2023-06-14 17:31:25 +00:00
{
"type" : "bundle" ,
"id" : "bundle--5da8181a-37f4-4da7-b1bb-4c54950d210f" ,
"objects" : [
{
"type" : "identity" ,
"spec_version" : "2.1" ,
"id" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-11-05T10:55:36.000Z" ,
"modified" : "2019-11-05T10:55:36.000Z" ,
"name" : "CIRCL" ,
"identity_class" : "organization"
} ,
{
"type" : "grouping" ,
"spec_version" : "2.1" ,
"id" : "grouping--5da8181a-37f4-4da7-b1bb-4c54950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-11-05T10:55:36.000Z" ,
"modified" : "2019-11-05T10:55:36.000Z" ,
"name" : "OSINT - Connecting the dots: Exposing the arsenal and methods of the Winnti Group" ,
"context" : "suspicious-activity" ,
"object_refs" : [
"observed-data--5da9a731-e150-45e7-b6eb-4724950d210f" ,
"url--5da9a731-e150-45e7-b6eb-4724950d210f" ,
"observed-data--5da9a997-c914-4995-84fb-4613950d210f" ,
"file--5da9a997-c914-4995-84fb-4613950d210f" ,
"artifact--5da9a997-c914-4995-84fb-4613950d210f" ,
"indicator--5da9bac4-8018-45b3-b60d-409f950d210f" ,
"indicator--5da9bac5-ace8-48af-9d73-4fc1950d210f" ,
"indicator--5da9bac5-15c4-4d4e-a31a-42ff950d210f" ,
"indicator--5da9bac5-7230-4355-b643-47fc950d210f" ,
"indicator--5da9bac5-65a0-44a8-b240-49d6950d210f" ,
"indicator--5da9bac5-4968-470a-a6c7-49fa950d210f" ,
"indicator--5da9bac5-6904-4953-a448-48cb950d210f" ,
"indicator--5da9bac5-ac64-4b44-abd4-4f72950d210f" ,
"indicator--5da9bac5-11dc-4c9f-a61b-4ace950d210f" ,
"indicator--5da9bac5-b890-467b-a2ed-43fc950d210f" ,
"indicator--5da9bac5-9388-4e99-ba2a-4865950d210f" ,
"indicator--5da9bac5-90bc-479f-8ba7-472b950d210f" ,
"indicator--5da9bac5-1808-47fa-9bfb-40c7950d210f" ,
"indicator--5da9bac5-15c0-4bac-ba29-4b19950d210f" ,
"indicator--5da9bac5-a5b4-45e9-8516-4fe9950d210f" ,
"indicator--5db97273-489c-4cd4-982c-84d5950d210f" ,
"indicator--5db97273-e158-4cc8-a534-84d5950d210f" ,
"indicator--5db97273-09c8-426a-8698-84d5950d210f" ,
"indicator--5db97273-1214-4500-b73a-84d5950d210f" ,
"indicator--5db97273-f79c-4136-a48d-84d5950d210f" ,
"indicator--5db97273-f44c-411b-8d7f-84d5950d210f" ,
"indicator--5db97273-0f0c-47de-87d3-84d5950d210f" ,
"indicator--5db97273-2f70-4eab-8c8c-84d5950d210f" ,
"indicator--5db97273-5934-4381-8163-84d5950d210f" ,
"indicator--5db9a1af-b234-4ee0-ae9b-4def950d210f" ,
"x-misp-object--5da81b53-15a4-4423-8709-4387950d210f" ,
"indicator--5db6c4fa-04a8-4cca-b559-4f73950d210f" ,
"indicator--5db6c52b-7858-46ad-8b66-4ad4950d210f" ,
"indicator--5db6c864-75fc-448b-85b5-1a25950d210f" ,
"indicator--5db6d0f5-432c-456e-9b18-4d12950d210f" ,
"indicator--5db6d17a-c4fc-45ce-a576-4607950d210f" ,
"indicator--5db6d45d-d7cc-456f-8e65-462a950d210f" ,
"indicator--5db6d484-45f8-4fee-af9a-458f950d210f" ,
"indicator--5db6d4b2-0544-4dc5-98bb-458f950d210f" ,
"indicator--5db6d505-ffa4-4bad-b88f-4f39950d210f" ,
"indicator--5db6d523-c04c-4605-add3-4ca6950d210f" ,
"indicator--5db6d538-0514-484f-9a89-4015950d210f" ,
"indicator--5db6d6a3-b9d4-4b20-af9c-464a950d210f" ,
"indicator--5db6df8f-fefc-462f-9205-ab10950d210f" ,
"indicator--5db6e01d-5a04-4537-8acd-aaaf950d210f" ,
"indicator--5db6e066-a8b0-4b15-89ff-ab08950d210f" ,
"indicator--5db6e087-b960-403c-b7d4-8c71950d210f" ,
"indicator--5db6e157-2930-415d-ae13-aab4950d210f" ,
"indicator--5db6e169-368c-4156-88a4-aa34950d210f" ,
"indicator--5db6ecb4-bd00-45af-93f7-ab10950d210f" ,
"indicator--5db6ecee-b3fc-4121-873e-d7ac950d210f" ,
"indicator--5db6ecfa-1f90-4e30-9a1d-d7a7950d210f" ,
"indicator--5db6ee3d-5a64-41ed-aecc-d7a7950d210f" ,
"indicator--5db6ee48-de24-4ae3-b0ed-aa2c950d210f" ,
"indicator--5db6ee63-1dd8-4704-bffa-d7ac950d210f" ,
"indicator--5db6ee75-75ac-454d-a6a2-d7ac950d210f" ,
"indicator--5db6ef0d-2518-4ee4-9671-d7ac950d210f" ,
"indicator--5db6ef1b-982c-40ec-8579-d7ac950d210f" ,
"indicator--5db6ef2b-dc58-45ee-b140-d7ac950d210f" ,
"indicator--5db6ef38-756c-4596-a322-d7c4950d210f" ,
"indicator--5db6ef71-c394-46e2-813b-d7c4950d210f" ,
"indicator--5db6ef7c-90f0-4b02-8ca0-ab10950d210f" ,
"indicator--5db6f013-984c-4022-9fd6-d7c4950d210f" ,
"indicator--5db6f01d-4b94-41ef-95bf-d7ac950d210f" ,
"indicator--5db6f02a-d84c-48c2-83ca-d7ac950d210f" ,
"indicator--5db6f056-7ce0-4444-be73-d7ac950d210f" ,
"indicator--5db6f06d-3164-4e8e-8a15-d7ac950d210f" ,
"indicator--9f4dd17f-2e1a-4f0b-b683-90017f4afa22" ,
"indicator--bf6b7c84-d319-4d5c-945d-7212bd6a51e5" ,
"indicator--02167ca1-c864-4874-80e0-9f95f34203d7" ,
"indicator--61e88614-f681-4c44-bd80-6b67051237ad" ,
"indicator--2108b29c-afee-484b-ae27-a94606415277" ,
"indicator--1240483b-92cc-4446-b80d-19a11fe384f0" ,
"indicator--4c9f794f-315c-47c3-a438-27cc72d799da" ,
"indicator--d93d7144-e63f-4a9e-82a4-f53b47e4a3bb" ,
"indicator--87df7ad4-ddd9-428a-9e6d-72479189cded" ,
"indicator--0fa75ab7-1c57-4f9f-9114-28371e09e1d3" ,
"indicator--88c36229-7514-4447-93d8-4f09fde9b969" ,
"indicator--1003b7d6-defc-46b9-8f69-3e679daa7314" ,
"indicator--e102c5cb-c6f2-46a7-9b6e-cf4fa1ff3a2e" ,
"indicator--cac254de-ca4b-4a76-bc58-1889273aad59" ,
"indicator--9125946a-81da-4294-8bdd-ddb31f9d7784" ,
"indicator--5db7f565-0d88-4d46-88a1-eeed950d210f" ,
"indicator--5db7f583-6564-4b53-bed5-4d44950d210f" ,
"indicator--5db7f59a-2034-410b-97e8-4303950d210f" ,
"indicator--5db7f5ad-1cf0-4210-86a8-eef6950d210f" ,
"indicator--5db7f5b8-20f8-4519-be23-eef5950d210f" ,
"indicator--5db7f5c8-f3bc-4145-885c-eef5950d210f" ,
"indicator--5db7f5e9-c448-4a88-8a54-eef5950d210f" ,
"indicator--5db7f5fa-6990-43df-9a9d-eef5950d210f" ,
"indicator--5db7f610-4168-4d2d-8f85-efd8950d210f" ,
"indicator--5db7f62b-24d4-429c-9856-efd8950d210f" ,
"indicator--5db7f6e7-9720-443e-be12-eeed950d210f" ,
"indicator--5db7f73e-c1c0-4dcf-bf76-45da950d210f" ,
"indicator--5db7f7e8-b75c-421d-8e9c-4b52950d210f" ,
"indicator--5db7f7fb-5c34-44cc-81c7-47bf950d210f" ,
"indicator--5db7f83d-a6d4-4a2c-be8e-492e950d210f" ,
"indicator--5db7f9b9-9478-491f-875e-eef2950d210f" ,
"indicator--5db7f9d8-1328-49c3-9279-46df950d210f" ,
"indicator--5db7fa05-138c-428e-a0ef-4fc3950d210f" ,
"indicator--5db7fa25-189c-4eb6-82cc-4ee1950d210f" ,
"indicator--5db7fee1-dbe0-4f9b-8c1c-444b950d210f" ,
"indicator--5db7fef6-48e0-4133-abdf-4b30950d210f" ,
"indicator--5db7ff09-d1f0-4c91-ae50-4c35950d210f" ,
"indicator--5db807a7-b5b0-4745-8040-44c2950d210f" ,
"indicator--5db80912-bb10-4533-8a6f-4266950d210f" ,
"indicator--5db80a67-eea8-4ced-be90-43c1950d210f" ,
"indicator--5db80a91-2ccc-4035-8deb-4773950d210f" ,
"indicator--5db81210-dcbc-413f-b1f3-eef3950d210f" ,
"indicator--5db81b3e-2e2c-4627-90cb-eef3950d210f" ,
"indicator--5db8449d-e0c4-427a-bddf-27ca950d210f" ,
"indicator--5db962b6-a438-4ac4-93bf-9a48950d210f" ,
"indicator--5db96865-c120-4891-ae8b-9a2c950d210f" ,
"indicator--b102c1cd-4297-4cd4-bb4b-e8e48cb9e7c2" ,
"indicator--11db09b2-780c-4fb4-8761-d5de725e3a1e" ,
"indicator--75b3579e-7cff-4d93-8b01-35ccde517733" ,
"indicator--65b3a82e-3a14-45f5-b8de-0f8f6b56e25b" ,
"indicator--5d8bfe5f-4cb0-4e3e-92c8-4598c9e43ea5" ,
"indicator--ca24296c-29f5-4fa7-8947-1a925fba70e5" ,
"indicator--32b79e17-b5c4-46fc-b51f-94d59d7e8d03" ,
"indicator--14d0c64e-1ff2-400e-8543-d00463b9ab2f" ,
"indicator--0c096d32-c11f-4621-b471-f2f74c767d05" ,
"indicator--32ecf3f2-659a-4e54-83ac-ebee0f6b1a02" ,
"indicator--c38df7c4-e03b-4253-9912-9dc26f257f60" ,
"indicator--e15e5342-23f5-4f3b-9bf2-071b2538117a" ,
"indicator--4ce941fe-6dc7-4db7-ab0c-dd2c777240cb" ,
"indicator--eec9d5ef-8e0f-4a03-a945-ba7c681192fd" ,
"indicator--972c0ed7-dcd6-430e-849a-bc390bce64c5" ,
"indicator--acc5b432-47ae-4708-bfe7-97f0c51f5eb5" ,
"indicator--fcc43e61-d734-4b3c-8f9c-2bc16e1ec528" ,
"indicator--b5b6b501-e66c-4f4e-9527-516ad2ca69e5" ,
"x-misp-object--2d9e2792-be70-4733-a982-8fb833e3067c" ,
"indicator--00f40c23-331f-4ba6-b8c6-42474a13526c" ,
"x-misp-object--47b6931b-7c53-435d-8559-5691aa5f5a8f" ,
"indicator--3937eb70-185e-44a0-917e-ebdc7f1d0752" ,
"x-misp-object--a8cf73f0-b98a-434c-9ed7-82b1a343c9a0" ,
"indicator--930e9e44-5724-449d-9e3e-0f32c22692e0" ,
"x-misp-object--b60b4cf3-7172-4e25-bd30-6cb80c4f2e44" ,
"indicator--ae10ed2e-838e-4ac6-87be-e6636090880b" ,
"x-misp-object--cb2ff493-1850-4aa2-86bf-d1cd7fd387cd" ,
"indicator--cbba4bfa-ba52-4d30-9939-cf8386e2acd9" ,
"x-misp-object--15ee4e85-d113-4933-b3a4-a5bf20d8dee7" ,
"indicator--1bbcd3f2-97bf-4f5b-8bb4-efa2920e33c4" ,
"x-misp-object--80d87c81-4223-434a-8297-8c55c2188c23" ,
"indicator--5042d9f9-1bee-4379-85b1-0685c573cac5" ,
"x-misp-object--34fca3cd-6c8f-4a81-8727-1319e20a0b13" ,
"indicator--385f33d1-34a9-41a6-b4e9-a40a4fa715be" ,
"x-misp-object--46784d68-1971-470f-a424-2f01edeefbd9" ,
"indicator--b46c5962-8963-4ac0-b053-b3faacb71620" ,
"x-misp-object--8a35b215-db3c-4411-a176-705f087e517b" ,
"indicator--5fea27fd-624f-4542-93cb-93202c027316" ,
"x-misp-object--bd3ecda1-2b63-4905-9c4b-e2842401451c" ,
"indicator--db72a9ba-be71-404e-8958-e809f5a7fd38" ,
"x-misp-object--32d2677f-6d87-4b8b-9b00-025b88e10700" ,
"indicator--0124dee6-62c1-4547-bd95-c10623a21444" ,
"x-misp-object--0e47ffa7-909e-4804-b178-ed04ad92a2dd" ,
"indicator--b220db74-8ab2-4c99-8df8-4be473329599" ,
"x-misp-object--0e6dd455-6e1b-4d16-885b-0b7d7fc005fa" ,
"indicator--654f1da9-cb27-4eeb-ae9d-18fb0e8796f1" ,
"x-misp-object--7dded6aa-9b4d-4b47-a262-b63e0409e70b" ,
"indicator--c2c23001-5488-4016-82fd-ae492c6c31bf" ,
"x-misp-object--c3b5234a-f538-4f34-93fa-9c87a7f18c4b" ,
"indicator--628bb82b-0724-4d36-8154-a8458f1edf1c" ,
"x-misp-object--ee9ee64a-9229-4e42-a1a7-35f2e46b226f" ,
"indicator--aa6a25ca-4f6b-4234-983e-ebac2149c49b" ,
"x-misp-object--d568e860-b698-413d-a253-94ce9d8d6b87" ,
"indicator--9352ee1c-bdc9-4bbf-b067-dd189144e421" ,
"x-misp-object--24cb5d8b-f102-4f31-b96c-675b65c64f0a" ,
"indicator--9c4e0fc1-03b9-46be-8fbb-41de315f93e6" ,
"x-misp-object--5d0b3e85-9140-42ee-9cbe-21ae3238aa00" ,
"indicator--c454ec6e-8f29-4989-9bf0-e6bd3bb192e9" ,
"x-misp-object--de314694-d9c4-490c-b815-570571b04bda" ,
"indicator--214f65eb-e84f-4386-b3ed-5843ba535094" ,
"indicator--eef86af4-b769-401f-9d82-e7b2908e3960" ,
"indicator--5df715e7-72a0-4c44-ad55-990ce651dc98" ,
"indicator--65fd37d6-0d95-496c-a505-b50e67c20549" ,
"indicator--92a5885e-eea5-462b-96b2-55fdbf9092e3" ,
"indicator--b6c41f4a-dea2-4d32-ba70-33d22d7f3fbc" ,
"indicator--b4c0eacf-9526-4200-8bf8-b47316c47ba4" ,
"indicator--1b9c244d-30bf-4369-ad1f-470541ce9092" ,
"indicator--7e7300ca-50b7-4a1b-b34b-12c1c7e54f1c" ,
"indicator--e85cd498-2c8f-4041-b8ac-c45706cba835" ,
"indicator--0eae6e0d-d885-4b8e-b047-edf7681f8aa3" ,
"indicator--2dd673bf-8971-4c60-a50c-f44f1c2bc78b" ,
"indicator--b65c9957-987a-4fad-a4c9-2755524d0569" ,
"indicator--cc15ea20-f8ec-4de2-9849-f4ed488175ed" ,
"indicator--e1206988-dbbf-4737-8d31-1ee4c53afd85" ,
"indicator--459f6831-3996-48e2-892e-134d1e484c6a" ,
"indicator--0da2582e-55a8-43c1-bc19-cf306d862906" ,
"indicator--e49a3a6b-9b7a-4e1a-a3ef-4e21b3a19182" ,
"indicator--11262cdf-190c-4bc9-99d9-ee5b84938cf7" ,
"indicator--0739ab56-6cc7-4e45-b53c-8581ec3197d2" ,
"indicator--8e52b197-1673-4124-8813-8bfa101d43f2" ,
"indicator--e12edf66-6aea-47db-b197-1cf986010663" ,
"indicator--b97263ec-3402-4c81-9561-412779f1df0a" ,
"indicator--73a30d07-bff1-4ecf-b966-263fc3af8eb1" ,
"indicator--2f3542e5-ae86-478e-ac6c-00d4f0a794e6" ,
"indicator--dd1b913b-b726-40de-bb05-326115aec0f9" ,
"indicator--cce2c7ee-8411-47fc-b852-488af2950b48" ,
"indicator--99b4486d-733b-49fa-b9ec-4da676c94d3e" ,
"indicator--ebf9639c-8ff9-43ef-a6e1-bf7edfa5336e" ,
"indicator--6d494b13-d087-498c-9b5c-0a11208716c6" ,
"indicator--6db1943a-24aa-445f-8b74-7993c8371d9e" ,
"indicator--2fa28110-56e4-41e9-984a-e4c1a453dbd9" ,
"indicator--bd2cfeef-f35c-4aee-bbf0-8ab328984c38" ,
"indicator--08755d57-b2fe-4092-9a4a-b88ad41e096f" ,
"indicator--ac95bf52-2785-4fe2-a5f9-4113f9468c8b" ,
"indicator--e9993b8a-25ac-40f9-8907-f2ae36121d25" ,
"indicator--061903c9-7f7a-42eb-bf89-79423141208c" ,
"indicator--b71a0613-1c1d-4923-aec4-bedde1f2ecb8" ,
"indicator--f985c266-c9dd-4cf4-81e6-24ea9c8c256a" ,
"indicator--a6a9f16b-e26c-4106-9467-07757db702c6" ,
"indicator--6141995f-be42-4494-bbc5-11698eae7f82" ,
"indicator--7c49930c-79fd-4bb8-8a15-f37e161de225" ,
"indicator--710ac1f8-fd5e-4224-9a12-15e4939404a0" ,
"indicator--40bb4ed3-ef4f-4d24-997b-101d8575bb28" ,
"indicator--13aea80a-9f0e-4ced-9e46-158358fbe8e1" ,
"indicator--06e4a7bf-52b0-4be9-a83e-9076fcfcbdd6" ,
"indicator--b37b9fc3-2ebc-438b-9c15-9bb14aab95ac" ,
"indicator--c186a6d4-b6e5-4f15-9c2a-9ed4deae7c57" ,
"indicator--2227dba2-88bb-4fa9-96fe-c93eb7d1bf73" ,
"indicator--adf1b2e6-7b0e-4e61-910a-3b8511926eac" ,
"indicator--efcd9953-d74f-4f8c-91c5-bdf636592846" ,
"indicator--8a975ac8-a757-4a70-8155-39400e6a9de8" ,
"indicator--b6fddbe6-e68a-4900-b995-3a5d09be8527" ,
"indicator--f94f2d85-cc7f-4084-9839-c357167ba0a7" ,
"indicator--b18e808e-c337-42f9-af51-d181fbde03fe" ,
"indicator--c614f1fc-ff5d-4d9e-a136-632dff2438f5" ,
"indicator--7b583b96-7d71-4575-baa8-41c913bde82f" ,
"indicator--aa57e398-c047-4a28-bcac-7379e9eced4f" ,
"indicator--cacc92aa-4104-433d-a122-05013eb2020f" ,
"indicator--dfcdbe55-7149-4264-b75c-6eb01a288bfd" ,
"indicator--653cbf31-fb4b-4394-ba92-0ee2c312f352" ,
"indicator--9966bf19-96d8-4c2c-87c0-71b563798fc3" ,
"indicator--48c4d11c-0d4f-4b03-8378-a4e32da30ba1" ,
"indicator--2e8b5446-5761-45ea-8f8d-a8c19df4f69c" ,
"indicator--365cf772-f9e8-43c7-8004-6fbbc3b0971a" ,
"indicator--95ef28a8-05ef-4529-95dc-0c8ba140d770" ,
"indicator--b1aed1be-626d-4a44-aadf-cd86fd5cabf7" ,
"indicator--d8a8c625-6d6d-4914-8451-f3aa844fcd05" ,
"indicator--377f8d3b-b127-4991-aa19-8e53a06df1a8" ,
"indicator--c06eb5fb-e817-4ed4-a07d-5cb8579b3cba" ,
"indicator--049b7bde-1b68-4f84-afe5-27bb9ed4771b" ,
"indicator--0ce1cc9e-8bc2-40be-bc8d-2f1294bf9266" ,
"indicator--4c3c4f9d-73b4-40f2-9d19-5021e099f75e" ,
"indicator--3ceef445-c895-4014-abbb-b69f03acb96b" ,
"indicator--9952a99b-b659-4b55-b50f-831fa43559ed" ,
"indicator--b77360d4-96b5-43cb-a084-be54dfe28698" ,
"indicator--a1b3b156-9512-4c06-afd9-af7f591bf9dc" ,
"indicator--8fb0d5b7-86e4-484e-a22f-79ede372cb49" ,
"indicator--544538b0-4de0-4c85-b7c3-a8f8062b1363" ,
"indicator--ad273ff6-0489-45aa-8926-d8d9f798b16b" ,
"indicator--113e6a7e-a57f-497f-9135-85b5671e8a9e" ,
"indicator--3ca644df-6314-4101-ab6d-df126974ea51" ,
"indicator--3312b6bf-bd2d-4713-afa2-f07d39401e8e" ,
"indicator--a29ec050-6c9a-4a80-8821-ff08fbdf5363" ,
"indicator--f7ae2adb-66a4-4651-8a9a-c6b9d431029e" ,
"indicator--3f437719-2cc1-4f53-b375-a35ba3fb5bf2" ,
"indicator--50e52f8d-84e4-47e5-b41c-edca203fc1fb" ,
"indicator--1fbad5ed-88f8-4b92-b385-a29fd05e27b0" ,
"indicator--8334a92b-90c6-43f3-a6fb-c23c7968da9a" ,
"indicator--6573cf6a-1939-40b6-858d-e27e85d1f51a" ,
"indicator--d3ef1296-8722-4504-8b96-321af22416be" ,
"indicator--33f92aa7-dc4c-40be-a73a-539755ba720e" ,
"indicator--9a731ab6-2244-4ea1-bb11-78ea4375e900" ,
"indicator--64a990a1-c389-4f9b-8234-fe09537e3c9e" ,
"indicator--41ed650e-b42a-4a80-9282-ca8b5c6e10ba" ,
"indicator--36bd05ad-757e-41e3-8767-a9dd64dfb564" ,
"indicator--c2a892be-3dc0-4cc6-84f4-c48291a52b55" ,
"indicator--427e315c-f297-48f7-8346-244a2e3fa485" ,
"indicator--41d5bc89-4647-436f-9c84-79f0a4082c2c" ,
"indicator--61bd7fa9-0260-4dde-a2ae-6e312e738bbd" ,
"indicator--2c5f6f88-0d42-4b94-8c9b-ced103cf5922" ,
"indicator--7842bf14-c7b3-4c1d-a852-87c00e131011" ,
"indicator--7eaf6693-1886-4478-aaf4-f217a6382be2" ,
"indicator--42b4a056-a415-4148-a52c-759aaf2cb2d3" ,
"indicator--8b711a95-4cba-4354-bbb3-90c2e9576618" ,
"indicator--f2272a0d-6e6d-4367-aa5a-d3bd2abade9e" ,
"indicator--5e38ce5d-0fa7-45ea-bf22-e4d2a8a54f0a" ,
"indicator--db942d7a-2e0e-4f19-b761-472c2effd399" ,
"indicator--d3680900-ce54-4ed5-a6e1-9266e59cfec3" ,
"indicator--b277cc0c-5bb2-4501-b11a-d1f7d0fab014" ,
"indicator--aade727f-18fe-4739-801d-a7a6f2759876" ,
"indicator--e8d2a2f3-fc3f-4e5e-af54-9cedcfe2bc5f" ,
"indicator--4eafb77f-c877-41a1-902b-6eb94d30ed48" ,
"indicator--2d8af149-47ff-4120-8639-455a87371702" ,
"indicator--0016f224-006a-4350-98be-14e1e9045f18" ,
"indicator--5c9c0061-6f97-4d91-bb15-287a5bf91c0c" ,
"indicator--3590267d-dbd4-4ae6-ac9a-00107e47877a" ,
"indicator--c3d1008a-8692-4105-8f44-03e7331618a5" ,
"indicator--26a6a040-f985-405c-9bee-66a7b33020d3" ,
"indicator--763487c5-e5dc-46a7-a1cb-f65ec8833f51" ,
"indicator--feb300b8-0ebd-44b2-9ec4-2fb2fc15b76a" ,
"indicator--0cc6abe2-35ff-4b76-878d-db8687e9dd60" ,
"indicator--50c56740-5d84-4913-815e-1d49d1c7091f" ,
"indicator--ee82d875-5623-4582-a631-aa0ee1fc00dd" ,
"indicator--fd21e98a-1714-4b78-be80-2ed6177ecb89" ,
"indicator--9abff2da-d20a-40fd-a717-fa1064b72efe" ,
"indicator--8de32028-d8fb-4999-bf98-978f20f6e638" ,
"indicator--e2d4814a-2c97-4034-9a52-72396af91bc4" ,
"indicator--05c846e4-7280-4fe5-ac2c-17bc98e961e3" ,
"indicator--27ee2283-7305-46f5-9b5c-95f4c56b1701" ,
"indicator--351ace25-1a00-4799-ac3d-d0ed37d0c0e8" ,
"indicator--921f2485-e5c0-4a91-866b-0056d6ed2776" ,
"indicator--1f20f7f1-3a28-467a-89d8-40b4786a2086" ,
"indicator--72e5dda3-397b-45b1-9eba-87759438cebc" ,
"indicator--a9b8d3ea-75f4-4b50-9b8e-9ba8c896f9d5" ,
"indicator--1196b634-5f7f-4ccc-bcf5-f6aaa44bcd86" ,
"indicator--960da54a-a6c5-4335-bc61-0a72e6093242" ,
"indicator--9aa2fc5a-de33-4a7a-b08e-00e8e4968fe1" ,
"indicator--503ebd59-b048-42ba-9359-9e175db28dec" ,
"indicator--a107546c-ed0c-4e3e-bbad-4d7298c4282d" ,
"indicator--50e5ac4e-84d4-4486-bef7-5f961661b7cb" ,
"indicator--09ff8106-adc9-4eb0-a04d-28f641b9bbca" ,
"indicator--2d0d31d4-3fa3-458c-8f5d-a86c62bd434a" ,
"indicator--036e4f00-a1d0-48e4-a3f5-8d117cf01c19" ,
"indicator--0dbe275c-0a3d-48bc-9017-cd1f60c9ad74" ,
"indicator--a5cba5cd-dea0-4b22-a62b-282d425fc773" ,
"indicator--fe129228-918a-4ff2-8349-bab7665d17e4" ,
"indicator--c1d5b686-07e2-47f6-a7fd-5468a4c5732a" ,
"indicator--2f8edbd3-366e-4ccf-8ef8-a135f0eb52d3" ,
"indicator--05bfc429-dc0a-4547-9e2a-397f54096993" ,
"indicator--23118648-54ae-44f3-b0c9-645a57486224" ,
"indicator--ef40d4b2-bc3b-4417-9d1c-20d5b07508f3" ,
"indicator--2ffc9026-a3cb-4805-a79c-b6ab695a1e84" ,
"indicator--39a5803d-f274-4b1c-97d1-dc12c9788540" ,
"indicator--9986298e-b7a4-4ad0-9944-93df20d9c2c4" ,
"indicator--2f5824c3-3290-4214-b16f-d6a07f3e289f" ,
"indicator--8e2bb711-03e9-4991-a788-4d2457ec04a6" ,
"indicator--56f07cf4-a5f5-4d0e-a739-a3d436d2021d" ,
"indicator--44f19d0a-e5b4-4978-8e82-37af722bf7c5" ,
"indicator--62e88828-d826-4b8c-8a3f-6ef69b2bd18a" ,
"indicator--17e944c6-65c8-4b88-ab2d-03be679217f6" ,
"indicator--c5e12ba1-161c-4683-9a4a-e1d82b2695a6" ,
"indicator--e18b9707-efa7-4028-b77d-3908a5354e73" ,
"indicator--1d914c73-0df1-4418-a740-67a5258d93aa" ,
"indicator--d7067d38-7d5b-4d2c-bb35-784152f39f9d" ,
"indicator--295f34fa-ba58-45f2-93cd-0337c090f1cb" ,
"indicator--566c5026-feeb-4918-bc2b-07c0cf1b2b77" ,
"indicator--0b79df96-ad69-4cfd-bfcb-56e467460fca" ,
"indicator--3dd0303e-0bb8-456c-a4c3-63cee9f2b676" ,
"indicator--d723872f-f10e-41ff-bada-63f6b5514c7f" ,
"indicator--cbf15e08-54df-4625-ba00-c43df69b06a8" ,
"indicator--75190791-061e-44b8-9477-5715d61bd1de" ,
"indicator--49ad01a4-db2e-4893-a563-78fbee11f553" ,
"indicator--e09ab7d3-cdd5-401b-ac54-f316de578927" ,
"indicator--f4282c5e-85b9-43f7-9a46-983cab49746a" ,
"indicator--ea8bc570-0a4b-4c9d-bab7-1f6ee36adab5" ,
"indicator--9fdcd0e4-2b5f-4662-9207-334ebc59fecd" ,
"indicator--6c12996a-6a52-413a-86f0-39e2ee48a194" ,
"indicator--13e02f92-a5bc-4f62-96e1-cc18f084c796" ,
"indicator--8a2a1ce8-7e1f-47b0-be21-840f0854ecdf" ,
"indicator--97234f77-dd1f-4ebe-9170-d0ad281b12cc" ,
"indicator--11f6b4c6-e3aa-4ffb-a6b7-8e95ff3fc1d5" ,
"indicator--1f4eddc9-7c82-4259-b4ca-b3024f68437a" ,
"indicator--5d974ae2-81b0-4b34-bce7-f17f606f3346" ,
"indicator--dc730660-1bf2-46de-86b5-48ad0f3c4149" ,
"indicator--f93aba30-8956-4095-ae42-70f159071ebd" ,
"indicator--8461fce4-c1e1-4143-b192-d425dbb31bc0" ,
"indicator--0e2ad0c2-098b-4557-bb4f-5ed6bc0fbe8b" ,
"indicator--93e75af2-53be-4f97-9b32-eb2cdeb9c19c" ,
"indicator--8207f357-97d6-4838-8703-5410b0bed103" ,
"indicator--087ccf5a-592d-4d0e-b3d0-3e71accf1c4e" ,
"indicator--65bb86f5-96bc-48bd-82e6-5fbc343f40cc" ,
"indicator--bee3701f-6888-4b0a-8e16-22d25abd87f5" ,
"indicator--4e504d07-770f-4f26-a4b6-0642d46fb4af" ,
"indicator--116d3f95-e389-46b6-bb00-225979a02896" ,
"indicator--071c54ef-4359-4d30-9f70-9a34c05b3e84" ,
"indicator--868f4961-dffe-41b5-a0b1-b833acbf4202" ,
"indicator--be807f73-1862-412f-a3bd-da6d32ccd7aa" ,
"indicator--7ee95d43-9829-49f4-9bc4-25894e6c9c1c" ,
"indicator--4495fc9d-797d-4c22-b395-12843c62e8d9" ,
"indicator--d0018735-586a-4745-aa95-beadbbf50aec" ,
"indicator--7fc97be9-b36a-4b99-b47c-15cb3de1968e" ,
"indicator--8e7dd3b4-8c6a-4ac4-8f2c-c4a3ea5e8fd0" ,
"indicator--85ae0d22-3f39-4b80-9b25-da78f843e0d6" ,
"indicator--10200f14-53b4-4cff-871d-da952e45fe30" ,
"indicator--21c9532b-f9b4-4fa6-8ca6-4d158ab210fe" ,
"indicator--984b6773-8b0f-432d-b08f-6998c7e93264" ,
"indicator--0a9ebda9-3bff-41fd-a691-e9d307be0cce" ,
"indicator--18c57ae6-dc28-4c7a-9b79-96f3ca6a8636" ,
"indicator--ca01ae7e-6928-45ed-bbf1-f28cf844318e" ,
"indicator--762ad35c-e8cd-40e8-af90-0e4cf404a5b3" ,
"indicator--d73334c4-4013-482e-ac84-ce09056abc9a" ,
"indicator--2adc154f-3364-4ec9-a7ef-720861f8a166" ,
"indicator--f9315d9e-83b7-45d3-9730-561b5f4950b2" ,
"indicator--662a894e-5fef-450c-a8c7-9ab531198dfb" ,
"indicator--29c9a491-6a39-4a75-b32c-ef9cdb0edcf5" ,
"indicator--2d2ce7e4-cfef-457d-9afe-292c07e9e255" ,
"indicator--105e2ea9-5859-4338-9bcc-3c3ac2b0e2ec" ,
"indicator--fc2abd95-30aa-4fd3-b9f0-276e09f8e9ab" ,
"indicator--ae7e63bf-cce1-423a-bdcc-7affd6df8fd4" ,
"indicator--69d2a00d-8bbf-4dd8-b00e-8250308c972d" ,
"indicator--e6a98500-0960-47da-90cd-b2d0c228925d" ,
"indicator--f47c9509-d606-4b5c-a6e6-8ad648516e81" ,
"indicator--3e105e2c-4491-44bf-b0d0-4db3bbcdd619" ,
"indicator--6f6d4416-3fb0-4e46-aa2b-95b9a9f57f22" ,
"indicator--671d4672-a0b8-40d0-8731-068217210a6a" ,
"indicator--df713911-868b-4035-87cc-7952898729eb" ,
"indicator--b557db93-12b8-40e4-8926-5ae7087e0840" ,
"indicator--8bef921f-da18-41c3-acbf-942ece3ed031" ,
"indicator--cb977951-e252-49f2-bd92-0026dbc4ea49" ,
"indicator--0f371f25-85f3-4770-9a35-902ee323097a" ,
"indicator--df4b1fa0-0652-4c71-aa82-2da289e9787c" ,
"indicator--5afa9f8d-72e5-4392-bb2c-4f77b9e2052a" ,
"indicator--bfd7df11-59ca-468a-9f68-5da2c3b9c7c9" ,
"indicator--ce2e7e17-74a2-4861-b1c9-21546bd54cb7" ,
"indicator--63e8dc47-167b-48f5-a749-832e488426c0" ,
"indicator--d8191220-9eb5-406f-b9a8-a783a903ab19" ,
"indicator--d1f1cde7-25db-49fe-b966-49e9fb12fb38" ,
"indicator--f773475b-cbcc-4cee-b182-78bb461f3734" ,
"indicator--8a80e00d-1f1a-4b0d-abb3-fe607a3f699c" ,
"indicator--7ce71801-752b-4c1c-82a6-2058d0fc0e88" ,
"indicator--a1fa4f89-0a28-4633-bbab-8f56680ec735" ,
"indicator--b9430d3e-bbb2-472c-adff-87b08cc00a63" ,
"indicator--528b7956-1c2e-4202-a5e2-75a1305438dc" ,
"indicator--e4106288-a5f8-42c0-9645-91bed8198038" ,
"indicator--6934451a-f55f-4c65-91d4-4933f32b38ee" ,
"indicator--865153ef-0c63-40fd-949f-a84c78f2f7af" ,
"indicator--9e404888-27e0-4db7-a2f8-e488bcc12358" ,
"indicator--6f12639f-4d7e-498a-a21d-b10f891d031e" ,
"indicator--18d8561b-5482-4cca-8782-6997c8a1fe50" ,
"indicator--c179fff1-471f-40b7-b686-00a63b2becd1" ,
"indicator--0ef53abe-84d7-4268-8e53-c02bb3efed05" ,
"indicator--3f66112d-50e4-414e-94a5-74548b9b2d3e" ,
"indicator--c598e289-f69d-4851-912e-93465150c28f" ,
"indicator--5232c969-6cb9-4099-89d1-42eba24c28bd" ,
"indicator--9aa86261-81d2-44e2-91c3-84eb8cfd26c2" ,
"indicator--8bc1b820-4e74-46cb-b794-feb9997db37a" ,
"indicator--1d12d556-73c5-4b51-9078-079b3bf5e349" ,
"indicator--6110b7ea-53a4-4476-ad76-547430c3ec86" ,
"indicator--fde66354-fb78-48b8-b716-10e1564e516c" ,
"indicator--c87ef7aa-ed88-4b81-945d-8111b0208b80" ,
"indicator--e81b286c-1545-4e23-93de-f0b97b90956d" ,
"indicator--20cda84c-d994-4480-aaf2-e62217e5d67c" ,
"indicator--5a42d7e1-a1b6-42d6-b154-2e04a6d274cc" ,
"relationship--f5723a7a-fa7b-402e-82d5-aee13e98502f" ,
"relationship--facaa326-498d-4220-9cad-3a7ef67b1c65" ,
"relationship--56d58ae2-8f2a-4b5e-bdf9-2d77727d577e" ,
"relationship--42997319-ebfe-4a1c-b2ad-e63152728ce3" ,
"relationship--60fe144c-1d4c-4214-9256-26c32d046885" ,
"relationship--3ba7d7ed-779f-46c4-b9c2-8b3828af379f" ,
"relationship--a03c28c0-fc4c-4886-b3ad-92dcbf0b8b1f" ,
"relationship--d4419043-622d-426a-96f1-2b2fd756450f" ,
"relationship--5045dfb8-6e78-4f40-b306-b13baeaa891e" ,
"relationship--81410aef-13f4-4042-a7e0-cc88b71414c3" ,
"relationship--cd4d80a0-aeb8-48ab-83ee-83cc0ff75d4f" ,
"relationship--4c406b0d-8d6e-4975-8d9d-5d29ca204c47" ,
"relationship--3750da19-6373-42b9-ac2c-bb6c9a39a549" ,
"relationship--7edf8d9f-01ac-428e-bc3f-cdcaf6154fab" ,
"relationship--525279b1-a989-4bb5-834f-cfba16557764" ,
"relationship--a03f6243-480f-4c32-9035-3086b517b9e6" ,
"relationship--694c0489-ad9c-49af-bc74-b11cd46d63f7" ,
"relationship--7d740545-e839-418f-b9ab-b2ff6557d051" ,
"relationship--3d3f301c-6dc7-488a-b97f-d685bdd69514" ,
"relationship--ec1196a8-51a0-4bb6-ae8e-805a43e956fe" ,
"relationship--f100188b-deef-4863-86db-f81d1f61f33e" ,
"relationship--6f32bcd0-0ab3-41bd-9007-d7f1ae843f85" ,
"relationship--0a9fafc9-934d-479c-a137-f47d37b40270" ,
"relationship--8b6a8e32-e7b6-44dc-b722-bdda184c3291" ,
"relationship--723fbc1b-82bf-490f-b04b-0135506579f2" ,
"relationship--2068a251-90f0-40ff-a9e7-c8fb62f7d09a" ,
"relationship--451579ca-900d-4cf4-ad67-9992c8452462" ,
"relationship--c71a5590-085c-4bb1-b239-d86ae075ea62" ,
"relationship--0b5d1892-99b8-4930-9e50-582c39b1c7ca" ,
"relationship--7198d6e0-983c-4476-9060-fb9cb0a979ab" ,
"relationship--38e7b26a-3448-41e3-857b-15a9e467991f" ,
"relationship--804d7a41-9a60-4b88-94d4-cb2c3cba7aa1"
] ,
"labels" : [
"Threat-Report" ,
"misp:tool=\"MISP-STIX-Converter\"" ,
"misp-galaxy:mitre-enterprise-attack-malware=\"Winnti\"" ,
"misp-galaxy:mitre-enterprise-attack-malware=\"Winnti - S0141\"" ,
"misp-galaxy:threat-actor=\"Axiom\"" ,
"misp-galaxy:mitre-attack-pattern=\"Supply Chain Compromise - T1195\"" ,
"misp-galaxy:mitre-attack-pattern=\"DLL Search Order Hijacking - T1038\"" ,
"misp-galaxy:mitre-attack-pattern=\"Hooking - T1179\"" ,
"misp-galaxy:mitre-attack-pattern=\"Code Signing - T1116\"" ,
"misp-galaxy:mitre-attack-pattern=\"Deobfuscate/Decode Files or Information - T1140\"" ,
"misp-galaxy:mitre-attack-pattern=\"Hidden Files and Directories - T1158\"" ,
"misp-galaxy:mitre-attack-pattern=\"Obfuscated Files or Information - T1027\"" ,
"misp-galaxy:mitre-attack-pattern=\"Process Injection - T1055\"" ,
"misp-galaxy:mitre-attack-pattern=\"Software Packing - T1045\"" ,
"misp-galaxy:mitre-attack-pattern=\"Disabling Security Tools - T1089\"" ,
"misp-galaxy:mitre-attack-pattern=\"Process Discovery - T1057\"" ,
"misp-galaxy:mitre-attack-pattern=\"Commonly Used Port - T1043\"" ,
"misp-galaxy:mitre-attack-pattern=\"Custom Cryptographic Protocol - T1024\"" ,
"misp-galaxy:mitre-attack-pattern=\"Data Obfuscation - T1001\"" ,
"misp-galaxy:mitre-attack-pattern=\"Multi-Stage Channels - T1104\"" ,
"misp-galaxy:mitre-attack-pattern=\"Standard Application Layer Protocol - T1071\"" ,
"misp-galaxy:mitre-attack-pattern=\"Standard Cryptographic Protocol - T1032\"" ,
"misp-galaxy:mitre-attack-pattern=\"Resource Hijacking - T1496\"" ,
"misp-galaxy:mitre-attack-pattern=\"Stored Data Manipulation - T1492\"" ,
"misp-galaxy:mitre-attack-pattern=\"Exfiltration Over Command and Control Channel - T1041\"" ,
"type:OSINT" ,
"osint:lifetime=\"perpetual\"" ,
"osint:certainty=\"50\"" ,
"misp-galaxy:malpedia=\"ShadowPad\"" ,
"misp-galaxy:tool=\"ShadowPad\"" ,
"workflow:todo=\"expansion\""
] ,
"object_marking_refs" : [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5da9a731-e150-45e7-b6eb-4724950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T09:52:44.000Z" ,
"modified" : "2019-10-31T09:52:44.000Z" ,
"first_observed" : "2019-10-31T09:52:44Z" ,
"last_observed" : "2019-10-31T09:52:44Z" ,
"number_observed" : 1 ,
"object_refs" : [
"url--5da9a731-e150-45e7-b6eb-4724950d210f"
] ,
"labels" : [
"misp:type=\"link\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "url" ,
"spec_version" : "2.1" ,
"id" : "url--5da9a731-e150-45e7-b6eb-4724950d210f" ,
"value" : "https://github.com/eset/malware-ioc/tree/master/winnti_group"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5da9a997-c914-4995-84fb-4613950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-18T12:01:27.000Z" ,
"modified" : "2019-10-18T12:01:27.000Z" ,
"first_observed" : "2019-10-18T12:01:27Z" ,
"last_observed" : "2019-10-18T12:01:27Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5da9a997-c914-4995-84fb-4613950d210f" ,
"artifact--5da9a997-c914-4995-84fb-4613950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5da9a997-c914-4995-84fb-4613950d210f" ,
"name" : "ESET_Winnti.pdf" ,
"content_ref" : "artifact--5da9a997-c914-4995-84fb-4613950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5da9a997-c914-4995-84fb-4613950d210f" ,
"payload_bin" : " J V B E R i 0 x L j c N J e L j z 9 M N C j g 0 M y A w I G 9 i a g 0 8 P C 9 M a W 5 l Y X J p e m V k I D E v T C A 5 O T M 3 M j Y v T y A 4 N D U v R S A x M z I 5 N T M v T i A y N y 9 U I D k 5 M j c 3 N y 9 I I F s g M T k 0 N C A 4 N T l d P j 4 N Z W 5 k b 2 J q D S A g I C A g I C A g I C A g D Q o 5 O T Q g M C B v Y m o N P D w v R G V j b 2 R l U G F y b X M 8 P C 9 D b 2 x 1 b W 5 z I D U v U H J l Z G l j d G 9 y I D E y P j 4 v R m l s d G V y L 0 Z s Y X R l R G V j b 2 R l L 0 l E W z w 0 M D R D M j Q x N j Y 4 M D I 0 Q T N G Q j I 2 R k M 0 O U V D N D E x Q U E x M z 48 N z F F R j g 2 R D Y z N T l F Q U I 0 M E E w N E Z F R E R E Q z g 1 N E Y z Q z Y + X S 9 J b m R l e F s 4 N D M g N T I 0 X S 9 J b m Z v I D g 0 M i A w I F I v T G V u Z 3 R o I D M w M y 9 Q c m V 2 I D k 5 M j c 3 O C 9 S b 290 I D g 0 N C A w I F I v U 2 l 6 Z S A x M z Y 3 L 1 R 5 c G U v W F J l Z i 9 X W z E g M y A x X T 4 + c 3 R y Z W F t D Q p o 3 u y S P U 7 D Q B C F d + w g J C q L C u U C t E g 0 R O I e I G o O w Q G 4 A H 2 c 9 S 5 x G m h o U w Q h R M M R K G h o u Q E S P / O 8 Y p + 1 s U S R j m 0 + j d 6 M n 2 d n p h B j K l M Y s / O m l C v E r + C e c v t R W U y U 5 T v i c + g H y t E p l C d w H y z B Y 9 Q / w + d M W R 0 q x y f K 3 Q f l 1 h 14 D x + l X E I Z X 0 B H D z K D G y g W s Q d b K N e I O z a k t F E P i i e H T n G U n S f 1 X M N Z S / X t g E M X W 3 J w U Z E m d h v e x Q r X u C T b 0 E x 8 U j + l D h 0 p j r 6 t q b c Z u d W k L N Z 3 H h y o t 1 B j q R P y 6 T l 42 g J P g 3 z + o v B b e t l F M k 9 L r 6 O d 9 u b p k z + 6 g T + 6 Z C M u 7 l 2 m A 1 l P F x I d J C g 34 O 3 v z X x + r E w h p n x R 5 U f L z N w k q z r P I X P z l H x X m f m u / i u / z O h o + S 3 A A D l 0 a r k N C m V u Z H N 0 c m V h b Q 1 l b m R v Y m o N c 3 R h c n R 4 c m V m D Q o w D Q o l J U V P R g 0 K I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I C A g I A 0 K M T M 2 N i A w I G 9 i a g 0 8 P C 9 F I D E y N D Y v R m l s d G V y L 0 Z s Y X R l R G V j b 2 R l L 0 k g M T I 2 M i 9 M Z W 5 n d G g g N z U z L 0 8 g M T I z M C 9 T I D c 4 M S 9 U I D E x N T Q + P n N 0 c m V h b Q 0 K a N 6 k V E 9 I F F E Y / 97 O v H X X m j e z k r l Q h i U a X c K w c n X / 6 C 74 B 9 L o Y H q Q i r B / h 6 D I D i K V U p f t J l g z O 7 O u 68 w Y X Y I I I j p 0 k K J Q q O w S 2 S G w 8 N C h Q 2 F 46 t D 33 t v S j E 7 N 473 v 9 / t + 35 / 3 H o 8 B g A B A a A + E A M q O Q w W s f R V A 0 a t C a I I Q l U Q 3 l R M S B E o J f m F C g w R D y N X q 2 e W l h j m 9 h z w + f O R T 4 a I X J r 1 t f V s X G 4 I T B y 5 F p 42 a L + F R U j 979 s P 8 U r g u 1 h e 4 / 6 Z u E f O O z t Y Y t e O Z v n c d E 0 M z n z N s M B 9 K v x 7 c / q s z U V T f 0 p h u c p A T y C a q Q j n W m W G b R K W + l X M 0 3 T D t / C R K f r E w N W 0 5 h p a f 1 B n K v l I o e l a O O n m T a b r t G p P E V 3 M K n Z 4 q W I 6 u M d s w e R 5 W 9 H g V 282 L A M q Z b X C m F v y i l f O o Y x r Y Q t P d D T o y j 2 I t 1 z Y N 1 L G l R b G Y 7 p q 24 L 5 K v Z z i G C 7 T b a l 7 u J 112 Z L w T h s U z 0 J i u k K i C o q 8 C Z N N q O 9 Z i q O 5 O u e m T 1 T c g + I w 1 z R 0 o f M 7 c s Q d i W v B c M F c e V h x 1 o 3 Y x 7 C 1 n E g 2 i 88 h O w b Q h Y h E z m U 5 b s o K s + v g c J b r p L G d A 4E6 h q X W K Y w i I 8 n + d u k O 7 J a 8 T l I S k T Z S k l W Z R Y Y F 6 R e k U v Q g k f 5 S h 86 S b Z I W 5 B Y i 0 p S t W 2 u 5678 e J A I T m B p H e x v n j H i L p 8 A I j Y Q e 0 h P w l m Q J 0 J f k O 5 y E Z 1 C E R X I m t M o W q l Y i x 5 Q e Z S A w c K M n u k U Z g R Y c c U h B G l p x J H B K l E J v K y R x t g n O M U d x X N M l b x u y J I 445 i W w D l 85 T g r E P S n B Y y I u J v z N i H n P Z p y Z d d k S x Y W f 4 x S O 5 O / 6 a 2 t S 9 E h i b o t A L a V 9 J 0 T 8 n y M h 9 h w r o Z Q 4 A z 9 R J 3 S J / T e y e V i A V e M 0 X M H L q 9 e q 2 f m g p X Y f S p N 94 c 3 w j + 8 u s B e V a L e J C x + F c m 7 + D r u m j C 1 f i H 5 T b 32 t u t n 7 M d B r D S X G 9 s 71 X 37 Q 9 W z 8 H u x 4 l f m B Q X e A P Z o H 8 V f T u 9 E + B Z 1 e l / X U 92 i f g 77 z S a n + y k 8 B B g C 6 A k M C D Q p l b m R z d H J l Y W 0 N Z W 5 k b 2 J q D T g 0 N C A w I G 9 i a g 0 8 P C 9 M Y W 5 n K G V u L V V T K S 9 N Z X R h Z G F 0 Y S A x O T U g M C B S L 0 5 h b W V z I D k 5 N S A w I F I v T 3 V 0 b G l u Z X M g N j k x I D A g U i 9 Q Y W d l c y A 4 M z Y g M C B S L 1 R 5 c G U v Q 2 F 0 Y W x v Z y 9 W a W V 3 Z X J Q c m V m Z X J l b m N l c z w 8 L 0 R p c m V j d G l v b i 9 M M l I + P j 4 + D W V u Z G 9 i a g 0 4 N D U g M C B v Y m o N P D w v Q X J 0 Q m 94 W z A u M C A w L j A g N T k 1 L j I 3 N i A 4 N D E u O D l d L 0 J s Z W V k Q m 94 W z A u M C A w L j A g N T k 1 L j I 3 N i A 4 N D E u O D l d L 0 N v b n R l b n R z W z g 0 N y A w I F I g O D U x I D A g U i A
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5da9bac4-8018-45b3-b60d-409f950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-18T13:14:44.000Z" ,
"modified" : "2019-10-18T13:14:44.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '154.223.131.237']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-18T13:14:44Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5da9bac5-ace8-48af-9d73-4fc1950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-18T13:14:45.000Z" ,
"modified" : "2019-10-18T13:14:45.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '117.16.142.9']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-18T13:14:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5da9bac5-15c4-4d4e-a31a-42ff950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-18T13:14:45.000Z" ,
"modified" : "2019-10-18T13:14:45.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.19.3.109']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-18T13:14:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5da9bac5-7230-4355-b643-47fc950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-18T13:14:45.000Z" ,
"modified" : "2019-10-18T13:14:45.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '110.45.146.253']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-18T13:14:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5da9bac5-65a0-44a8-b240-49d6950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-18T13:14:45.000Z" ,
"modified" : "2019-10-18T13:14:45.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '117.16.142.69']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-18T13:14:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5da9bac5-4968-470a-a6c7-49fa950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-18T13:14:45.000Z" ,
"modified" : "2019-10-18T13:14:45.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '122.10.117.206']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-18T13:14:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5da9bac5-6904-4953-a448-48cb950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-18T13:14:45.000Z" ,
"modified" : "2019-10-18T13:14:45.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '207.148.125.56']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-18T13:14:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5da9bac5-ac64-4b44-abd4-4f72950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-18T13:14:45.000Z" ,
"modified" : "2019-10-18T13:14:45.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '118.193.236.206']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-18T13:14:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5da9bac5-11dc-4c9f-a61b-4ace950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-18T13:14:45.000Z" ,
"modified" : "2019-10-18T13:14:45.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '167.88.176.205']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-18T13:14:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5da9bac5-b890-467b-a2ed-43fc950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-18T13:14:45.000Z" ,
"modified" : "2019-10-18T13:14:45.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.224.83.95']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-18T13:14:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5da9bac5-9388-4e99-ba2a-4865950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-18T13:14:45.000Z" ,
"modified" : "2019-10-18T13:14:45.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.19.3.21']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-18T13:14:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5da9bac5-90bc-479f-8ba7-472b950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-18T13:14:45.000Z" ,
"modified" : "2019-10-18T13:14:45.000Z" ,
"pattern" : "[domain-name:value = 'xp101.dyn-dns.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-18T13:14:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5da9bac5-1808-47fa-9bfb-40c7950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-18T13:14:45.000Z" ,
"modified" : "2019-10-18T13:14:45.000Z" ,
"pattern" : "[domain-name:value = 'svn-dns.ahnlabinc.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-18T13:14:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5da9bac5-15c0-4bac-ba29-4b19950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-18T13:14:45.000Z" ,
"modified" : "2019-10-18T13:14:45.000Z" ,
"pattern" : "[domain-name:value = 'dns1-1.7release.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-18T13:14:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5da9bac5-a5b4-45e9-8516-4fe9950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-18T13:14:45.000Z" ,
"modified" : "2019-10-18T13:14:45.000Z" ,
"pattern" : "[domain-name:value = 'ssl.dyn-dns.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-18T13:14:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db97273-489c-4cd4-982c-84d5950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:22:27.000Z" ,
"modified" : "2019-10-30T11:22:27.000Z" ,
"pattern" : "[url:value = 'https://docs.google.com/document/d/1jcRsFZM59x_4AKJabmz8sPFsKOZArV4bTn3WsYonUns']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:22:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db97273-e158-4cc8-a534-84d5950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:22:27.000Z" ,
"modified" : "2019-10-30T11:22:27.000Z" ,
"pattern" : "[url:value = 'https://docs.google.com/document/d/1KJ_RJRtkKhcuJjXOCKtEOLuwH3sRi72PUhtfukncyRc']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:22:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db97273-09c8-426a-8698-84d5950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:22:27.000Z" ,
"modified" : "2019-10-30T11:22:27.000Z" ,
"pattern" : "[url:value = 'https://docs.google.com/document/d/1T5P3SS-QTO1nOS6IlKFA_chimnMPmhon8E_kuRSodWw']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:22:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db97273-1214-4500-b73a-84d5950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:22:27.000Z" ,
"modified" : "2019-10-30T11:22:27.000Z" ,
"pattern" : "[url:value = 'https://steamcommunity.com/id/869406565']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:22:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db97273-f79c-4136-a48d-84d5950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:22:27.000Z" ,
"modified" : "2019-10-30T11:22:27.000Z" ,
"pattern" : "[url:value = 'https://steamcommunity.com/id/61198869528']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:22:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db97273-f44c-411b-8d7f-84d5950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:22:27.000Z" ,
"modified" : "2019-10-30T11:22:27.000Z" ,
"pattern" : "[url:value = 'https://raw.githubusercontent.com/Enterprise-Backup/windows/master/Readme.html']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:22:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db97273-0f0c-47de-87d3-84d5950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:22:27.000Z" ,
"modified" : "2019-10-30T11:22:27.000Z" ,
"pattern" : "[url:value = 'https://pastebin.com/JgduT7NH']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:22:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db97273-2f70-4eab-8c8c-84d5950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:22:27.000Z" ,
"modified" : "2019-10-30T11:22:27.000Z" ,
"pattern" : "[url:value = 'https://docs.google.com/document/d/1-vFbL5nw85uJeS-X9sYEJ0CAsUzJE3kidJg6Gg_vZ7s']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:22:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db97273-5934-4381-8163-84d5950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:22:27.000Z" ,
"modified" : "2019-10-30T11:22:27.000Z" ,
"pattern" : "[url:value = 'https://social.msdn.microsoft.com/profile/Pf9Je@']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:22:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db9a1af-b234-4ee0-ae9b-4def950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T14:43:59.000Z" ,
"modified" : "2019-10-30T14:43:59.000Z" ,
"pattern" : "[// For feedback or questions contact us at: github@eset.com\r\n// https://github.com/eset/malware-ioc/\r\n//\r\n// These yara rules are provided to the community under the two-clause BSD\r\n// license as follows:\r\n//\r\n// Copyright (c) 2019, ESET\r\n// All rights reserved.\r\n//\r\n// Redistribution and use in source and binary forms, with or without\r\n// modification, are permitted provided that the following conditions are met:\r\n//\r\n// 1. Redistributions of source code must retain the above copyright notice, this\r\n// list of conditions and the following disclaimer.\r\n//\r\n// 2. Redistributions in binary form must reproduce the above copyright notice,\r\n// this list of conditions and the following disclaimer in the documentation\r\n// and/or other materials provided with the distribution.\r\n//\r\n// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \"AS IS\"\r\n// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\r\n// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE\r\n// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE\r\n// FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL\r\n// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR\r\n// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER\r\n// CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,\r\n// OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\r\n// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\r\n//\r\n\r\nrule skip20_sqllang_hook\r\n{\r\n meta:\r\n author = \"Mathieu Tartare <mathieu.tartare@eset.com>\"\r\n date = \"21-10-2019\"\r\n description = \"YARA rule to detect if a sqllang.dll version is targeted by skip-2.0. Each byte pattern corresponds to a function hooked by skip-2.0. If $1_0 or $1_1 match, it is probably targeted as it corresponds to the hook responsible for bypassing the authentication.\"\r\n reference = \"https://www.welivesecurity.com/\" \r\n source = \"https://github.com/eset/malware-ioc/\"\r\n contact = \"github@eset.com\"\r\n license = \"BSD 2-Clause\" \ r \ n \ r \ n s t r i n g s : \ r \ n $ 1 _ 0 = { f f f 3 5 5 5 6 5 7 4 1 5 6 4 8 8 1 e c c 0 0 1 0 0 0 0 4 8 c 7 4 4 2 4 3 8 f e f f f f f f } \ r \ n $ 1 _ 1 = { 4 8 8 b c 3 4 c 8 d 9 c 2 4 a 0 0 0 0 0 0 0 4 9 8 b 5 b 1 0 4 9 8 b 6 b 1 8 4 9 8 b 7 3 2 0 4 9 8 b 7 b 2 8 4 9 8 b e 3 4 1 5 e c 3 9 0 9 0 9 0 9 0 9 0 9 0 9 0 f f 2 5 } \ r \ n $ 2 _ 0 = { f f f 3 5 5 5 7 4 1 5 5 4 8 8 3 e c 5 8 6 5 4 8 8 b 0 4 2 5 3 0 0 0 0 0 0 0 } \ r \ n $ 2 _ 1 = { 4 8 8 b 5 c 2 4 3 0 4 8 8 b 7 4 2 4 3 8 4 8 8 3 c 4 2 0 5 f c 3 9 0 9 0 9 0 9 0 9 0 9 0 9 0 9 0 9 0 9 0 9 0 9 0 9 0 9 0 9 0 f f 2 5 } \ r \ n $ 3 _ 0 = { 8 9 4 c 2 4 0 8 4 c 8 b d c 4 9 8 9 5 3 1 0 4 d 8 9 4 3 1 8 4 d 8 9 4 b 2 0 5 7 4 8 8 1 e c 9 0 0 0 0 0 0 0 } \ r \ n $ 3 _ 1 = { 4 c 8 d 9 c 2 4 2 0 0 1 0 0 0 0 4 9 8 b 5 b 4 0 4 9 8 b 7 3 4 8 4 9 8 b e 3 4 1 5 f 4 1 5 e 4 1 5 c 5 f 5 d c 3 } \ r \ n $ 4 _ 0 = { f f f 5 4 1 5 6 4 1 5 7 4 8 8 1 e c 9 0 0 0 0 0 0 0 4 8 8 d 6 c 2 4 5 0 4 8 c 7 4 5 2 8 f e f f f f f f 4 8 8 9 5 d 6 0 4 8 8 9 7 5 6 8 4 8 8 9 7 d 7 0 4 c 8 9 6 5 7 8 } \ r \ n $ 4 _ 1 = { 8 b c 1 4 8 8 b 8 c 2 4 3 0 0 2 0 0 0 0 4 8 3 3 c c } \ r \ n $ 5 _ 0 = { 4 8 8 b c 4 5 7 4 1 5 4 4 1 5 5 4 1 5 6 4 1 5 7 4 8 8 1 e c 9 0 0 3 0 0 0 0 4 8 c 7 8 0 6 8 f d f f f f f e f f f f f f 4 8 8 9 5 8 1 8 4 8 8 9 7 0 2 0 } \ r \ n $ 5 _ 1 = { 4 8 c 7 8 0 6 8 f d f f f f f e f f f f f f 4 8 8 9 5 8 1 8 4 8 8 9 7 0 2 0 } \ r \ n $ 6 _ 0 = { 4 4 8 8 4 c 2 4 2 0 4 4 8 9 4 4 2 4 1 8 4 8 8 9 5 4 2 4 1 0 4 8 8 9 4 c 2 4 0 8 5 3 5 6 5 7 4 1 5 4 4 1 5 5 4 1 5 6 4 1 5 7 4 8 8 1 e c 8 0 0 1 0 0 0 0 } \ r \ n $ 6 _ 1 = { 4 8 8 9 4 c 2 4 0 8 5 3 5 6 5 7 4 1 5 4 4 1 5 5 4 1 5 6 4 1 5 7 4 8 8 1 e c 8 0 0 1 0 0 0 0 4 8 c 7 8 4 2 4 e 8 0 0 0 0 0 0 f e f f f f f f } \ r \ n $ 7 _ 0 = { 0 8 4 8 8 9 7 4 2 4 1 0 5 7 4 8 8 3 e c 2 0 4 9 6 3 d 8 4 8 8 b f 2 4 8 8 b f 9 4 5 8 5 c 0 } \ r \ n $ 7 _ 1 = { 2 0 4 9 6 3 d 8 4 8 8 b f 2 4 8 8 b f 9 4 5 8 5 } \ r \ n $ 8 _ 0 = { 4 8 8 9 0 1 4 8 8 b c 2 4 8 c 7 4 1 0 8 0 4 0 0 0 0 0 0 c 3 9 0 9 0 9 0 9 0 9 0 9 0 9 0 9 0 9 0 9 0 8 9 9 1 4 0 [ 1 1 3 0 0 - ] f f f 5 5 6 5 7 4 1 5 4 4 1 5 5 4 1 5 6 4 1 5 7 4 8 8 b e c 4 8 8 3 e c 7 0 } \ r \ n $ 9 _ 0 = { 4 8 8 9 0 1 4 8 8 b c 2 4 8 c 7 4 1 0 8 0 4 0 0 0 0 0 0 c 3 9 0 9 0 9 0 9 0 9 0 9 0 9 0 9 0 9 0 9 0 8 9 9 1 4 0 [ 4 0 0 5 0 - ] 4 8 8 b c 4 5 5 4 1 5 4 4 1 5 5 4 1 5 6
"pattern_type" : "yara" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T14:43:59Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"yara\"" ,
"misp:category=\"Payload delivery\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--5da81b53-15a4-4423-8709-4387950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-17T07:42:11.000Z" ,
"modified" : "2019-10-17T07:42:11.000Z" ,
"labels" : [
"misp:name=\"microblog\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "post" ,
"value" : ".@welivesecurity\r\n and @eset\r\n used @censysio\r\n to measure continued winnti attacks. Check out their white paper to learn about indicators of compromise and help your organization prevent future compromise" ,
"category" : "Other" ,
"uuid" : "5da81b53-e9c0-46d1-a9de-490f950d210f"
} ,
{
"type" : "link" ,
"object_relation" : "link" ,
"value" : "https://mobile.twitter.com/censysio/status/1183760178308681729" ,
"category" : "External analysis" ,
"uuid" : "5da81b53-904c-4303-bda7-4d87950d210f"
} ,
{
"type" : "text" ,
"object_relation" : "type" ,
"value" : "Twitter" ,
"category" : "Other" ,
"uuid" : "5da81b54-1464-4b2a-83ad-408c950d210f"
} ,
{
"type" : "text" ,
"object_relation" : "username-quoted" ,
"value" : "@welivesecurity" ,
"category" : "Other" ,
"uuid" : "5da81b54-8094-4ef0-9cc7-41aa950d210f"
} ,
{
"type" : "text" ,
"object_relation" : "username-quoted" ,
"value" : "@censysio" ,
"category" : "Other" ,
"uuid" : "5da81b54-83c4-410e-99eb-4102950d210f"
} ,
{
"type" : "text" ,
"object_relation" : "username-quoted" ,
"value" : "@eset" ,
"category" : "Other" ,
"uuid" : "5da81b54-e388-4154-96be-47b0950d210f"
} ,
{
"type" : "link" ,
"object_relation" : "embedded-link" ,
"value" : "https://t.co/hGjnNQHll0?amp=1" ,
"category" : "External analysis" ,
"to_ids" : true ,
"uuid" : "5da81b54-5230-4fce-9e1e-4258950d210f"
} ,
{
"type" : "link" ,
"object_relation" : "embedded-link" ,
"value" : "https://www.welivesecurity.com/2019/10/14/connecting-dots-exposing-arsenal-methods-winnti/" ,
"category" : "External analysis" ,
"to_ids" : true ,
"uuid" : "5da81b54-82a8-4efc-b27e-4988950d210f"
} ,
{
"type" : "text" ,
"object_relation" : "username" ,
"value" : "censysio" ,
"category" : "Other" ,
"uuid" : "5da81b54-62e0-4352-9dd0-4d0a950d210f"
} ,
{
"type" : "text" ,
"object_relation" : "state" ,
"value" : "Informative" ,
"category" : "Other" ,
"uuid" : "5da81b54-2598-4c45-8f5c-4f68950d210f"
} ,
{
"type" : "datetime" ,
"object_relation" : "creation-date" ,
"value" : "Oct 14, 2019 5:03 PM" ,
"category" : "Other" ,
"uuid" : "5da81b54-3514-4bc8-9e0c-4bcb950d210f"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "microblog"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6c4fa-04a8-4cca-b559-4f73950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T09:49:34.000Z" ,
"modified" : "2019-10-30T09:49:34.000Z" ,
"description" : "PortReuse backdoor - .NET injector" ,
"pattern" : "[file:hashes.SHA1 = '395e87c5bd00f78bf4c63880c6982a7941a2ecd0' AND file:name = 'Inner-Loader.dll' AND file:parent_directory_ref.path = 'E:\\\\code\\\\PortReuse\\\\3389-share\\\\DeviceIO\r\nContrl-Hook\\\\v1.3-WSAAccept\\\\Inner-Loader\\\\\r\nx64\\\\Release\\\\' AND file:x_misp_fullpath = 'E:\\\\code\\\\PortReuse\\\\3389-share\\\\DeviceIO\r\nContrl-Hook\\\\v1.3-WSAAccept\\\\Inner-Loader\\\\\r\nx64\\\\Release\\\\Inner-Loader.dll']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T09:49:34Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6c52b-7858-46ad-8b66-4ad4950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T10:48:51.000Z" ,
"modified" : "2019-10-28T10:48:51.000Z" ,
"description" : "PortReuse backdoor - VBS injector" ,
"pattern" : "[file:hashes.SHA1 = '08b825c87171500e694798527e17a849160b0a72']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T10:48:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6c864-75fc-448b-85b5-1a25950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T14:10:47.000Z" ,
"modified" : "2019-10-29T14:10:47.000Z" ,
"description" : "PortReuse backdoor - InnerLoader" ,
"pattern" : "[file:hashes.SHA1 = '97709d62531d12a6994bce5787d519db52435a62' AND file:parent_directory_ref.path = 'E:\\\\code\\\\PortReuse\\\\3389-share\\\\DeviceIOContrl-Hook\\\\\r\nv1.3-WSAAccept\\\\Inner-Loader\\\\x64\\\\Release\\\\' AND file:x_misp_fullpath = 'E:\\\\code\\\\PortReuse\\\\3389-share\\\\DeviceIOContrl-Hook\\\\\r\nv1.3-WSAAccept\\\\Inner-Loader\\\\x64\\\\Release\\\\In-\r\nner-Loader.dll']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T14:10:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6d0f5-432c-456e-9b18-4d12950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T14:13:24.000Z" ,
"modified" : "2019-10-29T14:13:24.000Z" ,
"description" : "PortReuse backdoor - InnerLoader" ,
"pattern" : "[file:hashes.SHA1 = '252640016faeff97fa22eb2b736973ed16d73fbe' AND file:name = 'Inner-Loader.dll' AND file:parent_directory_ref.path = 'E:\\\\code\\\\PortReuse\\\\3389-share\\\\DeviceIOContrl-Hook\\\\\r\nv1.3-53\\\\Inner-Loader\\\\x64\\\\Release\\\\' AND file:x_misp_fullpath = 'E:\\\\code\\\\PortReuse\\\\3389-share\\\\DeviceIOContrl-Hook\\\\\r\nv1.3-53\\\\Inner-Loader\\\\x64\\\\Release\\\\Inner-Loader.dll']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T14:13:24Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6d17a-c4fc-45ce-a576-4607950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T09:51:13.000Z" ,
"modified" : "2019-10-30T09:51:13.000Z" ,
"description" : "PortReuse backdoor - InnerLoader" ,
"pattern" : "[file:hashes.SHA1 = 'f5ba05240b1609d4131d5dca7f5e6e90b5748004' AND file:name = 'Inner-Loader.dll']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T09:51:13Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6d45d-d7cc-456f-8e65-462a950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T11:43:25.000Z" ,
"modified" : "2019-10-28T11:43:25.000Z" ,
"description" : "PortReuse backdoor - NetAgent" ,
"pattern" : "[file:hashes.SHA1 = '5ab3461b17ee3806abbb06b8966f6b0011f3d8f2']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T11:43:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6d484-45f8-4fee-af9a-458f950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T14:03:14.000Z" ,
"modified" : "2019-10-29T14:03:14.000Z" ,
"description" : "PortReuse backdoor - NetAgent" ,
"pattern" : "[file:hashes.SHA1 = 'e14a6a8447ce1d45494e613d6327430d9025a2e5' AND file:name = 'NetAgent.exe' AND file:parent_directory_ref.path = 'E:\\\\code\\\\PortReuse\\\\3389-share\\\\DeviceIOContrl-Hook\\\\\r\nv1.3-WSAAccept\\\\NetAgent\\\\x64\\\\Release\\\\' AND file:x_misp_fullpath = 'E:\\\\code\\\\PortReuse\\\\3389-share\\\\DeviceIOContrl-Hook\\\\\r\nv1.3-WSAAccept\\\\NetAgent\\\\x64\\\\Release\\\\NetAgent.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T14:03:14Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6d4b2-0544-4dc5-98bb-458f950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T14:12:54.000Z" ,
"modified" : "2019-10-29T14:12:54.000Z" ,
"description" : "PortReuse backdoor - NetAgent" ,
"pattern" : "[file:hashes.SHA1 = '74a68dad4bc87eacca93106832f8b4aee82843a2' AND file:name = 'NetAgent.exe' AND file:parent_directory_ref.path = 'E:\\\\code\\\\PortReuse\\\\3389-share\\\\DeviceIOContrl-Hook\\\\\r\nv1.3-53\\\\NetAgent\\\\x64\\\\Release\\\\' AND file:x_misp_fullpath = 'E:\\\\code\\\\PortReuse\\\\3389-share\\\\DeviceIOContrl-Hook\\\\\r\nv1.3-53\\\\NetAgent\\\\x64\\\\Release\\\\NetAgent.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T14:12:54Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6d505-ffa4-4bad-b88f-4f39950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T14:16:49.000Z" ,
"modified" : "2019-10-29T14:16:49.000Z" ,
"description" : "PortReuse backdoor - SK3" ,
"pattern" : "[file:hashes.SHA1 = 'a1aed6fd6990a74590864f9d2a6e714a715fce3e' AND file:name = 'SK3.x.exe' AND file:parent_directory_ref.path = 'E:\\\\code\\\\PortReuse\\\\3389-share\\\\DeviceIOContrl-Hook\\\\\r\nv1.3-WSAAccept\\\\SK3.x\\\\x64\\\\Release\\\\' AND file:x_misp_fullpath = 'E:\\\\code\\\\PortReuse\\\\3389-share\\\\DeviceIOContrl-Hook\\\\\r\nv1.3-WSAAccept\\\\SK3.x\\\\x64\\\\Release\\\\SK3.x.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T14:16:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6d523-c04c-4605-add3-4ca6950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T11:46:43.000Z" ,
"modified" : "2019-10-28T11:46:43.000Z" ,
"description" : "PortReuse backdoor - SK3" ,
"pattern" : "[file:hashes.SHA1 = '14c32d0c0346ef4a2b1993fda9aab670806b9284']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T11:46:43Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6d538-0514-484f-9a89-4015950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T14:13:57.000Z" ,
"modified" : "2019-10-29T14:13:57.000Z" ,
"description" : "PortReuse backdoor - SK3" ,
"pattern" : "[file:hashes.SHA1 = 'e0f276ed16027ed2953a7b0e5274d3f563a75a9d' AND file:name = 'SK3.x.exe' AND file:parent_directory_ref.path = 'E:\\\\code\\\\PortReuse\\\\3389-share\\\\DeviceIOContrl-Hook\\\\\r\nv1.3-53\\\\SK3.x\\\\x64\\\\Release\\\\' AND file:x_misp_fullpath = 'E:\\\\code\\\\PortReuse\\\\3389-share\\\\DeviceIOContrl-Hook\\\\\r\nv1.3-53\\\\SK3.x\\\\x64\\\\Release\\\\SK3.x.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T14:13:57Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6d6a3-b9d4-4b20-af9c-464a950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T11:53:07.000Z" ,
"modified" : "2019-10-28T11:53:07.000Z" ,
"description" : "PortReuse backdoor - Merged NetAgent & ProcTran" ,
"pattern" : "[file:hashes.SHA1 = '20ca6eae9d6cf2275f9bfd24a0e07f75bee119ba']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T11:53:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6df8f-fefc-462f-9205-ab10950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T10:10:42.000Z" ,
"modified" : "2019-10-30T10:10:42.000Z" ,
"description" : "PortReuse backdoor - Merged NetAgent & ProcTran" ,
"pattern" : "[file:hashes.SHA1 = 'dbe3eece00c255a3fdf924b82621394377b0e865' AND file:name = '80.dll']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T10:10:42Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6e01d-5a04-4537-8acd-aaaf950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T10:10:12.000Z" ,
"modified" : "2019-10-30T10:10:12.000Z" ,
"description" : "PortReuse backdoor - Merged NetAgent & ProcTran" ,
"pattern" : "[file:hashes.SHA1 = '52a8c38890360d0b32993a44c9e94e660f3fa8f4' AND file:name = 'IIS_Share.dll' AND file:parent_directory_ref.path = 'E:\\\\code\\\\PortReuse\\\\iis-share\\\\2.5\\\\\r\nIIS_Share\\\\x64\\\\Release\\\\' AND file:x_misp_fullpath = 'E:\\\\code\\\\PortReuse\\\\iis-share\\\\2.5\\\\\r\nIIS_Share\\\\x64\\\\Release\\\\IIS_Share.dll']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T10:10:12Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6e066-a8b0-4b15-89ff-ab08950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T14:16:21.000Z" ,
"modified" : "2019-10-29T14:16:21.000Z" ,
"description" : "PortReuse backdoor - UserFunction" ,
"pattern" : "[file:hashes.SHA1 = 'a08922372042b4c3c0faa120e9dd626823cdb3c7' AND file:name = 'UserFunction.dll']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T14:16:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6e087-b960-403c-b7d4-8c71950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T12:35:19.000Z" ,
"modified" : "2019-10-28T12:35:19.000Z" ,
"description" : "PortReuse backdoor - UserFunction" ,
"pattern" : "[file:hashes.SHA1 = '93f623c91f579d33788f84a9a83478cd2e9646aa']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T12:35:19Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6e157-2930-415d-ae13-aab4950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T14:17:11.000Z" ,
"modified" : "2019-10-29T14:17:11.000Z" ,
"description" : "PortReuse backdoor - ProcTran" ,
"pattern" : "[file:hashes.SHA1 = '44ddbf7aa256a4b0e25de585e95ea520bf2c4891' AND file:name = 'ProcTran.dll']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T14:17:11Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6e169-368c-4156-88a4-aa34950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T12:39:05.000Z" ,
"modified" : "2019-10-28T12:39:05.000Z" ,
"description" : "PortReuse backdoor - ProcTran" ,
"pattern" : "[file:hashes.SHA1 = '75b7a4b7e01cecc9afbdab01c49e9d7fccacfdc0']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T12:39:05Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6ecb4-bd00-45af-93f7-ab10950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T13:27:16.000Z" ,
"modified" : "2019-10-28T13:27:16.000Z" ,
"description" : "Payload in Overlay" ,
"pattern" : "[file:hashes.SHA1 = '4dc5fadece500ccd8cc49cfcf8a1b59baee3382a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T13:27:16Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6ecee-b3fc-4121-873e-d7ac950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T13:28:14.000Z" ,
"modified" : "2019-10-28T13:28:14.000Z" ,
"description" : "Payload in Overlay" ,
"pattern" : "[file:hashes.SHA1 = '971bb08196bba400b07cf213345f55ce0a6eedc8']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T13:28:14Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6ecfa-1f90-4e30-9a1d-d7a7950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T13:28:26.000Z" ,
"modified" : "2019-10-28T13:28:26.000Z" ,
"description" : "Payload in Overlay" ,
"pattern" : "[file:hashes.SHA1 = 'c44d06f79e5e42b08be17a8a7dbaf61400f1de28']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T13:28:26Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6ee3d-5a64-41ed-aecc-d7a7950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T13:33:49.000Z" ,
"modified" : "2019-10-28T13:33:49.000Z" ,
"description" : "Payload in Overlay" ,
"pattern" : "[file:hashes.SHA1 = '634344fafd6e16f171b0857962149659639fdf41']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T13:33:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6ee48-de24-4ae3-b0ed-aa2c950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T13:34:00.000Z" ,
"modified" : "2019-10-28T13:34:00.000Z" ,
"description" : "Payload in Overlay" ,
"pattern" : "[file:hashes.SHA1 = '22b82ae0819da2fd887be55a8508ffb46d02ca99']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T13:34:00Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6ee63-1dd8-4704-bffa-d7ac950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T13:34:27.000Z" ,
"modified" : "2019-10-28T13:34:27.000Z" ,
"description" : "Payload in Overlay" ,
"pattern" : "[file:hashes.SHA1 = 'ed0c9354d34d6e9f09b7038d391e846cdd9e0eae']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T13:34:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6ee75-75ac-454d-a6a2-d7ac950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T13:34:45.000Z" ,
"modified" : "2019-10-28T13:34:45.000Z" ,
"description" : "Payload in Overlay" ,
"pattern" : "[file:hashes.SHA1 = 'f14694bdde921b31030300cc9bdc5574ba3d9f74']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T13:34:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6ef0d-2518-4ee4-9671-d7ac950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T13:37:17.000Z" ,
"modified" : "2019-10-28T13:37:17.000Z" ,
"description" : "Payload in Overlay" ,
"pattern" : "[file:hashes.SHA1 = '672bb391b92681adcfcfb4f2f728edf32f2fb8fe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T13:37:17Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6ef1b-982c-40ec-8579-d7ac950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T13:37:31.000Z" ,
"modified" : "2019-10-28T13:37:31.000Z" ,
"description" : "Payload in Overlay" ,
"pattern" : "[file:hashes.SHA1 = '82072cb53416c89bfee95b239f9a90677a0848df']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T13:37:31Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6ef2b-dc58-45ee-b140-d7ac950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T13:37:47.000Z" ,
"modified" : "2019-10-28T13:37:47.000Z" ,
"description" : "Payload in Overlay" ,
"pattern" : "[file:hashes.SHA1 = 'e6d43344a354eb17e0e0e76ad391fbcaf9c34119']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T13:37:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6ef38-756c-4596-a322-d7c4950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T13:38:00.000Z" ,
"modified" : "2019-10-28T13:38:00.000Z" ,
"description" : "Payload in Overlay" ,
"pattern" : "[file:hashes.SHA1 = '438178a5816d3ef6ac02d4db929a48fa558e514c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T13:38:00Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6ef71-c394-46e2-813b-d7c4950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T13:38:57.000Z" ,
"modified" : "2019-10-28T13:38:57.000Z" ,
"description" : "PortReuse backdoor - Payload in ADS" ,
"pattern" : "[file:hashes.SHA1 = 'b09addde1523c223c4f8fbf0e541c627e4a04400']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T13:38:57Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6ef7c-90f0-4b02-8ca0-ab10950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T13:39:08.000Z" ,
"modified" : "2019-10-28T13:39:08.000Z" ,
"description" : "PortReuse backdoor - Payload in ADS" ,
"pattern" : "[file:hashes.SHA1 = '9e8883a6de72d338e2c0c1a0e291d013a0ce9058']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T13:39:08Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6f013-984c-4022-9fd6-d7c4950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T13:41:39.000Z" ,
"modified" : "2019-10-28T13:41:39.000Z" ,
"description" : "PortReuse backdoor - Payload in Overlay" ,
"pattern" : "[file:hashes.SHA1 = '4d090e6b749d4d3d8e413f44eb2de6925c78cd82']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T13:41:39Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6f01d-4b94-41ef-95bf-d7ac950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T13:41:49.000Z" ,
"modified" : "2019-10-28T13:41:49.000Z" ,
"description" : "PortReuse backdoor - Payload in Overlay" ,
"pattern" : "[file:hashes.SHA1 = 'bdbadb2e3eedd72dd6f8d9235699a139cab69aae']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T13:41:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6f02a-d84c-48c2-83ca-d7ac950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T13:42:02.000Z" ,
"modified" : "2019-10-28T13:42:02.000Z" ,
"description" : "PortReuse backdoor - Payload in Overlay" ,
"pattern" : "[file:hashes.SHA1 = '757ff5ec3dc53abbb62391b14883ef460f6fd404']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T13:42:02Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6f056-7ce0-4444-be73-d7ac950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T13:42:46.000Z" ,
"modified" : "2019-10-28T13:42:46.000Z" ,
"description" : "PortReuse backdoor - Payload in Overlay" ,
"pattern" : "[file:hashes.SHA1 = 'b4446480813d3bfc8de4049a32a72cc0eb0d8094']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T13:42:46Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db6f06d-3164-4e8e-8a15-d7ac950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T13:43:09.000Z" ,
"modified" : "2019-10-28T13:43:09.000Z" ,
"description" : "PortReuse backdoor - Payload in Overlay" ,
"pattern" : "[file:hashes.SHA1 = 'bd1f1494b8d18daf07de7d47549a7e27ff3ffd05']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T13:43:09Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9f4dd17f-2e1a-4f0b-b683-90017f4afa22" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T14:09:23.000Z" ,
"modified" : "2019-10-28T14:09:23.000Z" ,
"pattern" : "[file:hashes.SHA1 = '95a41fdddc8caf097902b484f8440bddad0c5b32' AND file:name = 'Install.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T14:09:23Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--bf6b7c84-d319-4d5c-945d-7212bd6a51e5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T14:09:23.000Z" ,
"modified" : "2019-10-28T14:09:23.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'd9a54f79ca15c7e363dbe62b4d1c5c8d103103a2' AND file:name = 'Install.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T14:09:23Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--02167ca1-c864-4874-80e0-9f95f34203d7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T14:09:24.000Z" ,
"modified" : "2019-10-28T14:09:24.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'daf1cd345f44cb2bf1cfa8d68eecaf1961cbd51f' AND file:name = 'Install.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T14:09:24Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--61e88614-f681-4c44-bd80-6b67051237ad" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T14:09:24.000Z" ,
"modified" : "2019-10-28T14:09:24.000Z" ,
"pattern" : "[file:hashes.SHA1 = '3df753f56bb53f72d3df735a898d7221c3b5272e' AND file:name = 'Install.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T14:09:24Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2108b29c-afee-484b-ae27-a94606415277" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T14:09:25.000Z" ,
"modified" : "2019-10-28T14:09:25.000Z" ,
"pattern" : "[file:hashes.SHA1 = '6c10c9d46531fbc5f0c2372a116ab31c730ed4b7' AND file:name = 'Install.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T14:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1240483b-92cc-4446-b80d-19a11fe384f0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T14:09:25.000Z" ,
"modified" : "2019-10-28T14:09:25.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'd74f1c8257409ad964db22087a559609c2d0d978' AND file:name = 'Install.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T14:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4c9f794f-315c-47c3-a438-27cc72d799da" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T14:09:26.000Z" ,
"modified" : "2019-10-28T14:09:26.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'e6677e5e2d68bc544b210e69d9c8df6a2752c20a' AND file:name = 'Install.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T14:09:26Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d93d7144-e63f-4a9e-82a4-f53b47e4a3bb" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T14:09:26.000Z" ,
"modified" : "2019-10-28T14:09:26.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'ec0e4a6e2e630267c13b449ed4cf3f04598e40df' AND file:name = 'Install.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T14:09:26Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--87df7ad4-ddd9-428a-9e6d-72479189cded" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T14:09:27.000Z" ,
"modified" : "2019-10-28T14:09:27.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'f61403e7730d17b967da3143bc7cb33eebe826c0' AND file:name = 'Install.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T14:09:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0fa75ab7-1c57-4f9f-9114-28371e09e1d3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T14:09:27.000Z" ,
"modified" : "2019-10-28T14:09:27.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'fd9ded44c47585541b89ffd25907a9a2ed41a995' AND file:name = 'Install.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T14:09:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--88c36229-7514-4447-93d8-4f09fde9b969" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T14:09:28.000Z" ,
"modified" : "2019-10-28T14:09:28.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'e0b1005da5b35e31f09fc82a694f188a92cca85d' AND file:name = 'Install.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T14:09:28Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1003b7d6-defc-46b9-8f69-3e679daa7314" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T14:09:30.000Z" ,
"modified" : "2019-10-28T14:09:30.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'cd36caf7f7cd9f161743348d2ea69a9e0254c3b5' AND file:name = 'Install.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T14:09:30Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e102c5cb-c6f2-46a7-9b6e-cf4fa1ff3a2e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T14:09:30.000Z" ,
"modified" : "2019-10-28T14:09:30.000Z" ,
"pattern" : "[file:hashes.SHA1 = '2c35e28fba5d05f10430c4d70e4938426f38e228' AND file:name = 'Install.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T14:09:30Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cac254de-ca4b-4a76-bc58-1889273aad59" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T14:09:31.000Z" ,
"modified" : "2019-10-28T14:09:31.000Z" ,
"pattern" : "[file:hashes.SHA1 = '1ae6fbad7af15fb7e60dbbfea964f0e49372ae53' AND file:name = 'Install.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T14:09:31Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9125946a-81da-4294-8bdd-ddb31f9d7784" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-28T14:09:31.000Z" ,
"modified" : "2019-10-28T14:09:31.000Z" ,
"pattern" : "[file:hashes.SHA1 = '1ec1b5a902869ed5d51012826a34ffa9225853cb' AND file:name = 'Install.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-28T14:09:31Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7f565-0d88-4d46-88a1-eeed950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:16:37.000Z" ,
"modified" : "2019-10-29T08:16:37.000Z" ,
"description" : "Winnti" ,
"pattern" : "[file:hashes.SHA1 = '5105f3020b5e680fa66d664c7f8c811f072933cf']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:16:37Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7f583-6564-4b53-bed5-4d44950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:17:07.000Z" ,
"modified" : "2019-10-29T08:17:07.000Z" ,
"description" : "Winnti" ,
"pattern" : "[file:hashes.SHA1 = '723b27aba08cbb3a9ca42f7e8350451d00829e5a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:17:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7f59a-2034-410b-97e8-4303950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:17:30.000Z" ,
"modified" : "2019-10-29T08:17:30.000Z" ,
"description" : "Winnti" ,
"pattern" : "[file:hashes.SHA1 = '55155c3a7b993584a07acdbf92f2200804c00e02']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:17:30Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7f5ad-1cf0-4210-86a8-eef6950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:17:49.000Z" ,
"modified" : "2019-10-29T08:17:49.000Z" ,
"description" : "Winnti" ,
"pattern" : "[file:hashes.SHA1 = '8df84b01b08ee983c66becc59c0f361d246a96ed']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:17:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7f5b8-20f8-4519-be23-eef5950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:18:00.000Z" ,
"modified" : "2019-10-29T08:18:00.000Z" ,
"description" : "Winnti" ,
"pattern" : "[file:hashes.SHA1 = 'e26b59789029d23bd9232fa6b1c90ec9379b9066']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:18:00Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7f5c8-f3bc-4145-885c-eef5950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:18:16.000Z" ,
"modified" : "2019-10-29T08:18:16.000Z" ,
"description" : "Winnti" ,
"pattern" : "[file:hashes.SHA1 = 'b6819c870df88a973eb48b572ad1cfeaeb6a655a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:18:16Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7f5e9-c448-4a88-8a54-eef5950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:18:49.000Z" ,
"modified" : "2019-10-29T08:18:49.000Z" ,
"description" : "Winnti" ,
"pattern" : "[file:hashes.SHA1 = 'd62a0bd08c5b435d1b8a0505e8018d58a9667b2c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:18:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7f5fa-6990-43df-9a9d-eef5950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:19:06.000Z" ,
"modified" : "2019-10-29T08:19:06.000Z" ,
"description" : "Winnti" ,
"pattern" : "[file:hashes.SHA1 = 'c262d297eaec622e3fb8e1fc2a0017e28168879a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:19:06Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7f610-4168-4d2d-8f85-efd8950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:19:28.000Z" ,
"modified" : "2019-10-29T08:19:28.000Z" ,
"description" : "Winnti" ,
"pattern" : "[file:hashes.SHA1 = 'c452bdf6ff99243a12789ff4b99ac71a5da5f696']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:19:28Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7f62b-24d4-429c-9856-efd8950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:19:55.000Z" ,
"modified" : "2019-10-29T08:19:55.000Z" ,
"description" : "Winnti" ,
"pattern" : "[file:hashes.SHA1 = '24aa07a0b3665bf97a1545b0f2749cd509f1b4ca']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:19:55Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7f6e7-9720-443e-be12-eeed950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:23:03.000Z" ,
"modified" : "2019-10-29T08:23:03.000Z" ,
"description" : "Winnti" ,
"pattern" : "[file:hashes.SHA1 = '4ea2ed895111a70b9a59df37343440e4a3a97a47']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:23:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7f73e-c1c0-4dcf-bf76-45da950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:24:30.000Z" ,
"modified" : "2019-10-29T08:24:30.000Z" ,
"description" : "Winnti" ,
"pattern" : "[file:hashes.SHA1 = 'b08d72576b93687dfc61abfa740dd39490d6a262']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:24:30Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7f7e8-b75c-421d-8e9c-4b52950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:27:20.000Z" ,
"modified" : "2019-10-29T08:27:20.000Z" ,
"description" : "Winnti" ,
"pattern" : "[file:hashes.SHA1 = '645720ec88c993b28d982c0ad89a5aca79ce7e16']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:27:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7f7fb-5c34-44cc-81c7-47bf950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:27:39.000Z" ,
"modified" : "2019-10-29T08:27:39.000Z" ,
"description" : "Winnti" ,
"pattern" : "[file:hashes.SHA1 = '7b0aae2aa17bd5712dd682f35c7a8e3e1cdcc57c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:27:39Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7f83d-a6d4-4a2c-be8e-492e950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:28:45.000Z" ,
"modified" : "2019-10-29T08:28:45.000Z" ,
"description" : "Winnti" ,
"pattern" : "[file:hashes.SHA1 = 'de197a5dc5b38e4b72bc37c14cf38e577ddeb8b5']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:28:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7f9b9-9478-491f-875e-eef2950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:35:05.000Z" ,
"modified" : "2019-10-29T08:35:05.000Z" ,
"description" : "AceHash" ,
"pattern" : "[file:hashes.SHA1 = '43ff18ceb3814f1dae940ad977c59a96bb016e76']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:35:05Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7f9d8-1328-49c3-9279-46df950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:35:36.000Z" ,
"modified" : "2019-10-29T08:35:36.000Z" ,
"description" : "AceHash" ,
"pattern" : "[file:hashes.SHA1 = '35c026f8c35bfceecd23eace19f09d3df2fd72da']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:35:36Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7fa05-138c-428e-a0ef-4fc3950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:36:21.000Z" ,
"modified" : "2019-10-29T08:36:21.000Z" ,
"description" : "AceHash" ,
"pattern" : "[file:hashes.SHA1 = 'd24bbb898a4a301870cab85f836090b0fc968163']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:36:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7fa25-189c-4eb6-82cc-4ee1950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:36:53.000Z" ,
"modified" : "2019-10-29T08:36:53.000Z" ,
"description" : "AceHash" ,
"pattern" : "[file:hashes.SHA1 = '47a262bae22bb77850a1e3e38f8e529189d291f6']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:36:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7fee1-dbe0-4f9b-8c1c-444b950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:57:05.000Z" ,
"modified" : "2019-10-29T08:57:05.000Z" ,
"description" : "XMRig" ,
"pattern" : "[file:hashes.SHA1 = '70b21e3ac69f0220784228375ba6bef37fe0c488']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:57:05Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7fef6-48e0-4133-abdf-4b30950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:57:26.000Z" ,
"modified" : "2019-10-29T08:57:26.000Z" ,
"description" : "XMRig" ,
"pattern" : "[file:hashes.SHA1 = 'ee5feb8e9428a04c454966f6e19e202ccb33545f']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:57:26Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db7ff09-d1f0-4c91-ae50-4c35950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T08:57:45.000Z" ,
"modified" : "2019-10-29T08:57:45.000Z" ,
"description" : "XMRig" ,
"pattern" : "[file:hashes.SHA1 = '9bfb1c92489da812dbe53b2a8e2cc2724cf74b4e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T08:57:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db807a7-b5b0-4745-8040-44c2950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T09:44:28.000Z" ,
"modified" : "2019-10-29T09:44:28.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'dde82093decde6371eb852a5e9a1aa4acf3b56ba' AND file:name = '111.bin.tmp']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T09:44:28Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db80912-bb10-4533-8a6f-4266950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T09:40:34.000Z" ,
"modified" : "2019-10-29T09:40:34.000Z" ,
"pattern" : "[file:hashes.SHA1 = '0f31ed081ccc18816ca1e3c87fe488c9b360d02f']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T09:40:34Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db80a67-eea8-4ced-be90-43c1950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T13:28:50.000Z" ,
"modified" : "2019-10-29T13:28:50.000Z" ,
"pattern" : "[file:hashes.SHA1 = '8272c1f41f7c223316c0d78bd3bd5744e25c2e9f' AND file:name = '111.bin.tmp']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T13:28:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db80a91-2ccc-4035-8deb-4773950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T10:57:02.000Z" ,
"modified" : "2019-10-29T10:57:02.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'a260dcf193e747cee49ae83568eea6c04bf93cb3' AND file:name = '111.bin.tmp']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T10:57:02Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db81210-dcbc-413f-b1f3-eef3950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T10:18:56.000Z" ,
"modified" : "2019-10-29T10:18:56.000Z" ,
"pattern" : "[file:hashes.SHA1 = '42f2fc15aa8b9ed896c92fed22a27df9ef9db0ad']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T10:18:56Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db81b3e-2e2c-4627-90cb-eef3950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T10:58:06.000Z" ,
"modified" : "2019-10-29T10:58:06.000Z" ,
"pattern" : "[file:hashes.SHA1 = '7cf41b1acfb05064518a2ad9e4c16fde9185cd4b']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T10:58:06Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db8449d-e0c4-427a-bddf-27ca950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-29T13:54:37.000Z" ,
"modified" : "2019-10-29T13:54:37.000Z" ,
"pattern" : "[file:hashes.SHA1 = '7e9dba96adb34daf2f11d30272d9462bbfc6b321']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-29T13:54:37Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db962b6-a438-4ac4-93bf-9a48950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T10:15:18.000Z" ,
"modified" : "2019-10-30T10:15:18.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'a5b756f1ec956a00934d68940d4559694faa8ed6']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T10:15:18Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5db96865-c120-4891-ae8b-9a2c950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T10:39:33.000Z" ,
"modified" : "2019-10-30T10:39:33.000Z" ,
"pattern" : "[file:hashes.SHA1 = '1aecd365f5d0deba62026d84189bd180814d7292']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T10:39:33Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b102c1cd-4297-4cd4-bb4b-e8e48cb9e7c2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:26:51.000Z" ,
"modified" : "2019-10-30T11:26:51.000Z" ,
"pattern" : "[(network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.19.3.21') AND network-traffic:dst_port = '443']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:26:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"ip-port\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--11db09b2-780c-4fb4-8761-d5de725e3a1e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:26:52.000Z" ,
"modified" : "2019-10-30T11:26:52.000Z" ,
"pattern" : "[(network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.224.83.95') AND network-traffic:dst_port = '443']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:26:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"ip-port\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--75b3579e-7cff-4d93-8b01-35ccde517733" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:26:53.000Z" ,
"modified" : "2019-10-30T11:26:53.000Z" ,
"pattern" : "[(network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.19.3.109') AND network-traffic:dst_port = '443']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:26:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"ip-port\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--65b3a82e-3a14-45f5-b8de-0f8f6b56e25b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:26:53.000Z" ,
"modified" : "2019-10-30T11:26:53.000Z" ,
"pattern" : "[(network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '110.45.146.253') AND network-traffic:dst_port = '443']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:26:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"ip-port\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d8bfe5f-4cb0-4e3e-92c8-4598c9e43ea5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:26:54.000Z" ,
"modified" : "2019-10-30T11:26:54.000Z" ,
"pattern" : "[(network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '110.45.146.254') AND network-traffic:dst_port = '443']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:26:54Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"ip-port\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ca24296c-29f5-4fa7-8947-1a925fba70e5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:26:54.000Z" ,
"modified" : "2019-10-30T11:26:54.000Z" ,
"pattern" : "[(network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '117.16.142.9') AND network-traffic:dst_port = '443']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:26:54Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"ip-port\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--32b79e17-b5c4-46fc-b51f-94d59d7e8d03" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:26:55.000Z" ,
"modified" : "2019-10-30T11:26:55.000Z" ,
"pattern" : "[(network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '117.16.142.69') AND network-traffic:dst_port = '443']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:26:55Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"ip-port\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--14d0c64e-1ff2-400e-8543-d00463b9ab2f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:26:55.000Z" ,
"modified" : "2019-10-30T11:26:55.000Z" ,
"pattern" : "[(network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '118.193.236.206') AND network-traffic:dst_port = '443']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:26:55Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"ip-port\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0c096d32-c11f-4621-b471-f2f74c767d05" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:26:56.000Z" ,
"modified" : "2019-10-30T11:26:56.000Z" ,
"pattern" : "[(network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '122.10.117.206') AND network-traffic:dst_port = '443']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:26:56Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"ip-port\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--32ecf3f2-659a-4e54-83ac-ebee0f6b1a02" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:26:56.000Z" ,
"modified" : "2019-10-30T11:26:56.000Z" ,
"pattern" : "[(network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '207.148.125.56') AND network-traffic:dst_port = '443']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:26:56Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"ip-port\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c38df7c4-e03b-4253-9912-9dc26f257f60" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:26:57.000Z" ,
"modified" : "2019-10-30T11:26:57.000Z" ,
"pattern" : "[(network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '167.88.176.205') AND network-traffic:dst_port = '443']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:26:57Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"ip-port\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e15e5342-23f5-4f3b-9bf2-071b2538117a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T11:26:58.000Z" ,
"modified" : "2019-10-30T11:26:58.000Z" ,
"pattern" : "[(network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '154.223.131.237') AND network-traffic:dst_port = '443']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T11:26:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"ip-port\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4ce941fe-6dc7-4db7-ab0c-dd2c777240cb" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T12:12:24.000Z" ,
"modified" : "2019-10-30T12:12:24.000Z" ,
"pattern" : "[(network-traffic:dst_ref.type = 'domain-name' AND network-traffic:dst_ref.value = 'xp101.dyn-dns.co') AND network-traffic:dst_port = '443']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T12:12:24Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"ip-port\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--eec9d5ef-8e0f-4a03-a945-ba7c681192fd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T12:12:24.000Z" ,
"modified" : "2019-10-30T12:12:24.000Z" ,
"pattern" : "[(network-traffic:dst_ref.type = 'domain-name' AND network-traffic:dst_ref.value = 'svn-dns.ahnlabinc.com') AND network-traffic:dst_port = '443']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T12:12:24Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"ip-port\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--972c0ed7-dcd6-430e-849a-bc390bce64c5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T12:12:25.000Z" ,
"modified" : "2019-10-30T12:12:25.000Z" ,
"pattern" : "[(network-traffic:dst_ref.type = 'domain-name' AND network-traffic:dst_ref.value = 'dns1-1.7release.com') AND network-traffic:dst_port = '443']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T12:12:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"ip-port\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--acc5b432-47ae-4708-bfe7-97f0c51f5eb5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T12:12:25.000Z" ,
"modified" : "2019-10-30T12:12:25.000Z" ,
"pattern" : "[(network-traffic:dst_ref.type = 'domain-name' AND network-traffic:dst_ref.value = 'dns1-1.7release.com') AND network-traffic:dst_port = '443']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T12:12:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"ip-port\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--fcc43e61-d734-4b3c-8f9c-2bc16e1ec528" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-30T12:12:26.000Z" ,
"modified" : "2019-10-30T12:12:26.000Z" ,
"pattern" : "[(network-traffic:dst_ref.type = 'domain-name' AND network-traffic:dst_ref.value = 'ssl.dyn-dns.co') AND network-traffic:dst_port = '80']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-30T12:12:26Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"ip-port\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b5b6b501-e66c-4f4e-9527-516ad2ca69e5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:18.000Z" ,
"modified" : "2019-10-31T08:47:18.000Z" ,
"pattern" : "[file:hashes.MD5 = '4e9100796e18f6a73e577a63de24b62e' AND file:hashes.SHA1 = '4d090e6b749d4d3d8e413f44eb2de6925c78cd82' AND file:hashes.SHA256 = '439c4818d04f6591bc2e0e4aabf6cee5a767b67ee32d8bf02ece9866d31bccea']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:18Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--2d9e2792-be70-4733-a982-8fb833e3067c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:18.000Z" ,
"modified" : "2019-10-31T08:47:18.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-10-22 07:08:45" ,
"category" : "Other" ,
"uuid" : "eab5d90d-891c-43c7-ab02-acd4aafbe40c"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/439c4818d04f6591bc2e0e4aabf6cee5a767b67ee32d8bf02ece9866d31bccea/analysis/1571728125/" ,
"category" : "Payload delivery" ,
"uuid" : "a67eaf0f-da95-452a-b015-5331ec0730a8"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "32/70" ,
"category" : "Payload delivery" ,
"uuid" : "addd7b90-d56c-4e25-bbab-5a4c1e5376e1"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--00f40c23-331f-4ba6-b8c6-42474a13526c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:18.000Z" ,
"modified" : "2019-10-31T08:47:18.000Z" ,
"pattern" : "[file:hashes.MD5 = '864c6af68b26c30327eee8b92ac94643' AND file:hashes.SHA1 = 'bdbadb2e3eedd72dd6f8d9235699a139cab69aae' AND file:hashes.SHA256 = 'ae26e3507b81b5816f9c7557785e73d3391176dfbed3392cd3c6116365d99dc8']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:18Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--47b6931b-7c53-435d-8559-5691aa5f5a8f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:18.000Z" ,
"modified" : "2019-10-31T08:47:18.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-10-15 03:36:58" ,
"category" : "Other" ,
"uuid" : "3279a899-de61-49c3-9ecc-f2cd06607f3d"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/ae26e3507b81b5816f9c7557785e73d3391176dfbed3392cd3c6116365d99dc8/analysis/1571110618/" ,
"category" : "Payload delivery" ,
"uuid" : "a59df939-343a-4143-9ff7-395e46277a9d"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "13/66" ,
"category" : "Payload delivery" ,
"uuid" : "2139c43c-b226-4cc1-91e6-284741ba6b2a"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3937eb70-185e-44a0-917e-ebdc7f1d0752" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:19.000Z" ,
"modified" : "2019-10-31T08:47:19.000Z" ,
"pattern" : "[file:hashes.MD5 = '68e1d87bef08710244af243e019e0b0d' AND file:hashes.SHA1 = '7b0aae2aa17bd5712dd682f35c7a8e3e1cdcc57c' AND file:hashes.SHA256 = 'a32bda4bdfe8d04b4f53d5adc82f9bbdb6dc5c7b439ba0bdc02faadd6e16550c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:19Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--a8cf73f0-b98a-434c-9ed7-82b1a343c9a0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:19.000Z" ,
"modified" : "2019-10-31T08:47:19.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-10-23 10:50:45" ,
"category" : "Other" ,
"uuid" : "0eab3561-6973-4946-a763-b73a51f2c9c7"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/a32bda4bdfe8d04b4f53d5adc82f9bbdb6dc5c7b439ba0bdc02faadd6e16550c/analysis/1571827845/" ,
"category" : "Payload delivery" ,
"uuid" : "2600050b-28c1-455e-8cf9-c8deb608fc16"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "46/67" ,
"category" : "Payload delivery" ,
"uuid" : "39738da5-2131-4419-a457-591f65cefa34"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--930e9e44-5724-449d-9e3e-0f32c22692e0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:19.000Z" ,
"modified" : "2019-10-31T08:47:19.000Z" ,
"pattern" : "[file:hashes.MD5 = '39fe65a46c03b930ccf0d552ed3c17b1' AND file:hashes.SHA1 = '438178a5816d3ef6ac02d4db929a48fa558e514c' AND file:hashes.SHA256 = '9439dee1dd20edd96bfa3908cda3bf49cb0e50f2a471f5657a2e974508acaca4']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:19Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--b60b4cf3-7172-4e25-bd30-6cb80c4f2e44" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:19.000Z" ,
"modified" : "2019-10-31T08:47:19.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-10-15 15:35:14" ,
"category" : "Other" ,
"uuid" : "08e6fdde-b7d8-49aa-bb0a-9bd161d7c59f"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/9439dee1dd20edd96bfa3908cda3bf49cb0e50f2a471f5657a2e974508acaca4/analysis/1571153714/" ,
"category" : "Payload delivery" ,
"uuid" : "1265001e-d191-4599-9cfa-5f6309140132"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "43/69" ,
"category" : "Payload delivery" ,
"uuid" : "c52e5341-9ec0-47ac-8c29-d386706878f3"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ae10ed2e-838e-4ac6-87be-e6636090880b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:19.000Z" ,
"modified" : "2019-10-31T08:47:19.000Z" ,
"pattern" : "[file:hashes.MD5 = '04be89ff5d217796bc68678d2508a0d7' AND file:hashes.SHA1 = '634344fafd6e16f171b0857962149659639fdf41' AND file:hashes.SHA256 = 'eedeca88eb4cc1f180bbbe30b8997b68fa909c6e9f134a6c113bf9e3d12df47e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:19Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--cb2ff493-1850-4aa2-86bf-d1cd7fd387cd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:20.000Z" ,
"modified" : "2019-10-31T08:47:20.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-10-29 09:35:15" ,
"category" : "Other" ,
"uuid" : "cd3150b4-023f-457b-a353-54980bb2cb2c"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/eedeca88eb4cc1f180bbbe30b8997b68fa909c6e9f134a6c113bf9e3d12df47e/analysis/1572341715/" ,
"category" : "Payload delivery" ,
"uuid" : "82801191-1fcf-413e-ad35-f78d44480338"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "34/65" ,
"category" : "Payload delivery" ,
"uuid" : "aebccf16-cfbf-4aa8-91a4-7e8f61e99a71"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cbba4bfa-ba52-4d30-9939-cf8386e2acd9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:20.000Z" ,
"modified" : "2019-10-31T08:47:20.000Z" ,
"pattern" : "[file:hashes.MD5 = 'b0877494d36fab1f9f4219c3defbfb19' AND file:hashes.SHA1 = '4dc5fadece500ccd8cc49cfcf8a1b59baee3382a' AND file:hashes.SHA256 = '3e6c4e97cc09d0432fbbbf3f3e424d4aa967d3073b6002305cd6573c47f0341f']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--15ee4e85-d113-4933-b3a4-a5bf20d8dee7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:20.000Z" ,
"modified" : "2019-10-31T08:47:20.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-10-27 18:33:43" ,
"category" : "Other" ,
"uuid" : "20608814-b77b-4e6a-add3-2d79918964f1"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/3e6c4e97cc09d0432fbbbf3f3e424d4aa967d3073b6002305cd6573c47f0341f/analysis/1572201223/" ,
"category" : "Payload delivery" ,
"uuid" : "2873a66d-f246-4889-a0ca-e82c77862429"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "50/69" ,
"category" : "Payload delivery" ,
"uuid" : "234d65e6-c926-4cea-9bf0-c7a6294ca6f8"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1bbcd3f2-97bf-4f5b-8bb4-efa2920e33c4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:20.000Z" ,
"modified" : "2019-10-31T08:47:20.000Z" ,
"pattern" : "[file:hashes.MD5 = '273f4d40d2dfe4aa14e7bc8063d4bfd3' AND file:hashes.SHA1 = '9e8883a6de72d338e2c0c1a0e291d013a0ce9058' AND file:hashes.SHA256 = 'e2d7e21cd384a45f7fa37eb8eba7ea163d38cf6f663acf440c55defbc40ee2eb']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--80d87c81-4223-434a-8297-8c55c2188c23" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:21.000Z" ,
"modified" : "2019-10-31T08:47:21.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-10-15 10:23:12" ,
"category" : "Other" ,
"uuid" : "a4f2abe9-6e88-4d83-9715-5c9f17b384f5"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/e2d7e21cd384a45f7fa37eb8eba7ea163d38cf6f663acf440c55defbc40ee2eb/analysis/1571134992/" ,
"category" : "Payload delivery" ,
"uuid" : "24445d48-dc37-48af-9682-253c6d338d0f"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "46/67" ,
"category" : "Payload delivery" ,
"uuid" : "12fb60e6-d4dd-4d31-a62f-a2ed3d9d7aed"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5042d9f9-1bee-4379-85b1-0685c573cac5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:22.000Z" ,
"modified" : "2019-10-31T08:47:22.000Z" ,
"pattern" : "[file:hashes.MD5 = '2b9244c526e2c2b6d40e79a8c3edb93c' AND file:hashes.SHA1 = 'ed0c9354d34d6e9f09b7038d391e846cdd9e0eae' AND file:hashes.SHA256 = 'eced97254f1ece17f3c8b6c1b4d34db13524f20600cd4234f36646e3cf2ed940']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:22Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--34fca3cd-6c8f-4a81-8727-1319e20a0b13" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:22.000Z" ,
"modified" : "2019-10-31T08:47:22.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-10-15 15:34:26" ,
"category" : "Other" ,
"uuid" : "91bd0bd2-9466-499f-97fc-d7b34ac7bd45"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/eced97254f1ece17f3c8b6c1b4d34db13524f20600cd4234f36646e3cf2ed940/analysis/1571153666/" ,
"category" : "Payload delivery" ,
"uuid" : "fd7f1d39-f582-4962-a562-91e10e845915"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "24/69" ,
"category" : "Payload delivery" ,
"uuid" : "b200a677-aa5f-493c-ab43-c9f43dde586b"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--385f33d1-34a9-41a6-b4e9-a40a4fa715be" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:22.000Z" ,
"modified" : "2019-10-31T08:47:22.000Z" ,
"pattern" : "[file:hashes.MD5 = '6cc9017ce2721e6f015015506803dc72' AND file:hashes.SHA1 = 'd74f1c8257409ad964db22087a559609c2d0d978' AND file:hashes.SHA256 = '7f8af64b082942f0469ce9b23c225dd9f06ab34724ed0d0e0802dbbf95ad5ccf']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:22Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--46784d68-1971-470f-a424-2f01edeefbd9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:22.000Z" ,
"modified" : "2019-10-31T08:47:22.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-10-14 20:10:26" ,
"category" : "Other" ,
"uuid" : "8455fb79-b1fd-4c8f-bd6d-0cb55ded150b"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/7f8af64b082942f0469ce9b23c225dd9f06ab34724ed0d0e0802dbbf95ad5ccf/analysis/1571083826/" ,
"category" : "Payload delivery" ,
"uuid" : "f136a1cd-ba63-4012-ba3c-20a37baed275"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "48/70" ,
"category" : "Payload delivery" ,
"uuid" : "5e79e69c-8c69-4d96-af40-3cb5348b6fb9"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b46c5962-8963-4ac0-b053-b3faacb71620" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:23.000Z" ,
"modified" : "2019-10-31T08:47:23.000Z" ,
"pattern" : "[file:hashes.MD5 = 'b5ed632630f4eba5b9f2ab97eafda374' AND file:hashes.SHA1 = '47a262bae22bb77850a1e3e38f8e529189d291f6' AND file:hashes.SHA256 = '574a39ec8762e43f4cdeaf2001044203e5a23f554ff8b8c0082b9813c6b81c13']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:23Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--8a35b215-db3c-4411-a176-705f087e517b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:23.000Z" ,
"modified" : "2019-10-31T08:47:23.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-10-26 05:58:59" ,
"category" : "Other" ,
"uuid" : "c0ba8d7a-6cac-4753-91da-4ff7d623d8eb"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/574a39ec8762e43f4cdeaf2001044203e5a23f554ff8b8c0082b9813c6b81c13/analysis/1572069539/" ,
"category" : "Payload delivery" ,
"uuid" : "55d5bd9d-7d36-4c98-8d15-0bad4ec640be"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "30/69" ,
"category" : "Payload delivery" ,
"uuid" : "fe43abb0-4c05-4e80-a1c7-d79ade8e1fb8"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5fea27fd-624f-4542-93cb-93202c027316" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:23.000Z" ,
"modified" : "2019-10-31T08:47:23.000Z" ,
"pattern" : "[file:hashes.MD5 = 'b044cd0f6aae371acf2e349ef78ab39e' AND file:hashes.SHA1 = '42f2fc15aa8b9ed896c92fed22a27df9ef9db0ad' AND file:hashes.SHA256 = '1680a880203c170b85cb86a649a4c722f43bcc2889f378b55484b3e0ad3e56b2']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:23Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--bd3ecda1-2b63-4905-9c4b-e2842401451c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:24.000Z" ,
"modified" : "2019-10-31T08:47:24.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-05-11 14:34:03" ,
"category" : "Other" ,
"uuid" : "80dd20ea-2912-4319-b613-8115419d1512"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/1680a880203c170b85cb86a649a4c722f43bcc2889f378b55484b3e0ad3e56b2/analysis/1557585243/" ,
"category" : "Payload delivery" ,
"uuid" : "7751a390-8657-40bf-a2fd-2467b415ff57"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "40/72" ,
"category" : "Payload delivery" ,
"uuid" : "e1e83ede-0e08-41dc-a8d2-4bdcfd74c162"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--db72a9ba-be71-404e-8958-e809f5a7fd38" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:24.000Z" ,
"modified" : "2019-10-31T08:47:24.000Z" ,
"pattern" : "[file:hashes.MD5 = 'c11dd805de683822bf4922aecb9bfef5' AND file:hashes.SHA1 = 'b4446480813d3bfc8de4049a32a72cc0eb0d8094' AND file:hashes.SHA256 = '09258b138a8e2cab383a490041429961634545af559affbcbf35a128b1663d96']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:24Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--32d2677f-6d87-4b8b-9b00-025b88e10700" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:24.000Z" ,
"modified" : "2019-10-31T08:47:24.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-10-15 01:29:42" ,
"category" : "Other" ,
"uuid" : "1f0f93d8-90d1-43f5-b57a-0e40774dbe96"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/09258b138a8e2cab383a490041429961634545af559affbcbf35a128b1663d96/analysis/1571102982/" ,
"category" : "Payload delivery" ,
"uuid" : "3cee6005-ad4a-44eb-8a8a-d920fd218587"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "41/69" ,
"category" : "Payload delivery" ,
"uuid" : "d1de8abe-57ea-4f66-9f58-021923533cf9"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0124dee6-62c1-4547-bd95-c10623a21444" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:25.000Z" ,
"modified" : "2019-10-31T08:47:25.000Z" ,
"pattern" : "[file:hashes.MD5 = '8578f0c7b0a14f129cc66ee236c58050' AND file:hashes.SHA1 = '0f31ed081ccc18816ca1e3c87fe488c9b360d02f' AND file:hashes.SHA256 = '12d2a7f52599773265229e0465915831c0402ebad84765cfb35356ac97b3d13b']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--0e47ffa7-909e-4804-b178-ed04ad92a2dd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:25.000Z" ,
"modified" : "2019-10-31T08:47:25.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-05-24 10:07:59" ,
"category" : "Other" ,
"uuid" : "37748b67-08f6-47cb-9370-3178d100115e"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/12d2a7f52599773265229e0465915831c0402ebad84765cfb35356ac97b3d13b/analysis/1558692479/" ,
"category" : "Payload delivery" ,
"uuid" : "05343673-d402-46e3-9a8f-ae4ff587a168"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "43/69" ,
"category" : "Payload delivery" ,
"uuid" : "822d6f28-02b4-4871-88e1-2cd219a06b2a"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b220db74-8ab2-4c99-8df8-4be473329599" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:25.000Z" ,
"modified" : "2019-10-31T08:47:25.000Z" ,
"pattern" : "[file:hashes.MD5 = '904bbe5ac0d53e74a6cefb14ebd58c0b' AND file:hashes.SHA1 = '672bb391b92681adcfcfb4f2f728edf32f2fb8fe' AND file:hashes.SHA256 = '6d41ec99b441408f29531d203818c93bb107f49b64bec9458d8bf3d11e542917']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--0e6dd455-6e1b-4d16-885b-0b7d7fc005fa" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:25.000Z" ,
"modified" : "2019-10-31T08:47:25.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-10-22 07:21:35" ,
"category" : "Other" ,
"uuid" : "d32396d5-901d-4c4e-a9e5-5196482c8301"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/6d41ec99b441408f29531d203818c93bb107f49b64bec9458d8bf3d11e542917/analysis/1571728895/" ,
"category" : "Payload delivery" ,
"uuid" : "4b419f83-5ca6-4b8e-ad89-b9f2b3555580"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "36/67" ,
"category" : "Payload delivery" ,
"uuid" : "d289716d-5a0a-4c83-834a-eeecf1a78182"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--654f1da9-cb27-4eeb-ae9d-18fb0e8796f1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:25.000Z" ,
"modified" : "2019-10-31T08:47:25.000Z" ,
"pattern" : "[file:hashes.MD5 = '557ff68798c71652db8a85596a4bab72' AND file:hashes.SHA1 = '971bb08196bba400b07cf213345f55ce0a6eedc8' AND file:hashes.SHA256 = '5d971ed3947597fbb7e51d806647b37d64d9fe915b35c7c9eaf79a37b82dab90']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--7dded6aa-9b4d-4b47-a262-b63e0409e70b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:26.000Z" ,
"modified" : "2019-10-31T08:47:26.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-10-27 18:17:42" ,
"category" : "Other" ,
"uuid" : "3658d2c6-e8ca-4d3f-afd8-71eb2d423b21"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/5d971ed3947597fbb7e51d806647b37d64d9fe915b35c7c9eaf79a37b82dab90/analysis/1572200262/" ,
"category" : "Payload delivery" ,
"uuid" : "9efdb3f3-6095-4aa9-9d90-f5d502d98b1e"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "48/66" ,
"category" : "Payload delivery" ,
"uuid" : "f7f9575d-de6f-4120-ad30-c88b46384930"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c2c23001-5488-4016-82fd-ae492c6c31bf" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:26.000Z" ,
"modified" : "2019-10-31T08:47:26.000Z" ,
"pattern" : "[file:hashes.MD5 = '3ffb1c409b48277a831aafcbecc3979f' AND file:hashes.SHA1 = '723b27aba08cbb3a9ca42f7e8350451d00829e5a' AND file:hashes.SHA256 = '5b0b754b24c324f7b53f256e9612ddd5a422e57ae235acf4c757efdedf795f38']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:26Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--c3b5234a-f538-4f34-93fa-9c87a7f18c4b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:26.000Z" ,
"modified" : "2019-10-31T08:47:26.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-10-14 20:10:25" ,
"category" : "Other" ,
"uuid" : "756f3197-ab1c-42cb-a354-a54b613ccc82"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/5b0b754b24c324f7b53f256e9612ddd5a422e57ae235acf4c757efdedf795f38/analysis/1571083825/" ,
"category" : "Payload delivery" ,
"uuid" : "25ba6fac-1d34-4b43-a327-26bc43395374"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "45/70" ,
"category" : "Payload delivery" ,
"uuid" : "cdd3cb06-fefa-4a61-adf3-00e09d88ce09"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--628bb82b-0724-4d36-8154-a8458f1edf1c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:26.000Z" ,
"modified" : "2019-10-31T08:47:26.000Z" ,
"pattern" : "[file:hashes.MD5 = 'ffd0f34739c1568797891b9961111464' AND file:hashes.SHA1 = '82072cb53416c89bfee95b239f9a90677a0848df' AND file:hashes.SHA256 = '0055dfaccc952c99b1171ce431a02abfce5c6f8fb5dc39e4019b624a7d03bfcb']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:26Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--ee9ee64a-9229-4e42-a1a7-35f2e46b226f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:26.000Z" ,
"modified" : "2019-10-31T08:47:26.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-10-27 18:36:42" ,
"category" : "Other" ,
"uuid" : "1e6f9b5b-6e3f-4795-9e78-8e16a7236de8"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/0055dfaccc952c99b1171ce431a02abfce5c6f8fb5dc39e4019b624a7d03bfcb/analysis/1572201402/" ,
"category" : "Payload delivery" ,
"uuid" : "fab6ae9f-96cc-4b38-9f46-6d6eab4a73e1"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "44/68" ,
"category" : "Payload delivery" ,
"uuid" : "9a70a5c6-d574-4057-8e64-3468d848dd53"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--aa6a25ca-4f6b-4234-983e-ebac2149c49b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:27.000Z" ,
"modified" : "2019-10-31T08:47:27.000Z" ,
"pattern" : "[file:hashes.MD5 = 'd5d820422aeb519e2301ebc2ad2d1114' AND file:hashes.SHA1 = '757ff5ec3dc53abbb62391b14883ef460f6fd404' AND file:hashes.SHA256 = 'b96bd7c7ddaab860f78983520d7e1a40ff3712e8fe61e6dfca2d4d2d3b4a35d0']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--d568e860-b698-413d-a253-94ce9d8d6b87" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:27.000Z" ,
"modified" : "2019-10-31T08:47:27.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-10-15 10:26:32" ,
"category" : "Other" ,
"uuid" : "72600550-a144-4b02-89d9-4644fe63da1d"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/b96bd7c7ddaab860f78983520d7e1a40ff3712e8fe61e6dfca2d4d2d3b4a35d0/analysis/1571135192/" ,
"category" : "Payload delivery" ,
"uuid" : "c6fcd513-759e-4e51-a5ce-2866c85cdcda"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "15/66" ,
"category" : "Payload delivery" ,
"uuid" : "eefc58d9-8fea-4a95-b8d9-251783ee4eb1"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9352ee1c-bdc9-4bbf-b067-dd189144e421" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:27.000Z" ,
"modified" : "2019-10-31T08:47:27.000Z" ,
"pattern" : "[file:hashes.MD5 = '048b0012d4a389b5489e0e4ee4a5b615' AND file:hashes.SHA1 = '1ec1b5a902869ed5d51012826a34ffa9225853cb' AND file:hashes.SHA256 = '13aed842a6b43e61fd8e076cdfa9d96ec9ad917e073740bbd99ccb395eb3c9fe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--24cb5d8b-f102-4f31-b96c-675b65c64f0a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:27.000Z" ,
"modified" : "2019-10-31T08:47:27.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-10-15 10:55:02" ,
"category" : "Other" ,
"uuid" : "20e67e77-41b5-42c0-80e0-bec91d85650d"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/13aed842a6b43e61fd8e076cdfa9d96ec9ad917e073740bbd99ccb395eb3c9fe/analysis/1571136902/" ,
"category" : "Payload delivery" ,
"uuid" : "eb955d41-7edd-4b44-ada6-55a2bc3e48e1"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "39/69" ,
"category" : "Payload delivery" ,
"uuid" : "51098702-60b8-4f1f-bc66-d7f2c893fbe5"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9c4e0fc1-03b9-46be-8fbb-41de315f93e6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:28.000Z" ,
"modified" : "2019-10-31T08:47:28.000Z" ,
"pattern" : "[file:hashes.MD5 = '23d714b7bf921be537c913a4c3919f1e' AND file:hashes.SHA1 = '395e87c5bd00f78bf4c63880c6982a7941a2ecd0' AND file:hashes.SHA256 = 'e6a51821b73e13b70a22d1d5f1736b2091af50a69cd03aec88e11b38b00d7af7']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:28Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--5d0b3e85-9140-42ee-9cbe-21ae3238aa00" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:28.000Z" ,
"modified" : "2019-10-31T08:47:28.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-10-16 11:20:25" ,
"category" : "Other" ,
"uuid" : "52cb9ab3-429e-4679-b029-011147431b69"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/e6a51821b73e13b70a22d1d5f1736b2091af50a69cd03aec88e11b38b00d7af7/analysis/1571224825/" ,
"category" : "Payload delivery" ,
"uuid" : "62602407-1fd9-4297-a39c-21e4d32fe89a"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "27/68" ,
"category" : "Payload delivery" ,
"uuid" : "3a05a9a8-33d8-435a-a020-23f80626a0b8"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c454ec6e-8f29-4989-9bf0-e6bd3bb192e9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:28.000Z" ,
"modified" : "2019-10-31T08:47:28.000Z" ,
"pattern" : "[file:hashes.MD5 = '72dcf13372fa8dbc2e4d17a384092442' AND file:hashes.SHA1 = '08b825c87171500e694798527e17a849160b0a72' AND file:hashes.SHA256 = 'a0f01aa1fae705fcb45d16b7759d011badc8e9360807cdde2bfe9e2b5b522b6e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T08:47:28Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--de314694-d9c4-490c-b815-570571b04bda" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T08:47:28.000Z" ,
"modified" : "2019-10-31T08:47:28.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-10-28 20:58:58" ,
"category" : "Other" ,
"uuid" : "6f0fc89b-6bd1-4aaf-9d62-f4c7d715f8d1"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/a0f01aa1fae705fcb45d16b7759d011badc8e9360807cdde2bfe9e2b5b522b6e/analysis/1572296338/" ,
"category" : "Payload delivery" ,
"uuid" : "4b9f1783-06a6-4372-a1ba-5b34b82960c5"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "21/56" ,
"category" : "Payload delivery" ,
"uuid" : "23673522-4eb1-4fae-9adb-272268c9dabd"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--214f65eb-e84f-4386-b3ed-5843ba535094" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:03.000Z" ,
"modified" : "2019-10-31T12:07:03.000Z" ,
"pattern" : "[file:hashes.SHA256 = '255b94fd32d1343188a9e0504aeb4b55e4665689fec7b6778fa9121eddb7a0a0']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--eef86af4-b769-401f-9d82-e7b2908e3960" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:04.000Z" ,
"modified" : "2019-10-31T12:07:04.000Z" ,
"pattern" : "[file:hashes.SHA256 = '993d14d00b1463519fea78ca65d8529663f487cd76b67b3fd35440bcdf7a8e31']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:04Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5df715e7-72a0-4c44-ad55-990ce651dc98" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:04.000Z" ,
"modified" : "2019-10-31T12:07:04.000Z" ,
"pattern" : "[file:hashes.SHA256 = '082d1ad8fa1fdc195fe3b7baf74c10c4ddcf56c90ed2d41700885b9fe5a08833']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:04Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--65fd37d6-0d95-496c-a505-b50e67c20549" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:05.000Z" ,
"modified" : "2019-10-31T12:07:05.000Z" ,
"pattern" : "[file:hashes.SHA256 = '049a2d4d54c511b16f8bc33dae670736bf938c3542f2342192ad877ab38a7b5d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:05Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--92a5885e-eea5-462b-96b2-55fdbf9092e3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:05.000Z" ,
"modified" : "2019-10-31T12:07:05.000Z" ,
"pattern" : "[file:hashes.SHA256 = '7b7e5b915af6a8c07c228f348313579b90409893365993df50ed7b572d54f5c1']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:05Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b6c41f4a-dea2-4d32-ba70-33d22d7f3fbc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:06.000Z" ,
"modified" : "2019-10-31T12:07:06.000Z" ,
"pattern" : "[file:hashes.SHA256 = '13e4bda99c359789ced1470a9d6869efe90a18eef5e57de7097fd79627fc5619']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:06Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b4c0eacf-9526-4200-8bf8-b47316c47ba4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:06.000Z" ,
"modified" : "2019-10-31T12:07:06.000Z" ,
"pattern" : "[file:hashes.SHA256 = '7096f1fdefa15065283a0b7928d1ab97923688c7974f98a33c94de214c675567']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:06Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1b9c244d-30bf-4369-ad1f-470541ce9092" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:07.000Z" ,
"modified" : "2019-10-31T12:07:07.000Z" ,
"pattern" : "[file:hashes.SHA256 = '67aea10fcd785f3cb0ea11d5589820bec6733679a824f2eccb6b72fbf1e94276']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7e7300ca-50b7-4a1b-b34b-12c1c7e54f1c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:07.000Z" ,
"modified" : "2019-10-31T12:07:07.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'd00b3edc3fe688fa035f1b919ef6e8f451a9c2197ef83d9bac3fa3af5e752243']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e85cd498-2c8f-4041-b8ac-c45706cba835" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:08.000Z" ,
"modified" : "2019-10-31T12:07:08.000Z" ,
"pattern" : "[file:hashes.SHA256 = '39e8ea81f893cecbbd4788c17fca8aef74f9bddf23e58a0dc4084e4e3f0b45e7']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:08Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0eae6e0d-d885-4b8e-b047-edf7681f8aa3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:09.000Z" ,
"modified" : "2019-10-31T12:07:09.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'c667c9b2b9741247a56fcf0deebb4dc52b9ab4c0da6d9cdaba5461a5e2c86e0c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:09Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2dd673bf-8971-4c60-a50c-f44f1c2bc78b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:09.000Z" ,
"modified" : "2019-10-31T12:07:09.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'a0f01aa1fae705fcb45d16b7759d011badc8e9360807cdde2bfe9e2b5b522b6e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:09Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b65c9957-987a-4fad-a4c9-2755524d0569" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:10.000Z" ,
"modified" : "2019-10-31T12:07:10.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'e280f78bae6eeccd874f828a9d17d68685a0a44eef8e9cb585e48775713cf1b4']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:10Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cc15ea20-f8ec-4de2-9849-f4ed488175ed" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:10.000Z" ,
"modified" : "2019-10-31T12:07:10.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'bba46c31c911c7e6eddbb8c29f78ca55cb8ff3cf0fe52fd10e8f086a6f3df050']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:10Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e1206988-dbbf-4737-8d31-1ee4c53afd85" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:11.000Z" ,
"modified" : "2019-10-31T12:07:11.000Z" ,
"pattern" : "[file:hashes.SHA256 = '13aed842a6b43e61fd8e076cdfa9d96ec9ad917e073740bbd99ccb395eb3c9fe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:11Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--459f6831-3996-48e2-892e-134d1e484c6a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:11.000Z" ,
"modified" : "2019-10-31T12:07:11.000Z" ,
"pattern" : "[file:hashes.SHA256 = '4ea9f0e92aaf156d843771175163ac302bb0859ed54987f7a44863728896b7a6']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:11Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0da2582e-55a8-43c1-bc19-cf306d862906" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:12.000Z" ,
"modified" : "2019-10-31T12:07:12.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'b4fbae9aba9543fe3dde08a82fec875e5ca70060cacd7d1eabd80ad2b007302d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:12Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e49a3a6b-9b7a-4e1a-a3ef-4e21b3a19182" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:12.000Z" ,
"modified" : "2019-10-31T12:07:12.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'fb7abf08685b6f2d7caf2a38a420aea3f950be52428fa70f70d321b1dbecceb1']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:12Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--11262cdf-190c-4bc9-99d9-ee5b84938cf7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:13.000Z" ,
"modified" : "2019-10-31T12:07:13.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'ac863a4d5b49c5a66d3d559bb50647fa1e195d8367bc335ecea9c308af6270e9']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:13Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0739ab56-6cc7-4e45-b53c-8581ec3197d2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:14.000Z" ,
"modified" : "2019-10-31T12:07:14.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'd3691358084d954d7e952fed0c7513bb24d0e76bf5647e712c339b7f14fc7c84']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:14Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8e52b197-1673-4124-8813-8bfa101d43f2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:14.000Z" ,
"modified" : "2019-10-31T12:07:14.000Z" ,
"pattern" : "[file:hashes.SHA256 = '0960cf61d1ce41a2f7840093745da24b548c36a3a8ee5693c0b2d4b619ab34e7']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:14Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e12edf66-6aea-47db-b197-1cf986010663" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:14.000Z" ,
"modified" : "2019-10-31T12:07:14.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'e6a51821b73e13b70a22d1d5f1736b2091af50a69cd03aec88e11b38b00d7af7']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:14Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b97263ec-3402-4c81-9561-412779f1df0a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:15.000Z" ,
"modified" : "2019-10-31T12:07:15.000Z" ,
"pattern" : "[file:hashes.SHA256 = '55846ea2521b14e4a0a2953ee5834cd15351d9010bd185c4def4727994d8d86e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:15Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--73a30d07-bff1-4ecf-b966-263fc3af8eb1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:15.000Z" ,
"modified" : "2019-10-31T12:07:15.000Z" ,
"pattern" : "[file:hashes.SHA256 = '9439dee1dd20edd96bfa3908cda3bf49cb0e50f2a471f5657a2e974508acaca4']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:15Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2f3542e5-ae86-478e-ac6c-00d4f0a794e6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:16.000Z" ,
"modified" : "2019-10-31T12:07:16.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'c96410da92f9354b5c80e4787446039ec69eaa13c6c73df0a00d5cde4a08428e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:16Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--dd1b913b-b726-40de-bb05-326115aec0f9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:16.000Z" ,
"modified" : "2019-10-31T12:07:16.000Z" ,
"pattern" : "[file:hashes.SHA256 = '1ae200e82b9aef7a5fd139c3616a9edb3fbddcc5c141ca46dc9eaf9731d6977e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:16Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cce2c7ee-8411-47fc-b852-488af2950b48" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:17.000Z" ,
"modified" : "2019-10-31T12:07:17.000Z" ,
"pattern" : "[file:hashes.SHA256 = '574a39ec8762e43f4cdeaf2001044203e5a23f554ff8b8c0082b9813c6b81c13']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:17Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--99b4486d-733b-49fa-b9ec-4da676c94d3e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:17.000Z" ,
"modified" : "2019-10-31T12:07:17.000Z" ,
"pattern" : "[file:hashes.SHA256 = '439c4818d04f6591bc2e0e4aabf6cee5a767b67ee32d8bf02ece9866d31bccea']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:17Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ebf9639c-8ff9-43ef-a6e1-bf7edfa5336e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:17.000Z" ,
"modified" : "2019-10-31T12:07:17.000Z" ,
"pattern" : "[file:hashes.SHA256 = '3e6c4e97cc09d0432fbbbf3f3e424d4aa967d3073b6002305cd6573c47f0341f']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:17Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6d494b13-d087-498c-9b5c-0a11208716c6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:18.000Z" ,
"modified" : "2019-10-31T12:07:18.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'd5b281773092d427c493896a1d798876e11ef5f9642986962ba52f8f712ef543']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:18Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6db1943a-24aa-445f-8b74-7993c8371d9e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:19.000Z" ,
"modified" : "2019-10-31T12:07:19.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'f970c73046b37bdc248b324f3b6242dffb54e16c5a5af477110457102663fc33']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:19Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2fa28110-56e4-41e9-984a-e4c1a453dbd9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:19.000Z" ,
"modified" : "2019-10-31T12:07:19.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'b618ac68141d99813aeeaa53f4ab30e6cdbd431dc8abb5563c82f52a89c7da5c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:19Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--bd2cfeef-f35c-4aee-bbf0-8ab328984c38" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:20.000Z" ,
"modified" : "2019-10-31T12:07:20.000Z" ,
"pattern" : "[file:hashes.SHA256 = '8e4c55207facb020d38aa577f55ebd23e709487d5c9682dd99112a85530ff095']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--08755d57-b2fe-4092-9a4a-b88ad41e096f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:20.000Z" ,
"modified" : "2019-10-31T12:07:20.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'e9de51563a542ac748fc743e869d22968a19868d1ac71926bca518213eae489e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ac95bf52-2785-4fe2-a5f9-4113f9468c8b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:21.000Z" ,
"modified" : "2019-10-31T12:07:21.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'eedeca88eb4cc1f180bbbe30b8997b68fa909c6e9f134a6c113bf9e3d12df47e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e9993b8a-25ac-40f9-8907-f2ae36121d25" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:21.000Z" ,
"modified" : "2019-10-31T12:07:21.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'b03c4a72e1134861e06cd81b1a246468f30a20a109a5f0078798e5faebcf695b']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--061903c9-7f7a-42eb-bf89-79423141208c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:22.000Z" ,
"modified" : "2019-10-31T12:07:22.000Z" ,
"pattern" : "[file:hashes.SHA256 = '6d41ec99b441408f29531d203818c93bb107f49b64bec9458d8bf3d11e542917']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:22Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b71a0613-1c1d-4923-aec4-bedde1f2ecb8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:22.000Z" ,
"modified" : "2019-10-31T12:07:22.000Z" ,
"pattern" : "[file:hashes.SHA256 = '9c3b7f0341b77f84302638a247f25236de933a416cf342dd0bf904d4ef6a1fe3']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:22Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f985c266-c9dd-4cf4-81e6-24ea9c8c256a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:23.000Z" ,
"modified" : "2019-10-31T12:07:23.000Z" ,
"pattern" : "[file:hashes.SHA256 = '2bb5316a5732e2bf91486717ba625765a595d6fa03555a348f223d73af31ef4f']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:23Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a6a9f16b-e26c-4106-9467-07757db702c6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:23.000Z" ,
"modified" : "2019-10-31T12:07:23.000Z" ,
"pattern" : "[file:hashes.SHA256 = '5b0b754b24c324f7b53f256e9612ddd5a422e57ae235acf4c757efdedf795f38']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:23Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6141995f-be42-4494-bbc5-11698eae7f82" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:24.000Z" ,
"modified" : "2019-10-31T12:07:24.000Z" ,
"pattern" : "[file:hashes.SHA256 = '3b127fb15ea0aeb3e92200a1e23fbd3fe1418beef982f015c7c1228725321c13']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:24Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7c49930c-79fd-4bb8-8a15-f37e161de225" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:24.000Z" ,
"modified" : "2019-10-31T12:07:24.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'b96bd7c7ddaab860f78983520d7e1a40ff3712e8fe61e6dfca2d4d2d3b4a35d0']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:24Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--710ac1f8-fd5e-4224-9a12-15e4939404a0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:25.000Z" ,
"modified" : "2019-10-31T12:07:25.000Z" ,
"pattern" : "[file:hashes.SHA256 = '81af841b303d00ff107b8decea7010bab23cedfd36aed3fb7c9f3fa67da84b9a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--40bb4ed3-ef4f-4d24-997b-101d8575bb28" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:25.000Z" ,
"modified" : "2019-10-31T12:07:25.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'a32bda4bdfe8d04b4f53d5adc82f9bbdb6dc5c7b439ba0bdc02faadd6e16550c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--13aea80a-9f0e-4ced-9e46-158358fbe8e1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:26.000Z" ,
"modified" : "2019-10-31T12:07:26.000Z" ,
"pattern" : "[file:hashes.SHA256 = '0055dfaccc952c99b1171ce431a02abfce5c6f8fb5dc39e4019b624a7d03bfcb']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:26Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--06e4a7bf-52b0-4be9-a83e-9076fcfcbdd6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:26.000Z" ,
"modified" : "2019-10-31T12:07:26.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'ebff8fbcb20eacbdaad71f407ba5522bad3f59fd905aa5664a45c0d9aa75edd3']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:26Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b37b9fc3-2ebc-438b-9c15-9bb14aab95ac" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:27.000Z" ,
"modified" : "2019-10-31T12:07:27.000Z" ,
"pattern" : "[file:hashes.SHA256 = '1e381d25303b25cbedfd5721aafa87b7484eea508075d3ce809e9397df37c3fe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c186a6d4-b6e5-4f15-9c2a-9ed4deae7c57" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:27.000Z" ,
"modified" : "2019-10-31T12:07:27.000Z" ,
"pattern" : "[file:hashes.SHA256 = '1654d06fbb4cba16fb2da899b023b7ec2ad3596e7c7ca7a42d9c48afed348b4c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2227dba2-88bb-4fa9-96fe-c93eb7d1bf73" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:27.000Z" ,
"modified" : "2019-10-31T12:07:27.000Z" ,
"pattern" : "[file:hashes.SHA256 = '5d971ed3947597fbb7e51d806647b37d64d9fe915b35c7c9eaf79a37b82dab90']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--adf1b2e6-7b0e-4e61-910a-3b8511926eac" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:28.000Z" ,
"modified" : "2019-10-31T12:07:28.000Z" ,
"pattern" : "[file:hashes.SHA256 = '7c1655c0f8f210d72c1cee45d799bc3ba7e0026ea29bd733c94887316b8fb79b']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:28Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--efcd9953-d74f-4f8c-91c5-bdf636592846" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:28.000Z" ,
"modified" : "2019-10-31T12:07:28.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'e4e241d647be3402d0aa34cece5323db05906b01d807140c96fd444875bec3df']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:28Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8a975ac8-a757-4a70-8155-39400e6a9de8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:29.000Z" ,
"modified" : "2019-10-31T12:07:29.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'e2d7e21cd384a45f7fa37eb8eba7ea163d38cf6f663acf440c55defbc40ee2eb']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:29Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b6fddbe6-e68a-4900-b995-3a5d09be8527" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:30.000Z" ,
"modified" : "2019-10-31T12:07:30.000Z" ,
"pattern" : "[file:hashes.SHA256 = '25d01e6abcf54791135b6b2014463745f165d3de0eeb66a435509386ba5448a9']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:30Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f94f2d85-cc7f-4084-9839-c357167ba0a7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:30.000Z" ,
"modified" : "2019-10-31T12:07:30.000Z" ,
"pattern" : "[file:hashes.SHA256 = '332d2fc330c462f0004d112103ed5c4deb554e05060b0fb97ffb16d74c63b6ee']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:30Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b18e808e-c337-42f9-af51-d181fbde03fe" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:31.000Z" ,
"modified" : "2019-10-31T12:07:31.000Z" ,
"pattern" : "[file:hashes.SHA256 = '65a79aa876af62459fb5907eda1b23383f75f4584b5e56637327f30c6c5a29c3']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:31Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c614f1fc-ff5d-4d9e-a136-632dff2438f5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:32.000Z" ,
"modified" : "2019-10-31T12:07:32.000Z" ,
"pattern" : "[file:hashes.SHA256 = '39da459f953aea6f16f44db90246b8c11aa33645f5396d2c9cbd64b02c534d09']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:32Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7b583b96-7d71-4575-baa8-41c913bde82f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:32.000Z" ,
"modified" : "2019-10-31T12:07:32.000Z" ,
"pattern" : "[file:hashes.SHA256 = '09258b138a8e2cab383a490041429961634545af559affbcbf35a128b1663d96']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:32Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--aa57e398-c047-4a28-bcac-7379e9eced4f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:33.000Z" ,
"modified" : "2019-10-31T12:07:33.000Z" ,
"pattern" : "[file:hashes.SHA256 = '84b1e0f117e8e893316f84c4fe7ef4b8b9ca69420e9de5bfa87561dd70a0c5ea']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:33Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cacc92aa-4104-433d-a122-05013eb2020f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:33.000Z" ,
"modified" : "2019-10-31T12:07:33.000Z" ,
"pattern" : "[file:hashes.SHA256 = '350d6c3b3d08f2fecf56124c516fdaa2afaa3d98a42dafe7c9d2b5308a15d14f']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:33Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--dfcdbe55-7149-4264-b75c-6eb01a288bfd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:34.000Z" ,
"modified" : "2019-10-31T12:07:34.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'ae26e3507b81b5816f9c7557785e73d3391176dfbed3392cd3c6116365d99dc8']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:34Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--653cbf31-fb4b-4394-ba92-0ee2c312f352" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:34.000Z" ,
"modified" : "2019-10-31T12:07:34.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'e2a4f473c668c1204ab5a28b0648111f3706892175b5a65220f6faa234d291ee']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:34Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9966bf19-96d8-4c2c-87c0-71b563798fc3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:35.000Z" ,
"modified" : "2019-10-31T12:07:35.000Z" ,
"pattern" : "[file:hashes.SHA256 = '6e971390600cffcdaef61e3186c5a5ad75f96c96f5c6f1aacc732df56754b3bc']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:35Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--48c4d11c-0d4f-4b03-8378-a4e32da30ba1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:35.000Z" ,
"modified" : "2019-10-31T12:07:35.000Z" ,
"pattern" : "[file:hashes.SHA256 = '9bc73a5308450768a928041141e2adef7582372c52fd758c2c5156ddcce1864d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:35Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2e8b5446-5761-45ea-8f8d-a8c19df4f69c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:36.000Z" ,
"modified" : "2019-10-31T12:07:36.000Z" ,
"pattern" : "[file:hashes.SHA256 = '78dcd10f713cbafbea2d50f6e8c4034bfaa43df15168999145b8bbf0c15ffafd']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:36Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--365cf772-f9e8-43c7-8004-6fbbc3b0971a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:36.000Z" ,
"modified" : "2019-10-31T12:07:36.000Z" ,
"pattern" : "[file:hashes.SHA256 = '1baab720908c078b32ffd1d6eb6c883e10e670cc9da2a8086bf621fca90b8c52']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:36Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--95ef28a8-05ef-4529-95dc-0c8ba140d770" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:37.000Z" ,
"modified" : "2019-10-31T12:07:37.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'a51199693b9a64a612fc1ae827a2279ca5298700762749004edb8e81625e7224']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:37Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b1aed1be-626d-4a44-aadf-cd86fd5cabf7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:37.000Z" ,
"modified" : "2019-10-31T12:07:37.000Z" ,
"pattern" : "[file:hashes.SHA256 = '7f8af64b082942f0469ce9b23c225dd9f06ab34724ed0d0e0802dbbf95ad5ccf']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:37Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d8a8c625-6d6d-4914-8451-f3aa844fcd05" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:37.000Z" ,
"modified" : "2019-10-31T12:07:37.000Z" ,
"pattern" : "[file:hashes.SHA256 = '939e3767887035258c48b334aa693d7d1a69b00f30dc2e8ea76274a0117b513f']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:37Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--377f8d3b-b127-4991-aa19-8e53a06df1a8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:38.000Z" ,
"modified" : "2019-10-31T12:07:38.000Z" ,
"pattern" : "[file:hashes.SHA256 = '1693dd7d6584141262d8e174e72ad27f5fa93fbd3785084b9c61e37eac4c926f']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c06eb5fb-e817-4ed4-a07d-5cb8579b3cba" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:38.000Z" ,
"modified" : "2019-10-31T12:07:38.000Z" ,
"pattern" : "[file:hashes.SHA256 = '873cfab57bc161da7b274a6f212074d5ead10a683f92567114c4c32d82444032']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--049b7bde-1b68-4f84-afe5-27bb9ed4771b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:39.000Z" ,
"modified" : "2019-10-31T12:07:39.000Z" ,
"pattern" : "[file:hashes.SHA256 = '3cd108a2e3996f5de4c0ed2606ffce302958d38ab0599881ac3f9182dadff5e7']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:39Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0ce1cc9e-8bc2-40be-bc8d-2f1294bf9266" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:39.000Z" ,
"modified" : "2019-10-31T12:07:39.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'd22b13b5088a60a4088141f96eef99378dc70d82e693d494a0ed7a3bafbdbb1b']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:39Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4c3c4f9d-73b4-40f2-9d19-5021e099f75e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:40.000Z" ,
"modified" : "2019-10-31T12:07:40.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'c6bc89b64a7d48bcb9e5888ff9d9113f26fad944efcb51edaead420d588d8c74']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3ceef445-c895-4014-abbb-b69f03acb96b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:41.000Z" ,
"modified" : "2019-10-31T12:07:41.000Z" ,
"pattern" : "[file:hashes.SHA256 = '28f15e2ac0b3cfca1d9801166b1fe54933bed7d473f1a26939d5ede0cf460e1b']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:41Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9952a99b-b659-4b55-b50f-831fa43559ed" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:41.000Z" ,
"modified" : "2019-10-31T12:07:41.000Z" ,
"pattern" : "[file:hashes.SHA256 = '3e925d65cd3420736564973e2f268370bd77cbbe0f3c128a7696c8140ec8c416']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:41Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b77360d4-96b5-43cb-a084-be54dfe28698" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:42.000Z" ,
"modified" : "2019-10-31T12:07:42.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'cbcf64422469d74e842b403d17c88217cecc4ddfc582a3255d44490ecf1d5266']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:42Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a1b3b156-9512-4c06-afd9-af7f591bf9dc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:42.000Z" ,
"modified" : "2019-10-31T12:07:42.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'c4a20c2535d68de3ef8c2fd9cc3ee6ae9f4cab8a34a23648a94c6a2a1133fad9']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:42Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8fb0d5b7-86e4-484e-a22f-79ede372cb49" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:43.000Z" ,
"modified" : "2019-10-31T12:07:43.000Z" ,
"pattern" : "[file:hashes.SHA256 = '2a0895ceb1b527066300bd518a84be5e2b370c39352c01e802083734f5215940']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:43Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--544538b0-4de0-4c85-b7c3-a8f8062b1363" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:43.000Z" ,
"modified" : "2019-10-31T12:07:43.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'eced97254f1ece17f3c8b6c1b4d34db13524f20600cd4234f36646e3cf2ed940']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:43Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ad273ff6-0489-45aa-8926-d8d9f798b16b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:44.000Z" ,
"modified" : "2019-10-31T12:07:44.000Z" ,
"pattern" : "[file:hashes.SHA256 = '952e805f3a85c6c81b750444588182de34b93c4a0ee9fe568d24ab129ae5be2e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:44Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--113e6a7e-a57f-497f-9135-85b5671e8a9e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:45.000Z" ,
"modified" : "2019-10-31T12:07:45.000Z" ,
"pattern" : "[file:hashes.SHA256 = '002356483053707a663c9439184dda2351461c3d8a593cf0e40fd8f777a9eacf']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3ca644df-6314-4101-ab6d-df126974ea51" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:45.000Z" ,
"modified" : "2019-10-31T12:07:45.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'ad642eb513cdc5eecdb0bf29e5ca7c02d48b7f0e80990d3c1742135576b8d974']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3312b6bf-bd2d-4713-afa2-f07d39401e8e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:46.000Z" ,
"modified" : "2019-10-31T12:07:46.000Z" ,
"pattern" : "[file:hashes.SHA256 = '4648fc5487e26857b792f9203259f6de7023752f7a9c34dcf6367924dfb096a2']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:46Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a29ec050-6c9a-4a80-8821-ff08fbdf5363" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:46.000Z" ,
"modified" : "2019-10-31T12:07:46.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'eb01d431975a7f08874c94869226dde16220010d325ccd3ce1e434be6ed220c1']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:46Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f7ae2adb-66a4-4651-8a9a-c6b9d431029e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:47.000Z" ,
"modified" : "2019-10-31T12:07:47.000Z" ,
"pattern" : "[file:hashes.SHA256 = '095785392b61011a861d1106d7e9bb9f34b86877c0fb075d05cca224132238cb']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3f437719-2cc1-4f53-b375-a35ba3fb5bf2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:47.000Z" ,
"modified" : "2019-10-31T12:07:47.000Z" ,
"pattern" : "[file:hashes.SHA256 = '2518457b6a4812af5084f1f8a3025df5ce3ca3b7721c08c628cab1af415b0c99']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--50e52f8d-84e4-47e5-b41c-edca203fc1fb" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:48.000Z" ,
"modified" : "2019-10-31T12:07:48.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'c4e911f37d62fbc215e85accf261b58d287757892448086a75a3565e2bb3ecb6']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1fbad5ed-88f8-4b92-b385-a29fd05e27b0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:07:48.000Z" ,
"modified" : "2019-10-31T12:07:48.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'd89a89f515943b2f1369f505e9c1654ca18a1a17d994e00f3f27c4659d57f339']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:07:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8334a92b-90c6-43f3-a6fb-c23c7968da9a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:18.000Z" ,
"modified" : "2019-10-31T12:31:18.000Z" ,
"pattern" : "[file:hashes.SHA1 = '7f73def251fcc34cbd6f5ac61822913479124a2a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:18Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6573cf6a-1939-40b6-858d-e27e85d1f51a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:19.000Z" ,
"modified" : "2019-10-31T12:31:19.000Z" ,
"pattern" : "[file:hashes.SHA1 = '44260a1dfd92922a621124640015160e621f32d5']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:19Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d3ef1296-8722-4504-8b96-321af22416be" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:19.000Z" ,
"modified" : "2019-10-31T12:31:19.000Z" ,
"pattern" : "[file:hashes.SHA1 = '7cf41b1acfb05064518a2ad9e4c16fde9185cd4b']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:19Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--33f92aa7-dc4c-40be-a73a-539755ba720e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:20.000Z" ,
"modified" : "2019-10-31T12:31:20.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'dde82093decde6371eb852a5e9a1aa4acf3b56ba']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9a731ab6-2244-4ea1-bb11-78ea4375e900" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:20.000Z" ,
"modified" : "2019-10-31T12:31:20.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'dac0bd8972f23c9b5f7f8f06c5d629eac7926269']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--64a990a1-c389-4f9b-8234-fe09537e3c9e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:21.000Z" ,
"modified" : "2019-10-31T12:31:21.000Z" ,
"pattern" : "[file:hashes.SHA1 = '4830dcbcff55dac56e10362c73c70b444ddd569d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--41ed650e-b42a-4a80-9282-ca8b5c6e10ba" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:21.000Z" ,
"modified" : "2019-10-31T12:31:21.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'a260dcf193e747cee49ae83568eea6c04bf93cb3']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--36bd05ad-757e-41e3-8767-a9dd64dfb564" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:22.000Z" ,
"modified" : "2019-10-31T12:31:22.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'bb4ab0d8d05a3404f1f53f152ebd79f4ba4d4d81']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:22Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c2a892be-3dc0-4cc6-84f4-c48291a52b55" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:22.000Z" ,
"modified" : "2019-10-31T12:31:22.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'a045939f53c5ad2c0f7368b082aa7b0bd7b116da']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:22Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--427e315c-f297-48f7-8346-244a2e3fa485" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:23.000Z" ,
"modified" : "2019-10-31T12:31:23.000Z" ,
"pattern" : "[file:hashes.SHA1 = '4256fa6f6a39add6a1fa10ef1497a74088f12be0']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:23Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--41d5bc89-4647-436f-9c84-79f0a4082c2c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:23.000Z" ,
"modified" : "2019-10-31T12:31:23.000Z" ,
"pattern" : "[file:hashes.SHA1 = '8272c1f41f7c223316c0d78bd3bd5744e25c2e9f']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:23Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--61bd7fa9-0260-4dde-a2ae-6e312e738bbd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:24.000Z" ,
"modified" : "2019-10-31T12:31:24.000Z" ,
"pattern" : "[file:hashes.SHA1 = '08b825c87171500e694798527e17a849160b0a72']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:24Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2c5f6f88-0d42-4b94-8c9b-ced103cf5922" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:24.000Z" ,
"modified" : "2019-10-31T12:31:24.000Z" ,
"pattern" : "[file:hashes.SHA1 = '14c32d0c0346ef4a2b1993fda9aab670806b9284']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:24Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7842bf14-c7b3-4c1d-a852-87c00e131011" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:24.000Z" ,
"modified" : "2019-10-31T12:31:24.000Z" ,
"pattern" : "[file:hashes.SHA1 = '1ae6fbad7af15fb7e60dbbfea964f0e49372ae53']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:24Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7eaf6693-1886-4478-aaf4-f217a6382be2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:25.000Z" ,
"modified" : "2019-10-31T12:31:25.000Z" ,
"pattern" : "[file:hashes.SHA1 = '1ec1b5a902869ed5d51012826a34ffa9225853cb']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--42b4a056-a415-4148-a52c-759aaf2cb2d3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:25.000Z" ,
"modified" : "2019-10-31T12:31:25.000Z" ,
"pattern" : "[file:hashes.SHA1 = '20ca6eae9d6cf2275f9bfd24a0e07f75bee119ba']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8b711a95-4cba-4354-bbb3-90c2e9576618" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:26.000Z" ,
"modified" : "2019-10-31T12:31:26.000Z" ,
"pattern" : "[file:hashes.SHA1 = '22b82ae0819da2fd887be55a8508ffb46d02ca99']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:26Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f2272a0d-6e6d-4367-aa5a-d3bd2abade9e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:26.000Z" ,
"modified" : "2019-10-31T12:31:26.000Z" ,
"pattern" : "[file:hashes.SHA1 = '24aa07a0b3665bf97a1545b0f2749cd509f1b4ca']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:26Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5e38ce5d-0fa7-45ea-bf22-e4d2a8a54f0a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:27.000Z" ,
"modified" : "2019-10-31T12:31:27.000Z" ,
"pattern" : "[file:hashes.SHA1 = '252640016faeff97fa22eb2b736973ed16d73fbe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--db942d7a-2e0e-4f19-b761-472c2effd399" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:27.000Z" ,
"modified" : "2019-10-31T12:31:27.000Z" ,
"pattern" : "[file:hashes.SHA1 = '2c35e28fba5d05f10430c4d70e4938426f38e228']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d3680900-ce54-4ed5-a6e1-9266e59cfec3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:28.000Z" ,
"modified" : "2019-10-31T12:31:28.000Z" ,
"pattern" : "[file:hashes.SHA1 = '35c026f8c35bfceecd23eace19f09d3df2fd72da']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:28Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b277cc0c-5bb2-4501-b11a-d1f7d0fab014" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:29.000Z" ,
"modified" : "2019-10-31T12:31:29.000Z" ,
"pattern" : "[file:hashes.SHA1 = '395e87c5bd00f78bf4c63880c6982a7941a2ecd0']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:29Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--aade727f-18fe-4739-801d-a7a6f2759876" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:29.000Z" ,
"modified" : "2019-10-31T12:31:29.000Z" ,
"pattern" : "[file:hashes.SHA1 = '3df753f56bb53f72d3df735a898d7221c3b5272e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:29Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e8d2a2f3-fc3f-4e5e-af54-9cedcfe2bc5f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:30.000Z" ,
"modified" : "2019-10-31T12:31:30.000Z" ,
"pattern" : "[file:hashes.SHA1 = '438178a5816d3ef6ac02d4db929a48fa558e514c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:30Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4eafb77f-c877-41a1-902b-6eb94d30ed48" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:30.000Z" ,
"modified" : "2019-10-31T12:31:30.000Z" ,
"pattern" : "[file:hashes.SHA1 = '43ff18ceb3814f1dae940ad977c59a96bb016e76']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:30Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2d8af149-47ff-4120-8639-455a87371702" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:31.000Z" ,
"modified" : "2019-10-31T12:31:31.000Z" ,
"pattern" : "[file:hashes.SHA1 = '44ddbf7aa256a4b0e25de585e95ea520bf2c4891']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:31Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0016f224-006a-4350-98be-14e1e9045f18" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:31.000Z" ,
"modified" : "2019-10-31T12:31:31.000Z" ,
"pattern" : "[file:hashes.SHA1 = '47a262bae22bb77850a1e3e38f8e529189d291f6']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:31Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5c9c0061-6f97-4d91-bb15-287a5bf91c0c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:32.000Z" ,
"modified" : "2019-10-31T12:31:32.000Z" ,
"pattern" : "[file:hashes.SHA1 = '4d090e6b749d4d3d8e413f44eb2de6925c78cd82']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:32Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3590267d-dbd4-4ae6-ac9a-00107e47877a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:32.000Z" ,
"modified" : "2019-10-31T12:31:32.000Z" ,
"pattern" : "[file:hashes.SHA1 = '4dc5fadece500ccd8cc49cfcf8a1b59baee3382a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:32Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c3d1008a-8692-4105-8f44-03e7331618a5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:33.000Z" ,
"modified" : "2019-10-31T12:31:33.000Z" ,
"pattern" : "[file:hashes.SHA1 = '4ea2ed895111a70b9a59df37343440e4a3a97a47']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:33Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--26a6a040-f985-405c-9bee-66a7b33020d3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:33.000Z" ,
"modified" : "2019-10-31T12:31:33.000Z" ,
"pattern" : "[file:hashes.SHA1 = '5105f3020b5e680fa66d664c7f8c811f072933cf']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:33Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--763487c5-e5dc-46a7-a1cb-f65ec8833f51" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:34.000Z" ,
"modified" : "2019-10-31T12:31:34.000Z" ,
"pattern" : "[file:hashes.SHA1 = '52a8c38890360d0b32993a44c9e94e660f3fa8f4']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:34Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--feb300b8-0ebd-44b2-9ec4-2fb2fc15b76a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:34.000Z" ,
"modified" : "2019-10-31T12:31:34.000Z" ,
"pattern" : "[file:hashes.SHA1 = '55155c3a7b993584a07acdbf92f2200804c00e02']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:34Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0cc6abe2-35ff-4b76-878d-db8687e9dd60" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:35.000Z" ,
"modified" : "2019-10-31T12:31:35.000Z" ,
"pattern" : "[file:hashes.SHA1 = '5ab3461b17ee3806abbb06b8966f6b0011f3d8f2']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:35Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--50c56740-5d84-4913-815e-1d49d1c7091f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:35.000Z" ,
"modified" : "2019-10-31T12:31:35.000Z" ,
"pattern" : "[file:hashes.SHA1 = '634344fafd6e16f171b0857962149659639fdf41']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:35Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ee82d875-5623-4582-a631-aa0ee1fc00dd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:36.000Z" ,
"modified" : "2019-10-31T12:31:36.000Z" ,
"pattern" : "[file:hashes.SHA1 = '645720ec88c993b28d982c0ad89a5aca79ce7e16']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:36Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--fd21e98a-1714-4b78-be80-2ed6177ecb89" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:37.000Z" ,
"modified" : "2019-10-31T12:31:37.000Z" ,
"pattern" : "[file:hashes.SHA1 = '672bb391b92681adcfcfb4f2f728edf32f2fb8fe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:37Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9abff2da-d20a-40fd-a717-fa1064b72efe" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:37.000Z" ,
"modified" : "2019-10-31T12:31:37.000Z" ,
"pattern" : "[file:hashes.SHA1 = '6c10c9d46531fbc5f0c2372a116ab31c730ed4b7']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:37Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8de32028-d8fb-4999-bf98-978f20f6e638" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:37.000Z" ,
"modified" : "2019-10-31T12:31:37.000Z" ,
"pattern" : "[file:hashes.SHA1 = '70b21e3ac69f0220784228375ba6bef37fe0c488']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:37Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e2d4814a-2c97-4034-9a52-72396af91bc4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:38.000Z" ,
"modified" : "2019-10-31T12:31:38.000Z" ,
"pattern" : "[file:hashes.SHA1 = '723b27aba08cbb3a9ca42f7e8350451d00829e5a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--05c846e4-7280-4fe5-ac2c-17bc98e961e3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:38.000Z" ,
"modified" : "2019-10-31T12:31:38.000Z" ,
"pattern" : "[file:hashes.SHA1 = '74a68dad4bc87eacca93106832f8b4aee82843a2']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--27ee2283-7305-46f5-9b5c-95f4c56b1701" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:39.000Z" ,
"modified" : "2019-10-31T12:31:39.000Z" ,
"pattern" : "[file:hashes.SHA1 = '757ff5ec3dc53abbb62391b14883ef460f6fd404']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:39Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--351ace25-1a00-4799-ac3d-d0ed37d0c0e8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:40.000Z" ,
"modified" : "2019-10-31T12:31:40.000Z" ,
"pattern" : "[file:hashes.SHA1 = '75b7a4b7e01cecc9afbdab01c49e9d7fccacfdc0']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--921f2485-e5c0-4a91-866b-0056d6ed2776" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:40.000Z" ,
"modified" : "2019-10-31T12:31:40.000Z" ,
"pattern" : "[file:hashes.SHA1 = '7b0aae2aa17bd5712dd682f35c7a8e3e1cdcc57c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1f20f7f1-3a28-467a-89d8-40b4786a2086" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:40.000Z" ,
"modified" : "2019-10-31T12:31:40.000Z" ,
"pattern" : "[file:hashes.SHA1 = '82072cb53416c89bfee95b239f9a90677a0848df']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--72e5dda3-397b-45b1-9eba-87759438cebc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:41.000Z" ,
"modified" : "2019-10-31T12:31:41.000Z" ,
"pattern" : "[file:hashes.SHA1 = '8df84b01b08ee983c66becc59c0f361d246a96ed']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:41Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a9b8d3ea-75f4-4b50-9b8e-9ba8c896f9d5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:42.000Z" ,
"modified" : "2019-10-31T12:31:42.000Z" ,
"pattern" : "[file:hashes.SHA1 = '93f623c91f579d33788f84a9a83478cd2e9646aa']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:42Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1196b634-5f7f-4ccc-bcf5-f6aaa44bcd86" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:42.000Z" ,
"modified" : "2019-10-31T12:31:42.000Z" ,
"pattern" : "[file:hashes.SHA1 = '95a41fdddc8caf097902b484f8440bddad0c5b32']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:42Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--960da54a-a6c5-4335-bc61-0a72e6093242" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:43.000Z" ,
"modified" : "2019-10-31T12:31:43.000Z" ,
"pattern" : "[file:hashes.SHA1 = '971bb08196bba400b07cf213345f55ce0a6eedc8']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:43Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9aa2fc5a-de33-4a7a-b08e-00e8e4968fe1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:43.000Z" ,
"modified" : "2019-10-31T12:31:43.000Z" ,
"pattern" : "[file:hashes.SHA1 = '97709d62531d12a6994bce5787d519db52435a62']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:43Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--503ebd59-b048-42ba-9359-9e175db28dec" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:44.000Z" ,
"modified" : "2019-10-31T12:31:44.000Z" ,
"pattern" : "[file:hashes.SHA1 = '9bfb1c92489da812dbe53b2a8e2cc2724cf74b4e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:44Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a107546c-ed0c-4e3e-bbad-4d7298c4282d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:44.000Z" ,
"modified" : "2019-10-31T12:31:44.000Z" ,
"pattern" : "[file:hashes.SHA1 = '9e8883a6de72d338e2c0c1a0e291d013a0ce9058']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:44Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--50e5ac4e-84d4-4486-bef7-5f961661b7cb" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:45.000Z" ,
"modified" : "2019-10-31T12:31:45.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'a08922372042b4c3c0faa120e9dd626823cdb3c7']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--09ff8106-adc9-4eb0-a04d-28f641b9bbca" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:45.000Z" ,
"modified" : "2019-10-31T12:31:45.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'a1aed6fd6990a74590864f9d2a6e714a715fce3e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2d0d31d4-3fa3-458c-8f5d-a86c62bd434a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:46.000Z" ,
"modified" : "2019-10-31T12:31:46.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'b08d72576b93687dfc61abfa740dd39490d6a262']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:46Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--036e4f00-a1d0-48e4-a3f5-8d117cf01c19" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:47.000Z" ,
"modified" : "2019-10-31T12:31:47.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'b09addde1523c223c4f8fbf0e541c627e4a04400']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0dbe275c-0a3d-48bc-9017-cd1f60c9ad74" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:47.000Z" ,
"modified" : "2019-10-31T12:31:47.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'b4446480813d3bfc8de4049a32a72cc0eb0d8094']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a5cba5cd-dea0-4b22-a62b-282d425fc773" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:48.000Z" ,
"modified" : "2019-10-31T12:31:48.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'b6819c870df88a973eb48b572ad1cfeaeb6a655a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--fe129228-918a-4ff2-8349-bab7665d17e4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:48.000Z" ,
"modified" : "2019-10-31T12:31:48.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'bd1f1494b8d18daf07de7d47549a7e27ff3ffd05']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c1d5b686-07e2-47f6-a7fd-5468a4c5732a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:49.000Z" ,
"modified" : "2019-10-31T12:31:49.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'bdbadb2e3eedd72dd6f8d9235699a139cab69aae']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2f8edbd3-366e-4ccf-8ef8-a135f0eb52d3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:49.000Z" ,
"modified" : "2019-10-31T12:31:49.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'c262d297eaec622e3fb8e1fc2a0017e28168879a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--05bfc429-dc0a-4547-9e2a-397f54096993" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:50.000Z" ,
"modified" : "2019-10-31T12:31:50.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'c44d06f79e5e42b08be17a8a7dbaf61400f1de28']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--23118648-54ae-44f3-b0c9-645a57486224" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:50.000Z" ,
"modified" : "2019-10-31T12:31:50.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'c452bdf6ff99243a12789ff4b99ac71a5da5f696']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ef40d4b2-bc3b-4417-9d1c-20d5b07508f3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:51.000Z" ,
"modified" : "2019-10-31T12:31:51.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'cd36caf7f7cd9f161743348d2ea69a9e0254c3b5']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2ffc9026-a3cb-4805-a79c-b6ab695a1e84" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:51.000Z" ,
"modified" : "2019-10-31T12:31:51.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'd24bbb898a4a301870cab85f836090b0fc968163']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--39a5803d-f274-4b1c-97d1-dc12c9788540" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:52.000Z" ,
"modified" : "2019-10-31T12:31:52.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'd62a0bd08c5b435d1b8a0505e8018d58a9667b2c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9986298e-b7a4-4ad0-9944-93df20d9c2c4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:53.000Z" ,
"modified" : "2019-10-31T12:31:53.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'd74f1c8257409ad964db22087a559609c2d0d978']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2f5824c3-3290-4214-b16f-d6a07f3e289f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:53.000Z" ,
"modified" : "2019-10-31T12:31:53.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'd9a54f79ca15c7e363dbe62b4d1c5c8d103103a2']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8e2bb711-03e9-4991-a788-4d2457ec04a6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:54.000Z" ,
"modified" : "2019-10-31T12:31:54.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'daf1cd345f44cb2bf1cfa8d68eecaf1961cbd51f']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:54Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--56f07cf4-a5f5-4d0e-a739-a3d436d2021d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:54.000Z" ,
"modified" : "2019-10-31T12:31:54.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'dbe3eece00c255a3fdf924b82621394377b0e865']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:54Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--44f19d0a-e5b4-4978-8e82-37af722bf7c5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:55.000Z" ,
"modified" : "2019-10-31T12:31:55.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'de197a5dc5b38e4b72bc37c14cf38e577ddeb8b5']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:55Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--62e88828-d826-4b8c-8a3f-6ef69b2bd18a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:55.000Z" ,
"modified" : "2019-10-31T12:31:55.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'e0b1005da5b35e31f09fc82a694f188a92cca85d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:55Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--17e944c6-65c8-4b88-ab2d-03be679217f6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:56.000Z" ,
"modified" : "2019-10-31T12:31:56.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'e0f276ed16027ed2953a7b0e5274d3f563a75a9d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:56Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c5e12ba1-161c-4683-9a4a-e1d82b2695a6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:56.000Z" ,
"modified" : "2019-10-31T12:31:56.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'e14a6a8447ce1d45494e613d6327430d9025a2e5']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:56Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e18b9707-efa7-4028-b77d-3908a5354e73" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:57.000Z" ,
"modified" : "2019-10-31T12:31:57.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'e26b59789029d23bd9232fa6b1c90ec9379b9066']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:57Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1d914c73-0df1-4418-a740-67a5258d93aa" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:57.000Z" ,
"modified" : "2019-10-31T12:31:57.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'e6677e5e2d68bc544b210e69d9c8df6a2752c20a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:57Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d7067d38-7d5b-4d2c-bb35-784152f39f9d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:58.000Z" ,
"modified" : "2019-10-31T12:31:58.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'e6d43344a354eb17e0e0e76ad391fbcaf9c34119']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--295f34fa-ba58-45f2-93cd-0337c090f1cb" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:58.000Z" ,
"modified" : "2019-10-31T12:31:58.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'ec0e4a6e2e630267c13b449ed4cf3f04598e40df']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--566c5026-feeb-4918-bc2b-07c0cf1b2b77" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:59.000Z" ,
"modified" : "2019-10-31T12:31:59.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'ed0c9354d34d6e9f09b7038d391e846cdd9e0eae']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:59Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0b79df96-ad69-4cfd-bfcb-56e467460fca" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:31:59.000Z" ,
"modified" : "2019-10-31T12:31:59.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'ee5feb8e9428a04c454966f6e19e202ccb33545f']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:31:59Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3dd0303e-0bb8-456c-a4c3-63cee9f2b676" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:32:00.000Z" ,
"modified" : "2019-10-31T12:32:00.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'f14694bdde921b31030300cc9bdc5574ba3d9f74']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:32:00Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d723872f-f10e-41ff-bada-63f6b5514c7f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:32:00.000Z" ,
"modified" : "2019-10-31T12:32:00.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'f5ba05240b1609d4131d5dca7f5e6e90b5748004']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:32:00Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cbf15e08-54df-4625-ba00-c43df69b06a8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:32:01.000Z" ,
"modified" : "2019-10-31T12:32:01.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'f61403e7730d17b967da3143bc7cb33eebe826c0']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:32:01Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--75190791-061e-44b8-9477-5715d61bd1de" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:32:02.000Z" ,
"modified" : "2019-10-31T12:32:02.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'fd9ded44c47585541b89ffd25907a9a2ed41a995']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:32:02Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--49ad01a4-db2e-4893-a563-78fbee11f553" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:32:03.000Z" ,
"modified" : "2019-10-31T12:32:03.000Z" ,
"pattern" : "[file:hashes.SHA1 = '18e4feb988cb95d71d81e1964aa6280e22361b9f']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:32:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e09ab7d3-cdd5-401b-ac54-f316de578927" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:32:03.000Z" ,
"modified" : "2019-10-31T12:32:03.000Z" ,
"pattern" : "[file:hashes.SHA1 = '4af89296a15c1ea9068a279e05cc4a41b967c956']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:32:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f4282c5e-85b9-43f7-9a46-983cab49746a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:32:03.000Z" ,
"modified" : "2019-10-31T12:32:03.000Z" ,
"pattern" : "[file:hashes.SHA1 = '60b9428d00be5ce562ff3d888441220290a6dac7']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:32:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ea8bc570-0a4b-4c9d-bab7-1f6ee36adab5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:32:04.000Z" ,
"modified" : "2019-10-31T12:32:04.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'a2571946ab181657eb825cde07188e8bcd689575']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:32:04Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9fdcd0e4-2b5f-4662-9207-334ebc59fecd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:38:51.000Z" ,
"modified" : "2019-10-31T12:38:51.000Z" ,
"pattern" : "[file:hashes.MD5 = 'b257f366a9f5a065130d4dc99152ee10']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:38:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6c12996a-6a52-413a-86f0-39e2ee48a194" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:38:51.000Z" ,
"modified" : "2019-10-31T12:38:51.000Z" ,
"pattern" : "[file:hashes.MD5 = '04fb0ccf3ef309b1cd587f609ab0e81e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:38:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--13e02f92-a5bc-4f62-96e1-cc18f084c796" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:38:52.000Z" ,
"modified" : "2019-10-31T12:38:52.000Z" ,
"pattern" : "[file:hashes.MD5 = '47841ed50770153614889a6cc82bdc04']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:38:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8a2a1ce8-7e1f-47b0-be21-840f0854ecdf" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:38:52.000Z" ,
"modified" : "2019-10-31T12:38:52.000Z" ,
"pattern" : "[file:hashes.MD5 = '0b2e07205245697a749e422238f9f785']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:38:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--97234f77-dd1f-4ebe-9170-d0ad281b12cc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:38:53.000Z" ,
"modified" : "2019-10-31T12:38:53.000Z" ,
"pattern" : "[file:hashes.MD5 = 'a96226b8c5599e3391c7b111860dd654']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:38:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--11f6b4c6-e3aa-4ffb-a6b7-8e95ff3fc1d5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:38:54.000Z" ,
"modified" : "2019-10-31T12:38:54.000Z" ,
"pattern" : "[file:hashes.MD5 = '2ffc4f0e240ff62a8703e87030a96e39']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:38:54Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1f4eddc9-7c82-4259-b4ca-b3024f68437a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:38:54.000Z" ,
"modified" : "2019-10-31T12:38:54.000Z" ,
"pattern" : "[file:hashes.MD5 = 'dd792f9185860e1464b4346254b2101b']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:38:54Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d974ae2-81b0-4b34-bce7-f17f606f3346" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:38:55.000Z" ,
"modified" : "2019-10-31T12:38:55.000Z" ,
"pattern" : "[file:hashes.MD5 = '5322816c2567198ad3dfc53d99567d6e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:38:55Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--dc730660-1bf2-46de-86b5-48ad0f3c4149" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:38:55.000Z" ,
"modified" : "2019-10-31T12:38:55.000Z" ,
"pattern" : "[file:hashes.MD5 = '272537bbd2a8e2a2c3938dc31f0d2461']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:38:55Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f93aba30-8956-4095-ae42-70f159071ebd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:38:56.000Z" ,
"modified" : "2019-10-31T12:38:56.000Z" ,
"pattern" : "[file:hashes.MD5 = '1cb46d0f31bf762ffe3d3e39759e707b']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:38:56Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8461fce4-c1e1-4143-b192-d425dbb31bc0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:38:56.000Z" ,
"modified" : "2019-10-31T12:38:56.000Z" ,
"pattern" : "[file:hashes.MD5 = 'fcfab508663d9ce519b51f767e902806']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:38:56Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0e2ad0c2-098b-4557-bb4f-5ed6bc0fbe8b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:38:56.000Z" ,
"modified" : "2019-10-31T12:38:56.000Z" ,
"pattern" : "[file:hashes.MD5 = '72dcf13372fa8dbc2e4d17a384092442']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:38:56Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--93e75af2-53be-4f97-9b32-eb2cdeb9c19c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:38:57.000Z" ,
"modified" : "2019-10-31T12:38:57.000Z" ,
"pattern" : "[file:hashes.MD5 = '670ad341954388b3736de985ca0535b7']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:38:57Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8207f357-97d6-4838-8703-5410b0bed103" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:38:58.000Z" ,
"modified" : "2019-10-31T12:38:58.000Z" ,
"pattern" : "[file:hashes.MD5 = '4aef6b705512cb7812bab5d2df2c09fb']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:38:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--087ccf5a-592d-4d0e-b3d0-3e71accf1c4e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:38:58.000Z" ,
"modified" : "2019-10-31T12:38:58.000Z" ,
"pattern" : "[file:hashes.MD5 = '048b0012d4a389b5489e0e4ee4a5b615']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:38:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--65bb86f5-96bc-48bd-82e6-5fbc343f40cc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:38:58.000Z" ,
"modified" : "2019-10-31T12:38:58.000Z" ,
"pattern" : "[file:hashes.MD5 = '1caed61a68803ceddad5c7866dee2afa']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:38:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--bee3701f-6888-4b0a-8e16-22d25abd87f5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:38:59.000Z" ,
"modified" : "2019-10-31T12:38:59.000Z" ,
"pattern" : "[file:hashes.MD5 = 'ceac90308e03d440d2675e417a1ee8e7']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:38:59Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4e504d07-770f-4f26-a4b6-0642d46fb4af" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:00.000Z" ,
"modified" : "2019-10-31T12:39:00.000Z" ,
"pattern" : "[file:hashes.MD5 = 'd67c2639500907cd6d8ce1ce7f8797c3']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:00Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--116d3f95-e389-46b6-bb00-225979a02896" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:00.000Z" ,
"modified" : "2019-10-31T12:39:00.000Z" ,
"pattern" : "[file:hashes.MD5 = '5b992fede21281ff36a6233c7ea81f58']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:00Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--071c54ef-4359-4d30-9f70-9a34c05b3e84" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:01.000Z" ,
"modified" : "2019-10-31T12:39:01.000Z" ,
"pattern" : "[file:hashes.MD5 = 'c86c1b5da1f58483dd689f6540bb1b63']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:01Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--868f4961-dffe-41b5-a0b1-b833acbf4202" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:01.000Z" ,
"modified" : "2019-10-31T12:39:01.000Z" ,
"pattern" : "[file:hashes.MD5 = '1b1b1afac82945e95f1e769944232ed7']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:01Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--be807f73-1862-412f-a3bd-da6d32ccd7aa" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:03.000Z" ,
"modified" : "2019-10-31T12:39:03.000Z" ,
"pattern" : "[file:hashes.MD5 = '23d714b7bf921be537c913a4c3919f1e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7ee95d43-9829-49f4-9bc4-25894e6c9c1c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:03.000Z" ,
"modified" : "2019-10-31T12:39:03.000Z" ,
"pattern" : "[file:hashes.MD5 = '1c9dc504a9b806c8bb6ef9ba412184c4']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4495fc9d-797d-4c22-b395-12843c62e8d9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:04.000Z" ,
"modified" : "2019-10-31T12:39:04.000Z" ,
"pattern" : "[file:hashes.MD5 = '39fe65a46c03b930ccf0d552ed3c17b1']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:04Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d0018735-586a-4745-aa95-beadbbf50aec" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:04.000Z" ,
"modified" : "2019-10-31T12:39:04.000Z" ,
"pattern" : "[file:hashes.MD5 = 'f0e6077bea26adf258f75a078f4dc19e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:04Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7fc97be9-b36a-4b99-b47c-15cb3de1968e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:05.000Z" ,
"modified" : "2019-10-31T12:39:05.000Z" ,
"pattern" : "[file:hashes.MD5 = 'a1eaf444c878f5ec907488be3a7ef337']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:05Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8e7dd3b4-8c6a-4ac4-8f2c-c4a3ea5e8fd0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:05.000Z" ,
"modified" : "2019-10-31T12:39:05.000Z" ,
"pattern" : "[file:hashes.MD5 = 'b5ed632630f4eba5b9f2ab97eafda374']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:05Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--85ae0d22-3f39-4b80-9b25-da78f843e0d6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:06.000Z" ,
"modified" : "2019-10-31T12:39:06.000Z" ,
"pattern" : "[file:hashes.MD5 = '4e9100796e18f6a73e577a63de24b62e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:06Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--10200f14-53b4-4cff-871d-da952e45fe30" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:06.000Z" ,
"modified" : "2019-10-31T12:39:06.000Z" ,
"pattern" : "[file:hashes.MD5 = 'b0877494d36fab1f9f4219c3defbfb19']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:06Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--21c9532b-f9b4-4fa6-8ca6-4d158ab210fe" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:07.000Z" ,
"modified" : "2019-10-31T12:39:07.000Z" ,
"pattern" : "[file:hashes.MD5 = 'aebc676868d17c7e8b39a1a59d753a89']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:07Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--984b6773-8b0f-432d-b08f-6998c7e93264" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:08.000Z" ,
"modified" : "2019-10-31T12:39:08.000Z" ,
"pattern" : "[file:hashes.MD5 = '26f8c0fb2c193b35ae5b4a93357681f0']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:08Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0a9ebda9-3bff-41fd-a691-e9d307be0cce" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:08.000Z" ,
"modified" : "2019-10-31T12:39:08.000Z" ,
"pattern" : "[file:hashes.MD5 = 'b40d64b2390ec149c183064bed57321c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:08Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--18c57ae6-dc28-4c7a-9b79-96f3ca6a8636" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:09.000Z" ,
"modified" : "2019-10-31T12:39:09.000Z" ,
"pattern" : "[file:hashes.MD5 = '056dcf4af7bbdbe60504174c6ae41ba5']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:09Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ca01ae7e-6928-45ed-bbf1-f28cf844318e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:09.000Z" ,
"modified" : "2019-10-31T12:39:09.000Z" ,
"pattern" : "[file:hashes.MD5 = 'c4f0c0cbdce242800b7947c31e02537e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:09Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--762ad35c-e8cd-40e8-af90-0e4cf404a5b3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:10.000Z" ,
"modified" : "2019-10-31T12:39:10.000Z" ,
"pattern" : "[file:hashes.MD5 = '04be89ff5d217796bc68678d2508a0d7']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:10Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d73334c4-4013-482e-ac84-ce09056abc9a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:11.000Z" ,
"modified" : "2019-10-31T12:39:11.000Z" ,
"pattern" : "[file:hashes.MD5 = '2394a4c5123e6731a88a0a1b8bcfa9fa']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:11Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2adc154f-3364-4ec9-a7ef-720861f8a166" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:11.000Z" ,
"modified" : "2019-10-31T12:39:11.000Z" ,
"pattern" : "[file:hashes.MD5 = '904bbe5ac0d53e74a6cefb14ebd58c0b']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:11Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f9315d9e-83b7-45d3-9730-561b5f4950b2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:12.000Z" ,
"modified" : "2019-10-31T12:39:12.000Z" ,
"pattern" : "[file:hashes.MD5 = 'd1132f11642842ed7acc19668356e55b']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:12Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--662a894e-5fef-450c-a8c7-9ab531198dfb" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:12.000Z" ,
"modified" : "2019-10-31T12:39:12.000Z" ,
"pattern" : "[file:hashes.MD5 = '0b1f426e2e3151d3a57bb4795bc064ad']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:12Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--29c9a491-6a39-4a75-b32c-ef9cdb0edcf5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:13.000Z" ,
"modified" : "2019-10-31T12:39:13.000Z" ,
"pattern" : "[file:hashes.MD5 = '3ffb1c409b48277a831aafcbecc3979f']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:13Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2d2ce7e4-cfef-457d-9afe-292c07e9e255" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:13.000Z" ,
"modified" : "2019-10-31T12:39:13.000Z" ,
"pattern" : "[file:hashes.MD5 = '9e2402b302572ac8f0fe7d71eabe354c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:13Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--105e2ea9-5859-4338-9bcc-3c3ac2b0e2ec" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:14.000Z" ,
"modified" : "2019-10-31T12:39:14.000Z" ,
"pattern" : "[file:hashes.MD5 = 'd5d820422aeb519e2301ebc2ad2d1114']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:14Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--fc2abd95-30aa-4fd3-b9f0-276e09f8e9ab" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:14.000Z" ,
"modified" : "2019-10-31T12:39:14.000Z" ,
"pattern" : "[file:hashes.MD5 = 'fa5ae5ba7189b82eb577da46b5549693']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:14Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ae7e63bf-cce1-423a-bdcc-7affd6df8fd4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:15.000Z" ,
"modified" : "2019-10-31T12:39:15.000Z" ,
"pattern" : "[file:hashes.MD5 = '68e1d87bef08710244af243e019e0b0d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:15Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--69d2a00d-8bbf-4dd8-b00e-8250308c972d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:15.000Z" ,
"modified" : "2019-10-31T12:39:15.000Z" ,
"pattern" : "[file:hashes.MD5 = 'ffd0f34739c1568797891b9961111464']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:15Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e6a98500-0960-47da-90cd-b2d0c228925d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:16.000Z" ,
"modified" : "2019-10-31T12:39:16.000Z" ,
"pattern" : "[file:hashes.MD5 = '3ad4c5895363c69b132cc60e1c9f7501']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:16Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f47c9509-d606-4b5c-a6e6-8ad648516e81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:16.000Z" ,
"modified" : "2019-10-31T12:39:16.000Z" ,
"pattern" : "[file:hashes.MD5 = '94d3597bedc4c7459adb464440bc7849']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:16Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3e105e2c-4491-44bf-b0d0-4db3bbcdd619" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:17.000Z" ,
"modified" : "2019-10-31T12:39:17.000Z" ,
"pattern" : "[file:hashes.MD5 = '576aaf62603d02b2927cd0b6a3cabe9d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:17Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6f6d4416-3fb0-4e46-aa2b-95b9a9f57f22" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:18.000Z" ,
"modified" : "2019-10-31T12:39:18.000Z" ,
"pattern" : "[file:hashes.MD5 = '557ff68798c71652db8a85596a4bab72']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:18Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--671d4672-a0b8-40d0-8731-068217210a6a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:18.000Z" ,
"modified" : "2019-10-31T12:39:18.000Z" ,
"pattern" : "[file:hashes.MD5 = 'a655ca9561a5cc29c20f3699da21b9c9']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:18Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--df713911-868b-4035-87cc-7952898729eb" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:19.000Z" ,
"modified" : "2019-10-31T12:39:19.000Z" ,
"pattern" : "[file:hashes.MD5 = '6bef7d2a1cd002c767379e0d974caf6e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:19Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b557db93-12b8-40e4-8926-5ae7087e0840" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:19.000Z" ,
"modified" : "2019-10-31T12:39:19.000Z" ,
"pattern" : "[file:hashes.MD5 = '273f4d40d2dfe4aa14e7bc8063d4bfd3']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:19Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8bef921f-da18-41c3-acbf-942ece3ed031" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:20.000Z" ,
"modified" : "2019-10-31T12:39:20.000Z" ,
"pattern" : "[file:hashes.MD5 = '1e5308c3017fcda43c29f1f3645b5fb9']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cb977951-e252-49f2-bd92-0026dbc4ea49" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:20.000Z" ,
"modified" : "2019-10-31T12:39:20.000Z" ,
"pattern" : "[file:hashes.MD5 = 'fb59c79e20b55c274607bc2f1b0d7f80']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0f371f25-85f3-4770-9a35-902ee323097a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:21.000Z" ,
"modified" : "2019-10-31T12:39:21.000Z" ,
"pattern" : "[file:hashes.MD5 = 'd0e9330537f644cfed2254d9d5bbcbe4']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--df4b1fa0-0652-4c71-aa82-2da289e9787c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:21.000Z" ,
"modified" : "2019-10-31T12:39:21.000Z" ,
"pattern" : "[file:hashes.MD5 = '9ac7bf4b6e5fceb1abbf786933171b57']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5afa9f8d-72e5-4392-bb2c-4f77b9e2052a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:22.000Z" ,
"modified" : "2019-10-31T12:39:22.000Z" ,
"pattern" : "[file:hashes.MD5 = 'c11dd805de683822bf4922aecb9bfef5']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:22Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--bfd7df11-59ca-468a-9f68-5da2c3b9c7c9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:23.000Z" ,
"modified" : "2019-10-31T12:39:23.000Z" ,
"pattern" : "[file:hashes.MD5 = '3d5e22618aa2e478d29855bbe03d4f12']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:23Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ce2e7e17-74a2-4861-b1c9-21546bd54cb7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:23.000Z" ,
"modified" : "2019-10-31T12:39:23.000Z" ,
"pattern" : "[file:hashes.MD5 = '506a3fc6d88ebd0986024a50d87288ab']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:23Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--63e8dc47-167b-48f5-a749-832e488426c0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:24.000Z" ,
"modified" : "2019-10-31T12:39:24.000Z" ,
"pattern" : "[file:hashes.MD5 = '864c6af68b26c30327eee8b92ac94643']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:24Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d8191220-9eb5-406f-b9a8-a783a903ab19" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:24.000Z" ,
"modified" : "2019-10-31T12:39:24.000Z" ,
"pattern" : "[file:hashes.MD5 = '38f414b54f269d2a81477360a194604a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:24Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d1f1cde7-25db-49fe-b966-49e9fb12fb38" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:25.000Z" ,
"modified" : "2019-10-31T12:39:25.000Z" ,
"pattern" : "[file:hashes.MD5 = '8861998d0b5b88a15988f44804a4d936']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f773475b-cbcc-4cee-b182-78bb461f3734" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:25.000Z" ,
"modified" : "2019-10-31T12:39:25.000Z" ,
"pattern" : "[file:hashes.MD5 = '05c1768dbb9650bc42156668d38d7fc5']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8a80e00d-1f1a-4b0d-abb3-fe607a3f699c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:26.000Z" ,
"modified" : "2019-10-31T12:39:26.000Z" ,
"pattern" : "[file:hashes.MD5 = 'd9bc3699ece5719ae656bfc8ff7d809a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:26Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7ce71801-752b-4c1c-82a6-2058d0fc0e88" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:26.000Z" ,
"modified" : "2019-10-31T12:39:26.000Z" ,
"pattern" : "[file:hashes.MD5 = '4b33dabd7fe6d6317d0299b7a4cb9917']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:26Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a1fa4f89-0a28-4633-bbab-8f56680ec735" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:27.000Z" ,
"modified" : "2019-10-31T12:39:27.000Z" ,
"pattern" : "[file:hashes.MD5 = '05f6e92bc099fb51d9820f0ba0464062']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b9430d3e-bbb2-472c-adff-87b08cc00a63" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:27.000Z" ,
"modified" : "2019-10-31T12:39:27.000Z" ,
"pattern" : "[file:hashes.MD5 = '6cc9017ce2721e6f015015506803dc72']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--528b7956-1c2e-4202-a5e2-75a1305438dc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:28.000Z" ,
"modified" : "2019-10-31T12:39:28.000Z" ,
"pattern" : "[file:hashes.MD5 = 'aa4bd43878b0ec13d857009a9aeeb53c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:28Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e4106288-a5f8-42c0-9645-91bed8198038" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:28.000Z" ,
"modified" : "2019-10-31T12:39:28.000Z" ,
"pattern" : "[file:hashes.MD5 = '32315bbba59a742f00a37d7da40a938d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:28Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6934451a-f55f-4c65-91d4-4933f32b38ee" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:29.000Z" ,
"modified" : "2019-10-31T12:39:29.000Z" ,
"pattern" : "[file:hashes.MD5 = '0c056040bf1d74a226aa558c7afbe17d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:29Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--865153ef-0c63-40fd-949f-a84c78f2f7af" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:30.000Z" ,
"modified" : "2019-10-31T12:39:30.000Z" ,
"pattern" : "[file:hashes.MD5 = '6053a569c55d5f87795be3a4f9b4878e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:30Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9e404888-27e0-4db7-a2f8-e488bcc12358" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:30.000Z" ,
"modified" : "2019-10-31T12:39:30.000Z" ,
"pattern" : "[file:hashes.MD5 = '62b502975e449f36612b93743c149e21']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:30Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6f12639f-4d7e-498a-a21d-b10f891d031e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:31.000Z" ,
"modified" : "2019-10-31T12:39:31.000Z" ,
"pattern" : "[file:hashes.MD5 = '1672a34928b5611a976e3ec3e5ca25a0']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:31Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--18d8561b-5482-4cca-8782-6997c8a1fe50" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:31.000Z" ,
"modified" : "2019-10-31T12:39:31.000Z" ,
"pattern" : "[file:hashes.MD5 = '2083139a77750a681715c24c30fd3ddc']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:31Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c179fff1-471f-40b7-b686-00a63b2becd1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:32.000Z" ,
"modified" : "2019-10-31T12:39:32.000Z" ,
"pattern" : "[file:hashes.MD5 = '633e9a97abb0dae175fb4bdebafc1e07']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:32Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0ef53abe-84d7-4268-8e53-c02bb3efed05" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:33.000Z" ,
"modified" : "2019-10-31T12:39:33.000Z" ,
"pattern" : "[file:hashes.MD5 = '2d42fbb541572a43c6f64e75b425cc9d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:33Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3f66112d-50e4-414e-94a5-74548b9b2d3e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:34.000Z" ,
"modified" : "2019-10-31T12:39:34.000Z" ,
"pattern" : "[file:hashes.MD5 = 'e9d1d0dd1b3fe293356fb7ca5ea849e2']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:34Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c598e289-f69d-4851-912e-93465150c28f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:34.000Z" ,
"modified" : "2019-10-31T12:39:34.000Z" ,
"pattern" : "[file:hashes.MD5 = 'b7f43e2ae1c99ece96f92e5d1df82031']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:34Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5232c969-6cb9-4099-89d1-42eba24c28bd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:35.000Z" ,
"modified" : "2019-10-31T12:39:35.000Z" ,
"pattern" : "[file:hashes.MD5 = '2b9244c526e2c2b6d40e79a8c3edb93c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:35Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9aa86261-81d2-44e2-91c3-84eb8cfd26c2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:35.000Z" ,
"modified" : "2019-10-31T12:39:35.000Z" ,
"pattern" : "[file:hashes.MD5 = 'c36480ba2dc9b3f41b3632bf9b267389']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:35Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8bc1b820-4e74-46cb-b794-feb9997db37a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:36.000Z" ,
"modified" : "2019-10-31T12:39:36.000Z" ,
"pattern" : "[file:hashes.MD5 = '2470e46497788eaddba212ec357d2bd4']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:36Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1d12d556-73c5-4b51-9078-079b3bf5e349" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:36.000Z" ,
"modified" : "2019-10-31T12:39:36.000Z" ,
"pattern" : "[file:hashes.MD5 = 'e966eab34eeab3c91e20d396663180d6']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:36Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6110b7ea-53a4-4476-ad76-547430c3ec86" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:37.000Z" ,
"modified" : "2019-10-31T12:39:37.000Z" ,
"pattern" : "[file:hashes.MD5 = '4f11c35694f2bd2b7e4b5a3ae1e9dce5']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:37Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--fde66354-fb78-48b8-b716-10e1564e516c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:37.000Z" ,
"modified" : "2019-10-31T12:39:37.000Z" ,
"pattern" : "[file:hashes.MD5 = '92267979eac3aee7ca605bfd4b767b0c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:37Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c87ef7aa-ed88-4b81-945d-8111b0208b80" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:38.000Z" ,
"modified" : "2019-10-31T12:39:38.000Z" ,
"pattern" : "[file:hashes.MD5 = '30d9ac12711d52a34f87cfa5cea0c85a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e81b286c-1545-4e23-93de-f0b97b90956d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:39.000Z" ,
"modified" : "2019-10-31T12:39:39.000Z" ,
"pattern" : "[file:hashes.MD5 = '64bba3f138d4956cfed166835ed8168f']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:39Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--20cda84c-d994-4480-aaf2-e62217e5d67c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:39.000Z" ,
"modified" : "2019-10-31T12:39:39.000Z" ,
"pattern" : "[file:hashes.MD5 = 'ab5ad936f58692edfc7867b6d7fda4c7']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:39Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a42d7e1-a1b6-42d6-b154-2e04a6d274cc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-10-31T12:39:40.000Z" ,
"modified" : "2019-10-31T12:39:40.000Z" ,
"pattern" : "[file:hashes.MD5 = '4d3422770cf351f5235334b805b76e09']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-10-31T12:39:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--f5723a7a-fa7b-402e-82d5-aee13e98502f" ,
"created" : "2019-10-29T13:51:52.000Z" ,
"modified" : "2019-10-29T13:51:52.000Z" ,
"relationship_type" : "is-in-relation-with" ,
"source_ref" : "indicator--5db6c864-75fc-448b-85b5-1a25950d210f" ,
"target_ref" : "indicator--5db6c4fa-04a8-4cca-b559-4f73950d210f"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--facaa326-498d-4220-9cad-3a7ef67b1c65" ,
"created" : "2019-10-29T13:57:36.000Z" ,
"modified" : "2019-10-29T13:57:36.000Z" ,
"relationship_type" : "is-in-relation-with" ,
"source_ref" : "indicator--5db6c864-75fc-448b-85b5-1a25950d210f" ,
"target_ref" : "indicator--5db6d484-45f8-4fee-af9a-458f950d210f"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--56d58ae2-8f2a-4b5e-bdf9-2d77727d577e" ,
"created" : "2019-10-29T14:10:47.000Z" ,
"modified" : "2019-10-29T14:10:47.000Z" ,
"relationship_type" : "is-in-relation-with" ,
"source_ref" : "indicator--5db6c864-75fc-448b-85b5-1a25950d210f" ,
"target_ref" : "indicator--5db6d505-ffa4-4bad-b88f-4f39950d210f"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--42997319-ebfe-4a1c-b2ad-e63152728ce3" ,
"created" : "2019-10-29T13:55:11.000Z" ,
"modified" : "2019-10-29T13:55:11.000Z" ,
"relationship_type" : "is-in-relation-with" ,
"source_ref" : "indicator--5db6d0f5-432c-456e-9b18-4d12950d210f" ,
"target_ref" : "indicator--5db8449d-e0c4-427a-bddf-27ca950d210f"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--60fe144c-1d4c-4214-9256-26c32d046885" ,
"created" : "2019-10-29T14:12:15.000Z" ,
"modified" : "2019-10-29T14:12:15.000Z" ,
"relationship_type" : "is-in-relation-with" ,
"source_ref" : "indicator--5db6d0f5-432c-456e-9b18-4d12950d210f" ,
"target_ref" : "indicator--5db6d4b2-0544-4dc5-98bb-458f950d210f"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--3ba7d7ed-779f-46c4-b9c2-8b3828af379f" ,
"created" : "2019-10-29T14:13:23.000Z" ,
"modified" : "2019-10-29T14:13:23.000Z" ,
"relationship_type" : "is-in-relation-with" ,
"source_ref" : "indicator--5db6d0f5-432c-456e-9b18-4d12950d210f" ,
"target_ref" : "indicator--5db6d538-0514-484f-9a89-4015950d210f"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--a03c28c0-fc4c-4886-b3ad-92dcbf0b8b1f" ,
"created" : "2019-10-29T14:15:10.000Z" ,
"modified" : "2019-10-29T14:15:10.000Z" ,
"relationship_type" : "is-in-relation-with" ,
"source_ref" : "indicator--5db6d505-ffa4-4bad-b88f-4f39950d210f" ,
"target_ref" : "indicator--5db6e066-a8b0-4b15-89ff-ab08950d210f"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--d4419043-622d-426a-96f1-2b2fd756450f" ,
"created" : "2019-10-29T14:16:48.000Z" ,
"modified" : "2019-10-29T14:16:48.000Z" ,
"relationship_type" : "is-in-relation-with" ,
"source_ref" : "indicator--5db6d505-ffa4-4bad-b88f-4f39950d210f" ,
"target_ref" : "indicator--5db6e157-2930-415d-ae13-aab4950d210f"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--5045dfb8-6e78-4f40-b306-b13baeaa891e" ,
"created" : "2019-10-29T09:44:28.000Z" ,
"modified" : "2019-10-29T09:44:28.000Z" ,
"relationship_type" : "is-in-relation-with" ,
"source_ref" : "indicator--5db807a7-b5b0-4745-8040-44c2950d210f" ,
"target_ref" : "indicator--5db80912-bb10-4533-8a6f-4266950d210f"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--81410aef-13f4-4042-a7e0-cc88b71414c3" ,
"created" : "2019-10-29T13:28:50.000Z" ,
"modified" : "2019-10-29T13:28:50.000Z" ,
"relationship_type" : "is-in-relation-with" ,
"source_ref" : "indicator--5db80a67-eea8-4ced-be90-43c1950d210f" ,
"target_ref" : "indicator--5db81b3e-2e2c-4627-90cb-eef3950d210f"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--cd4d80a0-aeb8-48ab-83ee-83cc0ff75d4f" ,
"created" : "2019-10-29T10:57:02.000Z" ,
"modified" : "2019-10-29T10:57:02.000Z" ,
"relationship_type" : "is-in-relation-with" ,
"source_ref" : "indicator--5db80a91-2ccc-4035-8deb-4773950d210f" ,
"target_ref" : "indicator--5db81210-dcbc-413f-b1f3-eef3950d210f"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--4c406b0d-8d6e-4975-8d9d-5d29ca204c47" ,
"created" : "2019-10-31T08:47:29.000Z" ,
"modified" : "2019-10-31T08:47:29.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--b5b6b501-e66c-4f4e-9527-516ad2ca69e5" ,
"target_ref" : "x-misp-object--2d9e2792-be70-4733-a982-8fb833e3067c"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--3750da19-6373-42b9-ac2c-bb6c9a39a549" ,
"created" : "2019-10-31T08:47:29.000Z" ,
"modified" : "2019-10-31T08:47:29.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--00f40c23-331f-4ba6-b8c6-42474a13526c" ,
"target_ref" : "x-misp-object--47b6931b-7c53-435d-8559-5691aa5f5a8f"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--7edf8d9f-01ac-428e-bc3f-cdcaf6154fab" ,
"created" : "2019-10-31T08:47:29.000Z" ,
"modified" : "2019-10-31T08:47:29.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--3937eb70-185e-44a0-917e-ebdc7f1d0752" ,
"target_ref" : "x-misp-object--a8cf73f0-b98a-434c-9ed7-82b1a343c9a0"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--525279b1-a989-4bb5-834f-cfba16557764" ,
"created" : "2019-10-31T08:47:29.000Z" ,
"modified" : "2019-10-31T08:47:29.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--930e9e44-5724-449d-9e3e-0f32c22692e0" ,
"target_ref" : "x-misp-object--b60b4cf3-7172-4e25-bd30-6cb80c4f2e44"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--a03f6243-480f-4c32-9035-3086b517b9e6" ,
"created" : "2019-10-31T08:47:29.000Z" ,
"modified" : "2019-10-31T08:47:29.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--ae10ed2e-838e-4ac6-87be-e6636090880b" ,
"target_ref" : "x-misp-object--cb2ff493-1850-4aa2-86bf-d1cd7fd387cd"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--694c0489-ad9c-49af-bc74-b11cd46d63f7" ,
"created" : "2019-10-31T08:47:29.000Z" ,
"modified" : "2019-10-31T08:47:29.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--cbba4bfa-ba52-4d30-9939-cf8386e2acd9" ,
"target_ref" : "x-misp-object--15ee4e85-d113-4933-b3a4-a5bf20d8dee7"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--7d740545-e839-418f-b9ab-b2ff6557d051" ,
"created" : "2019-10-31T08:47:29.000Z" ,
"modified" : "2019-10-31T08:47:29.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--1bbcd3f2-97bf-4f5b-8bb4-efa2920e33c4" ,
"target_ref" : "x-misp-object--80d87c81-4223-434a-8297-8c55c2188c23"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--3d3f301c-6dc7-488a-b97f-d685bdd69514" ,
"created" : "2019-10-31T08:47:29.000Z" ,
"modified" : "2019-10-31T08:47:29.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--5042d9f9-1bee-4379-85b1-0685c573cac5" ,
"target_ref" : "x-misp-object--34fca3cd-6c8f-4a81-8727-1319e20a0b13"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--ec1196a8-51a0-4bb6-ae8e-805a43e956fe" ,
"created" : "2019-10-31T08:47:29.000Z" ,
"modified" : "2019-10-31T08:47:29.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--385f33d1-34a9-41a6-b4e9-a40a4fa715be" ,
"target_ref" : "x-misp-object--46784d68-1971-470f-a424-2f01edeefbd9"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--f100188b-deef-4863-86db-f81d1f61f33e" ,
"created" : "2019-10-31T08:47:29.000Z" ,
"modified" : "2019-10-31T08:47:29.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--b46c5962-8963-4ac0-b053-b3faacb71620" ,
"target_ref" : "x-misp-object--8a35b215-db3c-4411-a176-705f087e517b"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--6f32bcd0-0ab3-41bd-9007-d7f1ae843f85" ,
"created" : "2019-10-31T08:47:29.000Z" ,
"modified" : "2019-10-31T08:47:29.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--5fea27fd-624f-4542-93cb-93202c027316" ,
"target_ref" : "x-misp-object--bd3ecda1-2b63-4905-9c4b-e2842401451c"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--0a9fafc9-934d-479c-a137-f47d37b40270" ,
"created" : "2019-10-31T08:47:29.000Z" ,
"modified" : "2019-10-31T08:47:29.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--db72a9ba-be71-404e-8958-e809f5a7fd38" ,
"target_ref" : "x-misp-object--32d2677f-6d87-4b8b-9b00-025b88e10700"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--8b6a8e32-e7b6-44dc-b722-bdda184c3291" ,
"created" : "2019-10-31T08:47:29.000Z" ,
"modified" : "2019-10-31T08:47:29.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--0124dee6-62c1-4547-bd95-c10623a21444" ,
"target_ref" : "x-misp-object--0e47ffa7-909e-4804-b178-ed04ad92a2dd"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--723fbc1b-82bf-490f-b04b-0135506579f2" ,
"created" : "2019-10-31T08:47:29.000Z" ,
"modified" : "2019-10-31T08:47:29.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--b220db74-8ab2-4c99-8df8-4be473329599" ,
"target_ref" : "x-misp-object--0e6dd455-6e1b-4d16-885b-0b7d7fc005fa"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--2068a251-90f0-40ff-a9e7-c8fb62f7d09a" ,
"created" : "2019-10-31T08:47:29.000Z" ,
"modified" : "2019-10-31T08:47:29.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--654f1da9-cb27-4eeb-ae9d-18fb0e8796f1" ,
"target_ref" : "x-misp-object--7dded6aa-9b4d-4b47-a262-b63e0409e70b"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--451579ca-900d-4cf4-ad67-9992c8452462" ,
"created" : "2019-10-31T08:47:30.000Z" ,
"modified" : "2019-10-31T08:47:30.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--c2c23001-5488-4016-82fd-ae492c6c31bf" ,
"target_ref" : "x-misp-object--c3b5234a-f538-4f34-93fa-9c87a7f18c4b"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--c71a5590-085c-4bb1-b239-d86ae075ea62" ,
"created" : "2019-10-31T08:47:30.000Z" ,
"modified" : "2019-10-31T08:47:30.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--628bb82b-0724-4d36-8154-a8458f1edf1c" ,
"target_ref" : "x-misp-object--ee9ee64a-9229-4e42-a1a7-35f2e46b226f"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--0b5d1892-99b8-4930-9e50-582c39b1c7ca" ,
"created" : "2019-10-31T08:47:30.000Z" ,
"modified" : "2019-10-31T08:47:30.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--aa6a25ca-4f6b-4234-983e-ebac2149c49b" ,
"target_ref" : "x-misp-object--d568e860-b698-413d-a253-94ce9d8d6b87"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--7198d6e0-983c-4476-9060-fb9cb0a979ab" ,
"created" : "2019-10-31T08:47:30.000Z" ,
"modified" : "2019-10-31T08:47:30.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--9352ee1c-bdc9-4bbf-b067-dd189144e421" ,
"target_ref" : "x-misp-object--24cb5d8b-f102-4f31-b96c-675b65c64f0a"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--38e7b26a-3448-41e3-857b-15a9e467991f" ,
"created" : "2019-10-31T08:47:30.000Z" ,
"modified" : "2019-10-31T08:47:30.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--9c4e0fc1-03b9-46be-8fbb-41de315f93e6" ,
"target_ref" : "x-misp-object--5d0b3e85-9140-42ee-9cbe-21ae3238aa00"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--804d7a41-9a60-4b88-94d4-cb2c3cba7aa1" ,
"created" : "2019-10-31T08:47:30.000Z" ,
"modified" : "2019-10-31T08:47:30.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--c454ec6e-8f29-4989-9bf0-e6bd3bb192e9" ,
"target_ref" : "x-misp-object--de314694-d9c4-490c-b815-570571b04bda"
} ,
{
"type" : "marking-definition" ,
"spec_version" : "2.1" ,
"id" : "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ,
"created" : "2017-01-20T00:00:00.000Z" ,
"definition_type" : "tlp" ,
"name" : "TLP:WHITE" ,
"definition" : {
"tlp" : "white"
}
}
]
}
