adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/042a4478-fe19-4ed0-a309-b96da3542a95.json

4664 lines
245 KiB
JSON
Raw Normal View History

chg: [feed] added
2023-04-21 13:25:09 +00:00
{
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"Event": {
"analysis": "1",
"date": "2023-01-13",
"extends_uuid": "",
"info": "Analysis of FG-IR-22-398 \u2013 FortiOS - heap-based buffer overflow in SSLVPNd",
"publish_timestamp": "1673616101",
"published": true,
"threat_level_id": "1",
"timestamp": "1673616092",
"uuid": "042a4478-fe19-4ed0-a309-b96da3542a95",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#0088cc",
"local": "0",
"name": "misp-galaxy:sector=\"Government, Administration\"",
"relationship_type": "targets"
},
{
"colour": "#004646",
"local": "0",
"name": "type:OSINT",
"relationship_type": ""
},
{
"colour": "#0071c3",
"local": "0",
"name": "osint:lifetime=\"perpetual\"",
"relationship_type": ""
},
{
"colour": "#0087e8",
"local": "0",
"name": "osint:certainty=\"50\"",
"relationship_type": ""
},
{
"colour": "#ffffff",
"local": "0",
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#ffffff",
"local": "0",
"name": "tlp:clear",
"relationship_type": ""
},
{
"colour": "#0088cc",
"local": "0",
"name": "misp-galaxy:country=\"russia\"",
"relationship_type": "attributed-to"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "Hashes of post-exploitation implants",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673600368",
"to_ids": true,
"type": "md5",
"uuid": "23b95adf-c8dd-4835-b1e9-e23183d6bbba",
"value": "f68c3f72270800ea675889e82bb02fb8"
},
{
"category": "Payload delivery",
"comment": "Hashes of post-exploitation implants",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673600368",
"to_ids": true,
"type": "md5",
"uuid": "f15ce3fd-c07f-456f-b07f-4e4a3f822d6c",
"value": "e3f640d8785c0c864739529889b1863a"
},
{
"category": "Payload delivery",
"comment": "Hashes of post-exploitation implants",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673600368",
"to_ids": true,
"type": "md5",
"uuid": "2eb35a69-dbfb-42a6-8d8a-3e3e400de928",
"value": "08cbaafb176ce6118f7e4e0b2d2d77cf"
},
{
"category": "Payload delivery",
"comment": "Hashes of post-exploitation implants",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673600368",
"to_ids": true,
"type": "md5",
"uuid": "0d3771cb-5259-49e0-af8f-e106621d23d7",
"value": "bdc2d2f5d5246f8956711bcce9f456b6"
},
{
"category": "Payload delivery",
"comment": "Hashes of post-exploitation implants",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673600368",
"to_ids": true,
"type": "md5",
"uuid": "35236d47-2d7c-4789-a1b0-84f524b1ab52",
"value": "4548fa6625cb154ab320833186117393"
},
{
"category": "Payload delivery",
"comment": "Hashes of post-exploitation implants",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673600368",
"to_ids": true,
"type": "md5",
"uuid": "fcd50948-9e1b-4672-b01e-1fab338ae212",
"value": "e5d989b651b3eb351e10e408d5a062b3"
},
{
"category": "Payload delivery",
"comment": "Hashes of post-exploitation implants",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673600368",
"to_ids": true,
"type": "md5",
"uuid": "015d8a1c-fea6-46ac-a049-7ead9345cc3f",
"value": "3191cb2e06e9a30792309813793f78b6"
},
{
"category": "Payload delivery",
"comment": "Hashes of post-exploitation implants",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673600368",
"to_ids": true,
"type": "md5",
"uuid": "19dd0c3e-652f-464d-ad26-2ddf1e59ec73",
"value": "12e28c14bb7f7b9513a02e5857592ad7"
},
{
"category": "Payload delivery",
"comment": "Hashes of post-exploitation implants",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673600368",
"to_ids": true,
"type": "md5",
"uuid": "8a77b238-13e4-4489-9e4c-f95328677c03",
"value": "ae0839351721db5a9c269fd75dcb57ce"
},
{
"category": "Payload delivery",
"comment": "Hashes of post-exploitation implants",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673600368",
"to_ids": true,
"type": "md5",
"uuid": "18016fa2-0115-47ed-a944-02a80bb4322b",
"value": "856341349dd954d82b112ba9165c4563"
},
{
"category": "Network activity",
"comment": "Older Actor IP",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673601165",
"to_ids": true,
"type": "ip-dst",
"uuid": "740c6d33-5ed3-439e-9c85-42b8ad063c4c",
"value": "156.251.162.76"
},
{
"category": "Network activity",
"comment": "Older Actor IP",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673601173",
"to_ids": true,
"type": "ip-dst",
"uuid": "b24d7229-5422-4645-a761-cc9b1ee33dd7",
"value": "156.251.163.19"
},
{
"category": "Network activity",
"comment": "Older Actor IP",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673601142",
"to_ids": true,
"type": "ip-dst",
"uuid": "a12c722c-ed6e-4b7e-8bf6-d38f93715333",
"value": "156.251.163.122"
},
{
"category": "Network activity",
"comment": "Older Actor IP",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673601154",
"to_ids": true,
"type": "ip-dst",
"uuid": "a475e912-4841-400c-b468-7f07e1503d29",
"value": "156.251.162.111"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673601353",
"to_ids": true,
"type": "ip-dst",
"uuid": "83616717-5013-4ec0-a241-08e1d5f0f1fa",
"value": "139.180.184.197"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673601353",
"to_ids": true,
"type": "ip-dst",
"uuid": "ca47bd29-6c27-4060-9710-e094d20676f5",
"value": "66.42.91.32"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673601353",
"to_ids": true,
"type": "ip-dst",
"uuid": "109e3980-b70e-4fc2-9692-0937386098e4",
"value": "158.247.221.101"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673601353",
"to_ids": true,
"type": "ip-dst",
"uuid": "964fd5be-2ff8-4178-bc8d-8f9bec690395",
"value": "107.148.27.117"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673601353",
"to_ids": true,
"type": "ip-dst",
"uuid": "c9c5d50e-35c9-4602-8984-80a794dcee5d",
"value": "139.180.128.142"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673601353",
"to_ids": true,
"type": "ip-dst",
"uuid": "89a2bddc-dc5d-45c0-aac4-1e97fb5f9cee",
"value": "155.138.224.122"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673601353",
"to_ids": true,
"type": "ip-dst",
"uuid": "a525d45e-d512-4490-869f-a5a85dd75224",
"value": "185.174.136.20"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673601353",
"to_ids": true,
"type": "ip-dst",
"uuid": "f4452141-acfb-44a6-bec8-ad5093fc5eb3",
"value": "45.86.229.220"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673601353",
"to_ids": true,
"type": "ip-dst",
"uuid": "77971734-97ba-409b-a2e6-191837911cc1",
"value": "45.86.231.71"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673601353",
"to_ids": true,
"type": "ip-dst",
"uuid": "66b4b3d7-8f5f-4aa0-9d97-ff627526a059",
"value": "139.99.35.116"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673601353",
"to_ids": true,
"type": "ip-dst",
"uuid": "89c2666b-6fb6-402d-8856-9b8b8ddb213d",
"value": "139.99.37.119"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673601353",
"to_ids": true,
"type": "ip-dst",
"uuid": "c435d49f-a81b-430a-a50a-b7ed0433ca2e",
"value": "194.62.42.105"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673601353",
"to_ids": true,
"type": "ip-dst",
"uuid": "8e787e2c-9fd7-473d-a4a9-cd17976d950c",
"value": "185.250.149.32"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673601353",
"to_ids": true,
"type": "ip-dst",
"uuid": "d1584713-f07c-4901-b6d9-895c11ba496c",
"value": "137.175.30.138"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673601353",
"to_ids": true,
"type": "ip-dst",
"uuid": "c53e5c82-971b-459c-8ffd-df3b33fc902a",
"value": "146.70.157.133"
},
{
"category": "Network activity",
"comment": "By emulating the malware's execution, we found a unique string of bytes in its\u00a0communication with its command & control server\u00a0that can be used for an IPS signature.\u00a0 This string detects the TLS traffic by the TLS request header.\u00a0 The buffer \u201c\\x00\\x0C\\x08http/1.1\\x02h2\\x00\\x00\\x00\\x14\\x00\\x12\\x00\\x00\\x0Fwww.example.com\u201d (unescaped) should appear inside the \u201cClient Hello\u201d packet.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1673602117",
"to_ids": true,
"type": "pattern-in-traffic",
"uuid": "145f47e5-9a3e-4fd0-ae3a-8d2e1ee052fe",
"value": "\\x00\\x0C\\x08http/1.1\\x02h2\\x00\\x00\\x00\\x14\\x00\\x12\\x00\\x00\\x0Fwww.example.com"
}
],
"Object": [
{
"comment": "",
"deleted": false,
"description": "Metadata used to generate an executive level report",
"meta-category": "misc",
"name": "report",
"template_uuid": "70a68471-df22-4e3f-aa1a-5a3be19f82df",
"template_version": "7",
"timestamp": "1673600049",
"uuid": "e382ee4d-ca77-46bd-9029-7e0339bf620c",
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "link",
"timestamp": "1673600049",
"to_ids": false,
"type": "link",
"uuid": "c3e0cd2c-3772-4695-bb62-54d0af792a89",
"value": "https://www.fortinet.com/blog/psirt-blogs/analysis-of-fg-ir-22-398-fortios-heap-based-buffer-overflow-in-sslvpnd"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "summary",
"timestamp": "1673600049",
"to_ids": false,
"type": "text",
"uuid": "0c1a8b12-ac58-406a-9dd2-154fa18de957",
"value": "Fortinet has published CVSS: Critical advisory FG-IR-22-398 / CVE-2022-42475 on Dec 12, 2022. The following writeup details our initial investigation into this malware and additional IoCs identified during our ongoing analysis."
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "type",
"timestamp": "1673600049",
"to_ids": false,
"type": "text",
"uuid": "113aa6d6-bbbb-4fc5-adb5-5d7795772079",
"value": "Blog"
}
]
},
{
"comment": " FG-IR-22-398",
"deleted": false,
"description": "Vulnerability object describing a common vulnerability enumeration which can describe published, unpublished, under review or embargo vulnerability for software, equipments or hardware.",
"meta-category": "vulnerability",
"name": "vulnerability",
"template_uuid": "81650945-f186-437b-8945-9f31715d32da",
"template_version": "8",
"timestamp": "1673600270",
"uuid": "48f4d58c-85aa-4048-ac46-852d2ce4a23f",
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "id",
"timestamp": "1673600270",
"to_ids": false,
chg: [feed] added
2023-04-21 13:25:09 +00:00
"type": "vulnerability",
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"uuid": "3a3d21c2-1477-46a8-94ef-880069ba3369",
"value": "CVE-2022-42475"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1673600270",
"to_ids": false,
"type": "text",
"uuid": "bc386409-b9be-4c34-bdaf-9a4f7b9276b3",
"value": "Published"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "references",
"timestamp": "1673600270",
"to_ids": false,
"type": "link",
"uuid": "f130dde7-a57f-48e3-8b28-81e2626322e0",
"value": "https://www.fortiguard.com/psirt/FG-IR-22-398"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "references",
"timestamp": "1673600270",
"to_ids": false,
"type": "link",
"uuid": "f83ef5de-c7cb-4826-adaf-e486269f104a",
"value": "https://cvepremium.circl.lu/cve/CVE-2022-42475"
}
]
},
{
"comment": "CVE-2022-42475: Enriched via the cve_advanced module",
"deleted": false,
"description": "Vulnerability object describing a common vulnerability enumeration which can describe published, unpublished, under review or embargo vulnerability for software, equipments or hardware.",
"meta-category": "vulnerability",
"name": "vulnerability",
"template_uuid": "81650945-f186-437b-8945-9f31715d32da",
"template_version": "8",
"timestamp": "1673600281",
"uuid": "0dc13dec-e5ab-4c09-8811-41e9a45dbb9e",
"ObjectReference": [
{
"comment": "",
"object_uuid": "0dc13dec-e5ab-4c09-8811-41e9a45dbb9e",
"referenced_uuid": "48f4d58c-85aa-4048-ac46-852d2ce4a23f",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "related-to",
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"timestamp": "1673600283",
"uuid": "aa8d5dc7-e898-4bdd-835d-d2e7323b0294"
},
{
"comment": "",
"object_uuid": "0dc13dec-e5ab-4c09-8811-41e9a45dbb9e",
"referenced_uuid": "d7cc6b5e-f357-4962-8c46-d19ceb040746",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "weakened-by",
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"timestamp": "1673600283",
"uuid": "1db192b4-bb29-4654-b6ce-581fd38212ef"
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "id",
"timestamp": "1673600281",
"to_ids": false,
"type": "vulnerability",
"uuid": "c2b3593c-cd00-4db6-a5ca-0c2a4fbb2221",
"value": "CVE-2022-42475"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "summary",
"timestamp": "1673600281",
"to_ids": false,
"type": "text",
"uuid": "775d2144-7bba-45fa-9534-15ee73354567",
"value": "A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests."
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "modified",
"timestamp": "1673600281",
"to_ids": false,
"type": "datetime",
"uuid": "58531155-6069-4e60-87c1-bc7d3ee0dfc1",
"value": "2023-01-09T17:30:00+00:00"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "cvss-score",
"timestamp": "1673600281",
"to_ids": false,
"type": "float",
"uuid": "2732e0fa-3add-4d62-b881-7a1d522ac2a2",
"value": "9.8"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "cvss-string",
"timestamp": "1673600281",
"to_ids": false,
"type": "text",
"uuid": "e1b05686-1607-4439-af4c-f9be791a3f93",
"value": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "published",
"timestamp": "1673600281",
"to_ids": false,
"type": "datetime",
"uuid": "54d20b30-6cfb-4331-8d13-2786f764b25d",
"value": "2023-01-02T09:15:00+00:00"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1673600281",
"to_ids": false,
"type": "text",
"uuid": "9a6c2f7b-30ed-4873-bd48-9cce080aa6c0",
"value": "Published"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "64f5e9a6-60e3-4d26-9d14-d1d99f726f0d",
"value": "cpe:2.3:o:fortinet:fortios:5.6.0:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "fcd98c3a-763c-47b4-8e13-d7a37a13f6a2",
"value": "cpe:2.3:o:fortinet:fortios:5.6.1:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "6def9363-f93e-479b-8a01-0e02b6e485ab",
"value": "cpe:2.3:o:fortinet:fortios:5.6.2:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "0f39e2a7-2f6b-4c87-8d50-55ef29cef9fd",
"value": "cpe:2.3:o:fortinet:fortios:5.6.3:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "a4339f23-a1d6-43bf-8107-6b0e7bc99334",
"value": "cpe:2.3:o:fortinet:fortios:5.6.4:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "3f743563-3634-4c17-af90-fd1c511aa7d1",
"value": "cpe:2.3:o:fortinet:fortios:5.6.5:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "4e80e354-620e-46e4-9331-c39b2fe412b7",
"value": "cpe:2.3:o:fortinet:fortios:5.6.6:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "e40d7102-c974-403e-8aa5-a9c44af44ab3",
"value": "cpe:2.3:o:fortinet:fortios:5.6.7:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "96c1b2ac-a0f7-4e0b-92ff-616c5e9cf8a0",
"value": "cpe:2.3:o:fortinet:fortios:5.6.8:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "51788faf-ff9c-4f4d-ae38-ef8b36f99054",
"value": "cpe:2.3:o:fortinet:fortios:5.6.9:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "3ac7d221-77f3-4405-9087-ac08b1b6fa71",
"value": "cpe:2.3:o:fortinet:fortios:5.6.10:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "b8589936-cc57-4fa3-814c-bca9539ec82c",
"value": "cpe:2.3:o:fortinet:fortios:5.6.11:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "e1eb83b6-b77e-413e-844c-ae002d496306",
"value": "cpe:2.3:o:fortinet:fortios:5.6.12:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "4e5a3f4c-83ac-4ed4-8375-ca864a318a45",
"value": "cpe:2.3:o:fortinet:fortios:5.6.13:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "a88d2f5b-3fb4-4a41-8c0b-bf2488e4c83c",
"value": "cpe:2.3:o:fortinet:fortios:5.6.14:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "9eaa925c-08c0-425d-a89d-ad6e73331d1d",
"value": "cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "ad778f26-90ed-407f-a6f5-1a4191bca2ad",
"value": "cpe:2.3:o:fortinet:fortios:5.4.1:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "c261a4be-9b37-4e90-9be9-46f84c97ea22",
"value": "cpe:2.3:o:fortinet:fortios:5.4.2:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "870dd99b-55ca-483b-b63b-c3b7e0800169",
"value": "cpe:2.3:o:fortinet:fortios:5.4.3:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "069fcb8c-a93c-425c-a11b-9f92316e660d",
"value": "cpe:2.3:o:fortinet:fortios:5.4.4:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "825328d4-9092-4e29-951d-ace11aa53c5e",
"value": "cpe:2.3:o:fortinet:fortios:5.4.5:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "79c8fbae-74ac-4855-8dba-ec0637bf41ad",
"value": "cpe:2.3:o:fortinet:fortios:5.4.6:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "3f625e24-63c0-49ce-ba2b-2df67512e374",
"value": "cpe:2.3:o:fortinet:fortios:5.4.7:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "252bce05-5c47-4020-ac17-dd0c7e3e404b",
"value": "cpe:2.3:o:fortinet:fortios:5.4.8:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "2426af4a-6bbb-4c82-84d0-c42b2609d854",
"value": "cpe:2.3:o:fortinet:fortios:5.4.9:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "0b684e09-2442-41fc-a9ee-f2cab7561522",
"value": "cpe:2.3:o:fortinet:fortios:5.4.10:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "5631e86f-3332-4b6a-83a4-5bd03206bf30",
"value": "cpe:2.3:o:fortinet:fortios:5.4.11:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "180c0f76-a5c6-482a-ba25-41fa4c02a7c0",
"value": "cpe:2.3:o:fortinet:fortios:5.4.12:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "f922f02b-5bd3-4d6c-8b64-a49c23a819fc",
"value": "cpe:2.3:o:fortinet:fortios:5.4.13:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "076bfb70-25e6-4606-b883-12c0599a2f34",
"value": "cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "cc4725ad-2985-4ef8-8fd8-1d45d258db53",
"value": "cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "13e93fd5-d772-44e9-9899-d4d85e2f3a71",
"value": "cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "8d9dcd56-7eac-453a-a378-d79fb2ec1290",
"value": "cpe:2.3:o:fortinet:fortios:5.2.3:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "4e04aece-6de7-47e5-b645-8faf5a5b83da",
"value": "cpe:2.3:o:fortinet:fortios:5.2.4:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "c5a65e0a-38a9-4e42-8767-132ac357d3b7",
"value": "cpe:2.3:o:fortinet:fortios:5.2.5:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "17acff00-adde-4235-b7d8-f867203f957a",
"value": "cpe:2.3:o:fortinet:fortios:5.2.6:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "2c8bb54c-dee3-4173-ba87-c27c7296626b",
"value": "cpe:2.3:o:fortinet:fortios:5.2.7:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "0c5e9dc2-49c7-43ee-a9f4-46a0d1640e37",
"value": "cpe:2.3:o:fortinet:fortios:5.2.8:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "07b257c5-0d42-443d-802a-79785acd66cf",
"value": "cpe:2.3:o:fortinet:fortios:5.2.9:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "cefb39e4-d9d2-4eb2-8a89-821d1327446d",
"value": "cpe:2.3:o:fortinet:fortios:5.2.10:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "5b7e47ea-94d7-43bd-8b77-46320d06d453",
"value": "cpe:2.3:o:fortinet:fortios:5.2.11:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "995e7b7a-7da9-4ff7-9711-cbe912290df1",
"value": "cpe:2.3:o:fortinet:fortios:5.2.12:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "15ec6ef4-77d1-4a14-8d56-0a6009c13976",
"value": "cpe:2.3:o:fortinet:fortios:5.2.13:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "9a3b6e0f-aec8-48b8-a410-ef40ed538d91",
"value": "cpe:2.3:o:fortinet:fortios:5.2.14:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "606cdb71-8cf3-4467-8b87-85b2fc736f29",
"value": "cpe:2.3:o:fortinet:fortios:5.2.15:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "02d8da71-7de0-4dc6-b97d-feac0176fba1",
"value": "cpe:2.3:o:fortinet:fortios:5.0.0:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "d4bfef02-c697-4804-85fa-487de42e22fd",
"value": "cpe:2.3:o:fortinet:fortios:5.0.1:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "26f99d8b-b650-4cea-89db-06d5394f9f5c",
"value": "cpe:2.3:o:fortinet:fortios:5.0.2:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "0defe9a5-749f-4504-a800-e65ade09d680",
"value": "cpe:2.3:o:fortinet:fortios:5.0.3:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "18b5025e-3ccc-4d37-b0d1-6640816b228c",
"value": "cpe:2.3:o:fortinet:fortios:5.0.4:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "ca0116f1-a89c-4727-bf37-84f04885d998",
"value": "cpe:2.3:o:fortinet:fortios:5.0.5:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "138adc60-2508-4b28-8c9a-ba4806291fd3",
"value": "cpe:2.3:o:fortinet:fortios:5.0.6:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "df52d388-a403-4350-9c40-2d349a79915c",
"value": "cpe:2.3:o:fortinet:fortios:5.0.7:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "a5eadce7-b615-485c-9218-ea725102ccaa",
"value": "cpe:2.3:o:fortinet:fortios:5.0.8:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "91937ef4-51d6-4a28-b373-c0c6a2a0eb84",
"value": "cpe:2.3:o:fortinet:fortios:5.0.9:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "acfdd43a-103d-49e4-a2b4-b6681b017392",
"value": "cpe:2.3:o:fortinet:fortios:5.0.10:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "21302d27-6055-43c7-a497-f210ecd94f41",
"value": "cpe:2.3:o:fortinet:fortios:5.0.11:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "69fb4bff-d15a-4aeb-af44-d1f859ecbd78",
"value": "cpe:2.3:o:fortinet:fortios:5.0.12:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "355461b0-8fa4-4988-9ede-80ca2f0df469",
"value": "cpe:2.3:o:fortinet:fortios:5.0.13:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "8c103c35-5fa5-45e4-b4a3-5cd65d87a07e",
"value": "cpe:2.3:o:fortinet:fortios:5.0.14:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "dbd998f2-2524-4edb-b6d2-0e9dc9adac9f",
"value": "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "4d2cfedd-ff2d-4567-9abc-fea49f2159fc",
"value": "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "4b1f84f3-ab2f-4f6d-bb43-c29a1529f767",
"value": "cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "5acf096e-ac7d-4085-a301-77df33edcb99",
"value": "cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "ecbfba66-4b63-4562-8519-9f9687bae186",
"value": "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "ac989aa5-0621-4357-a740-eba7907264cb",
"value": "cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "75fc28e5-0451-4c35-b786-c1fcba54d417",
"value": "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "144fed1d-8286-41d4-be0b-f90f918ac232",
"value": "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "d7043c46-4c22-4d30-bc6c-d310693685e9",
"value": "cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "cb8bd114-cfd3-47c1-bd22-e0659079ad0f",
"value": "cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "d00cb653-942b-4661-b3bf-7f11d57fa5e5",
"value": "cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "22439560-269f-4aff-a9b8-b46af8326577",
"value": "cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "add4b49f-eae3-45a4-9651-bfb4923bc83a",
"value": "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "066940a2-3691-4158-a58f-c0dd5d6db2c7",
"value": "cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "c467a471-f0c1-4185-95a4-0ee99d3a7cb1",
"value": "cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "d0db61d0-eeec-4101-b872-19c883223264",
"value": "cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "9f8ffa35-0257-4d55-b61c-f2ff553efd83",
"value": "cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "57b2849c-642c-4f37-9a45-7f0a4a0e4d6d",
"value": "cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "dc1d9b4d-12f1-4754-9038-e668c4ef1475",
"value": "cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600281",
"to_ids": false,
"type": "cpe",
"uuid": "3257e86c-5404-486b-af5f-5d77d8c3908d",
"value": "cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "0f4fae53-ac18-45d8-b2f2-5f74aed7d78d",
"value": "cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "626cbe0b-1f2d-432b-9907-b7169693ed73",
"value": "cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "bca19489-834f-44f1-be3a-cd5d5e1da940",
"value": "cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "224837ff-ee79-4258-88d4-9db0ff32e052",
"value": "cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "099320ee-f5d2-489b-8f40-07de1d31020f",
"value": "cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "4821cefc-3013-45df-86d1-4955a7a81c47",
"value": "cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "5396b437-e70e-43c0-b831-e3c3e9304422",
"value": "cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "aac446a0-7958-4d22-9d58-c704e20e2c5a",
"value": "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "0d163e19-9a26-4e2e-96bb-aa4a4bc15bf7",
"value": "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "245104ca-fb46-4123-9052-b71171b56d4f",
"value": "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "84a4303c-f2a3-44a3-9de4-5dcb5668667e",
"value": "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "1012990f-e235-46c5-979b-c48d9e98ef11",
"value": "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "dc28519d-ac32-40da-9d0f-1fc18dd87adc",
"value": "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "bc155202-9f6e-4666-bc0b-c3f7d01faa65",
"value": "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "aee94d82-2717-4a67-9399-ea9ecd297b3e",
"value": "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "97ce8e99-e9df-4135-aa47-a849086b8dee",
"value": "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "6097aef6-58a6-42c1-9597-385499f67aa3",
"value": "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "8bc48ea5-726f-4ed9-9c43-93e8a1022cdd",
"value": "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "3e476077-4fbc-4118-9198-62edece0dd44",
"value": "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "4e42fe5d-c27e-406f-86bf-b3acb599ddff",
"value": "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "9e3e8e34-d7f8-4a7a-bd68-6b521b3d0c2b",
"value": "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "ec249522-0542-4cad-ad75-3949059f95c4",
"value": "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "d2ce3fd4-484e-448e-80a9-7ca31c1c0527",
"value": "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "4f12ef53-b917-4ef7-83d5-2d13088a48ea",
"value": "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "91cd4f9d-ea3b-46d1-92df-4c6af7af6a0f",
"value": "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "e0081cbb-61db-4e5d-93e3-e7beff95b857",
"value": "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "aa4de8bb-e7e7-4fdf-98d0-d08064b1a15b",
"value": "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "e5173c87-8402-4f91-a430-dc71174b8bdd",
"value": "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "8565f686-b441-460a-8632-fc6b36645921",
"value": "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "05d54afd-5c50-479b-985e-f110cf9bbc46",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "45cc1e90-3780-497f-8fde-3d661afc18fc",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.0.1:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "8ba0247b-64df-4398-a21e-d0c58e114055",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.0.2:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "3fbde510-8b51-4751-ad82-0934c6617dd8",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.0.3:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "28e7307d-59ca-4ee8-99b5-e98e1817a290",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.0.4:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "58c738b5-7eb7-4689-b4e7-dd03e97198d7",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.0.5:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "42b4578e-4c67-41db-a988-3701e2448c7e",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.0.6:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "0137556f-2287-4b2b-b302-2b7cbeaf81df",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.0.7:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "163ff6cd-86c7-4b3a-af50-5bf8007b2c47",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.1.0:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "d97c4438-8b22-45c0-9ad1-c84a5abc95ba",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.1.1:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "d5d9a4f5-e699-4111-aa2b-87aa22872c56",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.1.2:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "a41fbeba-b185-4c67-a161-ef4bf708b928",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.1.3:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "37c226a4-eb88-4896-8a6d-f7bc65433991",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.1.4:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "49cf99ce-cc83-470c-8278-1de6a2526e22",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.1.5:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "619e37f7-4f70-466e-bbbc-8db6bbb1cd1c",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.1.6:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "bb0b2be8-982e-40a0-96ea-851e2da2e994",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.2.0:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "097ed897-e6f0-4927-a6a9-ac1ce8ad2b2e",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.2.1:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "06979096-7421-4bc8-9e2d-1964633afa8e",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.2.2:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "d9852db4-41fb-4d2b-909e-1de0ad9438b4",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.2.3:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "7061a2ca-948f-44cd-8607-08f0beac3071",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.2.4:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "7d751240-b349-46ab-834e-2faf457eff7a",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.2.5:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "2570fa68-b506-4865-9688-49bc1b9643db",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.2.6:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "9ed7a1df-fc1f-4c9c-9d70-949886740bed",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.2.7:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "d06ae9fc-2200-463e-8a36-1bf3feb81e2d",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.2.8:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "f5ebd886-2bea-4573-8d22-9eb38244e08d",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.2.9:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "11a60af2-6e20-4215-bb2c-aae86761bb9a",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.2.10:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "b1e8ea83-3839-4275-8e84-f5c9a675099f",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.2.11:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "7ce1e1fb-8aab-4b33-8a69-e9fb0f802690",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.2.12:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "e078d2d4-d9d4-418a-ab42-b2f7c256d59f",
"value": "cpe:2.3:a:fortinet:fortiproxy:1.2.13:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "6e8ee509-9093-4067-b0e8-fe43a9cb276d",
"value": "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "7b2efc05-26eb-49cb-8fa8-dfb796757bc3",
"value": "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "caf3af2e-36e1-43c1-aa0d-c23517ffef06",
"value": "cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "4ad6415a-af47-4fd2-8aee-1f2050bd5817",
"value": "cpe:2.3:a:fortinet:fortiproxy:7.0.2:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "1a757247-0e00-4c6d-9742-32f61e69e0e8",
"value": "cpe:2.3:a:fortinet:fortiproxy:7.0.3:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "9443ce76-03f3-46e1-b2a7-cc57d358298c",
"value": "cpe:2.3:a:fortinet:fortiproxy:7.0.4:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "ff1ec4f9-64d6-463c-9ecf-41e12ef1b4bc",
"value": "cpe:2.3:a:fortinet:fortiproxy:7.0.5:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "a7c58245-f479-4cae-a77e-345955a69fee",
"value": "cpe:2.3:a:fortinet:fortiproxy:7.0.6:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "9d56f2f5-8ae1-4f1f-aedc-3813223e28cd",
"value": "cpe:2.3:a:fortinet:fortiproxy:7.0.7:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "412e221f-31a4-4a73-9196-92d696e1344c",
"value": "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "a45e3c07-ea47-4d70-8b46-1bd31536ab93",
"value": "cpe:2.3:a:fortinet:fortiproxy:2.0.1:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "3b27df7f-f55a-46f5-834a-adb6ca109e66",
"value": "cpe:2.3:a:fortinet:fortiproxy:2.0.2:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "9746aaa3-e193-4689-8710-f1033d3dffb8",
"value": "cpe:2.3:a:fortinet:fortiproxy:2.0.3:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "c6fdf429-2af0-4930-a82b-c681ee044b39",
"value": "cpe:2.3:a:fortinet:fortiproxy:2.0.4:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "95ddd092-436b-4a82-9dd5-812dc9182f8f",
"value": "cpe:2.3:a:fortinet:fortiproxy:2.0.5:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "c4ecaf61-7120-4c3b-b4cc-953bec7cb20c",
"value": "cpe:2.3:a:fortinet:fortiproxy:2.0.6:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "a82034fd-6ea0-474f-80c3-272d79a83e03",
"value": "cpe:2.3:a:fortinet:fortiproxy:2.0.7:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "a2e0081e-902b-4cf5-bd7c-3032af1afb1e",
"value": "cpe:2.3:a:fortinet:fortiproxy:2.0.8:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "e39607d2-8a59-4c63-840d-d2cdc8f1a73b",
"value": "cpe:2.3:a:fortinet:fortiproxy:2.0.9:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "84ec6226-27a2-4c3b-b1f5-bb863a90a6c0",
"value": "cpe:2.3:a:fortinet:fortiproxy:2.0.10:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "d6581956-4cd7-486e-b4ba-4287261ad935",
"value": "cpe:2.3:h:fortinet:fim-7901e:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "baa427e4-d73e-4e59-8ffa-9069ca02a165",
"value": "cpe:2.3:h:fortinet:fim-7904e:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "ac3bc855-1ecc-4cdb-be2f-c76b98d47355",
"value": "cpe:2.3:h:fortinet:fim-7910e:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "9b70f612-53e9-44e8-850c-80d57422fb15",
"value": "cpe:2.3:h:fortinet:fim-7920e:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "fca2f9c4-7495-47d8-a628-2710fa1d3329",
"value": "cpe:2.3:h:fortinet:fim-7921f:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "f9861a68-3887-42cd-9e67-46b6bcafae27",
"value": "cpe:2.3:h:fortinet:fim-7941f:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "d286e5f5-36c6-4426-8fb6-949a0c4e3ae1",
"value": "cpe:2.3:h:fortinet:fortigate-6300f:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "d064acc0-f418-4408-b41d-f1f8f2e19701",
"value": "cpe:2.3:h:fortinet:fortigate-6300f-dc:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "6fe2f111-c909-466c-9ba2-161699c9e890",
"value": "cpe:2.3:h:fortinet:fortigate-6500f:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "dfbac8e4-4c5f-42f3-897a-0cf07a662af7",
"value": "cpe:2.3:h:fortinet:fortigate-6500f-dc:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "78f42160-2b19-4acd-bb12-4630acf5b990",
"value": "cpe:2.3:h:fortinet:fortigate-6501f:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "6d85e2d1-e467-4133-9642-9a30998119b2",
"value": "cpe:2.3:h:fortinet:fortigate-6501f-dc:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "847c045e-b977-4576-8a49-5253652572f5",
"value": "cpe:2.3:h:fortinet:fortigate-6601f:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "266d3533-e568-40ca-bcc4-099e9b554ad8",
"value": "cpe:2.3:h:fortinet:fortigate-6601f-dc:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "37c98909-1185-41c1-b3d7-f96df51f8b72",
"value": "cpe:2.3:h:fortinet:fortigate-7030e:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "ccdc1f53-a39d-42d9-bb9d-0386c582aa7b",
"value": "cpe:2.3:h:fortinet:fortigate-7040e:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "d16a951e-fec2-4292-97b6-a49daac1d4f6",
"value": "cpe:2.3:h:fortinet:fortigate-7060e:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "aac05f2c-7ee3-449b-aa9e-70ff7245d1ed",
"value": "cpe:2.3:h:fortinet:fortigate-7121f:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "b7c0c04d-d60d-44a0-92f8-eaec8924ab7a",
"value": "cpe:2.3:h:fortinet:fpm-7620e:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "98f7ea2d-cafc-4e8a-88f3-2e1cddd1d69a",
"value": "cpe:2.3:h:fortinet:fpm-7620f:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "vulnerable-configuration",
"timestamp": "1673600282",
"to_ids": false,
"type": "cpe",
"uuid": "91b8926d-ea41-4d68-b38c-87abbb5b67ff",
"value": "cpe:2.3:h:fortinet:fpm-7630e:-:*:*:*:*:*:*:*"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "references",
"timestamp": "1673600282",
"to_ids": false,
"type": "link",
"uuid": "50d44ff7-c871-4a77-8a89-b982e75c6298",
"value": "https://fortiguard.com/psirt/FG-IR-22-398"
}
]
},
{
"comment": "CVE-2022-42475: Enriched via the cve_advanced module",
"deleted": false,
"description": "Weakness object describing a common weakness enumeration which can describe usable, incomplete, draft or deprecated weakness for software, equipment of hardware.",
"meta-category": "vulnerability",
"name": "weakness",
"template_uuid": "b8713fc0-d7a2-4b27-a182-38ed47966802",
"template_version": "1",
"timestamp": "1673600283",
"uuid": "d7cc6b5e-f357-4962-8c46-d19ceb040746",
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "id",
"timestamp": "1673600283",
"to_ids": false,
"type": "weakness",
"uuid": "ce73a5c3-f26c-4be4-bd9c-ba22f2ec6270",
"value": "CWE-787"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "name",
"timestamp": "1673600283",
"to_ids": false,
"type": "text",
"uuid": "51becf41-07bd-4e91-85d1-abbd324c6c4d",
"value": "Out-of-bounds Write"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "status",
"timestamp": "1673600283",
"to_ids": false,
"type": "text",
"uuid": "23898f79-54d5-4df9-978f-63979a4394aa",
"value": "Draft"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "weakness-abs",
"timestamp": "1673600283",
"to_ids": false,
"type": "text",
"uuid": "7d3aa669-4f64-44d5-9997-eb00ad00ea53",
"value": "Base"
}
]
},
{
"comment": "3191cb2e06e9a30792309813793f78b6: enriched via the virustotal module.",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "4",
"timestamp": "1673600596",
"uuid": "4b7f16b4-5f75-4dfb-845b-3d859bcdf633",
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "permalink",
"timestamp": "1673600596",
"to_ids": false,
"type": "link",
"uuid": "0d1b4e81-b0c3-4f01-afcb-7a44502b206a",
"value": "https://www.virustotal.com/gui/file/0184e3d3dd8f4778d192d07e2caf44211141a570d45bb47a87894c68ebebeabb"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1673600596",
"to_ids": false,
"type": "text",
"uuid": "f4403481-b830-4610-80f8-600e3efc7740",
"value": "20/63"
}
]
},
{
"comment": "3191cb2e06e9a30792309813793f78b6: enriched via the virustotal module.",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "4",
"timestamp": "1673600581",
"uuid": "50105082-3cf7-400c-bf75-c2aabcff8a87",
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "permalink",
"timestamp": "1673600581",
"to_ids": false,
"type": "link",
"uuid": "b38daa57-d585-48cc-bc1d-d33c3b731e59",
"value": "https://www.virustotal.com/gui/ip_address/155.138.224.122"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1673600581",
"to_ids": false,
"type": "text",
"uuid": "5ed5cff5-18d0-4380-b05c-a5bf38c12680",
"value": "9/88"
}
]
},
{
"comment": "3191cb2e06e9a30792309813793f78b6: enriched via the virustotal module.",
"deleted": false,
"description": "A domain/hostname and IP address seen as a tuple in a specific time frame.",
"meta-category": "network",
"name": "domain-ip",
"template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734",
"template_version": "11",
"timestamp": "1673600567",
"uuid": "622b381c-f334-4a45-bbef-aca8ca6ee335",
"Attribute": [
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ip",
"timestamp": "1673600567",
"to_ids": true,
"type": "ip-dst",
"uuid": "710ffc74-2b76-427f-8a8d-386c034c3b01",
"value": "155.138.224.122"
}
]
},
{
"comment": "856341349dd954d82b112ba9165c4563: enriched via the virustotal module.",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "4",
"timestamp": "1673600554",
"uuid": "ad14186f-2ff5-4cc7-aafe-309529f30500",
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "permalink",
"timestamp": "1673600554",
"to_ids": false,
"type": "link",
"uuid": "420f124a-51a6-47ea-b337-49001dee28cc",
"value": "https://www.virustotal.com/gui/file/23f2536aec6a4977a504312ff5863468ba2900fece735acd775d0ae455b4cd4d"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1673600554",
"to_ids": false,
"type": "text",
"uuid": "990bc7ad-4c4b-48d7-bebc-10a56a43544a",
"value": "21/63"
}
]
},
{
"comment": "856341349dd954d82b112ba9165c4563: enriched via the virustotal module.",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "4",
"timestamp": "1673600540",
"uuid": "e74e0eb4-85d1-431b-902c-5fce491462bc",
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "permalink",
"timestamp": "1673600540",
"to_ids": false,
"type": "link",
"uuid": "819e7750-7fa2-49dc-b68a-fee2b2de07ca",
"value": "https://www.virustotal.com/gui/ip_address/107.148.27.117"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1673600540",
"to_ids": false,
"type": "text",
"uuid": "066a1449-5f70-4317-bbf0-289c64bf65aa",
"value": "10/88"
}
]
},
{
"comment": "856341349dd954d82b112ba9165c4563: enriched via the virustotal module.",
"deleted": false,
"description": "A domain/hostname and IP address seen as a tuple in a specific time frame.",
"meta-category": "network",
"name": "domain-ip",
"template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734",
"template_version": "11",
"timestamp": "1673600519",
"uuid": "c84b8cb1-2f0a-451c-8e85-59f68705e719",
"Attribute": [
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ip",
"timestamp": "1673600519",
"to_ids": true,
"type": "ip-dst",
"uuid": "7b4bf6ab-2919-44b0-89ad-1439e39f259d",
"value": "107.148.27.117"
}
]
},
{
"comment": "The JA3 for the malware SSL/TLS client connection appears to be unique to the malware and can be used to detect an attack.",
"deleted": false,
"description": "JA3 is a new technique for creating SSL client fingerprints that are easy to produce and can be easily shared for threat intelligence. Fingerprints are composed of Client Hello packet; SSL Version, Accepted Ciphers, List of Extensions, Elliptic Curves, and Elliptic Curve Formats. https://github.com/salesforce/ja3",
"meta-category": "network",
"name": "ja3",
"template_uuid": "09b45449-5d6e-492c-a68a-cb2e188cbfac",
"template_version": "4",
"timestamp": "1673600630",
"uuid": "3da68ddc-8324-43fa-bbe8-f7720dc32a2b",
"Attribute": [
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ja3-fingerprint-md5",
"timestamp": "1673600630",
"to_ids": true,
"type": "ja3-fingerprint-md5",
"uuid": "d3a8c1fb-b989-457b-806b-e48892c77942",
"value": "bf2b95ac267823f6588b2436bc537b26"
}
]
},
{
"comment": "",
"deleted": false,
"description": "Object describing a section of a Portable Executable",
"meta-category": "file",
"name": "pe-section",
"template_uuid": "198a17d2-a135-4b25-9a32-5aa4e632014a",
"template_version": "3",
"timestamp": "1673600715",
"uuid": "060f92b1-3a95-49fd-b14f-e33adbd2115b",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "name",
"timestamp": "1673600715",
"to_ids": false,
"type": "text",
"uuid": "e7bb1fd2-36d5-4863-b17f-42d75904e58e",
"value": ".text"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1673600715",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "0e9f763e-140d-4d66-a757-4ac6c5df334c",
"value": "80896"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "entropy",
"timestamp": "1673600715",
"to_ids": false,
"type": "float",
"uuid": "a112ff46-43d1-46fb-98cf-7d1b252f53a2",
"value": "6.1933439370956"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1673600715",
"to_ids": true,
"type": "md5",
"uuid": "727306a3-783a-45b8-ae8e-48dc9139cadd",
"value": "4b5de9374a615b76e607c1dc4d17ac72"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1673600715",
"to_ids": true,
"type": "sha1",
"uuid": "34c210a9-8b14-4068-8aa7-2a056825a360",
"value": "92a4ea254751b960250b21d8f8e947eb769ef01a"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1673600715",
"to_ids": true,
"type": "sha256",
"uuid": "8d7dbb00-c7ce-4bf9-ae08-82f90440ae70",
"value": "5f826a78d3d88061f3f7e3281ffc41b37a8071a217cd15b584e4f6edd909b23c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha512",
"timestamp": "1673600715",
"to_ids": true,
"type": "sha512",
"uuid": "d02b29e1-aaa0-49c9-8df8-82f6fe67bcbe",
"value": "b208b7a03e8036c27f09f43fc1f46fa7343c3a62efe0aa554908ac6426df1783d694638e135ef71b85cb8544e4da37d6a03cb6e923848a492016d688f1ddf5a2"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ssdeep",
"timestamp": "1673600715",
"to_ids": true,
"type": "ssdeep",
"uuid": "04c733f2-a876-4fc5-a5ce-5dbb1bdf9728",
"value": "1536:MzT7zQBr/zINrQlKQLvTYZuyjOzNSHCCiin0F7KLzfLXDvbnT/r3jP7HzL/3zXvW:MzT/0/ENklKQLrAuyaxSHC5inA+LzfL6"
}
]
},
{
"comment": "",
"deleted": false,
"description": "Object describing a section of a Portable Executable",
"meta-category": "file",
"name": "pe-section",
"template_uuid": "198a17d2-a135-4b25-9a32-5aa4e632014a",
"template_version": "3",
"timestamp": "1673600715",
"uuid": "2f9cb5df-616d-4aa3-b759-2312259e013a",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "name",
"timestamp": "1673600715",
"to_ids": false,
"type": "text",
"uuid": "3d0c000e-3d10-41ac-98d0-edfed05c7848",
"value": ".data"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1673600715",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "e9661fd2-6e1e-4e68-9851-4ea518ec3d89",
"value": "2560"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "entropy",
"timestamp": "1673600715",
"to_ids": false,
"type": "float",
"uuid": "9dbc8653-6947-4fd8-981c-99ed03427aa6",
"value": "0.6540748833811"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1673600715",
"to_ids": true,
"type": "md5",
"uuid": "0ba25daf-1ff1-4b72-8972-446c93b893f7",
"value": "7ea63e83e1c0f8b6dc4ef536699484dd"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1673600715",
"to_ids": true,
"type": "sha1",
"uuid": "4bb3fd53-5738-45a3-a935-0f7944bb9c1b",
"value": "3326c3c5793f7f3510ef415f14b3db4b62e27bd2"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1673600715",
"to_ids": true,
"type": "sha256",
"uuid": "c0c6126e-0ddf-47ed-92bf-fee96c54251a",
"value": "89ec50c88cda5557005116ac06d514df68f12d2c0bf29773b20589814ab9723f"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha512",
"timestamp": "1673600715",
"to_ids": true,
"type": "sha512",
"uuid": "6f53837d-928a-4b54-84fa-99a6b11e538c",
"value": "09403f1bf4e83bb72db252de42b2c8bddd29ba99557115466f02ac668b6d6074a0883f597f6c0e7613bf00900af6163a1ee0a204a09bcb1e497c2a8eb29664d5"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ssdeep",
"timestamp": "1673600715",
"to_ids": true,
"type": "ssdeep",
"uuid": "cc8db82e-412d-418e-bb6e-9d8f95b5d023",
"value": "6:Xmt/eLtlMQQ/wm+RxlXOfUKjyipKR9jHUAj/k1Aj/k1qa6Ul:XmtGplsF+Rj7xfkAA1AA19"
}
]
},
{
"comment": "",
"deleted": false,
"description": "Object describing a section of a Portable Executable",
"meta-category": "file",
"name": "pe-section",
"template_uuid": "198a17d2-a135-4b25-9a32-5aa4e632014a",
"template_version": "3",
"timestamp": "1673600715",
"uuid": "a8529e6e-6cfa-4786-a272-086dc1106dd2",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "name",
"timestamp": "1673600715",
"to_ids": false,
"type": "text",
"uuid": "b8384a3d-3278-4c86-9614-6b1dd8ebd607",
"value": ".rdata"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1673600715",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "282e9121-898f-461b-89fe-ee74a686dca6",
"value": "5120"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "entropy",
"timestamp": "1673600715",
"to_ids": false,
"type": "float",
"uuid": "2f687329-70e3-4cb4-994c-f2ae46f0145a",
"value": "5.4635139902349"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1673600715",
"to_ids": true,
"type": "md5",
"uuid": "01b4507e-7822-4c32-bbef-f38583f11150",
"value": "e4c9d495339c4a934cc1b935660e0e38"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1673600715",
"to_ids": true,
"type": "sha1",
"uuid": "805c0a79-84ce-4578-8e1b-3efbadf1e1ce",
"value": "037f98546890d032d441763d9e3bc1de54ffbbc0"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1673600715",
"to_ids": true,
"type": "sha256",
"uuid": "6bef110b-bb2c-40db-ac48-e28e7d72720c",
"value": "336ea8b9b38f4d53ad336eec0b0e1e03b59955194a5f37a15b0ae1fc80b4f061"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha512",
"timestamp": "1673600715",
"to_ids": true,
"type": "sha512",
"uuid": "8c0a496f-5a62-4c16-99c7-8843cd2f87e0",
"value": "3bf3cac0891b015a26d18090219d445c48bbdc89eeac878cfcffb393b8b33296317aa7bc5f12d6f1498429807424f8c3e3ab249b273b270607bbffe83b5f9a75"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ssdeep",
"timestamp": "1673600715",
"to_ids": true,
"type": "ssdeep",
"uuid": "960db690-e673-43f1-bbda-24285d0d0b99",
"value": "48:X65hlRWXMFfHP7BEP+sx4OQQuQv2qjr5vh8MMy9D/DtyGbBbBbBbBbBbBbBbBbBP:qLrmMF/SP+GuQv2qHLd9DhX"
}
]
},
{
"comment": "",
"deleted": false,
"description": "Object describing a section of a Portable Executable",
"meta-category": "file",
"name": "pe-section",
"template_uuid": "198a17d2-a135-4b25-9a32-5aa4e632014a",
"template_version": "3",
"timestamp": "1673600715",
"uuid": "c10402d1-6766-4ab4-8509-f157c123b61c",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "name",
"timestamp": "1673600715",
"to_ids": false,
"type": "text",
"uuid": "7c2df5c6-4b3f-4d1c-a5f7-823cfe281da7",
"value": ".bss"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1673600715",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "15dfb76d-f355-49f3-97dc-bc3c45d830df",
"value": "0"
}
]
},
{
"comment": "",
"deleted": false,
"description": "Object describing a section of a Portable Executable",
"meta-category": "file",
"name": "pe-section",
"template_uuid": "198a17d2-a135-4b25-9a32-5aa4e632014a",
"template_version": "3",
"timestamp": "1673600715",
"uuid": "b3922ef0-5926-4bcf-b1c5-622a6742dcec",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "name",
"timestamp": "1673600715",
"to_ids": false,
"type": "text",
"uuid": "98de02a5-8133-4375-b702-f606b6efcd48",
"value": ".idata"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1673600715",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "f1e21f9f-3e57-49c0-8bd2-02694064057e",
"value": "4096"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "entropy",
"timestamp": "1673600715",
"to_ids": false,
"type": "float",
"uuid": "4edf59fd-77c7-4da0-9654-140008f38358",
"value": "5.2099581938208"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1673600715",
"to_ids": true,
"type": "md5",
"uuid": "1ad115ba-9135-48b2-aa20-803f6cc64c5c",
"value": "4f2bf103dfcc95692a488edab688bbc7"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1673600715",
"to_ids": true,
"type": "sha1",
"uuid": "dc32eb3c-6165-443e-89cf-20fab39e55be",
"value": "b2d25fd8efd7b824c2912a9f80c918fe1f11952d"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1673600715",
"to_ids": true,
"type": "sha256",
"uuid": "96713c7e-9b9d-4d42-8be7-0e9ce32d592d",
"value": "f60d590bc286bc3357f693500e25f8d13699f93402c384ea3354ee694ad6abb2"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha512",
"timestamp": "1673600715",
"to_ids": true,
"type": "sha512",
"uuid": "f7625501-88f3-47b8-9622-94aed9790d12",
"value": "b9a44e91d89c9586694f575a54eb41db7e2dc7f1097a1470470e6df077747c024dae28ae828b572e400d35e0b0957b31f3e54fd8f2a9f5fc64e6f1729fbe423d"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ssdeep",
"timestamp": "1673600715",
"to_ids": true,
"type": "ssdeep",
"uuid": "78dfc026-71fe-49b7-9474-b5face8bf6c0",
"value": "48:VYTBshkXzByshkXzByr3mPWXEDll6GraRBTuyK1uA9GFDkcMUuRVxGp:yy4W+s/zuBTfK1uA9SDkcMUuRVq"
}
]
},
{
"comment": "",
"deleted": false,
"description": "Object describing a section of a Portable Executable",
"meta-category": "file",
"name": "pe-section",
"template_uuid": "198a17d2-a135-4b25-9a32-5aa4e632014a",
"template_version": "3",
"timestamp": "1673600715",
"uuid": "1d1e1173-a0cf-4808-a2ee-51234b20e355",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "name",
"timestamp": "1673600715",
"to_ids": false,
"type": "text",
"uuid": "f06bd361-ad6e-4779-8862-a9fd1abee749",
"value": ".CRT"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1673600715",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "50f064df-82de-4a32-818c-1a71f6092f29",
"value": "512"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "entropy",
"timestamp": "1673600715",
"to_ids": false,
"type": "float",
"uuid": "3ea9ab4b-e55d-42d5-9939-f1e5defefeeb",
"value": "1.6185253040527"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1673600715",
"to_ids": true,
"type": "md5",
"uuid": "4bbcbe4d-06d5-4b3f-80b7-7c5e21d0a4dd",
"value": "3312975753899c136a2cba9b13c60ad0"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1673600715",
"to_ids": true,
"type": "sha1",
"uuid": "2db1b968-e3a6-47d0-bd2f-56f7edcc1ba1",
"value": "6bb845d70432ae6f16002393f1ed36d3f5ff826e"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1673600715",
"to_ids": true,
"type": "sha256",
"uuid": "f08350ee-0eb2-4811-84a0-628cf2cbd6a8",
"value": "fc607709d7ac5011094efd7565647ad4dfd793c9f57a0e949f25bf2d241fcbad"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha512",
"timestamp": "1673600715",
"to_ids": true,
"type": "sha512",
"uuid": "155f634e-fa59-47d6-b9cf-a620f7f498f0",
"value": "16ce5aeea206f79e4b26341705b451df52c492bbd7ca0d7bab47e9d3230f881a36d5ab27311f56d4dc4f580951eda3759e978b1db2240283762e44f13509da7c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ssdeep",
"timestamp": "1673600715",
"to_ids": true,
"type": "ssdeep",
"uuid": "9b3ab4e9-16f3-4e3e-8628-ddadc03dd9f9",
"value": "3:+/tdFllXl6ltl/ll:N"
}
]
},
{
"comment": "",
"deleted": false,
"description": "Object describing a section of a Portable Executable",
"meta-category": "file",
"name": "pe-section",
"template_uuid": "198a17d2-a135-4b25-9a32-5aa4e632014a",
"template_version": "3",
"timestamp": "1673600797",
"uuid": "2c07d192-0cfc-44d7-a50d-ba5e19f39d8a",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "name",
"timestamp": "1673600715",
"to_ids": false,
"type": "text",
"uuid": "e6a28091-a0f1-4178-9cc8-523ade686c07",
"value": ".tls"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1673600715",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "eccebb87-6d3e-4670-9d2d-72516cdf095f",
"value": "512"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "md5",
"timestamp": "1673600772",
"to_ids": false,
"type": "md5",
"uuid": "f9496589-7caf-4f02-ad9d-6d6efd4507f6",
"value": "7dea362b3fac8e00956a4952a3d4f474"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "sha1",
"timestamp": "1673600788",
"to_ids": false,
"type": "sha1",
"uuid": "4dab0373-5c41-49f9-8c6c-fb9eac072c8b",
"value": "05fe405753166f125559e7c9ac558654f107c7e9"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "sha256",
"timestamp": "1673600791",
"to_ids": false,
"type": "sha256",
"uuid": "33ffc6c1-6f6c-48ae-b896-329f05ad4e04",
"value": "af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "sha512",
"timestamp": "1673600794",
"to_ids": false,
"type": "sha512",
"uuid": "8583b84e-ed12-4cb1-8b74-4424a17fbe2f",
"value": "1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "ssdeep",
"timestamp": "1673600797",
"to_ids": false,
"type": "ssdeep",
"uuid": "caa672a1-4b89-4110-b2de-2a070e98de05",
"value": "3::"
}
]
},
{
"comment": "",
"deleted": false,
"description": "Object describing a section of a Portable Executable",
"meta-category": "file",
"name": "pe-section",
"template_uuid": "198a17d2-a135-4b25-9a32-5aa4e632014a",
"template_version": "3",
"timestamp": "1673600715",
"uuid": "3b93ed78-8588-44e1-9900-13cfd51d57e8",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "name",
"timestamp": "1673600715",
"to_ids": false,
"type": "text",
"uuid": "225b9a26-fcd0-4ec1-bb00-7dd968a65f4d",
"value": ".rsrc"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1673600715",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "16d1c894-557a-4a9f-870f-0329d9c8b812",
"value": "2048"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "entropy",
"timestamp": "1673600715",
"to_ids": false,
"type": "float",
"uuid": "aa3f4d55-21af-40b0-bce3-96f4a4a3d2e0",
"value": "4.6724534459793"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1673600715",
"to_ids": true,
"type": "md5",
"uuid": "5f0c4135-154a-4043-b185-84f4f4b73312",
"value": "e3e643d996d7a5984b5ac6bea5f8ad4b"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1673600715",
"to_ids": true,
"type": "sha1",
"uuid": "e829e0d5-917c-470f-8d25-bf519aa053a8",
"value": "d6d79694a79924624fcc1f89853e45cc0024d1e4"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1673600715",
"to_ids": true,
"type": "sha256",
"uuid": "a7080397-14dc-418f-8f61-de80d7827b5b",
"value": "10fa569b3cf75ff21ea3b433416d16d9ff53bb127bcb8dfe24b4aea6bea0b684"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha512",
"timestamp": "1673600715",
"to_ids": true,
"type": "sha512",
"uuid": "c3383d8c-346f-441b-a23b-ed97f7e90608",
"value": "20085231c5480a9c6617d05b3d028f492a8f48f1b18bf6be5826ffa01774e696c283df4fbbc77a7f978d7f49c7155065419db2e2613a833d5c3b5b98842157ca"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ssdeep",
"timestamp": "1673600716",
"to_ids": true,
"type": "ssdeep",
"uuid": "2f2b6635-98d9-488a-997a-9a0d7aebdb25",
"value": "24:b9pGZeFVJprKNZ1bh3lCPNWredtn3tcuf3hwcK:Bp/FVnrcLbRlOBh3tThi"
}
]
},
{
"comment": "",
"deleted": false,
"description": "Object describing a section of a Portable Executable",
"meta-category": "file",
"name": "pe-section",
"template_uuid": "198a17d2-a135-4b25-9a32-5aa4e632014a",
"template_version": "3",
"timestamp": "1673600716",
"uuid": "47345dc1-759f-4d34-997a-79c8a0ff8600",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "name",
"timestamp": "1673600716",
"to_ids": false,
"type": "text",
"uuid": "a1fe38da-7f11-444f-8ff2-66b76715dbba",
"value": ".reloc"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1673600716",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "ad77b0b6-cc28-48b1-9f59-bffed8093589",
"value": "2560"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "entropy",
"timestamp": "1673600716",
"to_ids": false,
"type": "float",
"uuid": "5f4c2d8e-ebb8-46a6-80b3-c2fe6d85ed27",
"value": "6.5454664509897"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1673600716",
"to_ids": true,
"type": "md5",
"uuid": "21de482b-a7cf-4762-a839-d28ac606e45c",
"value": "927d3c8f39932c4903ce0ae8dc4d7abb"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1673600716",
"to_ids": true,
"type": "sha1",
"uuid": "850e849c-073d-4850-9af2-169e36f697dc",
"value": "512ed9db2fe4151324abf949d70deb3fe4566a66"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1673600716",
"to_ids": true,
"type": "sha256",
"uuid": "5f4e9726-098a-4733-8d67-0478a381b09a",
"value": "a9506a3cbf332502d62d7b7fc0849fde3809545a75d911e9cae9268fa143b32c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha512",
"timestamp": "1673600716",
"to_ids": true,
"type": "sha512",
"uuid": "ff7530a2-7124-412c-98c8-c409141da557",
"value": "2263a71d4f9ee005ed301020ae0e0d974003a39d481f4a82b6899a47847888969a6d66b7c585598307c14c83cc97f744b6f2dc0158426e2628ed02114ac5f338"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ssdeep",
"timestamp": "1673600716",
"to_ids": true,
"type": "ssdeep",
"uuid": "25566b15-5d61-46a8-a2bd-4767edcfd05b",
"value": "48:+BXwIRwsB3qZRyxbFCh3vvvbvXIdruBHnHofSX3X3X:+1wIRwsWGCzvXk8HofSnH"
}
]
},
{
"comment": "",
"deleted": false,
"description": "Object describing a Portable Executable",
"meta-category": "file",
"name": "pe",
"template_uuid": "cf7adecc-d4f0-4e88-9d90-f978ee151a07",
"template_version": "5",
"timestamp": "1673600716",
"uuid": "3547fe3b-4672-41f8-8b87-dd3754d7aeeb",
"ObjectReference": [
{
"comment": "Section 0 of PE",
"object_uuid": "3547fe3b-4672-41f8-8b87-dd3754d7aeeb",
"referenced_uuid": "060f92b1-3a95-49fd-b14f-e33adbd2115b",
"relationship_type": "includes",
"timestamp": "1673600716",
"uuid": "eb612ca6-5203-4d69-be10-84fd638dfa9b"
},
{
"comment": "Section 1 of PE",
"object_uuid": "3547fe3b-4672-41f8-8b87-dd3754d7aeeb",
"referenced_uuid": "2f9cb5df-616d-4aa3-b759-2312259e013a",
"relationship_type": "includes",
"timestamp": "1673600716",
"uuid": "195d377a-02f2-49a3-9e81-0839437b1ece"
},
{
"comment": "Section 2 of PE",
"object_uuid": "3547fe3b-4672-41f8-8b87-dd3754d7aeeb",
"referenced_uuid": "a8529e6e-6cfa-4786-a272-086dc1106dd2",
"relationship_type": "includes",
"timestamp": "1673600716",
"uuid": "08c34f41-84e0-46b2-9737-816be03e3cde"
},
{
"comment": "Section 3 of PE",
"object_uuid": "3547fe3b-4672-41f8-8b87-dd3754d7aeeb",
"referenced_uuid": "c10402d1-6766-4ab4-8509-f157c123b61c",
"relationship_type": "includes",
"timestamp": "1673600716",
"uuid": "7c3f8834-9b14-4596-bd75-7afae7eff3da"
},
{
"comment": "Section 4 of PE",
"object_uuid": "3547fe3b-4672-41f8-8b87-dd3754d7aeeb",
"referenced_uuid": "b3922ef0-5926-4bcf-b1c5-622a6742dcec",
"relationship_type": "includes",
"timestamp": "1673600716",
"uuid": "a3462ab6-7662-42b3-bb96-57ea3d3fa8fd"
},
{
"comment": "Section 5 of PE",
"object_uuid": "3547fe3b-4672-41f8-8b87-dd3754d7aeeb",
"referenced_uuid": "1d1e1173-a0cf-4808-a2ee-51234b20e355",
"relationship_type": "includes",
"timestamp": "1673600716",
"uuid": "e6f91ef6-a81f-420f-bab2-6e06cc9687e6"
},
{
"comment": "Section 6 of PE",
"object_uuid": "3547fe3b-4672-41f8-8b87-dd3754d7aeeb",
"referenced_uuid": "2c07d192-0cfc-44d7-a50d-ba5e19f39d8a",
"relationship_type": "includes",
"timestamp": "1673600716",
"uuid": "def26a6c-dff0-4691-96ac-cd1fc4b4910e"
},
{
"comment": "Section 7 of PE",
"object_uuid": "3547fe3b-4672-41f8-8b87-dd3754d7aeeb",
"referenced_uuid": "3b93ed78-8588-44e1-9900-13cfd51d57e8",
"relationship_type": "includes",
"timestamp": "1673600716",
"uuid": "201a2520-f92b-4ef1-af28-8781a0433cba"
},
{
"comment": "Section 8 of PE",
"object_uuid": "3547fe3b-4672-41f8-8b87-dd3754d7aeeb",
"referenced_uuid": "47345dc1-759f-4d34-997a-79c8a0ff8600",
"relationship_type": "includes",
"timestamp": "1673600716",
"uuid": "8a9c83ae-4e90-44e0-8d54-f994d6056400"
}
],
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "type",
"timestamp": "1673600716",
"to_ids": false,
"type": "text",
"uuid": "fb8153cd-44c4-4707-82bf-6a4a38390bbd",
"value": "exe"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "entrypoint-address",
"timestamp": "1673600716",
"to_ids": false,
"type": "text",
"uuid": "c3c184ab-4afe-42fc-beab-026b151befbb",
"value": "4199600"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "compilation-timestamp",
"timestamp": "1673600716",
"to_ids": false,
"type": "datetime",
"uuid": "3c72026c-c426-42af-be60-0698dff87c29",
"value": "2021-08-26T07:13:04+00:00"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "internal-filename",
"timestamp": "1673600716",
"to_ids": true,
"type": "filename",
"uuid": "99927ca1-da2b-4596-a701-bbfabed666f3",
"value": "AC file name"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "file-description",
"timestamp": "1673600716",
"to_ids": false,
"type": "text",
"uuid": "ba3bc5d5-c234-41ee-84af-27277ade00c1",
"value": "AC Description"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "file-version",
"timestamp": "1673600716",
"to_ids": false,
"type": "text",
"uuid": "7cd664db-8b5a-403b-a108-6d30f6fabfbc",
"value": "1.0"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "lang-id",
"timestamp": "1673600716",
"to_ids": false,
"type": "text",
"uuid": "7bb512d8-984e-4738-bb56-2af03386d32b",
"value": "080904E4"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "product-name",
"timestamp": "1673600716",
"to_ids": false,
"type": "text",
"uuid": "bc5b7c73-f299-469d-bc31-153b68ceff27",
"value": "AC"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "product-version",
"timestamp": "1673600716",
"to_ids": false,
"type": "text",
"uuid": "6e43a51a-1d73-468c-9d36-e8d4c648939d",
"value": "1.0"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "company-name",
"timestamp": "1673600716",
"to_ids": false,
"type": "text",
"uuid": "3a24178f-d3df-44a5-92b9-bc09afde98cf",
"value": "AC Company"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "legal-copyright",
"timestamp": "1673600716",
"to_ids": false,
"type": "text",
"uuid": "93dd850a-d917-4aa4-8596-dfff36f286d2",
"value": "AC copyright"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "number-sections",
"timestamp": "1673600716",
"to_ids": false,
"type": "counter",
"uuid": "018c5822-2485-45fb-a555-9f1b9a09de49",
"value": "9"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "20",
"timestamp": "1673600716",
"uuid": "9b6a958e-9b18-407c-9aac-9f1f5dfb8f5b",
"ObjectReference": [
{
"comment": "PE indicators",
"object_uuid": "9b6a958e-9b18-407c-9aac-9f1f5dfb8f5b",
"referenced_uuid": "3547fe3b-4672-41f8-8b87-dd3754d7aeeb",
"relationship_type": "includes",
"timestamp": "1673600716",
"uuid": "1c38d1a4-352d-42ea-a11f-d84ba5d6f554"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "filename",
"timestamp": "1673600716",
"to_ids": true,
"type": "filename",
"uuid": "01fa2498-39bc-45e7-b3a6-f5d4cf5b447d",
"value": "61aae0e18c41ec4f610676680d26f6c6e1d4d5aa4e5092e40915fe806b679cd4"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1673600716",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "6f6153e5-6e33-48f6-b4cf-dad57269082c",
"value": "99328"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "entropy",
"timestamp": "1673600716",
"to_ids": false,
"type": "float",
"uuid": "a84c99d3-6d02-4a3d-bb10-c294882c42f7",
"value": "6.1352969019206"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1673600716",
"to_ids": true,
"type": "md5",
"uuid": "aa33488a-088a-477a-aeff-2a29f985687e",
"value": "54bbea35b095ddfe9740df97b693627b"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1673600716",
"to_ids": true,
"type": "sha1",
"uuid": "7b86b7e5-39e1-4451-9a88-321927ac83ab",
"value": "08760cb1d322269dbe62d9a642697ac71306fbe3"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1673600716",
"to_ids": true,
"type": "sha256",
"uuid": "95042f50-4d0f-4694-a7fa-6b5d4b3e789e",
"value": "61aae0e18c41ec4f610676680d26f6c6e1d4d5aa4e5092e40915fe806b679cd4"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha512",
"timestamp": "1673600716",
"to_ids": true,
"type": "sha512",
"uuid": "855ecbd1-5ff7-4557-9845-f0b448ffb104",
"value": "c0c33975fc3338be2d18daef09f8a156f3bf2038af05b28980bdcbc855bd8875869ad904584cf822f6ebd58fdcbc39c07f5ab6fdd1e13f3cab641faf76e2c0ea"
},
{
"category": "Payload delivery",
"comment": "",
"data": "UEsDBBQACQAIAKhILVZe4FMKtcQAAACEAQAgABwANTRiYmVhMzViMDk1ZGRmZTk3NDBkZjk3YjY5MzYyN2JVVAkAA8wewWPMHsFjdXgLAAEEIQAAAAQhAAAAblouTwlLkTDBfu7kf8UObT+RVqtMv8YkNgE+n1lvMXO8PydPeJEZi1A7+D0x+50kT8kO4uw1b8tIi/GQ0vhxcbUUuNH4/VA2VL15XtMY0852b6Cg9j66zW5x0b86soLE6AP/FUikQFochzvpNwD5wgOvxHJn+e6Bw4gMKxkmIEwjJ9vKtr+Q7iDkpyy56QmZxMezWPvZCT3/2hbfl5OiXhqr814v0q63lFDrrKfzdn+/lUDZvrQVvIVaapq5m1uR30wU4DllYJS3WbG1Kyncw4dy6xwPB4LBKSHF2SMSgsXFlK08181fXeetSr3qsDKsev+pHdTJDaPin2n7/zrLv5pIydEmtGEBAgR9zYDQZifU59ZkGNtL6g2ieY/9PrmUWvXkwUAh+JW5m4SlRQKxJ04Ppgp4pLabUHhv0BQpAuMlGK3LXcxAq2COcDmPEx5pDzC3WiY1ejbNoHonRT63s26oPGF7yhOzSUIzzm0gtfRvxuIjYBoOJSf3+dsFHe+7ZM9X5vthvPS6pXm7qkx4Lb2sFe1TzRmRSPKEggJ1qUmay6RJbYOqVHKzl3dgOr5G65wJbeNtSn//bWgrcizO+zFSXSRMQQfKMYVrj6t/6Xkb76AWAlbp2XZOeqd4cU7EhTx6uZxiLmDPaFET6gbWzm/KD0Sv7B6hijl4h8GkUrGn01jzTG0Y2VBPZSQVTqPOJcWPNwVM2Dj9nI85w4IXzDfD4jsUBWixOnECMqOoLvRoajmutYmvCPmLlXImG/iMcMZXfGMfTFzzpInqa2qK+22VMjryyDJKyOezI8F59D2kadSpzW6eEL+z6zkj+SJhJd99fywNTi1JiUpBNgOUUkdU+ehpPZtvHmHx3tg7pGAVXzk+c7D+XzvknVgjv8LydVUUZuA19AAOKnnuXYng+qF6g8HLkBkF1H1FFIPEok4mEgz/CJJO6Idsadf/n6cy/IJLrO5cvW39kmZ0vjfWnnyPPUgY5HF1JYXdBLPI9vcNCMmoI8lN4YZtJbm4LP17Ds5Z90YWC+i61po/6I/YE7SX5iJ0utJeXnk9s7cfhR4zR95s/qHg8xfYwqC171RK827cTBb6JVajcvLqVFKghIE0KcZs+exAe4+zDfMdOT+sq07UAkam7kGf429v4IYoZmqHEhVhBtrIY8ssJ/I+6m88j4AOgaIATOcU4d7i0DGhvsrzOc7Rayylg/5VYEticiqAghOn4TK4gmNA3Mq5oxkIQX6DUBcgu5yJ2TjasOBbxOidWs7XmgFCFqGLq5NkKPhDVa7X/nSyxTXHO3LVN+Im3gf+DT+Y1L7nbGGL2cN7MQlfS1KM5VmvDGtaNDg0hxiC7dRlGVrCSijEhYIHI/YNAZ8DnC5xHLfro1NQDb2Iz+7IBpnIJbRdJ3vODO5NQQsfZvx7aee18yxTZ06nA49qxj4XFK/cSIPHiYOAk4V2txxy/V7cUmCmMZPY7gyULYz0kTFC7QJAl6shoUh7D2VaePM3KgXUdPtzyFVTUGtmeyyu0VAn2Sq3kWr0xDozPHxLy7h6nr88OQdEC254n1mz0Pl5Nsw5fCwOtukAm7rczOnzkMLzWWA0wwOlWU7fh41uIuUVZbD9e1bIa78xVHCAuh3v8Ei8DoIVn0Q0RowyvoybM+LaiTFGByRpTBOOMDFVHPXwpD99Rs6aaN9AZwmfgGtkp4+zaiwB1H5BMqzVA4QtGytPrq4Ec/Iez6rmuehl6Os4HCuSEvBdLbpSTnf2KkKlRFg7ZTHCAB/3dm0W9Dif0v5KBempnvBOxXGznCY/z5k+7jM55cycxuN4MNjgr3KK/gLSvSymHuk26xhiaDH2uVgi+CZZ7VQYM5uwkrouGdRbghysSMSaiFTarUmCcOch53B6mGetpVLsByfKjzPNANVV+iCsFAv6iM1Nc1/awvDZcSMBSCnoiogo3xwFt6gpVZOXBuEnj28NpvMoEUZXWcKM+f4kGz+eUmHI94ERR3ZjXlq6WXLo8O3uZPUOwEBHr/2kWysHmb4fn/CUngGHk11C1X4j99en9hIGa2/+qszsQXDramG6mXVZUFbgRrYqat4ZkM7gw/5Nw6IJHTtCvuOu/QlVLavazaoS0a3VvjkZXdRJUp4il3A/hhVl5FxB03xqvGUY9vmjqgrSc89QK5+PZULCvvTsw/02T9CurkbRESTCkmyIX91+fjxlzQ9sopM+0RUj13j5n0DnbZLRu3ei7N/M0JZ5olS/bWeJgS/TJfBQvF1svXtS/Xn/frMwIllh0IRBQMYM0IuRVGyQdp8EWSbc/mGhmAfnbkmJ2cCdyMVkCJ7L8nB4oEk4g5j574UggCJS8SIG48/lXWvQure9kC0r1fBccAl78f/rhjaqrrog6FNmFRYrkN2DuYdlvE1QSmEao7vVRXjRB1zBkD16BASj5daDtpI4ef0/ukQ/x3cCyolwbOVHmxTMAn5N324ovn/sN0B52qJ3aZTfNiLUlAEL7OFvsL9gvvWEwp12YwHKyV7O7HYY0fn0Viai/2Y+Or9Yu0XlvGcITn4LP1Cd272qqPj6yPnovQFMAedkvJUQfPmuGrAcRD52a8DUaM3YJekN4W2DfVdTT5xCEWEfCKAH3t3Dc4jH3pIQ0Ao3olNuN6PEBTtUWR9p5eGKpL6Wk643P6AO5liTu9EcJO9il/7OaRR6O5gUisDxVGDxH2aJzPAMlSd8hRdp8u+mv1M8Oeni+Dn52NvUp4+xCWACT/M+7ee0+CWuM5PBxbvPv8yp1rN5xTHEfNQ9suApe7I20t2VXCf4sE4jzU9n4rKcOjSDkYD3AsCRs/oxMek7Gn7v+SgIynRS8Aydegzqoz7c/yV/vl7sWPHgYwBnxLxa/DRIkN/BbLefoM+fVYcMptXVsa4DvxAUVX0RoBFewkF9DgDgYOgA+J4+QK+Af/R2L/kddmg2ScSm7gmagEhLdRlEvfNiNFhYbxU6eyxHciKGAron25QFaSIjArcYRxSaia7KWWuX9/HqdQotMlIe6DrDIXRVj3yAkfJmsv4w6XedK+/0QlyXvZG2AXQaBPgDxf4UbFBQigdtG9Xpu5sTQT9+eFAdECRMAUVQXKTX4h30HhnDBagpE2MR90LBktYl0ne6I6MTAhiu7/ZXpdAo72N23lFDu5NRZpmk7eHUxHpUFJP1rPdEiMLgXsGdUYGk3Thalv+Umh+wq+R+tWYQYbsCxuaB+qifDAjHEDAskYe93ULo3qlGO4J0VmS6scGVm5yOKhutkreW8+umQkAlUvHGYBXUywVhJ/fVAQhExu8TxVP9bcFJIrbAjxMehrwmz6X3lZ4W+poLwmRa8GRu/NNdc+SD8Bd9fr/DQojcRpa7MeGTmwmJtULkPSG6Ypv75kNqE4ou44KU0IQs+1vN6lZI356++tiYbk+RUN8cQjWywuGcChyfm9sfaAN8ZkiGS5O+fWiL+jeOk4RqnVYqaEDijZxTyDpkMcwKojJ100pQXtAlEsiNAyn9UTR+WyFLj1f+z5mCMkTf8Rakhf9fxhuxsh3OYZHE41IIoFZDX803T3XjE4j0FyzoMLTSWMz54Wd0Agifu53tue9uZEGZdKmLGKr1qrDpobg0HqQwsn9VxBk4tnAajYP+XTYmB3/rjcNwM9DM+dz5f92fgFVGiFfZ+1TA4UykI2RhFU3lHZdFRWDos7SZYVae8yRm+tCBVVg3yJX2ZyuQNCGeH2ySiDopuPKezubIT3AV+0VRu9uMIxqoguOWolNpYXqASE0G6KjsZPv7CLtE9fRt6UjrUwWxmkYPw+HQYK98HwuImsqTfiqc9r7/cIU/gA+/Mt/aI2oKDyigwT5jLE25L1+bxkE2Enu8sNAYtl0hONEdJS8RUMf58uIWmcmvnxvO+bGybJv2LHM4GVez5Px58puHd8SPNwNa8XjVi8PGfDZf4TOmcv3TMcC9YesLq2QJeb
"deleted": false,
"disable_correlation": false,
"object_relation": "malware-sample",
"timestamp": "1673600716",
"to_ids": true,
"type": "malware-sample",
"uuid": "6a458130-f53b-4445-8b23-64615c11e56a",
"value": "61aae0e18c41ec4f610676680d26f6c6e1d4d5aa4e5092e40915fe806b679cd4|54bbea35b095ddfe9740df97b693627b"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "mimetype",
"timestamp": "1673600716",
"to_ids": false,
"type": "mime-type",
"uuid": "accba514-49a2-4379-a4f3-cdeb67eed0fc",
"value": "PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ssdeep",
"timestamp": "1673600716",
"to_ids": true,
"type": "ssdeep",
"uuid": "351e2580-d334-4d16-bae9-e22a56174622",
"value": "3072:MzT/0/ENklKQLrAuyaxSHC5inA+LzfLXDvbnT/r3jP7HzL/3zXvbnT/ry5:2mKQLrAuPxK1A+LzfLXDvbnT/r3jP7HQ"
}
]
},
{
"comment": "",
"deleted": false,
"description": "An IP address (or domain or hostname) and a port seen as a tuple (or as a triple) in a specific time frame.",
"meta-category": "network",
"name": "ip-port",
"template_uuid": "9f8cea74-16fe-4968-a2b4-026676949ac6",
"template_version": "9",
"timestamp": "1673601516",
"uuid": "9ec6fbe0-8d11-447a-a038-f6b0a86b9814",
"Attribute": [
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "dst-port",
"timestamp": "1673601516",
"to_ids": false,
"type": "port",
"uuid": "907992cc-8709-4768-9dd1-9d369ff30d50",
"value": "8033"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ip",
"timestamp": "1673601516",
"to_ids": true,
"type": "ip-dst",
"uuid": "0d8170e2-0a2a-431d-960d-3b76eb384dea",
"value": "172.247.168.153"
}
]
},
{
"comment": "",
"deleted": false,
"description": "An IP address (or domain or hostname) and a port seen as a tuple (or as a triple) in a specific time frame.",
"meta-category": "network",
"name": "ip-port",
"template_uuid": "9f8cea74-16fe-4968-a2b4-026676949ac6",
"template_version": "9",
"timestamp": "1673601617",
"uuid": "3e84fef6-6655-46a8-9a74-2e05e651c3d2",
"Attribute": [
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "dst-port",
"timestamp": "1673601618",
"to_ids": false,
"type": "port",
"uuid": "dcf4e0c6-5ff4-4dc0-88ae-78c4fbeb2c7f",
"value": "8443"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "dst-port",
"timestamp": "1673601618",
"to_ids": false,
"type": "port",
"uuid": "ab912bd8-a24d-49f3-9335-bbcd18b071f3",
"value": "444"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ip",
"timestamp": "1673601618",
"to_ids": true,
"type": "ip-dst",
"uuid": "f6031a92-ddc7-4225-8bbf-9ed8669369dd",
"value": "192.36.119.61"
}
]
},
{
"comment": "",
"deleted": false,
"description": "An IP address (or domain or hostname) and a port seen as a tuple (or as a triple) in a specific time frame.",
"meta-category": "network",
"name": "ip-port",
"template_uuid": "9f8cea74-16fe-4968-a2b4-026676949ac6",
"template_version": "9",
"timestamp": "1673601694",
"uuid": "32d28275-7f48-4b1e-90cc-285cbeee0a0c",
"Attribute": [
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "dst-port",
"timestamp": "1673601694",
"to_ids": false,
"type": "port",
"uuid": "400e9ea5-cb76-4e23-8a6e-1170e93f01c3",
"value": "30080"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "dst-port",
"timestamp": "1673601694",
"to_ids": false,
"type": "port",
"uuid": "d6902fbc-07ee-4f14-b86e-585a9e367dcb",
"value": "30081"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "dst-port",
"timestamp": "1673601694",
"to_ids": false,
"type": "port",
"uuid": "6e5e92c5-e8af-48f0-b555-a75e7831fc60",
"value": "30443"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "dst-port",
"timestamp": "1673601694",
"to_ids": false,
"type": "port",
"uuid": "c1dc277b-d0d1-454d-af2d-4a0734aed46a",
"value": "20443"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ip",
"timestamp": "1673601694",
"to_ids": true,
"type": "ip-dst",
"uuid": "285c8b98-725e-4b22-ba84-95878d4b7ff1",
"value": "103.131.189.143"
}
]
},
{
"comment": "",
"deleted": false,
"description": "An IP address (or domain or hostname) and a port seen as a tuple (or as a triple) in a specific time frame.",
"meta-category": "network",
"name": "ip-port",
"template_uuid": "9f8cea74-16fe-4968-a2b4-026676949ac6",
"template_version": "9",
"timestamp": "1673601734",
"uuid": "4919dc52-6dd4-4e94-839a-a1f0a955c307",
"Attribute": [
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "dst-port",
"timestamp": "1673601734",
"to_ids": false,
"type": "port",
"uuid": "38c2247c-0f5f-4bf1-85bd-2cb59ae53175",
"value": "444"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ip",
"timestamp": "1673601734",
"to_ids": true,
"type": "ip-dst",
"uuid": "e91b1cee-97dc-4ac3-a5b6-d596fea54802",
"value": "188.34.130.40"
}
]
},
{
"comment": "Presence of the following artifacts in the filesystem:",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "24",
"timestamp": "1673601925",
"uuid": "961a77bc-6824-49ae-815c-efb178e8e1b4",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "state",
"timestamp": "1673601925",
"to_ids": false,
"type": "text",
"uuid": "a746a583-7902-4cfb-8ea4-179104290eec",
"value": "Malicious"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "fullpath",
"timestamp": "1673601925",
"to_ids": false,
"type": "text",
"uuid": "96d1f70a-aa11-44fe-9bae-b715d4927109",
"value": "/data/lib/libips.bak"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "fullpath",
"timestamp": "1673601925",
"to_ids": false,
"type": "text",
"uuid": "e6436492-3dc5-4bd6-815b-caa60dcad202",
"value": "/data/lib/libgif.so"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "fullpath",
"timestamp": "1673601925",
"to_ids": false,
"type": "text",
"uuid": "0cab46d9-5e32-4525-b21d-04f54b46cbff",
"value": "/data/lib/libiptcp.so"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "fullpath",
"timestamp": "1673601925",
"to_ids": false,
"type": "text",
"uuid": "d7932f54-07a2-41bb-b81e-4608cc75d39a",
"value": "/data/lib/libipudp.so"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "fullpath",
"timestamp": "1673601925",
"to_ids": false,
"type": "text",
"uuid": "f66e9dde-c15a-45cd-bf6f-784c0457ab7b",
"value": "/data/lib/libjepg.so"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "fullpath",
"timestamp": "1673601925",
"to_ids": false,
"type": "text",
"uuid": "11efedea-9665-4347-88a6-b3d540aa2e8a",
"value": "/var/.sslvpnconfigbk"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "fullpath",
"timestamp": "1673601925",
"to_ids": false,
"type": "text",
"uuid": "622c1a0f-3d5f-49c7-8e6e-6a78248276d6",
"value": "/data/etc/wxd.conf"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "fullpath",
"timestamp": "1673601925",
"to_ids": false,
"type": "text",
"uuid": "0c217051-2182-4c9f-a704-14b250a8b9f5",
"value": "/flash"
}
]
}
],
"EventReport": [
{
"name": "Report from - https://www.fortinet.com/blog/psirt-blogs/analysis-of-fg-ir-22-398-fortios-heap-based-buffer-overflow-in-sslvpnd (1673602179)",
"content": "# PSIRT Blogs\r\n\r\n # Analysis of FG-IR-22-398 \u2013 FortiOS - heap-based buffer overflow in SSLVPNd\r\n By Carl Windsor, Guillaume Lovet, Hongkei Chan, and Alex Kong | January 11, 2023 **Affected Platforms:** FortiOS \r\n \r\n **Impacted Users:** Government &large organizations \r\n **Impact:** Data loss and OS and file corruption \r\n **Severity Level:** High\r\n\r\n Fortinet has published CVSS: Critical advisory FG-IR-22-398 / CVE-2022-42475 on Dec 12, 2022. The following writeup details our initial investigation into this malware and additional IoCs identified during our ongoing analysis.\r\n\r\n ## Executive Summary\r\n\r\n \r\n * Multiple additional IoCs have been uncovered related to the incident FG-IR-22-398 / CVE-2022-42475\r\n * The complexity of the exploit suggests an advanced actor and that it is highly targeted at governmental or government-related targets.\r\n \r\n ## Incident Analysis\r\n\r\n As mentioned in the advisory, we detected this issue in the wild and were able to collect a sample of the malware along with related network traffic.\r\n\r\n The malware was a variant of a generic Linux implant customized for FortiOS. The following information was gathered during the forensic filesystem and binary analysis of the received appliance.\r\n\r\n **Libips.bak**\r\n\r\n The suspicious binary was located at */data/lib/libips.bak*. This file may be masquerading as a component of Fortinet\u2019s IPS Engine, located at /data/lib/libips.so. The file /data/lib/libips.so was present, but with a zero file size.\r\n\r\n Here is an image of the /data/lib directory:\r\n\r\n **Libgif.so, libips.bak,** and **libiptcp.so** are not part of any FortiOS components or processes.\r\n\r\n **Libips.bak** appears to be a trojanized version of the IPS Engine, typically located at ***/data/lib/libips.so*.** A diff comparing ***libips.bak*** with a clean **libips.so** from the same FortiOS build was performed. Up to about the 0x1900 byte mark, the files differ. After that point, the files are identical. Below is a screenshot of **libips.bak** (top) and the clean **libips.so** (bottom). ***libips.bak*** contains data where **libips.so** does not.\r\n\r\n After the first ~0x1900 bytes, the files are identical.\r\n\r\n **Libips.bak** exports the functions **ips\\_so\\_patch\\_urldb** and **ips\\_so\\_query\\_interface**. These are the same exports in the clean IPS engine binary, libips.so. Both exported functions lead to the same malicious code. If **libps.bak** is named libips.so in the **/data/lib** directory, the malicious code will be executed automatically as components of FortiOS will call these exported functions. The binary does not attempt to return to the clean IPS engine code, so IPS functionality is also compromised. Below is an example export function that immediately calls the malicious code.\r\n\r\n The primary malicious code is shown below.\r\n\r\n The malicious code begins by looping through file descriptors from 3 to 255. If it can duplicate the file descriptors, it will close both the duplicate and original descriptors.\r\n\r\n Next, it will read from **/data/lib/libiptcp.so** and write the data to **/data/lib/libjepg.so. /data/lib/libjepg.so** is renamed as **/data/lib/libips.so. fork()** andis used multiple times initially as an anti-debugging technique.\r\n\r\n It then calls **fork()** once more. The child process reads from **/data/lib/libgif.so** and writes that data to **/data/lib/libjepg.so. /data/lib/libjepg.so** is then renamed as **/data/lib/libips.so.**\r\n\r\n The parent process checks for read access to **/var/.sslvpnconfigbk**. This file is opened, then closed immediately. Finally, **/data/lib/libipudp.so** is executed with the argument **\"/data/lib/libipudp.so\"**.\r\n\r\n The files referenced in this code\u2014**libiptcp.so, libgif.so, .sslvpnconfigbk,** and **libipudp.so\u2014**could not be recovered.\r\n\r\n **Wxd.conf**\r\n\r\n The format of this config file is similar to that of \"Fast r
"id": "143",
"event_id": "142831",
"timestamp": "1673602253",
"uuid": "54ae3ae3-3b28-48d2-8aa3-b65955287a9d",
"deleted": false
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
]
chg: [gen] updated
2023-12-14 14:30:15 +00:00
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
}
Reference in a new issue Copy permalink