misp-circl-feed/feeds/circl/misp/5c63ef49-0754-4a05-b712-e88b950d210f.json

4603 lines
696 KiB
JSON
Raw Normal View History

2023-04-21 13:25:09 +00:00
{
2023-06-14 17:31:25 +00:00
"type": "bundle",
"id": "bundle--5c63ef49-0754-4a05-b712-e88b950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:23.000Z",
"modified": "2019-02-13T15:29:23.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5c63ef49-0754-4a05-b712-e88b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:23.000Z",
"modified": "2019-02-13T15:29:23.000Z",
"name": "OSINT - ChessMaster Makes its Move: A Look into the Campaign\u00e2\u20ac\u2122s Cyberespionage Arsenal",
"published": "2019-02-13T15:30:11Z",
"object_refs": [
"observed-data--5c63efca-89e8-41d6-92dc-4b22950d210f",
"url--5c63efca-89e8-41d6-92dc-4b22950d210f",
"observed-data--5c63f07d-7218-48c7-8b99-40d9950d210f",
"file--5c63f07d-7218-48c7-8b99-40d9950d210f",
"artifact--5c63f07d-7218-48c7-8b99-40d9950d210f",
"indicator--5c63f51e-4ca4-4ea7-9061-427b950d210f",
"indicator--5c63f51f-44f4-425d-9480-4bda950d210f",
"indicator--5c63f51f-9b30-44bd-93f9-41f2950d210f",
"indicator--5c63f51f-46e0-49ac-a6cb-4611950d210f",
"indicator--5c63f51f-bd8c-4e56-b984-4d82950d210f",
"indicator--5c63f51f-8498-49be-93ab-4c80950d210f",
"indicator--5c63f51f-a208-483a-8ce3-498e950d210f",
"indicator--5c63f51f-ed18-47d2-95c8-4812950d210f",
"indicator--5c63f51f-480c-4c2e-b153-4d78950d210f",
"indicator--5c63f520-8ddc-4ff5-8bb4-418f950d210f",
"indicator--5c63f520-16cc-4862-8fe8-49fe950d210f",
"indicator--5c63f520-c300-4f04-add2-49e8950d210f",
"indicator--5c63f520-d070-47f5-a062-4fb8950d210f",
"indicator--5c63f7f3-1660-4e32-b761-4fc6950d210f",
"indicator--5c63f82a-0ab4-417d-a2a7-43a8950d210f",
"indicator--5c6407dc-e880-4d14-8061-432a950d210f",
"indicator--5c640928-1920-4b32-be48-4641950d210f",
"indicator--5c640940-6268-46dd-9df9-4695950d210f",
"indicator--5c640969-fe8c-4b24-8d37-404d950d210f",
"indicator--5c64183e-683c-4344-abe0-4268950d210f",
"indicator--5c641888-187c-4923-98e6-4855950d210f",
"indicator--5c6418ce-013c-46b8-9792-4101950d210f",
"indicator--5c6418f2-1658-40d7-91f4-49fc950d210f",
"indicator--5c6419c4-f288-48ea-b9db-a733950d210f",
"indicator--5c6419f4-306c-46e6-b026-440c950d210f",
"indicator--5c641afc-d8d8-4afa-92f0-454e950d210f",
"indicator--5c641b0f-e784-44b1-8644-4583950d210f",
"indicator--5c64237d-4dc0-4eea-b88c-4b9a950d210f",
"indicator--5c642829-60e4-4d76-9889-44e0950d210f",
"indicator--5c64289b-aa64-4dbf-86e3-4746950d210f",
"indicator--5c6428b1-84e0-4944-ad45-4800950d210f",
"indicator--5c6428de-26f8-4a79-a49c-489f950d210f",
"indicator--5c6428f6-2554-4101-8b58-4194950d210f",
"indicator--5c642912-4ee8-4e61-94b8-4942950d210f",
"indicator--5c642a16-ca00-4240-a478-4687950d210f",
"indicator--5c642a30-7d70-49ac-8332-4c98950d210f",
"indicator--5c642a49-a404-4d34-9a71-4761950d210f",
"indicator--5c642a60-8044-4cb3-b579-422c950d210f",
"indicator--5c642a7b-214c-41f1-b7ea-4d19950d210f",
"indicator--5c642a92-b47c-40be-a43e-4d9c950d210f",
"indicator--5c642ab5-ba90-47e1-a82b-430f950d210f",
"indicator--5c642ad1-56ac-4b54-909c-4d1e950d210f",
"indicator--5c642afa-8a0c-47b4-9359-4ca2950d210f",
"indicator--5c642b13-c1b8-44d1-afac-4f9a950d210f",
"indicator--5c642b2f-e288-4d32-b582-4933950d210f",
"indicator--5c642b4d-f444-4bcc-bb96-4b43950d210f",
"indicator--5c642b77-e6bc-4179-b4af-4136950d210f",
"indicator--5c642b90-3bb0-4367-b98e-4eed950d210f",
"indicator--5c642bad-52c0-44d0-a16e-4775950d210f",
"indicator--5c642bcd-af44-425f-a948-4be1950d210f",
"indicator--5c642d74-6d48-430a-b5c3-44f9950d210f",
"indicator--5c642d95-848c-4f2e-a97b-4eab950d210f",
"indicator--5c642dce-80f4-41cb-93a3-491a950d210f",
"indicator--5c642de0-9a40-4978-9e04-40b9950d210f",
"indicator--fff0be4e-54e6-4038-9206-d96c4555c4c9",
"x-misp-object--4388bfdc-4a4f-4aa9-a13e-17a52cf22b1d",
"indicator--b7a0faf2-29c2-4381-9f63-3213e5b3da9a",
"x-misp-object--69735e3c-864c-481c-86c6-8ec4d4448846",
"indicator--f5804577-702b-4a53-88ad-6abb13449e9a",
"x-misp-object--de76a10e-ceac-41ce-8652-97d241f784b5",
"indicator--647b65ec-7d73-44c2-ae8c-ab080fed65b1",
"x-misp-object--a5f29727-ac0d-4247-8f78-e0aa5f9e3c88",
"indicator--2c29f3e1-f127-4fdd-8999-22bcaf281992",
"x-misp-object--3c46a337-6781-4bed-9c3e-68bb50ab8ea8",
"indicator--50aa4cdb-2585-48a6-99e0-7f713f06a229",
"x-misp-object--c9e089d2-332e-48f3-a1d2-7e11e76aeb74",
"indicator--17c3d31b-5f83-43ec-92ae-ffcd23c61a27",
"x-misp-object--85ea176d-de1e-497a-9837-b666e7074bd6",
"indicator--7c6961ca-5d99-4cbd-8948-439c050dc9d4",
"x-misp-object--e40aa0c7-8063-4ec7-8eaa-5d4e0934112f",
"indicator--b400f7d4-a844-43f8-9f6f-15670fa2c4c0",
"x-misp-object--e48e0d6e-d612-426b-9c63-b420a90ae5a8",
"indicator--01386435-635f-478b-9f3a-f50d1bedddcb",
"x-misp-object--893fd05b-7ae9-400c-967a-7b9354ba2cd0",
"indicator--48e70434-5c21-4be1-bc1f-b780b4d207b9",
"x-misp-object--d89a842f-a120-486c-9712-30971d8b25b8",
"indicator--cffa2b73-f39b-49e0-9824-745f68f99e49",
"x-misp-object--1624a039-f336-4b35-b1ad-89e032e4be42",
"indicator--f94110e1-dc59-4311-85d2-4e9c846925cf",
"x-misp-object--7760b61a-dbbd-4033-80e1-16e65ec75734",
"indicator--9781a7d0-f1fd-464b-a4a8-8be4779e3ee7",
"x-misp-object--ee47025e-eee5-4c8e-b1c2-9edf4ac1d336",
"indicator--7380e51e-2b4e-408d-82ce-cf5723eb13ae",
"x-misp-object--fd727e71-50a5-4910-936a-acbe15fd53de",
"indicator--b0e7f22f-e9d8-4e64-921f-bf6cf386541f",
"x-misp-object--f8340e59-acb0-48f3-b89c-80679d3caf99",
"indicator--8fa037cb-2f4c-434d-b4d3-9c6475d6bac1",
"x-misp-object--79543532-9364-4fed-a47e-bc13a4d0b09f",
"indicator--3dd0a7e3-1359-4772-95d0-5b81e80dcaab",
"x-misp-object--afe244a1-f7bc-49eb-af7f-b5220e9ddaaa",
"indicator--0891a364-b5f4-42c4-8f6d-5337c9be52d1",
"x-misp-object--2ebd5019-694e-44b0-b895-429aa15e4811",
"indicator--1c9a6b81-aa9c-4d3b-b227-42003244cffb",
"x-misp-object--15cb12ce-e005-4be5-9482-a583f0e50b0b",
"indicator--62d4ceec-e814-474e-a6e3-9e68c084cae0",
"x-misp-object--d2855be4-6ebb-47c2-ad86-741165666fa4",
"indicator--381d8ded-55ae-4efb-81cd-35ef6efcc504",
"x-misp-object--099e9c1a-b7d6-4426-a115-27e85ccb8fa7",
"indicator--05595d72-593e-4946-9dc5-24b30515dfce",
"x-misp-object--7d69e219-7501-4077-8921-48919763f43d",
"indicator--639cd46d-5965-4159-9bce-9d3d7274fbe1",
"x-misp-object--8906dc4a-8002-4d0d-9074-dd9b2ba7b5f1",
"indicator--fc256f20-e734-4e11-81a2-bb8ad2dcdfd9",
"x-misp-object--694806d8-22b7-4b09-ac37-4779a7fbc35b",
"indicator--bccc82fd-3774-48e4-be42-098ea820115d",
"x-misp-object--28c83e23-4c7f-4e8d-ada2-8e03d74fa173",
"indicator--288bfa31-7ccd-4d93-989c-9df70ff90f9b",
"x-misp-object--93bd8a81-3995-4312-90d9-68acac259128",
"indicator--8f353d3b-5d07-4e5a-99c5-a2519d203b3c",
"x-misp-object--951ddcdd-17e2-4a56-b66d-c921d543bf26",
"indicator--2d8c066c-87d3-4e7c-9bf0-cb14a2613f8b",
"x-misp-object--cf4e8ce1-02a5-4756-aa73-f0808d26e893",
"indicator--d7bca1e4-52c3-4c73-a770-55e812483901",
"x-misp-object--21d925a3-f03d-4337-85b0-daf30580a4e2",
"indicator--70d7c48c-f319-47bf-9c32-d4c986192b09",
"x-misp-object--695318d6-bc08-4cd2-833f-432f371f64f1",
"indicator--276c87a6-444b-4cfc-b4fb-840824cfdaf4",
"x-misp-object--2229647e-bb62-4241-8c89-9d0a1e41872b",
"indicator--c29a6db8-e2d9-43dc-a547-d82ac940180d",
"x-misp-object--2e73b918-dd7f-46ab-9c10-0b792ab16ac8",
"indicator--628b2c40-a54a-479d-8222-5ef217c3a617",
"x-misp-object--b7e45e34-229c-491f-b32a-377671af7a35",
"indicator--be7f953d-6b2e-4b1c-87ca-9240177cedaa",
"x-misp-object--de27e053-4806-489a-9cea-38e966b43179",
"indicator--4151d80d-b8d4-4aca-9def-86eb3b109026",
"x-misp-object--da2752ec-c5ed-45fc-828b-543b59dbd0ee",
"indicator--09630c42-c5ed-4979-8225-c764eacedfd1",
"x-misp-object--d404c92b-1a0d-444c-86c0-02d7ae47edbe",
"indicator--2c72a63b-8fc4-4126-be30-f07edeeb2be0",
"x-misp-object--d898f1fd-3317-4ba1-8219-8b965c69ede0",
"indicator--8f41ad1e-f4a3-4c32-beda-e7ee3ea8d52f",
"x-misp-object--b3a4c9be-5327-4083-8eb2-65484063def0",
"indicator--26b9c4a9-d9ba-4e22-b6f1-598839f9f6cf",
"x-misp-object--2eb53dc0-f967-43f8-92b7-f9e9b38e55a6",
"indicator--5cda82c1-3195-4326-9b01-4344c53bf9d7",
"x-misp-object--16fa906e-3189-4edc-9f49-3c63f85f8a7d",
2023-12-14 13:47:04 +00:00
"relationship--532cc70f-3290-48fc-90d1-2275deb0c222",
"relationship--9c62eace-ee8c-41de-bd7c-d4cbdfdb1123",
"relationship--7d41d4f0-7ef1-491b-ace4-babe29e98529",
"relationship--96146aab-b383-48d7-9698-2cbd9b978bc8",
"relationship--2dc3b2c4-7649-44f0-8fcb-2ad24d90f3b4",
"relationship--3c9391d3-4d23-4307-b869-b56aaea6c940",
"relationship--26986394-c525-42dc-9f2f-192832be0462",
"relationship--df7a2ab9-3c7f-4a39-954f-90edfb0a43ae",
"relationship--dda51c2d-c42a-4f80-9647-ac01416e3b20",
"relationship--cd7e6351-7fdf-4b31-8e4a-d239ca5bc973",
"relationship--1bfeb633-82d9-449a-a9a5-9184bbc40985",
"relationship--4db4968a-ea0a-4146-b197-e8901ca35bc4",
"relationship--907b3a67-a485-40dd-8fad-1734337e90d5",
"relationship--325c88a9-2527-41c0-a98a-4cce6c8da4ad",
"relationship--a8ee503b-932a-4577-b23f-a537b4153f93",
"relationship--77bd1223-4e4e-49de-921e-6086a959a39f",
"relationship--523021f4-13fb-4564-9621-33b809a69837",
"relationship--5dcb393b-0904-4add-93a5-8cb3387593b3",
"relationship--11c6b66d-1498-4c3a-8e0b-a9b9242a3dda",
"relationship--766dfcf6-552c-402b-a289-bbb0a518b519",
"relationship--8767dbca-19ed-42ff-9d5b-e9695fd0817d",
"relationship--a02b1989-4e68-46e2-8261-8f0007a2b2b3",
"relationship--90f3372f-2a3d-4eb6-b9a9-d58ee944f50f",
"relationship--825277e7-d187-4467-8b62-322bcb95d1e1",
"relationship--16cd31a9-db1f-4aa3-9a26-07b446af5629",
"relationship--b84c8c80-f8f7-499f-b8be-390b1bbd2eb7",
"relationship--8e7439c3-cd1b-4351-bf1d-a31ea1d781e0",
"relationship--0e4e4722-cc19-480b-8f9f-1ce468ef93ed",
"relationship--ffcd6ec9-db5d-422f-9c44-217bdf2adbd3",
"relationship--944dfa7c-f2a6-4a7f-aba4-840e3d9ba9d3",
"relationship--4b048f23-d760-4697-852f-32e4be231a6d",
"relationship--b9050abd-7f33-45fb-b1f2-b3168199191d",
"relationship--51539d21-3118-43dd-846e-d987d7ef4b0d",
"relationship--1f534d62-a6cb-44c9-b897-6e50a8425cbf",
"relationship--e3d223a8-8022-450f-9d8b-684a4d8c46d5",
"relationship--d7dd35c7-dca1-48ed-8edb-af6b90b68c42",
"relationship--010989f3-94b4-4efb-8c6c-b0b8b1854e47",
"relationship--9752b070-3a96-44d1-922b-ace4a1e664e3",
"relationship--3d438b78-85bd-4d5c-afbb-66e4fdd98c86",
"relationship--02a1e4b2-f5ee-40c9-90ae-c82b30c885d4",
"relationship--71360366-f4d5-4cf6-9ccd-354a243c5fea"
2023-06-14 17:31:25 +00:00
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"misp-galaxy:mitre-enterprise-attack-intrusion-set=\"menuPass\"",
"misp-galaxy:mitre-enterprise-attack-intrusion-set=\"menuPass - G0045\"",
"misp-galaxy:mitre-intrusion-set=\"menuPass\"",
"misp-galaxy:mitre-intrusion-set=\"menuPass - G0045\"",
"misp-galaxy:threat-actor=\"Stone Panda\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\"",
"osint:source-type=\"blog-post\"",
"osint:source-type=\"technical-report\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5c63efca-89e8-41d6-92dc-4b22950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T10:41:10.000Z",
"modified": "2019-02-13T10:41:10.000Z",
"first_observed": "2019-02-13T10:41:10Z",
"last_observed": "2019-02-13T10:41:10Z",
"number_observed": 1,
"object_refs": [
"url--5c63efca-89e8-41d6-92dc-4b22950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"blog-post\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5c63efca-89e8-41d6-92dc-4b22950d210f",
"value": "https://blog.trendmicro.com/trendlabs-security-intelligence/chessmaster-cyber-espionage-campaign/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5c63f07d-7218-48c7-8b99-40d9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T10:38:24.000Z",
"modified": "2019-02-13T10:38:24.000Z",
"first_observed": "2019-02-13T10:38:24Z",
"last_observed": "2019-02-13T10:38:24Z",
"number_observed": 1,
"object_refs": [
"file--5c63f07d-7218-48c7-8b99-40d9950d210f",
"artifact--5c63f07d-7218-48c7-8b99-40d9950d210f"
],
"labels": [
"misp:type=\"attachment\"",
"misp:category=\"External analysis\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\"",
"osint:source-type=\"technical-report\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--5c63f07d-7218-48c7-8b99-40d9950d210f",
"name": "Appendix-ChessMaster-Makes-its-Move-A-Look-into-the-Campaigns-Cyberespionage-Arsenal.pdf",
"content_ref": "artifact--5c63f07d-7218-48c7-8b99-40d9950d210f"
},
{
"type": "artifact",
"spec_version": "2.1",
"id": "artifact--5c63f07d-7218-48c7-8b99-40d9950d210f",
"payload_bin": "JVBERi0xLjUNCiW1tbW1DQoxIDAgb2JqDQo8PC9UeXBlL0NhdGFsb2cvUGFnZXMgMiAwIFIvTGFuZyhlbi1VUykgL1N0cnVjdFRyZWVSb290IDgzIDAgUi9NYXJrSW5mbzw8L01hcmtlZCB0cnVlPj4+Pg0KZW5kb2JqDQoyIDAgb2JqDQo8PC9UeXBlL1BhZ2VzL0NvdW50IDYvS2lkc1sgMyAwIFIgMzIgMCBSIDQzIDAgUiA1MyAwIFIgNTkgMCBSIDY5IDAgUl0gPj4NCmVuZG9iag0KMyAwIG9iag0KPDwvVHlwZS9QYWdlL1BhcmVudCAyIDAgUi9SZXNvdXJjZXM8PC9YT2JqZWN0PDwvSW1hZ2U1IDUgMCBSL0ltYWdlNyA3IDAgUi9JbWFnZTE0IDE0IDAgUi9JbWFnZTE2IDE2IDAgUi9JbWFnZTE4IDE4IDAgUi9JbWFnZTIwIDIwIDAgUi9JbWFnZTIyIDIyIDAgUi9JbWFnZTI0IDI0IDAgUi9JbWFnZTI2IDI2IDAgUi9JbWFnZTI4IDI4IDAgUi9JbWFnZTMwIDMwIDAgUj4+L0V4dEdTdGF0ZTw8L0dTNiA2IDAgUi9HUzExIDExIDAgUj4+L0ZvbnQ8PC9GMSA5IDAgUi9GMiAxMiAwIFI+Pi9Qcm9jU2V0Wy9QREYvVGV4dC9JbWFnZUIvSW1hZ2VDL0ltYWdlSV0gPj4vTWVkaWFCb3hbIDAgMCA2MTIgNzkyXSAvQ29udGVudHMgNCAwIFIvR3JvdXA8PC9UeXBlL0dyb3VwL1MvVHJhbnNwYXJlbmN5L0NTL0RldmljZVJHQj4+L1RhYnMvUy9TdHJ1Y3RQYXJlbnRzIDA+Pg0KZW5kb2JqDQo0IDAgb2JqDQo8PC9GaWx0ZXIvRmxhdGVEZWNvZGUvTGVuZ3RoIDQ3ND4+DQpzdHJlYW0NCnicjdRLT9tAEADguyX/hzkmB8Y7+14JIUECEVWRaPENcXBDcHMgocGX/vuOnYDXOFtFOdiR42+eGyju4fy8uJvdzkFcXMDVfAbF4sFC/Z5nf/LMkgTBHxf4isII4QIQLF/zrLh9reqVgfkWfuQZXN/NACKNDhojZCQa3zmB0BjQ0qA0YINqv/WYi7HictesX6pl05KXTVMtf6+e4bEot29PRfn3bVXcV/V6UzXr7eYQ66pk6YYgYLBQvnDkLiiBkyikBqcteg8lBxRQ828XD0RdqQIWefY4KadnZCa7qZqsNs/TJyi/5dk1oy38YYWA3g6s/ZNd/XH3s7O+T8/kpPr1/oUpbuQ4P5IKaZzfISs4QhCh0EdrVBrJdsbwzdGEZNS1r4gIaE5CVBqxnjM5xdD/MYxHe1Iipt835T163UFKof20yGKIto0bnthd21v8ru8lI9qSRpBNQS5KyjoUdpSU4RPhYsunLB9ZUrQbNLKsReUjTIoUFnosaAxqf8rbyR8owUczrlHK5EEXvSWVR7HvF/fIgxIeteF7Qhoklmw9Rf8b0rARek16PjgOiIMMy0z2n2TUNIXO9Jj2ApWGINHxrkRYcgCk4mm2dX1ihnggRzA1GMA/5moizg0KZW5kc3RyZWFtDQplbmRvYmoNCjUgMCBvYmoNCjw8L1R5cGUvWE9iamVjdC9TdWJ0eXBlL0ltYWdlL1dpZHRoIDYxMi9IZWlnaHQgNzkyL0NvbG9yU3BhY2UvRGV2aWNlUkdCL0JpdHNQZXJDb21wb25lbnQgOC9GaWx0ZXIvRENURGVjb2RlL0ludGVycG9sYXRlIHRydWUvTGVuZ3RoIDE2ODg4Pj4NCnN0cmVhbQ0K/9j/4AAQSkZJRgABAQEASABIAAD/4QBYRXhpZgAATU0AKgAAAAgABAExAAIAAAARAAAAPlEQAAEAAAABAQAAAFERAAQAAAABAAALE1ESAAQAAAABAAALEwAAAABBZG9iZSBJbWFnZVJlYWR5AAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAMYAmQDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD2/FLilxS4qhCYoxS4pcUgExRilxS4oATFGKXFLigBMUYpaKADFGKXFFACUYpaMUAGKKXFFACUYpaKADFGKMUuKAEopcUUAJRilooATFLijFGKADFFLijFACUUuKKAEopaKAEopaKAEopaKAExRilooATFGKWigBMUUtFACUUtFACUUtFACUUtFACUYpcUYoATFGKXFJigBMUUtFACUUtFACUYpcUYoATFJS4ooASjFLRQAmKSnYpMUAJRiloxQA3FGKXFFACYpMU6jFADcUmKdijFADcUmKdijFADcUmKdijFADMUU7FFMB2KMUuKXFIBMUYpaKADFFLiigBMUuKMUuKAEoxS0UAGKKMUuKAEopaKADFGKMUuKAEopaKAEoxS0UAGKKKMUAFFLijFACUUtFACUYpaKAExS4oooAMUYoooAMUYoooAKKMUYoAKKMUYoAKKMUYoAKKMUYoAMUYoooAMUYoooAMUYoooATFFLRQAlFLRQAlFLRigBKMUuKTFABikxS0UAJRS0UAJRilxRigBuKKWigBKKWjFACYpKXFFACUYpaMUANopaKAG4oxTsUlADcUYp2KTFADcUU7FFAC0uKKXFACUYpaKADFFLiigBKXFFGKACilxRQAlLiiigAooxS4oASilooATFLiiigAoooxQAUUuKKAEopaKAExRilopAGKMUUUAFFFFABRRRigAooxRigAooxS4oASilxRigBKKXFGKAEopcUmKACijFGKACijFFABRRRQAYoxRRQAYpMUtFACUUtFMBKKWjFACUUuKTFABRiiigBMUUtFACUUtGKAExSYpcUUAJRS0UAJikxTsUlACUUtGKAExSUuKKAExSYp1JigBKKWigBaMUtFABiilxRQAlLiiigAopcUUAJS4oooAKKKXFACUUuKKAExS4oopAFFFFABRRilxQAlFLRQAlGKWigAxRiiigAxRRRQMKKKKACiiigAooooAKKKKACijFGKACijFGKACiiigAooooAKKKKACiiigAooooEGKMUUUAJiilooASilooASilxRigBKKMUUAGKMUUUAJRS0UwEopcUmKADFJilooASiloxQAlGKMUUAJRS0YoATFJS4ooASilooAXFFFLigBKMUtFABRRS4oASilooAMUUUUgCiilxQAlFLRQAmKXFFFABRRRQMKKKMUAFFLijFACUUtFACUYpaKADFGKKKBBiiiigYUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFAgoxRRQMMUYoooATFGK
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c63f51e-4ca4-4ea7-9061-427b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T10:45:38.000Z",
"modified": "2019-02-13T10:45:38.000Z",
"description": "Command and Control (C&C) Server related to ChessMaster",
"pattern": "[domain-name:value = 'area.wthelpdesk.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T10:45:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\"",
"ecsirt:malicious-code=\"c&c\"",
"veris:action:malware:variety=\"C2\"",
"europol-incident:malware=\"c&c\"",
"veris:action:hacking:vector=\"Backdoor or C2\"",
"veris:action:hacking:variety=\"Use of backdoor or C2\"",
"riskiq:threat-type=\"c2\"",
"kill-chain:Command and Control",
"maec-malware-capabilities:maec-malware-capability=\"command-and-control\"",
" C2",
"europol-event:c&c-server-hosting"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c63f51f-44f4-425d-9480-4bda950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T10:45:33.000Z",
"modified": "2019-02-13T10:45:33.000Z",
"description": "Command and Control (C&C) Server related to ChessMaster",
"pattern": "[domain-name:value = 'dick.ccfchrist.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T10:45:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\"",
"ecsirt:malicious-code=\"c&c\"",
"veris:action:malware:variety=\"C2\"",
"europol-incident:malware=\"c&c\"",
"veris:action:hacking:vector=\"Backdoor or C2\"",
"veris:action:hacking:variety=\"Use of backdoor or C2\"",
"riskiq:threat-type=\"c2\"",
"kill-chain:Command and Control",
"maec-malware-capabilities:maec-malware-capability=\"command-and-control\"",
" C2",
"europol-event:c&c-server-hosting"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c63f51f-9b30-44bd-93f9-41f2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T10:45:37.000Z",
"modified": "2019-02-13T10:45:37.000Z",
"description": "Command and Control (C&C) Server related to ChessMaster",
"pattern": "[domain-name:value = 'fiveavmersi.websegoo.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T10:45:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\"",
"ecsirt:malicious-code=\"c&c\"",
"veris:action:malware:variety=\"C2\"",
"europol-incident:malware=\"c&c\"",
"veris:action:hacking:vector=\"Backdoor or C2\"",
"veris:action:hacking:variety=\"Use of backdoor or C2\"",
"riskiq:threat-type=\"c2\"",
"kill-chain:Command and Control",
"maec-malware-capabilities:maec-malware-capability=\"command-and-control\"",
" C2",
"europol-event:c&c-server-hosting"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c63f51f-46e0-49ac-a6cb-4611950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T10:45:36.000Z",
"modified": "2019-02-13T10:45:36.000Z",
"description": "Command and Control (C&C) Server related to ChessMaster",
"pattern": "[domain-name:value = 'fukuoka.cloud-maste.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T10:45:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\"",
"ecsirt:malicious-code=\"c&c\"",
"veris:action:malware:variety=\"C2\"",
"europol-incident:malware=\"c&c\"",
"veris:action:hacking:vector=\"Backdoor or C2\"",
"veris:action:hacking:variety=\"Use of backdoor or C2\"",
"riskiq:threat-type=\"c2\"",
"kill-chain:Command and Control",
"maec-malware-capabilities:maec-malware-capability=\"command-and-control\"",
" C2",
"europol-event:c&c-server-hosting"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c63f51f-bd8c-4e56-b984-4d82950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T10:45:38.000Z",
"modified": "2019-02-13T10:45:38.000Z",
"description": "Command and Control (C&C) Server related to ChessMaster",
"pattern": "[domain-name:value = 'kawasak.cloud-maste.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T10:45:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\"",
"ecsirt:malicious-code=\"c&c\"",
"veris:action:malware:variety=\"C2\"",
"europol-incident:malware=\"c&c\"",
"veris:action:hacking:vector=\"Backdoor or C2\"",
"veris:action:hacking:variety=\"Use of backdoor or C2\"",
"riskiq:threat-type=\"c2\"",
"kill-chain:Command and Control",
"maec-malware-capabilities:maec-malware-capability=\"command-and-control\"",
" C2",
"europol-event:c&c-server-hosting"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c63f51f-8498-49be-93ab-4c80950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T10:45:33.000Z",
"modified": "2019-02-13T10:45:33.000Z",
"description": "Command and Control (C&C) Server related to ChessMaster",
"pattern": "[domain-name:value = 'kawasaki.unhamj.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T10:45:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\"",
"ecsirt:malicious-code=\"c&c\"",
"veris:action:malware:variety=\"C2\"",
"europol-incident:malware=\"c&c\"",
"veris:action:hacking:vector=\"Backdoor or C2\"",
"veris:action:hacking:variety=\"Use of backdoor or C2\"",
"riskiq:threat-type=\"c2\"",
"kill-chain:Command and Control",
"maec-malware-capabilities:maec-malware-capability=\"command-and-control\"",
" C2",
"europol-event:c&c-server-hosting"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c63f51f-a208-483a-8ce3-498e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T10:45:31.000Z",
"modified": "2019-02-13T10:45:31.000Z",
"description": "Command and Control (C&C) Server related to ChessMaster",
"pattern": "[domain-name:value = 'messagea.emailfound.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T10:45:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\"",
"ecsirt:malicious-code=\"c&c\"",
"veris:action:malware:variety=\"C2\"",
"europol-incident:malware=\"c&c\"",
"veris:action:hacking:vector=\"Backdoor or C2\"",
"veris:action:hacking:variety=\"Use of backdoor or C2\"",
"riskiq:threat-type=\"c2\"",
"kill-chain:Command and Control",
"maec-malware-capabilities:maec-malware-capability=\"command-and-control\"",
" C2",
"europol-event:c&c-server-hosting"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c63f51f-ed18-47d2-95c8-4812950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T10:45:30.000Z",
"modified": "2019-02-13T10:45:30.000Z",
"description": "Command and Control (C&C) Server related to ChessMaster",
"pattern": "[domain-name:value = 'sakai.unhamj.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T10:45:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\"",
"ecsirt:malicious-code=\"c&c\"",
"veris:action:malware:variety=\"C2\"",
"europol-incident:malware=\"c&c\"",
"veris:action:hacking:vector=\"Backdoor or C2\"",
"veris:action:hacking:variety=\"Use of backdoor or C2\"",
"riskiq:threat-type=\"c2\"",
"kill-chain:Command and Control",
"maec-malware-capabilities:maec-malware-capability=\"command-and-control\"",
" C2",
"europol-event:c&c-server-hosting"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c63f51f-480c-4c2e-b153-4d78950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T10:45:31.000Z",
"modified": "2019-02-13T10:45:31.000Z",
"description": "Command and Control (C&C) Server related to ChessMaster",
"pattern": "[domain-name:value = 'scorpion.poulsenv.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T10:45:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\"",
"ecsirt:malicious-code=\"c&c\"",
"veris:action:malware:variety=\"C2\"",
"europol-incident:malware=\"c&c\"",
"veris:action:hacking:vector=\"Backdoor or C2\"",
"veris:action:hacking:variety=\"Use of backdoor or C2\"",
"riskiq:threat-type=\"c2\"",
"kill-chain:Command and Control",
"maec-malware-capabilities:maec-malware-capability=\"command-and-control\"",
" C2",
"europol-event:c&c-server-hosting"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c63f520-8ddc-4ff5-8bb4-418f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T10:45:27.000Z",
"modified": "2019-02-13T10:45:27.000Z",
"description": "Command and Control (C&C) Server related to ChessMaster",
"pattern": "[domain-name:value = 'shrimp.bdoncloud.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T10:45:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\"",
"ecsirt:malicious-code=\"c&c\"",
"veris:action:malware:variety=\"C2\"",
"europol-incident:malware=\"c&c\"",
"veris:action:hacking:vector=\"Backdoor or C2\"",
"veris:action:hacking:variety=\"Use of backdoor or C2\"",
"riskiq:threat-type=\"c2\"",
"kill-chain:Command and Control",
"maec-malware-capabilities:maec-malware-capability=\"command-and-control\"",
" C2",
"europol-event:c&c-server-hosting"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c63f520-16cc-4862-8fe8-49fe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T10:45:28.000Z",
"modified": "2019-02-13T10:45:28.000Z",
"description": "Command and Control (C&C) Server related to ChessMaster",
"pattern": "[domain-name:value = 'trout.belowto.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T10:45:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\"",
"ecsirt:malicious-code=\"c&c\"",
"veris:action:malware:variety=\"C2\"",
"europol-incident:malware=\"c&c\"",
"veris:action:hacking:vector=\"Backdoor or C2\"",
"veris:action:hacking:variety=\"Use of backdoor or C2\"",
"riskiq:threat-type=\"c2\"",
"kill-chain:Command and Control",
"maec-malware-capabilities:maec-malware-capability=\"command-and-control\"",
" C2",
"europol-event:c&c-server-hosting"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c63f520-c300-4f04-add2-49e8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T10:45:27.000Z",
"modified": "2019-02-13T10:45:27.000Z",
"description": "Command and Control (C&C) Server related to ChessMaster",
"pattern": "[domain-name:value = 'whale.toshste.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T10:45:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\"",
"ecsirt:malicious-code=\"c&c\"",
"veris:action:malware:variety=\"C2\"",
"europol-incident:malware=\"c&c\"",
"veris:action:hacking:vector=\"Backdoor or C2\"",
"veris:action:hacking:variety=\"Use of backdoor or C2\"",
"riskiq:threat-type=\"c2\"",
"kill-chain:Command and Control",
"maec-malware-capabilities:maec-malware-capability=\"command-and-control\"",
" C2",
"europol-event:c&c-server-hosting"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c63f520-d070-47f5-a062-4fb8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T10:45:29.000Z",
"modified": "2019-02-13T10:45:29.000Z",
"description": "Command and Control (C&C) Server related to ChessMaster",
"pattern": "[domain-name:value = 'zebra.wthelpdesk.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T10:45:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\"",
"ecsirt:malicious-code=\"c&c\"",
"veris:action:malware:variety=\"C2\"",
"europol-incident:malware=\"c&c\"",
"veris:action:hacking:vector=\"Backdoor or C2\"",
"veris:action:hacking:variety=\"Use of backdoor or C2\"",
"riskiq:threat-type=\"c2\"",
"kill-chain:Command and Control",
"maec-malware-capabilities:maec-malware-capability=\"command-and-control\"",
" C2",
"europol-event:c&c-server-hosting"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c63f7f3-1660-4e32-b761-4fc6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T10:56:51.000Z",
"modified": "2019-02-13T10:56:51.000Z",
"description": "Detected as BKDR_CHCHES.NAK",
"pattern": "[file:hashes.SHA256 = 'ae6b45a92384f6e43672e617c53a44225e2944d66c1ffb074694526386074145' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T10:56:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c63f82a-0ab4-417d-a2a7-43a8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T10:57:46.000Z",
"modified": "2019-02-13T10:57:46.000Z",
"description": "Detected as BKDR_CHCHES.NAM",
"pattern": "[file:hashes.SHA256 = '2c71eb5c781daa43047fa6e3d85d51a061aa1dfa41feb338e0d4139a6dfd6910' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T10:57:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c6407dc-e880-4d14-8061-432a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T12:04:44.000Z",
"modified": "2019-02-13T12:04:44.000Z",
"description": "Detected as BKDR_CHCHES.NAO",
"pattern": "[file:hashes.SHA256 = 'e7c617e162c2ae173c3581b4e08d752dc421336e1e55d879642717b75745d49c' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T12:04:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c640928-1920-4b32-be48-4641950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T12:10:16.000Z",
"modified": "2019-02-13T12:10:16.000Z",
"description": "Detected as BKDR_CHCHES.SM2",
"pattern": "[file:hashes.SHA256 = '6605b27e95f5c3c8012e4a75d1861786fb749b9a712a5f4871adbad81addb59e' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T12:10:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c640940-6268-46dd-9df9-4695950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T12:10:40.000Z",
"modified": "2019-02-13T12:10:40.000Z",
"description": "Detected as BKDR_CHCHES.SM2",
"pattern": "[file:hashes.SHA256 = 'c885a4f5c066b00e9d4de8cc0f5463f27ce49869519db8cfdc7a9ae19cdce4f0' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T12:10:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c640969-fe8c-4b24-8d37-404d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T12:11:21.000Z",
"modified": "2019-02-13T12:11:21.000Z",
"description": "Detected as BKDR_CHCHES.SM2",
"pattern": "[file:hashes.SHA256 = 'efa0b414a831cbf724d1c67808b7483dec22a981ae670947793d114048f88057' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T12:11:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c64183e-683c-4344-abe0-4268950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T13:14:38.000Z",
"modified": "2019-02-13T13:14:38.000Z",
"description": "Detected as BKDR_CHCHES.SM2",
"pattern": "[file:hashes.SHA256 = 'fadf362a52dcf884f0d41ce3df9eaa9bb30227afda50c0e0657c096baff501f0' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T13:14:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c641888-187c-4923-98e6-4855950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T13:15:52.000Z",
"modified": "2019-02-13T13:15:52.000Z",
"description": "Detected as BKDR_CHCHES.SMZJEA-A",
"pattern": "[file:hashes.SHA256 = '4ff6a97d06e2e843755be8697f3324be36e1ebeb280bb45724962ce4b6710297' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T13:15:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c6418ce-013c-46b8-9792-4101950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T13:17:02.000Z",
"modified": "2019-02-13T13:17:02.000Z",
"description": "Detected as BKDR_CHCHES.SMZJEA-A",
"pattern": "[file:hashes.SHA256 = '75ef6ea0265d2629c920a6a1c0d1dd91d3c0eda86445c7d67ebb9b30e35a2a9f' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T13:17:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c6418f2-1658-40d7-91f4-49fc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T13:17:38.000Z",
"modified": "2019-02-13T13:17:38.000Z",
"description": "Detected as BKDR_CHCHES.SMZKDJ-B",
"pattern": "[file:hashes.SHA256 = '590d5e0858893951e22e392a7dad76b30765c8fd139ca288efeead9b86836237' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T13:17:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c6419c4-f288-48ea-b9db-a733950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T13:21:08.000Z",
"modified": "2019-02-13T13:21:08.000Z",
"description": "Detected as BKDR_CHCHES.SMZKDJ-C",
"pattern": "[file:hashes.SHA256 = '2965c1b6ab9d1601752cb4aa26d64a444b0a535b1a190a70d5ce935be3f91699' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T13:21:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c6419f4-306c-46e6-b026-440c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T13:21:56.000Z",
"modified": "2019-02-13T13:21:56.000Z",
"description": "Detected as BKDR_CHCHES.SMZKDJ-C",
"pattern": "[file:hashes.SHA256 = '4521a74337a8b454f9b80c7d9e57b4c9580567f84e513d9a3ce763275c55e691' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T13:21:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c641afc-d8d8-4afa-92f0-454e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T13:26:20.000Z",
"modified": "2019-02-13T13:26:20.000Z",
"description": "Detected as BKDR_CHCHES.SMZKDJ-C",
"pattern": "[file:hashes.SHA256 = 'c21eaadf9ffc62ca4673e27e06c16447f103c0cf7acd8db6ac5c8bd17805e39d' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T13:26:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c641b0f-e784-44b1-8644-4583950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T13:26:39.000Z",
"modified": "2019-02-13T13:26:39.000Z",
"description": "Detected as BKDR_CHCHES.SMZKDJ-C",
"pattern": "[file:hashes.SHA256 = 'cb0c8681a407a76f8c0fd2512197aafad8120aa62e5c871c29d1fd2a102bc628' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T13:26:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c64237d-4dc0-4eea-b88c-4b9a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:02:37.000Z",
"modified": "2019-02-13T14:02:37.000Z",
"description": "Detected as BKDR_CHCHES.SMZKDJ-C",
"pattern": "[file:hashes.SHA256 = 'd26dae0d8e5c23ec35e8b9cf126cded45b8096fc07560ad1c06585357921eeed' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:02:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642829-60e4-4d76-9889-44e0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:22:33.000Z",
"modified": "2019-02-13T14:22:33.000Z",
"description": "Detected as BKDR_CHCHES.SMZKDJ-C",
"pattern": "[file:hashes.SHA256 = 'e6ecb146f469d243945ad8a5451ba1129c5b190f7d50c64580dbad4b8246f88e' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:22:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c64289b-aa64-4dbf-86e3-4746950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:24:27.000Z",
"modified": "2019-02-13T14:24:27.000Z",
"description": "Detected as BKDR_CHCHES.SMZLEC-A",
"pattern": "[file:hashes.SHA256 = '94813a9097833ca793a02a33d06cf78ff25558e516527aa8cfde7b7f62cdc9d9' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:24:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c6428b1-84e0-4944-ad45-4800950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:24:49.000Z",
"modified": "2019-02-13T14:24:49.000Z",
"description": "Detected as BKDR_CHCHES.SMZLEC-A",
"pattern": "[file:hashes.SHA256 = 'ae30e854a2fb49da770666df78db3983cd3a83774a0fe19d0f98a9ca450d1bd3' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:24:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c6428de-26f8-4a79-a49c-489f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:25:34.000Z",
"modified": "2019-02-13T14:25:34.000Z",
"description": "Detected as BKDR_CHCHES.YO",
"pattern": "[file:hashes.SHA256 = '2933bd208993fb7ec76ae3f55d2e7959c0a79d89f134430c6a798e82ebd94636' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:25:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c6428f6-2554-4101-8b58-4194950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:25:58.000Z",
"modified": "2019-02-13T14:25:58.000Z",
"description": "Detected as BKDR_CHCHES.ZJDK-A",
"pattern": "[file:hashes.SHA256 = '316e89d866d5c710530c2103f183d86c31e9a90d55e2ebc2dda94f112f3bdb6d' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:25:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642912-4ee8-4e61-94b8-4942950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:26:26.000Z",
"modified": "2019-02-13T14:26:26.000Z",
"description": "Detected as BKDR_CHCHES.ZJDK-A",
"pattern": "[file:hashes.SHA256 = 'e90064884190b14a6621c18d1f9719a37b9e5f98506e28ff0636438e3282098b' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:26:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642a16-ca00-4240-a478-4687950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:30:46.000Z",
"modified": "2019-02-13T14:30:46.000Z",
"description": "Detected as BKDR_CHCHES.ZJEH",
"pattern": "[file:hashes.SHA256 = '72d7bcc54520a7d8929eeec78e2b2297a9094fa001483f86cddb7cf1b81704ff' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:30:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642a30-7d70-49ac-8332-4c98950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:31:12.000Z",
"modified": "2019-02-13T14:31:12.000Z",
"description": "Detected as BKDR_CHCHES.ZLDK-B",
"pattern": "[file:hashes.SHA256 = 'e88f5bf4be37e0dc90ba1a06a2d47faaeea9047fec07c17c2a76f9f7ab98acf0' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:31:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642a49-a404-4d34-9a71-4761950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:31:37.000Z",
"modified": "2019-02-13T14:31:37.000Z",
"description": "Detected as BKDR_PLUGX.BHS",
"pattern": "[file:hashes.SHA256 = '759e405351e6de779757695cc6fb1bce3cc6e3bb3ee4d24778d0cb2070091681' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:31:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642a60-8044-4cb3-b579-422c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:32:00.000Z",
"modified": "2019-02-13T14:32:00.000Z",
"description": "Detected as BKDR_PLUGX.JKK",
"pattern": "[file:hashes.SHA256 = '2ddcb1dc466e22388485118bcf3089014348881c4d315aca452c6bb44b6c7bee' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:32:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642a7b-214c-41f1-b7ea-4d19950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:32:27.000Z",
"modified": "2019-02-13T14:32:27.000Z",
"description": "Detected as BKDR_PLUGX.ZKEG-A",
"pattern": "[file:hashes.SHA256 = 'f6ba0007038805fdc9e92ccbfed5f4cc681723bb548cc83a4b34f754f3356974' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:32:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642a92-b47c-40be-a43e-4d9c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:32:50.000Z",
"modified": "2019-02-13T14:32:50.000Z",
"description": "Detected as BKDR_REDFLOWER.ZBEE-A",
"pattern": "[file:hashes.SHA256 = '1ac2134ef1ca208b3d236b387a8d3256ce6fccc0419947b77a9b671b6eba52bf' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:32:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642ab5-ba90-47e1-a82b-430f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:33:25.000Z",
"modified": "2019-02-13T14:33:25.000Z",
"description": "Detected as BKDR_REDFLOWER.ZBEE-A",
"pattern": "[file:hashes.SHA256 = 'c082d5bc76eb8375a90b622474da760bd499ae8371c16cc31085be2940b0bafb' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:33:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642ad1-56ac-4b54-909c-4d1e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:33:53.000Z",
"modified": "2019-02-13T14:33:53.000Z",
"description": "Detected as BKDR_TINYX.ZKEG",
"pattern": "[file:hashes.SHA256 = 'f9f2b38e11402b56fe05127bf0e688d74bb6e55834b93b7a0f6c61174670177a' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:33:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642afa-8a0c-47b4-9359-4ca2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:34:34.000Z",
"modified": "2019-02-13T14:34:34.000Z",
"description": "Detected as TROJ_BLOCKER.ASK",
"pattern": "[file:hashes.SHA256 = '5961861d2b9f50d05055814e6bfd1c6291b30719f8a4d02d4cf80c2e87753fa1' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:34:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642b13-c1b8-44d1-afac-4f9a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:34:59.000Z",
"modified": "2019-02-13T14:34:59.000Z",
"description": "Detected as TROJ_FAKEMS.USPO",
"pattern": "[file:hashes.SHA256 = '9a6692690c03ec33c758cb5648be1ed886ff039e6b72f1c43b23fbd9c342ce8c' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:34:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642b2f-e288-4d32-b582-4933950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:35:27.000Z",
"modified": "2019-02-13T14:35:27.000Z",
"description": "Detected as TROJ_INJECTR.ZJDK-A",
"pattern": "[file:hashes.SHA256 = '58a7670111087243516b601c5f070f7de0db5411febe0a878783fdc17c969a59' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:35:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642b4d-f444-4bcc-bb96-4b43950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:35:57.000Z",
"modified": "2019-02-13T14:35:57.000Z",
"description": "Detected as TROJ_INJECTR.ZJDK-C",
"pattern": "[file:hashes.SHA256 = 'b20ce00a6864225f05de6407fac80ddb83cd0aec00ada438c1e354cdd0d7d5df' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:35:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642b77-e6bc-4179-b4af-4136950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:36:39.000Z",
"modified": "2019-02-13T14:36:39.000Z",
"description": "Detected as TROJ_INJECTR.ZJDK-D",
"pattern": "[file:hashes.SHA256 = 'f251485a62e104dfd8629dc4d2dfd572ebd0ab554602d682a28682876a47e773' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:36:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642b90-3bb0-4367-b98e-4eed950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:37:04.000Z",
"modified": "2019-02-13T14:37:04.000Z",
"description": "Detected as TROJ_INJECTR.ZKDJ-A",
"pattern": "[file:hashes.SHA256 = '19aa5019f3c00211182b2a80dd9675721dac7cfb31d174436d3b8ec9f97d898b' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:37:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642bad-52c0-44d0-a16e-4775950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:37:33.000Z",
"modified": "2019-02-13T14:37:33.000Z",
"description": "Detected as TROJ_INJECTR.ZKDJ-B",
"pattern": "[file:hashes.SHA256 = '5c6c2370090d68d2d3120cec62984767ae0fc93766939d159a2f4c482f58ae5b' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:37:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642bcd-af44-425f-a948-4be1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:38:05.000Z",
"modified": "2019-02-13T14:38:05.000Z",
"description": "Detected as TROJ_INJECTR.ZKDJ-C",
"pattern": "[file:hashes.SHA256 = '312dc69dd6ea16842d6e58cd7fd98ba4d28eefeb4fd4c4d198fac4eee76f93c3' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:38:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642d74-6d48-430a-b5c3-44f9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:45:08.000Z",
"modified": "2019-02-13T14:45:08.000Z",
"description": "Detected as TROJ_INJECTR.ZLDK-A",
"pattern": "[file:hashes.SHA256 = 'bc2f07066c624663b0a6f71cb965009d4d9b480213de51809cdc454ca55f1a91' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:45:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642d95-848c-4f2e-a97b-4eab950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:45:41.000Z",
"modified": "2019-02-13T14:45:41.000Z",
"description": "Detected as TROJ_PASTEAL.JV",
"pattern": "[file:hashes.SHA256 = 'fd6a956a7708708cddff78c8505c7db73d7c4e961da8a3c00cc5a51171a92b7b' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:45:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642dce-80f4-41cb-93a3-491a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:46:38.000Z",
"modified": "2019-02-13T14:46:38.000Z",
"description": "Detected as TROJ_PASTEAL.JV",
"pattern": "[file:hashes.SHA256 = '73794263b657632805c8c3907e2f20a9743d8c9b83aa3e21629eccc5de02b1ca' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:46:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c642de0-9a40-4978-9e04-40b9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T14:46:56.000Z",
"modified": "2019-02-13T14:46:56.000Z",
"description": "Detected as TROJ_PLUGX.DUKPT",
"pattern": "[file:hashes.SHA256 = '45d804f35266b26bf63e3d616715fc593931e33aa07feba5ad6875609692efa2' AND file:x_misp_state = 'Malicious']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T14:46:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fff0be4e-54e6-4038-9206-d96c4555c4c9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:54.000Z",
"modified": "2019-02-13T15:28:54.000Z",
"pattern": "[file:hashes.MD5 = 'f5744d72c6919f994ff452b0e758ffee' AND file:hashes.SHA1 = 'a954a3f20ef8065d98d9e3a3c5ae254e27c63bf6' AND file:hashes.SHA256 = 'f251485a62e104dfd8629dc4d2dfd572ebd0ab554602d682a28682876a47e773']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:28:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--4388bfdc-4a4f-4aa9-a13e-17a52cf22b1d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:54.000Z",
"modified": "2019-02-13T15:28:54.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:28",
"category": "Other",
"uuid": "15e7f9d2-20ab-4df0-83b3-e6e4f4612acb"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/f251485a62e104dfd8629dc4d2dfd572ebd0ab554602d682a28682876a47e773/analysis/1549438168/",
"category": "External analysis",
"uuid": "cfa4a95c-4299-4f25-9709-1d0b9ccae868"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "54/71",
"category": "Other",
"uuid": "926f1063-8f09-4c5b-a05a-3ee21861fe3d"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b7a0faf2-29c2-4381-9f63-3213e5b3da9a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:54.000Z",
"modified": "2019-02-13T15:28:54.000Z",
"pattern": "[file:hashes.MD5 = '1c0db37e0bebae961f149c89d6176c0a' AND file:hashes.SHA1 = '9fa289a229ec2189c12b8d2c1a4a8ff3967eca67' AND file:hashes.SHA256 = '1ac2134ef1ca208b3d236b387a8d3256ce6fccc0419947b77a9b671b6eba52bf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:28:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--69735e3c-864c-481c-86c6-8ec4d4448846",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:54.000Z",
"modified": "2019-02-13T15:28:54.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2018-04-06T20:25:48",
"category": "Other",
"uuid": "d59cd8ca-e09f-488c-a8ff-2cd408e1992a"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/1ac2134ef1ca208b3d236b387a8d3256ce6fccc0419947b77a9b671b6eba52bf/analysis/1523046348/",
"category": "External analysis",
"uuid": "b57f6799-53aa-4115-ba67-435bc5b9c6e2"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "7/58",
"category": "Other",
"uuid": "9fd7e59a-4b68-451c-b1fe-b2bbf64a62ed"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f5804577-702b-4a53-88ad-6abb13449e9a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:54.000Z",
"modified": "2019-02-13T15:28:54.000Z",
"pattern": "[file:hashes.MD5 = 'b0649c1f7fb15796805ca983fd8f95a3' AND file:hashes.SHA1 = '56126b1c19c1121c0f5065204ef5cc4633079b98' AND file:hashes.SHA256 = 'fd6a956a7708708cddff78c8505c7db73d7c4e961da8a3c00cc5a51171a92b7b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:28:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--de76a10e-ceac-41ce-8652-97d241f784b5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:54.000Z",
"modified": "2019-02-13T15:28:54.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-07T16:32:54",
"category": "Other",
"uuid": "d053f597-48cb-48a9-9f11-ae678a71ae7f"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/fd6a956a7708708cddff78c8505c7db73d7c4e961da8a3c00cc5a51171a92b7b/analysis/1549557174/",
"category": "External analysis",
"uuid": "25d3ceb1-45b3-4ddd-9930-65f4fa500c65"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "56/68",
"category": "Other",
"uuid": "b073b6a9-aa27-46d5-8173-9865ef2a3e0f"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--647b65ec-7d73-44c2-ae8c-ab080fed65b1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:55.000Z",
"modified": "2019-02-13T15:28:55.000Z",
"pattern": "[file:hashes.MD5 = 'c0c8dcc9dad39da8278bf8956e30a3fc' AND file:hashes.SHA1 = '009b639441ad5c1260f55afde2d5d21fc5b4f96c' AND file:hashes.SHA256 = '6605b27e95f5c3c8012e4a75d1861786fb749b9a712a5f4871adbad81addb59e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:28:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--a5f29727-ac0d-4247-8f78-e0aa5f9e3c88",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:55.000Z",
"modified": "2019-02-13T15:28:55.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:41",
"category": "Other",
"uuid": "9349167e-4449-493b-83c2-53109dbc9fdb"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/6605b27e95f5c3c8012e4a75d1861786fb749b9a712a5f4871adbad81addb59e/analysis/1549438181/",
"category": "External analysis",
"uuid": "3aeb40ae-5a21-4fb5-8caf-910e55bb142b"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "54/71",
"category": "Other",
"uuid": "4eedc525-4f71-4b06-95a4-c1f6a88cab62"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2c29f3e1-f127-4fdd-8999-22bcaf281992",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:55.000Z",
"modified": "2019-02-13T15:28:55.000Z",
"pattern": "[file:hashes.MD5 = '472b1710794d5c420b9d921c484ca9e8' AND file:hashes.SHA1 = '2c1b42e8c8acea5082275b6ea5f5c64ebaf4fa30' AND file:hashes.SHA256 = 'e6ecb146f469d243945ad8a5451ba1129c5b190f7d50c64580dbad4b8246f88e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:28:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--3c46a337-6781-4bed-9c3e-68bb50ab8ea8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:55.000Z",
"modified": "2019-02-13T15:28:55.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:21",
"category": "Other",
"uuid": "e4683a54-05e8-4585-9bfa-31425581e88b"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/e6ecb146f469d243945ad8a5451ba1129c5b190f7d50c64580dbad4b8246f88e/analysis/1549438161/",
"category": "External analysis",
"uuid": "57728893-21c7-4f7b-b602-78146f27ac4b"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "57/71",
"category": "Other",
"uuid": "48586014-a2c1-4eee-b033-3bf8d634cd5c"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--50aa4cdb-2585-48a6-99e0-7f713f06a229",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:55.000Z",
"modified": "2019-02-13T15:28:55.000Z",
"pattern": "[file:hashes.MD5 = '6f5648ea4ca8a65c36c328c5ae8ac096' AND file:hashes.SHA1 = '154669ce22c0b29af28e0677bc65c43fc35cdd6a' AND file:hashes.SHA256 = '4ff6a97d06e2e843755be8697f3324be36e1ebeb280bb45724962ce4b6710297']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:28:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--c9e089d2-332e-48f3-a1d2-7e11e76aeb74",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:56.000Z",
"modified": "2019-02-13T15:28:56.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2018-12-27T05:48:27",
"category": "Other",
"uuid": "fb06a9b3-8c7b-49b0-82fd-8e5e82780684"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/4ff6a97d06e2e843755be8697f3324be36e1ebeb280bb45724962ce4b6710297/analysis/1545889707/",
"category": "External analysis",
"uuid": "be8dbf00-1021-41ad-84c8-77e3f5208e29"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "33/58",
"category": "Other",
"uuid": "28a9da6a-b225-424e-a0f4-164bcd0c1d2d"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--17c3d31b-5f83-43ec-92ae-ffcd23c61a27",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:56.000Z",
"modified": "2019-02-13T15:28:56.000Z",
"pattern": "[file:hashes.MD5 = '8a93859e5f7079d6746832a3a22ff65c' AND file:hashes.SHA1 = '56d6c3ffa4f3d5ae742f937fae85f0995814cf90' AND file:hashes.SHA256 = 'ae6b45a92384f6e43672e617c53a44225e2944d66c1ffb074694526386074145']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:28:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--85ea176d-de1e-497a-9837-b666e7074bd6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:56.000Z",
"modified": "2019-02-13T15:28:56.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-07T15:56:32",
"category": "Other",
"uuid": "b6e35013-da19-4631-8ad1-5df51d5a234b"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/ae6b45a92384f6e43672e617c53a44225e2944d66c1ffb074694526386074145/analysis/1549554992/",
"category": "External analysis",
"uuid": "7fe17d41-06c0-477d-a2b7-7ad6f8952483"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "55/69",
"category": "Other",
"uuid": "9a629de4-dda0-462f-8812-65b663e9c44e"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7c6961ca-5d99-4cbd-8948-439c050dc9d4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:56.000Z",
"modified": "2019-02-13T15:28:56.000Z",
"pattern": "[file:hashes.MD5 = 'dbb867c2250b5be4e67d1977fcf721fb' AND file:hashes.SHA1 = '1df29c63c917b089fe0fc099e2783c0c679892e5' AND file:hashes.SHA256 = 'cb0c8681a407a76f8c0fd2512197aafad8120aa62e5c871c29d1fd2a102bc628']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:28:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e40aa0c7-8063-4ec7-8eaa-5d4e0934112f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:56.000Z",
"modified": "2019-02-13T15:28:56.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:36",
"category": "Other",
"uuid": "b6b6bd81-d293-4110-885a-6936180eb790"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/cb0c8681a407a76f8c0fd2512197aafad8120aa62e5c871c29d1fd2a102bc628/analysis/1549438176/",
"category": "External analysis",
"uuid": "4c1c4e9c-0b1c-4629-8e65-f64b387e7ea0"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "48/71",
"category": "Other",
"uuid": "26b8b237-97de-4d45-a829-eac39855a438"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b400f7d4-a844-43f8-9f6f-15670fa2c4c0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:56.000Z",
"modified": "2019-02-13T15:28:56.000Z",
"pattern": "[file:hashes.MD5 = '23d03ee4bf57de7087055b230dae7c5b' AND file:hashes.SHA1 = '7cace2e51e8ecc5ddb9720a8dc9e1f3596fe343b' AND file:hashes.SHA256 = 'e88f5bf4be37e0dc90ba1a06a2d47faaeea9047fec07c17c2a76f9f7ab98acf0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:28:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e48e0d6e-d612-426b-9c63-b420a90ae5a8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:56.000Z",
"modified": "2019-02-13T15:28:56.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:46",
"category": "Other",
"uuid": "0f1445bd-95ca-44c1-9bab-fc1960bb2e9a"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/e88f5bf4be37e0dc90ba1a06a2d47faaeea9047fec07c17c2a76f9f7ab98acf0/analysis/1549438186/",
"category": "External analysis",
"uuid": "64fa1f54-19ad-4c3b-b1b2-40559433388b"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "53/70",
"category": "Other",
"uuid": "bae98701-7efc-40d9-a584-2d80231b42fe"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--01386435-635f-478b-9f3a-f50d1bedddcb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:57.000Z",
"modified": "2019-02-13T15:28:57.000Z",
"pattern": "[file:hashes.MD5 = '457812c13d4d8ad5fd844ae572b4322b' AND file:hashes.SHA1 = '821368b4910c6ac50f6bad1c218e0f9a6f1fdcfb' AND file:hashes.SHA256 = '94813a9097833ca793a02a33d06cf78ff25558e516527aa8cfde7b7f62cdc9d9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:28:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--893fd05b-7ae9-400c-967a-7b9354ba2cd0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:57.000Z",
"modified": "2019-02-13T15:28:57.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T16:38:35",
"category": "Other",
"uuid": "57b0d487-c510-4f1d-8277-40f93851276b"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/94813a9097833ca793a02a33d06cf78ff25558e516527aa8cfde7b7f62cdc9d9/analysis/1549471115/",
"category": "External analysis",
"uuid": "078a5e11-ea84-4270-9684-cf9b826c92a3"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "30/69",
"category": "Other",
"uuid": "812d0331-b046-46be-84cf-8f336b99a54c"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--48e70434-5c21-4be1-bc1f-b780b4d207b9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:57.000Z",
"modified": "2019-02-13T15:28:57.000Z",
"pattern": "[file:hashes.MD5 = 'f586edd88023f49bc4f9d84f9fb6bd7d' AND file:hashes.SHA1 = 'b966657d35bba9416775d320bb87086001995bbe' AND file:hashes.SHA256 = 'c21eaadf9ffc62ca4673e27e06c16447f103c0cf7acd8db6ac5c8bd17805e39d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:28:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--d89a842f-a120-486c-9712-30971d8b25b8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:57.000Z",
"modified": "2019-02-13T15:28:57.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:26",
"category": "Other",
"uuid": "16380a5b-84a8-45c7-9d2f-c0cec7698842"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/c21eaadf9ffc62ca4673e27e06c16447f103c0cf7acd8db6ac5c8bd17805e39d/analysis/1549438166/",
"category": "External analysis",
"uuid": "c9870bdc-f622-4488-bd92-b1b2e7c6d72a"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "54/71",
"category": "Other",
"uuid": "f184cade-e94a-423a-803c-b574d9a5662c"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cffa2b73-f39b-49e0-9824-745f68f99e49",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:57.000Z",
"modified": "2019-02-13T15:28:57.000Z",
"pattern": "[file:hashes.MD5 = '1b891bc2e5038615efafabe48920f200' AND file:hashes.SHA1 = '95ab56ab1f0d4f010569ead7915fbc833a36cd73' AND file:hashes.SHA256 = '9a6692690c03ec33c758cb5648be1ed886ff039e6b72f1c43b23fbd9c342ce8c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:28:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--1624a039-f336-4b35-b1ad-89e032e4be42",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:57.000Z",
"modified": "2019-02-13T15:28:57.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:35",
"category": "Other",
"uuid": "46dee20b-793b-484c-b481-b2c2d90cfe6e"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/9a6692690c03ec33c758cb5648be1ed886ff039e6b72f1c43b23fbd9c342ce8c/analysis/1549438175/",
"category": "External analysis",
"uuid": "bf78ef76-8a9b-4953-81a4-19ceb78bb03b"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "53/71",
"category": "Other",
"uuid": "d85f4aab-6b1f-4935-a835-fabd2c81885e"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f94110e1-dc59-4311-85d2-4e9c846925cf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:57.000Z",
"modified": "2019-02-13T15:28:57.000Z",
"pattern": "[file:hashes.MD5 = '37c89f291dbe880b1f3ac036e6b9c558' AND file:hashes.SHA1 = '16a046d2557cc6377d713e21f14f1ebea7128419' AND file:hashes.SHA256 = 'e90064884190b14a6621c18d1f9719a37b9e5f98506e28ff0636438e3282098b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:28:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--7760b61a-dbbd-4033-80e1-16e65ec75734",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:57.000Z",
"modified": "2019-02-13T15:28:57.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:31",
"category": "Other",
"uuid": "ba06c3e3-d71d-453d-ae9d-35745748224f"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/e90064884190b14a6621c18d1f9719a37b9e5f98506e28ff0636438e3282098b/analysis/1549438171/",
"category": "External analysis",
"uuid": "577dbfd8-241d-4aad-aa12-bedc24610a2c"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "56/70",
"category": "Other",
"uuid": "b1f413a3-77cc-40db-8fd4-cb2b4947154b"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9781a7d0-f1fd-464b-a4a8-8be4779e3ee7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:57.000Z",
"modified": "2019-02-13T15:28:57.000Z",
"pattern": "[file:hashes.MD5 = 'bcf3c53af6e43c4c14561e7013622985' AND file:hashes.SHA1 = 'be23d2e94a13cdb788018c6e8d969c4adcbe3284' AND file:hashes.SHA256 = '5c6c2370090d68d2d3120cec62984767ae0fc93766939d159a2f4c482f58ae5b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:28:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--ee47025e-eee5-4c8e-b1c2-9edf4ac1d336",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:57.000Z",
"modified": "2019-02-13T15:28:57.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T16:38:27",
"category": "Other",
"uuid": "479c5091-81be-4c05-aa96-fdafe9a6b07b"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/5c6c2370090d68d2d3120cec62984767ae0fc93766939d159a2f4c482f58ae5b/analysis/1549471107/",
"category": "External analysis",
"uuid": "af05bf9f-cd60-4135-9c3b-2b5aba115c9e"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "45/70",
"category": "Other",
"uuid": "23b246b2-3807-4113-a4f6-34071db06983"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7380e51e-2b4e-408d-82ce-cf5723eb13ae",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:58.000Z",
"modified": "2019-02-13T15:28:58.000Z",
"pattern": "[file:hashes.MD5 = '8a21337be17e1e921eeb4d1b9c1b4773' AND file:hashes.SHA1 = 'd16da0dc12aea0b64abd3871a794cd9af38f2db4' AND file:hashes.SHA256 = '75ef6ea0265d2629c920a6a1c0d1dd91d3c0eda86445c7d67ebb9b30e35a2a9f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:28:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--fd727e71-50a5-4910-936a-acbe15fd53de",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:58.000Z",
"modified": "2019-02-13T15:28:58.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2018-12-27T05:48:31",
"category": "Other",
"uuid": "a30663d0-0e3c-4ecb-b72a-0e926299dc12"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/75ef6ea0265d2629c920a6a1c0d1dd91d3c0eda86445c7d67ebb9b30e35a2a9f/analysis/1545889711/",
"category": "External analysis",
"uuid": "03cdbe18-b8c4-4139-bb23-b8aac34f15c6"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "27/58",
"category": "Other",
"uuid": "fd10cd43-048b-4df9-bb1e-0150c8cc0f84"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b0e7f22f-e9d8-4e64-921f-bf6cf386541f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:58.000Z",
"modified": "2019-02-13T15:28:58.000Z",
"pattern": "[file:hashes.MD5 = 'db212129be94fe77362751c557d0e893' AND file:hashes.SHA1 = '7fe6c8191749767254513b03da03cfbf6dd6c139' AND file:hashes.SHA256 = 'fadf362a52dcf884f0d41ce3df9eaa9bb30227afda50c0e0657c096baff501f0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:28:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--f8340e59-acb0-48f3-b89c-80679d3caf99",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:58.000Z",
"modified": "2019-02-13T15:28:58.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:43",
"category": "Other",
"uuid": "349bac4a-c018-4547-9763-6e11637cab20"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/fadf362a52dcf884f0d41ce3df9eaa9bb30227afda50c0e0657c096baff501f0/analysis/1549438183/",
"category": "External analysis",
"uuid": "7140b38b-cf92-4224-8732-882fb3c20773"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "54/71",
"category": "Other",
"uuid": "2c497ce2-169b-4370-b72d-7a0e3f240e39"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8fa037cb-2f4c-434d-b4d3-9c6475d6bac1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:58.000Z",
"modified": "2019-02-13T15:28:58.000Z",
"pattern": "[file:hashes.MD5 = '75500bb4143a052795ec7d2e61ac3261' AND file:hashes.SHA1 = 'a7d0b38bda630c927820380d311ddc70a9606407' AND file:hashes.SHA256 = '19aa5019f3c00211182b2a80dd9675721dac7cfb31d174436d3b8ec9f97d898b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:28:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--79543532-9364-4fed-a47e-bc13a4d0b09f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:58.000Z",
"modified": "2019-02-13T15:28:58.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T05:12:06",
"category": "Other",
"uuid": "384725fa-ac5c-4a42-928f-0a4b48db0072"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/19aa5019f3c00211182b2a80dd9675721dac7cfb31d174436d3b8ec9f97d898b/analysis/1549429926/",
"category": "External analysis",
"uuid": "d856d880-ae09-4377-a644-e83315acc6a0"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "50/71",
"category": "Other",
"uuid": "4833f2cc-3e66-48b5-9d93-6683b7284d24"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3dd0a7e3-1359-4772-95d0-5b81e80dcaab",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:59.000Z",
"modified": "2019-02-13T15:28:59.000Z",
"pattern": "[file:hashes.MD5 = 'd1bab4a30f2889ad392d17573302f097' AND file:hashes.SHA1 = '5b045d98606f000a236b1bd4ac4c9e482b3f5475' AND file:hashes.SHA256 = '312dc69dd6ea16842d6e58cd7fd98ba4d28eefeb4fd4c4d198fac4eee76f93c3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:28:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--afe244a1-f7bc-49eb-af7f-b5220e9ddaaa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:59.000Z",
"modified": "2019-02-13T15:28:59.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:43",
"category": "Other",
"uuid": "cbbfffc0-a0be-49d8-ba2f-2f48564eeaac"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/312dc69dd6ea16842d6e58cd7fd98ba4d28eefeb4fd4c4d198fac4eee76f93c3/analysis/1549438183/",
"category": "External analysis",
"uuid": "ac3f30d3-5631-412d-9996-98d2777da8c6"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "56/71",
"category": "Other",
"uuid": "dd88f267-0032-48bf-b84c-ace6fdf4677d"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0891a364-b5f4-42c4-8f6d-5337c9be52d1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:59.000Z",
"modified": "2019-02-13T15:28:59.000Z",
"pattern": "[file:hashes.MD5 = 'f03f70d331c6564aec8931f481949188' AND file:hashes.SHA1 = '01edb82de7b9666eaa5d2791a14092f2e73d2795' AND file:hashes.SHA256 = '45d804f35266b26bf63e3d616715fc593931e33aa07feba5ad6875609692efa2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:28:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--2ebd5019-694e-44b0-b895-429aa15e4811",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:28:59.000Z",
"modified": "2019-02-13T15:28:59.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T05:13:21",
"category": "Other",
"uuid": "54b9a9db-e9d9-4bac-adcf-855f84d6e131"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/45d804f35266b26bf63e3d616715fc593931e33aa07feba5ad6875609692efa2/analysis/1549430001/",
"category": "External analysis",
"uuid": "87817bf4-ba5f-4ad3-9d84-2cd48596ae12"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "48/70",
"category": "Other",
"uuid": "30597c02-efbf-4230-a8ee-f2dfd1124e6e"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1c9a6b81-aa9c-4d3b-b227-42003244cffb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:00.000Z",
"modified": "2019-02-13T15:29:00.000Z",
"pattern": "[file:hashes.MD5 = '3afa9243b3aeb534e02426569d85e517' AND file:hashes.SHA1 = 'df8f49a3fdf8a9d550b22d65d21a8006ff593ac4' AND file:hashes.SHA256 = '5961861d2b9f50d05055814e6bfd1c6291b30719f8a4d02d4cf80c2e87753fa1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--15cb12ce-e005-4be5-9482-a583f0e50b0b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:00.000Z",
"modified": "2019-02-13T15:29:00.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:28",
"category": "Other",
"uuid": "16e27897-efe8-451f-b4bc-dd7204880eff"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/5961861d2b9f50d05055814e6bfd1c6291b30719f8a4d02d4cf80c2e87753fa1/analysis/1549438168/",
"category": "External analysis",
"uuid": "60bf5d46-c96b-4b41-b0d5-75fc50c9ae27"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "56/71",
"category": "Other",
"uuid": "95cbade1-ed3e-4cb8-89cc-88027ab52d1d"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--62d4ceec-e814-474e-a6e3-9e68c084cae0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:00.000Z",
"modified": "2019-02-13T15:29:00.000Z",
"pattern": "[file:hashes.MD5 = '0898927cc8ac129af79d48a938edea17' AND file:hashes.SHA1 = '0134d88a8254f1e36755954a557c8035386ee5a5' AND file:hashes.SHA256 = 'e7c617e162c2ae173c3581b4e08d752dc421336e1e55d879642717b75745d49c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--d2855be4-6ebb-47c2-ad86-741165666fa4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:00.000Z",
"modified": "2019-02-13T15:29:00.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T16:38:52",
"category": "Other",
"uuid": "fc3b0a0d-eb10-4b90-bfd1-4c0358412732"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/e7c617e162c2ae173c3581b4e08d752dc421336e1e55d879642717b75745d49c/analysis/1549471132/",
"category": "External analysis",
"uuid": "6a9caeb3-b790-4b7c-87a1-4be4badea843"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "18/69",
"category": "Other",
"uuid": "738776d7-2be1-4287-80d6-6034d07cd906"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--381d8ded-55ae-4efb-81cd-35ef6efcc504",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:00.000Z",
"modified": "2019-02-13T15:29:00.000Z",
"pattern": "[file:hashes.MD5 = '5b425dcf90df36706bcdd21438d6d32a' AND file:hashes.SHA1 = 'cbbb2c405c672d5c441cb0added81c714c577438' AND file:hashes.SHA256 = 'f6ba0007038805fdc9e92ccbfed5f4cc681723bb548cc83a4b34f754f3356974']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--099e9c1a-b7d6-4426-a115-27e85ccb8fa7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:00.000Z",
"modified": "2019-02-13T15:29:00.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T05:09:31",
"category": "Other",
"uuid": "bf2dbaf3-7efd-47df-b588-bd777a03d4fe"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/f6ba0007038805fdc9e92ccbfed5f4cc681723bb548cc83a4b34f754f3356974/analysis/1549429771/",
"category": "External analysis",
"uuid": "d8c0c9f5-1d28-42a0-bd74-ea924139567b"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "52/70",
"category": "Other",
"uuid": "1dfc514a-3835-4148-9b6e-ff9a918d23db"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--05595d72-593e-4946-9dc5-24b30515dfce",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:00.000Z",
"modified": "2019-02-13T15:29:00.000Z",
"pattern": "[file:hashes.MD5 = '9da42d0bce9f5dbf22d33df77c561bda' AND file:hashes.SHA1 = '83c9f863b287086585790cb9d5e8590ae6ec5905' AND file:hashes.SHA256 = 'f9f2b38e11402b56fe05127bf0e688d74bb6e55834b93b7a0f6c61174670177a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--7d69e219-7501-4077-8921-48919763f43d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:00.000Z",
"modified": "2019-02-13T15:29:00.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:06:02",
"category": "Other",
"uuid": "30dcc6c9-be2f-4a35-81fe-2eec49d74554"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/f9f2b38e11402b56fe05127bf0e688d74bb6e55834b93b7a0f6c61174670177a/analysis/1549436762/",
"category": "External analysis",
"uuid": "c1be9f90-7ebb-4b53-8459-2c4e94702774"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "46/71",
"category": "Other",
"uuid": "ec63d1bf-2cdc-4e27-b001-6b6512b835e7"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--639cd46d-5965-4159-9bce-9d3d7274fbe1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:00.000Z",
"modified": "2019-02-13T15:29:00.000Z",
"pattern": "[file:hashes.MD5 = 'c76ead62b38a9e9efca82b592d414637' AND file:hashes.SHA1 = '30e1ffabba6206bc0bcd41870e693022c0ea1622' AND file:hashes.SHA256 = 'ae30e854a2fb49da770666df78db3983cd3a83774a0fe19d0f98a9ca450d1bd3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--8906dc4a-8002-4d0d-9074-dd9b2ba7b5f1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:00.000Z",
"modified": "2019-02-13T15:29:00.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T16:38:41",
"category": "Other",
"uuid": "0bcb1a3e-76c8-47bc-8b63-cdbb3231d001"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/ae30e854a2fb49da770666df78db3983cd3a83774a0fe19d0f98a9ca450d1bd3/analysis/1549471121/",
"category": "External analysis",
"uuid": "fb7cd242-c97b-4f00-b50f-fe3fab0a19b3"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "24/69",
"category": "Other",
"uuid": "259a68af-668e-4f8b-a738-2fd9fac1e150"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fc256f20-e734-4e11-81a2-bb8ad2dcdfd9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:00.000Z",
"modified": "2019-02-13T15:29:00.000Z",
"pattern": "[file:hashes.MD5 = 'ac0ff4bad83350b7dde27af8728a469f' AND file:hashes.SHA1 = '729f0b2521c30cb58a2d5278786be286574d7748' AND file:hashes.SHA256 = '73794263b657632805c8c3907e2f20a9743d8c9b83aa3e21629eccc5de02b1ca']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--694806d8-22b7-4b09-ac37-4779a7fbc35b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:01.000Z",
"modified": "2019-02-13T15:29:01.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:36",
"category": "Other",
"uuid": "dff934d0-493a-4758-b958-156ad8d071d4"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/73794263b657632805c8c3907e2f20a9743d8c9b83aa3e21629eccc5de02b1ca/analysis/1549438176/",
"category": "External analysis",
"uuid": "8047b240-327e-4188-a22a-d66defd86c4c"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "48/71",
"category": "Other",
"uuid": "4f5c1080-4a31-422f-a994-b49b49a72d7e"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bccc82fd-3774-48e4-be42-098ea820115d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:01.000Z",
"modified": "2019-02-13T15:29:01.000Z",
"pattern": "[file:hashes.MD5 = '19610f0d343657f6842d2045e8818f09' AND file:hashes.SHA1 = '42d5c9c4c02e6d5c88ec0acce72327389a92f0d7' AND file:hashes.SHA256 = '4521a74337a8b454f9b80c7d9e57b4c9580567f84e513d9a3ce763275c55e691']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--28c83e23-4c7f-4e8d-ada2-8e03d74fa173",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:01.000Z",
"modified": "2019-02-13T15:29:01.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:23",
"category": "Other",
"uuid": "33709062-ab09-48c6-91a5-21727059b8ba"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/4521a74337a8b454f9b80c7d9e57b4c9580567f84e513d9a3ce763275c55e691/analysis/1549438163/",
"category": "External analysis",
"uuid": "edba8204-6e92-4690-8a80-a39f22a94705"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "50/70",
"category": "Other",
"uuid": "423dab76-4248-477a-957f-bb41be20b304"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--288bfa31-7ccd-4d93-989c-9df70ff90f9b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:01.000Z",
"modified": "2019-02-13T15:29:01.000Z",
"pattern": "[file:hashes.MD5 = 'ca9644ef0f7ed355a842f6e2d4511546' AND file:hashes.SHA1 = 'a91669bb4dcb713e997ddf98417730de78cb990a' AND file:hashes.SHA256 = 'bc2f07066c624663b0a6f71cb965009d4d9b480213de51809cdc454ca55f1a91']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--93bd8a81-3995-4312-90d9-68acac259128",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:01.000Z",
"modified": "2019-02-13T15:29:01.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:25",
"category": "Other",
"uuid": "e36744a3-d731-42cf-a842-f68e2a9879d4"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/bc2f07066c624663b0a6f71cb965009d4d9b480213de51809cdc454ca55f1a91/analysis/1549438165/",
"category": "External analysis",
"uuid": "2548bb19-5005-4587-b789-9c4b6dc4fccd"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "58/70",
"category": "Other",
"uuid": "9b26ada5-1ba7-4267-8585-5f42a7d354d5"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8f353d3b-5d07-4e5a-99c5-a2519d203b3c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:01.000Z",
"modified": "2019-02-13T15:29:01.000Z",
"pattern": "[file:hashes.MD5 = 'c1cb28327d3364768d1c1e4ce0d9bc07' AND file:hashes.SHA1 = '741e955a9e458a70b5c085b3bfba800fdfb4ccde' AND file:hashes.SHA256 = '2c71eb5c781daa43047fa6e3d85d51a061aa1dfa41feb338e0d4139a6dfd6910']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--951ddcdd-17e2-4a56-b66d-c921d543bf26",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:01.000Z",
"modified": "2019-02-13T15:29:01.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:38",
"category": "Other",
"uuid": "8a68d820-1b52-4fb4-ac80-8102db67f6f4"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/2c71eb5c781daa43047fa6e3d85d51a061aa1dfa41feb338e0d4139a6dfd6910/analysis/1549438178/",
"category": "External analysis",
"uuid": "f2ebcf5e-3a4b-4442-ad00-fdb675c0d0d8"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "54/71",
"category": "Other",
"uuid": "ff43c3f5-193f-466b-8068-57e644db8b3e"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2d8c066c-87d3-4e7c-9bf0-cb14a2613f8b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:01.000Z",
"modified": "2019-02-13T15:29:01.000Z",
"pattern": "[file:hashes.MD5 = 'c2a07ca21ecad714821df647ada8ecaa' AND file:hashes.SHA1 = '84bfc398487494552a2876e32dc8fb4f6f377a08' AND file:hashes.SHA256 = 'c885a4f5c066b00e9d4de8cc0f5463f27ce49869519db8cfdc7a9ae19cdce4f0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--cf4e8ce1-02a5-4756-aa73-f0808d26e893",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:01.000Z",
"modified": "2019-02-13T15:29:01.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-13T09:06:51",
"category": "Other",
"uuid": "f1c0ebcb-35f8-4a55-93a4-11e7aa042be7"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/c885a4f5c066b00e9d4de8cc0f5463f27ce49869519db8cfdc7a9ae19cdce4f0/analysis/1550048811/",
"category": "External analysis",
"uuid": "fba8bba2-b2ae-4eff-99ae-aac8d9a22247"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "50/68",
"category": "Other",
"uuid": "dec8c141-11d6-4737-ba00-159741f9356e"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d7bca1e4-52c3-4c73-a770-55e812483901",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:01.000Z",
"modified": "2019-02-13T15:29:01.000Z",
"pattern": "[file:hashes.MD5 = '3106dd1dc98bfb8ce72c613448baec29' AND file:hashes.SHA1 = 'a65eccb9a813a6cb32b83703b9b4b7583dc239ab' AND file:hashes.SHA256 = '72d7bcc54520a7d8929eeec78e2b2297a9094fa001483f86cddb7cf1b81704ff']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--21d925a3-f03d-4337-85b0-daf30580a4e2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:01.000Z",
"modified": "2019-02-13T15:29:01.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-05T21:35:35",
"category": "Other",
"uuid": "47db33c3-d6d3-48bf-8979-3a22b440a52f"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/72d7bcc54520a7d8929eeec78e2b2297a9094fa001483f86cddb7cf1b81704ff/analysis/1549402535/",
"category": "External analysis",
"uuid": "5adb25a6-431c-41b1-b63f-777dc609d61b"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "29/70",
"category": "Other",
"uuid": "78f3b20f-dbd2-41c3-a012-b7c1f89c0c85"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--70d7c48c-f319-47bf-9c32-d4c986192b09",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:02.000Z",
"modified": "2019-02-13T15:29:02.000Z",
"pattern": "[file:hashes.MD5 = '684888079aaf7ed25e725b55a3695062' AND file:hashes.SHA1 = '2d0ee3b718ec4e391753616853286c22be7bf521' AND file:hashes.SHA256 = '2965c1b6ab9d1601752cb4aa26d64a444b0a535b1a190a70d5ce935be3f91699']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--695318d6-bc08-4cd2-833f-432f371f64f1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:02.000Z",
"modified": "2019-02-13T15:29:02.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:44",
"category": "Other",
"uuid": "03a1a316-4989-43c6-8978-103ef056a79f"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/2965c1b6ab9d1601752cb4aa26d64a444b0a535b1a190a70d5ce935be3f91699/analysis/1549438184/",
"category": "External analysis",
"uuid": "31be62f3-78c8-407e-8847-804254979fdf"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "53/70",
"category": "Other",
"uuid": "bb9e0ccb-46dc-4db7-945d-18f6157d3cdd"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--276c87a6-444b-4cfc-b4fb-840824cfdaf4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:02.000Z",
"modified": "2019-02-13T15:29:02.000Z",
"pattern": "[file:hashes.MD5 = '1d0105cf8e076b33ed499f1dfef9a46b' AND file:hashes.SHA1 = '69620adf44795ee5293ce301cd3d70045e332bbf' AND file:hashes.SHA256 = 'd26dae0d8e5c23ec35e8b9cf126cded45b8096fc07560ad1c06585357921eeed']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--2229647e-bb62-4241-8c89-9d0a1e41872b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:02.000Z",
"modified": "2019-02-13T15:29:02.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:47",
"category": "Other",
"uuid": "16530485-db7c-4482-bd0e-92662eec403c"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/d26dae0d8e5c23ec35e8b9cf126cded45b8096fc07560ad1c06585357921eeed/analysis/1549438187/",
"category": "External analysis",
"uuid": "7e867218-f240-44a7-acf9-abe7d1b93f2e"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "52/69",
"category": "Other",
"uuid": "f27770f1-10b7-41f9-ba77-f558def1127e"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c29a6db8-e2d9-43dc-a547-d82ac940180d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:02.000Z",
"modified": "2019-02-13T15:29:02.000Z",
"pattern": "[file:hashes.MD5 = 'a32468828c12657497cddf57190f5700' AND file:hashes.SHA1 = 'b6d17ae3900e72df2e9ffbf7f03d18e6d7112942' AND file:hashes.SHA256 = '2ddcb1dc466e22388485118bcf3089014348881c4d315aca452c6bb44b6c7bee']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--2e73b918-dd7f-46ab-9c10-0b792ab16ac8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:02.000Z",
"modified": "2019-02-13T15:29:02.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:41:00",
"category": "Other",
"uuid": "738f58be-7a4e-4d31-bc86-35e1d23f6c2b"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/2ddcb1dc466e22388485118bcf3089014348881c4d315aca452c6bb44b6c7bee/analysis/1549438860/",
"category": "External analysis",
"uuid": "fbb07896-9d23-4908-aaac-80994c3d4dc9"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "54/70",
"category": "Other",
"uuid": "5299eea8-f34c-4564-b20c-01277ed7975c"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--628b2c40-a54a-479d-8222-5ef217c3a617",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:02.000Z",
"modified": "2019-02-13T15:29:02.000Z",
"pattern": "[file:hashes.MD5 = '3f72617e150e3dbb3372b84995e7b24c' AND file:hashes.SHA1 = '4afa2232a11f1180bbf05080671ecac61c303b10' AND file:hashes.SHA256 = 'c082d5bc76eb8375a90b622474da760bd499ae8371c16cc31085be2940b0bafb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--b7e45e34-229c-491f-b32a-377671af7a35",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:02.000Z",
"modified": "2019-02-13T15:29:02.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T16:38:44",
"category": "Other",
"uuid": "d6dfe486-52f4-4565-91fa-62b4a838a6fd"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/c082d5bc76eb8375a90b622474da760bd499ae8371c16cc31085be2940b0bafb/analysis/1549471124/",
"category": "External analysis",
"uuid": "6b866a42-b6e9-4453-8718-f994c8bbecb3"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "27/69",
"category": "Other",
"uuid": "79edd2b7-9684-438d-a988-3b99f82df57b"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--be7f953d-6b2e-4b1c-87ca-9240177cedaa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:02.000Z",
"modified": "2019-02-13T15:29:02.000Z",
"pattern": "[file:hashes.MD5 = 'd8605112c0bfea7cb068043ea0250c58' AND file:hashes.SHA1 = '7f7776d23c3560486e7ddae0e06dc954b7ac0e29' AND file:hashes.SHA256 = '2933bd208993fb7ec76ae3f55d2e7959c0a79d89f134430c6a798e82ebd94636']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--de27e053-4806-489a-9cea-38e966b43179",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:02.000Z",
"modified": "2019-02-13T15:29:02.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-08-17T12:56:03",
"category": "Other",
"uuid": "6e289952-8687-47fa-85d7-e6e3e3bb0a8a"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/2933bd208993fb7ec76ae3f55d2e7959c0a79d89f134430c6a798e82ebd94636/analysis/1502974563/",
"category": "External analysis",
"uuid": "82f01dc7-8fba-468b-a2ac-cde8cf031e16"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "18/64",
"category": "Other",
"uuid": "40558cc7-f880-4553-8b93-798ca48a9bb6"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4151d80d-b8d4-4aca-9def-86eb3b109026",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:02.000Z",
"modified": "2019-02-13T15:29:02.000Z",
"pattern": "[file:hashes.MD5 = '62898b77bd9e8e286d6bc760f3e28981' AND file:hashes.SHA1 = '1c6a50e51203fda640b8535268bee657591d0ac5' AND file:hashes.SHA256 = '759e405351e6de779757695cc6fb1bce3cc6e3bb3ee4d24778d0cb2070091681']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--da2752ec-c5ed-45fc-828b-543b59dbd0ee",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:03.000Z",
"modified": "2019-02-13T15:29:03.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:40:59",
"category": "Other",
"uuid": "519af179-61ff-4534-af29-d8a205fd3b3f"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/759e405351e6de779757695cc6fb1bce3cc6e3bb3ee4d24778d0cb2070091681/analysis/1549438859/",
"category": "External analysis",
"uuid": "812c7088-e617-4618-ac2f-32e7bd232b63"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "52/70",
"category": "Other",
"uuid": "e5624e3a-6453-4e9b-8390-118a76810f06"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--09630c42-c5ed-4979-8225-c764eacedfd1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:03.000Z",
"modified": "2019-02-13T15:29:03.000Z",
"pattern": "[file:hashes.MD5 = 'ac725400d9a5fe832dd40a1afb2951f8' AND file:hashes.SHA1 = '01d6e50b2fbba59ca22930075c1022b840c4b240' AND file:hashes.SHA256 = '590d5e0858893951e22e392a7dad76b30765c8fd139ca288efeead9b86836237']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--d404c92b-1a0d-444c-86c0-02d7ae47edbe",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:03.000Z",
"modified": "2019-02-13T15:29:03.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:49",
"category": "Other",
"uuid": "6725bb3d-7a9c-4fd4-bf29-ef5fb866fad3"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/590d5e0858893951e22e392a7dad76b30765c8fd139ca288efeead9b86836237/analysis/1549438189/",
"category": "External analysis",
"uuid": "1309230e-0e1b-4155-8a39-8adbd583bc2b"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "54/71",
"category": "Other",
"uuid": "795217d9-c7f4-4c57-bfcc-04e5db5129ae"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2c72a63b-8fc4-4126-be30-f07edeeb2be0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:03.000Z",
"modified": "2019-02-13T15:29:03.000Z",
"pattern": "[file:hashes.MD5 = '7891f00dcab0e4a2f928422062e94213' AND file:hashes.SHA1 = '7cb04a4b86d998604341bc2b610a0a556830993d' AND file:hashes.SHA256 = 'b20ce00a6864225f05de6407fac80ddb83cd0aec00ada438c1e354cdd0d7d5df']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--d898f1fd-3317-4ba1-8219-8b965c69ede0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:03.000Z",
"modified": "2019-02-13T15:29:03.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:29",
"category": "Other",
"uuid": "9fa1ed24-4be2-4711-8760-5510d834b226"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/b20ce00a6864225f05de6407fac80ddb83cd0aec00ada438c1e354cdd0d7d5df/analysis/1549438169/",
"category": "External analysis",
"uuid": "425e90e6-3556-4924-88d5-1a146adb3b4e"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "54/71",
"category": "Other",
"uuid": "8db07d3e-5c31-427e-b98b-0e6a1422ce63"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8f41ad1e-f4a3-4c32-beda-e7ee3ea8d52f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:03.000Z",
"modified": "2019-02-13T15:29:03.000Z",
"pattern": "[file:hashes.MD5 = '0c0a39e1cab4fc9896bdf5ef3c96a716' AND file:hashes.SHA1 = 'de5af856804974ba3df03928fff03447e8f4c9c2' AND file:hashes.SHA256 = '316e89d866d5c710530c2103f183d86c31e9a90d55e2ebc2dda94f112f3bdb6d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--b3a4c9be-5327-4083-8eb2-65484063def0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:03.000Z",
"modified": "2019-02-13T15:29:03.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:39",
"category": "Other",
"uuid": "2b4ace88-077e-4d68-b057-5513160cf4bc"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/316e89d866d5c710530c2103f183d86c31e9a90d55e2ebc2dda94f112f3bdb6d/analysis/1549438179/",
"category": "External analysis",
"uuid": "35d61a8c-b90f-4cf7-8522-dad5063232b1"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "56/71",
"category": "Other",
"uuid": "003a8d66-7d97-4e4b-a280-63db1baa318d"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--26b9c4a9-d9ba-4e22-b6f1-598839f9f6cf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:04.000Z",
"modified": "2019-02-13T15:29:04.000Z",
"pattern": "[file:hashes.MD5 = '779dbb88e037a6ecc8ab352961dbb028' AND file:hashes.SHA1 = '36d6cc4c0f6c3a1910114edc3729849897b5a799' AND file:hashes.SHA256 = '58a7670111087243516b601c5f070f7de0db5411febe0a878783fdc17c969a59']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--2eb53dc0-f967-43f8-92b7-f9e9b38e55a6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:04.000Z",
"modified": "2019-02-13T15:29:04.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-05T21:35:35",
"category": "Other",
"uuid": "ea534ec1-c9ac-4db9-95c8-1019407301c6"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/58a7670111087243516b601c5f070f7de0db5411febe0a878783fdc17c969a59/analysis/1549402535/",
"category": "External analysis",
"uuid": "f85e1632-fe67-461d-b2ee-894affbfec11"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "45/71",
"category": "Other",
"uuid": "a32a4a13-9aab-491f-b8bf-86e4595b4c14"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5cda82c1-3195-4326-9b01-4344c53bf9d7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:04.000Z",
"modified": "2019-02-13T15:29:04.000Z",
"pattern": "[file:hashes.MD5 = '07abd6583295061eac2435ae470eff78' AND file:hashes.SHA1 = '16d0795e4864f67acbb1ae2ce76eb16445dae4b5' AND file:hashes.SHA256 = 'efa0b414a831cbf724d1c67808b7483dec22a981ae670947793d114048f88057']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-02-13T15:29:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--16fa906e-3189-4edc-9f49-3c63f85f8a7d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-02-13T15:29:04.000Z",
"modified": "2019-02-13T15:29:04.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-02-06T07:29:40",
"category": "Other",
"uuid": "d934f25a-ebda-4fdc-94ba-68f1c13cb9bc"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/efa0b414a831cbf724d1c67808b7483dec22a981ae670947793d114048f88057/analysis/1549438180/",
"category": "External analysis",
"uuid": "9c92b873-8ca8-4558-acd3-ddca03e52ea7"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "46/71",
"category": "Other",
"uuid": "23a6d93a-4234-4420-8fc7-7c911fbbe6ed"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--532cc70f-3290-48fc-90d1-2275deb0c222",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:04.000Z",
"modified": "2019-02-13T15:29:04.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--fff0be4e-54e6-4038-9206-d96c4555c4c9",
"target_ref": "x-misp-object--4388bfdc-4a4f-4aa9-a13e-17a52cf22b1d"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--9c62eace-ee8c-41de-bd7c-d4cbdfdb1123",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:04.000Z",
"modified": "2019-02-13T15:29:04.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--b7a0faf2-29c2-4381-9f63-3213e5b3da9a",
"target_ref": "x-misp-object--69735e3c-864c-481c-86c6-8ec4d4448846"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--7d41d4f0-7ef1-491b-ace4-babe29e98529",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:04.000Z",
"modified": "2019-02-13T15:29:04.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--f5804577-702b-4a53-88ad-6abb13449e9a",
"target_ref": "x-misp-object--de76a10e-ceac-41ce-8652-97d241f784b5"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--96146aab-b383-48d7-9698-2cbd9b978bc8",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:04.000Z",
"modified": "2019-02-13T15:29:04.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--647b65ec-7d73-44c2-ae8c-ab080fed65b1",
"target_ref": "x-misp-object--a5f29727-ac0d-4247-8f78-e0aa5f9e3c88"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--2dc3b2c4-7649-44f0-8fcb-2ad24d90f3b4",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:04.000Z",
"modified": "2019-02-13T15:29:04.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--2c29f3e1-f127-4fdd-8999-22bcaf281992",
"target_ref": "x-misp-object--3c46a337-6781-4bed-9c3e-68bb50ab8ea8"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--3c9391d3-4d23-4307-b869-b56aaea6c940",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:04.000Z",
"modified": "2019-02-13T15:29:04.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--50aa4cdb-2585-48a6-99e0-7f713f06a229",
"target_ref": "x-misp-object--c9e089d2-332e-48f3-a1d2-7e11e76aeb74"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--26986394-c525-42dc-9f2f-192832be0462",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:04.000Z",
"modified": "2019-02-13T15:29:04.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--17c3d31b-5f83-43ec-92ae-ffcd23c61a27",
"target_ref": "x-misp-object--85ea176d-de1e-497a-9837-b666e7074bd6"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--df7a2ab9-3c7f-4a39-954f-90edfb0a43ae",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:05.000Z",
"modified": "2019-02-13T15:29:05.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--7c6961ca-5d99-4cbd-8948-439c050dc9d4",
"target_ref": "x-misp-object--e40aa0c7-8063-4ec7-8eaa-5d4e0934112f"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--dda51c2d-c42a-4f80-9647-ac01416e3b20",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:05.000Z",
"modified": "2019-02-13T15:29:05.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--b400f7d4-a844-43f8-9f6f-15670fa2c4c0",
"target_ref": "x-misp-object--e48e0d6e-d612-426b-9c63-b420a90ae5a8"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--cd7e6351-7fdf-4b31-8e4a-d239ca5bc973",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:05.000Z",
"modified": "2019-02-13T15:29:05.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--01386435-635f-478b-9f3a-f50d1bedddcb",
"target_ref": "x-misp-object--893fd05b-7ae9-400c-967a-7b9354ba2cd0"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--1bfeb633-82d9-449a-a9a5-9184bbc40985",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:05.000Z",
"modified": "2019-02-13T15:29:05.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--48e70434-5c21-4be1-bc1f-b780b4d207b9",
"target_ref": "x-misp-object--d89a842f-a120-486c-9712-30971d8b25b8"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--4db4968a-ea0a-4146-b197-e8901ca35bc4",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:05.000Z",
"modified": "2019-02-13T15:29:05.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--cffa2b73-f39b-49e0-9824-745f68f99e49",
"target_ref": "x-misp-object--1624a039-f336-4b35-b1ad-89e032e4be42"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--907b3a67-a485-40dd-8fad-1734337e90d5",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:05.000Z",
"modified": "2019-02-13T15:29:05.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--f94110e1-dc59-4311-85d2-4e9c846925cf",
"target_ref": "x-misp-object--7760b61a-dbbd-4033-80e1-16e65ec75734"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--325c88a9-2527-41c0-a98a-4cce6c8da4ad",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:05.000Z",
"modified": "2019-02-13T15:29:05.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--9781a7d0-f1fd-464b-a4a8-8be4779e3ee7",
"target_ref": "x-misp-object--ee47025e-eee5-4c8e-b1c2-9edf4ac1d336"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--a8ee503b-932a-4577-b23f-a537b4153f93",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:05.000Z",
"modified": "2019-02-13T15:29:05.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--7380e51e-2b4e-408d-82ce-cf5723eb13ae",
"target_ref": "x-misp-object--fd727e71-50a5-4910-936a-acbe15fd53de"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--77bd1223-4e4e-49de-921e-6086a959a39f",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:05.000Z",
"modified": "2019-02-13T15:29:05.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--b0e7f22f-e9d8-4e64-921f-bf6cf386541f",
"target_ref": "x-misp-object--f8340e59-acb0-48f3-b89c-80679d3caf99"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--523021f4-13fb-4564-9621-33b809a69837",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:05.000Z",
"modified": "2019-02-13T15:29:05.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--8fa037cb-2f4c-434d-b4d3-9c6475d6bac1",
"target_ref": "x-misp-object--79543532-9364-4fed-a47e-bc13a4d0b09f"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--5dcb393b-0904-4add-93a5-8cb3387593b3",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:05.000Z",
"modified": "2019-02-13T15:29:05.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--3dd0a7e3-1359-4772-95d0-5b81e80dcaab",
"target_ref": "x-misp-object--afe244a1-f7bc-49eb-af7f-b5220e9ddaaa"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--11c6b66d-1498-4c3a-8e0b-a9b9242a3dda",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:05.000Z",
"modified": "2019-02-13T15:29:05.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--0891a364-b5f4-42c4-8f6d-5337c9be52d1",
"target_ref": "x-misp-object--2ebd5019-694e-44b0-b895-429aa15e4811"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--766dfcf6-552c-402b-a289-bbb0a518b519",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:05.000Z",
"modified": "2019-02-13T15:29:05.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--1c9a6b81-aa9c-4d3b-b227-42003244cffb",
"target_ref": "x-misp-object--15cb12ce-e005-4be5-9482-a583f0e50b0b"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--8767dbca-19ed-42ff-9d5b-e9695fd0817d",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:05.000Z",
"modified": "2019-02-13T15:29:05.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--62d4ceec-e814-474e-a6e3-9e68c084cae0",
"target_ref": "x-misp-object--d2855be4-6ebb-47c2-ad86-741165666fa4"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--a02b1989-4e68-46e2-8261-8f0007a2b2b3",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:05.000Z",
"modified": "2019-02-13T15:29:05.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--381d8ded-55ae-4efb-81cd-35ef6efcc504",
"target_ref": "x-misp-object--099e9c1a-b7d6-4426-a115-27e85ccb8fa7"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--90f3372f-2a3d-4eb6-b9a9-d58ee944f50f",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:05.000Z",
"modified": "2019-02-13T15:29:05.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--05595d72-593e-4946-9dc5-24b30515dfce",
"target_ref": "x-misp-object--7d69e219-7501-4077-8921-48919763f43d"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--825277e7-d187-4467-8b62-322bcb95d1e1",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:05.000Z",
"modified": "2019-02-13T15:29:05.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--639cd46d-5965-4159-9bce-9d3d7274fbe1",
"target_ref": "x-misp-object--8906dc4a-8002-4d0d-9074-dd9b2ba7b5f1"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--16cd31a9-db1f-4aa3-9a26-07b446af5629",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:06.000Z",
"modified": "2019-02-13T15:29:06.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--fc256f20-e734-4e11-81a2-bb8ad2dcdfd9",
"target_ref": "x-misp-object--694806d8-22b7-4b09-ac37-4779a7fbc35b"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--b84c8c80-f8f7-499f-b8be-390b1bbd2eb7",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:06.000Z",
"modified": "2019-02-13T15:29:06.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--bccc82fd-3774-48e4-be42-098ea820115d",
"target_ref": "x-misp-object--28c83e23-4c7f-4e8d-ada2-8e03d74fa173"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--8e7439c3-cd1b-4351-bf1d-a31ea1d781e0",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:06.000Z",
"modified": "2019-02-13T15:29:06.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--288bfa31-7ccd-4d93-989c-9df70ff90f9b",
"target_ref": "x-misp-object--93bd8a81-3995-4312-90d9-68acac259128"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--0e4e4722-cc19-480b-8f9f-1ce468ef93ed",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:06.000Z",
"modified": "2019-02-13T15:29:06.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--8f353d3b-5d07-4e5a-99c5-a2519d203b3c",
"target_ref": "x-misp-object--951ddcdd-17e2-4a56-b66d-c921d543bf26"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--ffcd6ec9-db5d-422f-9c44-217bdf2adbd3",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:06.000Z",
"modified": "2019-02-13T15:29:06.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--2d8c066c-87d3-4e7c-9bf0-cb14a2613f8b",
"target_ref": "x-misp-object--cf4e8ce1-02a5-4756-aa73-f0808d26e893"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--944dfa7c-f2a6-4a7f-aba4-840e3d9ba9d3",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:06.000Z",
"modified": "2019-02-13T15:29:06.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--d7bca1e4-52c3-4c73-a770-55e812483901",
"target_ref": "x-misp-object--21d925a3-f03d-4337-85b0-daf30580a4e2"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--4b048f23-d760-4697-852f-32e4be231a6d",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:06.000Z",
"modified": "2019-02-13T15:29:06.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--70d7c48c-f319-47bf-9c32-d4c986192b09",
"target_ref": "x-misp-object--695318d6-bc08-4cd2-833f-432f371f64f1"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--b9050abd-7f33-45fb-b1f2-b3168199191d",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:06.000Z",
"modified": "2019-02-13T15:29:06.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--276c87a6-444b-4cfc-b4fb-840824cfdaf4",
"target_ref": "x-misp-object--2229647e-bb62-4241-8c89-9d0a1e41872b"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--51539d21-3118-43dd-846e-d987d7ef4b0d",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:06.000Z",
"modified": "2019-02-13T15:29:06.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--c29a6db8-e2d9-43dc-a547-d82ac940180d",
"target_ref": "x-misp-object--2e73b918-dd7f-46ab-9c10-0b792ab16ac8"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--1f534d62-a6cb-44c9-b897-6e50a8425cbf",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:06.000Z",
"modified": "2019-02-13T15:29:06.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--628b2c40-a54a-479d-8222-5ef217c3a617",
"target_ref": "x-misp-object--b7e45e34-229c-491f-b32a-377671af7a35"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--e3d223a8-8022-450f-9d8b-684a4d8c46d5",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:06.000Z",
"modified": "2019-02-13T15:29:06.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--be7f953d-6b2e-4b1c-87ca-9240177cedaa",
"target_ref": "x-misp-object--de27e053-4806-489a-9cea-38e966b43179"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--d7dd35c7-dca1-48ed-8edb-af6b90b68c42",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:06.000Z",
"modified": "2019-02-13T15:29:06.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--4151d80d-b8d4-4aca-9def-86eb3b109026",
"target_ref": "x-misp-object--da2752ec-c5ed-45fc-828b-543b59dbd0ee"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--010989f3-94b4-4efb-8c6c-b0b8b1854e47",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:06.000Z",
"modified": "2019-02-13T15:29:06.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--09630c42-c5ed-4979-8225-c764eacedfd1",
"target_ref": "x-misp-object--d404c92b-1a0d-444c-86c0-02d7ae47edbe"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--9752b070-3a96-44d1-922b-ace4a1e664e3",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:06.000Z",
"modified": "2019-02-13T15:29:06.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--2c72a63b-8fc4-4126-be30-f07edeeb2be0",
"target_ref": "x-misp-object--d898f1fd-3317-4ba1-8219-8b965c69ede0"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--3d438b78-85bd-4d5c-afbb-66e4fdd98c86",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:06.000Z",
"modified": "2019-02-13T15:29:06.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--8f41ad1e-f4a3-4c32-beda-e7ee3ea8d52f",
"target_ref": "x-misp-object--b3a4c9be-5327-4083-8eb2-65484063def0"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--02a1e4b2-f5ee-40c9-90ae-c82b30c885d4",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:06.000Z",
"modified": "2019-02-13T15:29:06.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--26b9c4a9-d9ba-4e22-b6f1-598839f9f6cf",
"target_ref": "x-misp-object--2eb53dc0-f967-43f8-92b7-f9e9b38e55a6"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--71360366-f4d5-4cf6-9ccd-354a243c5fea",
2023-06-14 17:31:25 +00:00
"created": "2019-02-13T15:29:06.000Z",
"modified": "2019-02-13T15:29:06.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--5cda82c1-3195-4326-9b01-4344c53bf9d7",
"target_ref": "x-misp-object--16fa906e-3189-4edc-9f49-3c63f85f8a7d"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
2023-04-21 13:25:09 +00:00
]
}