misp-circl-feed/feeds/circl/misp/582176fc-def0-44a8-b435-4f66950d210f.json

{
    "type": "bundle",
    "id": "bundle--582176fc-def0-44a8-b435-4f66950d210f",
    "objects": [
        {
            "type": "identity",
            "spec_version": "2.1",
            "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T07:00:54.000Z",
            "modified": "2016-11-08T07:00:54.000Z",
            "name": "CIRCL",
            "identity_class": "organization"
        },
        {
            "type": "report",
            "spec_version": "2.1",
            "id": "report--582176fc-def0-44a8-b435-4f66950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T07:00:54.000Z",
            "modified": "2016-11-08T07:00:54.000Z",
            "name": "OSINT - Exaspy \u00e2\u20ac\u201c Commodity Android Spyware Targeting High-level Executives",
            "published": "2016-11-08T07:01:27Z",
            "object_refs": [
                "observed-data--5821770c-ac54-4173-992f-4d01950d210f",
                "url--5821770c-ac54-4173-992f-4d01950d210f",
                "x-misp-attribute--58217727-65a8-4dc0-b579-48c1950d210f",
                "indicator--58217746-abb4-4d54-ad37-4df3950d210f",
                "indicator--58217746-7bcc-4114-8ffb-41a1950d210f",
                "indicator--58217746-e3c4-4a41-930f-4d9c950d210f",
                "indicator--58217746-4598-40a4-8287-4fb6950d210f",
                "indicator--5821775c-cda4-4aa0-aa41-4d1d950d210f",
                "x-misp-attribute--58217777-9a6c-43f6-8331-4551950d210f",
                "indicator--58217826-0f64-4c14-88ac-453f02de0b81",
                "indicator--58217827-8734-4c43-a579-440602de0b81",
                "observed-data--58217827-14d0-43e8-bdaf-467002de0b81",
                "url--58217827-14d0-43e8-bdaf-467002de0b81",
                "indicator--58217827-a93c-41e4-849a-4eef02de0b81",
                "indicator--58217827-4c0c-41be-8414-4af602de0b81",
                "observed-data--58217827-d514-4f1a-8d38-4f9602de0b81",
                "url--58217827-d514-4f1a-8d38-4f9602de0b81",
                "indicator--58217828-a5f0-40ee-b9f5-49d702de0b81",
                "indicator--58217828-039c-4de5-a02c-41a802de0b81",
                "observed-data--58217828-a050-4c4c-a8c2-4fd102de0b81",
                "url--58217828-a050-4c4c-a8c2-4fd102de0b81",
                "indicator--58217828-45ec-4cb9-a1bc-4dc202de0b81",
                "indicator--58217829-ae18-45af-ac90-44d602de0b81",
                "observed-data--58217829-9d78-4f84-9fb1-431702de0b81",
                "url--58217829-9d78-4f84-9fb1-431702de0b81"
            ],
            "labels": [
                "Threat-Report",
                "misp:tool=\"MISP-STIX-Converter\"",
                "ms-caro-malware:malware-platform=\"AndroidOS\"",
                "enisa:nefarious-activity-abuse=\"mobile-malware\"",
                "circl:incident-classification=\"malware\""
            ],
            "object_marking_refs": [
                "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
            ]
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--5821770c-ac54-4173-992f-4d01950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T06:56:12.000Z",
            "modified": "2016-11-08T06:56:12.000Z",
            "first_observed": "2016-11-08T06:56:12Z",
            "last_observed": "2016-11-08T06:56:12Z",
            "number_observed": 1,
            "object_refs": [
                "url--5821770c-ac54-4173-992f-4d01950d210f"
            ],
            "labels": [
                "misp:type=\"link\"",
                "misp:category=\"External analysis\""
            ]
        },
        {
            "type": "url",
            "spec_version": "2.1",
            "id": "url--5821770c-ac54-4173-992f-4d01950d210f",
            "value": "https://www.skycure.com/blog/exaspy-commodity-android-spyware-targeting-high-level-executives/"
        },
        {
            "type": "x-misp-attribute",
            "spec_version": "2.1",
            "id": "x-misp-attribute--58217727-65a8-4dc0-b579-48c1950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T06:56:39.000Z",
            "modified": "2016-11-08T06:56:39.000Z",
            "labels": [
                "misp:type=\"comment\"",
                "misp:category=\"External analysis\""
            ],
            "x_misp_category": "External analysis",
            "x_misp_type": "comment",
            "x_misp_value": "Early September, Skycure Research Labs detected a fake app within one of our customer\u00e2\u20ac\u2122s organizations, identified through our crowd-sourced intelligence policies (whereby anyone running the Skycure mobile app acts as a threat detecting sensor). This customer is a global technology company, which deployed Skycure\u00e2\u20ac\u2122s Enterprise Mobile Threat Defense solution for all iOS and Android devices within their organization. This incident happened on an Android 6.0.1 device, owned by one of the company\u00e2\u20ac\u2122s Vice Presidents. The customer has given us approval to share some of the details about the Spyware app that Skycure discovered."
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--58217746-abb4-4d54-ad37-4df3950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T06:57:10.000Z",
            "modified": "2016-11-08T06:57:10.000Z",
            "description": "com.android.protect",
            "pattern": "[file:hashes.SHA1 = 'c4826138e07636af1eeb6008e580704575ec1bc7']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-11-08T06:57:10Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload installation"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload installation\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--58217746-7bcc-4114-8ffb-41a1950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T06:57:10.000Z",
            "modified": "2016-11-08T06:57:10.000Z",
            "description": "com.android.protect",
            "pattern": "[file:hashes.SHA1 = '4bf89c3bf4fb88ad6456fe5642868272e4e2f364']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-11-08T06:57:10Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload installation"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload installation\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--58217746-e3c4-4a41-930f-4d9c950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T06:57:10.000Z",
            "modified": "2016-11-08T06:57:10.000Z",
            "description": "com.android.protect",
            "pattern": "[file:hashes.SHA1 = '9725c1bf9483ff41f226f22bd331387c187e9179']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-11-08T06:57:10Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload installation"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload installation\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--58217746-4598-40a4-8287-4fb6950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T06:57:10.000Z",
            "modified": "2016-11-08T06:57:10.000Z",
            "description": "com.android.protect",
            "pattern": "[file:hashes.SHA1 = 'f1fbebc2beafe0467ee00e69b3f75719cdbbd693']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-11-08T06:57:10Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload installation"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload installation\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--5821775c-cda4-4aa0-aa41-4d1d950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T06:57:32.000Z",
            "modified": "2016-11-08T06:57:32.000Z",
            "pattern": "[x509-certificate:hashes.SHA1 = 'c5c82ecf20af94e0f2a19078b790d8434ccedb59']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-11-08T06:57:32Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Artifacts dropped"
                }
            ],
            "labels": [
                "misp:type=\"x509-fingerprint-sha1\"",
                "misp:category=\"Artifacts dropped\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "x-misp-attribute",
            "spec_version": "2.1",
            "id": "x-misp-attribute--58217777-9a6c-43f6-8331-4551950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T06:57:59.000Z",
            "modified": "2016-11-08T06:57:59.000Z",
            "labels": [
                "misp:type=\"pattern-in-file\"",
                "misp:category=\"Artifacts dropped\"",
                "misp:to_ids=\"True\""
            ],
            "x_misp_category": "Artifacts dropped",
            "x_misp_type": "pattern-in-file",
            "x_misp_value": "Subject: /O=Exaspy/OU=Exaspy/CN=Exaspy"
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--58217826-0f64-4c14-88ac-453f02de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T07:00:54.000Z",
            "modified": "2016-11-08T07:00:54.000Z",
            "description": "com.android.protect - Xchecked via VT: f1fbebc2beafe0467ee00e69b3f75719cdbbd693",
            "pattern": "[file:hashes.SHA256 = 'fee19f19638b0f66ba5cb32c229c4cb62e197cc10ce061666c543a7d0bdf784a']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-11-08T07:00:54Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload installation"
                }
            ],
            "labels": [
                "misp:type=\"sha256\"",
                "misp:category=\"Payload installation\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--58217827-8734-4c43-a579-440602de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T07:00:55.000Z",
            "modified": "2016-11-08T07:00:55.000Z",
            "description": "com.android.protect - Xchecked via VT: f1fbebc2beafe0467ee00e69b3f75719cdbbd693",
            "pattern": "[file:hashes.MD5 = '7fa9b921f9cf78f9503fa808c44b3f0e']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-11-08T07:00:55Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload installation"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload installation\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--58217827-14d0-43e8-bdaf-467002de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T07:00:55.000Z",
            "modified": "2016-11-08T07:00:55.000Z",
            "first_observed": "2016-11-08T07:00:55Z",
            "last_observed": "2016-11-08T07:00:55Z",
            "number_observed": 1,
            "object_refs": [
                "url--58217827-14d0-43e8-bdaf-467002de0b81"
            ],
            "labels": [
                "misp:type=\"link\"",
                "misp:category=\"External analysis\""
            ]
        },
        {
            "type": "url",
            "spec_version": "2.1",
            "id": "url--58217827-14d0-43e8-bdaf-467002de0b81",
            "value": "https://www.virustotal.com/file/fee19f19638b0f66ba5cb32c229c4cb62e197cc10ce061666c543a7d0bdf784a/analysis/1478545205/"
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--58217827-a93c-41e4-849a-4eef02de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T07:00:55.000Z",
            "modified": "2016-11-08T07:00:55.000Z",
            "description": "com.android.protect - Xchecked via VT: 9725c1bf9483ff41f226f22bd331387c187e9179",
            "pattern": "[file:hashes.SHA256 = 'b9d37ce509d37ade6cb064ff41e6de99fcf686fcea70ae355f76018896eaf508']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-11-08T07:00:55Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload installation"
                }
            ],
            "labels": [
                "misp:type=\"sha256\"",
                "misp:category=\"Payload installation\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--58217827-4c0c-41be-8414-4af602de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T07:00:55.000Z",
            "modified": "2016-11-08T07:00:55.000Z",
            "description": "com.android.protect - Xchecked via VT: 9725c1bf9483ff41f226f22bd331387c187e9179",
            "pattern": "[file:hashes.MD5 = '204f3840d8e641642ddb682827c07e66']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-11-08T07:00:55Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload installation"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload installation\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--58217827-d514-4f1a-8d38-4f9602de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T07:00:55.000Z",
            "modified": "2016-11-08T07:00:55.000Z",
            "first_observed": "2016-11-08T07:00:55Z",
            "last_observed": "2016-11-08T07:00:55Z",
            "number_observed": 1,
            "object_refs": [
                "url--58217827-d514-4f1a-8d38-4f9602de0b81"
            ],
            "labels": [
                "misp:type=\"link\"",
                "misp:category=\"External analysis\""
            ]
        },
        {
            "type": "url",
            "spec_version": "2.1",
            "id": "url--58217827-d514-4f1a-8d38-4f9602de0b81",
            "value": "https://www.virustotal.com/file/b9d37ce509d37ade6cb064ff41e6de99fcf686fcea70ae355f76018896eaf508/analysis/1478208415/"
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--58217828-a5f0-40ee-b9f5-49d702de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T07:00:56.000Z",
            "modified": "2016-11-08T07:00:56.000Z",
            "description": "com.android.protect - Xchecked via VT: 4bf89c3bf4fb88ad6456fe5642868272e4e2f364",
            "pattern": "[file:hashes.SHA256 = 'cd021fdf7e00a76a13e51f8608a687208be3eb68139627a1986bb0c4009dc58c']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-11-08T07:00:56Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload installation"
                }
            ],
            "labels": [
                "misp:type=\"sha256\"",
                "misp:category=\"Payload installation\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--58217828-039c-4de5-a02c-41a802de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T07:00:56.000Z",
            "modified": "2016-11-08T07:00:56.000Z",
            "description": "com.android.protect - Xchecked via VT: 4bf89c3bf4fb88ad6456fe5642868272e4e2f364",
            "pattern": "[file:hashes.MD5 = 'b7a6e575fdd46ae65b0b2a8392811919']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-11-08T07:00:56Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload installation"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload installation\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--58217828-a050-4c4c-a8c2-4fd102de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T07:00:56.000Z",
            "modified": "2016-11-08T07:00:56.000Z",
            "first_observed": "2016-11-08T07:00:56Z",
            "last_observed": "2016-11-08T07:00:56Z",
            "number_observed": 1,
            "object_refs": [
                "url--58217828-a050-4c4c-a8c2-4fd102de0b81"
            ],
            "labels": [
                "misp:type=\"link\"",
                "misp:category=\"External analysis\""
            ]
        },
        {
            "type": "url",
            "spec_version": "2.1",
            "id": "url--58217828-a050-4c4c-a8c2-4fd102de0b81",
            "value": "https://www.virustotal.com/file/cd021fdf7e00a76a13e51f8608a687208be3eb68139627a1986bb0c4009dc58c/analysis/1478547307/"
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--58217828-45ec-4cb9-a1bc-4dc202de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T07:00:56.000Z",
            "modified": "2016-11-08T07:00:56.000Z",
            "description": "com.android.protect - Xchecked via VT: c4826138e07636af1eeb6008e580704575ec1bc7",
            "pattern": "[file:hashes.SHA256 = '0b8eb5b517a5a841a888d583e0a187983c6028b92634116cfc9bf79d165ac988']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-11-08T07:00:56Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload installation"
                }
            ],
            "labels": [
                "misp:type=\"sha256\"",
                "misp:category=\"Payload installation\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--58217829-ae18-45af-ac90-44d602de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T07:00:57.000Z",
            "modified": "2016-11-08T07:00:57.000Z",
            "description": "com.android.protect - Xchecked via VT: c4826138e07636af1eeb6008e580704575ec1bc7",
            "pattern": "[file:hashes.MD5 = 'c4c3522074b9808d10e2828d41aafdda']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-11-08T07:00:57Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload installation"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload installation\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--58217829-9d78-4f84-9fb1-431702de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-11-08T07:00:57.000Z",
            "modified": "2016-11-08T07:00:57.000Z",
            "first_observed": "2016-11-08T07:00:57Z",
            "last_observed": "2016-11-08T07:00:57Z",
            "number_observed": 1,
            "object_refs": [
                "url--58217829-9d78-4f84-9fb1-431702de0b81"
            ],
            "labels": [
                "misp:type=\"link\"",
                "misp:category=\"External analysis\""
            ]
        },
        {
            "type": "url",
            "spec_version": "2.1",
            "id": "url--58217829-9d78-4f84-9fb1-431702de0b81",
            "value": "https://www.virustotal.com/file/0b8eb5b517a5a841a888d583e0a187983c6028b92634116cfc9bf79d165ac988/analysis/1478534532/"
        },
        {
            "type": "marking-definition",
            "spec_version": "2.1",
            "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
            "created": "2017-01-20T00:00:00.000Z",
            "definition_type": "tlp",
            "name": "TLP:WHITE",
            "definition": {
                "tlp": "white"
            }
        }
    ]
}
chg: [feed] added 2023-04-21 13:25:09 +00:00			`{`
chg: [feed] feed updated 2023-06-14 17:31:25 +00:00			`"type": "bundle",`
			`"id": "bundle--582176fc-def0-44a8-b435-4f66950d210f",`
			`"objects": [`
			`{`
			`"type": "identity",`
			`"spec_version": "2.1",`
			`"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T07:00:54.000Z",`
			`"modified": "2016-11-08T07:00:54.000Z",`
			`"name": "CIRCL",`
			`"identity_class": "organization"`
			`},`
			`{`
			`"type": "report",`
			`"spec_version": "2.1",`
			`"id": "report--582176fc-def0-44a8-b435-4f66950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T07:00:54.000Z",`
			`"modified": "2016-11-08T07:00:54.000Z",`
			`"name": "OSINT - Exaspy \u00e2\u20ac\u201c Commodity Android Spyware Targeting High-level Executives",`
			`"published": "2016-11-08T07:01:27Z",`
			`"object_refs": [`
			`"observed-data--5821770c-ac54-4173-992f-4d01950d210f",`
			`"url--5821770c-ac54-4173-992f-4d01950d210f",`
			`"x-misp-attribute--58217727-65a8-4dc0-b579-48c1950d210f",`
			`"indicator--58217746-abb4-4d54-ad37-4df3950d210f",`
			`"indicator--58217746-7bcc-4114-8ffb-41a1950d210f",`
			`"indicator--58217746-e3c4-4a41-930f-4d9c950d210f",`
			`"indicator--58217746-4598-40a4-8287-4fb6950d210f",`
			`"indicator--5821775c-cda4-4aa0-aa41-4d1d950d210f",`
			`"x-misp-attribute--58217777-9a6c-43f6-8331-4551950d210f",`
			`"indicator--58217826-0f64-4c14-88ac-453f02de0b81",`
			`"indicator--58217827-8734-4c43-a579-440602de0b81",`
			`"observed-data--58217827-14d0-43e8-bdaf-467002de0b81",`
			`"url--58217827-14d0-43e8-bdaf-467002de0b81",`
			`"indicator--58217827-a93c-41e4-849a-4eef02de0b81",`
			`"indicator--58217827-4c0c-41be-8414-4af602de0b81",`
			`"observed-data--58217827-d514-4f1a-8d38-4f9602de0b81",`
			`"url--58217827-d514-4f1a-8d38-4f9602de0b81",`
			`"indicator--58217828-a5f0-40ee-b9f5-49d702de0b81",`
			`"indicator--58217828-039c-4de5-a02c-41a802de0b81",`
			`"observed-data--58217828-a050-4c4c-a8c2-4fd102de0b81",`
			`"url--58217828-a050-4c4c-a8c2-4fd102de0b81",`
			`"indicator--58217828-45ec-4cb9-a1bc-4dc202de0b81",`
			`"indicator--58217829-ae18-45af-ac90-44d602de0b81",`
			`"observed-data--58217829-9d78-4f84-9fb1-431702de0b81",`
			`"url--58217829-9d78-4f84-9fb1-431702de0b81"`
			`],`
			`"labels": [`
			`"Threat-Report",`
			`"misp:tool=\"MISP-STIX-Converter\"",`
			`"ms-caro-malware:malware-platform=\"AndroidOS\"",`
			`"enisa:nefarious-activity-abuse=\"mobile-malware\"",`
			`"circl:incident-classification=\"malware\""`
			`],`
			`"object_marking_refs": [`
			`"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"`
			`]`
			`},`
			`{`
			`"type": "observed-data",`
			`"spec_version": "2.1",`
			`"id": "observed-data--5821770c-ac54-4173-992f-4d01950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T06:56:12.000Z",`
			`"modified": "2016-11-08T06:56:12.000Z",`
			`"first_observed": "2016-11-08T06:56:12Z",`
			`"last_observed": "2016-11-08T06:56:12Z",`
			`"number_observed": 1,`
			`"object_refs": [`
			`"url--5821770c-ac54-4173-992f-4d01950d210f"`
			`],`
			`"labels": [`
			`"misp:type=\"link\"",`
			`"misp:category=\"External analysis\""`
			`]`
			`},`
			`{`
			`"type": "url",`
			`"spec_version": "2.1",`
			`"id": "url--5821770c-ac54-4173-992f-4d01950d210f",`
			`"value": "https://www.skycure.com/blog/exaspy-commodity-android-spyware-targeting-high-level-executives/"`
			`},`
			`{`
			`"type": "x-misp-attribute",`
			`"spec_version": "2.1",`
			`"id": "x-misp-attribute--58217727-65a8-4dc0-b579-48c1950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T06:56:39.000Z",`
			`"modified": "2016-11-08T06:56:39.000Z",`
			`"labels": [`
			`"misp:type=\"comment\"",`
			`"misp:category=\"External analysis\""`
			`],`
			`"x_misp_category": "External analysis",`
			`"x_misp_type": "comment",`
			"x_misp_value": "Early September, Skycure Research Labs detected a fake app within one of our customer\u00e2\u20ac\u2122s organizations, identified through our crowd-sourced intelligence policies (whereby anyone running the Skycure mobile app acts as a threat detecting sensor). This customer is a global technology company, which deployed Skycure\u00e2\u20ac\u2122s Enterprise Mobile Threat Defense solution for all iOS and Android devices within their organization. This incident happened on an Android 6.0.1 device, owned by one of the company\u00e2\u20ac\u2122s Vice Presidents. The customer has given us approval to share some of the details about the Spyware app that Skycure discovered."
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--58217746-abb4-4d54-ad37-4df3950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T06:57:10.000Z",`
			`"modified": "2016-11-08T06:57:10.000Z",`
			`"description": "com.android.protect",`
			`"pattern": "[file:hashes.SHA1 = 'c4826138e07636af1eeb6008e580704575ec1bc7']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-11-08T06:57:10Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload installation"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"sha1\"",`
			`"misp:category=\"Payload installation\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--58217746-7bcc-4114-8ffb-41a1950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T06:57:10.000Z",`
			`"modified": "2016-11-08T06:57:10.000Z",`
			`"description": "com.android.protect",`
			`"pattern": "[file:hashes.SHA1 = '4bf89c3bf4fb88ad6456fe5642868272e4e2f364']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-11-08T06:57:10Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload installation"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"sha1\"",`
			`"misp:category=\"Payload installation\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--58217746-e3c4-4a41-930f-4d9c950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T06:57:10.000Z",`
			`"modified": "2016-11-08T06:57:10.000Z",`
			`"description": "com.android.protect",`
			`"pattern": "[file:hashes.SHA1 = '9725c1bf9483ff41f226f22bd331387c187e9179']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-11-08T06:57:10Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload installation"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"sha1\"",`
			`"misp:category=\"Payload installation\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--58217746-4598-40a4-8287-4fb6950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T06:57:10.000Z",`
			`"modified": "2016-11-08T06:57:10.000Z",`
			`"description": "com.android.protect",`
			`"pattern": "[file:hashes.SHA1 = 'f1fbebc2beafe0467ee00e69b3f75719cdbbd693']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-11-08T06:57:10Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload installation"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"sha1\"",`
			`"misp:category=\"Payload installation\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--5821775c-cda4-4aa0-aa41-4d1d950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T06:57:32.000Z",`
			`"modified": "2016-11-08T06:57:32.000Z",`
			`"pattern": "[x509-certificate:hashes.SHA1 = 'c5c82ecf20af94e0f2a19078b790d8434ccedb59']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-11-08T06:57:32Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Artifacts dropped"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"x509-fingerprint-sha1\"",`
			`"misp:category=\"Artifacts dropped\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "x-misp-attribute",`
			`"spec_version": "2.1",`
			`"id": "x-misp-attribute--58217777-9a6c-43f6-8331-4551950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T06:57:59.000Z",`
			`"modified": "2016-11-08T06:57:59.000Z",`
			`"labels": [`
			`"misp:type=\"pattern-in-file\"",`
			`"misp:category=\"Artifacts dropped\"",`
			`"misp:to_ids=\"True\""`
			`],`
			`"x_misp_category": "Artifacts dropped",`
			`"x_misp_type": "pattern-in-file",`
			`"x_misp_value": "Subject: /O=Exaspy/OU=Exaspy/CN=Exaspy"`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--58217826-0f64-4c14-88ac-453f02de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T07:00:54.000Z",`
			`"modified": "2016-11-08T07:00:54.000Z",`
			`"description": "com.android.protect - Xchecked via VT: f1fbebc2beafe0467ee00e69b3f75719cdbbd693",`
			`"pattern": "[file:hashes.SHA256 = 'fee19f19638b0f66ba5cb32c229c4cb62e197cc10ce061666c543a7d0bdf784a']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-11-08T07:00:54Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload installation"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"sha256\"",`
			`"misp:category=\"Payload installation\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--58217827-8734-4c43-a579-440602de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T07:00:55.000Z",`
			`"modified": "2016-11-08T07:00:55.000Z",`
			`"description": "com.android.protect - Xchecked via VT: f1fbebc2beafe0467ee00e69b3f75719cdbbd693",`
			`"pattern": "[file:hashes.MD5 = '7fa9b921f9cf78f9503fa808c44b3f0e']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-11-08T07:00:55Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload installation"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"md5\"",`
			`"misp:category=\"Payload installation\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "observed-data",`
			`"spec_version": "2.1",`
			`"id": "observed-data--58217827-14d0-43e8-bdaf-467002de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T07:00:55.000Z",`
			`"modified": "2016-11-08T07:00:55.000Z",`
			`"first_observed": "2016-11-08T07:00:55Z",`
			`"last_observed": "2016-11-08T07:00:55Z",`
			`"number_observed": 1,`
			`"object_refs": [`
			`"url--58217827-14d0-43e8-bdaf-467002de0b81"`
			`],`
			`"labels": [`
			`"misp:type=\"link\"",`
			`"misp:category=\"External analysis\""`
			`]`
			`},`
			`{`
			`"type": "url",`
			`"spec_version": "2.1",`
			`"id": "url--58217827-14d0-43e8-bdaf-467002de0b81",`
			`"value": "https://www.virustotal.com/file/fee19f19638b0f66ba5cb32c229c4cb62e197cc10ce061666c543a7d0bdf784a/analysis/1478545205/"`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--58217827-a93c-41e4-849a-4eef02de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T07:00:55.000Z",`
			`"modified": "2016-11-08T07:00:55.000Z",`
			`"description": "com.android.protect - Xchecked via VT: 9725c1bf9483ff41f226f22bd331387c187e9179",`
			`"pattern": "[file:hashes.SHA256 = 'b9d37ce509d37ade6cb064ff41e6de99fcf686fcea70ae355f76018896eaf508']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-11-08T07:00:55Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload installation"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"sha256\"",`
			`"misp:category=\"Payload installation\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--58217827-4c0c-41be-8414-4af602de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T07:00:55.000Z",`
			`"modified": "2016-11-08T07:00:55.000Z",`
			`"description": "com.android.protect - Xchecked via VT: 9725c1bf9483ff41f226f22bd331387c187e9179",`
			`"pattern": "[file:hashes.MD5 = '204f3840d8e641642ddb682827c07e66']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-11-08T07:00:55Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload installation"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"md5\"",`
			`"misp:category=\"Payload installation\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "observed-data",`
			`"spec_version": "2.1",`
			`"id": "observed-data--58217827-d514-4f1a-8d38-4f9602de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T07:00:55.000Z",`
			`"modified": "2016-11-08T07:00:55.000Z",`
			`"first_observed": "2016-11-08T07:00:55Z",`
			`"last_observed": "2016-11-08T07:00:55Z",`
			`"number_observed": 1,`
			`"object_refs": [`
			`"url--58217827-d514-4f1a-8d38-4f9602de0b81"`
			`],`
			`"labels": [`
			`"misp:type=\"link\"",`
			`"misp:category=\"External analysis\""`
			`]`
			`},`
			`{`
			`"type": "url",`
			`"spec_version": "2.1",`
			`"id": "url--58217827-d514-4f1a-8d38-4f9602de0b81",`
			`"value": "https://www.virustotal.com/file/b9d37ce509d37ade6cb064ff41e6de99fcf686fcea70ae355f76018896eaf508/analysis/1478208415/"`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--58217828-a5f0-40ee-b9f5-49d702de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T07:00:56.000Z",`
			`"modified": "2016-11-08T07:00:56.000Z",`
			`"description": "com.android.protect - Xchecked via VT: 4bf89c3bf4fb88ad6456fe5642868272e4e2f364",`
			`"pattern": "[file:hashes.SHA256 = 'cd021fdf7e00a76a13e51f8608a687208be3eb68139627a1986bb0c4009dc58c']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-11-08T07:00:56Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload installation"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"sha256\"",`
			`"misp:category=\"Payload installation\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--58217828-039c-4de5-a02c-41a802de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T07:00:56.000Z",`
			`"modified": "2016-11-08T07:00:56.000Z",`
			`"description": "com.android.protect - Xchecked via VT: 4bf89c3bf4fb88ad6456fe5642868272e4e2f364",`
			`"pattern": "[file:hashes.MD5 = 'b7a6e575fdd46ae65b0b2a8392811919']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-11-08T07:00:56Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload installation"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"md5\"",`
			`"misp:category=\"Payload installation\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "observed-data",`
			`"spec_version": "2.1",`
			`"id": "observed-data--58217828-a050-4c4c-a8c2-4fd102de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T07:00:56.000Z",`
			`"modified": "2016-11-08T07:00:56.000Z",`
			`"first_observed": "2016-11-08T07:00:56Z",`
			`"last_observed": "2016-11-08T07:00:56Z",`
			`"number_observed": 1,`
			`"object_refs": [`
			`"url--58217828-a050-4c4c-a8c2-4fd102de0b81"`
			`],`
			`"labels": [`
			`"misp:type=\"link\"",`
			`"misp:category=\"External analysis\""`
			`]`
			`},`
			`{`
			`"type": "url",`
			`"spec_version": "2.1",`
			`"id": "url--58217828-a050-4c4c-a8c2-4fd102de0b81",`
			`"value": "https://www.virustotal.com/file/cd021fdf7e00a76a13e51f8608a687208be3eb68139627a1986bb0c4009dc58c/analysis/1478547307/"`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--58217828-45ec-4cb9-a1bc-4dc202de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T07:00:56.000Z",`
			`"modified": "2016-11-08T07:00:56.000Z",`
			`"description": "com.android.protect - Xchecked via VT: c4826138e07636af1eeb6008e580704575ec1bc7",`
			`"pattern": "[file:hashes.SHA256 = '0b8eb5b517a5a841a888d583e0a187983c6028b92634116cfc9bf79d165ac988']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-11-08T07:00:56Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload installation"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"sha256\"",`
			`"misp:category=\"Payload installation\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--58217829-ae18-45af-ac90-44d602de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T07:00:57.000Z",`
			`"modified": "2016-11-08T07:00:57.000Z",`
			`"description": "com.android.protect - Xchecked via VT: c4826138e07636af1eeb6008e580704575ec1bc7",`
			`"pattern": "[file:hashes.MD5 = 'c4c3522074b9808d10e2828d41aafdda']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-11-08T07:00:57Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload installation"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"md5\"",`
			`"misp:category=\"Payload installation\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "observed-data",`
			`"spec_version": "2.1",`
			`"id": "observed-data--58217829-9d78-4f84-9fb1-431702de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-11-08T07:00:57.000Z",`
			`"modified": "2016-11-08T07:00:57.000Z",`
			`"first_observed": "2016-11-08T07:00:57Z",`
			`"last_observed": "2016-11-08T07:00:57Z",`
			`"number_observed": 1,`
			`"object_refs": [`
			`"url--58217829-9d78-4f84-9fb1-431702de0b81"`
			`],`
			`"labels": [`
			`"misp:type=\"link\"",`
			`"misp:category=\"External analysis\""`
			`]`
			`},`
			`{`
			`"type": "url",`
			`"spec_version": "2.1",`
			`"id": "url--58217829-9d78-4f84-9fb1-431702de0b81",`
			`"value": "https://www.virustotal.com/file/0b8eb5b517a5a841a888d583e0a187983c6028b92634116cfc9bf79d165ac988/analysis/1478534532/"`
			`},`
			`{`
			`"type": "marking-definition",`
			`"spec_version": "2.1",`
			`"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",`
			`"created": "2017-01-20T00:00:00.000Z",`
			`"definition_type": "tlp",`
			`"name": "TLP:WHITE",`
			`"definition": {`
			`"tlp": "white"`
			`}`
			`}`
chg: [feed] added 2023-04-21 13:25:09 +00:00			`]`
			`}`