misp-circl-feed/feeds/circl/misp/3410ad13-ef34-48c9-bc6f-b1b111a30e06.json

771 lines
7.4 MiB
JSON
Raw Normal View History

2023-04-21 13:25:09 +00:00
{
2023-06-14 17:31:25 +00:00
"type": "bundle",
"id": "bundle--3410ad13-ef34-48c9-bc6f-b1b111a30e06",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:24:07.000Z",
"modified": "2022-06-23T13:24:07.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--3410ad13-ef34-48c9-bc6f-b1b111a30e06",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:24:07.000Z",
"modified": "2022-06-23T13:24:07.000Z",
"name": "OSINT - Russia's APT28 uses fear of nuclear war to spread Follina docs in Ukraine",
"published": "2022-06-23T13:24:54Z",
"object_refs": [
"indicator--a2b0de0e-0e43-4d68-8260-8dbe7ead5974",
"indicator--76e69d5a-606d-46d8-a86b-85d37acaa083",
"indicator--4a4402ed-6eaa-4d60-a9ec-583a0dd055e0",
"indicator--28df2d44-32c4-49c9-8278-4b0166168f37",
"indicator--d80ef005-49c3-4954-80ba-4e8464676148",
"indicator--0256873d-b87d-4ac1-bd36-eb0729c0a837",
"indicator--8e8a18c9-e530-4225-a4a1-e5a0f662b14d",
"indicator--a93a3baa-3e24-4012-9589-564cb41b570b",
"indicator--70ba861c-a09a-417d-bd38-591fff364cce",
"indicator--71b683fa-9b57-4956-b6ff-3a65625e6da4",
"indicator--9b0ae517-772f-48ed-bfca-362cf0319f72",
"vulnerability--ce610b88-badf-44db-993c-86a7a97a2cc8",
"vulnerability--f793c30c-02de-4e84-8494-e06fc3013958",
"x-misp-object--ef1b6703-890c-4019-b137-efa8b682371b",
"indicator--b15f8aba-033f-4669-a02d-eda7a7c03e07",
"x-misp-object--afb7dae5-8291-437f-b353-fca9c4a10258",
"indicator--ed37f367-ef0e-471c-8635-9067d7dd01e7",
"indicator--522f93b9-5306-4866-8983-1ed7fdabfecf",
"x-misp-object--7928bdab-a27f-4dbf-8a5f-68cb84400261",
"x-misp-object--b96756a1-2717-4426-95ff-3332fe2ac70b",
"relationship--b480c86d-c42e-441a-b1b9-34561bfc696f",
"relationship--504289ab-b814-4a9e-9d87-515c1cb305b8",
"relationship--8b5b7512-b45d-49cb-b4df-7cfaf26f2328"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"misp-galaxy:threat-actor=\"Sofacy\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"misp-galaxy:target-information=\"Ukraine\"",
"misp-galaxy:country=\"russia\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a2b0de0e-0e43-4d68-8260-8dbe7ead5974",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:08:58.000Z",
"modified": "2022-06-23T13:08:58.000Z",
"pattern": "[domain-name:value = 'www.specialityllc.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-06-23T13:08:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--76e69d5a-606d-46d8-a86b-85d37acaa083",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:08:58.000Z",
"modified": "2022-06-23T13:08:58.000Z",
"pattern": "[domain-name:value = 'mail.sartoc.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-06-23T13:08:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4a4402ed-6eaa-4d60-a9ec-583a0dd055e0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:08:58.000Z",
"modified": "2022-06-23T13:08:58.000Z",
"pattern": "[url:value = 'http://kompartpomiar.pl/grafika/docx.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-06-23T13:08:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--28df2d44-32c4-49c9-8278-4b0166168f37",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:08:58.000Z",
"modified": "2022-06-23T13:08:58.000Z",
"pattern": "[url:value = 'http://kompartpomiar.pl/grafika/SQLite.Interop.dll']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-06-23T13:08:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d80ef005-49c3-4954-80ba-4e8464676148",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:08:58.000Z",
"modified": "2022-06-23T13:08:58.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '144.208.77.68']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-06-23T13:08:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0256873d-b87d-4ac1-bd36-eb0729c0a837",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:09:32.000Z",
"modified": "2022-06-23T13:09:32.000Z",
"pattern": "[file:hashes.SHA256 = 'daaa271cee97853bf4e235b55cb34c1f03ea6f8d3c958f86728d41f418b0bf01']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-06-23T13:09:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8e8a18c9-e530-4225-a4a1-e5a0f662b14d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:09:32.000Z",
"modified": "2022-06-23T13:09:32.000Z",
"pattern": "[file:hashes.SHA256 = '2318ae5d7c23bf186b88abecf892e23ce199381b22c8eb216ad1616ee8877933']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-06-23T13:09:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a93a3baa-3e24-4012-9589-564cb41b570b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:09:32.000Z",
"modified": "2022-06-23T13:09:32.000Z",
"pattern": "[file:hashes.SHA1 = 'ebb0e34f44089fd4cc750b5fe0dcc14f6bb85a11']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-06-23T13:09:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--70ba861c-a09a-417d-bd38-591fff364cce",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:09:32.000Z",
"modified": "2022-06-23T13:09:32.000Z",
"pattern": "[file:hashes.SHA1 = 'b1847c89143fad810b7a3686296b9c1e91ad087c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-06-23T13:09:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--71b683fa-9b57-4956-b6ff-3a65625e6da4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:09:32.000Z",
"modified": "2022-06-23T13:09:32.000Z",
"pattern": "[file:hashes.MD5 = 'eafa11070f213f16efc030f625a423d1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-06-23T13:09:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9b0ae517-772f-48ed-bfca-362cf0319f72",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:13:27.000Z",
"modified": "2022-06-23T13:13:27.000Z",
"pattern": "[file:hashes.MD5 = 'eafa11070f213f16efc030f625a423d1' AND file:hashes.SHA1 = 'b1847c89143fad810b7a3686296b9c1e91ad087c' AND file:hashes.SHA256 = 'daaa271cee97853bf4e235b55cb34c1f03ea6f8d3c958f86728d41f418b0bf01' AND file:hashes.SHA512 = '68a084c9a6dee3c315181c97e661454c61b442539f4875136828a87beef40ffff79a7f7c5df549890ce42ed636fa4404e673877379b849cd0e4e6c2ab2642d0a' AND file:hashes.SSDEEP = '6144:UOjcXgk3fb0pZmtcQPbfUNnweoafhcdP19F9vQZ/y7dmMcnFn5iQiM8poFDNsGrO:Rm4zmtVbC6P19Fa67dmxl5iNGFpd/LA' AND file:name = 'daaa271cee97853bf4e235b55cb34c1f03ea6f8d3c958f86728d41f418b0bf01' AND file:size = '411760' AND (file:content_ref.payload_bin = 'UEsDBBQACQAIAH1p11R7Dj7Rlz8GAHBIBgAgABwAZWFmYTExMDcwZjIxM2YxNmVmYzAzMGY2MjVhNDIzZDFVVAkAA55mtGKeZrRidXgLAAEEIQAAAAQhAAAA2hz31Qr3XsTnJgaPBw/BogL5ycjZX8fueSBAKB6yO4wWasoNNc6ZIbUL2MxuEZIzq77MWGq49XS7norpSpgQqCebhj4LKOJljOkhxKpIHmqDDLFwVW2e8kR9lfETMs/ARgIP5o99oD+nGkyspECLlutyH0YtUeaIjO1M6PrvIM5tzLKIs74UJz29fqHxYgKn7G0H0ZdAQGu0KGX2wVwC70lgrXTQHi+9kqvrxmg8iMC32jz0aIgz8B9OCduihy0wwG0DewxjT46sG6jLtSp0ra5J2djpxxc8Qtvzg6F9xryMAg9NRC711Uo3qr4S2yC6qGx3YxmVLQXOjXjZTBSYtfb3+FLBENzGDEkgjSdDVb53gH0qNJXdpi5K2iQknggDvj4hULRwhkNAEXs5htkHq9mo2yr38PyzMLp2JLTQ6I4MW5XAIbABqgHJirpRXMKDfXGGN+6cqIgH6LwtKZA06zBgp54L1uHxLG5VR82h2vCXjfrFbuZw1tPDmc2CYI+pZo6rvBVTwVTK3OKnuKGQhYvywGRIp8X6jiUiMosY7qvyZFukom18rhD2tDaxZhUlxjXx2/Y0M21Re24AYIHH1ViODePgjmqJkeg3b0O5oLaDRyMj+zoKrRnau2tO+zfyYO8jls8zJ/QS6MGIZBlEtTSAZ8uZ9lugevVwNy4Vs1Azp87wEJ6vvyMjPm6/48qWw7pbMmh00kKqtUI/bqiUAE+rmo+Xt1mbXced5fiK8CvBDhbY19aikhYlofIKVi9/wc1jbHsqEp6vC4lyBpzVccecd9Uw6ZdHhJkHY/fMI/JnZ+k7cgxGtm/FhpqTowBbeFhPAHwonRZoxFvFXobSN560VDcxqtxf13FB0RsrG4eOo59hR7ZmHsrG8P5lnpzWEoA4GjimJx7rMoV03mFdgrnNZ20LEuguw6ybq9x5PMyNiYid861hdnd5lxpLub7UxBfKO/GpJkzRtNQYqQcbhQHf9P1ObGSUOwrAT2J/+f77xSQPIPgx/6tPTXPKu9H/Ig/tdFYDZCXRj3kxodkvtliGmO6XZvM5QmaPMZTaa7jCOnRGh3YLsPZSoBl4/6Pt4NtIEzUrVdc0Y+4p0kIGiZMOEhJKU62VItMixsTjalYEb+5D5LuWv1FBcsZ3o+J7/BsaiH+l7HgO3DMU1ygGu8BR1GeTPMrdTGlnuNwKemzAR9VGYZpRnxE4MyYhzrpd+HgYSL0kNuMNz3IxxfXLe7u0RwJGNNUDGpBaD5HaUHcMYsnSRM0EkhZ5fLpqFXrTVml7xACFAxCXaVgYTOm69sSlF/KVmxrEosmFCrZ7d9bqmRV1DTm96PlRHtXXlQTjwbWSdTOjO179n969yV5Bxyp+mEBaSzOFHmkWjJFTutWC5A3qsoI8gbyQxF1zBlXzcMcJG9dnMA1A5mGX/2uW6LAr9V113DMe+JAAV3Y4zmyvv+ZPAMqKPmaK+Zol8TlokvalvMIFGivju3VfdYK1Yie8OIMvRUqN66Ke3+lnSKyVx1eKAybk3/KKuMJ4s82pTiNY060Y+5CQxA6qBZBkIn3uN9dtuMaj0XWzi0bhAAsNAzF3w0a0HCdYA0My4Jwh1llPK3ESnOmomsKK0eaNSZo+v766WL6izruYUxw7z6qshxLjX+voHhRT7fGfJMeV4v/LYivgjcrLitW5FMnPZr/5t8rwP+hACKSqqo6K2mhQcJS9XUuyslpY3Bs7VPKS7nJFERuwbBb/mvF3+Qc9GZc5BZCiudzc4PPHR9otbLFLGTbOnxKKeODqhfSxgp8DgMC24EdJ9dlfJpl8QQm03HbpsnTYjOCaefa5iK2/3/amQZnA3LfB6N6minhlprMamxA4+LnLZkAVhauqKSRPvMezqz7bP4AHuAW65N4Z+g20WHjpt2jkGpqmo01s+f24iI74eq01WrG7WaZKdon/qsI2Cijwlv6VoxCoF8xB1TBlnJrqo5ynUPPOcdcBVZVtZr3c+VpsGgqqguSPiRXvMCt4Sb2LvTVn9oxIRIU675Nb1KxKzTJ3kq4G7veqRlQ3nJcnB/doBt5yczS3d4lsuGl8eK+elaYxcHxexra/xWvFFT1Tr9UNXZ/E5q6VZHc+60/MMGRuUp6eVfeoiRWzAwnGk6e2+mfN09uVQTv0EUkZc01v5Ezlu3GEfMk28R3U8qFhq98PXXRiD+eTLfc7Wps/PwQNAEwpyALsQjJKMzKtGHgv6IAGarIC3tenqjLFyOVuqRjLdDwLDso/x6TO9YlSfK1QyhC5jglSBqR2sAy7fXE0KWp7WVuxENpdJvLl0UC3s0fY07pILaUZYVu89aAP7eVLTF9RH8VQnpcf8lcEq2NjC0SlxjMvRpOF17yRYrFt0kio5MWCA7qOpmr4kgN6O2N2B4pMiEbZRFWanC2aVeRWyyke5ehXRoy1Ttya4J5JIZpqhgjNGZs2tfkAC7ov9qwECB2nzK8yJfRRKJ5vgf7nYvz7ss/CxGlpoAUmy6AXj5hMrGg8kBAMqoc+2g8zVuS5bB2/mj8EVNuqJ8a0Wvjkx3/r91XLfoVxt1rNVVAAJKRacfe1E/byJeL8DflbvVe0cv/H4c0BgnstWYkINojLyNRTsmy74i9vMkURhFMCB/HmSOq+Gpo8AHMuOohyyoeumyRtROORIcBPSmdXhYhJEWn2D7+RfrxPymIacQVidZeI+U0TcyGWdlDsbpniXCYvpGxvaNqFRxXoJQzSO3h243ctaSNtddD9iE5y79RsU0I7MRjEMU+aOaHEz+rlfwxAceNm72lDU1WXiTavlfrKN2IfwzfGqb/KfHrCazk9M6u8GI+xbw2mvgEqjkjEZikJHLuZT4he4D3PoIEFs/pep7kEVEa7cD3rvdz6Pcj9mqwDkKvCQsZunkT5jdAIdcpPONUgBSdAQBBtTgqtuJFjAPx+q+IVAaDqXgjATIExin8xGMhPwtRA40kY+8brFeLGktIAPYi+AE3vH55FJqgxlgNa4wa5WTQhPvoXHrDXne1XUCw+g70QXI0ygS3iwu3V/mqT2YNBP2I6gWnyy6EyslQJnt/9t9v1vL0dQhvpD3O92ZZghsnP05S4obALO9GXbMEr3TZa/z+OD2sv84J5909IjMQme/57fLvwj+0snS/gwAxpP+XlqdvNIeOwOakpvkq4fDfP3yEtQhJ9CXQVynpI9fe69TohYje1PP+/oVmKfPe8uQaPvo7zqjtYy3QHTPATFG2kAfR7y6pcS9sxJ1wCYnQiutZeU/GIYRQYqi6W5lXUyfki9oqQsFiJNzlpHISJT/w1/DiPDw3gt
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-06-23T13:13:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
2023-04-21 13:25:09 +00:00
"type": "vulnerability",
2023-06-14 17:31:25 +00:00
"spec_version": "2.1",
"id": "vulnerability--ce610b88-badf-44db-993c-86a7a97a2cc8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:12:55.000Z",
"modified": "2022-06-23T13:12:55.000Z",
"name": "CVE-2022-30190",
"labels": [
"misp:name=\"vulnerability\"",
"misp:meta-category=\"vulnerability\"",
"misp:to_ids=\"False\""
],
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2022-30190"
}
],
"x_misp_state": "Published"
},
{
2023-04-21 13:25:09 +00:00
"type": "vulnerability",
2023-06-14 17:31:25 +00:00
"spec_version": "2.1",
"id": "vulnerability--f793c30c-02de-4e84-8494-e06fc3013958",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:13:08.000Z",
"modified": "2022-06-23T13:13:08.000Z",
"name": "CVE-2022-30190",
"description": "Microsoft\u00a0Windows\u00a0Support\u00a0Diagnostic\u00a0Tool\u00a0(MSDT)\u00a0Remote\u00a0Code\u00a0Execution\u00a0Vulnerability.",
"labels": [
"misp:name=\"vulnerability\"",
"misp:meta-category=\"vulnerability\"",
"misp:to_ids=\"False\""
],
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2022-30190"
},
{
"source_name": "url",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30190"
},
{
"source_name": "url",
"url": "http://packetstormsecurity.com/files/167438/Microsoft-Office-Word-MSDTJS-Code-Execution.html"
}
],
"x_misp_cvss_score": "9.3",
"x_misp_modified": "2022-06-07T18:15:00+00:00",
"x_misp_published": "2022-06-01T20:15:00+00:00",
"x_misp_state": "Published",
"x_misp_vulnerable_configuration": [
"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*",
"cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
"cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*",
"cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*",
"cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*"
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--ef1b6703-890c-4019-b137-efa8b682371b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:15:31.000Z",
"modified": "2022-06-23T13:15:31.000Z",
"labels": [
"misp:name=\"report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "link",
"value": "https://otx.alienvault.com/pulse/62b44a9d13580736f8547cb8",
"category": "External analysis",
"uuid": "195fe785-cea5-4b57-ad6b-5a37125fd4d0"
},
{
"type": "link",
"object_relation": "link",
"value": "https://blog.malwarebytes.com/threat-intelligence/2022/06/russias-apt28-uses-fear-of-nuclear-war-to-spread-follina-docs-in-ukraine/",
"category": "External analysis",
"uuid": "db051bd7-c0f7-4f7d-8427-af2c358b133c"
},
{
"type": "text",
"object_relation": "summary",
"value": "In a recent campaign, APT28, an advanced persistent threat actor linked with Russian intelligence, set its sights on Ukraine, targeting users with malware that steals credentials stored in browsers. APT28 (also known as Sofacy and Fancy Bear) is a notorious Russian threat actor that has been active since at least 2004 with its main activity being collecting intelligence for the Russian government. The group is known to have targeted US politicians, and US organizations, including US nuclear facilities.",
"category": "Other",
"uuid": "3eaa5829-6bf0-4e60-aca5-4727b688094e"
},
{
"type": "text",
"object_relation": "type",
"value": "Blog post",
"category": "Other",
"uuid": "7d9f1e05-13bd-433b-8f86-b0be6ae7e46f"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b15f8aba-033f-4669-a02d-eda7a7c03e07",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:17:45.000Z",
"modified": "2022-06-23T13:17:45.000Z",
"pattern": "[url:value = 'http://kitten-268.frge.io/article.html' AND url:x_misp_host = 'kitten-268.frge.io' AND url:x_misp_scheme = 'http']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-06-23T13:17:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "network"
}
],
"labels": [
"misp:name=\"url\"",
"misp:meta-category=\"network\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--afb7dae5-8291-437f-b353-fca9c4a10258",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:18:54.000Z",
"modified": "2022-06-23T13:18:54.000Z",
"labels": [
"misp:name=\"passive-dns\"",
"misp:meta-category=\"network\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "rdata",
"value": "18.133.249.238",
"category": "Other",
"comment": "Result from a rrset lookup on DNSDB about the hostname: kitten-268.frge.io",
"uuid": "98e360e9-9169-4516-91b1-401cfe61bdc4"
},
{
"type": "counter",
"object_relation": "count",
"value": "88",
"category": "Other",
"comment": "Result from a rrset lookup on DNSDB about the hostname: kitten-268.frge.io",
"uuid": "7cf96d0a-33a1-4b05-8cee-cfe62e822f38"
},
{
"type": "datetime",
"object_relation": "time_first",
"value": "2022-06-20T20:54:14+00:00",
"category": "Other",
"comment": "Result from a rrset lookup on DNSDB about the hostname: kitten-268.frge.io",
"uuid": "8784a4e4-1f09-46e9-bc88-73d566ff75ce"
},
{
"type": "datetime",
"object_relation": "time_last",
"value": "2022-06-22T22:48:01+00:00",
"category": "Other",
"comment": "Result from a rrset lookup on DNSDB about the hostname: kitten-268.frge.io",
"uuid": "725264e5-1243-4704-bc0b-d0bab4b52cc9"
},
{
"type": "text",
"object_relation": "rrname",
"value": "kitten-268.frge.io.",
"category": "Other",
"comment": "Result from a rrset lookup on DNSDB about the hostname: kitten-268.frge.io",
"uuid": "759965a9-2e71-4624-8502-375fde6db497"
},
{
"type": "text",
"object_relation": "rrtype",
"value": "A",
"category": "Other",
"comment": "Result from a rrset lookup on DNSDB about the hostname: kitten-268.frge.io",
"uuid": "c3f15a92-140e-465d-9b52-9474a4e3fb55"
},
{
"type": "domain",
"object_relation": "bailiwick",
"value": "frge.io",
"category": "Network activity",
"comment": "Result from a rrset lookup on DNSDB about the hostname: kitten-268.frge.io",
"to_ids": true,
"uuid": "dec1d9bb-8d79-467d-956d-45a903872581"
}
],
"x_misp_comment": "kitten-268.frge.io: Enriched via the farsight_passivedns module",
"x_misp_meta_category": "network",
"x_misp_name": "passive-dns"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ed37f367-ef0e-471c-8635-9067d7dd01e7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:22:51.000Z",
"modified": "2022-06-23T13:22:51.000Z",
"pattern": "[file:hashes.MD5 = 'd3bddb5de864afd7e4f5e56027f4e5ea' AND file:hashes.SHA1 = 'ebb0e34f44089fd4cc750b5fe0dcc14f6bb85a11' AND file:hashes.SHA256 = '2318ae5d7c23bf186b88abecf892e23ce199381b22c8eb216ad1616ee8877933' AND file:hashes.SHA512 = '2905af78720fccb1167811b871d0509a6200c9cdc920409c337d30bf89e0be9c77195919e59e67c39dea0f8881d64f272825434e9e9a546df1b74451ee1e13a6' AND file:hashes.SSDEEP = '98304:TtClVkoOSfJNp8FUcwti78OqJ7TPBLYVrsk9N8ivyhAdsPSQx3UGgdN:TlobhH8FUcwti7TQlgVN8iNIShN' AND file:name = '2318ae5d7c23bf186b88abecf892e23ce199381b22c8eb216ad1616ee8877933' AND file:size = '5433824' AND (file:content_ref.payload_bin = 'UEsDBBQACQAIANpq11RQasvV4PJRAODpUgAgABwAZDNiZGRiNWRlODY0YWZkN2U0ZjVlNTYwMjdmNGU1ZWFVVAkAAytptGIrabRidXgLAAEEIQAAAAQhAAAA2YnhGEtNGiRd8/4jFWtf7Me25N1MYX/bAX2I23so56PaJOeaKb4Vdbggy840MCJxPsZu3zfUd56grku5oRW7c/WQ/iGPNQgHJsbEz/O7lw66zCaKzOls/hPrEz281CxCfLIQt3kQA7ZnTo4FTsUDtsYgTjwE5z8z11/+UB3/fNjt7KVCsn+j9LQYkopDxwH+wrNHGRtfkVrTpthT9c/1AOQitw9rdz8ZhWtWd/3QXJc3R7wkmQ6RoS4FRykblm11l98kTXne1C2P+/ZnQwlZtC8mF+Uz1bXOxr+kopS0YqXdJ9vaPSmwitIh2MEKv2O0ntE/OhhkKnkprvdpJMNFGd/+T4X0Bb+IsX3HYzpFY+6jLFeaVALkdb+/fHG5pEHpgv/vl85EjPIdH/fweX+3T2iGQFOXzqS3zzzQIPkl6qK1HHxGdg77SjpKlcY7X/igxM4Mcina9BM1EGflyDqkVa2pYONygcJ3afVqaM/ajMcLIFXNcl8802lFgNMPdRtXy2OV8nXu5E10PAJHb5eid7vq3ebazGM3Y2hejeDxTJZ5zKEiLnpD6IpYlfJClMJL22McQyTgTWa7KaGQNhz9uJ0Tfiw/CFAHuy2qtb5F55EzPmOFscNopu4egbXgpPW8oybI+7wzLY7eYCRt8ngnQpimATfGhEVgs5f9IH2frCZIyGqy3mxVa9rTTEOSAkfC8I0xsB1nStaCgOrusYidlYwKbnNU5a9z0F7EmCJFFxtuZkdkg79K15ohJXUENP/MHkN8YAd1LRQ5sB/yU9FF3xeU7iMBdGPUEYLgMjnZayJGhrjUcUkh1FNZhDRBGMBAEJ6TXCb0hAMXiaDXRQ/+fZGyw7ACMt9+tHqDpZjyPmOzWYJ9y8U/AO35pFVlpi1K1yMUffBEkxu3N1D1I50lP8C7n428nfe0bSmoClz5B6yfZxLO/piJEN1fFozsPK802M0M6dYuXUzgNVbTTn5FDtPySHt9jVV9i7IiQr7uOgZTr8aEAcGS9cr2cx38rKwzkZ3B2edPCKPznaUUyO52YPpzJKTmR1slEXyabQFUvH+PHhRYcyuGU2H/BE0cr1UzLI1VMZrXzErX6pqaURzUZ1v2aO+SWKucp8gP6HI8spDEAOpkLngxXHynZZ4mQJYBCXbqW4cIbRJe7kAfNyIYYvrQaaWghuR3VYwuNClGLXy0X1LSh8WluWve/0J5XGml/XWcY5OcuSyPnkVUey2s/nsAjuKBSJUAymOmKJGju1GkSiGHXruwlIQ3ZjU1fAU6x1UPi0aw0gBOTVlLp8Ow173JD1emutuCl2rb9EnZF7ggQ/AVuuHWcQ+8Vq9FT0+HgbZb+x+G1JTBHbkRYCeYSwrw0dRYMeXzkaFbTMicGeITAvcEyFkOVuNJkcq8yTsMDdfeXDFrwys1WSIXjgVEtmLu0klE3n5mJHtYg9xtfMqLgZMMNCamIQEOdmVUP6LKVInocBfkMgJQxcPoZpxAcq0iaUmET4WKwIYxFRLFB9VPGmuhra0Y2wGhcy5PAel3lJXAUhu+SkPiC7J4Ny8gioZ4L6UhpFSqd5s2iMQWwl1gg/NGHPpEwc7UEoHk9J1JIyyINvPDU2XM3jWkQdWvFfx4/3woeKTPmQV+t1l0RIgrKTTG+Q47xg/CvR4xkLWwhzV3zBNJCqbCE7aOjtKJJgIfKaDXE9SR0vCtEJWKSQ+SeRcZlaG8/cHobOYMy8xsY0Canaz5o0GyGDm9NjHxpAT2ild43D2WUtfwxnh57625QvIhrlRktKhOXHbPIHFVZ89gOh8Lg2VjMbQAWutSkTMJRnDVbAOhd17HJYngVoBt9L7fqty8llPAffoi0gb6nA8op7Bg2zIfodjyy/OSScoJseR7bgsruMsCXL8bmhlLLdpzk5WMCClhM+yOnDw/c9csIszadkb3HUCxTsb22JigBdsfX8m9FgALAI3oseMz2v567an4CgbT9Nl5HqyJlDCfd5Xe5cJaZngPDtVxYwsj3+/NEDj2fmVQIPVzU70avlcs9j9GQQuD1bt2TFCGwviDg3dUZfd+/NQ8Tzn9mt0t/P6mnez5n3btEG1fCre8BTQtvq/mA1O83KRY21lpJGKJ1dKy0hAsLhPzUljxDtJmKrKC8axWOv0lmA7r37ApaJ7vi/QTMj068FRrdT3xmDx51Gh4ffTHWfkX4zjpKzeWIAwFm3N/1tg13yZWj0FNAdj9u0VJTyuC1TMOy6w5/kWxPkm29JuQtGIeypKB4G/SJ++98PoNOpj/t6e7oB0L3QgvoW9j2ZiHrpGdo1swXd5rTEHffXpaQwuodcrX/x+3v1BXJZyrYyNjZ8vwgJ2BckZmlz9lBdTpgd1pATu5/NBuLVW2TSWqAAw72FwwOgqT/3UPsG91xDz8lrmRX+wD9bhjkHl20BQ2HFOpbahUrTkMz14lFWMZtRawg9fZyt5jY9GWvnFDKqWmjkvs6G+OF87OJbYEB9ysijGrFfKjjbaF4ex1arTxIShorQ+YDbD7C9maJ2JbrKmlaOrwQTyzT7AnB86Tw/JN4AaghmDit0IFfZ6eHfknRwOTgSLjMRcmAyCm8BdNiZsPAT/pJvkoriZyyjaGdFTfKdmgPwGtZgVcDsgKjcZod4Yw43ShJB4tUm/AG2SCOc7iEMCCsaRMyPyJcQK7WFuYnMjJZt/QcQ6MsHezuaq3EC2fX7h0n02ddlH8RwqsFwdn/1+Y+2jKk7wSY3eQvQroJq44SD+fj+S91C4G2fad0u7NE6Wh3XUIc+FWwSAhVR/l18E3xEgAxqUw7NZxMPnYV7RqabuA19SfLiUy30O85HKheFFytMRW7Ut0qu/jPWUIuenhK8hg4f4P+Y+MLOsGFSUTZVWQRMNnEY6LqKT9NmROR1Ixoqo+cP91TTsZ7gRYrJ+Uu4Cw2gI5L+Os+7hZ+f1iPWRKuKswLuu2KZUMQPQmyQf4qDxzoqzVtJqm9Zp2JmONUIRubEXPvDrPYe3+DIvgA96m5eE+W6ZGi0WdIc9X2AwLiI3y0WrJRCqFNUQkj8hRxiaVcfU3QSbPSsG1SQgsiVD+M8VIQv9yssAORldhTikSc1KL7X8nAiWssp1xIkMzK9xOB4vZ32xHCI9vGjDvpAD+/hxUSIodAY0Vzo+DvNdLSIO4vHWMLvRLzFnf1YzIoahjMRHWJLTw1wmqKk42nnY9oSm7we/aA7+84pIyFAa5AcUcs4eLBZmc/ipJ3jZx+gZq+SmKkIOoG/QTMw3LL5SHZHAIvfGJ1ventM7oEBESG/hA02J+XBprYl/xnBuSXLio9jUSrSHFAd5C
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-06-23T13:22:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--522f93b9-5306-4866-8983-1ed7fdabfecf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:22:51.000Z",
"modified": "2022-06-23T13:22:51.000Z",
"pattern": "[file:extensions.'windows-pebinary-ext'.number_of_sections = '2' AND file:extensions.'windows-pebinary-ext'.pe_type = 'exe' AND file:extensions.'windows-pebinary-ext'.optional_header.address_of_entry_point = '4194304' AND file:extensions.'windows-pebinary-ext'.x_misp_compilation_timestamp = '2048-12-25T08:35:47+00:00' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = 'docx.exe' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = 'docx.exe' AND file:extensions.'windows-pebinary-ext'.x_misp_file_description = 'DocumentSaver' AND file:extensions.'windows-pebinary-ext'.x_misp_file_version = '1.0.0.0' AND file:extensions.'windows-pebinary-ext'.x_misp_lang_id = '000004b0' AND file:extensions.'windows-pebinary-ext'.x_misp_product_name = 'DocumentSaver' AND file:extensions.'windows-pebinary-ext'.x_misp_product_version = '1.0.0.0' AND file:extensions.'windows-pebinary-ext'.x_misp_legal_copyright = 'Copyright \u00a9 2022' AND file:extensions.'windows-pebinary-ext'.x_misp_entrypoint_section_at_position = '.text|0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-06-23T13:22:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"pe\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--7928bdab-a27f-4dbf-8a5f-68cb84400261",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:22:51.000Z",
"modified": "2022-06-23T13:22:51.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "name",
"value": ".text",
"category": "Other",
"uuid": "130d01c8-7940-4d92-830a-25849d5c70a1"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "5431296",
"category": "Other",
"uuid": "4f5a4c0f-f701-4c85-ac6a-cce4213a7c3b"
},
{
"type": "float",
"object_relation": "entropy",
"value": "7.9973059211035",
"category": "Other",
"uuid": "e10ecd13-58b1-4312-892e-a8299fbf7721"
},
{
"type": "md5",
"object_relation": "md5",
"value": "2320acc1bfdb7507bd655f7c3753c2e4",
"category": "Payload delivery",
"to_ids": true,
"uuid": "8d1d3e44-824d-4e84-b4e3-b78c3b8035e0"
},
{
"type": "sha1",
"object_relation": "sha1",
"value": "cfb20c4dbf2de009a1dccac68a4c822d02f7ae94",
"category": "Payload delivery",
"to_ids": true,
"uuid": "02780d4c-5d17-4f53-aa7c-97fec37218f7"
},
{
"type": "sha256",
"object_relation": "sha256",
"value": "5653418e1ea815c908243332a9a7a82e0e0767a202899a2008ca2c21dc11861b",
"category": "Payload delivery",
"to_ids": true,
"uuid": "1b752e3f-3d00-49e7-9517-e5ee045dc559"
},
{
"type": "sha512",
"object_relation": "sha512",
"value": "40b94a92923116d9b4b3886c4b10ab6979f8e4be238403bb169d1ec3c116d6fabc61ae776eb5cf0d09fe78911bb9f6bdcf27b7630f7559ae7597aa092b2087e1",
"category": "Payload delivery",
"to_ids": true,
"uuid": "36c30f7f-6642-4701-83d2-cb7bd7bb8a2a"
},
{
"type": "ssdeep",
"object_relation": "ssdeep",
"value": "98304:gtClVkoOSfJNp8FUcwti78OqJ7TPBLYVrsk9N8ivyhAdsPSQx3UGgdv:globhH8FUcwti7TQlgVN8iNIShv",
"category": "Payload delivery",
"to_ids": true,
"uuid": "21f3823b-6089-477f-a4b6-80f18758f545"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--b96756a1-2717-4426-95ff-3332fe2ac70b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-23T13:22:51.000Z",
"modified": "2022-06-23T13:22:51.000Z",
"labels": [
"misp:name=\"pe-section\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "name",
"value": ".rsrc",
"category": "Other",
"uuid": "650e7117-6687-4118-9e47-1420017e8427"
},
{
"type": "size-in-bytes",
"object_relation": "size-in-bytes",
"value": "1024",
"category": "Other",
"uuid": "4c15abcc-00cd-4f4c-be47-9162eefd5d92"
},
{
"type": "float",
"object_relation": "entropy",
"value": "3.1296610663897",
"category": "Other",
"uuid": "315d59a8-d965-4719-a68d-da99cda8d3b7"
},
{
"type": "md5",
"object_relation": "md5",
"value": "5e813a8b2d0cb12dc8e7fc43e0149395",
"category": "Payload delivery",
"to_ids": true,
"uuid": "68229cd9-a73f-400a-8b2a-1a52df879c9f"
},
{
"type": "sha1",
"object_relation": "sha1",
"value": "bc5083093539e54d748dd602eb0571ee5656744c",
"category": "Payload delivery",
"to_ids": true,
"uuid": "57ae40a7-972b-48d2-b02a-c82973619c87"
},
{
"type": "sha256",
"object_relation": "sha256",
"value": "6b330540046cfcc9d62b17ffbe2c15d5b6c7854a0ea16842cc99a05bb189fb78",
"category": "Payload delivery",
"to_ids": true,
"uuid": "03bfee90-3ca0-4083-9972-fb21c9cdc32f"
},
{
"type": "sha512",
"object_relation": "sha512",
"value": "cd573468335c18df128bdba83002a71e275c8a1daed1cb2edbf4f0b919b593503b6898cf81b19afabb8aa40509f37099a50ef4bab0236848f63dbc8031f2d816",
"category": "Payload delivery",
"to_ids": true,
"uuid": "c9d09084-096a-42d8-b1eb-d81bff2be279"
},
{
"type": "ssdeep",
"object_relation": "ssdeep",
"value": "12:Es9cmi3n6EtXRAHC5YArJyE60NaUGiq+jZAiN5prynthXF7YnqqD63JaMKPN5alQ:9cDR0EytrgjZhN4XFSD63fKPN8q",
"category": "Payload delivery",
"to_ids": true,
"uuid": "b3a6765b-22db-460b-b26b-a0909267750d"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "pe-section"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--b480c86d-c42e-441a-b1b9-34561bfc696f",
"created": "2022-06-23T13:13:27.000Z",
"modified": "2022-06-23T13:13:27.000Z",
"relationship_type": "abuses",
"source_ref": "indicator--9b0ae517-772f-48ed-bfca-362cf0319f72",
"target_ref": "vulnerability--ce610b88-badf-44db-993c-86a7a97a2cc8"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--504289ab-b814-4a9e-9d87-515c1cb305b8",
"created": "2022-06-23T13:13:08.000Z",
"modified": "2022-06-23T13:13:08.000Z",
"relationship_type": "related-to",
"source_ref": "vulnerability--f793c30c-02de-4e84-8494-e06fc3013958",
"target_ref": "vulnerability--ce610b88-badf-44db-993c-86a7a97a2cc8"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--8b5b7512-b45d-49cb-b4df-7cfaf26f2328",
"created": "2022-06-23T13:18:54.000Z",
"modified": "2022-06-23T13:18:54.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "related-to",
2023-06-14 17:31:25 +00:00
"source_ref": "x-misp-object--afb7dae5-8291-437f-b353-fca9c4a10258",
"target_ref": "indicator--b15f8aba-033f-4669-a02d-eda7a7c03e07"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
2023-04-21 13:25:09 +00:00
]
}