misp-circl-feed/feeds/circl/misp/56864321-e4c0-4a50-b7cf-1102ee4c2808.json

1832 lines
241 KiB
JSON
Raw Normal View History

2023-04-21 13:25:09 +00:00
{
2023-06-14 17:31:25 +00:00
"type": "bundle",
"id": "bundle--56864321-e4c0-4a50-b7cf-1102ee4c2808",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:56:42.000Z",
"modified": "2020-12-30T13:56:42.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--56864321-e4c0-4a50-b7cf-1102ee4c2808",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:56:42.000Z",
"modified": "2020-12-30T13:56:42.000Z",
"name": "RegretLocker - VMRay Analyzer Report for Sample #1500977",
"published": "2020-12-30T13:56:52Z",
"object_refs": [
"observed-data--0d6149fa-7d99-43b7-9945-449c34054e55",
"url--0d6149fa-7d99-43b7-9945-449c34054e55",
"observed-data--1196afab-f33f-4bfa-87b7-dacb0f19f1de",
"url--1196afab-f33f-4bfa-87b7-dacb0f19f1de",
"observed-data--b47f9402-8287-47c5-93ec-7cbba8b5081c",
"url--b47f9402-8287-47c5-93ec-7cbba8b5081c",
"observed-data--66a9b551-e555-43f2-9716-55ec617d4bb3",
"mutex--66a9b551-e555-43f2-9716-55ec617d4bb3",
"observed-data--c0a3e8aa-1a13-45cc-bcbd-045aa63240db",
"domain-name--c0a3e8aa-1a13-45cc-bcbd-045aa63240db",
"observed-data--eb5ed5b8-1635-4ec6-abae-4c80efd17880",
"domain-name--eb5ed5b8-1635-4ec6-abae-4c80efd17880",
"observed-data--e3d57113-2296-4e3f-b871-0ac228405ede",
"url--e3d57113-2296-4e3f-b871-0ac228405ede",
"observed-data--939b73b1-0ac1-47a1-9ac6-ea1b312bbd0d",
"domain-name--939b73b1-0ac1-47a1-9ac6-ea1b312bbd0d",
"observed-data--9c61d329-ad4b-4ce8-8813-2086a0434292",
"url--9c61d329-ad4b-4ce8-8813-2086a0434292",
"observed-data--1726a7d8-2589-4985-ab3d-b8d0933a9854",
"domain-name--1726a7d8-2589-4985-ab3d-b8d0933a9854",
"observed-data--54e046eb-3dbc-4001-8e52-bb78aa43096d",
"url--54e046eb-3dbc-4001-8e52-bb78aa43096d",
"observed-data--b60efdd4-d26b-449a-a04a-454986ea4360",
"domain-name--b60efdd4-d26b-449a-a04a-454986ea4360",
"observed-data--015c0c28-8256-45bc-9588-e20cd7d75181",
"url--015c0c28-8256-45bc-9588-e20cd7d75181",
"observed-data--25c853cf-edbc-4141-b4c5-9a34fb100368",
"domain-name--25c853cf-edbc-4141-b4c5-9a34fb100368",
"observed-data--59c92eff-4581-4f5c-95c1-c37b0165ee20",
"url--59c92eff-4581-4f5c-95c1-c37b0165ee20",
"observed-data--31f77d87-72eb-47eb-a1cf-169fe11b227e",
"domain-name--31f77d87-72eb-47eb-a1cf-169fe11b227e",
"observed-data--dd085402-6038-4b45-8bb9-ffe3d850ca4f",
"url--dd085402-6038-4b45-8bb9-ffe3d850ca4f",
"observed-data--43e9ee4c-61ce-46be-b5ad-5fb45bcc1c84",
"domain-name--43e9ee4c-61ce-46be-b5ad-5fb45bcc1c84",
"observed-data--fc26844c-a53e-4324-899a-f38a118f0430",
"url--fc26844c-a53e-4324-899a-f38a118f0430",
"observed-data--937c7b3f-272a-46ac-ac14-1dadd6a30900",
"domain-name--937c7b3f-272a-46ac-ac14-1dadd6a30900",
"observed-data--b3babd8f-89fa-45d3-82dd-89d87dc38af0",
"url--b3babd8f-89fa-45d3-82dd-89d87dc38af0",
"observed-data--627c70a6-6880-4755-ab62-ac32ab4c920a",
"domain-name--627c70a6-6880-4755-ab62-ac32ab4c920a",
"observed-data--fcb3608f-a76c-4712-a42d-bc57002745ab",
"url--fcb3608f-a76c-4712-a42d-bc57002745ab",
"observed-data--d9be3c9d-1473-4e1a-a28a-e1deb0a490fe",
"domain-name--d9be3c9d-1473-4e1a-a28a-e1deb0a490fe",
"observed-data--d19d272a-0fba-4a5a-81ea-438a9b0c22c2",
"url--d19d272a-0fba-4a5a-81ea-438a9b0c22c2",
"observed-data--f7c244c9-61c0-498b-9ecd-5b45a9f828aa",
"windows-registry-key--f7c244c9-61c0-498b-9ecd-5b45a9f828aa",
"observed-data--0c999112-dd3a-4660-9ce4-1da25f63369b",
"windows-registry-key--0c999112-dd3a-4660-9ce4-1da25f63369b",
"observed-data--2c6e44ad-af7f-4860-8515-c07e11f0d73d",
"windows-registry-key--2c6e44ad-af7f-4860-8515-c07e11f0d73d",
"observed-data--2a26ccb1-3bc4-4d4c-9267-50f3e7cbad84",
"windows-registry-key--2a26ccb1-3bc4-4d4c-9267-50f3e7cbad84",
"observed-data--495ba099-2877-417c-a395-0b775e682254",
"network-traffic--495ba099-2877-417c-a395-0b775e682254",
"ipv4-addr--495ba099-2877-417c-a395-0b775e682254",
"observed-data--3a0b0357-d641-4bf2-ad0e-9d67e935058c",
"network-traffic--3a0b0357-d641-4bf2-ad0e-9d67e935058c",
"ipv4-addr--3a0b0357-d641-4bf2-ad0e-9d67e935058c",
"observed-data--c1ca2e16-9132-456b-813b-c9bddcc1ef96",
"network-traffic--c1ca2e16-9132-456b-813b-c9bddcc1ef96",
"ipv4-addr--c1ca2e16-9132-456b-813b-c9bddcc1ef96",
"observed-data--3d03ea7b-4b1a-4774-830b-bfeefcb2e767",
"network-traffic--3d03ea7b-4b1a-4774-830b-bfeefcb2e767",
"ipv4-addr--3d03ea7b-4b1a-4774-830b-bfeefcb2e767",
"observed-data--ddd9f951-eda5-421e-8408-1d8a21b790c5",
"network-traffic--ddd9f951-eda5-421e-8408-1d8a21b790c5",
"ipv4-addr--ddd9f951-eda5-421e-8408-1d8a21b790c5",
"observed-data--1ef6377b-4930-40fb-bbcd-082415d6548c",
"network-traffic--1ef6377b-4930-40fb-bbcd-082415d6548c",
"ipv4-addr--1ef6377b-4930-40fb-bbcd-082415d6548c",
"observed-data--04612a82-d194-4360-8cf8-6a21b880534e",
"network-traffic--04612a82-d194-4360-8cf8-6a21b880534e",
"ipv4-addr--04612a82-d194-4360-8cf8-6a21b880534e",
"observed-data--d2eb2254-d24d-4b17-a10d-9d92cfd44980",
"network-traffic--d2eb2254-d24d-4b17-a10d-9d92cfd44980",
"ipv4-addr--d2eb2254-d24d-4b17-a10d-9d92cfd44980",
"observed-data--e09020d6-d77d-4080-a7a4-210312a7900c",
"process--e09020d6-d77d-4080-a7a4-210312a7900c",
"process--eea27000-ec7d-48b2-a023-cd76aba10615",
"file--37201be6-55a2-491f-9de9-aa03d421f3b1",
"observed-data--14eff187-01c0-4492-980e-90baa5cd56a5",
"process--14eff187-01c0-4492-980e-90baa5cd56a5",
"process--756b698f-761d-43d2-9667-de6d7e3b716c",
"file--4b91f92d-bb8d-4bf2-b2d9-8081de4772cd",
"observed-data--e0a0c460-3940-4815-9a71-e4aa3a01a058",
"process--e0a0c460-3940-4815-9a71-e4aa3a01a058",
"process--d053a485-7406-40a4-be82-5939a32a96cb",
"file--420aa5ed-fd32-4f36-8b62-045b47035d6e",
"observed-data--9d0fadd9-70bb-4d31-a86b-b6995879f855",
"process--9d0fadd9-70bb-4d31-a86b-b6995879f855",
"process--e0c748b6-113a-4b37-83c4-1334e146eacc",
"file--a7dce264-f9b7-4d2d-804d-ad23561ac300",
"observed-data--ad1f0004-c221-4a19-8edd-d9f836b88ee7",
"process--ad1f0004-c221-4a19-8edd-d9f836b88ee7",
"process--5ac52658-6c39-4f61-a4fc-cf1ae023a0a5",
"file--5bc3957e-af3d-4a00-8644-734dd61418a1",
"observed-data--aeca75dd-8858-48c1-9773-a4f670e63210",
"process--aeca75dd-8858-48c1-9773-a4f670e63210",
"process--71b22502-3042-45f7-9bec-37ccc2015480",
"file--3f91250f-7fba-44e3-8102-3226033871cb",
"observed-data--8c814729-25fa-4f3d-9e74-f587c2676eb1",
"process--8c814729-25fa-4f3d-9e74-f587c2676eb1",
"process--a42909eb-6283-4c04-95ae-914a404df550",
"file--dc1d0063-99be-4cec-910c-aaa115c3adfe",
"observed-data--b9bafe60-a9cc-43fa-a541-2dfb16d3aed5",
"windows-registry-key--b9bafe60-a9cc-43fa-a541-2dfb16d3aed5",
"x-misp-object--ce8013e9-4d6d-48d5-82e5-190328228b00",
"relationship--ace6d13e-f7f7-4b41-8bd8-d2a3e1bedc58",
"relationship--baa3200f-9df1-4522-9189-d7d6bccd14fe",
"relationship--d1cb7a27-5390-4b90-a70e-af13ff249bc7",
"relationship--9f440777-68ee-41ce-9b08-0989263941a1",
"relationship--3c288c0c-0556-4064-812b-26417d2f491b",
"relationship--7e83fb2e-32bf-4f1b-8517-3480c3779c6f",
"relationship--65ce54e1-cdfe-4056-9990-5c74462139a4",
"relationship--47f4051f-c6f2-44ae-9c47-f75e1ab2abf4",
"relationship--42f0e5ae-8812-457e-9023-78e6aef9e987",
"relationship--007bfdf9-bc5c-4bb6-aefe-3ceab8e1010d",
"relationship--6f3eedbc-707f-4ab3-842b-3e677869bba5",
"relationship--7e1b1062-7e59-49ec-98eb-95485f789da7",
"relationship--9eba12b9-ebc3-40c8-acfc-f67b34582a39",
"relationship--77997e4e-b163-435a-9877-9fc5dfd63733",
"relationship--64d1db9a-f4aa-41fe-9a8e-e5d6a41d3f89",
"relationship--a8876a8f-91b9-4d3e-ab69-159bdca6f267",
"relationship--ee743cd3-8220-4293-a39c-f4502d8e20e9",
"relationship--bb0ecf7d-cb5a-4930-9832-f8d254ab1bcc",
"relationship--ae7aabae-32db-4db8-a0f6-8e7dcf5e7414",
"relationship--e73ce55e-7ff5-446b-86ef-9c1e1885c49f",
"relationship--d336a5e3-2bd4-4437-aa12-b936e50cbf17",
"relationship--36c53bd3-4f29-4c61-a081-bdb2e26c2cbe",
"relationship--4dd7c7cb-6e03-471f-8871-056b7edaad36",
"relationship--b223fdfe-099d-426b-a263-375a97fc9a79",
"relationship--609c3461-5ba6-4b04-bff7-929c1aba3f58",
"relationship--2bcafb3c-7da6-40b5-ad10-9e36b7cfca52",
"relationship--700bb944-6016-46fd-9243-5fd75b96254f",
"relationship--b3815fc0-4725-4bd2-be0f-da21d3f08d32",
"relationship--d5fd17f3-9796-498d-b25c-03507cb0e82d"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"misp-galaxy:misp-attack-pattern=\"vmray_tcp_out_connection\"",
"misp-galaxy:misp-attack-pattern=\"vmray_install_startup_script_by_registry\"",
"misp-galaxy:misp-attack-pattern=\"vmray_request_dns_by_name\"",
"misp-galaxy:misp-attack-pattern=\"vmray_check_external_ip\"",
"misp-galaxy:misp-attack-pattern=\"vmray_change_folder_appearance\"",
"misp-galaxy:misp-attack-pattern=\"vmray_av_malicious_match\"",
"misp-galaxy:misp-attack-pattern=\"vmray_use_encryption_api\"",
"misp-galaxy:misp-attack-pattern=\"vmray_enumerate_processes\"",
"misp-galaxy:misp-attack-pattern=\"vmray_establish_http_connection\"",
"misp-galaxy:misp-attack-pattern=\"vmray_delay_execution_by_sleep\"",
"misp-galaxy:misp-attack-pattern=\"vmray_dynamic_api_usage_by_api\"",
"misp-galaxy:misp-attack-pattern=\"vmray_modify_windows_backup_settings\"",
"misp-galaxy:misp-attack-pattern=\"vmray_drop_pe_file\"",
"misp-galaxy:misp-attack-pattern=\"vmray_create_named_mutex\"",
"misp-galaxy:misp-attack-pattern=\"vmray_install_scheduled_task_by_schtasks\"",
"misp-galaxy:misp-attack-pattern=\"vmray_create_process_with_hidden_window\"",
"misp-galaxy:misp-attack-pattern=\"vmray_known_suspicious_file\"",
"misp-galaxy:misp-attack-pattern=\"vmray_delay_by_scheduled_task_delayed\"",
"misp-galaxy:ransomware=\"RegretLocker\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--0d6149fa-7d99-43b7-9945-449c34054e55",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"url--0d6149fa-7d99-43b7-9945-449c34054e55"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--0d6149fa-7d99-43b7-9945-449c34054e55",
"value": "api.ipify.org"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--1196afab-f33f-4bfa-87b7-dacb0f19f1de",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"url--1196afab-f33f-4bfa-87b7-dacb0f19f1de"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--1196afab-f33f-4bfa-87b7-dacb0f19f1de",
"value": "nagano-19599.herokussl.com"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--b47f9402-8287-47c5-93ec-7cbba8b5081c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"url--b47f9402-8287-47c5-93ec-7cbba8b5081c"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--b47f9402-8287-47c5-93ec-7cbba8b5081c",
"value": "elb097307-934924932.us-east-1.elb.amazonaws.com"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--66a9b551-e555-43f2-9716-55ec617d4bb3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"mutex--66a9b551-e555-43f2-9716-55ec617d4bb3"
],
"labels": [
"misp:type=\"mutex\"",
"misp:category=\"Artifacts dropped\""
]
},
{
"type": "mutex",
"spec_version": "2.1",
"id": "mutex--66a9b551-e555-43f2-9716-55ec617d4bb3",
"name": "svchost"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--c0a3e8aa-1a13-45cc-bcbd-045aa63240db",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"domain-name--c0a3e8aa-1a13-45cc-bcbd-045aa63240db"
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--c0a3e8aa-1a13-45cc-bcbd-045aa63240db",
"value": "elb097307-934924932.us-east-1.elb.amazonaws.com"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--eb5ed5b8-1635-4ec6-abae-4c80efd17880",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"domain-name--eb5ed5b8-1635-4ec6-abae-4c80efd17880"
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--eb5ed5b8-1635-4ec6-abae-4c80efd17880",
"value": "45.66.33.45"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--e3d57113-2296-4e3f-b871-0ac228405ede",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"url--e3d57113-2296-4e3f-b871-0ac228405ede"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--e3d57113-2296-4e3f-b871-0ac228405ede",
"value": "45.66.33.45"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--939b73b1-0ac1-47a1-9ac6-ea1b312bbd0d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"domain-name--939b73b1-0ac1-47a1-9ac6-ea1b312bbd0d"
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--939b73b1-0ac1-47a1-9ac6-ea1b312bbd0d",
"value": "110.4.47.139"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--9c61d329-ad4b-4ce8-8813-2086a0434292",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"url--9c61d329-ad4b-4ce8-8813-2086a0434292"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--9c61d329-ad4b-4ce8-8813-2086a0434292",
"value": "110.4.47.139"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--1726a7d8-2589-4985-ab3d-b8d0933a9854",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"domain-name--1726a7d8-2589-4985-ab3d-b8d0933a9854"
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--1726a7d8-2589-4985-ab3d-b8d0933a9854",
"value": "203.218.5.141"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--54e046eb-3dbc-4001-8e52-bb78aa43096d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"url--54e046eb-3dbc-4001-8e52-bb78aa43096d"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--54e046eb-3dbc-4001-8e52-bb78aa43096d",
"value": "203.218.5.141"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--b60efdd4-d26b-449a-a04a-454986ea4360",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"domain-name--b60efdd4-d26b-449a-a04a-454986ea4360"
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--b60efdd4-d26b-449a-a04a-454986ea4360",
"value": "45.11.18.120"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--015c0c28-8256-45bc-9588-e20cd7d75181",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"url--015c0c28-8256-45bc-9588-e20cd7d75181"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--015c0c28-8256-45bc-9588-e20cd7d75181",
"value": "45.11.18.120"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--25c853cf-edbc-4141-b4c5-9a34fb100368",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"domain-name--25c853cf-edbc-4141-b4c5-9a34fb100368"
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--25c853cf-edbc-4141-b4c5-9a34fb100368",
"value": "185.220.102.242"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59c92eff-4581-4f5c-95c1-c37b0165ee20",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"url--59c92eff-4581-4f5c-95c1-c37b0165ee20"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--59c92eff-4581-4f5c-95c1-c37b0165ee20",
"value": "185.220.102.242"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--31f77d87-72eb-47eb-a1cf-169fe11b227e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"domain-name--31f77d87-72eb-47eb-a1cf-169fe11b227e"
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--31f77d87-72eb-47eb-a1cf-169fe11b227e",
"value": "205.185.127.217"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--dd085402-6038-4b45-8bb9-ffe3d850ca4f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"url--dd085402-6038-4b45-8bb9-ffe3d850ca4f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--dd085402-6038-4b45-8bb9-ffe3d850ca4f",
"value": "205.185.127.217"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--43e9ee4c-61ce-46be-b5ad-5fb45bcc1c84",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"domain-name--43e9ee4c-61ce-46be-b5ad-5fb45bcc1c84"
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--43e9ee4c-61ce-46be-b5ad-5fb45bcc1c84",
"value": "23.129.64.211"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--fc26844c-a53e-4324-899a-f38a118f0430",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"url--fc26844c-a53e-4324-899a-f38a118f0430"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--fc26844c-a53e-4324-899a-f38a118f0430",
"value": "23.129.64.211"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--937c7b3f-272a-46ac-ac14-1dadd6a30900",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"domain-name--937c7b3f-272a-46ac-ac14-1dadd6a30900"
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--937c7b3f-272a-46ac-ac14-1dadd6a30900",
"value": "51.158.146.152"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--b3babd8f-89fa-45d3-82dd-89d87dc38af0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"url--b3babd8f-89fa-45d3-82dd-89d87dc38af0"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--b3babd8f-89fa-45d3-82dd-89d87dc38af0",
"value": "51.158.146.152"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--627c70a6-6880-4755-ab62-ac32ab4c920a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"domain-name--627c70a6-6880-4755-ab62-ac32ab4c920a"
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--627c70a6-6880-4755-ab62-ac32ab4c920a",
"value": "45.154.35.222"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--fcb3608f-a76c-4712-a42d-bc57002745ab",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"url--fcb3608f-a76c-4712-a42d-bc57002745ab"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--fcb3608f-a76c-4712-a42d-bc57002745ab",
"value": "45.154.35.222"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--d9be3c9d-1473-4e1a-a28a-e1deb0a490fe",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"domain-name--d9be3c9d-1473-4e1a-a28a-e1deb0a490fe"
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--d9be3c9d-1473-4e1a-a28a-e1deb0a490fe",
"value": "45.79.157.103"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--d19d272a-0fba-4a5a-81ea-438a9b0c22c2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"url--d19d272a-0fba-4a5a-81ea-438a9b0c22c2"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--d19d272a-0fba-4a5a-81ea-438a9b0c22c2",
"value": "45.79.157.103"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--f7c244c9-61c0-498b-9ecd-5b45a9f828aa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"windows-registry-key--f7c244c9-61c0-498b-9ecd-5b45a9f828aa"
],
"labels": [
"misp:type=\"regkey\"",
"misp:category=\"Persistence mechanism\""
]
},
{
"type": "windows-registry-key",
"spec_version": "2.1",
"id": "windows-registry-key--f7c244c9-61c0-498b-9ecd-5b45a9f828aa",
"key": "HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\System"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--0c999112-dd3a-4660-9ce4-1da25f63369b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"windows-registry-key--0c999112-dd3a-4660-9ce4-1da25f63369b"
],
"labels": [
"misp:type=\"regkey\"",
"misp:category=\"Persistence mechanism\""
]
},
{
"type": "windows-registry-key",
"spec_version": "2.1",
"id": "windows-registry-key--0c999112-dd3a-4660-9ce4-1da25f63369b",
"key": "HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Command Processor"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--2c6e44ad-af7f-4860-8515-c07e11f0d73d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"windows-registry-key--2c6e44ad-af7f-4860-8515-c07e11f0d73d"
],
"labels": [
"misp:type=\"regkey\"",
"misp:category=\"Persistence mechanism\""
]
},
{
"type": "windows-registry-key",
"spec_version": "2.1",
"id": "windows-registry-key--2c6e44ad-af7f-4860-8515-c07e11f0d73d",
"key": "HKEY_CURRENT_USER\\Software\\Microsoft\\Command Processor"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--2a26ccb1-3bc4-4d4c-9267-50f3e7cbad84",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"windows-registry-key--2a26ccb1-3bc4-4d4c-9267-50f3e7cbad84"
],
"labels": [
"misp:type=\"regkey\"",
"misp:category=\"Persistence mechanism\""
]
},
{
"type": "windows-registry-key",
"spec_version": "2.1",
"id": "windows-registry-key--2a26ccb1-3bc4-4d4c-9267-50f3e7cbad84",
"key": "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Wbem\\CIMOM"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--495ba099-2877-417c-a395-0b775e682254",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--495ba099-2877-417c-a395-0b775e682254",
"ipv4-addr--495ba099-2877-417c-a395-0b775e682254"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--495ba099-2877-417c-a395-0b775e682254",
"dst_ref": "ipv4-addr--495ba099-2877-417c-a395-0b775e682254",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--495ba099-2877-417c-a395-0b775e682254",
"value": "50.19.252.36"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--3a0b0357-d641-4bf2-ad0e-9d67e935058c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--3a0b0357-d641-4bf2-ad0e-9d67e935058c",
"ipv4-addr--3a0b0357-d641-4bf2-ad0e-9d67e935058c"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--3a0b0357-d641-4bf2-ad0e-9d67e935058c",
"dst_ref": "ipv4-addr--3a0b0357-d641-4bf2-ad0e-9d67e935058c",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--3a0b0357-d641-4bf2-ad0e-9d67e935058c",
"value": "54.204.14.42"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--c1ca2e16-9132-456b-813b-c9bddcc1ef96",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--c1ca2e16-9132-456b-813b-c9bddcc1ef96",
"ipv4-addr--c1ca2e16-9132-456b-813b-c9bddcc1ef96"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--c1ca2e16-9132-456b-813b-c9bddcc1ef96",
"dst_ref": "ipv4-addr--c1ca2e16-9132-456b-813b-c9bddcc1ef96",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--c1ca2e16-9132-456b-813b-c9bddcc1ef96",
"value": "54.227.255.202"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--3d03ea7b-4b1a-4774-830b-bfeefcb2e767",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--3d03ea7b-4b1a-4774-830b-bfeefcb2e767",
"ipv4-addr--3d03ea7b-4b1a-4774-830b-bfeefcb2e767"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--3d03ea7b-4b1a-4774-830b-bfeefcb2e767",
"dst_ref": "ipv4-addr--3d03ea7b-4b1a-4774-830b-bfeefcb2e767",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--3d03ea7b-4b1a-4774-830b-bfeefcb2e767",
"value": "54.235.98.120"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--ddd9f951-eda5-421e-8408-1d8a21b790c5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--ddd9f951-eda5-421e-8408-1d8a21b790c5",
"ipv4-addr--ddd9f951-eda5-421e-8408-1d8a21b790c5"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--ddd9f951-eda5-421e-8408-1d8a21b790c5",
"dst_ref": "ipv4-addr--ddd9f951-eda5-421e-8408-1d8a21b790c5",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--ddd9f951-eda5-421e-8408-1d8a21b790c5",
"value": "54.235.169.38"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--1ef6377b-4930-40fb-bbcd-082415d6548c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--1ef6377b-4930-40fb-bbcd-082415d6548c",
"ipv4-addr--1ef6377b-4930-40fb-bbcd-082415d6548c"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--1ef6377b-4930-40fb-bbcd-082415d6548c",
"dst_ref": "ipv4-addr--1ef6377b-4930-40fb-bbcd-082415d6548c",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--1ef6377b-4930-40fb-bbcd-082415d6548c",
"value": "23.21.252.4"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--04612a82-d194-4360-8cf8-6a21b880534e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--04612a82-d194-4360-8cf8-6a21b880534e",
"ipv4-addr--04612a82-d194-4360-8cf8-6a21b880534e"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--04612a82-d194-4360-8cf8-6a21b880534e",
"dst_ref": "ipv4-addr--04612a82-d194-4360-8cf8-6a21b880534e",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--04612a82-d194-4360-8cf8-6a21b880534e",
"value": "54.225.66.103"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--d2eb2254-d24d-4b17-a10d-9d92cfd44980",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--d2eb2254-d24d-4b17-a10d-9d92cfd44980",
"ipv4-addr--d2eb2254-d24d-4b17-a10d-9d92cfd44980"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--d2eb2254-d24d-4b17-a10d-9d92cfd44980",
"dst_ref": "ipv4-addr--d2eb2254-d24d-4b17-a10d-9d92cfd44980",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--d2eb2254-d24d-4b17-a10d-9d92cfd44980",
"value": "54.225.169.28"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--e09020d6-d77d-4080-a7a4-210312a7900c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"process--e09020d6-d77d-4080-a7a4-210312a7900c",
"process--eea27000-ec7d-48b2-a023-cd76aba10615",
"file--37201be6-55a2-491f-9de9-aa03d421f3b1"
],
"labels": [
"misp:name=\"process\"",
"misp:meta-category=\"misc\"",
"misp:to_ids=\"False\""
]
},
{
"type": "process",
"spec_version": "2.1",
"id": "process--e09020d6-d77d-4080-a7a4-210312a7900c",
"pid": 4464,
"command_line": "\"%USERPROFILE%\\Desktop\\locker.exe\"",
"image_ref": "file--37201be6-55a2-491f-9de9-aa03d421f3b1",
"parent_ref": "process--eea27000-ec7d-48b2-a023-cd76aba10615",
"x_misp_name": "locker.exe"
},
{
"type": "process",
"spec_version": "2.1",
"id": "process--eea27000-ec7d-48b2-a023-cd76aba10615",
"pid": 1376
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--37201be6-55a2-491f-9de9-aa03d421f3b1",
"name": "locker.exe"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--14eff187-01c0-4492-980e-90baa5cd56a5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"process--14eff187-01c0-4492-980e-90baa5cd56a5",
"process--756b698f-761d-43d2-9667-de6d7e3b716c",
"file--4b91f92d-bb8d-4bf2-b2d9-8081de4772cd"
],
"labels": [
"misp:name=\"process\"",
"misp:meta-category=\"misc\"",
"misp:to_ids=\"False\""
]
},
{
"type": "process",
"spec_version": "2.1",
"id": "process--14eff187-01c0-4492-980e-90baa5cd56a5",
"pid": 1340,
"command_line": "\"%WINDIR%\\System32\\cmd.exe\" /C schtasks /Create /SC MINUTE /TN \"Mouse Application\" /TR \"%USERPROFILE%\\Desktop\\locker.exe\" /f",
"image_ref": "file--4b91f92d-bb8d-4bf2-b2d9-8081de4772cd",
"parent_ref": "process--756b698f-761d-43d2-9667-de6d7e3b716c",
"x_misp_name": "cmd.exe"
},
{
"type": "process",
"spec_version": "2.1",
"id": "process--756b698f-761d-43d2-9667-de6d7e3b716c",
"pid": 4464
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--4b91f92d-bb8d-4bf2-b2d9-8081de4772cd",
"name": "cmd.exe"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--e0a0c460-3940-4815-9a71-e4aa3a01a058",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"process--e0a0c460-3940-4815-9a71-e4aa3a01a058",
"process--d053a485-7406-40a4-be82-5939a32a96cb",
"file--420aa5ed-fd32-4f36-8b62-045b47035d6e"
],
"labels": [
"misp:name=\"process\"",
"misp:meta-category=\"misc\"",
"misp:to_ids=\"False\""
]
},
{
"type": "process",
"spec_version": "2.1",
"id": "process--e0a0c460-3940-4815-9a71-e4aa3a01a058",
"pid": 3956,
"command_line": "\"%WINDIR%\\System32\\cmd.exe\" /C wmic SHADOWCOPY DELETE & wbadmin DELETE SYSTEMSTATEBACKUP & bcdedit.exe / set{ default } bootstatuspolicy ignoreallfailures & bcdedit.exe / set{ default } recoveryenabled No",
"image_ref": "file--420aa5ed-fd32-4f36-8b62-045b47035d6e",
"parent_ref": "process--d053a485-7406-40a4-be82-5939a32a96cb",
"x_misp_name": "cmd.exe"
},
{
"type": "process",
"spec_version": "2.1",
"id": "process--d053a485-7406-40a4-be82-5939a32a96cb",
"pid": 4464
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--420aa5ed-fd32-4f36-8b62-045b47035d6e",
"name": "cmd.exe"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--9d0fadd9-70bb-4d31-a86b-b6995879f855",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"process--9d0fadd9-70bb-4d31-a86b-b6995879f855",
"process--e0c748b6-113a-4b37-83c4-1334e146eacc",
"file--a7dce264-f9b7-4d2d-804d-ad23561ac300"
],
"labels": [
"misp:name=\"process\"",
"misp:meta-category=\"misc\"",
"misp:to_ids=\"False\""
]
},
{
"type": "process",
"spec_version": "2.1",
"id": "process--9d0fadd9-70bb-4d31-a86b-b6995879f855",
"pid": 1664,
"command_line": "schtasks /Create /SC MINUTE /TN \"Mouse Application\" /TR \"%USERPROFILE%\\Desktop\\locker.exe\" /f",
"image_ref": "file--a7dce264-f9b7-4d2d-804d-ad23561ac300",
"parent_ref": "process--e0c748b6-113a-4b37-83c4-1334e146eacc",
"x_misp_name": "schtasks.exe"
},
{
"type": "process",
"spec_version": "2.1",
"id": "process--e0c748b6-113a-4b37-83c4-1334e146eacc",
"pid": 1340
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--a7dce264-f9b7-4d2d-804d-ad23561ac300",
"name": "schtasks.exe"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--ad1f0004-c221-4a19-8edd-d9f836b88ee7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"process--ad1f0004-c221-4a19-8edd-d9f836b88ee7",
"process--5ac52658-6c39-4f61-a4fc-cf1ae023a0a5",
"file--5bc3957e-af3d-4a00-8644-734dd61418a1"
],
"labels": [
"misp:name=\"process\"",
"misp:meta-category=\"misc\"",
"misp:to_ids=\"False\""
]
},
{
"type": "process",
"spec_version": "2.1",
"id": "process--ad1f0004-c221-4a19-8edd-d9f836b88ee7",
"pid": 1380,
"command_line": "wmic SHADOWCOPY DELETE",
"image_ref": "file--5bc3957e-af3d-4a00-8644-734dd61418a1",
"parent_ref": "process--5ac52658-6c39-4f61-a4fc-cf1ae023a0a5",
"x_misp_name": "wmic.exe"
},
{
"type": "process",
"spec_version": "2.1",
"id": "process--5ac52658-6c39-4f61-a4fc-cf1ae023a0a5",
"pid": 3956
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--5bc3957e-af3d-4a00-8644-734dd61418a1",
"name": "wmic.exe"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--aeca75dd-8858-48c1-9773-a4f670e63210",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"process--aeca75dd-8858-48c1-9773-a4f670e63210",
"process--71b22502-3042-45f7-9bec-37ccc2015480",
"file--3f91250f-7fba-44e3-8102-3226033871cb"
],
"labels": [
"misp:name=\"process\"",
"misp:meta-category=\"misc\"",
"misp:to_ids=\"False\""
]
},
{
"type": "process",
"spec_version": "2.1",
"id": "process--aeca75dd-8858-48c1-9773-a4f670e63210",
"pid": 940,
"command_line": "%WINDIR%\\system32\\svchost.exe -k netsvcs",
"image_ref": "file--3f91250f-7fba-44e3-8102-3226033871cb",
"parent_ref": "process--71b22502-3042-45f7-9bec-37ccc2015480",
"x_misp_name": "svchost.exe"
},
{
"type": "process",
"spec_version": "2.1",
"id": "process--71b22502-3042-45f7-9bec-37ccc2015480",
"pid": 572
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--3f91250f-7fba-44e3-8102-3226033871cb",
"name": "svchost.exe"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--8c814729-25fa-4f3d-9e74-f587c2676eb1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"process--8c814729-25fa-4f3d-9e74-f587c2676eb1",
"process--a42909eb-6283-4c04-95ae-914a404df550",
"file--dc1d0063-99be-4cec-910c-aaa115c3adfe"
],
"labels": [
"misp:name=\"process\"",
"misp:meta-category=\"misc\"",
"misp:to_ids=\"False\""
]
},
{
"type": "process",
"spec_version": "2.1",
"id": "process--8c814729-25fa-4f3d-9e74-f587c2676eb1",
"pid": 4472,
"command_line": "%USERPROFILE%\\Desktop\\locker.exe",
"image_ref": "file--dc1d0063-99be-4cec-910c-aaa115c3adfe",
"parent_ref": "process--a42909eb-6283-4c04-95ae-914a404df550",
"x_misp_name": "locker.exe"
},
{
"type": "process",
"spec_version": "2.1",
"id": "process--a42909eb-6283-4c04-95ae-914a404df550",
"pid": 940
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--dc1d0063-99be-4cec-910c-aaa115c3adfe",
"name": "locker.exe"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--b9bafe60-a9cc-43fa-a541-2dfb16d3aed5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:49.000Z",
"modified": "2020-12-30T13:53:49.000Z",
"first_observed": "2020-12-30T13:53:49Z",
"last_observed": "2020-12-30T13:53:49Z",
"number_observed": 1,
"object_refs": [
"windows-registry-key--b9bafe60-a9cc-43fa-a541-2dfb16d3aed5"
],
"labels": [
"misp:name=\"registry-key\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"False\""
]
},
{
"type": "windows-registry-key",
"spec_version": "2.1",
"id": "windows-registry-key--b9bafe60-a9cc-43fa-a541-2dfb16d3aed5",
"key": "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",
"values": [
{
"name": "Mouse Application",
"data": "%USERPROFILE%\\Desktop\\locker.exe",
"data_type": "REG_SZ"
}
],
"x_misp_hive": "HKEY_CURRENT_USER"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--ce8013e9-4d6d-48d5-82e5-190328228b00",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-30T13:53:51.000Z",
"modified": "2020-12-30T13:53:51.000Z",
"labels": [
"misp:name=\"original-imported-file\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "attachment",
"object_relation": "imported-sample",
"value": "stix-report.xml",
"category": "External analysis",
"uuid": "89759f96-feef-40b1-83f8-ed70f964aa62",
"data": "PHN0aXg6U1RJWF9QYWNrYWdlIHhtbG5zOkFkZHJlc3NPYmo9Imh0dHA6Ly9jeWJveC5taXRyZS5vcmcvb2JqZWN0cyNBZGRyZXNzT2JqZWN0LTIiIHhtbG5zOkN1c3RvbU9iaj0iaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9vYmplY3RzI0N1c3RvbU9iamVjdC0xIiB4bWxuczpGaWxlT2JqPSJodHRwOi8vY3lib3gubWl0cmUub3JnL29iamVjdHMjRmlsZU9iamVjdC0yIiB4bWxuczpXaW5SZWdpc3RyeUtleU9iaj0iaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9vYmplY3RzI1dpblJlZ2lzdHJ5S2V5T2JqZWN0LTIiIHhtbG5zOkROU1JlY29yZE9iaj0iaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9vYmplY3RzI0ROU1JlY29yZE9iamVjdC0yIiB4bWxuczpNdXRleE9iaj0iaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9vYmplY3RzI011dGV4T2JqZWN0LTIiIHhtbG5zOnN0aXhWb2NhYnM9Imh0dHA6Ly9zdGl4Lm1pdHJlLm9yZy9kZWZhdWx0X3ZvY2FidWxhcmllcy0xIiB4bWxuczpVUklPYmo9Imh0dHA6Ly9jeWJveC5taXRyZS5vcmcvb2JqZWN0cyNVUklPYmplY3QtMiIgeG1sbnM6Y3lib3hWb2NhYnM9Imh0dHA6Ly9jeWJveC5taXRyZS5vcmcvZGVmYXVsdF92b2NhYnVsYXJpZXMtMiIgeG1sbnM6UHJvY2Vzc09iaj0iaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9vYmplY3RzI1Byb2Nlc3NPYmplY3QtMiIgeG1sbnM6c3RpeD0iaHR0cDovL3N0aXgubWl0cmUub3JnL3N0aXgtMSIgeG1sbnM6dHRwPSJodHRwOi8vc3RpeC5taXRyZS5vcmcvVFRQLTEiIHhtbG5zOmN5Ym94Q29tbW9uPSJodHRwOi8vY3lib3gubWl0cmUub3JnL2NvbW1vbi0yIiB4bWxuczppbmRpY2F0b3I9Imh0dHA6Ly9zdGl4Lm1pdHJlLm9yZy9JbmRpY2F0b3ItMiIgeG1sbnM6Y3lib3g9Imh0dHA6Ly9jeWJveC5taXRyZS5vcmcvY3lib3gtMiIgeG1sbnM6c3RpeENvbW1vbj0iaHR0cDovL3N0aXgubWl0cmUub3JnL2NvbW1vbi0xIiB4bWxuczpWTVJheUFuYWx5emVyPSJodHRwOi8vdm1yYXkuY29tL2FuYWx5emVyIiB4bWxuczp4bGluaz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94bGluayIgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnNjaGVtYUxvY2F0aW9uPSJodHRwOi8vY3lib3gubWl0cmUub3JnL29iamVjdHMjQWRkcmVzc09iamVjdC0yIGh0dHA6Ly9jeWJveC5taXRyZS5vcmcvWE1MU2NoZW1hL29iamVjdHMvQWRkcmVzcy8yLjEvQWRkcmVzc19PYmplY3QueHNkICBodHRwOi8vY3lib3gubWl0cmUub3JnL29iamVjdHMjQ3VzdG9tT2JqZWN0LTEgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9YTUxTY2hlbWEvb2JqZWN0cy9DdXN0b20vMS4xL0N1c3RvbV9PYmplY3QueHNkICBodHRwOi8vY3lib3gubWl0cmUub3JnL29iamVjdHMjRmlsZU9iamVjdC0yIGh0dHA6Ly9jeWJveC5taXRyZS5vcmcvWE1MU2NoZW1hL29iamVjdHMvRmlsZS8yLjEvRmlsZV9PYmplY3QueHNkICBodHRwOi8vY3lib3gubWl0cmUub3JnL29iamVjdHMjV2luUmVnaXN0cnlLZXlPYmplY3QtMiBodHRwOi8vY3lib3gubWl0cmUub3JnL1hNTFNjaGVtYS9vYmplY3RzL1dpbl9SZWdpc3RyeV9LZXkvMi4xL1dpbl9SZWdpc3RyeV9LZXlfT2JqZWN0LnhzZCAgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9vYmplY3RzI0ROU1JlY29yZE9iamVjdC0yIGh0dHA6Ly9jeWJveC5taXRyZS5vcmcvWE1MU2NoZW1hL29iamVjdHMvRE5TX1JlY29yZC8yLjEvRE5TX1JlY29yZF9PYmplY3QueHNkICBodHRwOi8vY3lib3gubWl0cmUub3JnL29iamVjdHMjTXV0ZXhPYmplY3QtMiBodHRwOi8vY3lib3gubWl0cmUub3JnL1hNTFNjaGVtYS9vYmplY3RzL011dGV4LzIuMS9NdXRleF9PYmplY3QueHNkICBodHRwOi8vc3RpeC5taXRyZS5vcmcvZGVmYXVsdF92b2NhYnVsYXJpZXMtMSBodHRwOi8vc3RpeC5taXRyZS5vcmcvWE1MU2NoZW1hL2RlZmF1bHRfdm9jYWJ1bGFyaWVzLzEuMi4wL3N0aXhfZGVmYXVsdF92b2NhYnVsYXJpZXMueHNkICBodHRwOi8vY3lib3gubWl0cmUub3JnL29iamVjdHMjVVJJT2JqZWN0LTIgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9YTUxTY2hlbWEvb2JqZWN0cy9VUkkvMi4xL1VSSV9PYmplY3QueHNkICBodHRwOi8vY3lib3gubWl0cmUub3JnL2RlZmF1bHRfdm9jYWJ1bGFyaWVzLTIgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9YTUxTY2hlbWEvZGVmYXVsdF92b2NhYnVsYXJpZXMvMi4xL2N5Ym94X2RlZmF1bHRfdm9jYWJ1bGFyaWVzLnhzZCAgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9vYmplY3RzI1Byb2Nlc3NPYmplY3QtMiBodHRwOi8vY3lib3gubWl0cmUub3JnL1hNTFNjaGVtYS9vYmplY3RzL1Byb2Nlc3MvMi4xL1Byb2Nlc3NfT2JqZWN0LnhzZCAgaHR0cDovL3N0aXgubWl0cmUub3JnL3N0aXgtMSBodHRwOi8vc3RpeC5taXRyZS5vcmcvWE1MU2NoZW1hL2NvcmUvMS4yL3N0aXhfY29yZS54c2QgIGh0dHA6Ly9zdGl4Lm1pdHJlLm9yZy9UVFAtMSBodHRwOi8vc3RpeC5taXRyZS5vcmcvWE1MU2NoZW1hL3R0cC8xLjIvdHRwLnhzZCAgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9jb21tb24tMiBodHRwOi8vY3lib3gubWl0cmUub3JnL1hNTFNjaGVtYS9jb21tb24vMi4xL2N5Ym94X2NvbW1vbi54c2QgIGh0dHA6Ly9zdGl4Lm1pdHJlLm9yZy9JbmRpY2F0b3ItMiBodHRwOi8vc3RpeC5taXRyZS5vcmcvWE1MU2NoZW1hL2luZGljYXRvci8yLjIvaW5kaWNhdG9yLnhzZCAgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9jeWJveC0yIGh0dHA6Ly9jeWJveC5taXRyZS5vcmcvWE1MU2NoZW1hL2NvcmUvMi4xL2N5Ym94X2NvcmUueHNkICBodHRwOi8vc3RpeC5taXRyZS5vcmcvY29tbW9uLTEgaHR0cDovL3N0aXgubWl0cmUub3JnL1hNTFNjaGVtYS9jb21tb24vMS4yL3N0aXhfY29tbW9uLnhzZCIgaWQ9IlZNUmF5QW5hbHl6ZXI6UGFja2FnZS0zNzMyN2RmMy1kYTk1LTQ2NDAtODhjYi0wYTczZTFmMmQxM2IiIHZlcnNpb249Ij
},
{
"type": "text",
"object_relation": "format",
"value": "STIX 1.1",
"category": "Other",
"uuid": "1018cdf0-f8e7-4b8f-9d3b-efde6e7b7c78"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "original-imported-file"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--ace6d13e-f7f7-4b41-8bd8-d2a3e1bedc58",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "child-of",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e09020d6-d77d-4080-a7a4-210312a7900c",
"target_ref": "observed-data--14eff187-01c0-4492-980e-90baa5cd56a5"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--baa3200f-9df1-4522-9189-d7d6bccd14fe",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "child-of",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e09020d6-d77d-4080-a7a4-210312a7900c",
"target_ref": "observed-data--e0a0c460-3940-4815-9a71-e4aa3a01a058"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--d1cb7a27-5390-4b90-a70e-af13ff249bc7",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "created",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e09020d6-d77d-4080-a7a4-210312a7900c",
"target_ref": "observed-data--e09020d6-d77d-4080-a7a4-210312a7900c"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--9f440777-68ee-41ce-9b08-0989263941a1",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "created",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e09020d6-d77d-4080-a7a4-210312a7900c",
"target_ref": "observed-data--66a9b551-e555-43f2-9716-55ec617d4bb3"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--3c288c0c-0556-4064-812b-26417d2f491b",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "opened",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e09020d6-d77d-4080-a7a4-210312a7900c",
"target_ref": "observed-data--b9bafe60-a9cc-43fa-a541-2dfb16d3aed5"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--7e83fb2e-32bf-4f1b-8517-3480c3779c6f",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "read-from",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e09020d6-d77d-4080-a7a4-210312a7900c",
"target_ref": "observed-data--c0a3e8aa-1a13-45cc-bcbd-045aa63240db"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--65ce54e1-cdfe-4056-9990-5c74462139a4",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "read-from",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e09020d6-d77d-4080-a7a4-210312a7900c",
"target_ref": "observed-data--eb5ed5b8-1635-4ec6-abae-4c80efd17880"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--47f4051f-c6f2-44ae-9c47-f75e1ab2abf4",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "read-from",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e09020d6-d77d-4080-a7a4-210312a7900c",
"target_ref": "observed-data--939b73b1-0ac1-47a1-9ac6-ea1b312bbd0d"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--42f0e5ae-8812-457e-9023-78e6aef9e987",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "read-from",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e09020d6-d77d-4080-a7a4-210312a7900c",
"target_ref": "observed-data--1726a7d8-2589-4985-ab3d-b8d0933a9854"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--007bfdf9-bc5c-4bb6-aefe-3ceab8e1010d",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "read-from",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e09020d6-d77d-4080-a7a4-210312a7900c",
"target_ref": "observed-data--b60efdd4-d26b-449a-a04a-454986ea4360"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--6f3eedbc-707f-4ab3-842b-3e677869bba5",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "read-from",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e09020d6-d77d-4080-a7a4-210312a7900c",
"target_ref": "observed-data--25c853cf-edbc-4141-b4c5-9a34fb100368"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--7e1b1062-7e59-49ec-98eb-95485f789da7",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "read-from",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e09020d6-d77d-4080-a7a4-210312a7900c",
"target_ref": "observed-data--31f77d87-72eb-47eb-a1cf-169fe11b227e"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--9eba12b9-ebc3-40c8-acfc-f67b34582a39",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "read-from",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e09020d6-d77d-4080-a7a4-210312a7900c",
"target_ref": "observed-data--43e9ee4c-61ce-46be-b5ad-5fb45bcc1c84"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--77997e4e-b163-435a-9877-9fc5dfd63733",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "read-from",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e09020d6-d77d-4080-a7a4-210312a7900c",
"target_ref": "observed-data--937c7b3f-272a-46ac-ac14-1dadd6a30900"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--64d1db9a-f4aa-41fe-9a8e-e5d6a41d3f89",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "read-from",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e09020d6-d77d-4080-a7a4-210312a7900c",
"target_ref": "observed-data--627c70a6-6880-4755-ab62-ac32ab4c920a"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--a8876a8f-91b9-4d3e-ab69-159bdca6f267",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "read-from",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e09020d6-d77d-4080-a7a4-210312a7900c",
"target_ref": "observed-data--d9be3c9d-1473-4e1a-a28a-e1deb0a490fe"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--ee743cd3-8220-4293-a39c-f4502d8e20e9",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "child-of",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--14eff187-01c0-4492-980e-90baa5cd56a5",
"target_ref": "observed-data--9d0fadd9-70bb-4d31-a86b-b6995879f855"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--bb0ecf7d-cb5a-4930-9832-f8d254ab1bcc",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "created",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--14eff187-01c0-4492-980e-90baa5cd56a5",
"target_ref": "observed-data--14eff187-01c0-4492-980e-90baa5cd56a5"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--ae7aabae-32db-4db8-a0f6-8e7dcf5e7414",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "opened",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--14eff187-01c0-4492-980e-90baa5cd56a5",
"target_ref": "observed-data--f7c244c9-61c0-498b-9ecd-5b45a9f828aa"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--e73ce55e-7ff5-446b-86ef-9c1e1885c49f",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "opened",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--14eff187-01c0-4492-980e-90baa5cd56a5",
"target_ref": "observed-data--0c999112-dd3a-4660-9ce4-1da25f63369b"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--d336a5e3-2bd4-4437-aa12-b936e50cbf17",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "opened",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--14eff187-01c0-4492-980e-90baa5cd56a5",
"target_ref": "observed-data--2c6e44ad-af7f-4860-8515-c07e11f0d73d"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--36c53bd3-4f29-4c61-a081-bdb2e26c2cbe",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "child-of",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e0a0c460-3940-4815-9a71-e4aa3a01a058",
"target_ref": "observed-data--ad1f0004-c221-4a19-8edd-d9f836b88ee7"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--4dd7c7cb-6e03-471f-8871-056b7edaad36",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "created",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e0a0c460-3940-4815-9a71-e4aa3a01a058",
"target_ref": "observed-data--e0a0c460-3940-4815-9a71-e4aa3a01a058"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--b223fdfe-099d-426b-a263-375a97fc9a79",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "opened",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e0a0c460-3940-4815-9a71-e4aa3a01a058",
"target_ref": "observed-data--f7c244c9-61c0-498b-9ecd-5b45a9f828aa"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--609c3461-5ba6-4b04-bff7-929c1aba3f58",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "opened",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e0a0c460-3940-4815-9a71-e4aa3a01a058",
"target_ref": "observed-data--0c999112-dd3a-4660-9ce4-1da25f63369b"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--2bcafb3c-7da6-40b5-ad10-9e36b7cfca52",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "opened",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--e0a0c460-3940-4815-9a71-e4aa3a01a058",
"target_ref": "observed-data--2c6e44ad-af7f-4860-8515-c07e11f0d73d"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--700bb944-6016-46fd-9243-5fd75b96254f",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "child-of",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--ad1f0004-c221-4a19-8edd-d9f836b88ee7",
"target_ref": "observed-data--aeca75dd-8858-48c1-9773-a4f670e63210"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--b3815fc0-4725-4bd2-be0f-da21d3f08d32",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "opened",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--ad1f0004-c221-4a19-8edd-d9f836b88ee7",
"target_ref": "observed-data--2a26ccb1-3bc4-4d4c-9267-50f3e7cbad84"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--d5fd17f3-9796-498d-b25c-03507cb0e82d",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
2023-04-21 13:25:09 +00:00
"relationship_type": "child-of",
2023-06-14 17:31:25 +00:00
"source_ref": "observed-data--aeca75dd-8858-48c1-9773-a4f670e63210",
"target_ref": "observed-data--8c814729-25fa-4f3d-9e74-f587c2676eb1"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
2023-04-21 13:25:09 +00:00
]
}