2023-04-21 13:25:09 +00:00
{
2023-06-14 17:31:25 +00:00
"type" : "bundle" ,
"id" : "bundle--5a9c4472-55e8-4734-b23b-401702de0b81" ,
"objects" : [
{
"type" : "identity" ,
"spec_version" : "2.1" ,
"id" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:30:17.000Z" ,
"modified" : "2018-03-04T19:30:17.000Z" ,
"name" : "CIRCL" ,
"identity_class" : "organization"
} ,
{
"type" : "report" ,
"spec_version" : "2.1" ,
"id" : "report--5a9c4472-55e8-4734-b23b-401702de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:30:17.000Z" ,
"modified" : "2018-03-04T19:30:17.000Z" ,
"name" : "OSINT - McAfee Uncovers Operation Honeybee, a Malicious Document Campaign Targeting Humanitarian Aid Groups" ,
"published" : "2018-03-04T19:31:09Z" ,
"object_refs" : [
"observed-data--5a9c44b4-1728-4a7c-a65a-458102de0b81" ,
"url--5a9c44b4-1728-4a7c-a65a-458102de0b81" ,
"x-misp-attribute--5a9c44cb-ba2c-4bd3-872a-4d2302de0b81" ,
"indicator--5a9c45f8-8e9c-49ef-b239-454b02de0b81" ,
"indicator--5a9c45f9-a280-4cd9-87e4-455302de0b81" ,
"indicator--5a9c45f9-05c8-4883-a183-466e02de0b81" ,
"indicator--5a9c45fa-ff6c-445a-aa8b-4cf702de0b81" ,
"indicator--5a9c45fa-681c-4292-bda0-491d02de0b81" ,
"indicator--5a9c4805-c09c-4690-8e98-486e02de0b81" ,
"indicator--5a9c4805-2880-44af-ab46-462102de0b81" ,
"indicator--5a9c4806-c684-4736-ac98-4bb202de0b81" ,
"indicator--5a9c4806-8fa0-40c4-8680-4d4602de0b81" ,
"indicator--5a9c4807-5ea4-4ef2-93e5-49da02de0b81" ,
"indicator--5a9c4808-10c0-4208-9231-409702de0b81" ,
"indicator--5a9c4808-f624-4e20-b0f1-4e9902de0b81" ,
"indicator--5a9c4809-ec64-4b39-be1d-4a3d02de0b81" ,
"indicator--5a9c4809-85c8-4f4e-8444-48be02de0b81" ,
"indicator--5a9c4809-8fa4-4b77-99cb-44ea02de0b81" ,
"indicator--5a9c480a-81cc-4a6b-8fd2-4f5f02de0b81" ,
"indicator--5a9c480a-f628-4d4f-86ae-49a502de0b81" ,
"indicator--5a9c480b-aed0-448d-984e-442e02de0b81" ,
"indicator--5a9c480b-f484-40f1-87c8-45d802de0b81" ,
"indicator--5a9c480c-4ce8-45e0-9b94-4a6c02de0b81" ,
"indicator--5a9c480c-a5f4-4702-b3c0-4aaa02de0b81" ,
"indicator--5a9c480d-d130-4cb6-9a2f-4e4402de0b81" ,
"indicator--5a9c480d-2208-4f82-8389-4da702de0b81" ,
"indicator--5a9c480e-bf30-42c0-8f75-4a3b02de0b81" ,
"indicator--5a9c480e-5c64-4636-ba9e-4e1202de0b81" ,
"indicator--5a9c480f-11ac-4159-98df-4bc302de0b81" ,
"indicator--5a9c480f-ac00-4184-9f88-4b4102de0b81" ,
"indicator--5a9c4810-85e0-4e93-8e9f-445902de0b81" ,
"indicator--2e961d04-28b4-4bb2-9733-a9eb1b50319c" ,
"x-misp-object--09fa2b85-feaa-4636-9097-217bbf42c4e8" ,
"indicator--6a4bcdf2-3620-4da2-9b36-deec766fdaf1" ,
"x-misp-object--2ffa5aed-ea08-4422-8686-d2ba03550afd" ,
"indicator--33266df5-c97f-4067-8738-8912d5f44104" ,
"x-misp-object--b287872a-da15-4eeb-9420-7eb029fddac9" ,
"indicator--bf7c6241-225f-4187-bcb9-451fdb15ecda" ,
"x-misp-object--32b43043-8774-440d-b442-ce1eaea26709" ,
"indicator--04640a00-f2ab-4c38-8b33-2df082780575" ,
"x-misp-object--378c8adb-0b81-4d33-9176-a03c16216593" ,
"indicator--8c8f576e-3820-4e89-ba34-12a566864e58" ,
"x-misp-object--2c9eaabb-ebc9-4309-b7c7-ef1ac1c59145" ,
"indicator--514a1f78-bf75-4f64-898a-4e2be87489d5" ,
"x-misp-object--9d63c363-35ff-45fb-9535-c26c9788f769" ,
"indicator--a2063520-46ea-4639-8633-cf5381334d18" ,
"x-misp-object--28105c15-e542-4dad-a548-faae9d5e4769" ,
"indicator--d5fc0820-91ec-4544-bdd4-2f87e2fa9467" ,
"x-misp-object--05084373-ae18-4394-b9f2-e740d2b08ccc" ,
"indicator--58f55dfa-eed0-4746-9069-5146ed2103fc" ,
"x-misp-object--cb61e17c-f9cd-493c-96c5-ea78e5ae6961" ,
"indicator--97a7c6eb-3a2f-432b-8e97-b106d469e964" ,
"x-misp-object--f6ae7fb6-d975-4d07-a411-06fe28c989d2" ,
"indicator--c66c5308-cc4a-4435-b9a5-bcd7e48550fd" ,
"x-misp-object--835ea6a0-be27-4835-8496-15b1400125ca" ,
"indicator--933893e5-8c93-4dbb-981b-5f13107031ba" ,
"x-misp-object--c4433d08-1723-4a90-9430-4550b1304464" ,
"indicator--cd84f8e1-762e-4825-b58e-abe40a0684dd" ,
"x-misp-object--edd18574-a310-410d-98e7-4094acb57a27" ,
"indicator--3e3ac655-c8ff-4a06-8907-6e36b7e29f7f" ,
"x-misp-object--50d5693d-a1f9-405a-96ff-86a8a80d3849" ,
"indicator--354ee013-cc51-4dbc-a065-63407d7a79dc" ,
"x-misp-object--667dd7e4-c149-42d7-b8da-2fa28338839b" ,
"indicator--ffde9d1b-07b8-4502-bc1c-8c61a050a0d1" ,
"x-misp-object--882a8ef5-40ac-432e-8cce-6c757d3dad16" ,
"indicator--d988240f-156a-4bef-95fe-5ae0aed363ef" ,
"x-misp-object--8459a3bb-9154-46f0-bc77-9f157f360bc8" ,
"indicator--8b9b4bf9-53db-44f1-93cb-6b2f285acd0d" ,
"x-misp-object--abfef57f-d54f-4348-b8fb-e89c39e87d10" ,
"indicator--e839410b-4086-442f-b5e0-ac197b937903" ,
"x-misp-object--f3f9b826-0e95-4e38-b843-da58ddbe059a" ,
"indicator--b8494d13-1838-4cde-96ae-acd8f48e83a2" ,
"x-misp-object--e4282726-dc94-4aed-a732-7045fe4d8ade" ,
"indicator--8db98fbb-2cbf-4e8d-b3ea-fbf95bc53388" ,
"x-misp-object--176f32f4-a6bc-4cdc-9810-f05b6dc37aed" ,
"indicator--50ed765b-7319-4df8-ab5a-fec415cc1eb2" ,
"x-misp-object--df58b1a3-6916-4801-b680-d868be75750a" ,
2023-12-14 13:47:04 +00:00
"relationship--2157ebd8-1fed-4dc0-8a2c-b52d98219d41" ,
"relationship--405c65b6-aa1c-42fb-8455-965603623b1d" ,
"relationship--029bfbef-b91f-4eb9-b80b-9b1f32867459" ,
"relationship--1f79c85a-cc31-47e8-a8c0-93e48a849aff" ,
"relationship--4bf51ec6-ccba-4126-8aa8-6c24590dbe62" ,
"relationship--8502e6c5-b910-498b-80d6-d9a3150b97ec" ,
"relationship--0828290e-6ca4-48ce-a3c7-4b2594b3a79a" ,
"relationship--1c24e903-1654-4f03-b40c-1f4437b37ea3" ,
"relationship--4fb4bba0-0e3d-4cbc-8f43-560c6925603a" ,
"relationship--a0292774-13d2-4fe7-aeba-018127a337c9" ,
"relationship--6e506fdd-66b2-4a7d-842b-6bf3a4455164" ,
"relationship--cbe9f8bd-1d89-4b60-8a7a-5278384c24a9" ,
"relationship--4ae971f2-e899-45d1-87e5-df62109b0419" ,
"relationship--2edfad6d-813f-4bae-bbbc-a8eb5c866f8b" ,
"relationship--2bf73a27-46b9-46f5-a890-cd4ec2e16ee6" ,
"relationship--bb313b13-fc64-488c-9055-3e56f8437815" ,
"relationship--58ac2e7d-61d9-4f8c-b9a5-cf7057bd7ee5" ,
"relationship--3f947d46-5d35-4443-9c14-d9ad2e20a530" ,
"relationship--cb360683-2d6f-49a4-837f-19026ae9fb34" ,
"relationship--f19b449f-6c13-41c9-8799-782a4028c3d6" ,
"relationship--a057ad4c-1bfb-49c5-b30e-f5c2d8b15bf5" ,
"relationship--bedbb061-b0bf-4553-a2f6-9ca2a368976b" ,
"relationship--7ddeb35d-b3ce-4f90-976a-47c6c4b9c6d2"
2023-06-14 17:31:25 +00:00
] ,
"labels" : [
"Threat-Report" ,
"misp:tool=\"MISP-STIX-Converter\"" ,
"estimative-language:likelihood-probability=\"very-likely\"" ,
"osint:source-type=\"blog-post\"" ,
"misp-galaxy:mitre-entreprise-attack-attack-pattern=\"Modify Existing Service\"" ,
"misp-galaxy:mitre-entreprise-attack-attack-pattern=\"Code Signing\"" ,
"misp-galaxy:mitre-entreprise-attack-attack-pattern=\"File Deletion\"" ,
"misp-galaxy:mitre-entreprise-attack-attack-pattern=\"Deobfuscate/Decode Files or Information\"" ,
"misp-galaxy:mitre-mobile-attack-attack-pattern=\"System Information Discovery\"" ,
"misp-galaxy:mitre-mobile-attack-attack-pattern=\"Process Discovery\"" ,
"misp-galaxy:mitre-entreprise-attack-attack-pattern=\"Service Execution\"" ,
"misp-galaxy:mitre-entreprise-attack-attack-pattern=\"Rundll32\"" ,
"misp-galaxy:mitre-entreprise-attack-attack-pattern=\"Scripting\"" ,
"misp-galaxy:mitre-entreprise-attack-attack-pattern=\"Command-Line Interface\"" ,
"misp-galaxy:mitre-entreprise-attack-attack-pattern=\"Data from Local System\"" ,
"misp-galaxy:mitre-entreprise-attack-attack-pattern=\"Automated Exfiltration\"" ,
"misp-galaxy:mitre-entreprise-attack-attack-pattern=\"Data Encrypted\"" ,
"misp-galaxy:mitre-mobile-attack-attack-pattern=\"Commonly Used Port\"" ,
"misp-galaxy:mitre-entreprise-attack-attack-pattern=\"Bypass User Account Control\""
] ,
"object_marking_refs" : [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5a9c44b4-1728-4a7c-a65a-458102de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:14.000Z" ,
"modified" : "2018-03-04T19:29:14.000Z" ,
"first_observed" : "2018-03-04T19:29:14Z" ,
"last_observed" : "2018-03-04T19:29:14Z" ,
"number_observed" : 1 ,
"object_refs" : [
"url--5a9c44b4-1728-4a7c-a65a-458102de0b81"
] ,
"labels" : [
"misp:type=\"link\"" ,
"misp:category=\"External analysis\"" ,
"osint:source-type=\"blog-post\"" ,
"misp:confidence-level=\"usually-confident\""
] ,
"confidence" : 75
} ,
{
"type" : "url" ,
"spec_version" : "2.1" ,
"id" : "url--5a9c44b4-1728-4a7c-a65a-458102de0b81" ,
"value" : "https://securingtomorrow.mcafee.com/mcafee-labs/mcafee-uncovers-operation-honeybee-malicious-document-campaign-targeting-humanitarian-aid-groups/"
} ,
{
"type" : "x-misp-attribute" ,
"spec_version" : "2.1" ,
"id" : "x-misp-attribute--5a9c44cb-ba2c-4bd3-872a-4d2302de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:14.000Z" ,
"modified" : "2018-03-04T19:29:14.000Z" ,
"labels" : [
"misp:type=\"text\"" ,
"misp:category=\"External analysis\"" ,
"osint:source-type=\"blog-post\"" ,
"misp:confidence-level=\"usually-confident\""
] ,
"confidence" : 75 ,
"x_misp_category" : "External analysis" ,
"x_misp_type" : "text" ,
"x_misp_value" : "McAfee Advanced Threat Research analysts have discovered a new operation targeting humanitarian aid organizations and using North Korean political topics as bait to lure victims into opening malicious Microsoft Word documents. Our analysts have named this Operation Honeybee, based on the names of the malicious documents used in the attacks.\r\n\r\nAdvanced Threat Research analysts have also discovered malicious documents authored by the same actor that indicate a tactical shift. These documents do not contain the typical lures by this actor, instead using Word compatibility messages to entice victims into opening them.\r\n\r\nThe Advanced Threat Research team also observed a heavy concentration of the implant in Vietnam from January 15\u00e2\u20ac\u201c17."
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c45f8-8e9c-49ef-b239-454b02de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:15.000Z" ,
"modified" : "2018-03-04T19:29:15.000Z" ,
"pattern" : "[domain-name:value = 'ftp.byethost31.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:15Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c45f9-a280-4cd9-87e4-455302de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:15.000Z" ,
"modified" : "2018-03-04T19:29:15.000Z" ,
"pattern" : "[domain-name:value = 'ftp.byethost11.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:15Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c45f9-05c8-4883-a183-466e02de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:16.000Z" ,
"modified" : "2018-03-04T19:29:16.000Z" ,
"pattern" : "[domain-name:value = '1113427185.ifastnet.org']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:16Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c45fa-ff6c-445a-aa8b-4cf702de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:17.000Z" ,
"modified" : "2018-03-04T19:29:17.000Z" ,
"pattern" : "[domain-name:value = 'navermail.byethost3.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:17Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c45fa-681c-4292-bda0-491d02de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:17.000Z" ,
"modified" : "2018-03-04T19:29:17.000Z" ,
"pattern" : "[domain-name:value = 'nihon.byethost3.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:17Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c4805-c09c-4690-8e98-486e02de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:24:53.000Z" ,
"modified" : "2018-03-04T19:24:53.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'fe32d29fa16b1b71cd27b23a78ee9f6b7791bff3']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:24:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c4805-2880-44af-ab46-462102de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:24:53.000Z" ,
"modified" : "2018-03-04T19:24:53.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'f684e15dd2e84bac49ea9b89f9b2646dc32a2477']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:24:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c4806-c684-4736-ac98-4bb202de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:24:54.000Z" ,
"modified" : "2018-03-04T19:24:54.000Z" ,
"pattern" : "[file:hashes.SHA1 = '1d280a77595a2d2bbd36b9b5d958f99be20f8e06']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:24:54Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c4806-8fa0-40c4-8680-4d4602de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:24:54.000Z" ,
"modified" : "2018-03-04T19:24:54.000Z" ,
"pattern" : "[file:hashes.SHA1 = '19d9573f0b2c2100accd562cc82d57adb12a57ec']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:24:54Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c4807-5ea4-4ef2-93e5-49da02de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:24:55.000Z" ,
"modified" : "2018-03-04T19:24:55.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'f90a2155ac492c3c2d5e1d83e384e1a734e59cc0']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:24:55Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c4808-10c0-4208-9231-409702de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:24:56.000Z" ,
"modified" : "2018-03-04T19:24:56.000Z" ,
"pattern" : "[file:hashes.SHA1 = '9b832dda912cce6b23da8abf3881fcf4d2b7ce09']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:24:56Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c4808-f624-4e20-b0f1-4e9902de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:24:56.000Z" ,
"modified" : "2018-03-04T19:24:56.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'f3b62fea38cb44e15984d941445d24e6b309bc7b']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:24:56Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c4809-ec64-4b39-be1d-4a3d02de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:24:57.000Z" ,
"modified" : "2018-03-04T19:24:57.000Z" ,
"pattern" : "[file:hashes.SHA1 = '66d2cea01b46c3353f4339a986a97b24ed89ee18']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:24:57Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c4809-85c8-4f4e-8444-48be02de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:24:57.000Z" ,
"modified" : "2018-03-04T19:24:57.000Z" ,
"pattern" : "[file:hashes.SHA1 = '7113aaab61cacb6086c5531a453adf82ca7e7d03']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:24:57Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c4809-8fa4-4b77-99cb-44ea02de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:24:57.000Z" ,
"modified" : "2018-03-04T19:24:57.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'd41daba0ebfa55d0c769ccfc03dbf6a5221e006a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:24:57Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c480a-81cc-4a6b-8fd2-4f5f02de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:24:58.000Z" ,
"modified" : "2018-03-04T19:24:58.000Z" ,
"pattern" : "[file:hashes.SHA1 = '25f4819e7948086d46df8de2eeeaa2b9ec6eca8c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:24:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c480a-f628-4d4f-86ae-49a502de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:24:58.000Z" ,
"modified" : "2018-03-04T19:24:58.000Z" ,
"pattern" : "[file:hashes.SHA1 = '35ab747c15c20da29a14e8b46c07c0448cef4999']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:24:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c480b-aed0-448d-984e-442e02de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:24:59.000Z" ,
"modified" : "2018-03-04T19:24:59.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'e87de3747d7c12c1eea9e73d3c2fb085b5ae8b42']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:24:59Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c480b-f484-40f1-87c8-45d802de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:24:59.000Z" ,
"modified" : "2018-03-04T19:24:59.000Z" ,
"pattern" : "[file:hashes.SHA1 = '0e4a7c0242b98723dc2b8cce1fbf1a43dd025cf0']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:24:59Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c480c-4ce8-45e0-9b94-4a6c02de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:25:00.000Z" ,
"modified" : "2018-03-04T19:25:00.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'bca861a46d60831a3101c50f80a6d626fa99bf16']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:25:00Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c480c-a5f4-4702-b3c0-4aaa02de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:25:00.000Z" ,
"modified" : "2018-03-04T19:25:00.000Z" ,
"pattern" : "[file:hashes.SHA1 = '01530adb3f947fabebae5d9c04fb69f9000c3cef']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:25:00Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c480d-d130-4cb6-9a2f-4e4402de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:25:01.000Z" ,
"modified" : "2018-03-04T19:25:01.000Z" ,
"pattern" : "[file:hashes.SHA1 = '4229896d61a5ad57ed5c247228606ce62c7032d0']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:25:01Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c480d-2208-4f82-8389-4da702de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:25:01.000Z" ,
"modified" : "2018-03-04T19:25:01.000Z" ,
"pattern" : "[file:hashes.SHA1 = '4c7e975f95ebc47423923b855a7530af52977f57']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:25:01Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c480e-bf30-42c0-8f75-4a3b02de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:25:02.000Z" ,
"modified" : "2018-03-04T19:25:02.000Z" ,
"pattern" : "[file:hashes.SHA1 = '5a6ad7a1c566204a92dd269312d1156d51e61dc4']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:25:02Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c480e-5c64-4636-ba9e-4e1202de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:25:02.000Z" ,
"modified" : "2018-03-04T19:25:02.000Z" ,
"pattern" : "[file:hashes.SHA1 = '1dc50bfcab2bc80587ac900c03e23afcbe243f64']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:25:02Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c480f-11ac-4159-98df-4bc302de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:25:03.000Z" ,
"modified" : "2018-03-04T19:25:03.000Z" ,
"pattern" : "[file:hashes.SHA1 = '003e21b02be3248ff72cc2bfcd05bb161b6a2356']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:25:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c480f-ac00-4184-9f88-4b4102de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:25:03.000Z" ,
"modified" : "2018-03-04T19:25:03.000Z" ,
"pattern" : "[file:hashes.SHA1 = '9b7c3c48bcef6330e3086de592b3223eb198744a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:25:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a9c4810-85e0-4e93-8e9f-445902de0b81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:25:04.000Z" ,
"modified" : "2018-03-04T19:25:04.000Z" ,
"pattern" : "[file:hashes.SHA1 = '85e2453b37602429596c9681a8c58a5c6faf8d0c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:25:04Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2e961d04-28b4-4bb2-9733-a9eb1b50319c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:21.000Z" ,
"modified" : "2018-03-04T19:29:21.000Z" ,
"pattern" : "[file:hashes.MD5 = '3eb415f905e896ef1d43d8aac74d0039' AND file:hashes.SHA1 = 'd41daba0ebfa55d0c769ccfc03dbf6a5221e006a' AND file:hashes.SHA256 = '670002bceaf387608a27827a95854b0a33ecad5c83255f03b98bfe18fe5e9768']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--09fa2b85-feaa-4636-9097-217bbf42c4e8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:20.000Z" ,
"modified" : "2018-03-04T19:29:20.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/670002bceaf387608a27827a95854b0a33ecad5c83255f03b98bfe18fe5e9768/analysis/1520006385/" ,
"category" : "External analysis" ,
"uuid" : "5a9c4910-a73c-4e50-94f8-4d5902de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "29/66" ,
"category" : "Other" ,
"uuid" : "5a9c4911-d6c8-4552-9c8e-4e3d02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-03-02T15:59:45" ,
"category" : "Other" ,
"uuid" : "5a9c4911-bda4-4e2d-9cdb-4dd202de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6a4bcdf2-3620-4da2-9b36-deec766fdaf1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:24.000Z" ,
"modified" : "2018-03-04T19:29:24.000Z" ,
"pattern" : "[file:hashes.MD5 = '97e2323d884a96b1207005b6b8c041d4' AND file:hashes.SHA1 = '1d280a77595a2d2bbd36b9b5d958f99be20f8e06' AND file:hashes.SHA256 = 'd4be329aa00c2610a4ab48e7924cd77212de1648392ae3914527eaafa8014dc0']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:24Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--2ffa5aed-ea08-4422-8686-d2ba03550afd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:22.000Z" ,
"modified" : "2018-03-04T19:29:22.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/d4be329aa00c2610a4ab48e7924cd77212de1648392ae3914527eaafa8014dc0/analysis/1517611004/" ,
"category" : "External analysis" ,
"uuid" : "5a9c4913-5f38-4d1b-954a-407902de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "28/59" ,
"category" : "Other" ,
"uuid" : "5a9c4913-5f94-4b2c-ab3c-4ecb02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-02-02T22:36:44" ,
"category" : "Other" ,
"uuid" : "5a9c4913-07b4-4d89-a370-4dae02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--33266df5-c97f-4067-8738-8912d5f44104" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:26.000Z" ,
"modified" : "2018-03-04T19:29:26.000Z" ,
"pattern" : "[file:hashes.MD5 = 'bb2fbd8d143e1fb0717d21d4443729fc' AND file:hashes.SHA1 = '25f4819e7948086d46df8de2eeeaa2b9ec6eca8c' AND file:hashes.SHA256 = 'd31fe5cfa884e04ee26f323b8d104dcaa91146f5c7c216212fd3053afaade80f']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:26Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--b287872a-da15-4eeb-9420-7eb029fddac9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:25.000Z" ,
"modified" : "2018-03-04T19:29:25.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/d31fe5cfa884e04ee26f323b8d104dcaa91146f5c7c216212fd3053afaade80f/analysis/1520006253/" ,
"category" : "External analysis" ,
"uuid" : "5a9c4915-2ecc-4a83-b82e-472b02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "35/66" ,
"category" : "Other" ,
"uuid" : "5a9c4915-c8c0-4d05-84af-4c7b02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-03-02T15:57:33" ,
"category" : "Other" ,
"uuid" : "5a9c4915-12a4-4e41-9af8-47d002de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--bf7c6241-225f-4187-bcb9-451fdb15ecda" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:29.000Z" ,
"modified" : "2018-03-04T19:29:29.000Z" ,
"pattern" : "[file:hashes.MD5 = '36614876eea3d174e1b1a9f0c5e58034' AND file:hashes.SHA1 = 'e87de3747d7c12c1eea9e73d3c2fb085b5ae8b42' AND file:hashes.SHA256 = '439c305cd408dbb508e153caab29d17021a7430f1dbaec0c90ac750ba2136f5f']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:29Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--32b43043-8774-440d-b442-ce1eaea26709" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:27.000Z" ,
"modified" : "2018-03-04T19:29:27.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/439c305cd408dbb508e153caab29d17021a7430f1dbaec0c90ac750ba2136f5f/analysis/1520006340/" ,
"category" : "External analysis" ,
"uuid" : "5a9c4917-c5dc-4b2c-ae7c-48a202de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "37/66" ,
"category" : "Other" ,
"uuid" : "5a9c4918-2728-49a8-9dd8-44e902de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-03-02T15:59:00" ,
"category" : "Other" ,
"uuid" : "5a9c4918-6d2c-43cb-a638-41d602de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--04640a00-f2ab-4c38-8b33-2df082780575" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:31.000Z" ,
"modified" : "2018-03-04T19:29:31.000Z" ,
"pattern" : "[file:hashes.MD5 = '155842c2c1824e0e4f17f63646d23aac' AND file:hashes.SHA1 = '35ab747c15c20da29a14e8b46c07c0448cef4999' AND file:hashes.SHA256 = '392b1eaf242eaa780bddde2d0babd5c2723e0ecadc4aa3fb64a3357ca0698987']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:31Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--378c8adb-0b81-4d33-9176-a03c16216593" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:29.000Z" ,
"modified" : "2018-03-04T19:29:29.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/392b1eaf242eaa780bddde2d0babd5c2723e0ecadc4aa3fb64a3357ca0698987/analysis/1520006046/" ,
"category" : "External analysis" ,
"uuid" : "5a9c491a-2540-4934-a798-43ec02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "23/66" ,
"category" : "Other" ,
"uuid" : "5a9c491a-f0c0-4b54-bb9e-49fc02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-03-02T15:54:06" ,
"category" : "Other" ,
"uuid" : "5a9c491a-b0fc-426c-86b8-4b7b02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8c8f576e-3820-4e89-ba34-12a566864e58" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:34.000Z" ,
"modified" : "2018-03-04T19:29:34.000Z" ,
"pattern" : "[file:hashes.MD5 = '9a925e048612e1c24b44974fc9b4bb6a' AND file:hashes.SHA1 = '5a6ad7a1c566204a92dd269312d1156d51e61dc4' AND file:hashes.SHA256 = 'd60a03b67683d80fa2f74bd933ec93cbb8b40a247d9d3c31aea9794e50fbd2e2']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:34Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--2c9eaabb-ebc9-4309-b7c7-ef1ac1c59145" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:32.000Z" ,
"modified" : "2018-03-04T19:29:32.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/d60a03b67683d80fa2f74bd933ec93cbb8b40a247d9d3c31aea9794e50fbd2e2/analysis/1516022902/" ,
"category" : "External analysis" ,
"uuid" : "5a9c491c-96e8-483a-be3b-46c502de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "33/65" ,
"category" : "Other" ,
"uuid" : "5a9c491d-18f8-4303-a7ac-464202de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-15T13:28:22" ,
"category" : "Other" ,
"uuid" : "5a9c491d-c950-4a8f-b456-49e702de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--514a1f78-bf75-4f64-898a-4e2be87489d5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:36.000Z" ,
"modified" : "2018-03-04T19:29:36.000Z" ,
"pattern" : "[file:hashes.MD5 = 'fac0a84c3d04cba36dd21ab68d759225' AND file:hashes.SHA1 = '0e4a7c0242b98723dc2b8cce1fbf1a43dd025cf0' AND file:hashes.SHA256 = '795acde1e841354fd82b8ae976fba9bfc620bc85ec374a891a40776a7d1fbcdc']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:36Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--9d63c363-35ff-45fb-9535-c26c9788f769" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:34.000Z" ,
"modified" : "2018-03-04T19:29:34.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/795acde1e841354fd82b8ae976fba9bfc620bc85ec374a891a40776a7d1fbcdc/analysis/1520096392/" ,
"category" : "External analysis" ,
"uuid" : "5a9c491e-28a4-4fe1-844e-467702de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "27/66" ,
"category" : "Other" ,
"uuid" : "5a9c491f-a3d8-415d-a3ff-4bdd02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-03-03T16:59:52" ,
"category" : "Other" ,
"uuid" : "5a9c491f-1de4-4a40-a557-46ed02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a2063520-46ea-4639-8633-cf5381334d18" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:38.000Z" ,
"modified" : "2018-03-04T19:29:38.000Z" ,
"pattern" : "[file:hashes.MD5 = '4017ce64f321fd1b75c9bb7815bde12a' AND file:hashes.SHA1 = '1dc50bfcab2bc80587ac900c03e23afcbe243f64' AND file:hashes.SHA256 = '24eb02947168753e8215661d2f1a38304a227cb798baab3882d504394127a7d5']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--28105c15-e542-4dad-a548-faae9d5e4769" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:36.000Z" ,
"modified" : "2018-03-04T19:29:36.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/24eb02947168753e8215661d2f1a38304a227cb798baab3882d504394127a7d5/analysis/1516168268/" ,
"category" : "External analysis" ,
"uuid" : "5a9c4920-bdb0-4f4b-a934-4afe02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "33/66" ,
"category" : "Other" ,
"uuid" : "5a9c4921-3fe4-41ff-930d-414a02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-17T05:51:08" ,
"category" : "Other" ,
"uuid" : "5a9c4921-baac-499b-a38b-497c02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d5fc0820-91ec-4544-bdd4-2f87e2fa9467" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:41.000Z" ,
"modified" : "2018-03-04T19:29:41.000Z" ,
"pattern" : "[file:hashes.MD5 = '1acd45c751fa80ae8fc860b9f4127f5e' AND file:hashes.SHA1 = '4229896d61a5ad57ed5c247228606ce62c7032d0' AND file:hashes.SHA256 = 'ac0d7424715b79b4e73c427336e1ce08ec14fb74fd9bc3ab0a2057e1de256c97']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:41Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--05084373-ae18-4394-b9f2-e740d2b08ccc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:39.000Z" ,
"modified" : "2018-03-04T19:29:39.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/ac0d7424715b79b4e73c427336e1ce08ec14fb74fd9bc3ab0a2057e1de256c97/analysis/1520026930/" ,
"category" : "External analysis" ,
"uuid" : "5a9c4923-bc10-4544-9c41-400102de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "37/67" ,
"category" : "Other" ,
"uuid" : "5a9c4924-731c-4119-84e7-440c02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-03-02T21:42:10" ,
"category" : "Other" ,
"uuid" : "5a9c4924-0830-48d6-b53b-417d02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--58f55dfa-eed0-4746-9069-5146ed2103fc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:43.000Z" ,
"modified" : "2018-03-04T19:29:43.000Z" ,
"pattern" : "[file:hashes.MD5 = '41e9397a9e0f9770ac3342bc353528d5' AND file:hashes.SHA1 = '01530adb3f947fabebae5d9c04fb69f9000c3cef' AND file:hashes.SHA256 = '0aaf6668fdb194d74c3c83bc6bd098588f1d3884b7f05429a8e3bdb0a3d48f40']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:43Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--cb61e17c-f9cd-493c-96c5-ea78e5ae6961" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:42.000Z" ,
"modified" : "2018-03-04T19:29:42.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/0aaf6668fdb194d74c3c83bc6bd098588f1d3884b7f05429a8e3bdb0a3d48f40/analysis/1516171550/" ,
"category" : "External analysis" ,
"uuid" : "5a9c4926-7bc4-446d-9604-417402de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "38/66" ,
"category" : "Other" ,
"uuid" : "5a9c4926-5760-45c9-967a-46f602de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-17T06:45:50" ,
"category" : "Other" ,
"uuid" : "5a9c4926-0928-4049-9d16-4f5102de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--97a7c6eb-3a2f-432b-8e97-b106d469e964" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:46.000Z" ,
"modified" : "2018-03-04T19:29:46.000Z" ,
"pattern" : "[file:hashes.MD5 = 'eac38d878c466ec7f7df1cd8153dfb2f' AND file:hashes.SHA1 = '7113aaab61cacb6086c5531a453adf82ca7e7d03' AND file:hashes.SHA256 = 'ca2ac4409093b8865dad6f821fbfb2cc768351e0585b4327123a7a67323e2eb4']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:46Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--f6ae7fb6-d975-4d07-a411-06fe28c989d2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:44.000Z" ,
"modified" : "2018-03-04T19:29:44.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/ca2ac4409093b8865dad6f821fbfb2cc768351e0585b4327123a7a67323e2eb4/analysis/1520006842/" ,
"category" : "External analysis" ,
"uuid" : "5a9c4928-6d04-4782-9651-49a302de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "23/66" ,
"category" : "Other" ,
"uuid" : "5a9c4928-e1b4-4334-b497-46fe02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-03-02T16:07:22" ,
"category" : "Other" ,
"uuid" : "5a9c4928-5bfc-4346-b69e-4bb702de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c66c5308-cc4a-4435-b9a5-bcd7e48550fd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:48.000Z" ,
"modified" : "2018-03-04T19:29:48.000Z" ,
"pattern" : "[file:hashes.MD5 = 'e69500f133b4f02d7ead478af8e7e29d' AND file:hashes.SHA1 = 'fe32d29fa16b1b71cd27b23a78ee9f6b7791bff3' AND file:hashes.SHA256 = '909d70f6d91957b20a8ed09bcd881fb1416d23b63083c03840edc8c80d256a15']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--835ea6a0-be27-4835-8496-15b1400125ca" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:46.000Z" ,
"modified" : "2018-03-04T19:29:46.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/909d70f6d91957b20a8ed09bcd881fb1416d23b63083c03840edc8c80d256a15/analysis/1520006627/" ,
"category" : "External analysis" ,
"uuid" : "5a9c492a-e8dc-4dd4-85b9-465302de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "14/66" ,
"category" : "Other" ,
"uuid" : "5a9c492b-afc8-4224-946a-465102de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-03-02T16:03:47" ,
"category" : "Other" ,
"uuid" : "5a9c492b-e1d0-4def-9e6f-41fd02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--933893e5-8c93-4dbb-981b-5f13107031ba" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:50.000Z" ,
"modified" : "2018-03-04T19:29:50.000Z" ,
"pattern" : "[file:hashes.MD5 = '4a67dfd94df2581aeeefacdd8f97e7de' AND file:hashes.SHA1 = 'f3b62fea38cb44e15984d941445d24e6b309bc7b' AND file:hashes.SHA256 = '4588f52af10e123b050539fe48c317056e944b3ff0f9db9807cfcafaf74e1b8f']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--c4433d08-1723-4a90-9430-4550b1304464" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:49.000Z" ,
"modified" : "2018-03-04T19:29:49.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/4588f52af10e123b050539fe48c317056e944b3ff0f9db9807cfcafaf74e1b8f/analysis/1517608392/" ,
"category" : "External analysis" ,
"uuid" : "5a9c492d-c43c-42ec-98c0-4ccb02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "29/58" ,
"category" : "Other" ,
"uuid" : "5a9c492e-300c-4847-9d92-460a02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-02-02T21:53:12" ,
"category" : "Other" ,
"uuid" : "5a9c492e-fcc8-4b07-825f-44af02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cd84f8e1-762e-4825-b58e-abe40a0684dd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:53.000Z" ,
"modified" : "2018-03-04T19:29:53.000Z" ,
"pattern" : "[file:hashes.MD5 = '81aa0527c789098f90c38967b276e331' AND file:hashes.SHA1 = '4c7e975f95ebc47423923b855a7530af52977f57' AND file:hashes.SHA256 = 'fc2bcd38659ae83fd25b4f7091412ae9ba011612fa4dcc3ef665b2cae2a1d74f']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--edd18574-a310-410d-98e7-4094acb57a27" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:52.000Z" ,
"modified" : "2018-03-04T19:29:52.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/fc2bcd38659ae83fd25b4f7091412ae9ba011612fa4dcc3ef665b2cae2a1d74f/analysis/1520026931/" ,
"category" : "External analysis" ,
"uuid" : "5a9c4930-68ac-407b-a7db-429602de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "29/67" ,
"category" : "Other" ,
"uuid" : "5a9c4930-d048-42e9-a909-400c02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-03-02T21:42:11" ,
"category" : "Other" ,
"uuid" : "5a9c4930-4210-4e79-9c4d-48dd02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3e3ac655-c8ff-4a06-8907-6e36b7e29f7f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:56.000Z" ,
"modified" : "2018-03-04T19:29:56.000Z" ,
"pattern" : "[file:hashes.MD5 = '5ccfdca9b2a3628841accdedb33217fc' AND file:hashes.SHA1 = '66d2cea01b46c3353f4339a986a97b24ed89ee18' AND file:hashes.SHA256 = '86981680172bbf0865e7693fe5a2bbe9b3ba12b3f1a1536ef67915daab78004c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:56Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--50d5693d-a1f9-405a-96ff-86a8a80d3849" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:54.000Z" ,
"modified" : "2018-03-04T19:29:54.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/86981680172bbf0865e7693fe5a2bbe9b3ba12b3f1a1536ef67915daab78004c/analysis/1520009613/" ,
"category" : "External analysis" ,
"uuid" : "5a9c4932-f714-4515-99b4-4e8102de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "34/60" ,
"category" : "Other" ,
"uuid" : "5a9c4933-15e0-40d0-affb-4f3502de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-03-02T16:53:33" ,
"category" : "Other" ,
"uuid" : "5a9c4933-dfc4-4242-a5b4-44fc02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--354ee013-cc51-4dbc-a065-63407d7a79dc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:58.000Z" ,
"modified" : "2018-03-04T19:29:58.000Z" ,
"pattern" : "[file:hashes.MD5 = 'acd00e87feacbd91c1466af3102a14fd' AND file:hashes.SHA1 = '19d9573f0b2c2100accd562cc82d57adb12a57ec' AND file:hashes.SHA256 = 'f9ed92a747b9c3596a22af0be9064af50e8adb3547e9b74b1178d5ef340c772d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:29:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--667dd7e4-c149-42d7-b8da-2fa28338839b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:56.000Z" ,
"modified" : "2018-03-04T19:29:56.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/f9ed92a747b9c3596a22af0be9064af50e8adb3547e9b74b1178d5ef340c772d/analysis/1520096166/" ,
"category" : "External analysis" ,
"uuid" : "5a9c4934-a138-43d7-855d-4e5502de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "26/65" ,
"category" : "Other" ,
"uuid" : "5a9c4935-2da4-488c-8a2f-4ed102de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-03-03T16:56:06" ,
"category" : "Other" ,
"uuid" : "5a9c4935-7824-4228-b47d-440b02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ffde9d1b-07b8-4502-bc1c-8c61a050a0d1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:30:00.000Z" ,
"modified" : "2018-03-04T19:30:00.000Z" ,
"pattern" : "[file:hashes.MD5 = '587da1534b7ecf6fc8abc01f8c80c78b' AND file:hashes.SHA1 = 'f90a2155ac492c3c2d5e1d83e384e1a734e59cc0' AND file:hashes.SHA256 = '96c88682880bcb9e657f87ed7e0f4e47b13d0ddfd56abaf78707aa75e1e59fda']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:30:00Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--882a8ef5-40ac-432e-8cce-6c757d3dad16" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:29:59.000Z" ,
"modified" : "2018-03-04T19:29:59.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/96c88682880bcb9e657f87ed7e0f4e47b13d0ddfd56abaf78707aa75e1e59fda/analysis/1518154717/" ,
"category" : "External analysis" ,
"uuid" : "5a9c4937-2ce8-49cf-beeb-44de02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "29/66" ,
"category" : "Other" ,
"uuid" : "5a9c4938-9e50-43bf-8f04-436d02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-02-09T05:38:37" ,
"category" : "Other" ,
"uuid" : "5a9c4938-32a4-479c-8522-45dc02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d988240f-156a-4bef-95fe-5ae0aed363ef" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:30:03.000Z" ,
"modified" : "2018-03-04T19:30:03.000Z" ,
"pattern" : "[file:hashes.MD5 = '9b5f6d131519880c72b13b3dde5508b2' AND file:hashes.SHA1 = '85e2453b37602429596c9681a8c58a5c6faf8d0c' AND file:hashes.SHA256 = '0d4352322160339f87be70c2f3fe096500cfcdc95a8dea975fdfc457bd347c44']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:30:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--8459a3bb-9154-46f0-bc77-9f157f360bc8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:30:02.000Z" ,
"modified" : "2018-03-04T19:30:02.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/0d4352322160339f87be70c2f3fe096500cfcdc95a8dea975fdfc457bd347c44/analysis/1520005941/" ,
"category" : "External analysis" ,
"uuid" : "5a9c493a-9ff4-43cb-8207-45b502de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "36/59" ,
"category" : "Other" ,
"uuid" : "5a9c493a-b844-498e-b31d-499702de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-03-02T15:52:21" ,
"category" : "Other" ,
"uuid" : "5a9c493a-2a5c-4573-b88f-48ab02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8b9b4bf9-53db-44f1-93cb-6b2f285acd0d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:30:05.000Z" ,
"modified" : "2018-03-04T19:30:05.000Z" ,
"pattern" : "[file:hashes.MD5 = '828930dcd7c0bd10efceff42b79096c9' AND file:hashes.SHA1 = 'bca861a46d60831a3101c50f80a6d626fa99bf16' AND file:hashes.SHA256 = '60eee55b6ec18d81db6258277951e69cff31d518d821c566802d1408dd64f898']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:30:05Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--abfef57f-d54f-4348-b8fb-e89c39e87d10" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:30:04.000Z" ,
"modified" : "2018-03-04T19:30:04.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/60eee55b6ec18d81db6258277951e69cff31d518d821c566802d1408dd64f898/analysis/1520096471/" ,
"category" : "External analysis" ,
"uuid" : "5a9c493c-1a38-4193-99a5-4e4102de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "27/65" ,
"category" : "Other" ,
"uuid" : "5a9c493d-c668-4df5-86ce-477302de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-03-03T17:01:11" ,
"category" : "Other" ,
"uuid" : "5a9c493d-6380-4ee9-b6cf-454602de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e839410b-4086-442f-b5e0-ac197b937903" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:30:08.000Z" ,
"modified" : "2018-03-04T19:30:08.000Z" ,
"pattern" : "[file:hashes.MD5 = '9abd1767b449110a37f60c2dd41624d3' AND file:hashes.SHA1 = 'f684e15dd2e84bac49ea9b89f9b2646dc32a2477' AND file:hashes.SHA256 = '1c514d9fbd2210b6469174d234daf2cb19d6b098592409164eaa92f9af3b1e8b']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:30:08Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--f3f9b826-0e95-4e38-b843-da58ddbe059a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:30:06.000Z" ,
"modified" : "2018-03-04T19:30:06.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/1c514d9fbd2210b6469174d234daf2cb19d6b098592409164eaa92f9af3b1e8b/analysis/1520006158/" ,
"category" : "External analysis" ,
"uuid" : "5a9c493e-d4f8-4642-b78d-430802de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "18/66" ,
"category" : "Other" ,
"uuid" : "5a9c493f-6e5c-4095-b5d1-47b402de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-03-02T15:55:58" ,
"category" : "Other" ,
"uuid" : "5a9c493f-01d8-4c28-a0e4-4eb202de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b8494d13-1838-4cde-96ae-acd8f48e83a2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:30:10.000Z" ,
"modified" : "2018-03-04T19:30:10.000Z" ,
"pattern" : "[file:hashes.MD5 = '8d4210935ba3f15bd0e1ef5dbc9037a9' AND file:hashes.SHA1 = '9b832dda912cce6b23da8abf3881fcf4d2b7ce09' AND file:hashes.SHA256 = 'a15f8b68df8e444761a7475d3dce311e6315e8f8c43e5f4bfb4873040bc9c232']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:30:10Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--e4282726-dc94-4aed-a732-7045fe4d8ade" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:30:09.000Z" ,
"modified" : "2018-03-04T19:30:09.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/a15f8b68df8e444761a7475d3dce311e6315e8f8c43e5f4bfb4873040bc9c232/analysis/1520096221/" ,
"category" : "External analysis" ,
"uuid" : "5a9c4941-8a5c-4dc7-972f-462302de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "31/66" ,
"category" : "Other" ,
"uuid" : "5a9c4941-1560-4ce8-8564-4fbf02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-03-03T16:57:01" ,
"category" : "Other" ,
"uuid" : "5a9c4941-0d54-45a5-9143-4c4602de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8db98fbb-2cbf-4e8d-b3ea-fbf95bc53388" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:30:13.000Z" ,
"modified" : "2018-03-04T19:30:13.000Z" ,
"pattern" : "[file:hashes.MD5 = 'e00e2d202f5a4a84d895254d6c0d447f' AND file:hashes.SHA1 = '003e21b02be3248ff72cc2bfcd05bb161b6a2356' AND file:hashes.SHA256 = '2c5e5c86ca4fa172341c6bcbaa50984fb168d650ae9a33f2c6e6dccc1d57b369']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:30:13Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--176f32f4-a6bc-4cdc-9810-f05b6dc37aed" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:30:11.000Z" ,
"modified" : "2018-03-04T19:30:11.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/2c5e5c86ca4fa172341c6bcbaa50984fb168d650ae9a33f2c6e6dccc1d57b369/analysis/1520006289/" ,
"category" : "External analysis" ,
"uuid" : "5a9c4944-afdc-49fd-b2c2-483c02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "20/66" ,
"category" : "Other" ,
"uuid" : "5a9c4944-5910-4860-b2ed-415802de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-03-02T15:58:09" ,
"category" : "Other" ,
"uuid" : "5a9c4944-b25c-460d-ba89-4e9002de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--50ed765b-7319-4df8-ab5a-fec415cc1eb2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:30:15.000Z" ,
"modified" : "2018-03-04T19:30:15.000Z" ,
"pattern" : "[file:hashes.MD5 = '9b93066b085a7929aabbab8ccfd331be' AND file:hashes.SHA1 = '9b7c3c48bcef6330e3086de592b3223eb198744a' AND file:hashes.SHA256 = '42a782d342fb70169b07a5c2be054af49f88ffa92d04243b070b5b939eaa4465']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-03-04T19:30:15Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--df58b1a3-6916-4801-b680-d868be75750a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-03-04T19:30:14.000Z" ,
"modified" : "2018-03-04T19:30:14.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/42a782d342fb70169b07a5c2be054af49f88ffa92d04243b070b5b939eaa4465/analysis/1520009561/" ,
"category" : "External analysis" ,
"uuid" : "5a9c4946-f9dc-408d-8952-4aad02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "35/59" ,
"category" : "Other" ,
"uuid" : "5a9c4946-dcdc-4bf2-9331-4e8c02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-03-02T16:52:41" ,
"category" : "Other" ,
"uuid" : "5a9c4946-9100-4e21-b6df-4f3f02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--2157ebd8-1fed-4dc0-8a2c-b52d98219d41" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:15.000Z" ,
"modified" : "2018-03-04T19:30:15.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--2e961d04-28b4-4bb2-9733-a9eb1b50319c" ,
"target_ref" : "x-misp-object--09fa2b85-feaa-4636-9097-217bbf42c4e8"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--405c65b6-aa1c-42fb-8455-965603623b1d" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:15.000Z" ,
"modified" : "2018-03-04T19:30:15.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--6a4bcdf2-3620-4da2-9b36-deec766fdaf1" ,
"target_ref" : "x-misp-object--2ffa5aed-ea08-4422-8686-d2ba03550afd"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--029bfbef-b91f-4eb9-b80b-9b1f32867459" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:16.000Z" ,
"modified" : "2018-03-04T19:30:16.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--33266df5-c97f-4067-8738-8912d5f44104" ,
"target_ref" : "x-misp-object--b287872a-da15-4eeb-9420-7eb029fddac9"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--1f79c85a-cc31-47e8-a8c0-93e48a849aff" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:16.000Z" ,
"modified" : "2018-03-04T19:30:16.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--bf7c6241-225f-4187-bcb9-451fdb15ecda" ,
"target_ref" : "x-misp-object--32b43043-8774-440d-b442-ce1eaea26709"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--4bf51ec6-ccba-4126-8aa8-6c24590dbe62" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:16.000Z" ,
"modified" : "2018-03-04T19:30:16.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--04640a00-f2ab-4c38-8b33-2df082780575" ,
"target_ref" : "x-misp-object--378c8adb-0b81-4d33-9176-a03c16216593"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--8502e6c5-b910-498b-80d6-d9a3150b97ec" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:16.000Z" ,
"modified" : "2018-03-04T19:30:16.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--8c8f576e-3820-4e89-ba34-12a566864e58" ,
"target_ref" : "x-misp-object--2c9eaabb-ebc9-4309-b7c7-ef1ac1c59145"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--0828290e-6ca4-48ce-a3c7-4b2594b3a79a" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:16.000Z" ,
"modified" : "2018-03-04T19:30:16.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--514a1f78-bf75-4f64-898a-4e2be87489d5" ,
"target_ref" : "x-misp-object--9d63c363-35ff-45fb-9535-c26c9788f769"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--1c24e903-1654-4f03-b40c-1f4437b37ea3" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:16.000Z" ,
"modified" : "2018-03-04T19:30:16.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--a2063520-46ea-4639-8633-cf5381334d18" ,
"target_ref" : "x-misp-object--28105c15-e542-4dad-a548-faae9d5e4769"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--4fb4bba0-0e3d-4cbc-8f43-560c6925603a" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:16.000Z" ,
"modified" : "2018-03-04T19:30:16.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--d5fc0820-91ec-4544-bdd4-2f87e2fa9467" ,
"target_ref" : "x-misp-object--05084373-ae18-4394-b9f2-e740d2b08ccc"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--a0292774-13d2-4fe7-aeba-018127a337c9" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:16.000Z" ,
"modified" : "2018-03-04T19:30:16.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--58f55dfa-eed0-4746-9069-5146ed2103fc" ,
"target_ref" : "x-misp-object--cb61e17c-f9cd-493c-96c5-ea78e5ae6961"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--6e506fdd-66b2-4a7d-842b-6bf3a4455164" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:16.000Z" ,
"modified" : "2018-03-04T19:30:16.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--97a7c6eb-3a2f-432b-8e97-b106d469e964" ,
"target_ref" : "x-misp-object--f6ae7fb6-d975-4d07-a411-06fe28c989d2"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--cbe9f8bd-1d89-4b60-8a7a-5278384c24a9" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:16.000Z" ,
"modified" : "2018-03-04T19:30:16.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--c66c5308-cc4a-4435-b9a5-bcd7e48550fd" ,
"target_ref" : "x-misp-object--835ea6a0-be27-4835-8496-15b1400125ca"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--4ae971f2-e899-45d1-87e5-df62109b0419" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:16.000Z" ,
"modified" : "2018-03-04T19:30:16.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--933893e5-8c93-4dbb-981b-5f13107031ba" ,
"target_ref" : "x-misp-object--c4433d08-1723-4a90-9430-4550b1304464"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--2edfad6d-813f-4bae-bbbc-a8eb5c866f8b" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:16.000Z" ,
"modified" : "2018-03-04T19:30:16.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--cd84f8e1-762e-4825-b58e-abe40a0684dd" ,
"target_ref" : "x-misp-object--edd18574-a310-410d-98e7-4094acb57a27"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--2bf73a27-46b9-46f5-a890-cd4ec2e16ee6" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:16.000Z" ,
"modified" : "2018-03-04T19:30:16.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--3e3ac655-c8ff-4a06-8907-6e36b7e29f7f" ,
"target_ref" : "x-misp-object--50d5693d-a1f9-405a-96ff-86a8a80d3849"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--bb313b13-fc64-488c-9055-3e56f8437815" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:16.000Z" ,
"modified" : "2018-03-04T19:30:16.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--354ee013-cc51-4dbc-a065-63407d7a79dc" ,
"target_ref" : "x-misp-object--667dd7e4-c149-42d7-b8da-2fa28338839b"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--58ac2e7d-61d9-4f8c-b9a5-cf7057bd7ee5" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:16.000Z" ,
"modified" : "2018-03-04T19:30:16.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--ffde9d1b-07b8-4502-bc1c-8c61a050a0d1" ,
"target_ref" : "x-misp-object--882a8ef5-40ac-432e-8cce-6c757d3dad16"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--3f947d46-5d35-4443-9c14-d9ad2e20a530" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:17.000Z" ,
"modified" : "2018-03-04T19:30:17.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--d988240f-156a-4bef-95fe-5ae0aed363ef" ,
"target_ref" : "x-misp-object--8459a3bb-9154-46f0-bc77-9f157f360bc8"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--cb360683-2d6f-49a4-837f-19026ae9fb34" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:17.000Z" ,
"modified" : "2018-03-04T19:30:17.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--8b9b4bf9-53db-44f1-93cb-6b2f285acd0d" ,
"target_ref" : "x-misp-object--abfef57f-d54f-4348-b8fb-e89c39e87d10"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--f19b449f-6c13-41c9-8799-782a4028c3d6" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:17.000Z" ,
"modified" : "2018-03-04T19:30:17.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--e839410b-4086-442f-b5e0-ac197b937903" ,
"target_ref" : "x-misp-object--f3f9b826-0e95-4e38-b843-da58ddbe059a"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--a057ad4c-1bfb-49c5-b30e-f5c2d8b15bf5" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:17.000Z" ,
"modified" : "2018-03-04T19:30:17.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--b8494d13-1838-4cde-96ae-acd8f48e83a2" ,
"target_ref" : "x-misp-object--e4282726-dc94-4aed-a732-7045fe4d8ade"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--bedbb061-b0bf-4553-a2f6-9ca2a368976b" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:17.000Z" ,
"modified" : "2018-03-04T19:30:17.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--8db98fbb-2cbf-4e8d-b3ea-fbf95bc53388" ,
"target_ref" : "x-misp-object--176f32f4-a6bc-4cdc-9810-f05b6dc37aed"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--7ddeb35d-b3ce-4f90-976a-47c6c4b9c6d2" ,
2023-06-14 17:31:25 +00:00
"created" : "2018-03-04T19:30:17.000Z" ,
"modified" : "2018-03-04T19:30:17.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--50ed765b-7319-4df8-ab5a-fec415cc1eb2" ,
"target_ref" : "x-misp-object--df58b1a3-6916-4801-b680-d868be75750a"
} ,
{
"type" : "marking-definition" ,
"spec_version" : "2.1" ,
"id" : "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ,
"created" : "2017-01-20T00:00:00.000Z" ,
"definition_type" : "tlp" ,
"name" : "TLP:WHITE" ,
"definition" : {
"tlp" : "white"
}
}
2023-04-21 13:25:09 +00:00
]
}
