misp-circl-feed/feeds/circl/misp/5d108ff9-9c70-4fbe-932d-acd8950d210f.json

423 lines
1.6 MiB
JSON
Raw Normal View History

2023-04-21 13:25:09 +00:00
{
2023-06-14 17:31:25 +00:00
"type": "bundle",
"id": "bundle--5d108ff9-9c70-4fbe-932d-acd8950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-24T09:48:40.000Z",
"modified": "2019-06-24T09:48:40.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5d108ff9-9c70-4fbe-932d-acd8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-24T09:48:40.000Z",
"modified": "2019-06-24T09:48:40.000Z",
"name": "Information stealer malware via fake malicious document as \"University of Luxembourg\"",
"published": "2019-06-24T09:59:17Z",
"object_refs": [
"indicator--5d109010-3b60-4276-83cf-485a950d210f",
"indicator--5d109011-e08c-408a-83a6-4467950d210f",
"observed-data--5d1090bf-b54c-4508-b9ae-f19b950d210f",
"file--5d1090bf-b54c-4508-b9ae-f19b950d210f",
"artifact--5d1090bf-b54c-4508-b9ae-f19b950d210f",
"observed-data--5d109146-9ef4-4c7c-a4e5-1398950d210f",
"file--5d109146-9ef4-4c7c-a4e5-1398950d210f",
"artifact--5d109146-9ef4-4c7c-a4e5-1398950d210f",
"indicator--5d109290-c340-41bc-a519-225e950d210f",
"indicator--5d109299-8430-4cfa-ae74-225e950d210f",
"indicator--5d1092a0-eabc-45ed-b86b-225e950d210f",
"indicator--5d109035-0558-4547-bb37-4b1d950d210f",
"indicator--5d109086-8630-41fd-be51-4867950d210f",
"x-misp-object--82e82c45-cee3-4d0b-bcd5-445021615dcf",
"x-misp-object--06a06fa2-3b56-4455-89e0-8abfa77ffac9",
"vulnerability--5d109bff-e5cc-4732-8eac-4dcd950d210f",
2023-12-14 13:47:04 +00:00
"relationship--c4a5a428-5ea6-4033-b71e-e93366539c31",
"relationship--b22a0239-4eef-45bd-b9c9-8014ee9fad24",
"relationship--05e65bff-527a-478e-b8c8-e1b494463fe8"
2023-06-14 17:31:25 +00:00
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d109010-3b60-4276-83cf-485a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-24T08:55:44.000Z",
"modified": "2019-06-24T08:55:44.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.210.146.35']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-06-24T08:55:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d109011-e08c-408a-83a6-4467950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-24T08:55:45.000Z",
"modified": "2019-06-24T08:55:45.000Z",
"pattern": "[url:value = 'http://192.210.146.35/vbc.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-06-24T08:55:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5d1090bf-b54c-4508-b9ae-f19b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-24T09:00:01.000Z",
"modified": "2019-06-24T09:00:01.000Z",
"first_observed": "2019-06-24T09:00:01Z",
"last_observed": "2019-06-24T09:00:01Z",
"number_observed": 1,
"object_refs": [
"file--5d1090bf-b54c-4508-b9ae-f19b950d210f",
"artifact--5d1090bf-b54c-4508-b9ae-f19b950d210f"
],
"labels": [
"misp:type=\"attachment\"",
"misp:category=\"Payload delivery\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--5d1090bf-b54c-4508-b9ae-f19b950d210f",
"name": "Screenshot 2019-06-24 at 10.58.10.png",
"content_ref": "artifact--5d1090bf-b54c-4508-b9ae-f19b950d210f"
},
{
"type": "artifact",
"spec_version": "2.1",
"id": "artifact--5d1090bf-b54c-4508-b9ae-f19b950d210f",
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAACNgAAAcaCAYAAACqZE2ZAAAMSGlDQ1BJQ0MgUHJvZmlsZQAASImVVwdYU8kWnltSSWiBCEgJvYlSpEsJoUUQkCrYCEkgocSYEETsyLIKrl1EwIauiii6FkDWirrWRbG7lociKsq6WLCh8iYFdN3vvfe9831z758z5/ynZO7cOwDo1PCk0lxUF4A8Sb4sPiKENSE1jUXqBERgBEjABjjz+HIpOy4uGkAZvP9d3t4AiPJ+1UXJ9c/5/yp6AqGcDwASB3GGQM7Pg/gAAHgJXyrLB4DoA/XWM/KlSjwJYgMZTBBiqRJnqXGJEmeocaXKJjGeA/EuAMg0Hk+WBYB2M9SzCvhZkEf7FsSuEoFYAoAOGeJAvogngDgS4hF5edOUGNoBh4xveLL+xpkxxMnjZQ1hdS0qIYeK5dJc3sz/sx3/W/JyFYMx7OCgiWSR8cqaYd9u5UyLUmIaxD2SjJhYiPUhfi8WqOwhRqkiRWSS2h415cs5sGeACbGrgBcaBbEpxOGS3JhojT4jUxzOhRiuELRQnM9N1PguEsrDEjScNbJp8bGDOFPGYWt8G3gyVVyl/SlFThJbw39LJOQO8r8pEiWmqHPGqAXi5BiItSFmynMSotQ2mE2RiBMzaCNTxCvzt4HYTyiJCFHzY1MyZeHxGntZnnywXmyRSMyN0eCqfFFipIZnF5+nyt8I4mahhJ00yCOUT4gerEUgDA1T145dFkqSNPViHdL8kHiN7ytpbpzGHqcKcyOUeiuITeUFCRpfPDAfLkg1Px4jzY9LVOeJZ2Tzxsap88ELQTTggFDAAgo4MsA0kA3EbT1NPfCXeiYc8IAMZAEhcNFoBj1SVDMSeE0AReBPiIRAPuQXopoVggKo/zykVV9dQKZqtkDlkQMeQ5wHokAu/K1QeUmGoiWDR1Aj/kd0Psw1Fw7l3D91bKiJ1mgUg7wsnUFLYhgxlBhJDCc64iZ4IO6PR8NrMBzuuA/uO5jtV3vCY0I74SHhOqGDcHuquFj2XT0sMA50wAjhmpozvq0Zt4OsnngIHgD5ITfOxE2ACz4aRmLjQTC2J9RyNJkrq/+e+281fNN1jR3FlYJShlGCKQ7fe2o7aXsOsSh7+m2H1LlmDPWVMzTzfXzON50WwHvU95bYImw/dgY7gZ3DDmNNgIUdw5qxi9gRJR5aRY9Uq2gwWrwqnxzII/5HPJ4mprKTctd6127XT+q5fGGhcn8EnGnSmTJxliifxYY7v5DFlfBHjmC5u7r5AqB8j6i3qddM1fsBYZ7/qisuACDAcWBg4PBXXTT0OgD3UWr3V50D3OO0LQA4u4ivkBWodbjyQgBUoAOfKGNgDqyBA6zHHXgBfxAMwsBYEAsSQSqYArssgutZBmaA2WABKAXlYDlYA6rARrAF7AC7wT7QBA6DE+A3cAFcBtfBHbh6usBz0Avegn4EQUgIHWEgxogFYos4I+6IDxKIhCHRSDySiqQjWYgEUSCzkYVIObISqUI2I3XIL8gh5ARyDmlHbiMPkG7kFfIRxVAaaoCaoXboKNQHZaNRaCI6Gc1Cp6NFaAm6FK1Ea9FdaCN6Ar2AXkc70OdoHwYwLYyJWWIumA/GwWKxNCwTk2FzsTKsAqvFGrAW+D9fxTqwHuwDTsQZOAt3gSs4Ek/C+fh0fC6+BK/Cd+CN+Cn8Kv4A78W/EOgEU4IzwY/AJUwgZBFmEEoJFYRthIOE0/Bp6iK8JRKJTKI90Rs+janEbOIs4hLieuIe4nFiO7GT2EcikYxJzqQAUiyJR8onlZLWkXaRjpGukLpI78laZAuyOzmcnEaWkIvJFeSd5KPkK+Qn5H6KLsWW4keJpQgoMynLKFspLZRLlC5KP1WPak8NoCZSs6kLqJXUBupp6l3qay0tLSstX63xWmKt+VqVWnu1zmo90PpA06c50Ti0STQFbSltO+047TbtNZ1Ot6MH09Po+fSl9Dr6Sfp9+ntthvZIba62QHuedrV2o/YV7Rc6FB1bHbbOFJ0inQqd/TqXdHp0Kbp2uhxdnu5c3WrdQ7o3dfv0GHpuerF6eXpL9HbqndN7qk/St9MP0xfol+hv0T+p38nAGNYMDoPPWMjYyjjN6DIgGtgbcA2yDcoNdhu0GfQa6huONkw2LDSsNjxi2MHEmHZMLjOXuYy5j3mD+XGY2TD2MOGwxcMahl0Z9s5ouFGwkdCozGiP0XWjj8Ys4zDjHOMVxk3G90xwEyeT8SYzTDaYnDbpGW4w3H84f3jZ8H3D/zBFTZ1M401nmW4xvWjaZ2ZuFmEmNVtndtKsx5xpHmyebb7a/Kh5twXDItBCbLHa4pjFM5Yhi83KZVWyTrF6LU0tIy0Vlpst2yz7reytkqyKrfZY3bOmWvtYZ1qvtm617rWxsBlnM9um3uYPW4qtj63Idq3tGdt3dvZ2KXY/2jXZPbU3sufaF9nX2991oDsEOUx3qHW45kh09HHMcVzveNkJdfJ0EjlVO11yRp29nMXO653bRxBG+I6QjKgdcdOF5sJ2KXCpd3kwkjkyemTxyKaRL0bZjEobtWLUmVFfXD1dc123ut5x03cb61bs1uL2yt3Jne9e7X7Ng+4R7jHPo9nj5Wjn0cLRG0bf8mR4jvP80bPV87OXt5fMq8Gr29vGO927xvumj4FPnM8Sn7O+BN8Q33m+h30/+Hn55fvt8/vL38U/x3+n/9Mx9mOEY7aO6QywCuAFbA7oCGQFpgduCuwIsgziBdUGPQy2DhYEbwt+wnZkZ7N3sV+EuIbIQg6GvOP4ceZwjodioRGhZaFtYfphSWFVYffDrcKzwuvDeyM8I2ZFHI8kREZFroi8yTXj8rl13N6x3mPnjD0VRYtKiKqKehjtFC2LbhmHjhs7btW4uzG2MZKYplgQy41dFXsvzj5uetyv44nj48ZXj38c7xY/O/5MAiNhasLOhLeJIYnLEu8kOSQpklqTdZInJdclv0sJTVmZ0jFh1IQ5Ey6kmqSKU5vTSGnJadvS+iaGTVwzsWuS56TSSTcm208unHxuismU3ClHpupM5U3dn05IT0nfmf6JF8ur5fVlcDNqMnr5HP5a/nNBsGC1oFsYIFwpfJIZkLky82lWQNaqrG5RkKhC1CPmiKvEL7Mjszdmv8uJzdmeM5Cbkrsnj5yXnndIoi/JkZyaZj6tcFq71FlaKu2Y7jd9zfReWZRsmxyRT5Y35xvAD/aLCgfFD4oHBYEF1QXvZyTP2F+oVygpvDjTaebimU+Kwot+noXP4s9qnW05e8HsB3PYczbPReZmzG2dZz2vZF7X/Ij5OxZQF+Qs+L3YtXhl8ZuFKQtbSsxK5pd0/hDxQ32pdqms9OaP/j9uXIQvEi9qW+yxeN3iL2WCsvPlruUV5Z+W8Jec/8ntp8qfBpZmLm1b5rVsw3LicsnyGyuCVuxYqbeyaGXnqnGrGlezVpetfrNm6ppzFaMrNq6lrlWs7aiMrmxeZ7Nu+bpPVaKq69Uh1XtqTGsW17xbL1h/ZUPwhoaNZhvLN37cJN50a3PE5sZau9qKLcQtBVseb03eeuZnn5/rtplsK9/2ebtke8eO+B2n6rzr6naa7lxWj9Yr6rt3Tdp1eXfo7uYGl4bNe5h7yveCvYq9z35J/+XGvqh9rft99jccsD1Qc5BxsKwRaZzZ2NskaupoTm1uPzT2UGuLf8vBX0f+uv2w5eHqI4ZHlh2lHi05OnCs6FjfcenxnhNZJzpbp7beOTnh5LVT40+1nY46ffa38N9OnmGfOXY24Ozhc37nDp33Od90wetC40XPiwd/9/z9YJtXW+Ml70vNl30vt7SPaT96JejKiauhV3+7xr124XrM9fYbSTdu3Zx0s+OW4NbT27m3X/5R8Ef/nfl3CXfL7uneq7hver/2X47/2tPh1XHkQeiDiw8THt7p5Hc+fyR/9Kmr5DH9ccUTiyd1T92fHu4O7778bOKzrufS5/09pX/q/VnzwuHFgb+C/7rYO6G366Xs5cCrJa+NX29/M/pNa19c3/23eW/735W9N36/44PPhzMfUz4+6Z/xifSp8rPj55YvUV/
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5d109146-9ef4-4c7c-a4e5-1398950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-24T09:07:39.000Z",
"modified": "2019-06-24T09:07:39.000Z",
"first_observed": "2019-06-24T09:07:39Z",
"last_observed": "2019-06-24T09:07:39Z",
"number_observed": 1,
"object_refs": [
"file--5d109146-9ef4-4c7c-a4e5-1398950d210f",
"artifact--5d109146-9ef4-4c7c-a4e5-1398950d210f"
],
"labels": [
"misp:type=\"attachment\"",
"misp:category=\"External analysis\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--5d109146-9ef4-4c7c-a4e5-1398950d210f",
"name": "Screenshot 2019-06-24 at 10.52.49.png",
"content_ref": "artifact--5d109146-9ef4-4c7c-a4e5-1398950d210f"
},
{
"type": "artifact",
"spec_version": "2.1",
"id": "artifact--5d109146-9ef4-4c7c-a4e5-1398950d210f",
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAAA+wAAANtCAYAAAAKNfH1AAAKwmlDQ1BJQ0MgUHJvZmlsZQAASImVlwdUk9kSgO//pzdaINIJvQlSBAJICT106WAjJIGEEmNCELAjiytYEREBRdEFEQXXAogdC7ZFsQDWDbKIqKtYEBWV9wOPsPveee+dN+fMuV8mc2fm3nPnnPkBoODZIlE6rARAhjBTHOHvRY+LT6Dj+gAWUAAOGAFDNkciYoaHBwNEpta/y6cuAI2vd63GY/37//9VlLk8CQcAKBzhJK6Ek4HwcUTfcETiTABQ+xG74dJM0ThfRVhVjBSI8ONxTpnkoXFOmmA0esInKsIbYXUA8GQ2W5wCANkIsdOzOClIHLIPwjZCrkCIMPIbuHP4bC7CSF4wMyNj8TjLEDZL+kuclL/FTJLHZLNT5Dx5lgnB+wgkonR2zv95Hf9bMtKlUzlMECXzxQERyEpD7qwnbXGQnIVJoWFTLOBO+E8wXxoQPcUciXfCFHPZPkHyvemhwVOcLPBjyeNksqKmmCfxjZxi8eIIea5ksTdzitni6bzStGi5nc9jyePn8qNipzhLEBM6xZK0yKBpH2+5XSyNkNfPE/p7Tef1k589Q/KX8wpY8r2Z/KgA+dnZ0/XzhMzpmJI4eW1cno/vtE+03F+U6SXPJUoPl/vz0v3ldklWpHxvJvIgp/eGy+8wlR0YPsUgHASAYEAHXsAHhAB7YAecgA0Ambzs8TcKvBeLcsSCFH4mnYl0GY/OEnKsZ9LtbGydARjv2ckn8aFnohchGn7aJnoLAANRKHnalqQFwKmFSPttnbYZ3gCAdAyA844cqThr0jbeTgADiEARqAINoAsMgRmwQmpzBK7AE/iCQBAGokA8WAg4gA8ygBgsBcvBGlAAisAWsB2UgyqwDxwAh8FR0AxOgwvgCrgBboP74BGQgX7wCgyBT2AUgiAcRIGokAakBxlDlpAdxIDcIV8oGIqA4qFEKAUSQlJoObQWKoKKoXJoL1QH/QqdhC5A16BO6AHUCw1C76GvMAomw6qwDmwCz4IZMBMOgqPgBXAKvATOhfPhTXAZXA0fgpvgC/AN+D4sg1/BwyiAIqFoKH2UFYqB8kaFoRJQySgxaiWqEFWKqkY1oFpR7ai7KBnqNeoLGoumouloK7QrOgAdjeagl6BXojegy9EH0E3oS+i76F70EPoHhoLRxlhiXDAsTBwmBbMUU4ApxdRgTmAuY+5j+jGfsFgsDWuKdcIGYOOxqdhl2A3YXdhG7HlsJ7YPO4zD4TRwljg3XBiOjcvEFeB24g7hzuHu4Ppxn/EkvB7eDu+HT8AL8Xn4UvxB/Fn8HfwAfpSgRDAmuBDCCFxCDmEzYT+hlXCL0E8YJSoTTYluxChiKnENsYzYQLxMfEz8QCKRDEjOpLkkAWk1qYx0hHSV1Ev6QlYhW5C9yfPJUvImci35PPkB+QOFQjGheFISKJmUTZQ6ykXKU8pnBaqCtQJLgauwSqFCoUnhjsIbRYKisSJTcaFirmKp4jHFW4qvlQhKJkreSmyllUoVSieVupWGlanKtsphyhnKG5QPKl9TfqGCUzFR8VXhquSr7FO5qNJHRVENqd5UDnUtdT/1MrVfFatqqspSTVUtUj2s2qE6pKaiNlstRi1brULtjJqMhqKZ0Fi0dNpm2lFaF+3rDJ0ZzBm8GetnNMy4M2NEXUvdU52nXqjeqH5f/asGXcNXI01jq0azxhNNtKaF5lzNpZq7NS9rvtZS1XLV4mgVah3VeqgNa1toR2gv096nfVN7WEdXx19HpLNT56LOa12arqduqm6J7lndQT2qnrueQK9E75zeS7oanUlPp5fRL9GH9LX1A/Sl+nv1O/RHDUwNog3yDBoNnhgSDRmGyYYlhm2GQ0Z6RiFGy43qjR4aE4wZxnzjHcbtxiMmpiaxJutMmk1emKqbskxzTetNH5tRzDzMlphVm90zx5ozzNPMd5nftoAtHCz4FhUWtyxhS0dLgeUuy86ZmJnOM4Uzq2d2W5GtmFZZVvVWvdY062DrPOtm6zezjGYlzNo6q33WDxsHm3Sb/TaPbFVsA23zbFtt39tZ2HHsKuzu2VPs/exX2bfYv5ttOZs3e/fsHgeqQ4jDOoc2h++OTo5ixwbHQScjp0SnSqduhiojnLGBcdUZ4+zlvMr5tPMXF0eXTJejLm9drVzTXA+6vphjOoc3Z/+cPjcDN7bbXjeZO9090X2Pu8xD34PtUe3xzNPQk+tZ4znANGemMg8x33jZeIm9TniNeLt4r/A+74Py8fcp9OnwVfGN9i33fepn4JfiV+835O/gv8z/fAAmIChga0A3S4fFYdWxhgKdAlcEXgoiB0UGlQc9C7YIFge3hsAhgSHbQh6HGocKQ5vDQBgrbFvYk3DT8CXhp+Zi54bPrZj7PMI2YnlEeyQ1clHkwchPUV5Rm6MeRZtFS6PbYhRj5sfUxYzE+sQWx8riZsWtiLsRrxkviG9JwCXEJNQkDM/znbd9Xv98h/kF87sWmC7IXnBtoebC9IVnFikuYi86lohJjE08mPiNHcauZg8nsZIqk4Y43pwdnFdcT24Jd5DnxivmDSS7JRcnv0hxS9mWMsj34JfyXwu8BeWCd6kBqVWpI2lhabVpY+mx6Y0Z+IzEjJNCFWGa8NJi3cXZiztFlqICkWyJy5LtS4bEQeIaCSRZIGnJVEWGo5tSM+lP0t4s96yKrM9LY5Yey1bOFmbfzLHIWZ8zkOuX+8sy9DLOsrbl+svXLO9dwVyxdyW0Mmll2yrDVfmr+lf7rz6whrgmbc1veTZ5xXkf18aubc3XyV+d3/eT/0/1BQoF4oLuda7rqn5G/yz4uWO9/fqd638UcguvF9kUlRZ928DZcH2j7cayjWObkjd1bHbcvHsLdotwS9dWj60HipWLc4v7toVsayqhlxSWfNy+aPu10tmlVTuIO6Q7ZGXBZS07jXZu2fmtnF9+v8KrorFSu3J95cgu7q47uz13N1TpVBVVfd0j2NOz139vU7VJdek+7L6sfc/3x+xv/4XxS12NZk1RzfdaYa3sQMSBS3VOdXUHtQ9urofrpfWDh+Yfun3Y53BLg1XD3kZaY9ERcER65OWvib92HQ062naMcazhuPHxyhPUE4VNUFNO01Azv1nWEt/SeTLwZFura+uJU9anak/rn644o3Zm81ni2fyzY+dyzw2fF51/fSHlQl/borZHF+Mu3rs091LH5aDLV6/4XbnYzmw/d9Xt6ulrLtdOXmdcb77heKPppsPNE785/Haiw7Gj6ZbTrZbbzrdbO+d0nr3jcefCXZ+7V+6x7t24H3q/syu6q6d7fresh9vz4kH6g3cPsx6OPlr9GPO48InSk9Kn2k+rfzf/vVHmKDvT69N781nks0d9nL5Xf0j++Naf/5zyvHRAb6Duhd2L04N+g7dfznvZ/0r0avR1wZ/Kf1a+MXtz/K3n25tDcUP978Tvxt5v+KDxofbj7I9tw+HDTz9lfBodKfys8fnAF8aX9q+xXwdGl37DfSv7bv699UfQj8djGWNjIraYPTEKoBCFk5MBeF8LACUeAOptAIjzJmfqCYEmvwMmCPwnnpy7J8QRgNrVAER7AjA+ou1BVmNEyQiHI2uUJ4Dt7eX6T5Ek29tNxiI1I6NJ6djYB2R+xJkD8L17bGy0eWzsew1S7ENkjvk0OcuPCxMJih9ANuHvbRwB/yr/AEDBD6MC23hEAAABnmlUWHRYTUw6Y29tLmFkb2JlLnhtcAAAAAAAPHg6eG1wbWV0YSB4bWxuczp4PSJhZG9iZTpuczptZXRhLyIgeDp4bXB0az0iWE1QIENvcmUgNS40LjAiPgogICA8cmRmOlJERiB4bWxuczpyZGY9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkvMDIvMjItcmRmLXN5bnRheC1ucyMiPgogICAgICA8cmRmOkRlc2NyaXB0aW9uIHJkZjphYm91dD0iIgogICAgICAgICAgICB4bWxuczpleGlmPSJodHRwOi8vbnMuYWRvYmUuY29tL2V4aWYvMS4wLyI
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d109290-c340-41bc-a519-225e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-24T09:06:24.000Z",
"modified": "2019-06-24T09:06:24.000Z",
"description": "C&C",
"pattern": "[domain-name:value = 'tikonainternetservices.co.in']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-06-24T09:06:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d109299-8430-4cfa-ae74-225e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-24T09:06:33.000Z",
"modified": "2019-06-24T09:06:33.000Z",
"description": "C&C",
"pattern": "[url:value = 'http://tikonainternetservices.co.in/assets/img/png/evif/fre.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-06-24T09:06:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d1092a0-eabc-45ed-b86b-225e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-24T09:06:40.000Z",
"modified": "2019-06-24T09:06:40.000Z",
"description": "C&C",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.195.185.115']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-06-24T09:06:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d109035-0558-4547-bb37-4b1d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-24T09:40:39.000Z",
"modified": "2019-06-24T09:40:39.000Z",
"description": "stage 2 ",
"pattern": "[file:hashes.MD5 = '8989672db4d283f6c8e5b97eda426ef4' AND file:hashes.SHA1 = '7cae4abd0b632e822d3163bf62435e658cab76c4' AND file:hashes.SHA256 = 'c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3' AND file:name = 'vbc.exe' AND file:size = '892928' AND (file:content_ref.payload_bin = 'UEsDBBQACQAIAAtH2E4Ud94GjrkCAACgDQAgABwAODk4OTY3MmRiNGQyODNmNmM4ZTViOTdlZGE0MjZlZjRVVAkAAzWQEF01kBBddXgLAAEEIQAAAAQhAAAAnup8HBHDis8+yUnLd4ok/PYRRXt8jTATpVtZSHqebAyZFPfWeAtA0DWIuCCx2CixWsMd4g1asPjoDzLZ/Ur0O48Ne/QMN9SYI4mjkI0kM+Eu7MpLVdtkMvg8Hr3JgBK/pCVzwLm09TsJq0T84Q3hOfq4iD6Z6deRqjwlsl6izxj2eEMFAmQeMeHYoV+VjpWuFK11AcB3CkJg2XxrfoH34qInjhUarcpYXaLFfF3neUMLPMHHTpN5B/B9fxSyawfARbblZ/Xe0c1Ya0kvCK1e14fzCQuVTY/xk97I48vjqr2uE3YVYhXOCxRrrCOpOfaXNAdgwWCA7iCGsxkmZKV+6lytEoKjgw5nJTYemFudaMkCsZzs8FGFG65oDD7PJjaBIC6eJX2UbnmM5pWsW+Jsa7GvkkIr1AEuJRQvmLrsYH5WAN7qikX9PIjb1WbOJSXOCBs/xn26lHIbksdLzT2JfbKpp9QdUf/G/Km0qYrlvfSdxHBgHEJV2CYTcymwaDBMsJLcEIwZKnL9OUWJadFUbt3XFhlKixgyTLLhKOYZu/LPJyUH26OL9RmQypVkPLc+k4mtuVVn+ujIK/JJSd0LyRbL9QdBbCmXmHu20LW2CBrNLnTjiAqycASdtIkWhroJj9GcF/9FBP4JvZghlKjsD/F52L1dYKUeEdIsWMSQs2+UGcoFSy6bnI2+mvLnst700jJ5/GvLhPNdmNoIHs6HaCigiWfWc/xEof336IhTybfiadlW4XdVVDaV0wJejquEcCcNIbBP7Y5bk1IEe8i0h8raHEsty8dbooauMaU8BnrJZwoKf/2HBzn81rtmGrPP2VJsOLmq4Fm6yiEAOdUX0PAnTYkQAtKI9ADWPGuIunbIxTbu94W6ebDZbHXSGa7CN+jlJYc0IZ/40Cpv15LRZtjGQ3rODqx5ZFuxDvBThUe3zMqQl/DmAW8wJIZ39Zg7MLmQMc60krOx83PW11frTbyFHFRJBXfZzjhhhIHOtPFUthe7TE53ccHu6H/99XU8a8ZdmE8DEi1PHQmUZnY5hX8D9srsmYZO0e2MJ85q3jBaEslsUmWnMuYQwOj3rf74hhU661UzfixTE24yXlVRUdECfesdEmuxGBfT9weNfsIGUkuYysPLPT428siXBTc+Q9cyimYI75NT4wYbotw1Z3PJM5pK4L+es4s9wt3FOtIwANSxLXpggPkwrCc7iyZ+V6WRUVw48/8PHiLW5dcqN5ej6WpmbEoUzfRKIVWY8fllx1CgOoa2n8x4JMPmhZZg9Shq12cEi+//IDPGdyJ4WKuFsceR6RfRXNFMC04o2BilrvrW/kJpQPKOoo2uwtTNUGa6MIXQwDjOYJhBfQhgVonaZN8TxDT0v/DMRsbEk+hgle6XfhO25ZHUeyY7P1uevC+fSsJ2htuiEg22ljCe+s13S4WctYvM//6ZOv1hFi4+BjdvIFufBoAq4N3kUT1ql8A+zTK/ohanbLwvPyHVb9m/zaS1Z+kBXZ51Jp57lUI3otMyiIQ5YouwiUWbk5lr82YwPEAVPwQdy+YcDNhFJKqSlJFa5utN40vZCsaAUVXtSIzqTf37SaMAOV8rzzl4LS/NB1SL4KgSCS75EHgzGpGFXh9wWzGmT860nbFz4igarMAjLAaN+7hKMVPxT/EEyaGH090hlC6cvSLjqgI9ddCwy4z6BBeFfocHNIdorYg4yuVXPCMTslL+uNqFA7IrCCsYd8l55/8H2vQFSc80YVfgtfZKtlqYEZiCZB5yM2yM6PGqx0KA+ZphR5iGmWNjwFPdVSKTS4kRFjVedLAtZc+meMRZxp4ZWMqq6DhmJD4p5cA/Aue1fv+9E+aWTjgHsn4VHYXPyi9yEe9o7MWbKves8nL6cEf4XlQ30+1ezos29lLid1r63+QIpVeERfovNHwkRowVGRM7sUkQgMLdGcGsyCOUO3KJSimymsoJ3qkcDo26e1SEHeTMkJRwItLC97mwMK9+vf02AtRjkqXSNKAYZeq1gEHwSp/9Gkq1M81j2pHheT0cWJV/j6eUqM5jWr7d/d8UE6KhC4wz88gLdpnjcRIbNwRoH0fk+Ew2j5/RsFpQJk01AkEcFVDc4lm0kuKlybxGqzoyNsYnIOcVZTrUYmPvp8oe5cmxOHMDB/os4XYk2MRzHdMJEYLXQzAxp9A08FoU/b2KeUbvvHrXOUhyIQaMa1I0E5lvhoufi8KGJrj+NfPSuu1UEQY3wkQFubeTBoQq9haVcZr7NAXaHO9zx12KkgSsxKiQNB90UrveV8wfc75USiGZbaNsboMTIrbsoq8HcdNn3hyByOxbUCXQZgHVB6BOftp23JOTJUU2YShg+PswdCmTJ3CX1Rx93Hlg74qqoNDlQSLieIOPoK/l5h0mJxRRNi9EQleFt/xr41ZTlikt68HWAfewi1qWw5raK4daLHZSFalB38jRGQFVdsKeYkZSvIiu3VurNL5xwHDqtyoHNigC9cI2Q/eO6yO+dZAQtg+YJt9ibms9riHxrxoamjuurGUGssVr1JdQDGsSaDW8YjBj7OAJ2vPdH4vg6mLdEDulCb0Sz79HRiICT+uATpjVUXBBivS6ceHnQ6GeUP067Xnxe7asXHAsFIxhNo5FtzuqPQ0G+8K/gnAxdycKeIkgueIIztjhbBzxfuQP1kTCDus2AYjTfDm/aQ5fYhslkUBd673oj6+lFBL7M7J7hz7kwfXa++vX3n7zTUJ+zEaqtR83cO13sPV/ZE6V7sH8qZdgeiPJFgrsz2F+Vtnmcyklo8NSEiLfoSDPsgcfDkjCcFjrSNRtUCm/oyt426tch1HLpOPivPNxW3oxR1Kc/O8f5aOYuFOzYl1Hcp2kTqpoKiwKoIGYAsdO7RE6s2hKdeg8GD8czXRGsdZUJPm9BjsFhQKR9nBlsv9Yc2FtlS9mKu4Rzl6HBG1vZ5YasikmxgAlah9MWAOfV/7iIeAuJHfKcuKFXiRHQoOjIj3cqqjUZleU/1V3YKzBuFy2qx9Ac+NIxbH4LEBXszwlh8yG4mr43/T6HWaSzIifha3tC0evV5HrrVCdXsOL+s6CXdB1NwzuZbaKIG4/7wKU6WSIDD9byAMqlU5vSAljY+SJzwRtD2gWYgEcBD4qYE5a2iXnSwSdFKr3HPHgaCez8CQ4Hf1k6U1AcDbp/C+O86Ifm9L1/FOiyBoeSvCzd+DFTgT3YTCmjJv1G3agBm3trb2E9E/kBBa9GubhhNk7611LSk3pD+33t9nFzWnbL5JUzzqBryGod4S3WHTrdlJiyqJ/xjbAldaLihA70g0evXmZvKl1w0mDqZ33+T3bgbXjQ2WW7cbH7vhjyK8uG1ooE/q7u0EjQnKC1Ek5/z3yy07D1SvALvowAvfzIiGJBww5hf5rr4fXDUgJgqz/66JEzeY7nEYOV5ihclw2FpspP+cR5ulCVHNGKwcuiiTugu+sO96W2yLx1Pb6SkamZ6Myus2L0JHESQ6wzD4d1e0e0JccksQswTbJBlkyaMmmP9ui5+xHvu7NbGrY7LUneEr2bMZeEd1KqwYtROmHzqP97lYrus4+BQ1smGxoXYSP4BH705TeE//L4TVt2Gra4zn4GCe2MX8CvvHa8R/JRpJTxogzSE71AjOWnBY1hHQ0kRl
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-06-24T09:40:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d109086-8630-41fd-be51-4867950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-24T09:48:40.000Z",
"modified": "2019-06-24T09:48:40.000Z",
"description": "contains CVE-2017-11882 exploit",
"pattern": "[file:hashes.MD5 = '7ddb1d9c25487d85cb687682b8a4fb7d' AND file:hashes.SHA1 = '0117724817462bb8e09b5b507155eae32b878449' AND file:hashes.SHA256 = 'e5df9ce468a2510c86d8808083e5c3326385596fba864546491922b2ea9802df' AND file:name = 'OFFER ANFORDERN (Universit\u00c3\u00a9 du Luxembourg) EUI894BU4633.xlsx' AND file:size = '97688' AND (file:content_ref.payload_bin = 'UEsDBBQACQAIADVH2E65uoSWVlMBAJh9AQAgABwAN2RkYjFkOWMyNTQ4N2Q4NWNiNjg3NjgyYjhhNGZiN2RVVAkAA4aQEF2GkBBddXgLAAEEIQAAAAQhAAAAhPrekxx1PgwH3n9W/b55OOfhqe3i/jIqF/5x1+Z0iK8xjrMc5iLhc0GQFusQfMbeAV/Un0q+cEF1LU12gy2CO/kUIcwyXd81gBwE7rVp+Fpb8kFf2vBK0zSN2wvRKt4Pu9TzbsPx76UVQft7Jut00vNaIKaYk6qrsDTvp5GZGt+0HFZI/fTqdQh7cuwrwmYDElX48eRv7RDxqJyqUAhiyfIh8NYxlg+JmVlqVRcbjrz9UuK+b57GXd6ERtIZo52HMZ7kJukyjJla+Xl4KnVUJFnJVB6CNi721LGIRvkzAFvvOP3bsyA2Mf1dfJG/rKWjMdkjaZyzKbRHRFv6uSDH8MqmN7vbCjSeVpLvdMxDsbrK5R2YjY2udloVYnbn/hk9BnK2rqnyMp1OeIC59KAQWOXP4HdKUCiU+xLv6Kl+VRN8rs0kQtSwfwGYcSpv2+gQ55DdjfDWmteD3a2GxW1iURhdVI4MSjw7D3yy1SRyN1RMqtVFQGQXLvOuax1g6nPGNwj4BLzGBXUwN3nlcCERL5Usm3Lv8TVPVMKkyItOF9jIocSWRW4JQU9osXxQMqQCoeIwY09IAF/apsWEPHWzXHQIclqrEfmkrMESHCKtt/R6MhDida16kIlcKM1pbt+t6DUrBVIOcPswOMhYPvsVurQk3KiZTY4cPmQ6pgn1S80+JP9slOQZzKhB+nv3zymn0T7ai8jBApshznFWqQzRJf78vafnV+mSgivyVso78MGuWYm9qEscdev4MgQz8NWT7DFcLXly9MHZ7ZYwtR1sfaRGyekok4zwymjwct9vGkwYzheTVg4KumZo/8NznBBrukI7DdqRPFy6n42HzAqUe2W6VIp1E5cI5JryEh7tzi9yTRSmmOcwoCKyyaQFkalyjxl6fp4jeBBIeBmD7VlJopcX5RtTcfMNnSNMb47Cxd+wwPMo7oS60pCXc3sdojNoWFdnP0N+MvcpzjouOkeJcHRSZC8+aE0zCcEOiyvv/afI/9Orr5nJwD8J6nydeMbs8o3LLWr7JoaK9JIqCWLJtjQRR+ngkqy9OfpOwVxOJ8efgZBMV81JY2+yj6oY3JiNNO0637dZjEQbHiJY+tjssI3w+T5ZtimDJPjx1b3zjoDGI8rR9mIYri2Q4zg2LU7FyglDl7tAtc33rK15nFggrnTc8h8pD3MhVHLjYoFFH3HSF0lNLv+Ukbi1IGFtXl3IiLe1sdMouwSVKuPSQfZ8ZBrFnkxCLQa0OyRpqqMh0QRWl9fU+g6zFieVOKRyQkhZFN5oyOFNypfD24/UfLzduqv04lsY3dv5X1ZPnWvNNCeZBwdHgJF7UhTKLQAqnItm28TSBWb/tmFyrpQ/N4qb/ksk9Xkw5yJUnzIDNUXcGJDBPpfZVF8RESrBZPe4j+WT0CBON7gv55sfeppBhjZOwV4lwAsERoT9bgR9bmT644yiKNB2pEfwz7xU/zAABYxo4ihmQ9asbW/fbzjg3TUJpo8TEfkFrDqo2YFBzQmuFqtLOBLRyI/FTSu3AbZf5BztVxrBQ9535LkrGbmJQzOqc4C22zYqAeKJSCMzbmg5iCpXhot9b3Lwtr027PV4OqWxgRaZ/+oIdQF8rGAkY2M63BthsTJRb6vZq6jB/5qhwDmTy1SequLdy5GG+bJUnTuH69M5vPRC1l6x4N97G/hBioCyZWjqFjIy/Wu++whp8cedOP5zX8v4ZHevZdZI0uQZ0OnG1rC8VgnlNvjmfi/CmI7WVw3IM/PxRAiV2CafjVr2wvB/j0bixsHBwrP9Bx0hSHNi5llCG8w1sqP6HWNvwKRDwv2nMoJbZXorPOr73ap0E9OLmIHV7wYlXvzJqPsGM9KfULflqhedJTyjJvdje6eK7gSCj04/HSihPyysFazyTu/k6XC7P2LPCxom3SlwLB034GQ1NhMDRo7yw7lklxQQieaqekCtLFy7wUKey+N6NI8eCYZb3ytq6CFk03jEyIvpGzxMHqF8gDNYfTan0QhtmRvR0LBTObo9ZDL1qhNn5Fu8RkkLswHudu/01lBnXHPwKxuYYe96AtRGrVLOrZ1M1e8bzsYAW69EgETwJU0TAqSJmpwrR54fitw3ZawgDp91RReqTfu7ytnfvxQ3at3u8O+fyLw4nk2siHyj7fckFrSgQ1hz4xyBc78/Q89mcMaO80UJHeatMC1V5u21yAfAvVS56f9YoFtkGnHZ8w6rwPgmjBd65EVU916+lDkjmXse8b5Nci3O5e6zBeUY7+L59e9PPTChw5BX6fVUbqK7TDXCmAK+lEbgcWQe9C6sD40OgdBppmKGrZkLWYLpvaukgKfn0fDrdl9ouuW7Rq4aW9mfMN2Yv72cHL2PT3ImkF3caUji9ZnMfpiPFeXU9dlF9xWomd4hQ3Ta8I7fqpY4g7gpxPt841KhCjEjBI/+wveNfs6aaSyuGdP2Xs4sSdBHdt4J6dy8l2cvapJ73mjgVUJS2H/kIf6hAhSt5EOIGFAH1rrayyYjSqOfkVswKyFMoEmPZf00aoJoA8PqpqeHIs4mHjG4Vig06lbnSeMRTqZtWTKymkbSCdaEHxrzvwMZY5CZSXcywSxkKfFFrtnl2z2ya2MQoF27TqO4UhTMiqbZE156EjSKtNm1+G+vCLXiDCaiaW7qLWFBcAqUs/wV6Qi2nNKhIFdoaHGkRFX1xZSrdotgLTNJ7QxTzjSo7oYQU/MGzCbWwdgcAR73BnMfWlX7GfVQtzQA7GOfLLWGsSu235NIxv6ga1ybwiNGGorcJ0v0sFGRrwdMYJdujda5vD/GTHX6uSPTXSiSCTHHQrryp/ocI4ORKwEoIPix6gVIHB8gkY4Pgo5osZ92Y4ifIhW+AK/YRBNOiPN7pS/H7PkHc6mGSzloFxw0P4MXywwui6I1IniENgfIYh3fAIhw6Hw6HhUnDNhSayUJ395ShyLeOsYlHi7FLBxXbM8z11PmzE8XAuaG8lxyAqPoeJAhTCL8iXTAJyZsoAtDUWAa+n7v5bFVvtVogt0Iyn6LdcB8DngPxyurTSaI+yI379UvwWd4ipJA5al94d/Vg8+iFHvhw6olb7feAZmUe4F9PWc/wt2iYJfC7OiqDIyHjh2g7ECgHVb6FPt7NZfusdZbXG081GpLCxROFwzar3GCrdVvlDT4Tf7w0zifmxjnS+dpWXN8x43iBbh4nobJWZlpf+YdgVcRdBmqRpGIThaKCwzDhG+Y1KhV6Ld8AMTUs37SfnMxARkdP6F9MJflKIQ1Zc+3YeJuaYhMZ9GTVt12T/Ve4+uvqhQKQod3GTOZ9GVH1wT++5VNb2cNVPoS9UWC6X2Db0KcCjdqY9j54ylBFwplPFJ2rimHXryuSpywqhz7mAHPaCxg1ofPsea8S5C8Byjb/0DNWlVI9veaZjrhQiDstQuvDmwUySz5urCtFqYAo+PR7SVMbE/iPqz9m4D7IB1naeSrrVCkYetHT9jR0oAaWqcXoVvXM/SJ9qXcBllkY9vN8aJbUIgz/5zMsJZbo33/pZmXd8cAVpT85RCD0b2gn6N6SG1SYULG4dm7ep3GySEPrXXJQzIWyeqt0j5ksyYh
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-06-24T09:48:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--82e82c45-cee3-4d0b-bcd5-445021615dcf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-24T09:40:51.000Z",
"modified": "2019-06-24T09:40:51.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-06-24T08:53:28",
"category": "Other",
"uuid": "2a229a87-b8e4-4cc7-831d-e26ef40f2638"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3/analysis/1561366408/",
"category": "Payload delivery",
"uuid": "1e3e649c-40b2-4248-ace4-b1e4473b0994"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "9/72",
"category": "Payload delivery",
"uuid": "51e91f86-4230-4d52-8ca7-e953ea7b751f"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--06a06fa2-3b56-4455-89e0-8abfa77ffac9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-24T09:41:13.000Z",
"modified": "2019-06-24T09:41:13.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-06-24T08:29:00",
"category": "Other",
"uuid": "ed7f64d3-34ac-4e4b-8f83-6812e65083e7"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/e5df9ce468a2510c86d8808083e5c3326385596fba864546491922b2ea9802df/analysis/1561364940/",
"category": "Payload delivery",
"uuid": "7fc14672-8789-4925-8e53-4678c3dac150"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "11/59",
"category": "Payload delivery",
"uuid": "fe8cc977-f43e-4d41-bf03-59cea17692ae"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--5d109bff-e5cc-4732-8eac-4dcd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-24T09:46:39.000Z",
"modified": "2019-06-24T09:46:39.000Z",
"name": "CVE-2017-11882",
"description": "The vulnerability is caused by the Equation Editor, to which fails to properly handle OLE objects in memory.",
"labels": [
"misp:name=\"vulnerability\"",
"misp:meta-category=\"vulnerability\"",
"misp:to_ids=\"False\""
],
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2017-11882"
}
],
"x_misp_state": "Published",
"x_misp_summary": "Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka \\\\\"Microsoft Office Memory Corruption Vulnerability\\\\\". This CVE ID is unique from CVE-2017-11884."
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--c4a5a428-5ea6-4033-b71e-e93366539c31",
2023-06-14 17:31:25 +00:00
"created": "2019-06-24T09:41:35.000Z",
"modified": "2019-06-24T09:41:35.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--5d109035-0558-4547-bb37-4b1d950d210f",
"target_ref": "x-misp-object--82e82c45-cee3-4d0b-bcd5-445021615dcf"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--b22a0239-4eef-45bd-b9c9-8014ee9fad24",
2023-06-14 17:31:25 +00:00
"created": "2019-06-24T09:41:35.000Z",
"modified": "2019-06-24T09:41:35.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "analysed-with",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--5d109086-8630-41fd-be51-4867950d210f",
"target_ref": "x-misp-object--06a06fa2-3b56-4455-89e0-8abfa77ffac9"
},
{
"type": "relationship",
"spec_version": "2.1",
2023-12-14 13:47:04 +00:00
"id": "relationship--05e65bff-527a-478e-b8c8-e1b494463fe8",
2023-06-14 17:31:25 +00:00
"created": "2019-06-24T09:48:40.000Z",
"modified": "2019-06-24T09:48:40.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "uses",
2023-06-14 17:31:25 +00:00
"source_ref": "indicator--5d109086-8630-41fd-be51-4867950d210f",
"target_ref": "vulnerability--5d109bff-e5cc-4732-8eac-4dcd950d210f"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
2023-04-21 13:25:09 +00:00
]
}