misp-circl-feed/feeds/circl/stix-2.1/5c5201f6-e414-4dc2-be61-4f4502de0b81.json

399 lines
282 KiB
JSON
Raw Normal View History

2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--5c5201f6-e414-4dc2-be61-4f4502de0b81",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:03:39.000Z",
"modified": "2019-01-30T20:03:39.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5c5201f6-e414-4dc2-be61-4f4502de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:03:39.000Z",
"modified": "2019-01-30T20:03:39.000Z",
"name": "OSINT - Cisco Job Posting Targets Korean Candidates",
"published": "2019-01-30T20:05:21Z",
"object_refs": [
"observed-data--5c520202-8d5c-44ca-8470-40ce02de0b81",
"url--5c520202-8d5c-44ca-8470-40ce02de0b81",
"x-misp-attribute--5c520214-741c-4008-8f48-e23902de0b81",
"observed-data--5c520233-b77c-4045-b967-4abc02de0b81",
"domain-name--5c520233-b77c-4045-b967-4abc02de0b81",
"indicator--5c520245-4460-41ab-b89e-405b02de0b81",
"indicator--5c520257-fdd4-4c61-8b0f-445902de0b81",
"observed-data--5c52027a-a0a8-492d-8ed5-43ee02de0b81",
"domain-name--5c52027a-a0a8-492d-8ed5-43ee02de0b81",
"observed-data--5c52027a-b1b0-45dd-8c9c-4ac702de0b81",
"domain-name--5c52027a-b1b0-45dd-8c9c-4ac702de0b81",
"observed-data--5c5202d0-e2fc-4be4-bf46-406f02de0b81",
"file--5c5202d0-e2fc-4be4-bf46-406f02de0b81",
"artifact--5c5202d0-e2fc-4be4-bf46-406f02de0b81",
"indicator--db2f6f9a-9fd2-4815-ab19-3e80b630afee",
"x-misp-object--83ffea5f-5ac1-4359-a694-73fe84275425",
"indicator--30e63e4f-a33b-4e63-85a6-37485fb077a2",
"x-misp-object--4dcb8302-c888-44dc-bb62-d35f09261019",
"relationship--bc743a0d-1c97-4ac7-b557-59c91e1820a1",
"relationship--cd559d63-2da3-45ed-a8f2-f995215a11a4"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5c520202-8d5c-44ca-8470-40ce02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T19:58:58.000Z",
"modified": "2019-01-30T19:58:58.000Z",
"first_observed": "2019-01-30T19:58:58Z",
"last_observed": "2019-01-30T19:58:58Z",
"number_observed": 1,
"object_refs": [
"url--5c520202-8d5c-44ca-8470-40ce02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5c520202-8d5c-44ca-8470-40ce02de0b81",
"value": "https://blog.talosintelligence.com/2019/01/fake-korean-job-posting.html"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5c520214-741c-4008-8f48-e23902de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T19:59:16.000Z",
"modified": "2019-01-30T19:59:16.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "Cisco Talos recently observed a targeted malware campaign being leveraged in an attempt to compromise specific organizations. The infection vector associated with this campaign was a Microsoft Word document that was disguised as a job posting for Cisco Korea, and leveraged legitimate content available as part of job postings on various websites. EST Security also described this campaign in a blog post this week. This malicious Office document appears to have been the initial portion of what was designed to be a multi-stage infection process. \r\n\r\nDuring our analysis of this campaign, we located additional samples that we believe are linked to multiple previous campaigns associated with the same threat actor. Each of the campaigns leveraged malicious documents and initial stage payloads that all featured similar tactics, techniques, and procedures (TTP). Due to the targeted nature of this campaign, the lack of widespread indicator of compromise data, and the apparent nature of the targeting, this appears to be associated with a sophisticated attacker. This sort of attack has become more common as threat actors continue to target users to gain an initial foothold in environments. Organizations are encouraged to employ a defense-in-depth approach to security and disallow the execution of macros where possible."
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5c520233-b77c-4045-b967-4abc02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:01:17.000Z",
"modified": "2019-01-30T20:01:17.000Z",
"first_observed": "2019-01-30T20:01:17Z",
"last_observed": "2019-01-30T20:01:17Z",
"number_observed": 1,
"object_refs": [
"domain-name--5c520233-b77c-4045-b967-4abc02de0b81"
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--5c520233-b77c-4045-b967-4abc02de0b81",
"value": "ilovesvc.com"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c520245-4460-41ab-b89e-405b02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:00:05.000Z",
"modified": "2019-01-30T20:00:05.000Z",
"description": "the Office document",
"pattern": "[file:hashes.SHA256 = 'bf27c1631ef64c1e75676375a85d48f8ae97e1ea9a5f67c2beefc02c609fc18b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-01-30T20:00:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c520257-fdd4-4c61-8b0f-445902de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:00:23.000Z",
"modified": "2019-01-30T20:00:23.000Z",
"description": "PE32",
"pattern": "[file:hashes.SHA256 = '1497ab6ddccf91ef7f2cd75ce020bb3bf39979210351deaa6e0025997ddfda5a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-01-30T20:00:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5c52027a-a0a8-492d-8ed5-43ee02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:00:58.000Z",
"modified": "2019-01-30T20:00:58.000Z",
"first_observed": "2019-01-30T20:00:58Z",
"last_observed": "2019-01-30T20:00:58Z",
"number_observed": 1,
"object_refs": [
"domain-name--5c52027a-a0a8-492d-8ed5-43ee02de0b81"
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--5c52027a-a0a8-492d-8ed5-43ee02de0b81",
"value": "www.secuvision.co.kr"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5c52027a-b1b0-45dd-8c9c-4ac702de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:00:58.000Z",
"modified": "2019-01-30T20:00:58.000Z",
"first_observed": "2019-01-30T20:00:58Z",
"last_observed": "2019-01-30T20:00:58Z",
"number_observed": 1,
"object_refs": [
"domain-name--5c52027a-b1b0-45dd-8c9c-4ac702de0b81"
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--5c52027a-b1b0-45dd-8c9c-4ac702de0b81",
"value": "www.syadplus.com"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5c5202d0-e2fc-4be4-bf46-406f02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:02:24.000Z",
"modified": "2019-01-30T20:02:24.000Z",
"first_observed": "2019-01-30T20:02:24Z",
"last_observed": "2019-01-30T20:02:24Z",
"number_observed": 1,
"object_refs": [
"file--5c5202d0-e2fc-4be4-bf46-406f02de0b81",
"artifact--5c5202d0-e2fc-4be4-bf46-406f02de0b81"
],
"labels": [
"misp:type=\"attachment\"",
"misp:category=\"Payload delivery\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--5c5202d0-e2fc-4be4-bf46-406f02de0b81",
"name": "image11.jpg",
"content_ref": "artifact--5c5202d0-e2fc-4be4-bf46-406f02de0b81"
},
{
"type": "artifact",
"spec_version": "2.1",
"id": "artifact--5c5202d0-e2fc-4be4-bf46-406f02de0b81",
"payload_bin": "/9j/4AAQSkZJRgABAQAAAQABAAD/4QBgRXhpZgAASUkqAAgAAAACADEBAgAHAAAAJgAAAGmHBAABAAAALgAAAAAAAABHb29nbGUAAAMAAJAHAAQAAAAwMjIwAqAEAAEAAABABgAAA6AEAAEAAAB9BAAAAAAAAP/bAIQAAwICCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICggICAgJCQkICAsNCggNCAgJCAEDBAQGBQYIBgYICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI/8AAEQgEfQZAAwEiAAIRAQMRAf/EAB0AAQABBQEBAQAAAAAAAAAAAAAGAQIEBQcICQP/xABoEAABBAECAwMFCA4IAgYGARUBAAIDBAUREgYTIQcUMQgVIkFRFhgzU5GS0dMjJDI0UlRhcXKBk5Sy8AlCVXOVsbPUocEXJTVDdNImYnW0wuE2RYKEo7XxJ0RWY3aDojeW5BlGZGXE/8QAGwEBAAIDAQEAAAAAAAAAAAAAAAEDAgQFBgf/xABEEQEAAQIBCQQIBAQFAwQDAAAAAQIRAwQSExUhMVFSkhZB0eEFU2FxkaGi0gYiMoEUQmKTM7HB4vBDcoIHI1SyNETC/9oADAMBAAIRAxEAPwD6nWLAaCSdAFoZ+NYWkgkjTp4KvGsxbCSFIAEEa93sHtT3ewe1SVEEa93sHtT3ewe1SVNUEa93sHtT3ewe1SUKuiCM+72D2p7vYPapKii4jXu9g9qe72D2qSopEa93sHtT3ewe1SbRNEEZ93sHtT3ewe1SbRNEEZ93sHtT3ewe1SbRNEEZ93sHtT3ewe1SbRNEEZ93sHtT3ewe1SbRNEEZ93sHtT3ewe1SVFFxGvd7B7U93sHtUm0TRSIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaIIz7vYPanu9g9qk2iaII9BxtC46An9S3tawHDUHUFXlaHgucuiBJ1/wDvlB+PHnwB/UpISo3x58Af1KRuUSLXPWmv8bU4vhbdaP8ATmjb/E4Lw35bXHOUZmTUo2LbGCoyYx1ZJQegeZHlsZHotaNXH1DReWMvjsnMRzmXZSYuf9kEzyYdu/nekCeXs9IuPo+HVenyX0JpqKMSrFinPi8R3uHj+kpoqqopombd/c+zWMzMUzBJDJHNGdQHxObI0kHQ6OaSDofHr0WYCvA/kpYihNjqkMpz7ZpJXs305cjDSaS9wBD4HNgZ/wCsflXpnsOhdDbzFLmzSw1J67YTYlfPK0SQcxwdLIS53UjTUrlZRkeiqri8zm8YteLxGzb7W/g5RnxTNt/B2BquVrVcubE3huvzL1XmLyzwBin5HO5qCxbuiKvI0wshtzwtZuc4dAx7fUNPALrn/QTW/G8p/iVv61bWLgU4U2qr7ondxi6+qiKd8913Sd6vaV5U7Y8I/GZLBsrXL+yzaLZmy3LEzXNbJBtG17yOu9w9nUr1U1Y4mDmU01XvFcTMftNmNdGbETe91yoSqrX57MtrxPlfrtYNTp4/mVCpnEqoK83RdpBntiWeeaGEaERxF3UeIBDXDqfzeC6rR7ZaD9GiRw9Wr2lvyl3rQT1Fj1bjZAHMcHNPgQQQVkICIiAqEoVDu1LtEjxlSSy8bi3oxg8Xu9QH5fX6/BZ0UTXVFNMXmWFVUUxeUuc5U3rhXZzeys9a/fuu5bJqr3VoW6gx7WvcH69PSI066A9F5b4czOWd3WeXJXYa09h0TZufNK1j2vYDuZvYCz0vAuC6eD6PnFmuNJTGZ79vsj2ubiZfFGbObVaqfZs9s7X0d1VVq+HtRBCC/mkRR6yabeYdjfT01O3d46a+tbMFcqdk29tnUibxdVEVFCVUREBERAREQEREBERAREQEREBERARUK0HEfHlKmWi3br1i/UsE8scW7Tx27yNdPyIJAi1+Dz0NmMTV5Y5ona7ZInNex2njo5pIKzXv06/zogvRRB/azjBHzjkKYi5nJ5hsRbOaBuMe7dpvDRqW+K2mF4yq2YnTV7MM8TN26SKRj2N2jV2rmu0Gn5fBBu0WowHFFe0zm1Z4rEe4t5kMjZGbhpq3c0kajXTTVW4ji6rYfLFBYhmkgcWTMjka98TgS3bI1p1a4EEEEepBuUUcxPaHRnmdXhuVpZ2bt0MczHyt2fdaxtduG316hLHaHQZYFR12s20SAK5njExJGoHLLt2ugPQBBI0VmqxaWXikdI2ORj3RO2SBrgSx+gIa8Dq0kEHr6igzUWBFl4zK6ASMMzWCR0W4F4Y46BxaDuDT4AkLOQVRYNnLxskjidIxskgcY4y4B7wzQvLWnqQwEEkJBl43vkibIx0kW3mMBBczeNW72jq3cBqNfEdUGcitcVgVs3E90rWSsc6E7ZmhzSYnFu8NkAPonaQ7r6kGxRRGXtYxjY+c7I0xFvMRkNmIM5jdSWbi4DcB1LfFSTGZKOaNksT2yRyNDmSMIcx7T4FrhqCD7UGUiwbOWjZJHE6RjZJt3KY5wD5Njdz9jToXbW9Tp4K
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--db2f6f9a-9fd2-4815-ab19-3e80b630afee",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:03:38.000Z",
"modified": "2019-01-30T20:03:38.000Z",
"pattern": "[file:hashes.MD5 = 'c067345667eded99610e51042a14081a' AND file:hashes.SHA1 = 'ea9bd89535c250c7bb7d98d10971ca586a574c53' AND file:hashes.SHA256 = '1497ab6ddccf91ef7f2cd75ce020bb3bf39979210351deaa6e0025997ddfda5a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-01-30T20:03:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--83ffea5f-5ac1-4359-a694-73fe84275425",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:03:39.000Z",
"modified": "2019-01-30T20:03:39.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2017-07-03T03:11:00",
"category": "Other",
"uuid": "2f301aee-3a07-4315-a9fe-35f15b9d6423"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/1497ab6ddccf91ef7f2cd75ce020bb3bf39979210351deaa6e0025997ddfda5a/analysis/1499051460/",
"category": "External analysis",
"uuid": "e6031ce3-dc7d-4d15-a1ea-635e060a2f02"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "32/62",
"category": "Other",
"uuid": "36547772-c3a7-4c9a-a7ad-cf22d140afe5"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--30e63e4f-a33b-4e63-85a6-37485fb077a2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:03:39.000Z",
"modified": "2019-01-30T20:03:39.000Z",
"pattern": "[file:hashes.MD5 = 'fbd1cd15019c0dd6659a59bc93b8596f' AND file:hashes.SHA1 = '050dbe26683f5d39c8773da4a4b7d3dd28addc00' AND file:hashes.SHA256 = 'bf27c1631ef64c1e75676375a85d48f8ae97e1ea9a5f67c2beefc02c609fc18b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-01-30T20:03:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--4dcb8302-c888-44dc-bb62-d35f09261019",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-01-30T20:03:39.000Z",
"modified": "2019-01-30T20:03:39.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-01-30T10:52:43",
"category": "Other",
"uuid": "e27a0948-b861-4c5a-8bed-1e7733ad3f54"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/bf27c1631ef64c1e75676375a85d48f8ae97e1ea9a5f67c2beefc02c609fc18b/analysis/1548845563/",
"category": "External analysis",
"uuid": "61389d49-4a4d-4917-bbef-dce3db7cffae"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "34/58",
"category": "Other",
"uuid": "ae01b2c6-6e9f-4e1e-93e7-5fc722af7bcd"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--bc743a0d-1c97-4ac7-b557-59c91e1820a1",
"created": "2019-01-30T20:03:39.000Z",
"modified": "2019-01-30T20:03:39.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--db2f6f9a-9fd2-4815-ab19-3e80b630afee",
"target_ref": "x-misp-object--83ffea5f-5ac1-4359-a694-73fe84275425"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--cd559d63-2da3-45ed-a8f2-f995215a11a4",
"created": "2019-01-30T20:03:39.000Z",
"modified": "2019-01-30T20:03:39.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--30e63e4f-a33b-4e63-85a6-37485fb077a2",
"target_ref": "x-misp-object--4dcb8302-c888-44dc-bb62-d35f09261019"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}