2023-04-21 13:25:09 +00:00
{
2023-06-14 17:31:25 +00:00
"type" : "bundle" ,
"id" : "bundle--ff6b1c02-8c44-4646-9d3f-9a831b5ba006" ,
"objects" : [
{
"type" : "identity" ,
"spec_version" : "2.1" ,
"id" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-05-13T11:34:22.000Z" ,
"modified" : "2022-05-13T11:34:22.000Z" ,
"name" : "CIRCL" ,
"identity_class" : "organization"
} ,
{
"type" : "report" ,
"spec_version" : "2.1" ,
"id" : "report--ff6b1c02-8c44-4646-9d3f-9a831b5ba006" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-05-13T11:34:22.000Z" ,
"modified" : "2022-05-13T11:34:22.000Z" ,
"name" : "Phishing La Banque Postale - Lookyloo Capture (http://one.doesntexist.com/p/b2ba4)" ,
"published" : "2022-05-13T11:34:44Z" ,
"object_refs" : [
"observed-data--70dddd06-dead-43c6-bdf2-6da2fa0538af" ,
"url--70dddd06-dead-43c6-bdf2-6da2fa0538af" ,
"observed-data--f84d9326-0fc4-4010-b604-e0d13e6667d1" ,
"file--f84d9326-0fc4-4010-b604-e0d13e6667d1" ,
"artifact--f84d9326-0fc4-4010-b604-e0d13e6667d1" ,
"observed-data--a2de8830-f5b6-4083-96f7-d3e346c2633a" ,
"url--a2de8830-f5b6-4083-96f7-d3e346c2633a" ,
"indicator--98f7b0f5-84aa-47cf-a092-6ded5bd596c6" ,
"indicator--28bcffa1-e25b-43e9-9acd-d732c6456e93" ,
"indicator--dae82c40-86ac-4eb7-be71-594e6355f171" ,
"indicator--f506dd8d-6577-41a2-aee6-4dbd731ac45a" ,
"x-misp-object--b939f553-12b7-43f9-ba4d-40944a3be7db" ,
"x-misp-object--a530c278-985f-4406-8446-a586d13a5247" ,
"x-misp-object--96251147-2609-46da-9a12-8e59b27a5d03" ,
2023-12-14 13:47:04 +00:00
"relationship--1c71f789-a9d6-4c3c-88bf-311d662d69b8" ,
"relationship--ef5c4fb2-cb63-47a3-ab8e-a5984f61b445" ,
"relationship--8b89844e-5299-4733-9933-a22c5016cac5" ,
"relationship--c996d772-97d2-4f50-9dcd-97789277bfab" ,
"relationship--aa0a779a-5f7c-440b-907b-9a7ec63e52a0" ,
"relationship--ac9ddb5a-23f2-4173-a512-ed08ae104c89" ,
"relationship--3e1e9261-844d-4762-b8b8-5dfb3d73e011" ,
"relationship--8a859f05-d66a-494e-86e6-f9f644f4abcf"
2023-06-14 17:31:25 +00:00
] ,
"labels" : [
"Threat-Report" ,
"misp:tool=\"MISP-STIX-Converter\"" ,
"circl:incident-classification=\"phishing\"" ,
"type:OSINT" ,
"osint:lifetime=\"perpetual\""
] ,
"object_marking_refs" : [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--70dddd06-dead-43c6-bdf2-6da2fa0538af" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-05-11T15:02:55.000Z" ,
"modified" : "2022-05-11T15:02:55.000Z" ,
"first_observed" : "2022-05-11T15:02:55Z" ,
"last_observed" : "2022-05-11T15:02:55Z" ,
"number_observed" : 1 ,
"object_refs" : [
"url--70dddd06-dead-43c6-bdf2-6da2fa0538af"
] ,
"labels" : [
"misp:type=\"link\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "url" ,
"spec_version" : "2.1" ,
"id" : "url--70dddd06-dead-43c6-bdf2-6da2fa0538af" ,
"value" : "https://lookyloo.circl.lu/tree/184f1ad3-27b1-4402-834b-fc0b579313cb"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--f84d9326-0fc4-4010-b604-e0d13e6667d1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-05-11T15:02:55.000Z" ,
"modified" : "2022-05-11T15:02:55.000Z" ,
"first_observed" : "2022-05-11T15:02:55Z" ,
"last_observed" : "2022-05-11T15:02:55Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--f84d9326-0fc4-4010-b604-e0d13e6667d1" ,
"artifact--f84d9326-0fc4-4010-b604-e0d13e6667d1"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--f84d9326-0fc4-4010-b604-e0d13e6667d1" ,
"name" : "screenshot_landing_page.png" ,
"content_ref" : "artifact--f84d9326-0fc4-4010-b604-e0d13e6667d1"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--f84d9326-0fc4-4010-b604-e0d13e6667d1" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A B 4 A A A A U M C A Y A A A D R T 49 M A A A A A X N S R 0 I A r s 4 c 6 Q A A I A B J R E F U e J z s 3 X d 8 F G X + w P H P 7 q Z n 0 0 N C I I G E E p o g B E M H D 5 F 21 A M B s V F E E H s B R U 89 y / 30 P O / s q I f Y A U E 9 F R W D I s H Q W y C U Q B L S O + l t s 5 t k d + f 3 x 96 O W R J C C P F A 7 / t + v X x J t s z M z j z z z F O / j 6 a q q k p B C C G E E E I I I Y Q Q Q g g h h B B C C C H E b 5 p G o 0 G r 0 W g u 93 E I I Y Q Q Q g g h h B B C C C G E E E I I I Y S 4 R B q N B q 3 V a r 3 c x y G E E E I I I Y Q Q Q g g h h B B C C C G E E O I S W a 1 W t F q t 9 n I f h x B C C C G E E E I I I Y Q Q Q g g h h B B C i H Y g M 4 C F E E I I I Y Q Q Q g g h h B B C C C G E E O J 3 Q q v T 6 S 73 M Q g h h B B C C C G E E E I I I Y Q Q Q g g h h L h E G o 0 G r a I o l / s 4 h B B C C C G E E E I I I Y Q Q Q g g h h B B C t A N Z A F g I I Y Q Q Q g g h h B B C C C G E E E I I I X 4 n p A N Y C C G E E E I I I Y Q Q Q g g h h B B C C C F + B x R F k Q 5 g I Y Q Q Q g g h h B B C C C G E E E I I I Y T 4 v Z A O Y C G E E E I I I Y Q Q Q g g h h B B C C C G E + B 3 Q a D R o F U W 53 M c h h B B C C C G E E E I I I Y Q Q Q g g h h B C i H c g M Y C G E E E I I I Y Q Q Q g g h h B B C C C G E + J 3 Q a j S a y 30 M Q g g h h B B C C C G E E E I I I Y Q Q Q g g h L p G E g B Z C C C G E E E I I I Y Q Q Q g g h h B B C i N 8 J i 8 U i I a C F E E I I I Y Q Q Q g g h h B B C C C G E E O L 3 Q K v V S g h o I Y Q Q Q g g h h B B C C C G E E E I I I Y T 4 P V A U R W Y A C y G E E E I I I Y Q Q Q g g h h B B C C C H E 74 V 0 A A s h h B B C C C G E E E I I I Y Q Q Q g g h x O + E d A A L I Y Q Q Q g g h h B B C C C G E E E I I I c T v g E a j Q a s o y u U + D i G E E E I I I Y Q Q Q g g h h B B C C C G E E J d I U R S c L v d B C C G E u H R 19 R Z c X X S / y r Y t F o W q 2 g a s V g W 9 u 5 O 6 H 0 V R M F u s O D v 9 O v s V V w 5 F U W h o a M D F x e V y H 8 p F a W h o o L q 6 G g C 9 X v + b O / 7 / N R a L x V Y 4 d Z L i q W j q 10 o f k u 7E74 H Z b K a q q g o A T 0 9 P X F 1 d z / v Z + v p 6 a m p q 0 G q 1 e H l 5 o d P Z y n E W i 8 U 2 Q l z b t i B h i q J Q X V 2 N 2 W z G 2 d k Z L y + v N m 2 n P Z h M J m p r a w H w 8 f F R f 6 M Q Q g g h r g w W i 4 X q 6 m q s V u s F y y 5 C C C H a T l o 6 h B D i I q X l V v H 2 v 5 M d X n N 31 R H W 0 Z O I T n o G R g Y Q 6 O O K R q N p 1 / 0 q i o L F q u C k c 2 y Y 27 Q t g 79 + m E C / c F 9 W P z K c A B + 3 d t 1 v X r G B W 57 e S W G p k R f u G s z s s e H U N 1 i 4 / + U D b D 9 c w N K Z v X h g X l + c n H 7 f q w p s 2 b K F E y d O O L z m 4 e F B l y 5 d 6 N m z J 926 d c P d 3 b 3 d 96 s o C j k 5 O W z e v J n E x E T M Z j M P P v g g / f r 1 a / d 9 N a e k p I T n n n u O 0 t J S F i 9 e z H X X X f d f 2 W 97 O H 36 N M 8 //zwA99xzD6NGjbrMR3R+u3btYs+ePed9383Njfnz5xMcHHxR21UUBavVCnBFN4BnZmbywgsv0NDQwMMPP/xfS9//axRF4fvvv1fzsqioKMaPH9/uz6v2dqnpQ1EULBYLWq3WoXNL0t1/j9lsJikpif3793PmzBm0Wi3du3dn4MCB9OvX71d7fv4W8r/2kJmZyRNPPAHA7bffzvjx48/72YSEBF5++WU8PDx46qmnCA8PZ/fu3axevRovLy+eeuopQkNDL/oYLBYL//jHP0hJSaFr1668+OKLbf49lyomJoZNmzYB8PLLL9OpU6fLdixCiP89iqJQUVFBcnIyaWlppKamUllZSXh4ON27d1frjr/XwWcWi4VNmzaRnZ2NVqvlkUceadft7927l507dzq8ptPp8PHxITIykl69ehEcHNzmAU2/JUVFRbz//vsOrzk7OxMSEkJYWBg9e/YkODj4VyvrWywWoG3lrMLCQp599lkqKytZsmQJ119/fXsfnhBC/M/TarU4KYpyxTf6CCHElaSkso5vdmef9/3IMG+evmMQ1/QJbNf9rt18hu2H83nx7mvoGqJXX/8qLou6eisnMyrIOWto9w7gxuxPi7yiWrYfLgAg9nA+i6b2JMDn9z1iMz09nYSEhCav7927FycnJ/r168fSpUsJCAho1/2ePXuWf/zjHxQVFQH815/ZhYWFnD17FoC4uLjfVAfwb6l8k52d3Wz6snNzc2P69OkXvd38/Hw++OADQkJCWLRo0RXbEHL69GkqKysBOHLkiHTE/UoqKyvZvn07+fn5AJSWljJ8+PDLOlOvNS41faSkpLBhwwauvvpqZs2a1W7bFa1jsVhYt24dO3bsoK6uTn09IyOD2NhYoqKiWLZsWbunw99K/ne5KYpCbGwsiqJQVVXFnj17mDdv3uU+rHbzWyoLCCF+H44ePcqGDRvIzc11eD0/P5+9e/fi6urK4MGDWbx4MXq9/jxb+e2yWq2cPn2aM2fO/Crbz8jIOG+9KTY2Fj8/P5YsWcLgwYN/lf1fSWpra1usQwYEBHD99dczc+bMdn8elpWV8cEHH+Dm5saiRYvw8PBo87bkWS2EEL8Oq9WKk1arRdYBFkKItpk+uguRXXyoqK7j2JkyjqWWkZJTxZ/fjufzF8bi7dk+IWcVBb78OZO0vGqqDPUO7/1xRBhFZUbCgvWEBLS90H1+Gs4tjocGezK0XwdyiwwMjAzA29P5V9jvlcnZ2ZkRI0ag1+spLS0lMzOTwsJCjh07xtdff83tt9/ervs7deoURUVFuLi4cPvttzN69Oj/aiN2QEAA3bp1o6KigpEjR/7X9vu/SqvVEhUVhbe3t8Prbm5u+Pr6XvT2CgoKOHnyJA0NDVd0ea9Hjx4EBwdjtVoZMGDA5T6c362srCx1QAfYBnjk5OTQt2/fy3hUF3ap6ePEiRMkJyfj7+/frtsVrZOZmUlcXBx1dXUEBwerHe1paWnk5uai0+kuqdHwfH4r+d/lptFoiI6O5uzZs7i4uHDNNddc7kMSQojfJEVROHLkCC+99BJgK9eHhITg7++PXq+nsrKSwsJCysrKOH78OLW1tb/LDuD/Fq1Wy8iRI/H19cVoNJKdnU16ejrl5eW88cYbrFmz5n9qCaCgoCCGDRuG0WgkLy+P1NRUSktL+f777xk0aBDh4eHtur/S0lISEhIIDg7GbDa367aFEEK0Hyer1SojbYQQoo0mjwhjwtDOABhNZp5ee4QvYjPJKKhh7/EiJg2/+BB6zaky1JORX/2fvxzz7JsndWf80M54ujvh7fHfCSPl7KRlzeOjKK+qp4OfK866/53niIeHBzNnzlTDI+bl5fG3v/2NwsJCYmNjWbBgQbuG88rOts02DwoKIioq6r8+gykkJIRVq1ZhMpkIDGzfWe2iKRcXF2644Qa6d+/u8HrjUKYXIzU1tb0O7VfVo0cPnn76aaxWa5NOOtF+tm/fjsViURsba2pq2L1792+iA/hS0kdKSsqvsl3ROhkZGRiNRtzd3bnrrrvU9FZTU0Nubi7BwcG/Sojm30r+dyWYPHky0dHRODs74+vrKx3mQgjRBuXl5WzYsEH9e+bMmUyePBkfHx80Gg0Wi4WioiKOHz9OWFgYQUFBl/Fof/tcXV2ZOnUq3bp1A2zrv7/wwgucOnUKk8lEZmYmkZGRl/ko/3vCw8O59dZbAWhoaODHH3/kww8/pLq6mlOnTrV7B3BZWRkNDQ3tuk0hhBDtT2YACyHEJVCsVnXdExdnDZOGhfJFbCYAydlVTBoOOWcNfLMrm8OnS0hMr6BzBw+mjQpj1thwfL1sI1I//O4MO+ILmDYqjEG9Avjwu1TijhZw4/hu9Oriw3d7crD+J6t+bWMivl6uhHfSs3xWb77bk8OXO7II9nfnsQX98fO2hWLOOWvg67hsDp0qJudsDT27+vKHQcH8cUQYPnoXHnnjEEVlRgb1CuCB+b+EvXz8rXjyigwM7BXAg/PPHw7zybfjKa4wMTDSX/2cxWLl2JkyvtmVS0JKCWaLwsCe/twwLpwBPfzRajUUlRl54aPjWKzw8E392HeyiI3bMtAoCq8+NIyOAe7sSjjLF7GZJGVW0MHPncG9A5gzLpzwTl7otJe/s9na6Lq
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--a2de8830-f5b6-4083-96f7-d3e346c2633a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-05-11T15:02:55.000Z" ,
"modified" : "2022-05-11T15:02:55.000Z" ,
"first_observed" : "2022-05-11T15:02:55Z" ,
"last_observed" : "2022-05-11T15:02:55Z" ,
"number_observed" : 1 ,
"object_refs" : [
"url--a2de8830-f5b6-4083-96f7-d3e346c2633a"
] ,
"labels" : [
"misp:type=\"link\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "url" ,
"spec_version" : "2.1" ,
"id" : "url--a2de8830-f5b6-4083-96f7-d3e346c2633a" ,
"value" : "https://urlscan.io/result/ddce0ad0-1e2a-4c7d-ba74-12c0a33a72c8/"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--98f7b0f5-84aa-47cf-a092-6ded5bd596c6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-05-11T15:02:55.000Z" ,
"modified" : "2022-05-11T15:02:55.000Z" ,
"description" : "Submitted URL" ,
"pattern" : "[url:value = 'http://one.doesntexist.com/p/b2ba4' AND url:x_misp_host = 'one.doesntexist.com' AND url:x_misp_domain = 'one.doesntexist.com' AND url:x_misp_ip = '23.94.183.62']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-05-11T15:02:55Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"url\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--28bcffa1-e25b-43e9-9acd-d732c6456e93" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-05-11T15:03:45.000Z" ,
"modified" : "2022-05-11T15:03:45.000Z" ,
"description" : "Redirect 0" ,
"pattern" : "[url:value = 'https://one.doesntexist.com/p/b2ba4' AND url:x_misp_host = 'one.doesntexist.com' AND url:x_misp_domain = 'one.doesntexist.com' AND url:x_misp_ip = '23.94.183.62']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-05-11T15:03:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"url\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--dae82c40-86ac-4eb7-be71-594e6355f171" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-05-11T15:02:55.000Z" ,
"modified" : "2022-05-11T15:02:55.000Z" ,
"description" : "Last redirect (1)" ,
"pattern" : "[url:value = 'https://one.doesntexist.com/p/b2ba4/' AND url:x_misp_host = 'one.doesntexist.com' AND url:x_misp_domain = 'one.doesntexist.com' AND url:x_misp_ip = '23.94.183.62']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-05-11T15:02:55Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"url\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f506dd8d-6577-41a2-aee6-4dbd731ac45a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-05-11T15:02:56.000Z" ,
"modified" : "2022-05-11T15:02:56.000Z" ,
"description" : "Content received for the final redirect (before rendering)" ,
"pattern" : " [ f i l e : h a s h e s . M D 5 = ' 98 a 92 a b a b 85921 a 86 f a 8 f 357 f 5 c 2 c 4e1 ' A N D f i l e : h a s h e s . S H A 1 = ' 90 b d c 8691282 c 1 e a 1 c d b 75 e f 6 c 108e0 e 35 a e 8900 ' A N D f i l e : h a s h e s . S H A 256 = ' 77 f 737 b a 3 a 583162386 e f 0 d f b 658552728 c 313 f b 0 3 f 6459778513e2 b 8 a 0 8 e f 0 2 ' A N D f i l e : h a s h e s . S H A 512 = ' 2897386 e f 7 f c 4 f 647 b 79 f 2248092112 d b f f f 2 d f 33975 a 7 c c e 442e3510 f e 0 f b 26 c 274717 a a e 31878 c b 467 e a c 39244 f 0 43 c 73 d 4 e c 4e907 c 5e6 e 11 c 9926 e c a 8e2 c b ' A N D f i l e : h a s h e s . S S D E E P = ' 192 : K e z B X J C d z k N f N j z r L 9 t 4 S f j x O Z x J Z D I 4 S m 85 S H Z p B u k 45 X 4 N Y 47 L Y M g y g K n K s j : K e 9 J C O N l j 7 P j r Y Z / Z U j / 54 Z //uBqLZvz' AND file:name = 'b2ba4' AND file:size = '9290' AND (file:content_ref.payload_bin = 'UEsDBBQACQAIAFx4q1T0YxHCOQoAAEokAAAgABwAOThhOTJhYmFiODU5MjFhODZmYThmMzU3ZjVjMmM0ZTFVVAkAAyDQe2Ig0HtidXgLAAEEIQAAAAQhAAAAbvOiSyfbWpWJiH34n3xMOaVtHdNuFTdPUT5aTxnfN8WKIc8emP6FADaf2n+dK1BtTNRWArYnFsvusLROJyfUXNjyhsirTmmVPZHE88t03s6cU9Il359Vx6xhHgP86rZ+oDsVApMYehe1fBEp92C0ESBAbDU/lGsRKpKrPdvBVdhVqVzAustqhN1A2LkmqX0uo+5YQ6u6d1snuiPi43FLWRfgBujX/JASzFTfgRIYG1LfhQyq26y5AlgIugn3fygZwPCbEKX+0cQDaT/ATum9aGSlc/s9B1WF5jiCBU5o7Tf05oaQolsUD8pqzfUZONcJ5tMtMNVAYcHQl/g+5LYS/nYZwHxA5YKW/BW4tFSjVCH1lGEeXiLjE6HtZTbQrOhd5sPG+FZ4F9Bp3y4IfoczQE48J4SBeWxRlKyoIas/dABlGbRQo94Qxz5OogZhIk9lWENLsFQ7wpSnMY25iGov7TweTtKwz+uBVOWo+PPQGYN4GXejWoJz0+bLNXlUw1XgOnNCCatxR2xTrTReDzsntRlavVl6b/3Ha2BQOKaBxLv5ZM+aB7+OfwA6QXAKK792/Sn2mZp/e4WH9LWlZ7d56BssOsiomHil61lw3zLJbCf4rpy2eFvN0oUIvhvb0/zN3bpAgqkDcTXOmR/iOcTBA8aRVJYYLlSwxDcDr6IcZw5WmULa4ZU40zpUQbeJ1qcYnxXGlNLJP9Orsou/S8klb72Zgcrqqgj54oNydx55X0CdJtbcal6m7KzspbDa1OHyx1eeohiCvRK9PWM4KxKuZVhDdyYbTN+CxaMQB+sEbOnTnxbSH4XtgBi3gm7iEl3ttiGmm2Cfo/xJFHqzXB3MeN468iBwZbKY9JbOLFoh3KRAeBK6WWAu9mL7yK3tHHnhBhPVxW/lgTvGf5kRq4I4fRLN9QS+whXE+VDjqKpl9tF5fFeKOlnerYNS0kiVetaHXdyGZJxFqqtRlxFJY4EXn9AlkyuHCOnv6JVaVypx0py/1XnXIaqjjGa1ieQ7J7SP6WKZBdmiBj0yG8c4MPlvvIifYHZUz+7xfalbJ7KQ7InntO9njkst1LW0qpMn2meR0kD8oECAQ+8XTJBqwPA+vx0cnzz7ygTDAsslW6ATcwBPOH0JqZmkZ/ytoxBpK6R59K2DUuVqkN3zGikaGEOfOwfenMIdGBKzppr6b7iFm+8W/R0yiczX5r0nlLRXEL0rekK2z5Gv5WNG/uvNqgrYEj7JmLM1M4P4WsuQDPosbJHXh8UHGxJlpjRDKPURoMML3E/k+5E+Ye/VCwohCnvVeaam30dH7fqkkujksNdodgCX0sePk+7Ut2YPdgpR/G7z10XS38kABtylGLTn3cSq2t2ILPJ08mA4KGBPkC9RlXAoctvk+7jMJiZ24dVKLHYkwT6qWhupxjpTJNIgafGMaMHKoibFuHXp6KcxgnqUiXJfrE/aJTHrm5jp94898FeXyNxNDXLVX6Pzk8Ejzw8EGLIR2NYz+NSSd7ntDElW5LTZfIVU76gb4C67OrYO9x1IVfx8bKcSZl8yrYha3kR2J4YQSvwcw5kfwaruqX1qhe1Vy0eLcg5Q5GMvK24ej6J2Nuj/jyY6B7rd92HgGaxPrpLD2KjYdBr9cvl7yrPRbWLSsVWnEl8TDC5Dpr9sMYhJFCH2sXg6ivYm/XuYqoqWb4Qhu3jJZrypGBDAfVR+6esl97VPF7N2PuKbCEeS4JG/ZqLUAz0KoRct3PbQDgB2seLGZgfDbvsAyM7zcbiAGawymg4RahwOIYPygG9MmnkW01O22B/W+LkM9hdwlE8l+CMKdd1H6ehC+j/8MjS3+478B7RY34YfBenreAfey+yTfS8lpxn8T4dyTYRg5f0MudyPtf4wg7VKNuNh8weyJSX7fIw4z8AWkesHM0c93CqHGoPvIB1zVP0XCRtaMnqNlyBCca64y13LJIfNWVn9+aN+NNrYGQsSWbr3SuFZ18wclYGU5nXdqQcza3GUfWbg4AkKDr5+XQ3wafAnvs59UQuCSYzyDh61BRga83oL6XNyVpY8lSNZt+2GGEayWyIwVydm9mYJ6z1QgLNcld54ZxrzKTeSJRTBsdFdeez7IpsBxzr/fZibnRYj5HRm65X3xEBD6fcMg1q9uqYVOFh6EytkWuIcKnEob2PuzL6vQqyQVw0+j2hln2NP1NDr1DN0fPhaiOx3v+vhKb/Nrud0Z0cDWGgmbC7dPPbXWJmgn+KJDrjPm48pn6dZyGm9H8+694tBCDvhMOtJ3kUtVXE3hOVRcZnwvYL/JDV/WcsGwdkz0naUHxa7WeEikxItUFARsROVCnKr5wjQmxRmhxShUtfLyWzo3efuB1zaumYK6KizydCKjiiKVLP6vSnjR7f90PmnCdmRzZhr7DnQkj+Fl7MXEvEYwkZeYRAzA4cLsXU3BmLJIDB0ywsJ+Pak0Oq77dassiLM/d3z+bKgZHBsq7GnDN9z2hGflElDuyM/LhDaaQpcAgJ6nJGGT2duyNmOTUL9Z/vfByMjHSocJpHiz9HGkkUzoAyg8WjlsNr9fRBMrKIU9KX3eZIwlGDqpnWtsuym5uMpfGkMGneMgwqF34j14+/Kxmyk4uyop3x436qfadm2u4Gh1FvoHF4Bv1glfHWWsTQyeyyoAUeEwXlQZ7Apag/U6nr5CnB2TEixq5FdUV1iMvhL/XyAa2DOwoE9YGNMaLXvOh21RmO9iIRAj9pc4JYCSR66fB91gUsWKqvK1MW05UyNVXdF7sQ+Zp3+SSHTAmJD8WSjit3Q70zQYA/SVV5gvQLa7UpDPr69Ky7m0zxEUicXFzIfvZZkCnuGLZY8uOVZEj3uyIVu9PCd23U4hV92Q7MQZy2xudf5SpQNfV3MmEtnbZjjPYXgW500kWMaA6xlwRowK01tG2QWS0toP4Xcvb1+5iln8+Jd1CAbRoROwemRl5O4/18LQMPGYJtnDkB/ZvXWIodSEhemiGKPCv52vuIYClM8cT1LqjtNrGQpy47CAcmKtKa+YwSRirmzT/ATNCqL7zH9rBXP2Co17XSI9YwnRsmQtN0ICsyyXJNh7drMsG1YWxhlxrIpkVnpxBt6KJACkxc4S+3XOyzI0lGiTVk54KgOhqMwJpJVJ7HvQYH2ILpfWWZ4+IAHY+X9G0pg1VcHbNignT1L/X8iIWJ05tpxTRxZHtv3SVXXzS3sZBb483H1Af9PYV/98DZk0fAeOK0v9PfJqxLY/ThwnaId8sUp2V5MmvvxN7091a0kEOwEG2wisdhJytPCACsI/OxYSuR44ddvinfa1a8uxSxOepqhJCm7ReKGuEOT1V7XA88suGY3K9WL8uqG67u+MnSLmQECWWaiclIOoo3h
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-05-11T15:02:56Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--b939f553-12b7-43f9-ba4d-40944a3be7db" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-05-11T15:02:56.000Z" ,
"modified" : "2022-05-11T15:02:56.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "first-submission" ,
"value" : "2022-05-09T19:30:18+00:00" ,
"category" : "Other" ,
"uuid" : "8ecf709d-20b1-445e-9920-2660248dbf9a"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2022-05-10T19:29:58+00:00" ,
"category" : "Other" ,
"uuid" : "b05965d3-7d8f-488c-9c55-634a7b3d227d"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/gui/url/47f13043816a6cfbb2ab068795b6878b2ba8d68b2aa5957111b3d0e621fe9c87/detection" ,
"category" : "External analysis" ,
"uuid" : "0ec536b6-8c4e-419b-8918-0ab1dbc718a0"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--a530c278-985f-4406-8446-a586d13a5247" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-05-11T15:02:56.000Z" ,
"modified" : "2022-05-11T15:02:56.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "first-submission" ,
"value" : "2022-05-09T19:35:33+00:00" ,
"category" : "Other" ,
"uuid" : "516beefa-4029-4d75-b0bc-4ecd90e7a273"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2022-05-10T05:47:56+00:00" ,
"category" : "Other" ,
"uuid" : "70442475-94b6-44dd-b314-00e7f07418f7"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/gui/url/e59d879dcb5d59424d6926ddd0039a7951eb2d9ff86abcfe8c476e237f67bdfc/detection" ,
"category" : "External analysis" ,
"uuid" : "7e467f5c-7379-41da-867e-6a4c9d534e41"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--96251147-2609-46da-9a12-8e59b27a5d03" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-05-11T15:02:56.000Z" ,
"modified" : "2022-05-11T15:02:56.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "first-submission" ,
"value" : "2022-05-10T05:34:49+00:00" ,
"category" : "Other" ,
"uuid" : "d939826f-ed39-40b0-8572-9e23a24c85b1"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2022-05-10T05:34:49+00:00" ,
"category" : "Other" ,
"uuid" : "b304e6d4-85a6-4f22-94ee-aec5604fe63e"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/gui/url/93fec846863a31fa02a8ffc799a292675774cf33d43b897adc7615b4bbadb210/detection" ,
"category" : "External analysis" ,
"uuid" : "db7c52db-36cb-4aa3-948a-5161312222b1"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--1c71f789-a9d6-4c3c-88bf-311d662d69b8" ,
2023-06-14 17:31:25 +00:00
"created" : "2022-05-11T15:02:56.000Z" ,
"modified" : "2022-05-11T15:02:56.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "redirects-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--98f7b0f5-84aa-47cf-a092-6ded5bd596c6" ,
"target_ref" : "indicator--28bcffa1-e25b-43e9-9acd-d732c6456e93"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--ef5c4fb2-cb63-47a3-ab8e-a5984f61b445" ,
2023-06-14 17:31:25 +00:00
"created" : "2022-05-11T15:02:56.000Z" ,
"modified" : "2022-05-11T15:02:56.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "captured-by" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--98f7b0f5-84aa-47cf-a092-6ded5bd596c6" ,
"target_ref" : "observed-data--70dddd06-dead-43c6-bdf2-6da2fa0538af"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--8b89844e-5299-4733-9933-a22c5016cac5" ,
2023-06-14 17:31:25 +00:00
"created" : "2022-05-11T15:02:56.000Z" ,
"modified" : "2022-05-11T15:02:56.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--98f7b0f5-84aa-47cf-a092-6ded5bd596c6" ,
"target_ref" : "x-misp-object--b939f553-12b7-43f9-ba4d-40944a3be7db"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--c996d772-97d2-4f50-9dcd-97789277bfab" ,
2023-06-14 17:31:25 +00:00
"created" : "2022-05-11T15:02:56.000Z" ,
"modified" : "2022-05-11T15:02:56.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "redirects-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--28bcffa1-e25b-43e9-9acd-d732c6456e93" ,
"target_ref" : "indicator--dae82c40-86ac-4eb7-be71-594e6355f171"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--aa0a779a-5f7c-440b-907b-9a7ec63e52a0" ,
2023-06-14 17:31:25 +00:00
"created" : "2022-05-11T15:02:56.000Z" ,
"modified" : "2022-05-11T15:02:56.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--28bcffa1-e25b-43e9-9acd-d732c6456e93" ,
"target_ref" : "x-misp-object--a530c278-985f-4406-8446-a586d13a5247"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--ac9ddb5a-23f2-4173-a512-ed08ae104c89" ,
2023-06-14 17:31:25 +00:00
"created" : "2022-05-11T15:02:56.000Z" ,
"modified" : "2022-05-11T15:02:56.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--dae82c40-86ac-4eb7-be71-594e6355f171" ,
"target_ref" : "x-misp-object--96251147-2609-46da-9a12-8e59b27a5d03"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--3e1e9261-844d-4762-b8b8-5dfb3d73e011" ,
2023-06-14 17:31:25 +00:00
"created" : "2022-05-11T15:02:56.000Z" ,
"modified" : "2022-05-11T15:02:56.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "loaded-by" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--f506dd8d-6577-41a2-aee6-4dbd731ac45a" ,
"target_ref" : "indicator--dae82c40-86ac-4eb7-be71-594e6355f171"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-12-14 13:47:04 +00:00
"id" : "relationship--8a859f05-d66a-494e-86e6-f9f644f4abcf" ,
2023-06-14 17:31:25 +00:00
"created" : "2022-05-11T15:02:56.000Z" ,
"modified" : "2022-05-11T15:02:56.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "rendered-as" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--f506dd8d-6577-41a2-aee6-4dbd731ac45a" ,
"target_ref" : "observed-data--f84d9326-0fc4-4010-b604-e0d13e6667d1"
} ,
{
"type" : "marking-definition" ,
"spec_version" : "2.1" ,
"id" : "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ,
"created" : "2017-01-20T00:00:00.000Z" ,
"definition_type" : "tlp" ,
"name" : "TLP:WHITE" ,
"definition" : {
"tlp" : "white"
}
}
2023-04-21 13:25:09 +00:00
]
}