adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/5a5724c6-5e20-4d61-9ccb-4191950d210f.json

6232 lines
269 KiB
JSON
Raw Normal View History

chg: [feed] added
2023-04-21 13:25:09 +00:00
{
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"type": "bundle",
"id": "bundle--5a5724c6-5e20-4d61-9ccb-4191950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-10T03:01:48.000Z",
"modified": "2018-02-10T03:01:48.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5a5724c6-5e20-4d61-9ccb-4191950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-10T03:01:48.000Z",
"modified": "2018-02-10T03:01:48.000Z",
"name": "OSINT - Mac Malware of 2017",
"published": "2018-02-16T09:00:10Z",
"object_refs": [
"observed-data--5a5725af-c85c-4245-9e36-442b950d210f",
"url--5a5725af-c85c-4245-9e36-442b950d210f",
"x-misp-attribute--5a5726ab-e594-48e0-9f19-099b950d210f",
"observed-data--5a58693b-6748-42fb-8b4e-4507950d210f",
"url--5a58693b-6748-42fb-8b4e-4507950d210f",
"observed-data--5a58693c-6350-40a4-9cf2-4b13950d210f",
"url--5a58693c-6350-40a4-9cf2-4b13950d210f",
"observed-data--5a586a6e-9420-44eb-9341-420d950d210f",
"url--5a586a6e-9420-44eb-9341-420d950d210f",
"observed-data--5a586a6f-c7e0-4330-a459-4a3f950d210f",
"url--5a586a6f-c7e0-4330-a459-4a3f950d210f",
"observed-data--5a586a6f-7aa0-4a57-bad2-4a74950d210f",
"url--5a586a6f-7aa0-4a57-bad2-4a74950d210f",
"observed-data--5a586a6f-b1f0-4118-a840-4916950d210f",
"url--5a586a6f-b1f0-4118-a840-4916950d210f",
"observed-data--5a586a6f-bdc0-4812-a215-4367950d210f",
"url--5a586a6f-bdc0-4812-a215-4367950d210f",
"observed-data--5a586a6f-5334-4881-9275-4493950d210f",
"url--5a586a6f-5334-4881-9275-4493950d210f",
"observed-data--5a586a6f-8e08-456a-95b3-44ca950d210f",
"url--5a586a6f-8e08-456a-95b3-44ca950d210f",
"observed-data--5a586a6f-387c-4485-90b5-420b950d210f",
"url--5a586a6f-387c-4485-90b5-420b950d210f",
"observed-data--5a586a6f-6ee0-4bb2-9ea3-41e5950d210f",
"url--5a586a6f-6ee0-4bb2-9ea3-41e5950d210f",
"observed-data--5a586a6f-1b60-43b2-88a3-4966950d210f",
"url--5a586a6f-1b60-43b2-88a3-4966950d210f",
"observed-data--5a586a6f-8dac-4932-9d31-40e3950d210f",
"url--5a586a6f-8dac-4932-9d31-40e3950d210f",
"observed-data--5a586a6f-3130-4211-9d3e-47e1950d210f",
"url--5a586a6f-3130-4211-9d3e-47e1950d210f",
"observed-data--5a586a6f-d9c8-45d5-9a8d-4246950d210f",
"url--5a586a6f-d9c8-45d5-9a8d-4246950d210f",
"indicator--5a586d3d-d860-4ac4-83d1-4457950d210f",
"indicator--5a586d3d-d274-479d-83c9-4b8f950d210f",
"indicator--5a5870d4-b0a0-42b8-85d7-45c3950d210f",
"indicator--5a5870d4-673c-4b17-a384-46df950d210f",
"indicator--5a5871a8-b690-4501-9bb8-43cf950d210f",
"indicator--5a5874a6-93e4-40c1-bcad-405b950d210f",
"indicator--5a5874a6-5d4c-46e9-a090-4ec9950d210f",
"indicator--5a5874a6-0fbc-4bcd-b43b-4a09950d210f",
"indicator--5a5874a6-8290-4544-9472-4222950d210f",
"indicator--5a587b98-1324-48ec-bc3e-4949950d210f",
"indicator--5a587b98-616c-412d-9933-4c69950d210f",
"indicator--5a587b98-265c-4f10-91f4-4f9e950d210f",
"indicator--5a587b98-3eec-4e65-b45e-4364950d210f",
"indicator--5a587b98-8cdc-4b4c-9072-4f66950d210f",
"indicator--5a587d0d-e7cc-4f45-8596-4575950d210f",
"indicator--5a587d0d-7858-424b-aa19-4dc1950d210f",
"indicator--5a587d0d-abc0-4374-9497-4376950d210f",
"indicator--5a587f73-26fc-49f3-bb30-4c1a950d210f",
"indicator--5a588997-15ac-4228-967b-4a1c950d210f",
"indicator--5a588b7d-77b4-43bb-a98f-4df2950d210f",
"indicator--5a588b7d-78e4-451b-997f-45ee950d210f",
"indicator--5a588b7d-1500-4e04-b20a-41e7950d210f",
"indicator--5a588c8c-c138-4cc7-84b9-421a950d210f",
"indicator--5a588c8d-f950-4fc4-aa8a-4942950d210f",
"indicator--5a588c8d-2f50-4f57-bdeb-48bf950d210f",
"indicator--5a588c8d-0c00-4303-b758-4d53950d210f",
"indicator--5a588c8d-4ba8-4400-84dd-47e9950d210f",
"indicator--5a588cd4-2674-48e6-ba6d-4936950d210f",
"indicator--5a588cd4-296c-4c6b-b525-447d950d210f",
"indicator--5a588cd4-0e2c-4f16-9612-4c46950d210f",
"indicator--5a588cd4-1bd4-4974-80cc-46b5950d210f",
"indicator--5a588cd4-83a8-4070-85fe-4751950d210f",
"indicator--5a588cd4-dcc0-4d12-b524-4832950d210f",
"indicator--5a588ce9-3f18-41de-a8f3-6247950d210f",
"indicator--5a588edc-55c8-4142-9d86-40aa950d210f",
"indicator--5a588efe-f068-422e-8209-4f30950d210f",
"indicator--5a588efe-b770-4240-918f-40d0950d210f",
"indicator--5a588efe-6e7c-49fa-88b0-4926950d210f",
"indicator--5a588fc0-2f8c-44e1-8bc0-4901950d210f",
"indicator--5a58923e-99bc-4f6e-871e-4f47950d210f",
"indicator--5a58927b-3168-4cc8-8adb-45d5950d210f",
"indicator--5a5892db-aadc-434f-b8d2-4545950d210f",
"indicator--5a58b14a-6e58-4ce3-8c6d-408b950d210f",
"indicator--5a58b167-75d4-4ae8-b97e-49b6950d210f",
"indicator--5a58b167-8a0c-444d-b52f-4b59950d210f",
"indicator--5a58b167-c74c-41ef-9ae2-4f42950d210f",
"indicator--5a58b167-1de8-4feb-a032-477d950d210f",
"indicator--5a58bd65-4eb8-43e1-9555-4f95950d210f",
"indicator--5a58bd65-ec78-4531-82ff-439a950d210f",
"indicator--5a58bd65-b0bc-4851-8266-4e43950d210f",
"indicator--5a58bece-2560-4d95-bfdc-4996950d210f",
"indicator--5a58becf-33ac-4d37-bbee-4aaf950d210f",
"indicator--5a58bfe5-fcf4-4b2f-a229-4f94950d210f",
"indicator--5a58bfe6-3008-4b03-90dc-41e0950d210f",
"indicator--5a58c0fb-5c08-4a71-94fc-4dcd950d210f",
"indicator--5a58c0fb-3e30-4946-b9e9-449c950d210f",
"indicator--5a586fc6-e0fc-4f06-b55a-46a7950d210f",
"indicator--5a5870b4-5c68-4077-8cce-4138950d210f",
"indicator--5a587b0f-b46c-4403-be5e-423d950d210f",
"indicator--5a587cfc-3568-4d8d-bcc1-4920950d210f",
"indicator--5a587e34-dc78-4406-897c-4cff950d210f",
"indicator--5a588039-c95c-4895-ad28-43ff950d210f",
"indicator--5a588e6f-c80c-4f1e-ab63-5fa4950d210f",
"indicator--5a588e83-b4f8-44e1-8e4c-5f67950d210f",
"indicator--5a588e93-5dfc-45e3-b6a4-4456950d210f",
"indicator--5a588ea4-afa0-4611-bfb8-5f67950d210f",
"indicator--5a588f59-6d78-49a5-994d-47b5950d210f",
"indicator--5a589228-91e8-4b7e-a099-4ccd950d210f",
"indicator--5a589262-4dd4-4e98-8159-6247950d210f",
"indicator--5a58bada-0930-472d-8af6-4307950d210f",
"indicator--5a58bcda-a8f8-43a6-acb8-4fbc950d210f",
"indicator--5a58bcf9-4efc-4891-99c0-4a32950d210f",
"indicator--5a58bd15-e480-4b26-b998-45da950d210f",
"indicator--5a58c01c-b8f4-40e3-98cd-4936950d210f",
"indicator--5a58c036-a548-4862-a538-446a950d210f",
"indicator--5a58c050-7084-4c75-9670-400a950d210f",
"indicator--5a58c075-f7d4-4c8b-8e4b-4bb9950d210f",
"indicator--5a58c093-809c-40dc-b89c-4465950d210f",
"indicator--5a58c0ae-c4dc-4e61-adac-4746950d210f",
"indicator--5a58c0c3-26d0-4a90-8753-4cf7950d210f",
"indicator--5a58c0d9-822c-4fc7-96ad-4dbc950d210f",
"indicator--1a0ee044-7122-498a-9723-2e6a34cfe282",
"x-misp-object--2721e4a4-3fa7-48d6-a1c5-82c6072fe9cb",
"indicator--dd355e08-3cf3-4834-aff2-942c4d631ef8",
"x-misp-object--d553ed19-0a19-4bff-a1cb-29a2174a1504",
"indicator--607b7d37-5391-4828-9785-747ca987e6d0",
"x-misp-object--c962297e-54fe-479d-bc30-24c2e4425ad9",
"indicator--845b2d47-0368-4a40-91d0-479d97eacda4",
"x-misp-object--22650c01-93d0-43cb-9b39-9e6b3db474eb",
"indicator--8cb5ebee-fcb0-4f05-a707-708b1eaddd59",
"x-misp-object--9f51aaa1-7f34-4b9a-b4a4-34413e3295e3",
"indicator--193ddc06-7e30-4bb9-a2e8-48fbfd5c7f4b",
"x-misp-object--21ee3580-cfc9-41d7-99c2-00615d045962",
"indicator--f2fc9d46-6d9a-497c-b6ba-0b5e6b9210ea",
"x-misp-object--eb9962e1-8c34-45bf-b7be-9ce7bc3fec07",
"indicator--a10445d8-f9e8-485b-8d4a-167ce8bea45d",
"x-misp-object--cb259893-8a4b-4847-b19a-50a9bb705885",
"indicator--f41bbf4c-5ca3-4e62-af09-e1a9145ee05e",
"x-misp-object--bf3e1c52-bd79-4344-beed-865e505b5210",
"indicator--44885bf0-1f38-4d25-b9d9-80c3b47bed40",
"x-misp-object--e4dd2223-b1b9-40d2-b87b-9e819a6a68fb",
"indicator--bf5df298-de3c-4398-9e6d-833e38d5c81f",
"x-misp-object--ddd10108-2f29-4846-bea0-1e80d1c62981",
"indicator--4451bac1-bdc3-4bbd-a01d-ec5902aea71d",
"x-misp-object--3efc2992-b363-4793-87b3-5ec2032cdd31",
"indicator--f9086285-81ea-4ede-b4d3-0c086cd67629",
"x-misp-object--bb34db62-0780-4909-ad47-8d825362d6cf",
"indicator--49b4e424-a863-47c4-907c-e282e6e65df3",
"x-misp-object--b5786be9-5a78-4df3-b021-1dec3dec8d55",
"indicator--5c4fe5fd-d899-4e20-b4b5-e39398733757",
"x-misp-object--4f4b9b57-b256-4d40-ae26-c8602137bfb6",
"indicator--a49ac8ee-df74-445f-9d00-eff900554eb8",
"x-misp-object--d0d53aff-2f5b-4e9e-aca7-1fc077a1edfd",
"indicator--96fcaf45-1bba-4a72-be42-a90d1c2052e2",
"x-misp-object--84bccfef-2072-49f1-b605-8bca7e67be2f",
"indicator--25d83980-fd95-481d-a330-6e969b0253eb",
"x-misp-object--0f57df59-7f2e-4538-ad44-9198ae1eb7e7",
"indicator--9f4c7ec0-65cf-4610-a8ea-c5ee4df70fbf",
"x-misp-object--5d8a7de0-a5d1-4ecb-ac93-60a186a8f4e2",
"indicator--2c61724f-2d3f-4083-854a-6c9cb42784f3",
"x-misp-object--1de4ff44-ee71-4017-a208-7510bc2224ab",
"indicator--7bcab0bd-20d4-4b42-b5f1-268637d54d58",
"x-misp-object--76a37ccf-a61f-4466-b91b-dfb81cd4087d",
"indicator--edd54722-ac7d-4351-ad66-d4961e9e23ed",
"x-misp-object--98ea29fa-c6f3-4bb1-89c7-551a3f1ec0fb",
"indicator--dd110c76-6e54-48c4-badb-b901a57b7bc8",
"x-misp-object--d7545769-a98f-47ac-89e1-9074f18b2266",
"indicator--2c1cfefa-96a0-4099-a720-69b64d16fe5f",
"x-misp-object--2beed4ba-5af8-427c-8270-b6a6456df65c",
"indicator--9cb63957-a223-4016-bf62-7eac015b02a4",
"x-misp-object--83cea96d-ea16-4220-b8d5-88ca68baf4d5",
"indicator--90395b9d-bff0-4af6-adaf-a864379542da",
"x-misp-object--494c3c26-d774-4f6a-aa08-5eba8f2211db",
"indicator--41a354b8-fbc4-48fc-8976-bd9a3593a07c",
"x-misp-object--77040fb6-0d6c-459f-986f-92b37cffe118",
"indicator--480e2ec8-94b2-4682-a591-c2e86c390ead",
"x-misp-object--e6e5e5d4-0dc1-4dca-a921-aa923f455fcf",
"indicator--74bef4c3-487c-4941-b138-c8c0e3413b50",
"x-misp-object--78a04ae2-f33b-4b5a-b0ad-64f842d70385",
"indicator--1f840571-741e-4096-92d6-78e58c49109c",
"x-misp-object--268e55cb-3597-4e16-8007-a8b36cf61376",
"x-misp-object--10efb953-d0cc-4219-8b64-fd1aea48048d",
"x-misp-object--e72fba22-ef47-4486-b345-e02af2e3f2ba",
"x-misp-object--c484d968-23eb-42f0-95b4-c646ff1c4a46",
"x-misp-object--672456f3-351d-4587-8114-0c562fcb6082",
"x-misp-object--a643b2e6-13d0-4844-bb44-3708ee4f1430",
"x-misp-object--cde25116-2c43-45fe-90a9-9d17cf9e4e7c",
"x-misp-object--a41b07c7-d703-4a24-95e3-7d4c50770c9b",
"x-misp-object--e71d92c3-fb0b-4408-95c7-c3afe71baae7",
"x-misp-object--5c4cd601-a2bf-4e3e-b43c-3ee6dbee5ae0",
"x-misp-object--77a6bb0a-b55e-4b33-ae86-c7ae2004d914",
"x-misp-object--c54a631e-db6e-4cc7-856d-07a974bfc25a",
"x-misp-object--0840973f-94a7-411c-9c35-bebd86da7b47",
"x-misp-object--7e1bd57e-b8fe-46ce-acd5-c763793f28c5",
"x-misp-object--01b8d2c8-326f-4555-a514-65bbf934d953",
"indicator--2835626e-b913-4889-a9d9-fdbe227feadb",
"x-misp-object--a28ef769-5398-4eb7-9b00-fab900d14c43",
"x-misp-object--5c2bd08b-1259-4095-9c9e-3b74506b1585",
"x-misp-object--85b2b880-d3e8-4dea-bea6-10c2a491856b",
"indicator--fb3000f4-1ebc-42d4-8e4a-2275d659efe6",
"x-misp-object--5cbeb48f-30a6-478a-bea9-9928524630c6",
"indicator--f53a44f1-158b-4212-bc9e-8e257362a32c",
"x-misp-object--3bd1c560-3b57-4248-b95c-72723eebd90c",
"indicator--edc8ba48-d186-4b7f-a8e4-54fdfee91503",
"x-misp-object--cf7832e0-5495-4a89-95df-cb4dd915842e",
"indicator--f8e43169-3421-43af-8b25-be605a3ea859",
"x-misp-object--2e77adf4-a30d-4dcf-9fcd-9a263b1971c7",
"indicator--770417f7-66d8-4c14-a590-25829420ef72",
"x-misp-object--d250cbbd-0387-4477-9487-647ba7f369ed",
"indicator--18939e64-0afb-4ae4-8995-189b92423b98",
"x-misp-object--55b685d6-7fdc-4538-b113-d253384b213a",
"x-misp-object--e5e57871-79b1-4440-95b3-49bc62c724e5",
"indicator--8d7a2d17-30f8-46c6-aa2c-c99caf8b8208",
"x-misp-object--ece0181f-f705-463f-bea6-08263cc535ba",
"indicator--87463bc1-9173-4071-827c-db9c3d3396bc",
"x-misp-object--f31cc4ab-1875-4f2d-87c9-04b8673ddbe8",
"x-misp-object--f2c6fa6f-7d6b-407a-8e98-3a0e9bcea365",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"relationship--0ee9de0f-b908-410d-aa9c-36f481c7e9ac",
"relationship--1ab34761-8695-4d1c-aa68-36dc6415b977",
"relationship--2aa3ff22-dae8-43eb-81cf-06c652c03f8a",
"relationship--9b515f60-707d-47ae-99c5-8270027a9a68",
"relationship--c4b3b05d-ab85-4d95-9247-1f496299f55e",
"relationship--1d55865e-8645-4e00-ba65-fd51883e244f",
"relationship--1b56dc71-3872-4699-ba9e-e984ff7e67c8",
"relationship--1570d023-2d8b-4469-934e-c3e7f42daf59",
"relationship--f6220148-cb03-4ec1-a346-6007eab19664",
"relationship--afd04559-74ec-414e-b022-458ba20164ce",
"relationship--0704440d-0b93-4188-b5f8-7aad48c3d637",
"relationship--f434c806-fd4f-4e14-bd42-e94a51a17e92",
"relationship--082854fd-583f-4edf-849b-dab1061e862e",
"relationship--c0119aa9-1124-4863-8219-f28b6f72bdbf",
"relationship--3ea8081e-472f-440c-aa66-677bfcf328ec",
"relationship--ae9824b7-e5e0-41b2-bcb4-95ed93e712fe",
"relationship--e35a91ed-b7a5-4f29-a503-7b44f15d1a5a",
"relationship--4a20a1e3-6ed2-47b1-b639-75259af1ab25",
"relationship--5f48124e-8898-48b5-925b-b8b8ea355387",
"relationship--1407f704-e376-49ce-95b9-83cd03f2c299",
"relationship--46bebc07-58f8-4a76-9f09-9ae509e9cf4e",
"relationship--5c4f9904-e029-4252-9a09-b6132d0c768d",
"relationship--523c3e1d-b6ee-412f-bcd1-5ac012a6edfa",
"relationship--5929e453-c69d-4cfb-8049-149703d67196",
"relationship--3f5a919f-1846-4e1a-b458-8047833f85a2",
"relationship--366ba3ca-7a2d-4e9d-baa1-a8a0d09557f3",
"relationship--05e32d4e-30e5-4fb8-8b5f-e67eacbc355a",
"relationship--a399b739-a607-4450-873d-77a582375729",
"relationship--64724df8-a3f5-4345-9beb-752c7da57a49",
"relationship--a91aeff8-7b17-4510-a5c1-6e933700608f",
"relationship--87bbd2cc-a696-44ab-b187-982dbf9cc130",
"relationship--ee191f5b-144d-4dc1-a2d2-bec6b4d35d88",
"relationship--291e5db2-d3df-4f14-aaa6-b9c8ba23c6bb",
"relationship--d7de9c5f-470a-4408-aa9a-1a6cd4e2f1ed",
"relationship--35da715c-a3b5-4bcb-8254-f15ced0fd813",
"relationship--b1e30101-891e-4d3f-95e7-b9dcc52b783b",
"relationship--5bf303a8-cf3a-487c-9a3a-c143c5f041b5",
"relationship--383a307f-73da-4741-869b-d22182ab10e0",
"relationship--90ee1c1b-4c08-4203-ba7f-2888e38da86d",
"relationship--e8127691-28e5-434c-8b36-af6280fe49e7",
"relationship--88082d62-5fee-4671-b510-02d61be97579",
"relationship--db8f1927-5a1c-4745-83e1-703dd2c1e9fc",
"relationship--29f5797f-9168-4220-9408-f83d2f233d98",
"relationship--5cefff89-788d-4c77-8239-5a52ae1b2926",
"relationship--a75ccaf8-a5df-448c-9b97-ebbae2019497",
"relationship--37f834de-d1a4-4f6b-ade6-8c1b623adfe3",
"relationship--61822344-9828-4a82-bcbb-ed3c442eb531",
"relationship--2bb444c1-d941-4430-b0e5-204b6a00acbc",
"relationship--17a9e708-0a3d-4acf-ab3d-f1fc834d40c7",
"relationship--acba2e59-2b2c-4d77-8bc7-4eda42aa2876",
"relationship--ef982198-97bd-4d7a-9958-7f793369ac1f",
"relationship--52caf30b-9999-4103-8657-c534f34d71c7",
"relationship--8c3f09d1-9ae5-45b3-847a-75b1b87a80b9",
"relationship--928c7c29-26e1-44db-bdfe-c9430ed2723f",
"relationship--05cdeb71-6f1e-45d9-ab38-7c0ca7f793ce",
"relationship--34fc1b05-e892-4ca1-9a63-6b339e23b5c7",
"relationship--c6062b18-4dd4-4512-9c56-e9707863f0b9"
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"misp-galaxy:tool=\"FruitFly\"",
"misp-galaxy:tool=\"MacDownloader\"",
"misp-galaxy:ransomware=\"MacRansom\"",
"misp-galaxy:rat=\"MacSpy\"",
"misp-galaxy:tool=\"Empyre\"",
"misp-galaxy:tool=\"Proton\"",
"misp-galaxy:tool=\"Mughthesec\"",
"misp-galaxy:tool=\"Pwnet\"",
"misp-galaxy:tool=\"CpuMeaner\"",
"misp-galaxy:ransomware=\"FileCoder\"",
"misp-galaxy:banker=\"Dok\"",
"misp-galaxy:mitre-malware=\"XAgentOSX\"",
"misp-galaxy:tool=\"X-Agent\"",
"misp-galaxy:tool=\"Turla\"",
"osint:source-type=\"blog-post\"",
"osint:source-type=\"technical-report\"",
"malware_classification:malware-category=\"Ransomware\"",
"ms-caro-malware-full:malware-family=\"Banker\"",
"circl:incident-classification=\"malware\"",
"malware_classification:malware-category=\"Trojan\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a5725af-c85c-4245-9e36-442b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:02.000Z",
"modified": "2018-02-09T14:13:02.000Z",
"first_observed": "2018-02-09T14:13:02Z",
"last_observed": "2018-02-09T14:13:02Z",
"number_observed": 1,
"object_refs": [
"url--5a5725af-c85c-4245-9e36-442b950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"blog-post\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a5725af-c85c-4245-9e36-442b950d210f",
"value": "https://objective-see.com/blog/blog_0x25.html"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5a5726ab-e594-48e0-9f19-099b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:02.000Z",
"modified": "2018-02-09T14:13:02.000Z",
"labels": [
"misp:type=\"comment\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"blog-post\""
],
"x_misp_category": "External analysis",
"x_misp_type": "comment",
"x_misp_value": "For the second year in a row, I've decided to post a blog that comprehensively covers all the new Mac malware that appeared during the course of the year. While the specimens may have been briefly reported on before (i.e. by the AV company that discovered them), this blog aims to cumulatively cover all new Mac malware of 2017 - in one place. For each, we'll dive into various technical details such as identifying the malware's infection vector, persistence mechanism, features & goals, and describe how to clean an infected system."
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a58693b-6748-42fb-8b4e-4507950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:02.000Z",
"modified": "2018-02-09T14:13:02.000Z",
"first_observed": "2018-02-09T14:13:02Z",
"last_observed": "2018-02-09T14:13:02Z",
"number_observed": 1,
"object_refs": [
"url--5a58693b-6748-42fb-8b4e-4507950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"technical-report\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a58693b-6748-42fb-8b4e-4507950d210f",
"value": "https://www.virusbulletin.com/uploads/pdf/magazine/2017/VB2017-Wardle.pdf"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a58693c-6350-40a4-9cf2-4b13950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:02.000Z",
"modified": "2018-02-09T14:13:02.000Z",
"first_observed": "2018-02-09T14:13:02Z",
"last_observed": "2018-02-09T14:13:02Z",
"number_observed": 1,
"object_refs": [
"url--5a58693c-6350-40a4-9cf2-4b13950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"technical-report\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a58693c-6350-40a4-9cf2-4b13950d210f",
"value": "https://www.cybersixgill.com/wp-content/uploads/2017/02/02072017%20-%20Proton%20-%20A%20New%20MAC%20OS%20RAT%20-%20Sixgill%20Threat%20Report.pdf"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a586a6e-9420-44eb-9341-420d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:03.000Z",
"modified": "2018-02-09T14:13:03.000Z",
"first_observed": "2018-02-09T14:13:03Z",
"last_observed": "2018-02-09T14:13:03Z",
"number_observed": 1,
"object_refs": [
"url--5a586a6e-9420-44eb-9341-420d950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a586a6e-9420-44eb-9341-420d950d210f",
"value": "https://blog.malwarebytes.com/threat-analysis/2017/01/new-mac-backdoor-using-antiquated-code/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a586a6f-c7e0-4330-a459-4a3f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:03.000Z",
"modified": "2018-02-09T14:13:03.000Z",
"first_observed": "2018-02-09T14:13:03Z",
"last_observed": "2018-02-09T14:13:03Z",
"number_observed": 1,
"object_refs": [
"url--5a586a6f-c7e0-4330-a459-4a3f950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a586a6f-c7e0-4330-a459-4a3f950d210f",
"value": "https://objective-see.com/blog/blog_0x17.html"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a586a6f-7aa0-4a57-bad2-4a74950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:04.000Z",
"modified": "2018-02-09T14:13:04.000Z",
"first_observed": "2018-02-09T14:13:04Z",
"last_observed": "2018-02-09T14:13:04Z",
"number_observed": 1,
"object_refs": [
"url--5a586a6f-7aa0-4a57-bad2-4a74950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a586a6f-7aa0-4a57-bad2-4a74950d210f",
"value": "https://blog.malwarebytes.com/threat-analysis/mac-threat-analysis/2017/11/osx-proton-spreading-through-fake-symantec-blog/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a586a6f-b1f0-4118-a840-4916950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:04.000Z",
"modified": "2018-02-09T14:13:04.000Z",
"first_observed": "2018-02-09T14:13:04Z",
"last_observed": "2018-02-09T14:13:04Z",
"number_observed": 1,
"object_refs": [
"url--5a586a6f-b1f0-4118-a840-4916950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a586a6f-b1f0-4118-a840-4916950d210f",
"value": "https://iranthreats.github.io/resources/macdownloader-macos-malware/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a586a6f-bdc0-4812-a215-4367950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:04.000Z",
"modified": "2018-02-09T14:13:04.000Z",
"first_observed": "2018-02-09T14:13:04Z",
"last_observed": "2018-02-09T14:13:04Z",
"number_observed": 1,
"object_refs": [
"url--5a586a6f-bdc0-4812-a215-4367950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"blog-post\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a586a6f-bdc0-4812-a215-4367950d210f",
"value": "https://www.welivesecurity.com/2017/10/20/osx-proton-supply-chain-attack-elmedia/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a586a6f-5334-4881-9275-4493950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:05.000Z",
"modified": "2018-02-09T14:13:05.000Z",
"first_observed": "2018-02-09T14:13:05Z",
"last_observed": "2018-02-09T14:13:05Z",
"number_observed": 1,
"object_refs": [
"url--5a586a6f-5334-4881-9275-4493950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"blog-post\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a586a6f-5334-4881-9275-4493950d210f",
"value": "https://objective-see.com/blog/blog_0x1F.html"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a586a6f-8e08-456a-95b3-44ca950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:05.000Z",
"modified": "2018-02-09T14:13:05.000Z",
"first_observed": "2018-02-09T14:13:05Z",
"last_observed": "2018-02-09T14:13:05Z",
"number_observed": 1,
"object_refs": [
"url--5a586a6f-8e08-456a-95b3-44ca950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"blog-post\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a586a6f-8e08-456a-95b3-44ca950d210f",
"value": "https://researchcenter.paloaltonetworks.com/2017/02/unit42-xagentosx-sofacys-xagent-macos-tool/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a586a6f-387c-4485-90b5-420b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:06.000Z",
"modified": "2018-02-09T14:13:06.000Z",
"first_observed": "2018-02-09T14:13:06Z",
"last_observed": "2018-02-09T14:13:06Z",
"number_observed": 1,
"object_refs": [
"url--5a586a6f-387c-4485-90b5-420b950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"blog-post\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a586a6f-387c-4485-90b5-420b950d210f",
"value": "https://www.welivesecurity.com/2017/02/22/new-crypto-ransomware-hits-macos/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a586a6f-6ee0-4bb2-9ea3-41e5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:06.000Z",
"modified": "2018-02-09T14:13:06.000Z",
"first_observed": "2018-02-09T14:13:06Z",
"last_observed": "2018-02-09T14:13:06Z",
"number_observed": 1,
"object_refs": [
"url--5a586a6f-6ee0-4bb2-9ea3-41e5950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"blog-post\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a586a6f-6ee0-4bb2-9ea3-41e5950d210f",
"value": "https://blog.checkpoint.com/2017/04/27/osx-malware-catching-wants-read-https-traffic/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a586a6f-1b60-43b2-88a3-4966950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:06.000Z",
"modified": "2018-02-09T14:13:06.000Z",
"first_observed": "2018-02-09T14:13:06Z",
"last_observed": "2018-02-09T14:13:06Z",
"number_observed": 1,
"object_refs": [
"url--5a586a6f-1b60-43b2-88a3-4966950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"blog-post\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a586a6f-1b60-43b2-88a3-4966950d210f",
"value": "https://blog.malwarebytes.com/threat-analysis/2017/04/new-osx-dok-malware-intercepts-web-traffic/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a586a6f-8dac-4932-9d31-40e3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:07.000Z",
"modified": "2018-02-09T14:13:07.000Z",
"first_observed": "2018-02-09T14:13:07Z",
"last_observed": "2018-02-09T14:13:07Z",
"number_observed": 1,
"object_refs": [
"url--5a586a6f-8dac-4932-9d31-40e3950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"blog-post\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a586a6f-8dac-4932-9d31-40e3950d210f",
"value": "https://objective-see.com/blog/blog_0x18.html"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a586a6f-3130-4211-9d3e-47e1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:07.000Z",
"modified": "2018-02-09T14:13:07.000Z",
"first_observed": "2018-02-09T14:13:07Z",
"last_observed": "2018-02-09T14:13:07Z",
"number_observed": 1,
"object_refs": [
"url--5a586a6f-3130-4211-9d3e-47e1950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"blog-post\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a586a6f-3130-4211-9d3e-47e1950d210f",
"value": "https://blog.malwarebytes.com/threat-analysis/2017/05/snake-malware-ported-windows-mac/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a586a6f-d9c8-45d5-9a8d-4246950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:08.000Z",
"modified": "2018-02-09T14:13:08.000Z",
"first_observed": "2018-02-09T14:13:08Z",
"last_observed": "2018-02-09T14:13:08Z",
"number_observed": 1,
"object_refs": [
"url--5a586a6f-d9c8-45d5-9a8d-4246950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"blog-post\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a586a6f-d9c8-45d5-9a8d-4246950d210f",
"value": "https://blog.fox-it.com/2017/05/03/snake-coming-soon-in-mac-os-x-flavour/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a586d3d-d860-4ac4-83d1-4457950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:08.000Z",
"modified": "2018-02-09T14:13:08.000Z",
"description": "command and control (C&C) servers",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '99.153.29.240']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a586d3d-d274-479d-83c9-4b8f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:08.000Z",
"modified": "2018-02-09T14:13:08.000Z",
"description": "command and control (C&C) servers",
"pattern": "[domain-name:value = 'eidk.hopto.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5870d4-b0a0-42b8-85d7-45c3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T08:24:52.000Z",
"modified": "2018-01-12T08:24:52.000Z",
"pattern": "[file:hashes.SHA256 = '94cc470c0fdd60570e58682aa7619d665eb710e3407d1f9685b7b00bf26f9647']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T08:24:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5870d4-673c-4b17-a384-46df950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T08:24:52.000Z",
"modified": "2018-01-12T08:24:52.000Z",
"pattern": "[file:hashes.SHA256 = '694b15d69264062e82d43e8ddb4a5efe4435574f8d91e29523c4298894b70c26']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T08:24:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5871a8-b690-4501-9bb8-43cf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T08:28:24.000Z",
"modified": "2018-01-12T08:28:24.000Z",
"description": "OSX/FruitFly, variant \u00e2\u20ac\u02dcB\u00e2\u20ac\u2122",
"pattern": "[file:hashes.SHA256 = 'befa9bfe488244c64db096522b4fad73fc01ea8c4cd0323f1cbdee81ba008271']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T08:28:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5874a6-93e4-40c1-bcad-405b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:09.000Z",
"modified": "2018-02-09T14:13:09.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '67.188.230.50']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5874a6-5d4c-46e9-a090-4ec9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:09.000Z",
"modified": "2018-02-09T14:13:09.000Z",
"pattern": "[file:name = 'gro.otpoh.kdie']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5874a6-0fbc-4bcd-b43b-4a09950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:10.000Z",
"modified": "2018-02-09T14:13:10.000Z",
"pattern": "[file:name = 'gro.sndkcud.kdie']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5874a6-8290-4544-9472-4222950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:10.000Z",
"modified": "2018-02-09T14:13:10.000Z",
"pattern": "[domain-name:value = 'eidk.duckdns.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a587b98-1324-48ec-bc3e-4949950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:11.000Z",
"modified": "2018-02-09T14:13:11.000Z",
"pattern": "[file:name = 'checkadr.txt']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a587b98-616c-412d-9933-4c69950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:11.000Z",
"modified": "2018-02-09T14:13:11.000Z",
"pattern": "[url:value = 'http://46.17.97.37/Servermac.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a587b98-265c-4f10-91f4-4f9e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:11.000Z",
"modified": "2018-02-09T14:13:11.000Z",
"pattern": "[file:name = 'eula-help.txt']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a587b98-3eec-4e65-b45e-4364950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:12.000Z",
"modified": "2018-02-09T14:13:12.000Z",
"pattern": "[url:value = 'http://192.168.3.217/DroperTest']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a587b98-8cdc-4b4c-9072-4f66950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:12.000Z",
"modified": "2018-02-09T14:13:12.000Z",
"pattern": "[file:name = 'appId.txt']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a587d0d-e7cc-4f45-8596-4575950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:12.000Z",
"modified": "2018-02-09T14:13:12.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.17.97.37']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a587d0d-7858-424b-aa19-4dc1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:13.000Z",
"modified": "2018-02-09T14:13:13.000Z",
"pattern": "[domain-name:value = 'officialswebsites.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a587d0d-abc0-4374-9497-4376950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:13.000Z",
"modified": "2018-02-09T14:13:13.000Z",
"pattern": "[domain-name:value = 'utc.officialswebsites.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a587f73-26fc-49f3-bb30-4c1a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:14.000Z",
"modified": "2018-02-09T14:13:14.000Z",
"pattern": "[url:value = 'https://www.securitychecking.org:443/index.asp']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588997-15ac-4228-967b-4a1c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T10:10:31.000Z",
"modified": "2018-01-12T10:10:31.000Z",
"pattern": "[file:hashes.SHA256 = '128814f2b057aef1dd3e00f3749aed2a81e5ed03737311f2b1faab4ab2e6e2fe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T10:10:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588b7d-77b4-43bb-a98f-4df2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:14.000Z",
"modified": "2018-02-09T14:13:14.000Z",
"description": "command and control server",
"pattern": "[domain-name:value = 'handbrake.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588b7d-78e4-451b-997f-45ee950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:14.000Z",
"modified": "2018-02-09T14:13:14.000Z",
"description": "command and control server",
"pattern": "[domain-name:value = 'handbrakestore.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588b7d-1500-4e04-b20a-41e7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:15.000Z",
"modified": "2018-02-09T14:13:15.000Z",
"description": "command and control server",
"pattern": "[domain-name:value = 'handbrake.cc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588c8c-c138-4cc7-84b9-421a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:15.000Z",
"modified": "2018-02-09T14:13:15.000Z",
"description": "C2",
"pattern": "[url:value = 'http://23.227.196.215/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588c8d-f950-4fc4-aa8a-4942950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:16.000Z",
"modified": "2018-02-09T14:13:16.000Z",
"description": "C2",
"pattern": "[url:value = 'http://apple-iclods.org/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588c8d-2f50-4f57-bdeb-48bf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:16.000Z",
"modified": "2018-02-09T14:13:16.000Z",
"description": "C2",
"pattern": "[url:value = 'http://apple-checker.org/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588c8d-0c00-4303-b758-4d53950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:16.000Z",
"modified": "2018-02-09T14:13:16.000Z",
"description": "C2",
"pattern": "[url:value = 'http://apple-uptoday.org/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588c8d-4ba8-4400-84dd-47e9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:17.000Z",
"modified": "2018-02-09T14:13:17.000Z",
"description": "C2",
"pattern": "[url:value = 'http://apple-search.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588cd4-2674-48e6-ba6d-4936950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:17.000Z",
"modified": "2018-02-09T14:13:17.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.227.196.215']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588cd4-296c-4c6b-b525-447d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:17.000Z",
"modified": "2018-02-09T14:13:17.000Z",
"pattern": "[domain-name:value = 'apple-iclods.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588cd4-0e2c-4f16-9612-4c46950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:18.000Z",
"modified": "2018-02-09T14:13:18.000Z",
"pattern": "[domain-name:value = 'apple-checker.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588cd4-1bd4-4974-80cc-46b5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:18.000Z",
"modified": "2018-02-09T14:13:18.000Z",
"pattern": "[domain-name:value = 'apple-uptoday.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588cd4-83a8-4070-85fe-4751950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:19.000Z",
"modified": "2018-02-09T14:13:19.000Z",
"pattern": "[domain-name:value = 'apple-search.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588cd4-dcc0-4d12-b524-4832950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:19.000Z",
"modified": "2018-02-09T14:13:19.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.227.196.217']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588ce9-3f18-41de-a8f3-6247950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T10:24:41.000Z",
"modified": "2018-01-12T10:24:41.000Z",
"pattern": "[file:hashes.SHA256 = '2a854997a44f4ba7e307d408ea2d9c1d84dde035c5dab830689aa45c5b5746ea']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T10:24:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588edc-55c8-4142-9d86-40aa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:20.000Z",
"modified": "2018-02-09T14:13:20.000Z",
"description": "Proton C2 domain",
"pattern": "[domain-name:value = 'eltima.in']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588efe-f068-422e-8209-4f30950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:20.000Z",
"modified": "2018-02-09T14:13:20.000Z",
"description": "URL distributing the trojanized application at the time of discovery.",
"pattern": "[url:value = 'https://mac.eltima.com/download/elmediaplayer.dmg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588efe-b770-4240-918f-40d0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:20.000Z",
"modified": "2018-02-09T14:13:20.000Z",
"description": "URL distributing the trojanized application at the time of discovery.",
"pattern": "[url:value = 'http://www.elmedia-video-player.com/download/elmediaplayer.dmg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588efe-6e7c-49fa-88b0-4926950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:21.000Z",
"modified": "2018-02-09T14:13:21.000Z",
"description": "URL distributing the trojanized application at the time of discovery.",
"pattern": "[url:value = 'https://mac.eltima.com/download/downloader_mac.dmg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588fc0-2f8c-44e1-8bc0-4901950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T10:36:48.000Z",
"modified": "2018-01-12T10:36:48.000Z",
"description": "ZIP archive with the Proton malware and Python scripts",
"pattern": "[file:hashes.SHA1 = '10a09c09fd5dd76202e308718a357abc7de291b5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T10:36:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58923e-99bc-4f6e-871e-4f47950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T10:47:26.000Z",
"modified": "2018-01-12T10:47:26.000Z",
"description": "Launcher (or wrapper)",
"pattern": "[file:hashes.SHA1 = '30d77908ac9d37c4c14d32ea3e0b8df4c7e75464']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T10:47:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58927b-3168-4cc8-8adb-45d5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T10:48:27.000Z",
"modified": "2018-01-12T10:48:27.000Z",
"description": "Proton malware, not signed",
"pattern": "[file:hashes.SHA1 = 'ef5a11a1bb5b2423554309688aa7947f4afa5388']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T10:48:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5892db-aadc-434f-b8d2-4545950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:21.000Z",
"modified": "2018-02-09T14:13:21.000Z",
"pattern": "[domain-name:value = 'symantecblog.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58b14a-6e58-4ce3-8c6d-408b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:22.000Z",
"modified": "2018-02-09T14:13:22.000Z",
"pattern": "[domain-name:value = 'apple-iclods.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58b167-75d4-4ae8-b97e-49b6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:22.000Z",
"modified": "2018-02-09T14:13:22.000Z",
"pattern": "[url:value = 'http://23.227.196.215']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58b167-8a0c-444d-b52f-4b59950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:22.000Z",
"modified": "2018-02-09T14:13:22.000Z",
"pattern": "[url:value = 'http://apple-iclods.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58b167-c74c-41ef-9ae2-4f42950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:23.000Z",
"modified": "2018-02-09T14:13:23.000Z",
"pattern": "[url:value = 'http://apple-checker.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58b167-1de8-4feb-a032-477d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:23.000Z",
"modified": "2018-02-09T14:13:23.000Z",
"pattern": "[url:value = 'http://apple-uptoday.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58bd65-4eb8-43e1-9555-4f95950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T13:51:33.000Z",
"modified": "2018-01-12T13:51:33.000Z",
"description": "Dok",
"pattern": "[file:hashes.SHA256 = '3f0130cfd7bf61b8e8226dd4775319c7376a08ec019f9df12875e9ea55992e94']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T13:51:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58bd65-ec78-4531-82ff-439a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T13:51:33.000Z",
"modified": "2018-01-12T13:51:33.000Z",
"description": "Dok",
"pattern": "[file:hashes.SHA256 = 'cd93142f1e0bac1d73235515bc127f5f9634eafde0bea2d6c294bf3549d612b7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T13:51:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58bd65-b0bc-4851-8266-4e43950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T13:51:33.000Z",
"modified": "2018-01-12T13:51:33.000Z",
"description": "Dok",
"pattern": "[file:hashes.SHA256 = '4252e482c9801463e6f684c71f70cb64a17ae74957ed8986f2401c653acae1d7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T13:51:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58bece-2560-4d95-bfdc-4996950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T13:57:34.000Z",
"modified": "2018-01-12T13:57:34.000Z",
"pattern": "[file:hashes.SHA256 = '7819ae7d72fa045baa77e9c8e063a69df439146b27f9c3bb10aef52dcc77c145']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T13:57:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58becf-33ac-4d37-bbee-4aaf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T13:57:35.000Z",
"modified": "2018-01-12T13:57:35.000Z",
"pattern": "[file:hashes.SHA256 = '4131d4737fe8dfe66d407bfd0a0df18a4a77b89347471cc012da8efc93c661a5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T13:57:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58bfe5-fcf4-4b2f-a229-4f94950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:24.000Z",
"modified": "2018-02-09T14:13:24.000Z",
"pattern": "[file:name = '/Library/LaunchDaemons/com.adobe.update.plist']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58bfe6-3008-4b03-90dc-41e0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:24.000Z",
"modified": "2018-02-09T14:13:24.000Z",
"pattern": "[file:name = '/Library/Scripts/installd.sh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58c0fb-5c08-4a71-94fc-4dcd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:24.000Z",
"modified": "2018-02-09T14:13:24.000Z",
"pattern": "[domain-name:value = 'car-service.effers.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58c0fb-3e30-4946-b9e9-449c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:25.000Z",
"modified": "2018-02-09T14:13:25.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '83.229.87.11']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a586fc6-e0fc-4f06-b55a-46a7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T08:20:22.000Z",
"modified": "2018-01-12T08:20:22.000Z",
"pattern": "[file:hashes.SHA256 = 'b556c04c768d57af104716386fe4f23b01aa9d707cbc60385895e2b4fc08c9b0' AND file:name = 'macsvc' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T08:20:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5870b4-5c68-4077-8cce-4138950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T08:24:20.000Z",
"modified": "2018-01-12T08:24:20.000Z",
"pattern": "[file:hashes.SHA256 = 'bbbf73741078d1e74ab7281189b13f13b50308cf03d3df34bc9f6a90065a4a55' AND file:name = 'afpscan' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T08:24:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a587b0f-b46c-4403-be5e-423d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T09:08:31.000Z",
"modified": "2018-01-12T09:08:31.000Z",
"pattern": "[file:hashes.SHA256 = '52efcfe30f96a85c9c068880c20663db64f0e08346e0f3b59c2e5bbcb41ba73c' AND file:name = 'addone flashplayer.app.zip' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T09:08:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a587cfc-3568-4d8d-bcc1-4920950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T09:16:44.000Z",
"modified": "2018-01-12T09:16:44.000Z",
"pattern": "[file:hashes.SHA256 = '7a9cdb9d608b88bd7afce001cb285c2bb2ae76f5027977e8635aa04bd064ffb7' AND file:name = 'Bitdefender Adware Removal Tool' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T09:16:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a587e34-dc78-4406-897c-4cff950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T09:21:56.000Z",
"modified": "2018-01-12T09:21:56.000Z",
"pattern": "[file:hashes.SHA256 = '07adb8253ccc6fee20940de04c1bf4a54a4455525b2ac33f9c95713a8a102f3d' AND file:name = 'U.S. Allies and Rivals Digest Trump\\'s Victory - Carnegie Endowment for International Peace.docm' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T09:21:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588039-c95c-4895-ad28-43ff950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T09:30:33.000Z",
"modified": "2018-01-12T09:30:33.000Z",
"pattern": "[domain-name:value = 'www.securitychecking.org' AND domain-name:resolves_to_refs[*].value = '185.22.174.37']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T09:30:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "network"
}
],
"labels": [
"misp:name=\"domain-ip\"",
"misp:meta-category=\"network\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588e6f-c80c-4f1e-ab63-5fa4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T10:31:14.000Z",
"modified": "2018-01-12T10:31:14.000Z",
"pattern": "[file:hashes.SHA1 = '0603353852e174fc0337642e3957c7423f182a8c' AND file:x_misp_state = 'Harmless']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T10:31:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588e83-b4f8-44e1-8e4c-5f67950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T10:31:34.000Z",
"modified": "2018-01-12T10:31:34.000Z",
"pattern": "[file:hashes.SHA1 = 'e9dcdae1406ab1132dc9d507fd63503e5c4d41d9' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T10:31:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588e93-5dfc-45e3-b6a4-4456950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T10:31:50.000Z",
"modified": "2018-01-12T10:31:50.000Z",
"pattern": "[file:hashes.SHA1 = '8cfa551d15320f0157ece3bdf30b1c62765a93a5' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T10:31:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588ea4-afa0-4611-bfb8-5f67950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T10:32:07.000Z",
"modified": "2018-01-12T10:32:07.000Z",
"pattern": "[file:hashes.SHA1 = '0400b35d703d872adc64aa7ef914a260903998ca' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T10:32:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a588f59-6d78-49a5-994d-47b5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T10:35:08.000Z",
"modified": "2018-01-12T10:35:08.000Z",
"description": "ZIP archive with the Proton malware and Python scripts",
"pattern": "[file:hashes.SHA1 = '9e5378165bb20e9a7f74a7fcc73b528f7b231a75' AND file:name = 'Elmedia Player.app/Contents/Resources/.pl.zip' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T10:35:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a589228-91e8-4b7e-a099-4ccd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T10:47:07.000Z",
"modified": "2018-01-12T10:47:07.000Z",
"description": "Launcher (or wrapper)",
"pattern": "[file:hashes.SHA1 = 'c9472d791c076a10dce5ff0d3ab6e7706524b741' AND file:name = 'Elmedia Player.app/Contents/MacOS/Elmedia Player' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T10:47:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a589262-4dd4-4e98-8159-6247950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T10:48:05.000Z",
"modified": "2018-01-12T10:48:05.000Z",
"description": "Proton malware, not signed",
"pattern": "[file:hashes.SHA1 = '3ef34e2581937babd2b7ce63ab1d92cd9440181a' AND file:name = 'Updater.app/Contents/MacOS/Updater' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T10:48:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58bada-0930-472d-8af6-4307950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T13:40:45.000Z",
"modified": "2018-01-12T13:40:45.000Z",
"description": "ZIP of App bundle",
"pattern": "[file:hashes.SHA1 = '1b7380d283ceebcabb683464ba0bb6dd73d6e886' AND file:name = 'Office 2016 Patcher.zip' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T13:40:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58bcda-a8f8-43a6-acb8-4fbc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T13:49:17.000Z",
"modified": "2018-01-12T13:49:17.000Z",
"description": "ZIP of App bundle",
"pattern": "[file:hashes.SHA1 = 'a91a529f89b1ab8792c345f823e101b55d656a08' AND file:name = 'Adobe Premiere Pro CC 2017 Patcher.zip' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T13:49:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58bcf9-4efc-4891-99c0-4a32950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T13:49:48.000Z",
"modified": "2018-01-12T13:49:48.000Z",
"description": "Mach-O",
"pattern": "[file:hashes.SHA1 = 'e55fe159e6e3a8459e9363401fcc864335fee321' AND file:name = 'Office 2016 Patcher' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T13:49:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58bd15-e480-4b26-b998-45da950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T13:50:16.000Z",
"modified": "2018-01-12T13:50:16.000Z",
"description": "Mach-O",
"pattern": "[file:hashes.SHA1 = '3820b23c1057f8c3522c47737f25183a3c15e4db' AND file:name = 'Adobe Premiere Pro CC 2017 Patcher' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T13:50:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58c01c-b8f4-40e3-98cd-4936950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:03:08.000Z",
"modified": "2018-01-12T14:03:08.000Z",
"pattern": "[file:hashes.SHA256 = 'b8ee4556dc09b28826359b98343a4e00680971a6f8c6602747bd5d723d26eaea' AND file:name = 'Install Adobe Flash Player.app.zip' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:03:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58c036-a548-4862-a538-446a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:03:34.000Z",
"modified": "2018-01-12T14:03:34.000Z",
"pattern": "[file:hashes.SHA256 = '5b7792a16c6b7978fca389882c6aeeb2c792352076bf6a064e7b8b90eace8060' AND file:name = 'Install' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:03:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58c050-7084-4c75-9670-400a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:04:00.000Z",
"modified": "2018-01-12T14:04:00.000Z",
"pattern": "[file:hashes.SHA256 = '0a77f1b59c829a83d91a12c871fbd30c5c9d04b455f497e0c231cd21104bfea9' AND file:name = 'install.sh' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:04:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58c075-f7d4-4c8b-8e4b-4bb9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:04:37.000Z",
"modified": "2018-01-12T14:04:37.000Z",
"pattern": "[file:hashes.SHA256 = '7848f7808af02ba0466f3a0687cf949c4d29a2d94b035481a3299ec519aaaa30' AND file:name = 'Install Adobe Flash Player' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:04:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58c093-809c-40dc-b89c-4465950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:05:07.000Z",
"modified": "2018-01-12T14:05:07.000Z",
"pattern": "[file:hashes.SHA256 = 'd5ea79632a1a67abbf9fb1c2813b899c90a5fb9442966ed4f530e92715087ee2' AND file:name = 'Installdp' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:05:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58c0ae-c4dc-4e61-adac-4746950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:05:34.000Z",
"modified": "2018-01-12T14:05:34.000Z",
"pattern": "[file:hashes.SHA256 = 'b6df610aa5c1254c3af5b2ff806562c4937704e4ac248577cdcd3e7e7b3578a0' AND file:name = 'com.adobe.update' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:05:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58c0c3-26d0-4a90-8753-4cf7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:05:55.000Z",
"modified": "2018-01-12T14:05:55.000Z",
"pattern": "[file:hashes.SHA256 = '6e207a375782e3c9d86a3e426cfa38eddcf4898b3556abc75889f7e01cc49506' AND file:name = 'installd.sh' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:05:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a58c0d9-822c-4fc7-96ad-4dbc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:06:17.000Z",
"modified": "2018-01-12T14:06:17.000Z",
"pattern": "[file:hashes.SHA256 = '92721d719b8085748fb66366d202457f6d38bfa108a2ecda71eee7e68f43a387' AND file:name = 'queue' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:06:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1a0ee044-7122-498a-9723-2e6a34cfe282",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:35.000Z",
"modified": "2018-01-12T14:07:35.000Z",
"pattern": "[file:hashes.MD5 = '766f058837b08f890bb97198c21b6cc1' AND file:hashes.SHA1 = 'a91a529f89b1ab8792c345f823e101b55d656a08' AND file:hashes.SHA256 = 'c68814901d0af5de410c152e62a06a51c16ec7fe118f1e5251bbcdbb27364709']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--2721e4a4-3fa7-48d6-a1c5-82c6072fe9cb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:32.000Z",
"modified": "2018-01-12T14:07:32.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/c68814901d0af5de410c152e62a06a51c16ec7fe118f1e5251bbcdbb27364709/analysis/1501703565/",
"category": "External analysis",
"uuid": "5a58c124-f528-425a-945d-401002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "31/59",
"category": "Other",
"uuid": "5a58c124-1cd0-4c4d-8d7c-4db102de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-08-02T19:52:45",
"category": "Other",
"uuid": "5a58c124-83a4-409a-93a3-474702de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dd355e08-3cf3-4834-aff2-942c4d631ef8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:35.000Z",
"modified": "2018-01-12T14:07:35.000Z",
"pattern": "[file:hashes.MD5 = '29fb77664fc4f13ea5f65cfe01b292af' AND file:hashes.SHA1 = '8cfa551d15320f0157ece3bdf30b1c62765a93a5' AND file:hashes.SHA256 = 'c9140c869123e0c7a4d064a9e82bb1549c3e382cdcf2c119bcbe78911915208b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--d553ed19-0a19-4bff-a1cb-29a2174a1504",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:32.000Z",
"modified": "2018-01-12T14:07:32.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/c9140c869123e0c7a4d064a9e82bb1549c3e382cdcf2c119bcbe78911915208b/analysis/1508668992/",
"category": "External analysis",
"uuid": "5a58c124-4378-4212-99ee-435c02de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "16/58",
"category": "Other",
"uuid": "5a58c124-bc04-4d71-89f6-4c7c02de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-10-22T10:43:12",
"category": "Other",
"uuid": "5a58c125-baf8-4e35-93df-4ada02de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--607b7d37-5391-4828-9785-747ca987e6d0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:36.000Z",
"modified": "2018-01-12T14:07:36.000Z",
"pattern": "[file:hashes.MD5 = 'ff44372fce42ffe13222e7237d4cdef1' AND file:hashes.SHA1 = 'ef5a11a1bb5b2423554309688aa7947f4afa5388' AND file:hashes.SHA256 = '061f056338e00d38cdfb6b1f40d8e4f8d3f1d7214f6d9a48d0d91d766b7574b7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--c962297e-54fe-479d-bc30-24c2e4425ad9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:33.000Z",
"modified": "2018-01-12T14:07:33.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/061f056338e00d38cdfb6b1f40d8e4f8d3f1d7214f6d9a48d0d91d766b7574b7/analysis/1511177323/",
"category": "External analysis",
"comment": "Proton malware, not signed",
"uuid": "5a58c125-5db4-4da5-9a07-4a9902de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "32/58",
"category": "Other",
"comment": "Proton malware, not signed",
"uuid": "5a58c125-b6dc-4beb-bc75-4e4002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-11-20T11:28:43",
"category": "Other",
"comment": "Proton malware, not signed",
"uuid": "5a58c125-9158-43b5-9839-45a602de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--845b2d47-0368-4a40-91d0-479d97eacda4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:36.000Z",
"modified": "2018-01-12T14:07:36.000Z",
"pattern": "[file:hashes.MD5 = 'c7a2a5c0fbe4df3afd9dbedecf8321da' AND file:hashes.SHA1 = 'e9dcdae1406ab1132dc9d507fd63503e5c4d41d9' AND file:hashes.SHA256 = 'b9432b91a112ed2bfcbf0530a04406390c854a7c9f8afea17e9e94fe43242ce1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--22650c01-93d0-43cb-9b39-9e6b3db474eb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:33.000Z",
"modified": "2018-01-12T14:07:33.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/b9432b91a112ed2bfcbf0530a04406390c854a7c9f8afea17e9e94fe43242ce1/analysis/1508922137/",
"category": "External analysis",
"uuid": "5a58c125-7bfc-4172-995d-492d02de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "18/59",
"category": "Other",
"uuid": "5a58c125-bbcc-43e0-b20b-485102de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-10-25T09:02:17",
"category": "Other",
"uuid": "5a58c125-579c-4620-a593-4efc02de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8cb5ebee-fcb0-4f05-a707-708b1eaddd59",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:36.000Z",
"modified": "2018-01-12T14:07:36.000Z",
"pattern": "[file:hashes.MD5 = '0ca749b61c7e76e6ec07c33aab01aab3' AND file:hashes.SHA1 = '9e5378165bb20e9a7f74a7fcc73b528f7b231a75' AND file:hashes.SHA256 = '553496aa878821295de7acdd20d6377d39e304651bdd1281c7a7ff15b8f43cad']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--9f51aaa1-7f34-4b9a-b4a4-34413e3295e3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:33.000Z",
"modified": "2018-01-12T14:07:33.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/553496aa878821295de7acdd20d6377d39e304651bdd1281c7a7ff15b8f43cad/analysis/1511207074/",
"category": "External analysis",
"uuid": "5a58c125-2dd4-4e08-a8eb-40ac02de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "34/60",
"category": "Other",
"uuid": "5a58c125-e1e0-4a1d-a360-460d02de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-11-20T19:44:34",
"category": "Other",
"uuid": "5a58c125-06bc-43be-aab6-4d6d02de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--193ddc06-7e30-4bb9-a2e8-48fbfd5c7f4b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:36.000Z",
"modified": "2018-01-12T14:07:36.000Z",
"pattern": "[file:hashes.MD5 = '9f5013e080d628a35ba190621e0998c2' AND file:hashes.SHA1 = '3ef34e2581937babd2b7ce63ab1d92cd9440181a' AND file:hashes.SHA256 = 'cb3be20d5de9ae45ec959bc9afa93018ec5f4dd80368a707bc654fab87378452']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--21ee3580-cfc9-41d7-99c2-00615d045962",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:33.000Z",
"modified": "2018-01-12T14:07:33.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/cb3be20d5de9ae45ec959bc9afa93018ec5f4dd80368a707bc654fab87378452/analysis/1511178355/",
"category": "External analysis",
"uuid": "5a58c125-56c4-4949-b3c5-416f02de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "32/59",
"category": "Other",
"uuid": "5a58c125-c294-4611-8b13-42e002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-11-20T11:45:55",
"category": "Other",
"uuid": "5a58c125-8914-456b-b452-404802de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f2fc9d46-6d9a-497c-b6ba-0b5e6b9210ea",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:36.000Z",
"modified": "2018-01-12T14:07:36.000Z",
"pattern": "[file:hashes.MD5 = '5f145ed27ec88add379676729cbad15f' AND file:hashes.SHA1 = '10a09c09fd5dd76202e308718a357abc7de291b5' AND file:hashes.SHA256 = '2ec4b1705b690ab8c558e3e8ead8bbd34b1fb1b260a27f40b34718be3b71a3a7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--eb9962e1-8c34-45bf-b7be-9ce7bc3fec07",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:34.000Z",
"modified": "2018-01-12T14:07:34.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/2ec4b1705b690ab8c558e3e8ead8bbd34b1fb1b260a27f40b34718be3b71a3a7/analysis/1511434500/",
"category": "External analysis",
"comment": "ZIP archive with the Proton malware and Python scripts",
"uuid": "5a58c126-08b0-47d4-b924-4cf202de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "33/60",
"category": "Other",
"comment": "ZIP archive with the Proton malware and Python scripts",
"uuid": "5a58c126-dac8-4d6e-9d75-48a902de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-11-23T10:55:00",
"category": "Other",
"comment": "ZIP archive with the Proton malware and Python scripts",
"uuid": "5a58c126-4d14-42b2-9895-4fb802de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a10445d8-f9e8-485b-8d4a-167ce8bea45d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:37.000Z",
"modified": "2018-01-12T14:07:37.000Z",
"pattern": "[file:hashes.MD5 = '20f20918149fa3a972a87b3364248772' AND file:hashes.SHA1 = '3820b23c1057f8c3522c47737f25183a3c15e4db' AND file:hashes.SHA256 = 'c9e1fe6a32356a823f3dc36851bc8dfd5c601481c109229bd21883bffee10f5e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--cb259893-8a4b-4847-b19a-50a9bb705885",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:34.000Z",
"modified": "2018-01-12T14:07:34.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/c9e1fe6a32356a823f3dc36851bc8dfd5c601481c109229bd21883bffee10f5e/analysis/1509667740/",
"category": "External analysis",
"uuid": "5a58c126-08ac-404d-a0ae-4ea102de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "33/59",
"category": "Other",
"uuid": "5a58c126-aa14-43ec-87e2-482702de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-11-03T00:09:00",
"category": "Other",
"uuid": "5a58c126-0764-4002-afca-4c5c02de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f41bbf4c-5ca3-4e62-af09-e1a9145ee05e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:37.000Z",
"modified": "2018-01-12T14:07:37.000Z",
"pattern": "[file:hashes.MD5 = '1b8be665af7729618d70bad773aac423' AND file:hashes.SHA1 = '1b7380d283ceebcabb683464ba0bb6dd73d6e886' AND file:hashes.SHA256 = 'd19b903adbd0f8c119d0d8f25b194bdd24b737357a517f23ca5cdc6c75b35038']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--bf3e1c52-bd79-4344-beed-865e505b5210",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:34.000Z",
"modified": "2018-01-12T14:07:34.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/d19b903adbd0f8c119d0d8f25b194bdd24b737357a517f23ca5cdc6c75b35038/analysis/1508798227/",
"category": "External analysis",
"uuid": "5a58c126-33a8-4741-976e-440402de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "32/60",
"category": "Other",
"uuid": "5a58c126-c5f0-4350-a0c0-47d602de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-10-23T22:37:07",
"category": "Other",
"uuid": "5a58c126-9664-463a-bb7a-46e102de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--44885bf0-1f38-4d25-b9d9-80c3b47bed40",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:37.000Z",
"modified": "2018-01-12T14:07:37.000Z",
"pattern": "[file:hashes.MD5 = 'cc3297083ad89cabfd58d251cbbe3ca9' AND file:hashes.SHA1 = 'c9472d791c076a10dce5ff0d3ab6e7706524b741' AND file:hashes.SHA256 = '2e6bb8fd7f983dd06fa0c5314a7b105354888f63c60a3205ade6d467cc620dc5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e4dd2223-b1b9-40d2-b87b-9e819a6a68fb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:34.000Z",
"modified": "2018-01-12T14:07:34.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/2e6bb8fd7f983dd06fa0c5314a7b105354888f63c60a3205ade6d467cc620dc5/analysis/1511177410/",
"category": "External analysis",
"uuid": "5a58c126-b024-4447-a928-4c8c02de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "33/60",
"category": "Other",
"uuid": "5a58c126-5fec-48c6-b0af-4df102de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-11-20T11:30:10",
"category": "Other",
"uuid": "5a58c126-7388-4421-a4e6-4b7a02de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bf5df298-de3c-4398-9e6d-833e38d5c81f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:37.000Z",
"modified": "2018-01-12T14:07:37.000Z",
"pattern": "[file:hashes.MD5 = '1a6f74f29c985259fe1f6c4821c51373' AND file:hashes.SHA1 = '0400b35d703d872adc64aa7ef914a260903998ca' AND file:hashes.SHA256 = '247eb9cfc0f9ea2c0ba1824381380e3354ee1fb2f0521f8a6fff2baeacc541ff']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--ddd10108-2f29-4846-bea0-1e80d1c62981",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:34.000Z",
"modified": "2018-01-12T14:07:34.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/247eb9cfc0f9ea2c0ba1824381380e3354ee1fb2f0521f8a6fff2baeacc541ff/analysis/1515612036/",
"category": "External analysis",
"uuid": "5a58c126-a598-4cee-b6d2-4cca02de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "26/59",
"category": "Other",
"uuid": "5a58c126-5fc4-4512-ac9a-47c602de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2018-01-10T19:20:36",
"category": "Other",
"uuid": "5a58c127-03d4-4cdd-afd4-466302de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4451bac1-bdc3-4bbd-a01d-ec5902aea71d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:38.000Z",
"modified": "2018-01-12T14:07:38.000Z",
"pattern": "[file:hashes.MD5 = 'ff80d97674e148687affd6a4e3ccf00a' AND file:hashes.SHA1 = '30d77908ac9d37c4c14d32ea3e0b8df4c7e75464' AND file:hashes.SHA256 = '4d33f4a3c1cbf9cded6a3a096025d0b44905e0308bd3662a496a0701f2ec942d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--3efc2992-b363-4793-87b3-5ec2032cdd31",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:35.000Z",
"modified": "2018-01-12T14:07:35.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/4d33f4a3c1cbf9cded6a3a096025d0b44905e0308bd3662a496a0701f2ec942d/analysis/1511434515/",
"category": "External analysis",
"comment": "Launcher (or wrapper)",
"uuid": "5a58c127-e140-45dd-9460-462d02de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "30/56",
"category": "Other",
"comment": "Launcher (or wrapper)",
"uuid": "5a58c127-9e20-4ff5-860f-428b02de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-11-23T10:55:15",
"category": "Other",
"comment": "Launcher (or wrapper)",
"uuid": "5a58c127-f8f4-467f-9072-4c6602de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f9086285-81ea-4ede-b4d3-0c086cd67629",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:38.000Z",
"modified": "2018-01-12T14:07:38.000Z",
"pattern": "[file:hashes.MD5 = 'fc22fbe8dda4258a9f0ceb7e15a04fc2' AND file:hashes.SHA1 = 'e55fe159e6e3a8459e9363401fcc864335fee321' AND file:hashes.SHA256 = '91af9a4c0091f8e97641660c66d414fa13ee69473f5692d2aecb1d1101ed34b8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--bb34db62-0780-4909-ad47-8d825362d6cf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:35.000Z",
"modified": "2018-01-12T14:07:35.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/91af9a4c0091f8e97641660c66d414fa13ee69473f5692d2aecb1d1101ed34b8/analysis/1509667741/",
"category": "External analysis",
"uuid": "5a58c127-bffc-4d77-a7b4-4ac202de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "33/60",
"category": "Other",
"uuid": "5a58c127-35d0-41dd-9c8a-406402de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-11-03T00:09:01",
"category": "Other",
"uuid": "5a58c127-9b88-42e8-be0e-4a4602de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--49b4e424-a863-47c4-907c-e282e6e65df3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:38.000Z",
"modified": "2018-01-12T14:07:38.000Z",
"pattern": "[file:hashes.MD5 = 'c411c46b480e84aae81abbe47c628dae' AND file:hashes.SHA1 = '0603353852e174fc0337642e3957c7423f182a8c' AND file:hashes.SHA256 = 'c30a11eda8745543b8513f62deee872869f5ab9ca20804052d5b64150219ec88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--b5786be9-5a78-4df3-b021-1dec3dec8d55",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:35.000Z",
"modified": "2018-01-12T14:07:35.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/c30a11eda8745543b8513f62deee872869f5ab9ca20804052d5b64150219ec88/analysis/1515612033/",
"category": "External analysis",
"uuid": "5a58c127-cf20-45a3-8d13-409f02de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "4/59",
"category": "Other",
"uuid": "5a58c127-e0e8-456a-814b-41b902de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2018-01-10T19:20:33",
"category": "Other",
"uuid": "5a58c127-a940-41c2-9e04-4bde02de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c4fe5fd-d899-4e20-b4b5-e39398733757",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:38.000Z",
"modified": "2018-01-12T14:07:38.000Z",
"pattern": "[file:hashes.MD5 = '2ee232b1a56f21bdd0b46ba0acd12a22' AND file:hashes.SHA1 = 'db3f0426f6e434555e6b6bb4053e508f74580387' AND file:hashes.SHA256 = 'cd93142f1e0bac1d73235515bc127f5f9634eafde0bea2d6c294bf3549d612b7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--4f4b9b57-b256-4d40-ae26-c8602137bfb6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:35.000Z",
"modified": "2018-01-12T14:07:35.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/cd93142f1e0bac1d73235515bc127f5f9634eafde0bea2d6c294bf3549d612b7/analysis/1495101805/",
"category": "External analysis",
"comment": "Dok",
"uuid": "5a58c127-a370-4e4c-ae0b-466b02de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "19/57",
"category": "Other",
"comment": "Dok",
"uuid": "5a58c127-2fe0-4b75-9436-471902de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-05-18T10:03:25",
"category": "Other",
"comment": "Dok",
"uuid": "5a58c127-6b98-4802-9762-400802de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a49ac8ee-df74-445f-9d00-eff900554eb8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:38.000Z",
"modified": "2018-01-12T14:07:38.000Z",
"pattern": "[file:hashes.MD5 = 'e8bdde90574d5bf285d9abb0c8a113a8' AND file:hashes.SHA1 = 'f5d3425482dc4f4f738277ff3ba315b496894899' AND file:hashes.SHA256 = '7819ae7d72fa045baa77e9c8e063a69df439146b27f9c3bb10aef52dcc77c145']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--d0d53aff-2f5b-4e9e-aca7-1fc077a1edfd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:35.000Z",
"modified": "2018-01-12T14:07:35.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/7819ae7d72fa045baa77e9c8e063a69df439146b27f9c3bb10aef52dcc77c145/analysis/1494408249/",
"category": "External analysis",
"uuid": "5a58c128-10a0-4988-b743-418602de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "28/57",
"category": "Other",
"uuid": "5a58c128-c720-4ebb-8203-472b02de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-05-10T09:24:09",
"category": "Other",
"uuid": "5a58c128-a12c-4f6c-b6dc-469202de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--96fcaf45-1bba-4a72-be42-a90d1c2052e2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:39.000Z",
"modified": "2018-01-12T14:07:39.000Z",
"pattern": "[file:hashes.MD5 = '7bb4f5d962a5b3bb18db9ce08c0b6cbf' AND file:hashes.SHA1 = '66e520e18accd92abb4722a6cd6a285981ac5bd1' AND file:hashes.SHA256 = 'bbbf73741078d1e74ab7281189b13f13b50308cf03d3df34bc9f6a90065a4a55']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--84bccfef-2072-49f1-b605-8bca7e67be2f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:36.000Z",
"modified": "2018-01-12T14:07:36.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/bbbf73741078d1e74ab7281189b13f13b50308cf03d3df34bc9f6a90065a4a55/analysis/1514646319/",
"category": "External analysis",
"uuid": "5a58c128-1c0c-453e-afe1-432602de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "30/59",
"category": "Other",
"uuid": "5a58c128-2de0-4e78-9e87-4fb602de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-12-30T15:05:19",
"category": "Other",
"uuid": "5a58c128-f8f4-45ca-b414-404c02de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--25d83980-fd95-481d-a330-6e969b0253eb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:39.000Z",
"modified": "2018-01-12T14:07:39.000Z",
"pattern": "[file:hashes.MD5 = '473c6a0b2af67c241a29d87e7fd33634' AND file:hashes.SHA1 = 'fb4a50ae8a4a5e76a3f88935e4374d4287a53b7d' AND file:hashes.SHA256 = '4252e482c9801463e6f684c71f70cb64a17ae74957ed8986f2401c653acae1d7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--0f57df59-7f2e-4538-ad44-9198ae1eb7e7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:36.000Z",
"modified": "2018-01-12T14:07:36.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/4252e482c9801463e6f684c71f70cb64a17ae74957ed8986f2401c653acae1d7/analysis/1506371408/",
"category": "External analysis",
"comment": "Dok",
"uuid": "5a58c128-5100-44bd-81b1-420602de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "26/59",
"category": "Other",
"comment": "Dok",
"uuid": "5a58c128-ad88-447c-b50d-441802de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-09-25T20:30:08",
"category": "Other",
"comment": "Dok",
"uuid": "5a58c128-3fb8-4d31-a6d9-432302de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9f4c7ec0-65cf-4610-a8ea-c5ee4df70fbf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:39.000Z",
"modified": "2018-01-12T14:07:39.000Z",
"pattern": "[file:hashes.MD5 = '1de4838f13c49d9f959d04b363326ac1' AND file:hashes.SHA1 = '598ebb19bf9fbc17c0bf85ce4ece91fa061f74a6' AND file:hashes.SHA256 = '07adb8253ccc6fee20940de04c1bf4a54a4455525b2ac33f9c95713a8a102f3d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5d8a7de0-a5d1-4ecb-ac93-60a186a8f4e2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:36.000Z",
"modified": "2018-01-12T14:07:36.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/07adb8253ccc6fee20940de04c1bf4a54a4455525b2ac33f9c95713a8a102f3d/analysis/1510646898/",
"category": "External analysis",
"uuid": "5a58c128-94c8-4d37-8f35-48d702de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "36/61",
"category": "Other",
"uuid": "5a58c128-8470-4abc-9828-48aa02de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-11-14T08:08:18",
"category": "Other",
"uuid": "5a58c128-6f04-4358-81ca-4fe902de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2c61724f-2d3f-4083-854a-6c9cb42784f3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:39.000Z",
"modified": "2018-01-12T14:07:39.000Z",
"pattern": "[file:hashes.MD5 = '787d664e842961f2a335139407f91a70' AND file:hashes.SHA1 = 'a323168f95d1a1c65186888c6dd16cd2f9f8539a' AND file:hashes.SHA256 = '52efcfe30f96a85c9c068880c20663db64f0e08346e0f3b59c2e5bbcb41ba73c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--1de4ff44-ee71-4017-a208-7510bc2224ab",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:36.000Z",
"modified": "2018-01-12T14:07:36.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/52efcfe30f96a85c9c068880c20663db64f0e08346e0f3b59c2e5bbcb41ba73c/analysis/1512899518/",
"category": "External analysis",
"uuid": "5a58c128-1f14-43ba-9f74-48d802de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "30/59",
"category": "Other",
"uuid": "5a58c128-ded4-439e-a6d2-48f302de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-12-10T09:51:58",
"category": "Other",
"uuid": "5a58c128-e378-46d6-915f-417602de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7bcab0bd-20d4-4b42-b5f1-268637d54d58",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:39.000Z",
"modified": "2018-01-12T14:07:39.000Z",
"pattern": "[file:hashes.MD5 = '9d9cca200dd0e5f9d59225131d5269b0' AND file:hashes.SHA1 = 'cd42b88569faa946a4b9d6f7408b958dcbcf7554' AND file:hashes.SHA256 = '83b712ec6b0b2d093d75c4553c66b95a3d1a1ca43e01c5e47aae49effce31ee3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--76a37ccf-a61f-4466-b91b-dfb81cd4087d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:36.000Z",
"modified": "2018-01-12T14:07:36.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/83b712ec6b0b2d093d75c4553c66b95a3d1a1ca43e01c5e47aae49effce31ee3/analysis/1514646249/",
"category": "External analysis",
"uuid": "5a58c129-dd54-4313-8925-4f4f02de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "26/59",
"category": "Other",
"uuid": "5a58c129-b444-48e8-a098-4cba02de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-12-30T15:04:09",
"category": "Other",
"uuid": "5a58c129-b744-45c2-a5c1-47b202de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--edd54722-ac7d-4351-ad66-d4961e9e23ed",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:40.000Z",
"modified": "2018-01-12T14:07:40.000Z",
"pattern": "[file:hashes.MD5 = 'e4744b9f927dc8048a19dca15590660c' AND file:hashes.SHA1 = '18957d7549b4e296fcaeb122ff241d9799804fa3' AND file:hashes.SHA256 = 'ce07d208a2d89b4e0134f5282d9df580960d5c81412965a6d1a0786b27e7f044']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--98ea29fa-c6f3-4bb1-89c7-551a3f1ec0fb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:37.000Z",
"modified": "2018-01-12T14:07:37.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/ce07d208a2d89b4e0134f5282d9df580960d5c81412965a6d1a0786b27e7f044/analysis/1514646222/",
"category": "External analysis",
"uuid": "5a58c129-53f8-4fe7-80be-4cf002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "33/59",
"category": "Other",
"uuid": "5a58c129-237c-400c-930b-465f02de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-12-30T15:03:42",
"category": "Other",
"uuid": "5a58c129-ab20-4015-aa35-474802de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dd110c76-6e54-48c4-badb-b901a57b7bc8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:40.000Z",
"modified": "2018-01-12T14:07:40.000Z",
"pattern": "[file:hashes.MD5 = 'f8e3c8e43593ecbd9b62f6e18c8d6474' AND file:hashes.SHA1 = '3c4904832392e70e415b0520d45ff7a1c93c2c4e' AND file:hashes.SHA256 = 'b556c04c768d57af104716386fe4f23b01aa9d707cbc60385895e2b4fc08c9b0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--d7545769-a98f-47ac-89e1-9074f18b2266",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:37.000Z",
"modified": "2018-01-12T14:07:37.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/b556c04c768d57af104716386fe4f23b01aa9d707cbc60385895e2b4fc08c9b0/analysis/1514646306/",
"category": "External analysis",
"uuid": "5a58c129-c95c-4d21-b95c-428a02de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "31/59",
"category": "Other",
"uuid": "5a58c129-fd44-44ab-91ab-43bb02de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-12-30T15:05:06",
"category": "Other",
"uuid": "5a58c129-2424-40da-9197-49e602de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2c1cfefa-96a0-4099-a720-69b64d16fe5f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:40.000Z",
"modified": "2018-01-12T14:07:40.000Z",
"pattern": "[file:hashes.MD5 = '87a4bff26626ccf022bda7373241275c' AND file:hashes.SHA1 = '7cf55e0de9f191dc16a10de1e47fb25aa0a79856' AND file:hashes.SHA256 = '3f0130cfd7bf61b8e8226dd4775319c7376a08ec019f9df12875e9ea55992e94']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--2beed4ba-5af8-427c-8270-b6a6456df65c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:37.000Z",
"modified": "2018-01-12T14:07:37.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/3f0130cfd7bf61b8e8226dd4775319c7376a08ec019f9df12875e9ea55992e94/analysis/1501706972/",
"category": "External analysis",
"comment": "Dok",
"uuid": "5a58c129-ae58-4973-8304-472102de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "25/59",
"category": "Other",
"comment": "Dok",
"uuid": "5a58c129-8524-49dd-a159-44ac02de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-08-02T20:49:32",
"category": "Other",
"comment": "Dok",
"uuid": "5a58c129-2d98-493d-a833-463902de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9cb63957-a223-4016-bf62-7eac015b02a4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:40.000Z",
"modified": "2018-01-12T14:07:40.000Z",
"pattern": "[file:hashes.MD5 = '72d4d364ed91dd9418d144a2db837a6d' AND file:hashes.SHA1 = '794bcba867307bdbd5f947f6c939eb4df1d2c9b8' AND file:hashes.SHA256 = 'befa9bfe488244c64db096522b4fad73fc01ea8c4cd0323f1cbdee81ba008271']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--83cea96d-ea16-4220-b8d5-88ca68baf4d5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:37.000Z",
"modified": "2018-01-12T14:07:37.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/befa9bfe488244c64db096522b4fad73fc01ea8c4cd0323f1cbdee81ba008271/analysis/1514807982/",
"category": "External analysis",
"comment": "OSX/FruitFly, variant \u00e2\u20ac\u02dcB\u00e2\u20ac\u2122",
"uuid": "5a58c129-08e8-4d94-b754-49a702de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "29/58",
"category": "Other",
"comment": "OSX/FruitFly, variant \u00e2\u20ac\u02dcB\u00e2\u20ac\u2122",
"uuid": "5a58c129-957c-4b15-a39b-487e02de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2018-01-01T11:59:42",
"category": "Other",
"comment": "OSX/FruitFly, variant \u00e2\u20ac\u02dcB\u00e2\u20ac\u2122",
"uuid": "5a58c129-f0d8-4d88-a99c-437c02de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--90395b9d-bff0-4af6-adaf-a864379542da",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:40.000Z",
"modified": "2018-01-12T14:07:40.000Z",
"pattern": "[file:hashes.MD5 = 'f8e4cab429263406fbf11b41fd539839' AND file:hashes.SHA1 = '5b5a34dfc102f0c18b0b0e83c6fda431969e7957' AND file:hashes.SHA256 = '7a9cdb9d608b88bd7afce001cb285c2bb2ae76f5027977e8635aa04bd064ffb7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--494c3c26-d774-4f6a-aa08-5eba8f2211db",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:37.000Z",
"modified": "2018-01-12T14:07:37.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/7a9cdb9d608b88bd7afce001cb285c2bb2ae76f5027977e8635aa04bd064ffb7/analysis/1499769912/",
"category": "External analysis",
"uuid": "5a58c129-9c80-42c7-9549-46a102de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "30/56",
"category": "Other",
"uuid": "5a58c129-9440-40d5-b718-4ec402de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-07-11T10:45:12",
"category": "Other",
"uuid": "5a58c12a-cb2c-48d7-9fbb-4fa102de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--41a354b8-fbc4-48fc-8976-bd9a3593a07c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:41.000Z",
"modified": "2018-01-12T14:07:41.000Z",
"pattern": "[file:hashes.MD5 = '14c1cd9c5f263d5ba988838e0c3e3cf6' AND file:hashes.SHA1 = 'd9685bea995e57ae89d10122cb76022554179ff7' AND file:hashes.SHA256 = '4131d4737fe8dfe66d407bfd0a0df18a4a77b89347471cc012da8efc93c661a5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--77040fb6-0d6c-459f-986f-92b37cffe118",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:38.000Z",
"modified": "2018-01-12T14:07:38.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/4131d4737fe8dfe66d407bfd0a0df18a4a77b89347471cc012da8efc93c661a5/analysis/1512340695/",
"category": "External analysis",
"uuid": "5a58c12a-f260-4da2-ac1a-4cc602de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "34/59",
"category": "Other",
"uuid": "5a58c12a-3350-4b41-a95a-431c02de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-12-03T22:38:15",
"category": "Other",
"uuid": "5a58c12a-2a2c-4aeb-b525-4b6b02de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--480e2ec8-94b2-4682-a591-c2e86c390ead",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:41.000Z",
"modified": "2018-01-12T14:07:41.000Z",
"pattern": "[file:hashes.MD5 = '3adf6025eb710f2bf1918ee2f116153d' AND file:hashes.SHA1 = '03ab5fdb40db260dbc35aadba202e920e57eb348' AND file:hashes.SHA256 = '94cc470c0fdd60570e58682aa7619d665eb710e3407d1f9685b7b00bf26f9647']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e6e5e5d4-0dc1-4dca-a921-aa923f455fcf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:38.000Z",
"modified": "2018-01-12T14:07:38.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/94cc470c0fdd60570e58682aa7619d665eb710e3407d1f9685b7b00bf26f9647/analysis/1507843547/",
"category": "External analysis",
"uuid": "5a58c12a-1c30-410f-85d5-417502de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "46/64",
"category": "Other",
"uuid": "5a58c12a-59d4-44b7-bc9d-484b02de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-10-12T21:25:47",
"category": "Other",
"uuid": "5a58c12a-ec04-4bff-b537-48b002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--74bef4c3-487c-4941-b138-c8c0e3413b50",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:41.000Z",
"modified": "2018-01-12T14:07:41.000Z",
"pattern": "[file:hashes.MD5 = '4fe4b9560e99e33dabca553e2eeee510' AND file:hashes.SHA1 = '70a1c4ed3a09a44a41d54c4fd4b409a5fc3159f6' AND file:hashes.SHA256 = '2a854997a44f4ba7e307d408ea2d9c1d84dde035c5dab830689aa45c5b5746ea']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--78a04ae2-f33b-4b5a-b0ad-64f842d70385",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:38.000Z",
"modified": "2018-01-12T14:07:38.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/2a854997a44f4ba7e307d408ea2d9c1d84dde035c5dab830689aa45c5b5746ea/analysis/1513289308/",
"category": "External analysis",
"uuid": "5a58c12a-58c8-4f7f-98bf-402b02de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "35/59",
"category": "Other",
"uuid": "5a58c12a-9834-4b50-8cae-4e8902de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-12-14T22:08:28",
"category": "Other",
"uuid": "5a58c12a-1c8c-4b5e-bde2-4e1d02de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1f840571-741e-4096-92d6-78e58c49109c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:41.000Z",
"modified": "2018-01-12T14:07:41.000Z",
"pattern": "[file:hashes.MD5 = 'd4a14a1516d5ec9452a29de24ba85d0e' AND file:hashes.SHA1 = '1e493ebde7fa77d5ae503aa7758fac87d11da116' AND file:hashes.SHA256 = '694b15d69264062e82d43e8ddb4a5efe4435574f8d91e29523c4298894b70c26']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-12T14:07:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--268e55cb-3597-4e16-8007-a8b36cf61376",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-01-12T14:07:38.000Z",
"modified": "2018-01-12T14:07:38.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/694b15d69264062e82d43e8ddb4a5efe4435574f8d91e29523c4298894b70c26/analysis/1490814542/",
"category": "External analysis",
"uuid": "5a58c12a-c3cc-4fbb-a5e8-471102de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "45/61",
"category": "Other",
"uuid": "5a58c12a-004c-4834-bc4d-4d1f02de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-03-29T19:09:02",
"category": "Other",
"uuid": "5a58c12a-eb88-4d06-b8f2-418c02de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--10efb953-d0cc-4219-8b64-fd1aea48048d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:25.000Z",
"modified": "2018-02-09T14:13:25.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/91af9a4c0091f8e97641660c66d414fa13ee69473f5692d2aecb1d1101ed34b8/analysis/1509667741/",
"category": "External analysis",
"uuid": "5a7dac85-b2ac-41f6-b740-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "33/60",
"category": "Other",
"uuid": "5a7dac86-9a60-4639-8728-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-11-03T00:09:01",
"category": "Other",
"uuid": "5a7dac86-78c8-4dde-995a-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e72fba22-ef47-4486-b345-e02af2e3f2ba",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:27.000Z",
"modified": "2018-02-09T14:13:27.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/c68814901d0af5de410c152e62a06a51c16ec7fe118f1e5251bbcdbb27364709/analysis/1501703565/",
"category": "External analysis",
"uuid": "5a7dac87-ab30-4a0f-a272-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "31/59",
"category": "Other",
"uuid": "5a7dac87-37d0-4aea-8fc1-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-08-02T19:52:45",
"category": "Other",
"uuid": "5a7dac88-374c-486c-b8e4-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--c484d968-23eb-42f0-95b4-c646ff1c4a46",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:28.000Z",
"modified": "2018-02-09T14:13:28.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/c30a11eda8745543b8513f62deee872869f5ab9ca20804052d5b64150219ec88/analysis/1515612033/",
"category": "External analysis",
"uuid": "5a7dac88-529c-43c9-b17f-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "4/59",
"category": "Other",
"uuid": "5a7dac89-ebc8-432d-b5c8-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2018-01-10T19:20:33",
"category": "Other",
"uuid": "5a7dac89-c4f4-428d-8287-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--672456f3-351d-4587-8114-0c562fcb6082",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:29.000Z",
"modified": "2018-02-09T14:13:29.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/c9140c869123e0c7a4d064a9e82bb1549c3e382cdcf2c119bcbe78911915208b/analysis/1517291247/",
"category": "External analysis",
"uuid": "5a7dac89-a63c-4489-a367-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "25/57",
"category": "Other",
"uuid": "5a7dac8a-7ff8-48e9-a679-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2018-01-30T05:47:27",
"category": "Other",
"uuid": "5a7dac8a-4064-4004-8980-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--a643b2e6-13d0-4844-bb44-3708ee4f1430",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:31.000Z",
"modified": "2018-02-09T14:13:31.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/c9e1fe6a32356a823f3dc36851bc8dfd5c601481c109229bd21883bffee10f5e/analysis/1509667740/",
"category": "External analysis",
"uuid": "5a7dac8b-8cf8-4255-86ff-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "33/59",
"category": "Other",
"uuid": "5a7dac8b-c124-442a-a439-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-11-03T00:09:00",
"category": "Other",
"uuid": "5a7dac8c-5b90-4234-b8fd-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--cde25116-2c43-45fe-90a9-9d17cf9e4e7c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:32.000Z",
"modified": "2018-02-09T14:13:32.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/2e6bb8fd7f983dd06fa0c5314a7b105354888f63c60a3205ade6d467cc620dc5/analysis/1511177410/",
"category": "External analysis",
"uuid": "5a7dac8c-323c-403a-9a56-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "33/60",
"category": "Other",
"uuid": "5a7dac8d-d7f8-4a96-95f5-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-11-20T11:30:10",
"category": "Other",
"uuid": "5a7dac8d-725c-499e-b7f4-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--a41b07c7-d703-4a24-95e3-7d4c50770c9b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:33.000Z",
"modified": "2018-02-09T14:13:33.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/247eb9cfc0f9ea2c0ba1824381380e3354ee1fb2f0521f8a6fff2baeacc541ff/analysis/1515612036/",
"category": "External analysis",
"uuid": "5a7dac8e-07e0-4c33-9b6a-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "26/59",
"category": "Other",
"uuid": "5a7dac8e-a368-417b-b760-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2018-01-10T19:20:36",
"category": "Other",
"uuid": "5a7dac8e-33c8-46cf-a13e-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e71d92c3-fb0b-4408-95c7-c3afe71baae7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:35.000Z",
"modified": "2018-02-09T14:13:35.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/cb3be20d5de9ae45ec959bc9afa93018ec5f4dd80368a707bc654fab87378452/analysis/1511178355/",
"category": "External analysis",
"uuid": "5a7dac8f-7b34-4b78-8bd4-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "32/59",
"category": "Other",
"uuid": "5a7dac8f-f828-45bf-b4df-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-11-20T11:45:55",
"category": "Other",
"uuid": "5a7dac90-3068-4807-84b7-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5c4cd601-a2bf-4e3e-b43c-3ee6dbee5ae0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:36.000Z",
"modified": "2018-02-09T14:13:36.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/d19b903adbd0f8c119d0d8f25b194bdd24b737357a517f23ca5cdc6c75b35038/analysis/1508798227/",
"category": "External analysis",
"uuid": "5a7dac90-6f48-4a9e-8db0-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "32/60",
"category": "Other",
"uuid": "5a7dac91-22a8-49a5-b55b-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-10-23T22:37:07",
"category": "Other",
"uuid": "5a7dac91-2880-45a8-aa36-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--77a6bb0a-b55e-4b33-ae86-c7ae2004d914",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:37.000Z",
"modified": "2018-02-09T14:13:37.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/553496aa878821295de7acdd20d6377d39e304651bdd1281c7a7ff15b8f43cad/analysis/1511207074/",
"category": "External analysis",
"uuid": "5a7dac91-e6a4-4c17-a91f-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "34/60",
"category": "Other",
"uuid": "5a7dac92-6310-4a33-b91a-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-11-20T19:44:34",
"category": "Other",
"uuid": "5a7dac92-e444-4b6d-9955-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--c54a631e-db6e-4cc7-856d-07a974bfc25a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:39.000Z",
"modified": "2018-02-09T14:13:39.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/b9432b91a112ed2bfcbf0530a04406390c854a7c9f8afea17e9e94fe43242ce1/analysis/1508922137/",
"category": "External analysis",
"uuid": "5a7dac93-7824-4f8e-bd52-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "18/59",
"category": "Other",
"uuid": "5a7dac93-360c-40e2-84e1-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-10-25T09:02:17",
"category": "Other",
"uuid": "5a7dac94-b604-42a2-b52f-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--0840973f-94a7-411c-9c35-bebd86da7b47",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:40.000Z",
"modified": "2018-02-09T14:13:40.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/07adb8253ccc6fee20940de04c1bf4a54a4455525b2ac33f9c95713a8a102f3d/analysis/1510646898/",
"category": "External analysis",
"uuid": "5a7dac94-0788-4ac3-b2cd-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "36/61",
"category": "Other",
"uuid": "5a7dac95-d758-489d-8de5-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-11-14T08:08:18",
"category": "Other",
"uuid": "5a7dac95-1268-470f-b2e9-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--7e1bd57e-b8fe-46ce-acd5-c763793f28c5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:42.000Z",
"modified": "2018-02-09T14:13:42.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/7a9cdb9d608b88bd7afce001cb285c2bb2ae76f5027977e8635aa04bd064ffb7/analysis/1499769912/",
"category": "External analysis",
"uuid": "5a7dac96-fa78-4f88-9729-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "30/56",
"category": "Other",
"uuid": "5a7dac96-a828-424a-9fa2-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-07-11T10:45:12",
"category": "Other",
"uuid": "5a7dac96-5e3c-4566-9d7f-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--01b8d2c8-326f-4555-a514-65bbf934d953",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:43.000Z",
"modified": "2018-02-09T14:13:43.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/52efcfe30f96a85c9c068880c20663db64f0e08346e0f3b59c2e5bbcb41ba73c/analysis/1512899518/",
"category": "External analysis",
"uuid": "5a7dac97-3a78-48c9-8423-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "30/59",
"category": "Other",
"uuid": "5a7dac98-7c80-4d0c-8310-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-12-10T09:51:58",
"category": "Other",
"uuid": "5a7dac98-e9a4-4565-a4ea-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2835626e-b913-4889-a9d9-fdbe227feadb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:47.000Z",
"modified": "2018-02-09T14:13:47.000Z",
"pattern": "[file:hashes.MD5 = '77b4ffe73491d534946d010bfca138f7' AND file:hashes.SHA1 = 'd20482372f9e63a54854d639cc79d0b65bc8382b' AND file:hashes.SHA256 = 'b8ee4556dc09b28826359b98343a4e00680971a6f8c6602747bd5d723d26eaea']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--a28ef769-5398-4eb7-9b00-fab900d14c43",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:46.000Z",
"modified": "2018-02-09T14:13:46.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/b8ee4556dc09b28826359b98343a4e00680971a6f8c6602747bd5d723d26eaea/analysis/1511755782/",
"category": "External analysis",
"uuid": "5a7dac9a-7b60-4984-bad7-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "26/57",
"category": "Other",
"uuid": "5a7dac9a-0944-420b-9074-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-11-27T04:09:42",
"category": "Other",
"uuid": "5a7dac9b-1724-4270-8e32-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5c2bd08b-1259-4095-9c9e-3b74506b1585",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:47.000Z",
"modified": "2018-02-09T14:13:47.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/83b712ec6b0b2d093d75c4553c66b95a3d1a1ca43e01c5e47aae49effce31ee3/analysis/1514646249/",
"category": "External analysis",
"uuid": "5a7dac9b-b914-4fe7-b2a2-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "26/59",
"category": "Other",
"uuid": "5a7dac9c-3468-45b3-94be-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-12-30T15:04:09",
"category": "Other",
"uuid": "5a7dac9c-a888-46c1-9692-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--85b2b880-d3e8-4dea-bea6-10c2a491856b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:48.000Z",
"modified": "2018-02-09T14:13:48.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/bbbf73741078d1e74ab7281189b13f13b50308cf03d3df34bc9f6a90065a4a55/analysis/1514646319/",
"category": "External analysis",
"uuid": "5a7dac9d-c880-4055-b1d5-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "30/59",
"category": "Other",
"uuid": "5a7dac9d-8c18-4c2f-9d02-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-12-30T15:05:19",
"category": "Other",
"uuid": "5a7dac9d-11f0-4b60-9bfe-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fb3000f4-1ebc-42d4-8e4a-2275d659efe6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:53.000Z",
"modified": "2018-02-09T14:13:53.000Z",
"pattern": "[file:hashes.MD5 = 'f48ee47a79d5da606e9eff0401971075' AND file:hashes.SHA1 = '087aa8d2fcfffa85707214928d9f4ca16e8af5ac' AND file:hashes.SHA256 = '6e207a375782e3c9d86a3e426cfa38eddcf4898b3556abc75889f7e01cc49506']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5cbeb48f-30a6-478a-bea9-9928524630c6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:51.000Z",
"modified": "2018-02-09T14:13:51.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/6e207a375782e3c9d86a3e426cfa38eddcf4898b3556abc75889f7e01cc49506/analysis/1494501354/",
"category": "External analysis",
"uuid": "5a7dac9f-46b8-4185-b9a5-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "21/56",
"category": "Other",
"uuid": "5a7daca0-fca0-44dc-8b88-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-05-11T11:15:54",
"category": "Other",
"uuid": "5a7daca0-6900-4a96-b16b-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f53a44f1-158b-4212-bc9e-8e257362a32c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:56.000Z",
"modified": "2018-02-09T14:13:56.000Z",
"pattern": "[file:hashes.MD5 = '5e996bcbb6f15d345a4a59758dc4d75f' AND file:hashes.SHA1 = '73994f62dfac62e32968abeb5206043464eb4792' AND file:hashes.SHA256 = '92721d719b8085748fb66366d202457f6d38bfa108a2ecda71eee7e68f43a387']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--3bd1c560-3b57-4248-b95c-72723eebd90c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:54.000Z",
"modified": "2018-02-09T14:13:54.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/92721d719b8085748fb66366d202457f6d38bfa108a2ecda71eee7e68f43a387/analysis/1517417420/",
"category": "External analysis",
"uuid": "5a7daca2-3940-4dc5-992d-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "13/57",
"category": "Other",
"uuid": "5a7daca3-b854-4cf7-92a4-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2018-01-31T16:50:20",
"category": "Other",
"uuid": "5a7daca3-0674-4c54-904f-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--edc8ba48-d186-4b7f-a8e4-54fdfee91503",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:58.000Z",
"modified": "2018-02-09T14:13:58.000Z",
"pattern": "[file:hashes.MD5 = '3a5fc199189cf39ec58ec6fb2c3c7d93' AND file:hashes.SHA1 = 'd972e12685591b71432faaf70c71ced4b6e522a0' AND file:hashes.SHA256 = '7848f7808af02ba0466f3a0687cf949c4d29a2d94b035481a3299ec519aaaa30']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:13:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--cf7832e0-5495-4a89-95df-cb4dd915842e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:57.000Z",
"modified": "2018-02-09T14:13:57.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/7848f7808af02ba0466f3a0687cf949c4d29a2d94b035481a3299ec519aaaa30/analysis/1518176286/",
"category": "External analysis",
"uuid": "5a7daca5-a77c-46db-a274-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "0/59",
"category": "Other",
"uuid": "5a7daca5-aafc-4d39-ba71-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2018-02-09T11:38:06",
"category": "Other",
"uuid": "5a7daca6-e190-46bd-88c9-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f8e43169-3421-43af-8b25-be605a3ea859",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:14:01.000Z",
"modified": "2018-02-09T14:14:01.000Z",
"pattern": "[file:hashes.MD5 = '6c74ff2cc39b5362ee5dec576ece211b' AND file:hashes.SHA1 = 'a201f1760ca4f99dff682a4e5c656f149f5d8e7c' AND file:hashes.SHA256 = '5b7792a16c6b7978fca389882c6aeeb2c792352076bf6a064e7b8b90eace8060']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:14:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--2e77adf4-a30d-4dcf-9fcd-9a263b1971c7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:13:59.000Z",
"modified": "2018-02-09T14:13:59.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/5b7792a16c6b7978fca389882c6aeeb2c792352076bf6a064e7b8b90eace8060/analysis/1511748584/",
"category": "External analysis",
"uuid": "5a7daca7-2690-4c19-9ad1-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "26/57",
"category": "Other",
"uuid": "5a7daca8-efc0-48bf-82c4-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-11-27T02:09:44",
"category": "Other",
"uuid": "5a7daca8-f524-4e70-83ce-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--770417f7-66d8-4c14-a590-25829420ef72",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:14:04.000Z",
"modified": "2018-02-09T14:14:04.000Z",
"pattern": "[file:hashes.MD5 = 'a90379e02cf9b66c3863131730a4b099' AND file:hashes.SHA1 = '26f1dc4618b87b52ff1c5e27a5ba260d5f034a0f' AND file:hashes.SHA256 = '0a77f1b59c829a83d91a12c871fbd30c5c9d04b455f497e0c231cd21104bfea9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:14:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--d250cbbd-0387-4477-9487-647ba7f369ed",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:14:02.000Z",
"modified": "2018-02-09T14:14:02.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/0a77f1b59c829a83d91a12c871fbd30c5c9d04b455f497e0c231cd21104bfea9/analysis/1493992385/",
"category": "External analysis",
"uuid": "5a7dacaa-53c0-407f-a48e-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "17/56",
"category": "Other",
"uuid": "5a7dacab-a424-4aaf-8a77-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-05-05T13:53:05",
"category": "Other",
"uuid": "5a7dacab-3264-4ca4-aaa3-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--18939e64-0afb-4ae4-8995-189b92423b98",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:14:06.000Z",
"modified": "2018-02-09T14:14:06.000Z",
"pattern": "[file:hashes.MD5 = '000e4225f382f9eee675dcaf3cbf9c7e' AND file:hashes.SHA1 = '0a0ae94f92a50937d920bf02dd26b477c840a915' AND file:hashes.SHA256 = 'd5ea79632a1a67abbf9fb1c2813b899c90a5fb9442966ed4f530e92715087ee2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:14:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--55b685d6-7fdc-4538-b113-d253384b213a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:14:05.000Z",
"modified": "2018-02-09T14:14:05.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/d5ea79632a1a67abbf9fb1c2813b899c90a5fb9442966ed4f530e92715087ee2/analysis/1503971137/",
"category": "External analysis",
"uuid": "5a7dacad-3ff4-46ee-b49a-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "31/59",
"category": "Other",
"uuid": "5a7dacad-5b28-4055-9bec-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-08-29T01:45:37",
"category": "Other",
"uuid": "5a7dacae-2d68-4151-bd0e-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e5e57871-79b1-4440-95b3-49bc62c724e5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:14:06.000Z",
"modified": "2018-02-09T14:14:06.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/ce07d208a2d89b4e0134f5282d9df580960d5c81412965a6d1a0786b27e7f044/analysis/1515766221/",
"category": "External analysis",
"uuid": "5a7dacae-4ec8-4dc8-aec5-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "33/59",
"category": "Other",
"uuid": "5a7dacaf-824c-45b4-8c23-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2018-01-12T14:10:21",
"category": "Other",
"uuid": "5a7dacaf-84f0-4857-9453-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8d7a2d17-30f8-46c6-aa2c-c99caf8b8208",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:14:10.000Z",
"modified": "2018-02-09T14:14:10.000Z",
"pattern": "[file:hashes.MD5 = 'a79ac543b0836b53a3623e0b4cb6a6f7' AND file:hashes.SHA1 = 'd6a09a1c2964b228143092e200d17531a8aefc9d' AND file:hashes.SHA256 = 'b6df610aa5c1254c3af5b2ff806562c4937704e4ac248577cdcd3e7e7b3578a0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:14:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--ece0181f-f705-463f-bea6-08263cc535ba",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:14:09.000Z",
"modified": "2018-02-09T14:14:09.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/b6df610aa5c1254c3af5b2ff806562c4937704e4ac248577cdcd3e7e7b3578a0/analysis/1494500661/",
"category": "External analysis",
"uuid": "5a7dacb1-a620-4047-a010-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "16/56",
"category": "Other",
"uuid": "5a7dacb1-d0d4-4978-a631-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-05-11T11:04:21",
"category": "Other",
"uuid": "5a7dacb2-ccc8-449d-9e9c-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--87463bc1-9173-4071-827c-db9c3d3396bc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:14:13.000Z",
"modified": "2018-02-09T14:14:13.000Z",
"pattern": "[file:hashes.MD5 = '5b3e0b74cdb0622074fd997af51161dd' AND file:hashes.SHA1 = 'af9b9164d6f3616bf31fb98acf8a0cb72c312774' AND file:hashes.SHA256 = '128814f2b057aef1dd3e00f3749aed2a81e5ed03737311f2b1faab4ab2e6e2fe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-02-09T14:14:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--f31cc4ab-1875-4f2d-87c9-04b8673ddbe8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:14:11.000Z",
"modified": "2018-02-09T14:14:11.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/128814f2b057aef1dd3e00f3749aed2a81e5ed03737311f2b1faab4ab2e6e2fe/analysis/1517416889/",
"category": "External analysis",
"uuid": "5a7dacb4-7fc8-40bd-929a-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "9/56",
"category": "Other",
"uuid": "5a7dacb4-0fc8-43af-a265-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2018-01-31T16:41:29",
"category": "Other",
"uuid": "5a7dacb4-9a34-49d6-992c-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--f2c6fa6f-7d6b-407a-8e98-3a0e9bcea365",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-02-09T14:14:13.000Z",
"modified": "2018-02-09T14:14:13.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/b556c04c768d57af104716386fe4f23b01aa9d707cbc60385895e2b4fc08c9b0/analysis/1514646306/",
"category": "External analysis",
"uuid": "5a7dacb5-5a14-45a2-8173-7f0002de0b81"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "31/59",
"category": "Other",
"uuid": "5a7dacb5-5968-4307-821f-7f0002de0b81"
},
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-12-30T15:05:06",
"category": "Other",
"uuid": "5a7dacb6-050c-4529-bf24-7f0002de0b81"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--0ee9de0f-b908-410d-aa9c-36f481c7e9ac",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:03.000Z",
"modified": "2018-02-16T09:00:03.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--5a588e6f-c80c-4f1e-ab63-5fa4950d210f",
"target_ref": "x-misp-object--c484d968-23eb-42f0-95b4-c646ff1c4a46"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--1ab34761-8695-4d1c-aa68-36dc6415b977",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:03.000Z",
"modified": "2018-02-16T09:00:03.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--5a588e83-b4f8-44e1-8e4c-5f67950d210f",
"target_ref": "x-misp-object--c54a631e-db6e-4cc7-856d-07a974bfc25a"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--2aa3ff22-dae8-43eb-81cf-06c652c03f8a",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:03.000Z",
"modified": "2018-02-16T09:00:03.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--5a588e93-5dfc-45e3-b6a4-4456950d210f",
"target_ref": "x-misp-object--672456f3-351d-4587-8114-0c562fcb6082"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--9b515f60-707d-47ae-99c5-8270027a9a68",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:03.000Z",
"modified": "2018-02-16T09:00:03.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--5a588ea4-afa0-4611-bfb8-5f67950d210f",
"target_ref": "x-misp-object--a41b07c7-d703-4a24-95e3-7d4c50770c9b"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--c4b3b05d-ab85-4d95-9247-1f496299f55e",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:04.000Z",
"modified": "2018-02-16T09:00:04.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--5a588f59-6d78-49a5-994d-47b5950d210f",
"target_ref": "x-misp-object--77a6bb0a-b55e-4b33-ae86-c7ae2004d914"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--1d55865e-8645-4e00-ba65-fd51883e244f",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:04.000Z",
"modified": "2018-02-16T09:00:04.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--5a589228-91e8-4b7e-a099-4ccd950d210f",
"target_ref": "x-misp-object--cde25116-2c43-45fe-90a9-9d17cf9e4e7c"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--1b56dc71-3872-4699-ba9e-e984ff7e67c8",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:04.000Z",
"modified": "2018-02-16T09:00:04.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--5a589262-4dd4-4e98-8159-6247950d210f",
"target_ref": "x-misp-object--e71d92c3-fb0b-4408-95c7-c3afe71baae7"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--1570d023-2d8b-4469-934e-c3e7f42daf59",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:04.000Z",
"modified": "2018-02-16T09:00:04.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--5a58bada-0930-472d-8af6-4307950d210f",
"target_ref": "x-misp-object--5c4cd601-a2bf-4e3e-b43c-3ee6dbee5ae0"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--f6220148-cb03-4ec1-a346-6007eab19664",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:04.000Z",
"modified": "2018-02-16T09:00:04.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--5a58bcda-a8f8-43a6-acb8-4fbc950d210f",
"target_ref": "x-misp-object--e72fba22-ef47-4486-b345-e02af2e3f2ba"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--afd04559-74ec-414e-b022-458ba20164ce",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:04.000Z",
"modified": "2018-02-16T09:00:04.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--5a58bcf9-4efc-4891-99c0-4a32950d210f",
"target_ref": "x-misp-object--10efb953-d0cc-4219-8b64-fd1aea48048d"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--0704440d-0b93-4188-b5f8-7aad48c3d637",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:04.000Z",
"modified": "2018-02-16T09:00:04.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--5a58bd15-e480-4b26-b998-45da950d210f",
"target_ref": "x-misp-object--a643b2e6-13d0-4844-bb44-3708ee4f1430"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--f434c806-fd4f-4e14-bd42-e94a51a17e92",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:04.000Z",
"modified": "2018-02-16T09:00:04.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--1a0ee044-7122-498a-9723-2e6a34cfe282",
"target_ref": "x-misp-object--2721e4a4-3fa7-48d6-a1c5-82c6072fe9cb"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--082854fd-583f-4edf-849b-dab1061e862e",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:04.000Z",
"modified": "2018-02-16T09:00:04.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--dd355e08-3cf3-4834-aff2-942c4d631ef8",
"target_ref": "x-misp-object--d553ed19-0a19-4bff-a1cb-29a2174a1504"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--c0119aa9-1124-4863-8219-f28b6f72bdbf",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:04.000Z",
"modified": "2018-02-16T09:00:04.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--607b7d37-5391-4828-9785-747ca987e6d0",
"target_ref": "x-misp-object--c962297e-54fe-479d-bc30-24c2e4425ad9"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--3ea8081e-472f-440c-aa66-677bfcf328ec",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:05.000Z",
"modified": "2018-02-16T09:00:05.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--845b2d47-0368-4a40-91d0-479d97eacda4",
"target_ref": "x-misp-object--22650c01-93d0-43cb-9b39-9e6b3db474eb"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--ae9824b7-e5e0-41b2-bcb4-95ed93e712fe",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:05.000Z",
"modified": "2018-02-16T09:00:05.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--8cb5ebee-fcb0-4f05-a707-708b1eaddd59",
"target_ref": "x-misp-object--9f51aaa1-7f34-4b9a-b4a4-34413e3295e3"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--e35a91ed-b7a5-4f29-a503-7b44f15d1a5a",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:05.000Z",
"modified": "2018-02-16T09:00:05.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--193ddc06-7e30-4bb9-a2e8-48fbfd5c7f4b",
"target_ref": "x-misp-object--21ee3580-cfc9-41d7-99c2-00615d045962"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--4a20a1e3-6ed2-47b1-b639-75259af1ab25",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:05.000Z",
"modified": "2018-02-16T09:00:05.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--f2fc9d46-6d9a-497c-b6ba-0b5e6b9210ea",
"target_ref": "x-misp-object--eb9962e1-8c34-45bf-b7be-9ce7bc3fec07"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--5f48124e-8898-48b5-925b-b8b8ea355387",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:05.000Z",
"modified": "2018-02-16T09:00:05.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--a10445d8-f9e8-485b-8d4a-167ce8bea45d",
"target_ref": "x-misp-object--cb259893-8a4b-4847-b19a-50a9bb705885"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--1407f704-e376-49ce-95b9-83cd03f2c299",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:05.000Z",
"modified": "2018-02-16T09:00:05.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--f41bbf4c-5ca3-4e62-af09-e1a9145ee05e",
"target_ref": "x-misp-object--bf3e1c52-bd79-4344-beed-865e505b5210"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--46bebc07-58f8-4a76-9f09-9ae509e9cf4e",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:05.000Z",
"modified": "2018-02-16T09:00:05.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--44885bf0-1f38-4d25-b9d9-80c3b47bed40",
"target_ref": "x-misp-object--e4dd2223-b1b9-40d2-b87b-9e819a6a68fb"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--5c4f9904-e029-4252-9a09-b6132d0c768d",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:05.000Z",
"modified": "2018-02-16T09:00:05.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--bf5df298-de3c-4398-9e6d-833e38d5c81f",
"target_ref": "x-misp-object--ddd10108-2f29-4846-bea0-1e80d1c62981"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--523c3e1d-b6ee-412f-bcd1-5ac012a6edfa",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:05.000Z",
"modified": "2018-02-16T09:00:05.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--4451bac1-bdc3-4bbd-a01d-ec5902aea71d",
"target_ref": "x-misp-object--3efc2992-b363-4793-87b3-5ec2032cdd31"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--5929e453-c69d-4cfb-8049-149703d67196",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:06.000Z",
"modified": "2018-02-16T09:00:06.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--f9086285-81ea-4ede-b4d3-0c086cd67629",
"target_ref": "x-misp-object--bb34db62-0780-4909-ad47-8d825362d6cf"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--3f5a919f-1846-4e1a-b458-8047833f85a2",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:06.000Z",
"modified": "2018-02-16T09:00:06.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--49b4e424-a863-47c4-907c-e282e6e65df3",
"target_ref": "x-misp-object--b5786be9-5a78-4df3-b021-1dec3dec8d55"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--366ba3ca-7a2d-4e9d-baa1-a8a0d09557f3",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:06.000Z",
"modified": "2018-02-16T09:00:06.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--5c4fe5fd-d899-4e20-b4b5-e39398733757",
"target_ref": "x-misp-object--4f4b9b57-b256-4d40-ae26-c8602137bfb6"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--05e32d4e-30e5-4fb8-8b5f-e67eacbc355a",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:06.000Z",
"modified": "2018-02-16T09:00:06.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--a49ac8ee-df74-445f-9d00-eff900554eb8",
"target_ref": "x-misp-object--d0d53aff-2f5b-4e9e-aca7-1fc077a1edfd"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--a399b739-a607-4450-873d-77a582375729",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:06.000Z",
"modified": "2018-02-16T09:00:06.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--96fcaf45-1bba-4a72-be42-a90d1c2052e2",
"target_ref": "x-misp-object--84bccfef-2072-49f1-b605-8bca7e67be2f"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--64724df8-a3f5-4345-9beb-752c7da57a49",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:06.000Z",
"modified": "2018-02-16T09:00:06.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--96fcaf45-1bba-4a72-be42-a90d1c2052e2",
"target_ref": "x-misp-object--85b2b880-d3e8-4dea-bea6-10c2a491856b"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--a91aeff8-7b17-4510-a5c1-6e933700608f",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:06.000Z",
"modified": "2018-02-16T09:00:06.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--25d83980-fd95-481d-a330-6e969b0253eb",
"target_ref": "x-misp-object--0f57df59-7f2e-4538-ad44-9198ae1eb7e7"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--87bbd2cc-a696-44ab-b187-982dbf9cc130",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:06.000Z",
"modified": "2018-02-16T09:00:06.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--9f4c7ec0-65cf-4610-a8ea-c5ee4df70fbf",
"target_ref": "x-misp-object--5d8a7de0-a5d1-4ecb-ac93-60a186a8f4e2"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--ee191f5b-144d-4dc1-a2d2-bec6b4d35d88",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:06.000Z",
"modified": "2018-02-16T09:00:06.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--9f4c7ec0-65cf-4610-a8ea-c5ee4df70fbf",
"target_ref": "x-misp-object--0840973f-94a7-411c-9c35-bebd86da7b47"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--291e5db2-d3df-4f14-aaa6-b9c8ba23c6bb",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:07.000Z",
"modified": "2018-02-16T09:00:07.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--2c61724f-2d3f-4083-854a-6c9cb42784f3",
"target_ref": "x-misp-object--1de4ff44-ee71-4017-a208-7510bc2224ab"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--d7de9c5f-470a-4408-aa9a-1a6cd4e2f1ed",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:07.000Z",
"modified": "2018-02-16T09:00:07.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--2c61724f-2d3f-4083-854a-6c9cb42784f3",
"target_ref": "x-misp-object--01b8d2c8-326f-4555-a514-65bbf934d953"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--35da715c-a3b5-4bcb-8254-f15ced0fd813",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:07.000Z",
"modified": "2018-02-16T09:00:07.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--7bcab0bd-20d4-4b42-b5f1-268637d54d58",
"target_ref": "x-misp-object--76a37ccf-a61f-4466-b91b-dfb81cd4087d"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--b1e30101-891e-4d3f-95e7-b9dcc52b783b",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:07.000Z",
"modified": "2018-02-16T09:00:07.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--7bcab0bd-20d4-4b42-b5f1-268637d54d58",
"target_ref": "x-misp-object--5c2bd08b-1259-4095-9c9e-3b74506b1585"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--5bf303a8-cf3a-487c-9a3a-c143c5f041b5",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:07.000Z",
"modified": "2018-02-16T09:00:07.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--edd54722-ac7d-4351-ad66-d4961e9e23ed",
"target_ref": "x-misp-object--98ea29fa-c6f3-4bb1-89c7-551a3f1ec0fb"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--383a307f-73da-4741-869b-d22182ab10e0",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:07.000Z",
"modified": "2018-02-16T09:00:07.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--edd54722-ac7d-4351-ad66-d4961e9e23ed",
"target_ref": "x-misp-object--e5e57871-79b1-4440-95b3-49bc62c724e5"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--90ee1c1b-4c08-4203-ba7f-2888e38da86d",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:07.000Z",
"modified": "2018-02-16T09:00:07.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--dd110c76-6e54-48c4-badb-b901a57b7bc8",
"target_ref": "x-misp-object--d7545769-a98f-47ac-89e1-9074f18b2266"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--e8127691-28e5-434c-8b36-af6280fe49e7",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:07.000Z",
"modified": "2018-02-16T09:00:07.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--dd110c76-6e54-48c4-badb-b901a57b7bc8",
"target_ref": "x-misp-object--f2c6fa6f-7d6b-407a-8e98-3a0e9bcea365"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--88082d62-5fee-4671-b510-02d61be97579",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:07.000Z",
"modified": "2018-02-16T09:00:07.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--2c1cfefa-96a0-4099-a720-69b64d16fe5f",
"target_ref": "x-misp-object--2beed4ba-5af8-427c-8270-b6a6456df65c"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--db8f1927-5a1c-4745-83e1-703dd2c1e9fc",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:08.000Z",
"modified": "2018-02-16T09:00:08.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--9cb63957-a223-4016-bf62-7eac015b02a4",
"target_ref": "x-misp-object--83cea96d-ea16-4220-b8d5-88ca68baf4d5"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--29f5797f-9168-4220-9408-f83d2f233d98",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:08.000Z",
"modified": "2018-02-16T09:00:08.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--90395b9d-bff0-4af6-adaf-a864379542da",
"target_ref": "x-misp-object--494c3c26-d774-4f6a-aa08-5eba8f2211db"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--5cefff89-788d-4c77-8239-5a52ae1b2926",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:08.000Z",
"modified": "2018-02-16T09:00:08.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--90395b9d-bff0-4af6-adaf-a864379542da",
"target_ref": "x-misp-object--7e1bd57e-b8fe-46ce-acd5-c763793f28c5"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--a75ccaf8-a5df-448c-9b97-ebbae2019497",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:08.000Z",
"modified": "2018-02-16T09:00:08.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--41a354b8-fbc4-48fc-8976-bd9a3593a07c",
"target_ref": "x-misp-object--77040fb6-0d6c-459f-986f-92b37cffe118"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--37f834de-d1a4-4f6b-ade6-8c1b623adfe3",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:08.000Z",
"modified": "2018-02-16T09:00:08.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--480e2ec8-94b2-4682-a591-c2e86c390ead",
"target_ref": "x-misp-object--e6e5e5d4-0dc1-4dca-a921-aa923f455fcf"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--61822344-9828-4a82-bcbb-ed3c442eb531",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:08.000Z",
"modified": "2018-02-16T09:00:08.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--74bef4c3-487c-4941-b138-c8c0e3413b50",
"target_ref": "x-misp-object--78a04ae2-f33b-4b5a-b0ad-64f842d70385"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--2bb444c1-d941-4430-b0e5-204b6a00acbc",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:08.000Z",
"modified": "2018-02-16T09:00:08.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--1f840571-741e-4096-92d6-78e58c49109c",
"target_ref": "x-misp-object--268e55cb-3597-4e16-8007-a8b36cf61376"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--17a9e708-0a3d-4acf-ab3d-f1fc834d40c7",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:08.000Z",
"modified": "2018-02-16T09:00:08.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--2835626e-b913-4889-a9d9-fdbe227feadb",
"target_ref": "x-misp-object--a28ef769-5398-4eb7-9b00-fab900d14c43"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--acba2e59-2b2c-4d77-8bc7-4eda42aa2876",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:09.000Z",
"modified": "2018-02-16T09:00:09.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--fb3000f4-1ebc-42d4-8e4a-2275d659efe6",
"target_ref": "x-misp-object--5cbeb48f-30a6-478a-bea9-9928524630c6"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--ef982198-97bd-4d7a-9958-7f793369ac1f",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:09.000Z",
"modified": "2018-02-16T09:00:09.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--f53a44f1-158b-4212-bc9e-8e257362a32c",
"target_ref": "x-misp-object--3bd1c560-3b57-4248-b95c-72723eebd90c"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--52caf30b-9999-4103-8657-c534f34d71c7",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:09.000Z",
"modified": "2018-02-16T09:00:09.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--edc8ba48-d186-4b7f-a8e4-54fdfee91503",
"target_ref": "x-misp-object--cf7832e0-5495-4a89-95df-cb4dd915842e"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--8c3f09d1-9ae5-45b3-847a-75b1b87a80b9",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:09.000Z",
"modified": "2018-02-16T09:00:09.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--f8e43169-3421-43af-8b25-be605a3ea859",
"target_ref": "x-misp-object--2e77adf4-a30d-4dcf-9fcd-9a263b1971c7"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--928c7c29-26e1-44db-bdfe-c9430ed2723f",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:09.000Z",
"modified": "2018-02-16T09:00:09.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--770417f7-66d8-4c14-a590-25829420ef72",
"target_ref": "x-misp-object--d250cbbd-0387-4477-9487-647ba7f369ed"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--05cdeb71-6f1e-45d9-ab38-7c0ca7f793ce",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:09.000Z",
"modified": "2018-02-16T09:00:09.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--18939e64-0afb-4ae4-8995-189b92423b98",
"target_ref": "x-misp-object--55b685d6-7fdc-4538-b113-d253384b213a"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--34fc1b05-e892-4ca1-9a63-6b339e23b5c7",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:09.000Z",
"modified": "2018-02-16T09:00:09.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--8d7a2d17-30f8-46c6-aa2c-c99caf8b8208",
"target_ref": "x-misp-object--ece0181f-f705-463f-bea6-08263cc535ba"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--c6062b18-4dd4-4512-9c56-e9707863f0b9",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2018-02-16T09:00:09.000Z",
"modified": "2018-02-16T09:00:09.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--87463bc1-9173-4071-827c-db9c3d3396bc",
"target_ref": "x-misp-object--f31cc4ab-1875-4f2d-87c9-04b8673ddbe8"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
]
}
Reference in a new issue Copy permalink