 n T X M K V t o F b g G X F l Q H s K g y n H 0 6 S y u u o B o g s P c d l b A G c E k u o x 30 E h 3 A Q 1 n 7 t h R l V I 8 j n m R g o L 4 k J 2 V t H I 41 Z 1 F m 6 f 3 h T E + g w g o Z / t l s u i E L G M B X C S L w P E K j B / I R F r e d T m L L q W 9 g 9 I O P + T j D j m t L q D Y y o 4 S p l d o n E j z 27 A Y r z k l 82 M J a E T r B D I I 57 J R V + B 2 M S 3 H M H O b t Z z x N O b a D w 6 X K T t y o R R i 5 Z 1 G V v D W G Y w z M T B u M Z o J H A I w 3 W R 9 v 5 x 8 x 2 j k K k n r 4 o r y d w F J m T j i 8 w z Y z q o M / A T H q u q 9 Q 8 Q j X 0 / y + K M C a J 1 b c S h q 5 A W 9 W 7 Z M H Q W X c H o I T s z G h w F f Q 9 J 76 Z B d O 8 Z T c y H S Q T 78 d 8 C w q c L M y i f o p G i X q D j S 9 I k g 7 S B f 3 + n k 8 q U w R p p 6 X 8 G g Z B u g x + L / I Z U R I / I m t a H 0 a N f R Q 4 n Y 4 u y q L x I a W 1 D i l Q 9 t b N W / m 3 n v 6 x h G u a M n x w W Q i b H l O i c A z a I R N 6 K T s 5 X o Y G w r o d L I b u s F 0 y 70 g O T o O o j X + O z S a U r Y 6 G U e 5 Z a a Z j Q m a F Q 3 j b B 3 Q f x + e p g B W U + i F o t D d q G 1 Z 5 V F k 0 2 H x m c H Z C 4 f S b + 3 f u 2 D f W C p q 1 J 6 D E 1 X Y b D s H 3 x 9 l r U n o 9 / t + 23 / R 9 m 9 c w F h s S R T N v A s f S 2 m i f 1 H t 1 u V S 4 Z N i P g 8 N b 0 Z d h + t w 0 o L L K b r n z L i W t D A A B 2 d x z o r a h I P o W h a h V e v 5 n G m 14 j X 1 J J F 9 b P K h G P w 0 P 23749 r P Q F d o k g m I P y i f z h 4 I 9 o y 7 J 6 f v i p / I h F 1 I 3 / p f 2 s n 9 d p B Q N X t 9 P z 6 N m G M b 7 X x g j v d Z Y y 1 R X S z 7 n D O v 8 f k m M 8 Y u R 93 e c X V 7 X q 2 Z a W H k / t h y Q 1 C 3 B r 8 y g z y f Q f h L t v n A 3 m y v Y A U w f w i j V z J z Y s h n v b 2 S Q i k U E f k o E j s c V e v y 1 f Q I v D G R i b c B n w b G Y L o g i E / B i U u K 2 m f G M S o n / O q y j U T v a a d a l u J 2 E y v H U j H 1 Q t r S I 8 z f 3 y h Y n 2 C 9 k W l h H 8 y b Y 0 o X 7 c h r F H K v H S C x F n K s X S x q a c Z f I n 4 H m o y H + x D U q R A l Z b Y h 3 i n F t r + c S 9 o 5 V g 3 C c j n P p M F v U l e n D M 3 z G J n E m r 1 s J p Y + j p w A 1 v 48 C y f x n Y T 0 o z f v X X + x U L W r i x K P 7 B q E z + L g J u f N 1 g 81 s L J b T W I Y F Z + v X x + e s q n q T z W k I v g a T x r g e x 0 + o p E + R T D W D n t c c E W L Z e G r l s f R t D F 1 G 38 k e 41 g J n P A
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:33:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5cd304a2-a4c3-4878-95df-6c9da9a7fe29" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:33:08.000Z" ,
"modified" : "2022-04-19T13:33:08.000Z" ,
"pattern" : " [ f i l e : h a s h e s . M D 5 = ' 637481 d f 32351129e60560 d 5 a 5 c 100 b 5 ' A N D f i l e : h a s h e s . S H A 1 = ' a 46 a e e 6e5 a 4 a 4893 f b a 5806 b c c 14 f c 7 f b 3 c e 80 a e ' A N D f i l e : h a s h e s . S H A 256 = ' 1 f 1029 d 94 c a 4656 a 577 d 554 c e d d 79 d 447658 f 475 a f 0 8620084897 a 5523587052 ' A N D f i l e : h a s h e s . S H A 512 = ' 604 b f d 0 a 78 a 57 d f d d d 45872803501 a d 89491e37 e 89e0778 b 0 f 13644 f a 9164 f f 509955 a 57469 d f d d 65 a 0 5 b b e d a f 0 a c b 669 f 68430e84800 d 17 e f e 7 d 360 a 70569e3 ' A N D f i l e : h a s h e s . S S D E E P = ' 1536 : 1 c c L O u S w R 3 W 8 v M 1 p j d 8 M p G w I M E S U n W W i i d x 34 : 1 c c L m 6 W 8 v U B C M p G w I M E D n q e 4 ' A N D f i l e : n a m e = ' 1 f 1029 d 94 c a 4656 a 577 d 554 c e d d 79 d 447658 f 475 a f 0 8620084897 a 5523587052 ' A N D f i l e : s i z e = ' 60992 ' A N D ( f i l e : c o n t e n t _ r e f . p a y l o a d _ b i n = ' U E s D B B Q A C Q A I A C R s k 1 T a u d p C V u 4 A A E D u A A A g A B w A N j M 3 N D g x Z G Y z M j M 1 M T E y O W U 2 M D U 2 M G Q 1 Y T V j M T A w Y j V V V A k A A x S 6 X m I U u l 5 i d X g L A A E E I Q A A A A Q h A A A A B 3 v o d C 7 U Q C 9 u 2 o p G j J W Q 4 d 7 C n + Q F K x V I X m N y H F 8 S Y c p k J u h R c u c X c F 3 a G H r q w K p D D Q x Z s c A y 9 //5pBObllBYKwwHP8cACzmtPgfpr02aYohc7xIVt0hwLjFpmlqKZ/0kE2/3+Sc2xNEs9EPZEfynIaKk4mBVVJtFEqkiuRGB2jWhA9/XPtmRZiGAvaQc2IHKbMtGYLlWXVo52aYNoVW7HAuOBRn0QcvxxsmppP4PDjcw/nY0C9H5u85DbpmVf9VI1RdHk0jSIuLyUe+tCOuTfVW6HW8B6cJnyoN3moGVzXJ7chHvVBrpx+heb2M8n8l0bRU43lb8wgz3irGWLQ2SnaaSYzxgHuQyxs7e6sgeRb5zBdmTWG1hdmaPa1ezo8WIyuq2gdIK35RfQlUErrkOLOZnWp4LHNdsMT+d+VThg2j7Qtkr0IiRfxw9d+SO4ca7ihi3Adp97IhIblqKquVVUc+pt929kVAYRl7EgPFI66HPNgpiKtyRtNhv4DaFhiw0NjxK7SUCXG1NfK2flCLjeIiPPJ7PUxpXh+ZBWpYA4nZ4oZXI9tGNA+7uAR7q3dDvuxBXhP8WukXpJ0SLEth5Bg+Y7PpwhObKT7aswM7Eu6oH/fSDB90NpJh0KawqzLRJJ0PmK0P3uuO18AM0XMFcAv0jhH3V2hLfnwfybXMCLluWXuG3bj9bkaimn7qW60SM2+vuwbPoLowQ4E53wvkJHm9DQ23JUWMeK3a0Hf/PTGcIsZfZq7ygqK7Ho1e/y1HKjoHIRg+q1/mhwubCU+AjnILW6ZXhwfxOS5Ag37GOFnrkTHMWIFpaE5G6HOnamDK/vORVjjslyhd207KADrrNhsUMjIia+ve80Q30c1aKg3Q1eG//qqcZRK+WvO+Yh+juTR33+nye1BXR+qLyi22UWkbx2g5BL+dyR/+O3tZuXNQ+7QeePiEkf4Owm+JGBL7AU3kU3ATOckiD9+R11PWq1QgHUzTjfEmxi0i/v+DvytI/ZqxBTrtDSOYGkWnKGTLKJbv63kL9nKPTjM6zFs4kFyqoV8oWyBTWSVMwPsaEERzEsi817ymdh7Hgv462E5Ya/5aKr/EoBgqLVCkS3+7ybD/z3g/JvEIOyVeSYv5oRnCSpqd8LX0EXpojKm+xkUTHOpjQsGIfgsdONh0BNMaHjpiL8fslqTWvRAMksv/ZGSTMtCh2udxRHyVB9/OX6DANcBRRVocOLyV+MxGqTLUQ9bNzCKilrjV2LaVS1WC0QnuTPmQTreFgZ0HceFr63hmZo4gdkBS4CLW9zdEvQPt95prMeD6Bs6/vHnwgYUAQAMm9VukoDHBlxEbbxL96reNIJPVrJZNIHrXYLbgbVNTeS+TQh7F9P78A2JEKsP88SWYAFBQCYrgbmh7+sPWrzjkk1xdLJnfUFHPdfLkUKEpcQN7SaOHP7ejQDogLTHB2B0FzGG2t0bvrK2ej5Xk+qbmZ0/6byNpN+zRP79AxwmWC4XAgeCifHYD7OCEjaZ5YrHTxD1PlyjFARZCZag6TjZT27cmYpi8QuqAzOy9CM2auXqQzCKNHmC5koSJEf73Xpv926cE10qys2gcHGYov3Tv+I6TNYgh6MfBJ97moSfvtft9GtZvFv1+UJpn8SMKg6wqoq0BcE8bEwgGKlj8SgArntDiE8IPT7fQYW3byY1L57H9WO/SfNYzwSgHDncpoBAQZ5arJd9LSeD8evfmolZe4kmOlH7b6jxjDVUsUrq0pozM7aHVUU0qZZBRgu0yH/OvoOr6q7Q1kB9/VQ+Xy7A+ny8F/VqTMVEa7gch8LGuL0IN3UMBspWcwOsAOG+2WNNtYDOR1gAbIKLUPHTLi0/uQdxwGt+ME+8e/qV5haS/tj/YgI6ZkYFoL5ECV1kWJ9t+rNDWciWKVfS72Xs24zS4zaL/FgTyad4YZyG2Gr6nQgQJcYB4rOOLPeFArgmOOVWOqIxrNcOUuYxoqvBQAH0zsIFBH6K46DfGYVm1VA99o+ciYjoE3DiaaEwQ0AMMPVjxNYXGfBz5oF75zHjCPTHpgQK7LxfN5U4G56VJhFgHGdHq/WL/u000EQg2K30EsJZZc7lBr0g2GYM5l+85wn8duagdsj4xMZPRtiFWeFqGYxqHX6AnPoefqCLo1nWrx79cCIsq3t9BvFfvS3vqudk4lniFcIrb1Na86rM/22if3j6jA42zRJTzisoUGkYC8+jgDV67dOjNDMNGFTMQtb884mB8PApyO1TiL753t3xphklZF3XeZVEtHK4ot9JWYXiHJafHLSheTw2EpF+S++5E3ulAuxcQiseGNwZFluG2t0fFpDzo4MS/TiSwgaM0FETzF7EYhkVPhuV89AUyyQ1dQPv0A3qwP4DcXb3lZeKv6lm8O3XA57xGIAO366Bh79vp+zOtZ06EQjgzO1A4YLwWGYz+0V+8iOeRdChrrT/xCe66lCKthkuDnXibzgkl7E4cQ+3SLvtcWWvbUA9OYB/f4jqeqc2Y6/6dnq75RscmDkoLOx2Aa+08tK4rJxCYC+ryngvcEw4lBcUyxDlSCVqU2s4Rkz7BavID/egO+RAfmntGAbvc353yeAauWcYBSyrVp0ui15IfmOpq+BsBHrf4mrgjbzKi5cQ6Ja4XDB73Mlbheiu2waxq8l/nIvLiKE2lE6FZlwTNhADuRer3L78OVSgZ/tXAung0nkcWr3xtqn36k9WMbJUGD2/0CqKcqktxtUAyDqAoiaRnQ0Bb5+DyOB2U4GiUytdEqNJzC2aeLNpDGEDoAEYP9ppNPLaGv1LUbqPoColsjk2ujNYwK7tHkSR492TVhypYVuqJxmUO7xjiyeVvtm8pMIJc6UYvGsXknjvL+i95HF2aT0xLJ0EBID1D6rUmf129aZ7WrQwEvmWz2ornnIA2XZZ/eXwgbU3aOWMQpCipBqrA86tzy9TgghoH9UCIAIVh8zxxv2pWXPoquzAf36KbW0W5XHr8G5YyDMwGhXoqYhKEFAp6yF8QL+Q+Qc9v9lleW2UGPykfLvlWkKgS14ph0AtXMUficrD1hEBxsHuqSpxRG1mfb0ZTFgJ/PnYj+U1pbQEerTzkuFQCzryG9helZ3a3nOnGYRjgfYE3NcmaEF3B272rMTEVKGBiXI21eRzQ6s+tNUQMW6MPrLsT1P3jhZVJWRC6OPSryIDpNHCpQcGkpSIUlK/Np+JLnHFV5/s/836wLTm2qko6jKdhjaU1UcSzjwvjWdPK+h0FgPOgPwRSn9HrlqBpJrdA2y442RqoN9jXA9tmSpv3/p9jSX/ewt+qRFlbhntLIdyahuGWglO4K5It11jI4/xc6/FNe2oVU7tBT
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-04-19T13:33:08Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--630cc256-f367-4f5f-83f3-757a28c587b1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-20T06:22:25.000Z" ,
"modified" : "2022-04-20T06:22:25.000Z" ,
"labels" : [
"misp:name=\"report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "summary" ,
"value" : "Original page from CERT-UA" ,
"category" : "Other" ,
"uuid" : "70c5c20f-987a-4629-a359-0e12b00321ff"
} ,
{
"type" : "attachment" ,
"object_relation" : "report-file" ,
"value" : "CERT-UA.html" ,
"category" : "External analysis" ,
"uuid" : "01348668-eae8-4b79-9340-ff3f8d952a0f" ,
"data" : " P C F E T 0 N U W V B F I G h 0 b W w + C j x o d G 1 s I G l k P S J f a H R t b C I g I 19 o d G 1 s P S I i I F t p Z F 0 9 I l 9 o d G 1 s I i B z d H l s Z T 0 i Z m 9 u d C 1 z a X p l O i A x N n B 4 O y I g b G F u Z z 0 i d W s i P j x o Z W F k P g o 8 b W V 0 Y S B o d H R w L W V x d W l 2 P S J j b 250 Z W 50 L X R 5 c G U i I G N v b n R l b n Q 9 I n R l e H Q v a H R t b D s g Y 2 h h c n N l d D 1 V V E Y t O C I + P G 1 l d G E g Y 2 h h c n N l d D 0 i d X R m L T g i P j x 0 a X R s Z T 5 D R V J U L V V B P C 90 a X R s Z T 48 I S 0 t I G J h c 2 U g a H J l Z j 0 i a H R 0 c H M 6 L y 9 j Z X J 0 L m d v d i 51 Y S 8 i I C 0 t P j x t Z X R h I G 5 h b W U 9 I n Z p Z X d w b 3 J 0 I i B j b 250 Z W 50 P S J 3 a W R 0 a D 1 k Z X Z p Y 2 U t d 2 l k d G g s a W 5 p d G l h b C 1 z Y 2 F s Z T 0 x I j 48 b W V 0 Y S B k Y X R h L X Z 1 Z S 1 t Z X R h P S J 0 c n V l I i B w c m 9 w Z X J 0 e T 0 i b 2 c 6 c 2 l 0 Z V 9 u Y W 1 l I i B j b 250 Z W 50 P S J j Z X J 0 L m d v d i 51 Y S I + P G 1 l d G E g c H J v c G V y d H k 9 I m 9 n O n V y b C I g Y 29 u d G V u d D 0 i a H R 0 c H M 6 L y 9 j Z X J 0 L m d v d i 51 Y S 8 i P j x t Z X R h I H B y b 3 B l c n R 5 P S J v Z z p 0 e X B l I i B j b 250 Z W 50 P S J h c n R p Y 2 x l I j 48 b W V 0 Y S B w c m 9 w Z X J 0 e T 0 i b 2 c 6 d G l 0 b G U i I G N v b n R l b n Q 9 I k N F U l Q t V U E i P j x t Z X R h I H B y b 3 B l c n R 5 P S J v Z z p k Z X N j c m l w d G l v b i I g Y 29 u d G V u d D 0 i 0 K P R g N G P 0 L T Q v t C y 0 L A g 0 L r Q v t C 80 L D Q v d C 0 0 L A g 0 Y D Q t d C w 0 L P R g 9 C y 0 L D Q v d C 90 Y 8 g 0 L 3 Q s C D Q u t C + 0 L z Q v + K A m d G O 0 Y L Q t d G A 0 L 3 R l i D Q v d C w 0 L T Q t 9 C y 0 L j R h 9 C w 0 L n Q v d G W I N C / 0 L 7 Q t N G W 0 Z c g 0 K P Q u t G A 0 L D R l 9 C 90 L g s I N G P 0 L r Q s C D R h N G D 0 L 3 Q u t G G 0 Z b Q v t C 90 Y P R l C D Q s i D R g d C 60 L v Q s N C 0 0 Z Y g 0 J T Q t d G A 0 L b Q s N C y 0 L 3 Q v t C z 0 L 4 g 0 Y b Q t d C 90 Y L R g N G D I N C 60 Z b Q s d C 10 Y D Q t 9 C w 0 Y X Q u N G B 0 Y L R g y D Q l N C 10 Y D Q t t C w 0 L L Q v d C + 0 Z c g 0 Y H Q u 9 G D 0 L b Q s d C 4 I N G B 0 L / Q t d G G 0 Z b Q s N C 70 Y z Q v d C + 0 L P Q v i D Q t 9 C y 4 o C Z 0 Y / Q t 9 C 60 Y M g 0 Y L Q s C D Q t 9 C w 0 Y X Q u N G B 0 Y L R g y D R l t C 90 Y T Q v t G A 0 L z Q s N G G 0 Z b R l y D Q o 9 C 60 Y D Q s N G X 0 L 3 Q u C 4 i P j x t Z X R h I H B y b 3 B l c n R 5 P S J v Z z p p b W F n Z S I g Y 29 u d G V u d D 0 i a H R 0 c H M 6 L y 9 z Y 29 u d G V u d C 5 m a W V 2 M j U t M i 5 m b m E u Z m J j Z G 4 u b m V 0 L 3 Y v d D E u M C 0 5 L z k 3 O D Y x M T E y X z M x M j Y w M j g 4 N j c 0 M T g 0 O T h f M z k 2 M z E 2 O T Y 0 N z c 3 M D k 5 M j Y 0 M F 9 v L m p w Z z 9 f b m N f Y 2 F 0 P T E x M S Z h b X A 7 X 25 j X 3 N p Z D 0 2 Z T V h Z D k m Y W 1 w O 19 u Y 19 v a G M 9 V k M z S 0 w 1 S G R R d 0 V B W C 1 B M 0 o 2 M i Z h b X A 7 X 25 j X 2 h 0 P X N j b 250 Z W 50 L m Z p Z X Y y N S 0 y L m Z u Y S Z h b X A 7 b 2 g 9 Z D Y 3 Z j F i M 2 Z i M j I y Z D M y Y j J i Z T Z j M j l j Z m J l N G I z N m Y m Y W 1 w O 29 l P T V G N D Y 1 R k M y I j 48 b W V 0 Y S B w c m 9 w Z X J 0 e T 0 i b 2 c 6 a W 1 h Z 2 U 6 c 2 V j d X J l X 3 V y b C I g Y 29 u d G V u d D 0 i a H R 0 c H M 6 L y 9 z Y 29 u d G V u d C 5 m a W V 2 M j U t M i 5 m b m E u Z m J j Z G 4 u b m V 0 L 3 Y v d D E u M C 0 5 L z k 3 O D Y x M T E y X z M x M j Y w M j g 4 N j c 0 M T g 0 O T h f M z k 2 M z E 2 O T Y 0 N z c 3 M D k 5 M j Y 0 M F 9 v L m p w Z z 9 f b m N f Y 2 F 0 P T E x M S Z h b X A 7 X 25 j X 3 N p Z D 0 2 Z T V h Z D k m Y W 1 w O 19 u Y 19 v a G M 9 V k M z S 0 w 1 S G R R d 0 V B W C 1 B M 0 o 2 M i Z h b X A 7 X 25 j X 2 h 0 P X N j b 250 Z W 50 L m Z p Z X Y y N S 0 y L m Z u Y S Z h b X A 7 b 2 g 9 Z D Y 3 Z j F i M 2 Z i M j I y Z D M y Y j J i Z T Z j M j l j Z m J l N G I z N m Y m Y W 1 w O 29 l P T V G N D Y 1 R k M y I j 48 b W V 0 Y S B u Y W 1 l P S J 0 d 2 l 0 d G V y O n R l e H Q 6 d G l 0 b G U i I G N v b n R l b n Q 9 I k N F U l Q t V U E i P j x t Z X R h I G 5 h b W U 9 I n R 3 a X R 0 Z X I 6 a W 1 h Z 2 U i I G N v b n R l b n Q 9 I m h 0 d H B z O i 8 v c 2 N v b n R l b n Q u Z m l l d j I 1 L T I u Z m 5 h L m Z i Y 2 R u L m 5 l d C 92 L 3 Q x L j A t O S 85 N z g 2 M T E x M l 8 z M T I 2 M D I 4 O D Y 3 N D E 4 N D k 4 X z M 5 N j M x N j k 2 N D c 3 N z A 5 O T I 2 N D B f b y 5 q c G c / X 25 j X 2 N h d D 0 x M T E m Y W 1 w O 19 u Y 19 z a W Q 9 N m U 1 Y W Q 5 J m F t c D t f b m N f b 2 h j P V Z D M 0 t M N U h k U X d F Q V g t Q T N K N j I m Y W 1 w O 19 u Y 19 o d D 1 z Y 29 u d G V u d C 5 m a W V 2 M j U t M i 5 m b m E m Y W 1 w O 29 o P W Q 2 N 2 Y x Y j N m Y j I y M m Q z M m I y Y m U 2 Y z I 5 Y 2 Z i Z T R i M z Z m J m F t c D t v Z T 0 1 R j Q 2 N U Z D M i I + P G x p b m s g c m V s P S J p Y 29 u I i B 0 e X B l P S J p b W F n Z S 94 L W l j b 24 i I G h y Z W Y 9 I m h 0 d H B z O i 8 v Y 2 V y d C 5 n b 3 Y u d W E v Z m F 2 a W N v b i 5 p Y 28 i P j x z Y 3 J p c H Q g c 3 J j P S J D R V J U L V V B X 2 Z p b G V z L 3 N k a 18 w M D I u a n M i I G F z e W 5 j P S I i I G N y b 3 N z b 3 J p Z 2 l u P S J h b m 9 u e W 1 v d X M i P j w v c 2 N y a X B 0 P j x z Y 3 J p c H Q g c 3 J j P S J D R V J U L V V B X 2 Z p b G V z L 2 p x d W V y e S 5 q c y I + P C 9 z Y 3 J p c H Q + P H N j c m l w d C B z c m M 9 I k N F U l Q t V U F f Z m l s Z X M v Y m 9 v d H N 0 c m F w L m p z I j 48 L 3 N j c m l w d D 48 b G l u a y B o c m V m P S J D R V J U L V V B X 2 Z p b G V z L 2 J v b 3 R z d H J h c C 5 j c 3 M i I H J l b D 0 i c 3 R 5 b G V z a G V l d C I + P G x p b m s g c m V s P S J z d H l s Z X N o Z W V 0 I i B o c m V m P S J D R V J U L V V B X 2 Z p b G V z L 2 F u Z 3 V s Y X I t d G 9 h c 3 R y L m N z c y I + P G x p b m s g a H J l Z j 0 i Q 0 V S V C 1 V Q V 9 m a W x l c y 9 z d H l s Z X M u Y 3 N z I i B y Z W w 9 I n N 0 e W x l c 2 h l Z X Q i P j x z d H l s Z T 48 L 3 N 0 e W x l P j x t Z X R h I G 5 h b W U 9 I n R p d G x l I i B j b 250 Z W 50 P S L Q m t G W 0 L H Q t d G A 0 L D R g t C w 0 L r Q s C D Q v d C w I N C 0 0 L X R g N C 20 L D Q s t C 90 Z Y g 0 L 7 R g N C z 0 L D Q v d G W 0 L f Q s N G G 0 Z b R l y D Q o 9 C 60 Y D Q s N G X 0 L 3 Q u C D Q t y D Q s t C 40 L r Q v t G A 0 L j R g d G C 0 L D Q v d C 90 Y / Q v C D R g t C 10 L z Q u C A m c X V v d D v Q k N C 30 L 7 Q s t G B 0 Y L Q s N C 70 Z Y m c X V v d D s g 0 Y L Q s C D R i N C 60 Z b Q t N C 70 L j Q s t C + 0 Z c g 0 L / R g N C + 0 L P R g N C w 0 L z Q u C B D b 2 J h b H Q g U 3 R y a W t l I E J l Y W N v b i A o Q 0 V S V C 1 V Q S M 0 N D k w K S I + P G 1 l d G E g b m F t Z T 0 i Z G V z Y 3 J p c H R p b 24 i I G N v b n R l b n Q 9 I i Z s d D t w J m d 0 O 9 C j 0 Y D R j 9 C 0 0 L 7 Q s t C + 0 Y 4 g 0 L r Q v t C 80 L D Q v d C 0 0 L 7 R j i D R g N C 10 L D Q s 9 G D 0 L L Q s N C 90 L 3 R j y D Q v d C w I N C 60 L 7 Q v N C / 4 o C Z 0 Y 7 R g t C 10 Y D Q v d G W I N C 90 L D Q t N C 30 L L Q u N G H 0 L D Q u d C 90 Z Y g 0 L / Q v t C 0 0 Z b R l y D Q o 9 C 60 Y D Q s N G X 0 L 3 Q u C B D R V J U L V V B I N C y 0 L j R j 9 C y 0 L v Q t d C 90 L 4 g 0 Y T Q s N C 60 Y I g 0 Y D Q v t C 30 L / Q v t C y 0 Y H R j t C 0 0 L b Q t d C 90 L 3 R j y D Q t d C 70 L X Q u t G C 0 Y D Q v t C 90 L 3 Q u N G F I N C 70 L j R g d G C 0 Z b Q s i D Q t y D R g t C 10 L z Q v t G O I C Z x d W 90 O 9 C h 0 Y D Q v t G H 0 L 3 Q v i E g 0 J T Q t d C x 0 L v Q v t C 60 L D R h t C 40 Y 8 g 0 J D Q t 9 C + 0 L L R g d G C 0 L D Q u 9 C 4 I N C i 0 L X R g N C 80 Z b Q v d C + 0 L L Q v i E g 0 K D Q v t C 30 L H Q u 9 C + 0 L r R g 9 C y 0 L D Q v d C 90 Y 8 g w q v Q k N C 30 L 7 Q s t G B 0 Y L Q s N C 70 Z b C u y Z x d W 90 O y D R g t C w I N C 0 0 L 7 Q t N C w 0 Y L Q u t C + 0 L w g 0 Y M g 0 L L Q u N C z 0 L v R j 9 C 0 0 Z Y g W E x T L d C 0 0 L 7 Q u t G D 0 L z Q t d
} ,
{
"type" : "attachment" ,
"object_relation" : "report-file" ,
"value" : "CERT-UA_files.zip" ,
"category" : "External analysis" ,
"uuid" : "618b0fda-db00-4758-b31b-594bccc4a94d" ,
"data" : " U E s D B B Q D A A A A A A d C l F Q A A A A A A A A A A A A A A A A O A A A A Q 0 V S V C 1 V Q V 9 m a W x l c y 9 Q S w M E F A M A A A g A B 0 K U V P O 142 J H w Q E A m M E B A B 4 A A A B D R V J U L V V B X 2 Z p b G V z L 0 5 T R E N V X 2 V t Y m x l b S 5 w b m d s W g V Q H F E S X S A E g g b C o s E W C + 4 S 3 N 1 l s e A O w S G 4 B n d 3 d 3 d 3 D x L c n c D h u u j i x / n V 1 U 3 V r 2 / 9 u u f 1 z H y Z / q G K 8 h K o S P h I A A A A V U p S V B k A g K H 7 W 0 J 8 / 9 b i 5 h X l / J b B O C p L C A O q J j 4 f v l V I j C S V 5 Q A A d 0 o A w D c A A H g A v O U H A I A z E w B w p A 8 A c K c A A D h 2 G W 1 K v G 8 d H + w k N R 0 B A L S B v y W Y R F o 0 g j d l Y x a q G k 4 a c r L c R r b W D A b G t o Y m D K 7 W d o C / X b y u 3 G 9 F a x M n A x J X 6 + 82 j t y u f K C / S 3 C / l f / W z A g i + b u I k x U f S E N O k U T E 1 s G E h J 2 B j Y E J x I 9 E Q k L C 62 B s y q 0 s K v 5 P + F u N D 2 T u 5 G T H z c j o 4 u L C 4 M L K Y O t g x s j 89 e t X R i Y W R h Y W + j c J e k c 3 G y c D V 3 o b R 7 J / K P m X H l E T R y M H C z s n C 1 s b k r / V D Q x t n Z 34 Q K A 3 m X 9 f / z D 0 t 1 v 6 t y E b x 3 + y e u P H 6 G p g x 8 j M w M T 4 / 0 B O F q a m / x / 1 t 55 / w P j / g + N 9 M 8 I t 4 m B i 4 G T r o G p r + 53 f z s D C x o n B x s S J 5 I 0 / A / N X X s b / k f h v 8 N 9 U c i s 4 W J i 8 c f 0 b I 35 m X s b / b f s 3e8 b / o f 8 P 3 z L + 0 7 n 8 S G + W / v W g + J E E P b U N A A B B g J S o k K o r z E n n h x h j F + c 9 j 7 P O V t t E z c c u Z 7 V z L W 1 h Y V h R A i Z T i M 3 I 7 Z J p D 6 t 4E94 V E S M T E a t R u 8 n k 1 v r k e x T J 9 + 9 g 651 + a p K T B 7 y r h J e i L 6 W 40 e q c 61 I 3 U Q O r n a V y X u 15 d c d X / v g Y l Y K 4 C u l b V z Z r k m 7 c d T h / 3 X s t d + y 6 y j w P Y b O J B E J f D e D X + h F 4 c b L 3 Q i V e / m L b d X 2 o 97 r w N K u A c G P m s t k 56 Q F x i Z y M B J p X C B r B M x w i Z f B 79 b h A A J R 6 U C j O r + 5 n o r u / U O m d 87 u d 2 / K 7 r z g f d / N 4 C r 7 g T T F s N E N a a 2 H / h u r x O U B q Q U D X w t G 7 G G D 1 u a G a 9 D y z P l v S a / j K 6 v M 1 g + 9 u W X v 93 P t B n c h B Z 7 H 6 z s J 3 Y T D R 0 v P l r s r 3 / t x L f 8 c + E s g l i 2 + + Z h + c T 8 t 8 t U 3 V d S b D d y f Q e Y y + 7 L e n m 79 C E + t g U d Y w z n X 1 K V j g y m q T O j l a t / H V V x W 9 o x b D g n 3 j 6 + s L k O n l G d 2 a 91 J a F 2 a R z x x v i B B t e r b n Z H r y x c v 55 Y K H o 6 h b 47 s l H s Q F / Z d s / 35 i 4 Q h 7 K c W + 40 b T o l h S / y M l t / f e h F f + k P n e V u + q l 8 u a / X B X 3 G K 1 / d l r F 9 D 8 A u m 1 y 7 k 9 j 3 i 3 L Z g v q L a 7 L L y G 93 Z e Z O j I k d M m y o c Z 57 S D Z u a r s Q y X Q Y g 2 a 4 F t j V o S I W 1 d 441 y b 7 Y m n m a H 2 W n M c d R r g k F E 0 n 72 S 7 r + J v 2 r A i R M d 3 h o 5 D V d P Q f D 4 D k 9 + W T U u 2 d w W F r 9 z / 3583 K w 5 / H k i 5 v b H 4 J A j f 0 z x c k c d d A 4 j L 0 l k N m S i H m Q d v e b 1 J 5 Z c 0 F C r D T T 0 i 4 h 47 V A x n O l j + c v w q A / H S 7 Z r u d u Q j T q t 2 E c E y + b d b C o a M e b d V r q U C 9 G U b D L n B M e 0 e v D + W v y 5 T X 6 S 0 f c Q 1 c A 94937 Q g / M U O D Y W i 1 U V 5 Q 0 g b O 2 G u G i S G j i n r F 7 / r Z J 0 0 h o q 2 M b d c L w 1 Q + N y + e 3 h U y v U c b H p u 4 L X 3 J j f Y P r 0 F A c 1 G N 16 D B t r j z o z a J z i B 7 E T 587 h v o p h c v z 8 v 6 n d i o x C B O U 0 Z V L g d t R g h A 0 T d R E z j L N O i r 7 Q J c s Y z C j Z K Q h p c w x V 5 Y v z S t t I R 370 x d O t 6 z c V u t 3 r A M q N L k e r l A 6 F / s u K m + V L 984 J h 41 m u G j U Q 81 m u W V 7 / u H P p F f K 33 r n z f + 0 L d p b V c o b u 61 F O U d 8 O y 0 E y 7 G R g a P B B b h w v m g 8 b h Z 1 u q J b P v 9 D s U H o 2 H d 4 / E 5 f o R k e H v 6 b b i l I 23 E t + + b p U T P 6 c d E x 0 r 1 b T d 9 b Q T x C 4 A n x k e F z M 9 y f o e F i t n g R 7 V x J E V E 912 k 50 E Z k S e z a k P R Q N k E M v N Y d 9 f x N H S I 3 a D R t h b F S j M V k k t a p I u y d V 8 n h y 0 g C R a 8 D z W G C Q s s 3 r 4 U n V 0 n E o l 0 a F g U v 3 I T f u y 0 f Z h 1 w X P z w t 907 s d i k Y I k r V a w 6e98 N H w E w + 48 d F I G Y o O j Y 7 a 0 F G A i 2 V w N d O F / m V x q 2 L D 2 s Z T p U 9 O R 37 / I I d q 6 i + f F k t C E A 5 L S J N S q p K v J 2 l H A i P o 5 K v D r e C 0 G P 7 S f l r 6 u h G b 50 o G W u 8 / F S + p X D 1 O m l A X G T l v 7 H a C v j y u H 10 J F O o 7 X / g + 1 V t 22 a O + W W V U z y G 1 g i b T z k C 7 u m A / n s A U I F P 0 l J m Z n p R v O l I S b e p k P o Z 9 s i B M 6 o o N A N p c h l T i E W c k N o M D u i / h w E U V 9 M U U r S 1 a C s g 3 P n w i p w V R l N 3 V s S z + Y m o S v L 7 g x 9 u S P x H o r m G 0 V N J E n N i u E I / G x 293 U O c g + / H r 6 X y X Y J u W P x P C O 8 p s 4 C 29 K k G 4 m p f d M L Y u n D s 7 H T O 1 m U K u 1 x O q l 2 F J / s 52 t i t g M T X H 9 w b b 8 P T e F h j s + Q E j 10 H 7 x G A X y X v L u t o G 0 r F 6 i y 5 b k J i T i a O z S E c S B a F I Z Q y k C r d s j c V z + 0 K M Z F t 6 U 7 G e T t 3 l n r O + m D Z r t 7 J I 4 j w V i g C 4 p E L p / 5 I h / q 2 t m J T B p B e / m V j H T 1 w a m l 8 + D d V q 4 L y o e n 48 P r l X Q R B 4 O o t U 2 b y P r F z + a e h 0 3 W a t 3 p i S + + 5 z o s y u A l 55 G n U W v r W / T X x F B d j E 2 T 2 O i w Z E b S U I N h G k 2 S D S 1 B w Z 6 z u p 4 w L i 5 L A U W g o r p Z q A K s u g o C K n 0 x D 8 W N G 1 H e y Z e b T J v n S i 1 j t O I v v 1 w x b / + f V z s e H 5 F n b w l g T 4 b 1 / 8 s O G 3 Q 70 F D 7 i 7 T S X 1 G o H n S r h u G 8 r s R 9 k 5 f p D p F w 2 L z e m z m 18 w 5 d J S d P 1 k 7 A N g h l c U y d v G w g y 63 w W D t j + k Z 9 p l J t y r E V p k 8 U q y k m y + U q W H O x a E 81 s Q H 2 G x 5 u Q p E 0 k g H V 5 M E p R L v d q V 17 o y G J n U q + x m g e 8 i N x + 3 s z 3 H n O P P m S J u M / w X M u / Y B g r V H z y u t u 85 A c f b 0 t / + Z A M r b s 8 F F B H K f 3 X f I n S f y X R e 4 P n s U v S M N j 5 K I H j 5 f W y j W a 1 S h 22 E P U g b l V Y z c a S g H T m k b 1 A f r 9 v C i 4 l / 0 f 6 L 7 B Z 7 D C T o L 2 N K 9 u F V 1 + 1 J B d g q h i 3 U X J U p I Y w k a l k / m c K / Y 0 6 F 4 c 508 t n Q y a k 9 t U a S F W a V P A d R d U G D 0 W e G r u R X X F k k I L M r d x v 5 a s p i 89 J s N u o X S G y A Y 6 Q u K I 5 C p y 5 q x 5 + J t i 9 O l 8 s e / K 3 u J w T d h / Q C 1 B v m P W d r / A d X V H 1 V P 1 Y 1 k F S D 0 l i h M Y x c d V 0 d d F Y q F n n F R F L v m 0 Z G e u Q c O O w q v 0 O 5 C 6 W x 3 o d B U j E N p x m 9 s u r t t J A L Y p o a o p 3 C Z A p M w N a W 4 U T b d P w q 9 i e 4 N s D j D I I v t l H A 1e2 z 4 + 7 H w G h P j x E d d 4 / m a R 2 u C 5 N + u O 5 d N s H j b b V 2 F o E 3 n 412 n L 16 L j j 7 P w c 9 O 9 e k f X 1 J r d Y M n 3 z 2 Z L q L 2 b E l / N H e P O g Z 2 z J J r 2 Y V V N j J s Z b Q X k f D v 6 w h L + X A H / 7 N S Z C j o 33 X + I L 7 K 0 6 H O A d f g V f M k S 5 s i Z x t e 8 L 4 s Z u q n L S o m Y i 43 F o j s H a c 4 v C z N U Z 4 s R N h H k c 0 + H N 5 A + R d o V m D T B J V e W / k W q m h R M W P V Z n s + y n O 0 V 2 y 7 u O 7 T c 9 t 39 w D h C 52 G / U T J D b J O 9 r b G T h s L d Q 1 n 17 n P 0 / h 2 f f K 9 n u P A t 1 O l 2 e e 5 P z S R 9 h 373 a E m p U d I 3 y 1 Q S z C J v p Y 0 2 r z x l b U Z F a f 0 p X j O F J R U U Z r p 5 x Z z r r R 6 j o R m J D g L J W T u V P 0 Z U a k h 1 U P 8 P H I 1 D K u v i f H V a e y 1 d G V 77 i V L h + 0 + J I s l o Z G 3 x L a h x k O f r d Y l j o 36 G A 0 N w F L 8 w 1 B o 7 M f e k U Y W 5 f J H t 20 J C o t q r Z k f g x m u 5 P 1 t Q l v w g p Y Y r A 6 n m x U J 5 p m Q + / 77 h m B R j q L A d o I s h 8 G + Z Q r E 491 / I J k 1 C b Z Q z M 66 t o a q N N n x b q s Y w u K s 7 E u T F N v d M j w u q p J d U o w x B I x Y h 5 K y N M k i c r A k k i A 1 b g 7 G u O P x q G 8 i 5 L W W k 17 V 4 D V J K c I 0 U H Q H M u U m W Y S K V B Z X o G c 5 F m S C E x J H i O j g F 3 G G i z M 2 L b 3 X M W z b I S 7 O i N x L v C x 7 Q 8 V O p u T l v q W h 7 r I y d A p k r b f T 0 m c 2 z M v M 502 u 6 f p 7 o
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "report"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--17746c0d-121f-402a-abe2-c98b8b362a55" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:33:07.000Z" ,
"modified" : "2022-04-19T13:33:07.000Z" ,
"first_observed" : "2022-04-19T13:33:07Z" ,
"last_observed" : "2022-04-19T13:33:07Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--1558f253-39fa-52c0-9878-078f8dc5e90a"
] ,
"labels" : [
"misp:name=\"pe\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"False\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--1558f253-39fa-52c0-9878-078f8dc5e90a" ,
"name" : "" ,
"extensions" : {
"windows-pebinary-ext" : {
"pe_type" : "dll" ,
"number_of_sections" : 6 ,
"optional_header" : {
"address_of_entry_point" : 6444291376
} ,
"x_misp_compilation_timestamp" : "2022-04-15T14:06:15+00:00"
}
}
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--2c263270-3a18-4d23-b950-c5710c490a72" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:33:07.000Z" ,
"modified" : "2022-04-19T13:33:07.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".text" ,
"category" : "Other" ,
"uuid" : "f4f099cd-1775-4181-bcd5-d47dfb7c53e8"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "2008064" ,
"category" : "Other" ,
"uuid" : "d1a15852-1dd7-42f5-8c6a-85dbdaeaca9f"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "6.2176796284423" ,
"category" : "Other" ,
"uuid" : "3d75585a-57e4-47b2-a921-1660f5dac642"
} ,
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "684289bf351c44dc953528df2ffef87c" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "efd228b3-f3cf-4a4c-81ce-8ed8466aed9f"
} ,
{
"type" : "sha1" ,
"object_relation" : "sha1" ,
"value" : "df9128eb022b80bb078d48ecaac28e1327b2f586" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "00b6c9d0-d8eb-4af5-a1c3-32b5d4734e96"
} ,
{
"type" : "sha256" ,
"object_relation" : "sha256" ,
"value" : "0ca1d82653e91144890ac93e172224d99808ac2df995711f1939a7df6775c88b" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "2f7ac303-7dde-433b-93de-12c5ad8eba2e"
} ,
{
"type" : "sha512" ,
"object_relation" : "sha512" ,
"value" : "b1e4ac70996884d7a47eae933490e72b78ef4a74918d9fc71c554def1e6d386cbcda7020eb33b5dcfdb692df396fd1382116c615931480e482f18b684bab2334" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "27855c60-94a7-4ff0-96d2-29400e46b1a6"
} ,
{
"type" : "ssdeep" ,
"object_relation" : "ssdeep" ,
"value" : "49152:+S74RWcCACn04hdGniZH33waehC6CJCRpfBk0IIW9S+cCst03WIbfEWv+tD1lFTN:+S74gcCA94LyFT9" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "eba0a1fe-3c08-48fe-8329-69654c8a2f5e"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--230937bc-fea9-4714-8cbf-bdfd69c3da59" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:33:07.000Z" ,
"modified" : "2022-04-19T13:33:07.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".rdata" ,
"category" : "Other" ,
"uuid" : "600be642-60b7-43b3-a3b0-373ce24ad6e5"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "189440" ,
"category" : "Other" ,
"uuid" : "65c87b67-fb9e-4d3f-86d6-cdd61580003f"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "5.6118093937406" ,
"category" : "Other" ,
"uuid" : "c6eff9db-8dc4-40b4-9627-bcded48cd542"
} ,
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "c1133122422cad249fc0b6d824ffeb06" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "eaf28612-f542-4b43-8a7f-eec5580e316e"
} ,
{
"type" : "sha1" ,
"object_relation" : "sha1" ,
"value" : "ec10f523d0c96cd4fa8ebec9251b7e6dcab9adde" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "ce111ab3-8dd9-4660-a17f-354fb48bbef7"
} ,
{
"type" : "sha256" ,
"object_relation" : "sha256" ,
"value" : "cc19333d67022727a01821e0d6cb5c5f0d93e5ff808befc4f20064f9cf9471ee" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "84eed76f-7629-4702-b823-15fdd2860a5e"
} ,
{
"type" : "sha512" ,
"object_relation" : "sha512" ,
"value" : "9dd84db6c9a036d3fbacc467a26c4313cb669a736e1bb68cc264157b01a87ca5fdcc51fbd883aa51e4eb888c1be4ce19c1856f77e0a2040a4105ef6308175423" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "d904a07a-abf8-4ca6-991a-f1db2b3f9ea3"
} ,
{
"type" : "ssdeep" ,
"object_relation" : "ssdeep" ,
"value" : "1536:g4uXN+5cluOmrydhN67qWJq906twHoWJ4/9dlZesW9ddXwl/zFbvaprJMF49AlU8:giyuZrVk906yoY4/EdkvapAMq80IGn" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "3d99346f-5434-4714-9684-ccf958f4f705"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--809a3e46-68ae-46b5-84d3-2e77b2f8c2c2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:33:07.000Z" ,
"modified" : "2022-04-19T13:33:07.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".data" ,
"category" : "Other" ,
"uuid" : "c95ff4bf-76d7-48ec-9016-3adbccc65b52"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "193024" ,
"category" : "Other" ,
"uuid" : "86a8c647-63cd-486b-b51b-83c374b33892"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "4.8844151329756" ,
"category" : "Other" ,
"uuid" : "f228f1ce-0531-46db-9f83-67ca9e9a712d"
} ,
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "23f1d1488d4b6b072f1fe3504723dae0" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "bd624cb1-451a-4977-8e76-28a4003330f4"
} ,
{
"type" : "sha1" ,
"object_relation" : "sha1" ,
"value" : "4cca8cdcb351b80cbe979eb56bab1823928be4bf" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "c2bcc02e-c3b2-4101-b92b-e9d1f1a269c3"
} ,
{
"type" : "sha256" ,
"object_relation" : "sha256" ,
"value" : "c9ee88150311891892c813cfbe143283f97e0bf3cd72749719114f3ac7329186" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "67e1eef0-3860-4b53-8e3a-f45cbbbdb2db"
} ,
{
"type" : "sha512" ,
"object_relation" : "sha512" ,
"value" : "c35fcb393ca38ba8e8f76a7b6ba3edd4b80a195f7332202a93e9b35751f5e8983752f19ad99a6b9606b71e19301f1c9ea8f1712d08a3986354b2b46c86ce342e" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "87f016ce-c366-4fc4-9978-3e6e285f4251"
} ,
{
"type" : "ssdeep" ,
"object_relation" : "ssdeep" ,
"value" : "3072:rG1F4Ac9ct4pWUDJ/d9Ml1GZ3u3GS33T+LXC7EltdfzVyZGraMQUgZXLUWSgg:S4pllV86iZ7Umg" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "d0f34943-c9c8-42de-ae42-63b514a9f65f"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--8fdf2a25-528c-4818-ba85-979144dfb69c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:33:07.000Z" ,
"modified" : "2022-04-19T13:33:07.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".pdata" ,
"category" : "Other" ,
"uuid" : "7e878648-fb58-412f-b01d-35f1ad9db7c7"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "47616" ,
"category" : "Other" ,
"uuid" : "27f20644-cdaa-4187-b998-1eff42a1cfe9"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "6.073585196443" ,
"category" : "Other" ,
"uuid" : "3f093617-0b6e-4919-aaf2-68ab0ce38533"
} ,
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "fb7a1d64a3a58302f7c4700aad3e40bb" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "fd69ce9d-7c25-4f5d-a273-03a65be6de39"
} ,
{
"type" : "sha1" ,
"object_relation" : "sha1" ,
"value" : "ce6e8eb73b5204c0162af5af2b71ac2f8ed64b99" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "4a15d50f-2cad-4452-ad94-c4969f7d1bea"
} ,
{
"type" : "sha256" ,
"object_relation" : "sha256" ,
"value" : "d1977b67ba6a3dfd54a3676ff395aaeaac76e16412bfb5036c470a1213e713d7" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "39dbe00f-4fb2-4905-93a2-4ccc7d7ee40a"
} ,
{
"type" : "sha512" ,
"object_relation" : "sha512" ,
"value" : "f8376a0b75912b4d0bb330200d4f202eaf2d774f4aa98a575f7bb782d1b8b094980109ad60d3cd3be3a22e524409855de000393030fcfd1de4df2ee07e1d76aa" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "3bd9f04a-26ff-4edd-8273-c19ec83071fa"
} ,
{
"type" : "ssdeep" ,
"object_relation" : "ssdeep" ,
"value" : "768:rQMuxLdBpdlZSsF9Mx0Rln5oV8lcqd4KqLLw70txwixyvu444Je+lXYh0Wb5U:0lN7ZSsIxZQmKg60txwiT4Je+lBWlU" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "8cb787e4-5526-4221-8c92-fd5c55d2934b"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--f73d494f-0ac5-416d-83a2-69f80a69082d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:33:07.000Z" ,
"modified" : "2022-04-19T13:33:07.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : "_RDATA" ,
"category" : "Other" ,
"uuid" : "9e327748-2e75-4a74-8586-8444e97d4c61"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "512" ,
"category" : "Other" ,
"uuid" : "17ab255e-c59a-4fd0-a5d1-6a7280f90731"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "4.0548649085224" ,
"category" : "Other" ,
"uuid" : "33e8fcca-32cb-4ff4-83ca-c278785751c8"
} ,
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "e102dd2a53e435be3b5cb44aaf810a93" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "55039e07-7c78-4ef4-9b37-5e7e14e8e3ce"
} ,
{
"type" : "sha1" ,
"object_relation" : "sha1" ,
"value" : "ab13c0eaba8db274c9e9d9a74c4d82454f0eb3d7" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "c84621cf-34b5-45f9-9563-7a9581b96e4e"
} ,
{
"type" : "sha256" ,
"object_relation" : "sha256" ,
"value" : "3dcf2a5e725b4bf794505698566a17cd54e142996fb76cf10c4c17b00dff1707" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "ad890487-386a-416e-912d-2bbddf0fdc46"
} ,
{
"type" : "sha512" ,
"object_relation" : "sha512" ,
"value" : "d51fea97c18cde17926868833d6bea736554f694cb92cb2fefcf807ff0a9cd4cac055a992d72555e4aff4205cf21a31c3c8be0cb31f10e978a0bb62aa71fc298" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "97ae9c46-17d6-4e6a-b486-ba69dc7bf901"
} ,
{
"type" : "ssdeep" ,
"object_relation" : "ssdeep" ,
"value" : "6:KIp+glWlEM63tL7duVGWBSQuUYU581iL23737XQv7wk:Kh7lIo3C1G67cck" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "34518e15-3cf1-4e78-9988-3be854df5fb5"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--5df0d3ad-bc0b-45cb-813f-f6549bd4b098" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-04-19T13:33:07.000Z" ,
"modified" : "2022-04-19T13:33:07.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".reloc" ,
"category" : "Other" ,
"uuid" : "da202bc1-b55a-48e5-8ef7-27123dbd931c"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "8704" ,
"category" : "Other" ,
"uuid" : "1a051a7e-75cd-47db-8cfa-3972b8e4f928"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "5.4578968121665" ,
"category" : "Other" ,
"uuid" : "bef7e708-3d7e-43be-8589-e8ebd0707af1"
} ,
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "83796fd40aa9446c00d898dbd22fcd56" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "ed0cbb87-90fa-40c8-9cc6-8bd2db482b0d"
} ,
{
"type" : "sha1" ,
"object_relation" : "sha1" ,
"value" : "04a4795a102c7cc4b9eeed7d6fe12711a1176741" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "897106e0-febe-45a8-89ce-e56915bc3062"
} ,
{
"type" : "sha256" ,
"object_relation" : "sha256" ,
"value" : "22fb7e4ac5be03cd3bbc962313d0e2470acc96b7c60b84ae57a5966192e8b036" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "a8aeb6a0-dc9d-48d3-ab50-7443e97a9ca8"
} ,
{
"type" : "sha512" ,
"object_relation" : "sha512" ,
"value" : "6674ab2bd147138808cab67f2c57449ff1b475dda6c2af86c5f8abdb7dfe572d355f0f9ba846ce1df40e8789bef8d3ba25fb14caf8762dec3b15f2a629ec8c30" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "5ab6c5d4-df18-4e41-9cfe-f8ce88da6a51"
} ,
{
"type" : "ssdeep" ,
"object_relation" : "ssdeep" ,
"value" : "192:kdnfUHskn39nwVisGngSsbcM1gnVoX8UoNYEXTfHnVks8EXCJN2t7IQ:MfON9wfGv41gVoXkYE7HVks8ESJ0th" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "3af65604-5d7c-4f82-b950-00a73ec7b7ce"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "marking-definition" ,
"spec_version" : "2.1" ,
"id" : "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ,
"created" : "2017-01-20T00:00:00.000Z" ,
"definition_type" : "tlp" ,
"name" : "TLP:WHITE" ,
"definition" : {
"tlp" : "white"
}
}
2023-04-21 13:25:09 +00:00
]
}
