adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/42e5a5d8-59d6-4075-9c9d-2d334b9d74e1.json

3311 lines
213 KiB
JSON
Raw Normal View History

chg: [feed] added
2023-04-21 13:25:09 +00:00
{
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"type": "bundle",
"id": "bundle--42e5a5d8-59d6-4075-9c9d-2d334b9d74e1",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T13:33:50.000Z",
"modified": "2022-09-08T13:33:50.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--42e5a5d8-59d6-4075-9c9d-2d334b9d74e1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T13:33:50.000Z",
"modified": "2022-09-08T13:33:50.000Z",
"name": "DangerousSavanna: Two-year long campaign targets financial institutions in French-speaking Africa",
"published": "2022-10-24T09:58:09Z",
"object_refs": [
"indicator--afbf6959-77a6-44b6-8fd4-29e231b496eb",
"indicator--f6d22b5d-f7ba-4c62-bef4-12bdcb17467f",
"indicator--257e59dd-95ef-46c1-930c-38098a3c982f",
"indicator--5273643b-d90b-43d9-bfca-aa77d568d932",
"indicator--8e81a2fe-5ecb-4db2-9720-79423ba974c7",
"indicator--629d9702-f77f-42bc-b259-efcf0c05209e",
"indicator--ed9d6044-6c12-4df7-a0bb-c3fd6c66acbc",
"indicator--cde93ce0-b1b2-4e8f-a441-1183b3f5eb95",
"indicator--2d130f09-3f8b-4ae2-a2bd-fd14abed47f3",
"indicator--5c07b7ac-c4d8-4c69-b940-3e7cebf3a904",
"indicator--80aebdc6-eb78-4263-a2ec-9771297165b8",
"indicator--aab885df-1413-45af-b1d4-faa9c49e5b58",
"indicator--8acf2ac7-aa07-40b8-a25a-221aec2e563d",
"indicator--59a0e78e-6397-447a-a9ee-0802997210d4",
"indicator--a08f3873-5223-4dca-b23a-2f64377092a3",
"indicator--471e2d0b-74b3-4ef4-8009-3ed130ac6f0e",
"indicator--f38f93f1-0fd5-4d8f-a2f2-119e99e7cc29",
"indicator--ea6feeb5-098c-4d01-b0b8-83f1d472fcb1",
"indicator--587b6f4a-b086-4edb-b18f-a1ad3bb51325",
"indicator--d9bfe8f6-5bb3-4142-8b77-5ab70241f8b3",
"indicator--d6c74368-80e3-498e-b39d-2003011c06a5",
"indicator--613a147b-8291-4c6b-815b-17f5402755b6",
"indicator--50bfa7db-1771-4b51-8717-e8c4e3772a6f",
"indicator--ebe3308e-3c72-4b47-8d41-2489375fdf34",
"indicator--2c483127-d6ae-4b3d-bbbe-ea2cf0ff4da9",
"indicator--5fb21d24-21dd-4731-ae47-f141bdaa7403",
"indicator--1aa44ae8-f334-43d7-bba6-caeb16e92927",
"indicator--c9c0a25b-2bae-4dd7-9d58-5c81bf2c0d8e",
"indicator--05d36b6d-e23d-4526-9659-3825207516b5",
"indicator--b476eef6-0686-4863-92dc-801c6d78bea6",
"indicator--236c61bb-e294-49b5-8722-1e53c6049005",
"indicator--4624ca82-3fb0-4f2e-8a28-07b30481e680",
"indicator--5f04538c-3a76-41ba-b18b-75d3339f0f4f",
"indicator--4526005c-3efa-4c5e-b521-723f71067581",
"indicator--ce76af0c-fa57-493a-9c18-072837a6a7c1",
"indicator--dbd22033-2475-47c1-bac6-6e61b960e02c",
"indicator--96a53625-fe51-4139-950d-58d21de91e74",
"indicator--a9139ef1-e005-4071-9647-ad27d769cddd",
"indicator--95d609a3-5dbb-48f8-8007-ea0e388c5e9c",
"indicator--aecf34f9-409d-44d9-aa74-81b85bf40152",
"indicator--d263fe47-f8ad-4670-8778-9243a7d5420e",
"indicator--2220da81-abf3-470b-b701-2c54459f17ef",
"indicator--95866c6f-db9e-40f1-95be-e6a49cbe71b7",
"indicator--6b0fa3b2-591d-4b75-bbdb-463f8d8eeacd",
"indicator--55f7d093-abd6-493d-babd-66bf54762e4d",
"indicator--917168f9-1528-471b-a9fd-867da62aa665",
"indicator--a7fa7688-9984-4d16-8b16-094e93cbcb11",
"indicator--254369dd-0307-482a-92af-8a76477554e0",
"indicator--144e0dc2-9e85-45f4-a430-0e51c272a973",
"indicator--c44aae78-7d61-4a69-ae69-88f0401c72f9",
"indicator--089e6102-9ce8-4eac-b3ef-cd7032e9089b",
"indicator--0b6c987c-0fde-4255-bef9-917de3899c07",
"indicator--c4897277-405a-434e-a939-e607c736895e",
"indicator--88d60c23-a955-4d79-b788-26ab8f00d1e1",
"indicator--4bba9aa3-502f-48ff-8dfc-67dde1396bb4",
"indicator--f1b5bc35-f06c-4fa1-bfb0-cf515970eb5f",
"indicator--f220890c-3da5-4049-8ff6-1919dbd9e1aa",
"indicator--41c2d23a-8616-4dc9-9d1d-e1f30323013b",
"indicator--d7e1e016-6900-40c2-980d-28de5c0185f1",
"indicator--5ab60ada-72f6-4ee6-8c70-448ba52953e1",
"indicator--4110eb3c-7151-4af7-9455-1ad78326c690",
"indicator--f346c00e-6fde-4248-91fa-a9a67b37de17",
"indicator--5ed77582-dcda-4684-9ef7-01109aa12589",
"indicator--2f595a12-a02e-4039-a0bd-dbeab14ef291",
"indicator--d6e96feb-2a30-4639-ac31-8f78e70bc216",
"indicator--63568403-a73a-4c87-82f0-950ee3ede427",
"indicator--2b6a7b7a-fd60-48ae-8bf0-ea278cbef19b",
"indicator--fd8d86cf-23a7-4838-b1bc-1559b8f516b8",
"indicator--c9dc5a95-d3e0-41e0-a945-cc607e4cd0cd",
"indicator--7ad4a34e-2a37-46f4-84ce-90976c4cb400",
"indicator--ba332311-bf05-4304-9617-33013ae14b19",
"indicator--7f9731b3-65fd-4e43-9848-479fad69a55f",
"indicator--39f12b09-de32-4286-a719-357820210485",
"indicator--98aa575a-c55f-4537-913a-f1a1675d4087",
"indicator--39050e34-8126-411b-95ed-8d992a52b4fd",
"indicator--f9433089-0d22-45ca-916f-361208019432",
"indicator--203192db-94aa-4b42-9dbd-f35c6097d6d4",
"indicator--08913795-2bfa-4725-88f4-2e5a5cbf8ce1",
"indicator--7001f3f8-4f2c-43fb-90ab-12c5f7682ec7",
"indicator--b9e39258-11e1-4551-bbac-fc1a037a51d6",
"indicator--e4db7983-bb01-4b32-a0f0-048bae836fc4",
"indicator--777c4b13-23b9-4769-8f66-ace2ca05e733",
"indicator--b3a17b16-0a0c-4f47-9466-eb6b32a1b9bb",
"indicator--996583d3-6fc0-4590-9660-a78005c17c5b",
"indicator--9833203a-742c-457c-a0af-2c0ec40b8a86",
"indicator--2ef39360-f4cf-4f9a-bd28-d31eecec3e55",
"indicator--f9280570-9b96-4d97-828b-89e219e1dd4e",
"indicator--e23100e0-193f-4a6b-83f3-8ef60f18cd5e",
"indicator--b127c26f-b5df-4796-b55a-246fb7b798a4",
"indicator--78d55a9c-e532-4cc8-85b3-ee6073192cf3",
"indicator--0464f6f2-8364-4e44-afd6-c6e54c9845f9",
"indicator--5fb34be4-6d6b-41c3-aa0a-4808df1f97b3",
"indicator--e44aa48d-4234-4069-9693-44e256292f3e",
"indicator--92cef6d2-0787-4b0b-b253-13f4364cc4cf",
"indicator--20853983-889a-40bf-9101-08a3e6f3e0e4",
"indicator--8bdc0c71-7905-48f6-a50e-2f47a90d92cf",
"indicator--4d58fb8d-8178-4d21-bc43-1a62c90c0b44",
"indicator--a632f7b6-0424-4205-8bda-8076497d8456",
"indicator--42dc3e4e-b77a-4125-b6b2-a8957c0c77a6",
"indicator--fb58970a-3ecf-468d-abbd-967eee1f0a86",
"indicator--d7bd3aa2-858b-4b17-998d-8dbb6674bd01",
"indicator--01d771b1-31e2-495f-a0d4-140a03ed4134",
"indicator--db0999b0-7dc9-404a-aeb8-3b8ff5ef120e",
"indicator--be82520c-0e2e-4c67-bbef-898eaac24def",
"indicator--969196a1-47ec-4094-ab9d-21b41d2f0b38",
"indicator--5ec38f89-5c2c-474b-a25b-9ae6b3549e37",
"indicator--d8bd94f2-c6c1-419e-aa67-b3af2e8cc8b9",
"indicator--68222d21-ef47-4ca4-8351-5ca71c19f3aa",
"indicator--fc4c38ab-32cd-4691-a113-bf9ba6d26ff2",
"indicator--6a6b0bad-44af-4abc-8c31-cedffef0b8cb",
"indicator--993bad72-cfa9-48ef-b0a0-a8ee93f3f59d",
"indicator--17156707-a88c-4348-a3e1-6bbf194765e2",
"indicator--76777c96-1efd-4fac-a887-944a31ef954c",
"indicator--6f7a23e8-beaf-428f-aa38-167c0e78d6bd",
"indicator--24cf75f7-912b-4c62-bca0-fb51af08bd33",
"indicator--2f5a1bf3-5f23-46fe-b6c4-f11e54d0c196",
"indicator--0e867c18-06df-4ee2-9e36-6bc5d5b74676",
"indicator--dff5c507-9d47-4b43-9268-2ff54e4b729c",
"indicator--8e8c8838-3e91-43ca-89ef-79ffd907a1a5",
"indicator--c785bb4c-51b2-4c48-a227-ac66b231663e",
"indicator--6002f131-eafa-477d-a8fd-2fa464db9717",
"indicator--658a2368-3f38-4bfe-b626-3db211c8e6d5",
"indicator--0636f5d3-80bc-43d9-8f24-9ff08f9c83bb",
"indicator--53a38b52-2461-4dc8-b256-65af11c54a61",
"indicator--42b439ae-5ed3-44e2-9231-d7a3af92626a",
"indicator--7e1615a8-5256-4fb1-a68f-58b6b5a65c2b",
"indicator--a45adb82-512e-437d-a581-1df773f04833",
"indicator--efee8a4f-c51a-4fb5-a1dc-205f24814df9",
"indicator--389d51c6-6c1e-4012-a28f-e7b33b5f5e12",
"indicator--29f79d2e-316f-47e3-93bd-3e2f8387093b",
"indicator--c4c41f6b-3abe-4375-a04b-15dd97f7347c",
"indicator--6ab11ae2-1157-4586-bc2b-731b488966c8",
"x-misp-object--93db2254-c80a-4d20-9470-32be06567c8e",
"indicator--f9642ff6-c0c2-4ba3-841f-bdd86b4ec7cb",
"x-misp-object--e1a08480-f874-40fe-ad5a-fd023f1abad3"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"misp-galaxy:country=\"cameroon\"",
"misp-galaxy:country=\"ivory coast\"",
"misp-galaxy:country=\"morocco\"",
"misp-galaxy:country=\"senegal\"",
"misp-galaxy:country=\"togo\"",
"misp-galaxy:mitre-attack-pattern=\"Spearphishing Attachment - T1193\"",
"misp-galaxy:mitre-attack-pattern=\"Spearphishing Attachment - T1566.001\"",
"misp-galaxy:threat-actor=\"DangerousSavanna\"",
"type:OSINT",
"osint:lifetime=\"perpetual\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--afbf6959-77a6-44b6-8fd4-29e231b496eb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:43.000Z",
"modified": "2022-09-08T08:24:43.000Z",
"pattern": "[file:hashes.MD5 = '020ea21556b56229bb9714e721d893df']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f6d22b5d-f7ba-4c62-bef4-12bdcb17467f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:43.000Z",
"modified": "2022-09-08T08:24:43.000Z",
"pattern": "[file:hashes.MD5 = '0789e52f16f5fc4ac2dbebadf53d44ec']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--257e59dd-95ef-46c1-930c-38098a3c982f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:43.000Z",
"modified": "2022-09-08T08:24:43.000Z",
"pattern": "[file:hashes.MD5 = '0b1d7c043be8c696d53d63fc0c834195']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5273643b-d90b-43d9-bfca-aa77d568d932",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:43.000Z",
"modified": "2022-09-08T08:24:43.000Z",
"pattern": "[file:hashes.MD5 = '16157cdfd7b0ea98c44df15fb2fcb417']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8e81a2fe-5ecb-4db2-9720-79423ba974c7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:43.000Z",
"modified": "2022-09-08T08:24:43.000Z",
"pattern": "[file:hashes.MD5 = '1818f84f7f51be74a408f5e193ba5908']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--629d9702-f77f-42bc-b259-efcf0c05209e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:43.000Z",
"modified": "2022-09-08T08:24:43.000Z",
"pattern": "[file:hashes.MD5 = '18889d70d5546b861c6fa4ec11126942']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ed9d6044-6c12-4df7-a0bb-c3fd6c66acbc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:43.000Z",
"modified": "2022-09-08T08:24:43.000Z",
"pattern": "[file:hashes.MD5 = '192b70891de0d54af6fa46bd35a5fd87']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cde93ce0-b1b2-4e8f-a441-1183b3f5eb95",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:43.000Z",
"modified": "2022-09-08T08:24:43.000Z",
"pattern": "[file:hashes.MD5 = '1ccd2ce1e827b598207cc65e16686b7b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2d130f09-3f8b-4ae2-a2bd-fd14abed47f3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:43.000Z",
"modified": "2022-09-08T08:24:43.000Z",
"pattern": "[file:hashes.MD5 = '1eb29f64f19e07d42d9ad8f6597424b8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c07b7ac-c4d8-4c69-b940-3e7cebf3a904",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:43.000Z",
"modified": "2022-09-08T08:24:43.000Z",
"pattern": "[file:hashes.MD5 = '1eed3153b1afae1676ebd0db99ac5802']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--80aebdc6-eb78-4263-a2ec-9771297165b8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:43.000Z",
"modified": "2022-09-08T08:24:43.000Z",
"pattern": "[file:hashes.MD5 = '1f4f537e550e4299a945a97c1f8a0441']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aab885df-1413-45af-b1d4-faa9c49e5b58",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:43.000Z",
"modified": "2022-09-08T08:24:43.000Z",
"pattern": "[file:hashes.MD5 = '28165bb98959e7e7d9be67f0d248b31d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8acf2ac7-aa07-40b8-a25a-221aec2e563d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '2c95e83759487d78070b56e40843c543']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59a0e78e-6397-447a-a9ee-0802997210d4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '2e7c90c45b3cd8db15cd22e0caacfd40']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a08f3873-5223-4dca-b23a-2f64377092a3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '31515f871cb12d538d53e730e5ddd406']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--471e2d0b-74b3-4ef4-8009-3ed130ac6f0e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '3227c8a45ce4ccf8c475a51b331720c1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f38f93f1-0fd5-4d8f-a2f2-119e99e7cc29",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '3c70bc09d1f8033e57323879d50ca3ce']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ea6feeb5-098c-4d01-b0b8-83f1d472fcb1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '40ec0d84272f1f2394b4a3b74dafbf70']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--587b6f4a-b086-4edb-b18f-a1ad3bb51325",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '46058baa3ef1bdf553d89439cacf0675']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d9bfe8f6-5bb3-4142-8b77-5ab70241f8b3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '46a0071b7e5ea442580a2f80d2fcef42']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d6c74368-80e3-498e-b39d-2003011c06a5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '47c68680c9a00b117764114668357e23']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--613a147b-8291-4c6b-815b-17f5402755b6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '47cf9fda04b2abef75f1eca9804aaebe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--50bfa7db-1771-4b51-8717-e8c4e3772a6f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '496f2a2f14bda410b5f3dcff40bf56c3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ebe3308e-3c72-4b47-8d41-2489375fdf34",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '4f52ca22d2d28e1ecdb9fba92e4cdde3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2c483127-d6ae-4b3d-bbbe-ea2cf0ff4da9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '4fb7503dd8b21396bf9643e0dce70fcf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5fb21d24-21dd-4731-ae47-f141bdaa7403",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '4ffd8ae803d7498e2d5a7a7a3a1268f8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1aa44ae8-f334-43d7-bba6-caeb16e92927",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '5038e5cd4888adb3661d9958f04a1ec1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c9c0a25b-2bae-4dd7-9d58-5c81bf2c0d8e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '505724eac0faf0eb32e4ad25ab5cddfe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--05d36b6d-e23d-4526-9659-3825207516b5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '518a533d6ff1d86afc0f7d94c0a1be7c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b476eef6-0686-4863-92dc-801c6d78bea6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '565a87ba8e79f5e081ea937068082afd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--236c61bb-e294-49b5-8722-1e53c6049005",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '57511cb12fb5f505b3330dfec18f3432']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4624ca82-3fb0-4f2e-8a28-07b30481e680",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '65cbaec27b51d54dc0bceeef298719a8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5f04538c-3a76-41ba-b18b-75d3339f0f4f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '66ac99b3501846a6c18f2671dbf31873']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4526005c-3efa-4c5e-b521-723f71067581",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '6702f0057c401cf390adc28d201118f8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ce76af0c-fa57-493a-9c18-072837a6a7c1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '6b14a4d6212087fe8d88ad012dbc8598']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dbd22033-2475-47c1-bac6-6e61b960e02c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '6b781c1082014a0177f42e918adb35de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--96a53625-fe51-4139-950d-58d21de91e74",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '6c737910247e3122fe810df6a63581f7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a9139ef1-e005-4071-9647-ad27d769cddd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '6c7846d955bb5f3842bb7c35fae1569a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--95d609a3-5dbb-48f8-8007-ea0e388c5e9c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '725489b29e7afbc045b2814dff5474a6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aecf34f9-409d-44d9-aa74-81b85bf40152",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '72ca000f40335d771936d077d4cabefb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d263fe47-f8ad-4670-8778-9243a7d5420e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '75931e00c81274b1c279d23dfdb0bbad']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2220da81-abf3-470b-b701-2c54459f17ef",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '76a8391c77723b06587f648dcbde07e9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--95866c6f-db9e-40f1-95be-e6a49cbe71b7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '775c0666a7a482ce664c72ed9195f120']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6b0fa3b2-591d-4b75-bbdb-463f8d8eeacd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '7a4927e1a2aad1bc8ccef956130df0c0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55f7d093-abd6-493d-babd-66bf54762e4d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '7b8d0b4e718bc543de4a049e23672d79']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--917168f9-1528-471b-a9fd-867da62aa665",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '7b91f06584afdc4a2aa6edd9d04198b7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a7fa7688-9984-4d16-8b16-094e93cbcb11",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '853403bd5feea1ecf83e812759e1ccc7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--254369dd-0307-482a-92af-8a76477554e0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '8690ccd36c9d63b63e8d0278f0449e3b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--144e0dc2-9e85-45f4-a430-0e51c272a973",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '886a8ded2ea2f35ee009088d2c24dd32']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c44aae78-7d61-4a69-ae69-88f0401c72f9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '889e8b93ec0c16ffac62ced220ed8e30']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--089e6102-9ce8-4eac-b3ef-cd7032e9089b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '8f4392f839152c9614699048ee4fea11']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0b6c987c-0fde-4255-bef9-917de3899c07",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '953d5a3d8e00bbd2dba08579d95c61dc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c4897277-405a-434e-a939-e607c736895e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '98bf46542e3e9daa280ef0b395a7dabd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--88d60c23-a955-4d79-b788-26ab8f00d1e1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '9a57a80692012878fcb463f41ce6dcfa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4bba9aa3-502f-48ff-8dfc-67dde1396bb4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '9d50143836d41726b6564a524453b868']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f1b5bc35-f06c-4fa1-bfb0-cf515970eb5f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = '9d9da1992f63776e135c1c1215ee1741']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f220890c-3da5-4049-8ff6-1919dbd9e1aa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'a027a4f65e0b0a83eccb56d9047347bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--41c2d23a-8616-4dc9-9d1d-e1f30323013b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'a5fd946bc7e8b12cdfd207790216b4b1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d7e1e016-6900-40c2-980d-28de5c0185f1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'a6d8cc18af5a983b4c1a7f4838780b01']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5ab60ada-72f6-4ee6-8c70-448ba52953e1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'aa3f386f10864f46a09610d0e03a26b5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4110eb3c-7151-4af7-9455-1ad78326c690",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'aeee6b71690a1df75792fcd3d11b8ede']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f346c00e-6fde-4248-91fa-a9a67b37de17",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'af8de58e3538fcb40334109bcd571939']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5ed77582-dcda-4684-9ef7-01109aa12589",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'b397383ba85fc726b424aac26b42f6ae']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2f595a12-a02e-4039-a0bd-dbeab14ef291",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'b651f7dcfeb3e304f7eb636000a6b935']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d6e96feb-2a30-4639-ac31-8f78e70bc216",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'b895d34958be7565888c15a51e0c73c7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--63568403-a73a-4c87-82f0-950ee3ede427",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'b95ba7fb130f95ccae13c54312a69d36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2b6a7b7a-fd60-48ae-8bf0-ea278cbef19b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'bac7be7eebb8670ae624a0179a366148']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fd8d86cf-23a7-4838-b1bc-1559b8f516b8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'be82532aa428dc5f30107ccfa08da8c6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c9dc5a95-d3e0-41e0-a945-cc607e4cd0cd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'c43c50baa3271b375298847bf6a7fc13']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7ad4a34e-2a37-46f4-84ce-90976c4cb400",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'c4ee082a4ce704dcb3145e2cfd47ef6f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ba332311-bf05-4304-9617-33013ae14b19",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'c7beb386813580a4c4812de3ee1aa429']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7f9731b3-65fd-4e43-9848-479fad69a55f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'c8ed3353ae9c8b84ea7a9e81d2828193']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--39f12b09-de32-4286-a719-357820210485",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'c9c001c45b2eecaee9704fb21e731ac7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--98aa575a-c55f-4537-913a-f1a1675d4087",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'ca09b19b6975e090fb4eda6ced1847b1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--39050e34-8126-411b-95ed-8d992a52b4fd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'cced9e8b1a99b9000f4b958f13b164a5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f9433089-0d22-45ca-916f-361208019432",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'd32e387d60a18fd90c4854f167b4df4b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--203192db-94aa-4b42-9dbd-f35c6097d6d4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'd43e6ae895039108cf68a36140190b0f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--08913795-2bfa-4725-88f4-2e5a5cbf8ce1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'daa6ce148e2b8e5fd694183338db6ec9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7001f3f8-4f2c-43fb-90ab-12c5f7682ec7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'e166ee1de912bf17453d2da1dc06fc6d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b9e39258-11e1-4551-bbac-fc1a037a51d6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'e2c3a6bcb015e2e5137d4a46881d38b6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e4db7983-bb01-4b32-a0f0-048bae836fc4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'f0960552876da5ef74b8ece55116929e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--777c4b13-23b9-4769-8f66-ace2ca05e733",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'f2afcfd2ecfb3ea3261855ce1a4747b7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b3a17b16-0a0c-4f47-9466-eb6b32a1b9bb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'f4a8605fa09e447108eb714eccad57d0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--996583d3-6fc0-4590-9660-a78005c17c5b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:24:44.000Z",
"modified": "2022-09-08T08:24:44.000Z",
"pattern": "[file:hashes.MD5 = 'fae63014d33efe844a25f2606de900b6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:24:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9833203a-742c-457c-a0af-2c0ec40b8a86",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:34.000Z",
"modified": "2022-09-08T08:34:34.000Z",
"pattern": "[url:value = 'iplogger.org/2zaEa6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2ef39360-f4cf-4f9a-bd28-d31eecec3e55",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:34.000Z",
"modified": "2022-09-08T08:34:34.000Z",
"pattern": "[url:value = 'bit.ly/PDF_MicrosoftOnline']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f9280570-9b96-4d97-828b-89e219e1dd4e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:34.000Z",
"modified": "2022-09-08T08:34:34.000Z",
"pattern": "[url:value = 'cdn.filesend.jp/private/hTsvHkbWaUSEZ7ilocBGMTgumxqFmSrVgF-9Ht5LL6YCf4A7Eu28rIxdbo-ND_F9/Chimers.gif']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e23100e0-193f-4a6b-83f3-8ef60f18cd5e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:34.000Z",
"modified": "2022-09-08T08:34:34.000Z",
"pattern": "[url:value = '4sync.com/web/directDownload/QHZsERS6/rHb0lMWD.f2e6a9154ab6cd29b337d6b555367580']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b127c26f-b5df-4796-b55a-246fb7b798a4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = '4sync.com/web/directDownload/rE33SDmE/iNXXJkWJ.4bf28df12d9e7d99bc902edb6d23c6e2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--78d55a9c-e532-4cc8-85b3-ee6073192cf3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'raw.githubusercontent.com/R3mEm/vox/main/vox.ps1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0464f6f2-8364-4e44-afd6-c6e54c9845f9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'paste.c-net.org/CookiesEstrogen']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5fb34be4-6d6b-41c3-aa0a-4808df1f97b3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'paste.c-net.org/ExportDeposit']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e44aa48d-4234-4069-9693-44e256292f3e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'paste.c-net.org/OrientalAntonio']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--92cef6d2-0787-4b0b-b253-13f4364cc4cf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'paste.c-net.org/ShaveDavie']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--20853983-889a-40bf-9101-08a3e6f3e0e4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'paste.c-net.org/SidingFatigue']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8bdc0c71-7905-48f6-a50e-2f47a90d92cf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'paste.c-net.org/HearingsGuided']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4d58fb8d-8178-4d21-bc43-1a62c90c0b44",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'paste.c-net.org/SelvesGangster']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a632f7b6-0424-4205-8bda-8076497d8456",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'paste.c-net.org/StaceConcerns']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--42dc3e4e-b77a-4125-b6b2-a8957c0c77a6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'paste.c-net.org/BogeyUglier']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fb58970a-3ecf-468d-abbd-967eee1f0a86",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'paste.c-net.org/MuggingFunny']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d7bd3aa2-858b-4b17-998d-8dbb6674bd01",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'paste.c-net.org/NelsonTasteful']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--01d771b1-31e2-495f-a0d4-140a03ed4134",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'paste.c-net.org/ShaveDie']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--db0999b0-7dc9-404a-aeb8-3b8ff5ef120e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'paste.c-net.org/GiovanniKismet']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--be82520c-0e2e-4c67-bbef-898eaac24def",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'paste.c-net.org/TreatsGlamour']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--969196a1-47ec-4094-ab9d-21b41d2f0b38",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'paste.c-net.org/NeedlessHorton']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5ec38f89-5c2c-474b-a25b-9ae6b3549e37",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'paste.c-net.org/KillingsSucked']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d8bd94f2-c6c1-419e-aa67-b3af2e8cc8b9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'paste.c-net.org/PuckerStake']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--68222d21-ef47-4ca4-8351-5ca71c19f3aa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'paste.c-net.org/AliacesLorean']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fc4c38ab-32cd-4691-a113-bf9ba6d26ff2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'paste.c-net.org/HazelMagnets']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6a6b0bad-44af-4abc-8c31-cedffef0b8cb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[url:value = 'paste.c-net.org/AliasesKorean']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--993bad72-cfa9-48ef-b0a0-a8ee93f3f59d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T13:33:50.000Z",
"modified": "2022-09-08T13:33:50.000Z",
"description": "masquerading as fintech solutions provider Inexa)",
"pattern": "[domain-name:value = 'paste.inexa-group.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T13:33:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--17156707-a88c-4348-a3e1-6bbf194765e2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[domain-name:value = 'press.giize.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--76777c96-1efd-4fac-a887-944a31ef954c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[domain-name:value = 'tf-bank.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6f7a23e8-beaf-428f-aa38-167c0e78d6bd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[domain-name:value = 'aeternam.me']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--24cf75f7-912b-4c62-bca0-fb51af08bd33",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T13:33:23.000Z",
"modified": "2022-09-08T13:33:23.000Z",
"description": "masquerading as NED bank",
"pattern": "[domain-name:value = 'nedbank.za.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T13:33:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2f5a1bf3-5f23-46fe-b6c4-f11e54d0c196",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[domain-name:value = 'nedbankplc.4nmn.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0e867c18-06df-4ee2-9e36-6bc5d5b74676",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[domain-name:value = 'secure.graviom.fr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dff5c507-9d47-4b43-9268-2ff54e4b729c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:34:35.000Z",
"modified": "2022-09-08T08:34:35.000Z",
"pattern": "[domain-name:value = 'i-development.one']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:34:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8e8c8838-3e91-43ca-89ef-79ffd907a1a5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:55:25.000Z",
"modified": "2022-09-08T08:55:25.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '15.236.51.204']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:55:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c785bb4c-51b2-4c48-a227-ac66b231663e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:55:25.000Z",
"modified": "2022-09-08T08:55:25.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '3.8.126.182']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:55:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6002f131-eafa-477d-a8fd-2fa464db9717",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:55:25.000Z",
"modified": "2022-09-08T08:55:25.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '35.181.50.113']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:55:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--658a2368-3f38-4bfe-b626-3db211c8e6d5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:55:25.000Z",
"modified": "2022-09-08T08:55:25.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '13.37.250.144']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:55:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0636f5d3-80bc-43d9-8f24-9ff08f9c83bb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:55:25.000Z",
"modified": "2022-09-08T08:55:25.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '13.38.90.3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:55:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--53a38b52-2461-4dc8-b256-65af11c54a61",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:55:25.000Z",
"modified": "2022-09-08T08:55:25.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '137.116.142.70']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:55:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--42b439ae-5ed3-44e2-9231-d7a3af92626a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:55:25.000Z",
"modified": "2022-09-08T08:55:25.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '170.130.172.46']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:55:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7e1615a8-5256-4fb1-a68f-58b6b5a65c2b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:55:25.000Z",
"modified": "2022-09-08T08:55:25.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.18.141.199']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:55:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a45adb82-512e-437d-a581-1df773f04833",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:55:25.000Z",
"modified": "2022-09-08T08:55:25.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '20.70.163.11']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:55:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--efee8a4f-c51a-4fb5-a1dc-205f24814df9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:55:25.000Z",
"modified": "2022-09-08T08:55:25.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.9.244.42']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:55:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--389d51c6-6c1e-4012-a28f-e7b33b5f5e12",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T08:55:25.000Z",
"modified": "2022-09-08T08:55:25.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '20.194.195.96']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T08:55:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--29f79d2e-316f-47e3-93bd-3e2f8387093b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T11:35:14.000Z",
"modified": "2022-09-08T11:35:14.000Z",
"pattern": "[file:name = 'IMPORTANT_2022.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T11:35:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c4c41f6b-3abe-4375-a04b-15dd97f7347c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T13:31:02.000Z",
"modified": "2022-09-08T13:31:02.000Z",
"pattern": "[url:value = 'https://3.8.126.182/minom.txt']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T13:31:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6ab11ae2-1157-4586-bc2b-731b488966c8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T13:31:02.000Z",
"modified": "2022-09-08T13:31:02.000Z",
"pattern": "[file:name = '\\\\%USERPROFILE\\\\%\\\\source\\\\repos\\\\Billang\\\\Billang\\\\obj\\\\Release\\\\Billang.pdb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-08T13:31:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--93db2254-c80a-4d20-9470-32be06567c8e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-07T09:18:22.000Z",
"modified": "2022-09-07T09:18:22.000Z",
"labels": [
"misp:name=\"report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "link",
"value": "https://research.checkpoint.com/2022/dangeroussavanna-two-year-long-campaign-targets-financial-institutions-in-french-speaking-africa/",
"category": "External analysis",
"uuid": "61ac2b94-bd26-4b06-8e52-361c0db63f27"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f9642ff6-c0c2-4ba3-841f-bdd86b4ec7cb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-07T12:08:47.000Z",
"modified": "2022-09-07T12:08:47.000Z",
"pattern": "[email-message:body = 'Bonjour <full name>\r\n\r\nNous avons vu votre profil LinkedInm et celui-ci a attir\u00e9 notre attention. Nous avons donc d\u00e9cid\u00e9 d\\'echanger avec vous dans l\\'optique de vous voir int\u00e9grer l\\'une de nos de succursales qui sera tr\u00e8s bient\u00f4t install\u00e9e dans ce pays.\r\n\r\nDans l\\'attente d\\'une suite favorable a notre proposition, recevez nos diff\u00e9rentes propositions conr\u00e8tes en annexe.\r\n\r\nPassez une excellente journ\u00e9e\r\n\r\n\r\nBien cordialement' AND email-message:subject = '\u00c9change Professionnel - Discussion' AND email-message:body_multipart[0].body_raw_ref.name = 'TF_RH02022022.doc' AND email-message:body_multipart[0].content_disposition = 'attachment' AND email-message:body_multipart[1].body_raw_ref.payload_bin = 'UklGRhzxAABXRUJQVlA4TA/xAAAvHEOVABFHbttIEuzuWeX6/4P3qsHcI/o/AbQTcizENpNuVl5KdA2kBSTUob7mMjDaaU8hsWJy7sQ5SdsWilQCn6nz+Qm6PkhSg7MOR+4G2wY3ifvYGOOuEIKwUbNoO7rmcJ/Ydim2BSZcpdi2XI/UYlZCjAoQQ64lj2onQkKCwHXK+UiWfRjt66Tz/wWjIcNkQ4CElRv69nkLl/nveHaZOgkkCSSEeg3IAVy/yxu/oGDs12uRkE3TfjNs7A1WywNuLxO1lrJqIlm1bdWOBsEvcffsWFlrEw7V0v//EneX3r3PNqQPu7Vt1crA3d1X3hdWAP0X4g4nLxu3mxfJjiQpkhWnOT2Y5VYpFfLlPT2Gxfj8x8z86jEzo/o/AQJCSEBX519jcmx9n59d+TMsGk4nG6oqCICO+dWldEKbixwulsVmf0GgKISEIdH0BEEQELbI5qJVX14l8HtxwWJ//8b8LvMfbIKF9WkfTv4Vb88v/d5cOlxkdXnkXo/oakAAznkXTOLz4XbX9zSAaepRdwcoYNh06ztLXQ37I05d2TSJEIKwtLq6hBBjNF1BABAgjJm+6bgaTN90dfMznY/tWMtHM37Snzw0XBlvWkIztjjNQmv83mR3EkClBRYQQkJAKATC68vtR236wfN0aGh+di1waPLZYz27bRCogQRUPgD1EOIeGWS90v1ICOE1lwihE0K4xQU64QzhDo8JnU4Ij3lO6IRO5yUfCSGEO4QQOhe4RgjP6fReQfaxzgrrhBDWOcA6m4SfY9B7bNJ5MMSRUdwidDQxN3hJCH9Jn2tcI/znJZ3wkU4n3OIcVwghPKZzjnCKTgjhHp2XjMkYhPCYjMslMilPCeECGaSTcQhXeE0nvCWEl6gq4RYhnOIEpwghnCtTn32IsAchUgohnpLhSvcnjGFRCG3S7ABgE5sABAAIAQBCCBAAQpsE0wsI3TrBwt9DP/rx/0McWs+orFFWZVVWpZORnc1OaqzKYCer0uukCAQCgp6DMcZZRmWFgBAIiLEYQyFBmAuB+VgcmI+znOX5OKuyqgYgBACor8aM0fhPn2enExYQQtGNwigQHBwc/Pms0CaynFX91iqrWmuttaw2d9rQ9DeBUFAguB8KHSLLWc5yr7VqrbXWWmuttbv+0NoQk7MzQGggqxBaTC2mFuOsyqqsyqqsltXCgGYZQIAGMUIIUYhCFEKIoQfTQmpxHElu3Aww+UcNkgIhH9+ImABqsI6pQBJRoLAtBs0JBBCcxsVFNKJ2sey4C8RsQmV0pDGe7+g9W299wgAUBFREUVBEtQiooMpQ6XShj1ydK0hVVFRUQEUB1ROQU3kqyNIjVAQHbgSVDQNzyXCV4fLfZ87yhaCsYMPtTJLq2Mxk+i4HM1+zuU9qz0VUp72RE/P/7++2cgrPYW+HpEiRogolmhRFihJFWRYtmZIsW5YsW+727b1N732Wvffu3rvkoiuZlkRJliyRJkWqUqIo9t47efri+///D3kkayQS9/IVwAKY4gE06T7T5XRP4cICPAHMdE85KVO+6WcKB/BZ3Mb0IyBM0UIpU7SQAXMxxUoRMgLCxSEQpYeLO0WL6TO/FA1gA5k+o8UxYC1802XgpMjANDl9ypmiBZ0uAUyRgTQamMYLMEULTboN6F7ABNJsYJoImEAswOkRUy5gpkeLs7AWShGCaQbuL2WKJ30KBzAXU67SrSAnRUCYHg2gC8xJv//0exZM0QCaReMUIuBNV3o0AB1EA2gWNnCmj1KmGTgbBZimC3QD/ykKYKVLgFJ80mlgqoE5KQLklAtYA+gCIjDN02cMDFO0mD7iQhe4Sr/TO1O00MKz4GKKnR4HYIoWaVpMn/mnCIFuugagFzQwjYu0KSfFAZQeXmAa0zO9M0UDOIspTNEF5HR54UfbbtW2LUn6/7+13sdc+zKjsVXAamAls0KYaJJJ9phkqpnIJDGpzHhxjtFbaz8d27ZV20qfa58r575vuJORuYekVId6UAciakHuELq7Ozw7950VE4A3//93ctx8Z2bHm53Z2VnvDXYB7C68997dwgqH28P5gz0cPHjgeQN3/u7BOfjz8O4c4Q2BtTCH9TBc7/3Oejs7wX92dhcyAIbuUwkzuVAVuEgNKPTeSyE6UQfKWYRauFyuAETsRbEasCFDZa4GhmIPyhmrBkVekWI9jNjHpWqCzcjVdC3IpfR9yKsF1cIqFFKxHhXhmmCmFpgyY8oOLrtHqRpgLlPAFUGXsgxFV4g//v8NN/7/737OeOJMnKapna73+Vzv623btq3//J9tvGzb3n1q/Vz3WbdJk8aZaHTmYOD//3Dsat//f5zMZGJtslaPVRzWbq9ZXNu2rcfPtW3Wbu/W7mnXyConGyeTTDLJ4B8ToIv+/3V3K+X5P7p9Z++dvZNtcXdP2iRt06Rymso5tVRPp2eqc9zd3d3qPS6106ZTP21O29STtHHdcdtJtj/78efiSdKejGYH+Vz0XAR3y1qDuwYp7g4b548/yEg37vLHOcGtwyK4O+QgXWvjrsFzx/ojI+fBXR5kDNex4u5Q3O0ZHxxGsLAWIxv3kY27Q4fl7owEp5ds3OXg8Mfd3d21rOUOQUbKZXCCuzt/3B2KBHcp7sWDdC5wKHcbdy594+5OcOushbvbxt2d4HKnnYsMbldZC3cP7u78cXcnuDuMz+B+grtDcHfnf4E7viVJUm3bti0zj6ytD1jMjG9r4/9/BTPz3pN5jd5ryXA/km27tm1JUmt9rL3PuecZBlWwepmRxhqFMTbejAXu5TNs795z9pqjxwRog/9/vdy6OecsM/NqVyytLAstmWRLsi2Zma/DzMzJQ2a8aFvXFlqMllbkFbMsrWB3JS0zn91z9uzZs7vnnAfnrCywA1v6hJVhZuZE5dqjiR6F+VGn/3IYVG7IU2ZmbsPM6EplZmbPnHJ1GlQbVMoMD7l9FH5Urlxm2EeeXih5bphJbcCjUpgZNWFOisFioLRlJpWtgsrMzMx3JsyJpiqpXJWZ2WfyqMwYKnNDj8oYTpzhLf9L7lwoM3M9c8flNuSZssrMDTM9YnDKzMwMN2VuVW7DvmWGM1clbZkvlJk5nDxrBsvMzMxtONENPKAAAAAro3q3l9tnnlE07BWVsjKTL6O9++30f0bxf6Ulyae9f0sU0SBFwid7lXX3kVDOnXPnhrtz5+Z7JymSJEmS1GJIDJF5Xbv8QaXHBDgAVfz/gPNMDbM6CxgRK
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-09-07T12:08:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "network"
}
],
"labels": [
"misp:name=\"email\"",
"misp:meta-category=\"network\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e1a08480-f874-40fe-ad5a-fd023f1abad3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-09-08T11:36:22.000Z",
"modified": "2022-09-08T11:36:22.000Z",
"labels": [
"misp:name=\"cookie\"",
"misp:meta-category=\"network\""
],
"x_misp_attributes": [
{
"type": "cookie",
"object_relation": "cookie",
"value": "SessionID\r\n\"$env:userdomain;$u;$env:computername;$env:PROCESSOR_ARCHITECTURE;$pid;$procname;1\"",
"category": "Network activity",
"uuid": "1964b807-7fd1-486c-bf23-ecce189eae75"
},
{
"type": "text",
"object_relation": "cookie-name",
"value": "SessionID",
"category": "Other",
"uuid": "0f43041a-6d74-4eee-9b52-4de525392ddb"
},
{
"type": "text",
"object_relation": "cookie-value",
"value": "\"$env:userdomain;$u;$env:computername;$env:PROCESSOR_ARCHITECTURE;$pid;$procname;1\"",
"category": "Other",
"uuid": "2ac2346c-826e-433a-8840-01e56b28aa12"
}
],
"x_misp_meta_category": "network",
"x_misp_name": "cookie"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
]
}
Reference in a new issue Copy permalink