adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/5c5201f6-e414-4dc2-be61-4f4502de0b81.json

399 lines
282 KiB
JSON
Raw Normal View History

chg: [feed] added
2023-04-21 13:25:09 +00:00
{
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"type": "bundle",
"id": "bundle--5c5201f6-e414-4dc2-be61-4f4502de0b81",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:03:39.000Z",
"modified": "2019-01-30T20:03:39.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5c5201f6-e414-4dc2-be61-4f4502de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:03:39.000Z",
"modified": "2019-01-30T20:03:39.000Z",
"name": "OSINT - Cisco Job Posting Targets Korean Candidates",
"published": "2019-01-30T20:05:21Z",
"object_refs": [
"observed-data--5c520202-8d5c-44ca-8470-40ce02de0b81",
"url--5c520202-8d5c-44ca-8470-40ce02de0b81",
"x-misp-attribute--5c520214-741c-4008-8f48-e23902de0b81",
"observed-data--5c520233-b77c-4045-b967-4abc02de0b81",
"domain-name--5c520233-b77c-4045-b967-4abc02de0b81",
"indicator--5c520245-4460-41ab-b89e-405b02de0b81",
"indicator--5c520257-fdd4-4c61-8b0f-445902de0b81",
"observed-data--5c52027a-a0a8-492d-8ed5-43ee02de0b81",
"domain-name--5c52027a-a0a8-492d-8ed5-43ee02de0b81",
"observed-data--5c52027a-b1b0-45dd-8c9c-4ac702de0b81",
"domain-name--5c52027a-b1b0-45dd-8c9c-4ac702de0b81",
"observed-data--5c5202d0-e2fc-4be4-bf46-406f02de0b81",
"file--5c5202d0-e2fc-4be4-bf46-406f02de0b81",
"artifact--5c5202d0-e2fc-4be4-bf46-406f02de0b81",
"indicator--db2f6f9a-9fd2-4815-ab19-3e80b630afee",
"x-misp-object--83ffea5f-5ac1-4359-a694-73fe84275425",
"indicator--30e63e4f-a33b-4e63-85a6-37485fb077a2",
"x-misp-object--4dcb8302-c888-44dc-bb62-d35f09261019",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"relationship--395b6eb0-7b78-4485-9284-266d776071c1",
"relationship--f618679b-8324-4092-a868-39b4519e97b0"
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5c520202-8d5c-44ca-8470-40ce02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T19:58:58.000Z",
"modified": "2019-01-30T19:58:58.000Z",
"first_observed": "2019-01-30T19:58:58Z",
"last_observed": "2019-01-30T19:58:58Z",
"number_observed": 1,
"object_refs": [
"url--5c520202-8d5c-44ca-8470-40ce02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5c520202-8d5c-44ca-8470-40ce02de0b81",
"value": "https://blog.talosintelligence.com/2019/01/fake-korean-job-posting.html"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5c520214-741c-4008-8f48-e23902de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T19:59:16.000Z",
"modified": "2019-01-30T19:59:16.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "Cisco Talos recently observed a targeted malware campaign being leveraged in an attempt to compromise specific organizations. The infection vector associated with this campaign was a Microsoft Word document that was disguised as a job posting for Cisco Korea, and leveraged legitimate content available as part of job postings on various websites. EST Security also described this campaign in a blog post this week. This malicious Office document appears to have been the initial portion of what was designed to be a multi-stage infection process. \r\n\r\nDuring our analysis of this campaign, we located additional samples that we believe are linked to multiple previous campaigns associated with the same threat actor. Each of the campaigns leveraged malicious documents and initial stage payloads that all featured similar tactics, techniques, and procedures (TTP). Due to the targeted nature of this campaign, the lack of widespread indicator of compromise data, and the apparent nature of the targeting, this appears to be associated with a sophisticated attacker. This sort of attack has become more common as threat actors continue to target users to gain an initial foothold in environments. Organizations are encouraged to employ a defense-in-depth approach to security and disallow the execution of macros where possible."
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5c520233-b77c-4045-b967-4abc02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:01:17.000Z",
"modified": "2019-01-30T20:01:17.000Z",
"first_observed": "2019-01-30T20:01:17Z",
"last_observed": "2019-01-30T20:01:17Z",
"number_observed": 1,
"object_refs": [
"domain-name--5c520233-b77c-4045-b967-4abc02de0b81"
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--5c520233-b77c-4045-b967-4abc02de0b81",
"value": "ilovesvc.com"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c520245-4460-41ab-b89e-405b02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:00:05.000Z",
"modified": "2019-01-30T20:00:05.000Z",
"description": "the Office document",
"pattern": "[file:hashes.SHA256 = 'bf27c1631ef64c1e75676375a85d48f8ae97e1ea9a5f67c2beefc02c609fc18b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-01-30T20:00:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c520257-fdd4-4c61-8b0f-445902de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:00:23.000Z",
"modified": "2019-01-30T20:00:23.000Z",
"description": "PE32",
"pattern": "[file:hashes.SHA256 = '1497ab6ddccf91ef7f2cd75ce020bb3bf39979210351deaa6e0025997ddfda5a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-01-30T20:00:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5c52027a-a0a8-492d-8ed5-43ee02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:00:58.000Z",
"modified": "2019-01-30T20:00:58.000Z",
"first_observed": "2019-01-30T20:00:58Z",
"last_observed": "2019-01-30T20:00:58Z",
"number_observed": 1,
"object_refs": [
"domain-name--5c52027a-a0a8-492d-8ed5-43ee02de0b81"
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--5c52027a-a0a8-492d-8ed5-43ee02de0b81",
"value": "www.secuvision.co.kr"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5c52027a-b1b0-45dd-8c9c-4ac702de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:00:58.000Z",
"modified": "2019-01-30T20:00:58.000Z",
"first_observed": "2019-01-30T20:00:58Z",
"last_observed": "2019-01-30T20:00:58Z",
"number_observed": 1,
"object_refs": [
"domain-name--5c52027a-b1b0-45dd-8c9c-4ac702de0b81"
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--5c52027a-b1b0-45dd-8c9c-4ac702de0b81",
"value": "www.syadplus.com"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5c5202d0-e2fc-4be4-bf46-406f02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:02:24.000Z",
"modified": "2019-01-30T20:02:24.000Z",
"first_observed": "2019-01-30T20:02:24Z",
"last_observed": "2019-01-30T20:02:24Z",
"number_observed": 1,
"object_refs": [
"file--5c5202d0-e2fc-4be4-bf46-406f02de0b81",
"artifact--5c5202d0-e2fc-4be4-bf46-406f02de0b81"
],
"labels": [
"misp:type=\"attachment\"",
"misp:category=\"Payload delivery\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--5c5202d0-e2fc-4be4-bf46-406f02de0b81",
"name": "image11.jpg",
"content_ref": "artifact--5c5202d0-e2fc-4be4-bf46-406f02de0b81"
},
{
"type": "artifact",
"spec_version": "2.1",
"id": "artifact--5c5202d0-e2fc-4be4-bf46-406f02de0b81",
"payload_bin": "/9j/4AAQSkZJRgABAQAAAQABAAD/4QBgRXhpZgAASUkqAAgAAAACADEBAgAHAAAAJgAAAGmHBAABAAAALgAAAAAAAABHb29nbGUAAAMAAJAHAAQAAAAwMjIwAqAEAAEAAABABgAAA6AEAAEAAAB9BAAAAAAAAP/bAIQAAwICCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICggICAgJCQkICAsNCggNCAgJCAEDBAQGBQYIBgYICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI/8AAEQgEfQZAAwEiAAIRAQMRAf/EAB0AAQABBQEBAQAAAAAAAAAAAAAGAQIEBQcICQP/xABoEAABBAECAwMFCA4IAgYGARUBAAIDBAUREgYTIQcUMQgVIkFRFhgzU5GS0dMjJDI0UlRhcXKBk5Sy8AlCVXOVsbPUocEXJTVDdNImYnW0wuE2RYKEo7XxJ0RWY3aDojeW5BlGZGXE/8QAGwEBAAIDAQEAAAAAAAAAAAAAAAEDAgQFBgf/xABEEQEAAQIBCQQIBAQFAwQDAAAAAQIRAwQSExUhMVFSkhZB0eEFU2FxkaGi0gYiMoEUQmKTM7HB4vBDcoIHI1SyNETC/9oADAMBAAIRAxEAPwD6nWLAaCSdAFoZ+NYWkgkjTp4KvGsxbCSFIAEEa93sHtT3ewe1SVEEa93sHtT3ewe1SVNUEa93sHtT3ewe1SUKuiCM+72D2p7vYPapKii4jXu9g9qe72D2qSopEa93sHtT3ewe1SbRNEEZ93sHtT3ewe1SbRNEEZ93sHtT3ewe1SbRNEEZ93sHtT3ewe1SbRNEEZ93sHtT3ewe1SbRNEEZ93sHtT3ewe1SVFFxGvd7B7U93sHtUm0TRSIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaII9BxtC46An9S3tawHDUHUFXlaHgucuiBJ1/wDvlB+PHnwB/UpISo3x58Af1KRuUSLXPWmv8bU4vhbdaP8ATmjb/E4Lw35bXHOUZmTUo2LbGCoyYx1ZJQegeZHlsZHotaNXH1DReWMvjsnMRzmXZSYuf9kEzyYdu/nekCeXs9IuPo+HVenyX0JpqKMSrFinPi8R3uHj+kpoqqopombd/c+zWMzMUzBJDJHNGdQHxObI0kHQ6OaSDofHr0WYCvA/kpYihNjqkMpz7ZpJXs305cjDSaS9wBD4HNgZ/wCsflXpnsOhdDbzFLmzSw1J67YTYlfPK0SQcxwdLIS53UjTUrlZRkeiqri8zm8YteLxGzb7W/g5RnxTNt/B2BquVrVcubE3huvzL1XmLyzwBin5HO5qCxbuiKvI0wshtzwtZuc4dAx7fUNPALrn/QTW/G8p/iVv61bWLgU4U2qr7ondxi6+qiKd8913Sd6vaV5U7Y8I/GZLBsrXL+yzaLZmy3LEzXNbJBtG17yOu9w9nUr1U1Y4mDmU01XvFcTMftNmNdGbETe91yoSqrX57MtrxPlfrtYNTp4/mVCpnEqoK83RdpBntiWeeaGEaERxF3UeIBDXDqfzeC6rR7ZaD9GiRw9Wr2lvyl3rQT1Fj1bjZAHMcHNPgQQQVkICIiAqEoVDu1LtEjxlSSy8bi3oxg8Xu9QH5fX6/BZ0UTXVFNMXmWFVUUxeUuc5U3rhXZzeys9a/fuu5bJqr3VoW6gx7WvcH69PSI066A9F5b4czOWd3WeXJXYa09h0TZufNK1j2vYDuZvYCz0vAuC6eD6PnFmuNJTGZ79vsj2ubiZfFGbObVaqfZs9s7X0d1VVq+HtRBCC/mkRR6yabeYdjfT01O3d46a+tbMFcqdk29tnUibxdVEVFCVUREBERAREQEREBERAREQEREBERARUK0HEfHlKmWi3br1i/UsE8scW7Tx27yNdPyIJAi1+Dz0NmMTV5Y5ona7ZInNex2njo5pIKzXv06/zogvRRB/azjBHzjkKYi5nJ5hsRbOaBuMe7dpvDRqW+K2mF4yq2YnTV7MM8TN26SKRj2N2jV2rmu0Gn5fBBu0WowHFFe0zm1Z4rEe4t5kMjZGbhpq3c0kajXTTVW4ji6rYfLFBYhmkgcWTMjka98TgS3bI1p1a4EEEEepBuUUcxPaHRnmdXhuVpZ2bt0MczHyt2fdaxtduG316hLHaHQZYFR12s20SAK5njExJGoHLLt2ugPQBBI0VmqxaWXikdI2ORj3RO2SBrgSx+gIa8Dq0kEHr6igzUWBFl4zK6ASMMzWCR0W4F4Y46BxaDuDT4AkLOQVRYNnLxskjidIxskgcY4y4B7wzQvLWnqQwEEkJBl43vkibIx0kW3mMBBczeNW72jq3cBqNfEdUGcitcVgVs3E90rWSsc6E7ZmhzSYnFu8NkAPonaQ7r6kGxRRGXtYxjY+c7I0xFvMRkNmIM5jdSWbi4DcB1LfFSTGZKOaNksT2yRyNDmSMIcx7T4FrhqCD7UGUiwbOWjZJHE6RjZJt3KY5wD5Njdz9jToXbW9Tp4K
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--db2f6f9a-9fd2-4815-ab19-3e80b630afee",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:03:38.000Z",
"modified": "2019-01-30T20:03:38.000Z",
"pattern": "[file:hashes.MD5 = 'c067345667eded99610e51042a14081a' AND file:hashes.SHA1 = 'ea9bd89535c250c7bb7d98d10971ca586a574c53' AND file:hashes.SHA256 = '1497ab6ddccf91ef7f2cd75ce020bb3bf39979210351deaa6e0025997ddfda5a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-01-30T20:03:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--83ffea5f-5ac1-4359-a694-73fe84275425",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:03:39.000Z",
"modified": "2019-01-30T20:03:39.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-07-03T03:11:00",
"category": "Other",
"uuid": "2f301aee-3a07-4315-a9fe-35f15b9d6423"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/1497ab6ddccf91ef7f2cd75ce020bb3bf39979210351deaa6e0025997ddfda5a/analysis/1499051460/",
"category": "External analysis",
"uuid": "e6031ce3-dc7d-4d15-a1ea-635e060a2f02"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "32/62",
"category": "Other",
"uuid": "36547772-c3a7-4c9a-a7ad-cf22d140afe5"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--30e63e4f-a33b-4e63-85a6-37485fb077a2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:03:39.000Z",
"modified": "2019-01-30T20:03:39.000Z",
"pattern": "[file:hashes.MD5 = 'fbd1cd15019c0dd6659a59bc93b8596f' AND file:hashes.SHA1 = '050dbe26683f5d39c8773da4a4b7d3dd28addc00' AND file:hashes.SHA256 = 'bf27c1631ef64c1e75676375a85d48f8ae97e1ea9a5f67c2beefc02c609fc18b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-01-30T20:03:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--4dcb8302-c888-44dc-bb62-d35f09261019",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:03:39.000Z",
"modified": "2019-01-30T20:03:39.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-01-30T10:52:43",
"category": "Other",
"uuid": "e27a0948-b861-4c5a-8bed-1e7733ad3f54"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/bf27c1631ef64c1e75676375a85d48f8ae97e1ea9a5f67c2beefc02c609fc18b/analysis/1548845563/",
"category": "External analysis",
"uuid": "61389d49-4a4d-4917-bbef-dce3db7cffae"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "34/58",
"category": "Other",
"uuid": "ae01b2c6-6e9f-4e1e-93e7-5fc722af7bcd"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--395b6eb0-7b78-4485-9284-266d776071c1",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2019-01-30T20:03:39.000Z",
"modified": "2019-01-30T20:03:39.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--db2f6f9a-9fd2-4815-ab19-3e80b630afee",
"target_ref": "x-misp-object--83ffea5f-5ac1-4359-a694-73fe84275425"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
"id": "relationship--f618679b-8324-4092-a868-39b4519e97b0",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"created": "2019-01-30T20:03:39.000Z",
"modified": "2019-01-30T20:03:39.000Z",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--30e63e4f-a33b-4e63-85a6-37485fb077a2",
"target_ref": "x-misp-object--4dcb8302-c888-44dc-bb62-d35f09261019"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
]
}
Reference in a new issue Copy permalink