2023-04-21 13:25:09 +00:00
{
2023-06-14 17:31:25 +00:00
"type" : "bundle" ,
"id" : "bundle--5a69ed26-44c8-423c-a8dc-4f7b950d210f" ,
"objects" : [
{
"type" : "identity" ,
"spec_version" : "2.1" ,
"id" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-10T03:02:22.000Z" ,
"modified" : "2018-02-10T03:02:22.000Z" ,
"name" : "CIRCL" ,
"identity_class" : "organization"
} ,
{
"type" : "report" ,
"spec_version" : "2.1" ,
"id" : "report--5a69ed26-44c8-423c-a8dc-4f7b950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-10T03:02:22.000Z" ,
"modified" : "2018-02-10T03:02:22.000Z" ,
"name" : "OSINT - Dark Caracal Cyber-espionage at a Global Scale" ,
"published" : "2018-02-16T08:55:49Z" ,
"object_refs" : [
"observed-data--5a69ed84-7358-4681-857b-4113950d210f" ,
"url--5a69ed84-7358-4681-857b-4113950d210f" ,
"x-misp-attribute--5a69eda8-8c64-404a-b670-e066950d210f" ,
"indicator--5a69ef3a-79b8-4482-9903-42ae950d210f" ,
"indicator--5a69ef3a-f0f0-4b3b-b25b-4980950d210f" ,
"indicator--5a69ef3b-7d48-4c38-8bd7-40c6950d210f" ,
"indicator--5a69ef3b-c2b4-4807-afc5-49b0950d210f" ,
"indicator--5a69ef3c-a608-458b-85f0-42ac950d210f" ,
"indicator--5a69ef3c-8e40-405e-af62-4aa0950d210f" ,
"indicator--5a69efab-a5d8-4737-9b92-e066950d210f" ,
"indicator--5a69efab-5d08-4629-a28f-e066950d210f" ,
"indicator--5a69efac-85f0-4d9b-898b-e066950d210f" ,
"indicator--5a69efac-34d8-4d61-8bc3-e066950d210f" ,
"indicator--5a69efad-2c7c-4e73-9895-e066950d210f" ,
"indicator--5a69efad-f96c-4581-b143-e066950d210f" ,
"indicator--5a69efae-a7f0-4459-96ef-e066950d210f" ,
"indicator--5a69efae-141c-4531-80b8-e066950d210f" ,
"indicator--5a69efae-c084-482d-890e-e066950d210f" ,
"indicator--5a69efaf-9554-4e71-9bad-e066950d210f" ,
"indicator--5a69efaf-937c-4077-a577-e066950d210f" ,
"x-misp-attribute--5a69f172-77b4-4e41-94ab-4a4d950d210f" ,
"x-misp-attribute--5a69f173-203c-4f37-89f2-4bfc950d210f" ,
"indicator--5a69f1c7-2c5c-48cc-8b53-e066950d210f" ,
"indicator--5a69f1c8-5cc0-46bc-aa93-e066950d210f" ,
"indicator--5a69f1c8-0edc-4606-96a4-e066950d210f" ,
"indicator--5a69f1c9-1d20-422b-9cb6-e066950d210f" ,
"indicator--5a69f1c9-b438-467d-bfae-e066950d210f" ,
"indicator--5a69f1c9-90dc-4c73-9c41-e066950d210f" ,
"indicator--5a69f1ca-717c-4be0-bc22-e066950d210f" ,
"indicator--5a69f1ca-6710-41eb-a750-e066950d210f" ,
"indicator--5a69f1cb-7960-4906-a314-e066950d210f" ,
"indicator--5a69f1cb-5ba0-4021-9ca5-e066950d210f" ,
"indicator--5a69f1cc-aee0-4db7-a16b-e066950d210f" ,
"indicator--5a69f1cc-93e8-4c5f-a235-e066950d210f" ,
"indicator--5a69f1cc-6378-46de-981c-e066950d210f" ,
"indicator--5a69f1cd-fe2c-47a4-8c20-e066950d210f" ,
"indicator--5a69f1cd-fb54-482a-83cb-e066950d210f" ,
"indicator--5a69f1ce-4d68-4867-a6e9-e066950d210f" ,
"indicator--5a69f1ce-79f0-4642-b8e2-e066950d210f" ,
"indicator--5a69f1cf-d880-42ad-baa0-e066950d210f" ,
"indicator--5a69f1cf-10d4-4adb-ba9f-e066950d210f" ,
"indicator--5a69f1cf-095c-47e4-baa8-e066950d210f" ,
"indicator--5a69f1d0-e3c8-4992-93e9-e066950d210f" ,
"indicator--5a69f1d0-5c04-47e8-bb02-e066950d210f" ,
"indicator--5a69f1d1-48ac-4c3d-b62c-e066950d210f" ,
"indicator--5a69f1d2-c220-4ffa-bcdd-e066950d210f" ,
"indicator--5a69f1d2-21c0-46e2-a758-e066950d210f" ,
"indicator--5a69f1d3-dcbc-438a-b7ec-e066950d210f" ,
"indicator--5a69f1d3-012c-4a9e-ac1d-e066950d210f" ,
"indicator--5a69f1d3-2b08-4953-b126-e066950d210f" ,
"indicator--5a69f1d4-2d0c-4f4c-be88-e066950d210f" ,
"indicator--5a69f1d4-c3f0-4079-bae4-e066950d210f" ,
"indicator--5a69f1d5-19d8-49a0-86a9-e066950d210f" ,
"indicator--5a69f1d5-2130-46de-976e-e066950d210f" ,
"indicator--5a69f1d6-74cc-4724-82d8-e066950d210f" ,
"indicator--5a69f1d6-8e9c-4b56-845d-e066950d210f" ,
"indicator--5a69f1d6-e03c-4594-815f-e066950d210f" ,
"indicator--5a69f1d7-b870-4a3f-8b76-e066950d210f" ,
"indicator--5a6ee8f5-56c4-4aa1-ac0b-4a38950d210f" ,
"indicator--5a6ee8f6-4d34-4a4e-abf2-47e7950d210f" ,
"indicator--5a6ee8f6-3aac-4b02-848c-4564950d210f" ,
"indicator--5a6ee8f6-8a1c-47ed-a766-4bd2950d210f" ,
"indicator--5a6ee8f7-9c0c-4890-9c7a-4135950d210f" ,
"indicator--5a6ee8f7-0848-4cd5-98d3-4a7d950d210f" ,
"indicator--5a6ee8f8-6a60-4bbc-ba1f-410e950d210f" ,
"indicator--5a6ee8f8-91d0-46cd-b9f4-4497950d210f" ,
"indicator--5a6ee8f8-c398-4a50-b328-494e950d210f" ,
"indicator--5a6ee8f9-eff0-4bb8-94d8-464c950d210f" ,
"indicator--5a6ee8f9-daf8-4943-b09b-4fcd950d210f" ,
"indicator--5a6ee8fa-0e64-4682-a526-40fc950d210f" ,
"indicator--5a6ee8fa-30f4-4de9-b059-459c950d210f" ,
"indicator--5a6ee8fb-42d8-4a6b-982d-4bdf950d210f" ,
"indicator--5a6ee8fb-b904-4f1d-a3b2-49a9950d210f" ,
"indicator--5a6ee8fb-471c-4613-8afb-4653950d210f" ,
"indicator--5a6ee8fc-4a7c-4437-a225-404a950d210f" ,
"indicator--5a6ee8fc-ccbc-4003-a05e-484f950d210f" ,
"indicator--5a6ee8fd-2a50-459f-836a-4871950d210f" ,
"indicator--5a6ee8fd-cf74-4cab-b347-42c5950d210f" ,
"indicator--5a6ee8fe-8cb0-41d8-9ed1-4a16950d210f" ,
"indicator--5a6ee8fe-79ac-46e1-848e-41c8950d210f" ,
"indicator--5a6ee8ff-8de4-4370-9391-447c950d210f" ,
"indicator--5a6ee900-50a0-4cd6-8dae-4dd4950d210f" ,
"indicator--5a6ee900-63b4-4cc6-9610-4e00950d210f" ,
"indicator--5a6ee901-f140-4edc-bb20-4d25950d210f" ,
"indicator--5a69f2af-057c-4808-aa48-0699950d210f" ,
"indicator--5a69f6e2-769c-450c-838d-6372950d210f" ,
"indicator--5a69f753-6070-450f-81c2-0316950d210f" ,
"indicator--5a69f775-1f20-4bdc-b27d-032c950d210f" ,
"indicator--5a69f7eb-a520-44f2-93cf-4f84950d210f" ,
"indicator--5a69f83d-9168-41a6-a41e-062f950d210f" ,
"indicator--5a69f852-e7c0-42e2-aae4-0304950d210f" ,
"indicator--5a69f86b-64ec-4735-982a-459e950d210f" ,
"indicator--5a69f87f-3778-41b9-b4f6-0633950d210f" ,
"indicator--5a69f890-317c-4002-8221-45a8950d210f" ,
"indicator--5a69f8a1-bed0-46ad-b373-0304950d210f" ,
"indicator--4b82c28e-db6a-49ef-a4b6-f1b0e7c481da" ,
"x-misp-object--8fee2299-9627-412b-8bb7-8295639ab6ce" ,
"indicator--cd9e737c-b0dc-4401-a385-2b247115c07a" ,
"x-misp-object--88e6dbc8-6003-42ac-92ba-34993ebdae96" ,
"indicator--dc410def-7c1a-4244-8752-f2771457d938" ,
"x-misp-object--028f420e-ff18-4832-a89a-075bc13a20d8" ,
"indicator--2f720e4a-7d3a-41e3-b7c0-6c7b0878a56d" ,
"x-misp-object--786bf5d0-36e8-4526-8fc5-edd10c0fb0c2" ,
"indicator--38c787a4-bc7b-4155-9d98-e2956dd87357" ,
"x-misp-object--abd194a4-37ed-4d5e-90fc-5e15706ea96d" ,
"indicator--840a1999-f34d-4abc-975b-e26a1c3634c9" ,
"x-misp-object--759de2f9-1ccf-459c-a173-4562d4581517" ,
"indicator--ce937f02-67ce-4f9a-aa22-fab767eb2f30" ,
"x-misp-object--4d5131dd-0180-41a1-ad6d-696968e33bb6" ,
"indicator--701ad363-057b-4b4e-b22f-9798958a5da2" ,
"x-misp-object--4d535d51-bd69-457f-ba43-da4db6fa1f26" ,
"x-misp-object--241ddb47-6f1f-4d1a-b13c-c582100f97c4" ,
"indicator--c7c2dec5-5e7e-4d9d-98cc-fccbab11dad3" ,
"x-misp-object--f1e880b4-ac32-44dc-acb4-b27778ef826e" ,
"x-misp-object--66867a54-b961-40c2-bdd6-5ff50d8c5751" ,
"x-misp-object--7cc3b8f1-0cdd-459a-b20d-f0e735aecb38" ,
"x-misp-object--57f3705c-5159-409f-bf1c-7f38475bcf19" ,
"x-misp-object--8c91c8dd-4cf5-43ab-b0ac-15320aa7d53a" ,
"x-misp-object--bcd8cf4c-61f8-4ae0-8a79-43dbb402f00b" ,
"x-misp-object--169a13cc-1941-4b6a-a2a7-e80e51799878" ,
"x-misp-object--19831d57-9ef1-48b8-aff6-2c983c9f0ba8" ,
"indicator--74e3af5a-8812-4f48-bdd6-12ad52393c54" ,
"x-misp-object--7c415a81-aed3-46be-92e8-a758058dd2ee" ,
"indicator--da2ba3a3-17d7-461a-b404-534fd38010cb" ,
"x-misp-object--787df865-465c-4541-a216-64fcf44fc092" ,
"indicator--43d2c79a-4fd4-494d-9e33-ccf91540a12a" ,
"x-misp-object--dd304192-4087-4b7b-9ab7-c26944da4599" ,
"indicator--a9f396b1-467d-404f-9807-99da56d0d323" ,
"x-misp-object--bd54daba-66eb-421f-9abd-1c084cd5d2b2" ,
"indicator--02f09617-b7a7-4608-9456-18dc06951c95" ,
"x-misp-object--38359a42-3677-4098-9d0a-2cd90571882b" ,
"indicator--44db43b1-3e65-435d-9685-449aaa4006c0" ,
"x-misp-object--6d5f7d29-1065-444b-b1db-78546504d7bc" ,
"indicator--3cbb7b20-9488-4e2f-bc0d-e3f83b51f459" ,
"x-misp-object--b1f7e2ee-d752-4256-bfa8-e9a30fbe397b" ,
"indicator--65a214f5-5b53-4c1a-a8fe-37f5e95f6112" ,
"x-misp-object--168cd917-b755-4849-afbc-45a4168d1303" ,
"indicator--f9ea42d3-7a78-410e-85f1-8a2f4776c247" ,
"x-misp-object--3dbc76ad-00e1-4689-afa5-d77cdf602a8e" ,
"indicator--c39b0327-e7cc-444a-9630-4803dc1a465c" ,
"x-misp-object--6060493f-a1d0-460e-90dc-b9cfbabf17b2" ,
"indicator--0f9e1972-3921-4abe-a99c-6c23bebb1581" ,
"x-misp-object--911d6dae-bfc2-42d7-a088-042c4effa1ca" ,
"indicator--364ba1a1-3b83-41d3-954e-219edf85848e" ,
"x-misp-object--e9b619e3-a088-4d4e-963c-b5946d4c4d0b" ,
"indicator--6e708a06-6ebf-4276-97ce-60c45ea9ff40" ,
"x-misp-object--f720dfb3-da2b-4b0b-8e3c-d4d432812eae" ,
"indicator--e43bd01f-7bfb-4d31-98ff-6c3bc7be8dbc" ,
"x-misp-object--99c0f455-4ee5-421d-ac89-403a91423f94" ,
"indicator--2e86cfd5-d1f9-4835-813a-c62688c98ea7" ,
"x-misp-object--eff608c5-dcff-4ebb-b36d-0056758f216c" ,
"relationship--e39bcacb-cb92-4e0d-a763-b09c2ffc4dc6" ,
"relationship--8e132392-eaba-48c4-a806-86582eff2538" ,
"relationship--78663ecd-e033-4a0a-8de5-a9b760ce5e35" ,
"relationship--8186e14f-e4ab-468c-b1a1-e7dabcfb01f8" ,
"relationship--b03f9de3-cdff-4c09-b2bb-86e4ee12d114" ,
"relationship--69661baa-eb16-4315-a95f-a309517d95fa" ,
"relationship--79e7f5f7-2ed3-4b79-9529-50dc703a3ec5" ,
"relationship--dc419658-1fb6-458a-99df-a4904306edbe" ,
"relationship--c9e23aa9-bd73-46cc-a385-ed323727f658" ,
"relationship--238e0b80-e4f7-4873-92c2-ef398fb62a3d" ,
"relationship--b9e6c716-bd10-42b1-9f88-3296a5912037" ,
"relationship--4edf3c9f-3bdd-4f5b-8acd-ccdde0f1ebd9" ,
"relationship--93004869-e982-49cc-8a97-693e45c4aa26" ,
"relationship--0c8601dd-9c7c-45d5-a87b-578b9dbf10ba" ,
"relationship--0b94271b-1151-48ec-8d10-023aacd2b383" ,
"relationship--22ceb717-d70d-4325-b634-a8ac95b92677" ,
"relationship--259295c1-084c-4ad8-9b18-822075dc0713" ,
"relationship--b1fdd640-8b63-41d1-a36c-0cc9c305a8f5" ,
"relationship--fcae890e-71a4-4c78-819b-9de4955b9ecc" ,
"relationship--cd105e10-0ab1-4b44-ab3f-6c5c3bbd52e4" ,
"relationship--c390b9b8-1966-40f8-9936-f3767642fa48" ,
"relationship--35faedc9-cd8e-4834-b511-809d640e0a7b" ,
"relationship--da1fb4b8-ebae-4b4a-bde7-58bffadcc97a" ,
"relationship--a7dc1088-ae6c-44c7-9831-4c89d5716e2d" ,
"relationship--5a78bac5-d28c-4338-9815-a8b8fd42ba2b" ,
"relationship--48737e1a-377e-43c7-bb7d-21a8f7e0d6ff" ,
"relationship--20f2743c-a62b-4308-ab94-3fe380b98983" ,
"relationship--b29547c1-3ea7-4860-8951-f61ef0edba7d" ,
"relationship--58683f80-c0e5-4b1c-bded-6750a233c0fb" ,
"relationship--bc55d485-0794-48a4-a3a0-fe09e8a0e461" ,
"relationship--96b078d0-b332-45b8-ab77-ac2816dd64c7" ,
"relationship--3949c8b2-1cf9-49d9-a82c-20b7a1ac3465"
] ,
"labels" : [
"Threat-Report" ,
"misp:tool=\"MISP-STIX-Converter\"" ,
"osint:source-type=\"technical-report\"" ,
"misp-galaxy:threat-actor=\"Dark Caracal\"" ,
"veris:actor:motive=\"Espionage\""
] ,
"object_marking_refs" : [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5a69ed84-7358-4681-857b-4113950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:37.000Z" ,
"modified" : "2018-02-09T12:49:37.000Z" ,
"first_observed" : "2018-02-09T12:49:37Z" ,
"last_observed" : "2018-02-09T12:49:37Z" ,
"number_observed" : 1 ,
"object_refs" : [
"url--5a69ed84-7358-4681-857b-4113950d210f"
] ,
"labels" : [
"misp:type=\"link\"" ,
"misp:category=\"External analysis\"" ,
"osint:source-type=\"technical-report\""
]
} ,
{
"type" : "url" ,
"spec_version" : "2.1" ,
"id" : "url--5a69ed84-7358-4681-857b-4113950d210f" ,
"value" : "https://info.lookout.com/rs/051-ESQ-475/images/Lookout_Dark-Caracal_srr_20180118_us_v.1.0.pdf"
} ,
{
"type" : "x-misp-attribute" ,
"spec_version" : "2.1" ,
"id" : "x-misp-attribute--5a69eda8-8c64-404a-b670-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:37.000Z" ,
"modified" : "2018-02-09T12:49:37.000Z" ,
"labels" : [
"misp:type=\"comment\"" ,
"misp:category=\"External analysis\"" ,
"osint:source-type=\"technical-report\""
] ,
"x_misp_category" : "External analysis" ,
"x_misp_type" : "comment" ,
"x_misp_value" : "This report uncovers a prolific actor with nation-state level advanced persistent threat (APT) capabilities, who is exploiting targets \r\nglobally across multiple platforms. The actor has been observed making use of desktop tooling, but has prioritized mobile \r\ndevices as the primary attack vector. This is one of the first publicly documented mobile APT actors known to execute espionage \r\non a global scale."
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69ef3a-79b8-4482-9903-42ae950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:37.000Z" ,
"modified" : "2018-02-09T12:49:37.000Z" ,
"pattern" : "[email-message:from_ref.value = 'op13@mail.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:37Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"email-src\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69ef3a-f0f0-4b3b-b25b-4980950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:38.000Z" ,
"modified" : "2018-02-09T12:49:38.000Z" ,
"pattern" : "[email-message:from_ref.value = 'hicham.dika@mail.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"email-src\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69ef3b-7d48-4c38-8bd7-40c6950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:38.000Z" ,
"modified" : "2018-02-09T12:49:38.000Z" ,
"pattern" : "[email-message:from_ref.value = 'nancyrazzouk@mail.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"email-src\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69ef3b-c2b4-4807-afc5-49b0950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:39.000Z" ,
"modified" : "2018-02-09T12:49:39.000Z" ,
"pattern" : "[email-message:from_ref.value = 'alecouperus@mail.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:39Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"email-src\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69ef3c-a608-458b-85f0-42ac950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:39.000Z" ,
"modified" : "2018-02-09T12:49:39.000Z" ,
"pattern" : "[email-message:from_ref.value = 'hetemramadani5@gmail.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:39Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"email-src\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69ef3c-8e40-405e-af62-4aa0950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:39.000Z" ,
"modified" : "2018-02-09T12:49:39.000Z" ,
"pattern" : "[email-message:from_ref.value = 'info@secureandroid.info']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:39Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"email-src\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69efab-a5d8-4737-9b92-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:40.000Z" ,
"modified" : "2018-02-09T12:49:40.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '111.90.141.70']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69efab-5d08-4629-a28f-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:40.000Z" ,
"modified" : "2018-02-09T12:49:40.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '111.90.145.64']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69efac-85f0-4d9b-898b-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:41.000Z" ,
"modified" : "2018-02-09T12:49:41.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '111.90.141.38']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:41Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69efac-34d8-4d61-8bc3-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:41.000Z" ,
"modified" : "2018-02-09T12:49:41.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '111.90.158.121']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:41Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69efad-2c7c-4e73-9895-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:42.000Z" ,
"modified" : "2018-02-09T12:49:42.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '111.90.141.169']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:42Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69efad-f96c-4581-b143-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:42.000Z" ,
"modified" : "2018-02-09T12:49:42.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '111.90.150.221']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:42Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69efae-a7f0-4459-96ef-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:42.000Z" ,
"modified" : "2018-02-09T12:49:42.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '180.235.133.57']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:42Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69efae-141c-4531-80b8-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:43.000Z" ,
"modified" : "2018-02-09T12:49:43.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '172.111.250.156']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:43Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69efae-c084-482d-890e-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:43.000Z" ,
"modified" : "2018-02-09T12:49:43.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '77.78.103.41']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:43Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69efaf-9554-4e71-9bad-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:44.000Z" ,
"modified" : "2018-02-09T12:49:44.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '74.208.167.252']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:44Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69efaf-937c-4077-a577-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:44.000Z" ,
"modified" : "2018-02-09T12:49:44.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '111.90.140.11']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:44Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-attribute" ,
"spec_version" : "2.1" ,
"id" : "x-misp-attribute--5a69f172-77b4-4e41-94ab-4a4d950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:45.000Z" ,
"modified" : "2018-02-09T12:49:45.000Z" ,
"labels" : [
"misp:type=\"phone-number\"" ,
"misp:category=\"Other\""
] ,
"x_misp_category" : "Other" ,
"x_misp_type" : "phone-number" ,
"x_misp_value" : "+7820435193"
} ,
{
"type" : "x-misp-attribute" ,
"spec_version" : "2.1" ,
"id" : "x-misp-attribute--5a69f173-203c-4f37-89f2-4bfc950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:45.000Z" ,
"modified" : "2018-02-09T12:49:45.000Z" ,
"labels" : [
"misp:type=\"phone-number\"" ,
"misp:category=\"Other\""
] ,
"x_misp_category" : "Other" ,
"x_misp_type" : "phone-number" ,
"x_misp_value" : "+7820944266"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1c7-2c5c-48cc-8b53-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:46.000Z" ,
"modified" : "2018-02-09T12:49:46.000Z" ,
"pattern" : "[domain-name:value = 'adobeair.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:46Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1c8-5cc0-46bc-aa93-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:47.000Z" ,
"modified" : "2018-02-09T12:49:47.000Z" ,
"pattern" : "[domain-name:value = 'tweetsfb.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1c8-0edc-4606-96a4-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:47.000Z" ,
"modified" : "2018-02-09T12:49:47.000Z" ,
"pattern" : "[domain-name:value = 'secureandroid.info']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1c9-1d20-422b-9cb6-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:47.000Z" ,
"modified" : "2018-02-09T12:49:47.000Z" ,
"pattern" : "[domain-name:value = 'fbtweets.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1c9-b438-467d-bfae-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:48.000Z" ,
"modified" : "2018-02-09T12:49:48.000Z" ,
"pattern" : "[domain-name:value = 'gsec.in']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1c9-90dc-4c73-9c41-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:48.000Z" ,
"modified" : "2018-02-09T12:49:48.000Z" ,
"pattern" : "[domain-name:value = 'arabpublisherslb.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1ca-717c-4be0-bc22-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:49.000Z" ,
"modified" : "2018-02-09T12:49:49.000Z" ,
"pattern" : "[domain-name:value = 'sabisint.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1ca-6710-41eb-a750-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:49.000Z" ,
"modified" : "2018-02-09T12:49:49.000Z" ,
"pattern" : "[domain-name:value = 'fbarticles.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1cb-7960-4906-a314-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:49.000Z" ,
"modified" : "2018-02-09T12:49:49.000Z" ,
"pattern" : "[domain-name:value = 'planethdx.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1cb-5ba0-4021-9ca5-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:50.000Z" ,
"modified" : "2018-02-09T12:49:50.000Z" ,
"pattern" : "[domain-name:value = 'opwalls.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1cc-aee0-4db7-a16b-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:50.000Z" ,
"modified" : "2018-02-09T12:49:50.000Z" ,
"pattern" : "[domain-name:value = 'kaliex.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1cc-93e8-4c5f-a235-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:51.000Z" ,
"modified" : "2018-02-09T12:49:51.000Z" ,
"pattern" : "[domain-name:value = 'axroot.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1cc-6378-46de-981c-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:51.000Z" ,
"modified" : "2018-02-09T12:49:51.000Z" ,
"pattern" : "[domain-name:value = 'megadeb.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1cd-fe2c-47a4-8c20-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:51.000Z" ,
"modified" : "2018-02-09T12:49:51.000Z" ,
"pattern" : "[domain-name:value = 'mecodata.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1cd-fb54-482a-83cb-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:52.000Z" ,
"modified" : "2018-02-09T12:49:52.000Z" ,
"pattern" : "[domain-name:value = 'roxsoft.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1ce-4d68-4867-a6e9-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:52.000Z" ,
"modified" : "2018-02-09T12:49:52.000Z" ,
"pattern" : "[domain-name:value = 'flexberry.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1ce-79f0-4642-b8e2-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:53.000Z" ,
"modified" : "2018-02-09T12:49:53.000Z" ,
"pattern" : "[domain-name:value = 'globalmic.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1cf-d880-42ad-baa0-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:53.000Z" ,
"modified" : "2018-02-09T12:49:53.000Z" ,
"pattern" : "[domain-name:value = 'playermea.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1cf-10d4-4adb-ba9f-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:53.000Z" ,
"modified" : "2018-02-09T12:49:53.000Z" ,
"pattern" : "[domain-name:value = 'arablivenews.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1cf-095c-47e4-baa8-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:54.000Z" ,
"modified" : "2018-02-09T12:49:54.000Z" ,
"pattern" : "[domain-name:value = 'ecowatchasia.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:54Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1d0-e3c8-4992-93e9-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:54.000Z" ,
"modified" : "2018-02-09T12:49:54.000Z" ,
"pattern" : "[domain-name:value = 'etn9.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:54Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1d0-5c04-47e8-bb02-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:55.000Z" ,
"modified" : "2018-02-09T12:49:55.000Z" ,
"pattern" : "[domain-name:value = 'ancmax.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:55Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1d1-48ac-4c3d-b62c-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:55.000Z" ,
"modified" : "2018-02-09T12:49:55.000Z" ,
"pattern" : "[domain-name:value = 'tenoclock.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:55Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1d2-c220-4ffa-bcdd-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:55.000Z" ,
"modified" : "2018-02-09T12:49:55.000Z" ,
"pattern" : "[domain-name:value = 'mangoco.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:55Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1d2-21c0-46e2-a758-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:56.000Z" ,
"modified" : "2018-02-09T12:49:56.000Z" ,
"pattern" : "[domain-name:value = 'jaysonj.no-ip.biz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:56Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1d3-dcbc-438a-b7ec-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:57.000Z" ,
"modified" : "2018-02-09T12:49:57.000Z" ,
"pattern" : "[domain-name:value = 'orange2015.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:57Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1d3-012c-4a9e-ac1d-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:57.000Z" ,
"modified" : "2018-02-09T12:49:57.000Z" ,
"pattern" : "[domain-name:value = 'skypeservice.no-ip.org']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:57Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1d3-2b08-4953-b126-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:57.000Z" ,
"modified" : "2018-02-09T12:49:57.000Z" ,
"pattern" : "[domain-name:value = 'accountslogin.services']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:57Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1d4-2d0c-4f4c-be88-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:58.000Z" ,
"modified" : "2018-02-09T12:49:58.000Z" ,
"pattern" : "[domain-name:value = 'adobeinstall.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1d4-c3f0-4079-bae4-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:58.000Z" ,
"modified" : "2018-02-09T12:49:58.000Z" ,
"pattern" : "[domain-name:value = 'adobe-flashviewer.accountslogin.services']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1d5-19d8-49a0-86a9-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:59.000Z" ,
"modified" : "2018-02-09T12:49:59.000Z" ,
"pattern" : "[domain-name:value = 'dropboxonline.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:59Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1d5-2130-46de-976e-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:59.000Z" ,
"modified" : "2018-02-09T12:49:59.000Z" ,
"pattern" : "[domain-name:value = 'iceteapeach.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:59Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1d6-74cc-4724-82d8-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:49:59.000Z" ,
"modified" : "2018-02-09T12:49:59.000Z" ,
"pattern" : "[domain-name:value = 'nvidiaupdate.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:49:59Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1d6-8e9c-4b56-845d-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:00.000Z" ,
"modified" : "2018-02-09T12:50:00.000Z" ,
"pattern" : "[domain-name:value = 'skypeupdate.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:50:00Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1d6-e03c-4594-815f-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:00.000Z" ,
"modified" : "2018-02-09T12:50:00.000Z" ,
"pattern" : "[domain-name:value = 'paktest.ddns.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:50:00Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f1d7-b870-4a3f-8b76-e066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:01.000Z" ,
"modified" : "2018-02-09T12:50:01.000Z" ,
"pattern" : "[domain-name:value = 'watermelon2017.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:50:01Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8f5-56c4-4aa1-ac0b-4a38950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:17.000Z" ,
"modified" : "2018-01-29T09:27:17.000Z" ,
"description" : "MS Windows HtmlHelp Data" ,
"pattern" : "[file:hashes.SHA256 = 'ce583821191345274cd954b2db7da9742c239fe413fc17dcb97ffdd7b51cb072']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:17Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8f6-4d34-4a4e-abf2-47e7950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:18.000Z" ,
"modified" : "2018-01-29T09:27:18.000Z" ,
"description" : "PE32 executable (DLL) (GUI) Intel 80386" ,
"pattern" : "[file:hashes.SHA256 = 'ba4e063472a2559b4baa82d5272304a1cdae6968145c5ef221295c90e88458e2']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:18Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8f6-3aac-4b02-848c-4564950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:18.000Z" ,
"modified" : "2018-01-29T09:27:18.000Z" ,
"description" : "PE32 executable (GUI) Intel 80386" ,
"pattern" : "[file:hashes.SHA256 = '26419a0b6e033cdcb7bf4ca6b0b24fda35490cc6f2796682fb9403620f63d428']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:18Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8f6-8a1c-47ed-a766-4bd2950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:18.000Z" ,
"modified" : "2018-01-29T09:27:18.000Z" ,
"description" : "Zip archive data" ,
"pattern" : "[file:hashes.SHA256 = '15af5bbf3c8d5e5db41fd7c3d722e8b247b40f2da747d5c334f7fd80b715a649']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:18Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8f7-9c0c-4890-9c7a-4135950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:19.000Z" ,
"modified" : "2018-01-29T09:27:19.000Z" ,
"description" : "PE32 executable (GUI) Intel 80386" ,
"pattern" : "[file:hashes.SHA256 = '22eee43887e94997f9f9786092ffd3a9b51f059924cba678cf7b62cfafa65b28']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:19Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8f7-0848-4cd5-98d3-4a7d950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:19.000Z" ,
"modified" : "2018-01-29T09:27:19.000Z" ,
"description" : "PDF document, version 1.6" ,
"pattern" : "[file:hashes.SHA256 = 'fcf8f9566868d65d901fd6db9a8d6decacb860f5595f84a6a878193eda11549d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:19Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8f8-6a60-4bbc-ba1f-410e950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:20.000Z" ,
"modified" : "2018-01-29T09:27:20.000Z" ,
"description" : "PDF document, version 1.6" ,
"pattern" : "[file:hashes.SHA256 = 'f2178146741f91923c7d3e2442bd08605ed5a0927736e8cfdea00c055b2c6284']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8f8-91d0-46cd-b9f4-4497950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:20.000Z" ,
"modified" : "2018-01-29T09:27:20.000Z" ,
"description" : "data" ,
"pattern" : "[file:hashes.SHA256 = '6b6d363d653785f420dcc1a23c9d9b8b76b8647209b52562b774c793dc0e3f6b']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8f8-c398-4a50-b328-494e950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:20.000Z" ,
"modified" : "2018-01-29T09:27:20.000Z" ,
"description" : "PE32 executable (DLL) (GUI) Intel 80386" ,
"pattern" : "[file:hashes.SHA256 = 'a3ae05a134b30b8c8869d0acd65ed5bca160988b404c146a325f2399b9c1a243']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8f9-eff0-4bb8-94d8-464c950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:21.000Z" ,
"modified" : "2018-01-29T09:27:21.000Z" ,
"description" : "Composite Document File V2 Document" ,
"pattern" : "[file:hashes.SHA256 = 'e5eeb0a46dac58b171ebcefec60e9ff351fc7279d95892c6f48f799a1a364215']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8f9-daf8-4943-b09b-4fcd950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:21.000Z" ,
"modified" : "2018-01-29T09:27:21.000Z" ,
"description" : "Microsoft Word 2007+" ,
"pattern" : "[file:hashes.SHA256 = '400bca713ba1def9cdbc0e84fc97447db2fa3d12b1c5ef352ef985b7787b6ca4']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:21Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8fa-0e64-4682-a526-40fc950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:22.000Z" ,
"modified" : "2018-01-29T09:27:22.000Z" ,
"description" : "Composite Document File V2" ,
"pattern" : "[file:hashes.SHA256 = '5e0d061531071e53b3b993e06ce20dae6389a7e9eba5d7887399de48e2f2d278']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:22Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8fa-30f4-4de9-b059-459c950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:22.000Z" ,
"modified" : "2018-01-29T09:27:22.000Z" ,
"description" : "MS-DOS executable" ,
"pattern" : "[file:hashes.SHA256 = 'f9f2e632535b214a0fab376b32cbee1cab6507490c22ba9e12cfa417ed8d72bb']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:22Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8fb-42d8-4a6b-982d-4bdf950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:23.000Z" ,
"modified" : "2018-01-29T09:27:23.000Z" ,
"description" : "PE32 executable (GUI)" ,
"pattern" : "[file:hashes.SHA256 = 'bf600e7b27bdd9e396e5c396aba7f079c244bfb92ee45c721c2294aa36586206']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:23Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8fb-b904-4f1d-a3b2-49a9950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:23.000Z" ,
"modified" : "2018-01-29T09:27:23.000Z" ,
"description" : "PE32 executable (GUI) Intel 80386" ,
"pattern" : "[file:hashes.SHA256 = 'da81aec00b563123d2fbd14fb6a76619c90f81e83c5bd8aa0676922cae96b9ad']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:23Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8fb-471c-4613-8afb-4653950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:23.000Z" ,
"modified" : "2018-01-29T09:27:23.000Z" ,
"description" : "PE32 executable (DLL) (GUI) Intel 80386" ,
"pattern" : "[file:hashes.SHA256 = '9cf3d3c0b790cebeacb8cb577cd346a6513b1b74fa120aff8984aa022301562e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:23Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8fc-4a7c-4437-a225-404a950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:24.000Z" ,
"modified" : "2018-01-29T09:27:24.000Z" ,
"description" : "PE32 executable (GUI) Intel 80386" ,
"pattern" : "[file:hashes.SHA256 = '091ae8d5649c4e040d25550f2cdf7f1ddfc9c698e672318eb1ab6303aa1cf85b']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:24Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8fc-ccbc-4003-a05e-484f950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:24.000Z" ,
"modified" : "2018-01-29T09:27:24.000Z" ,
"description" : "PE32 executable (GUI) Intel 80386" ,
"pattern" : "[file:hashes.SHA256 = 'a91c2cad20935a85d6eed72ef663254396914811f043018732d29276424a9578']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:24Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8fd-2a50-459f-836a-4871950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:25.000Z" ,
"modified" : "2018-01-29T09:27:25.000Z" ,
"description" : "PE32 executable (GUI) Intel 80386" ,
"pattern" : "[file:hashes.SHA256 = 'b6ac374f79860ae99736aaa190cce5922a969ab060d7ae367dbfa094bfe4777d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8fd-cf74-4cab-b347-42c5950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:25.000Z" ,
"modified" : "2018-01-29T09:27:25.000Z" ,
"description" : "PE32 executable (GUI) Intel 80386" ,
"pattern" : "[file:hashes.SHA256 = 'ed97719c008422925ae21ff34448a8c35ee270a428b0478e24669396761d0790']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8fe-8cb0-41d8-9ed1-4a16950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:26.000Z" ,
"modified" : "2018-01-29T09:27:26.000Z" ,
"description" : "PE32 executable (GUI) Intel 80386" ,
"pattern" : "[file:hashes.SHA256 = '5c1622cabf21672a8a5379ce8d0ee0ba6d5bc137657f3779faa694fcc4bb3988']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:26Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8fe-79ac-46e1-848e-41c8950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:26.000Z" ,
"modified" : "2018-01-29T09:27:26.000Z" ,
"description" : "PE32 executable (DLL) (GUI) Intel 80386" ,
"pattern" : "[file:hashes.SHA256 = '86f1bbda3ebf03a0f0a79d7bd1db68598ace9465f5cebb7f66773f8a818b4e8b']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:26Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee8ff-8de4-4370-9391-447c950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:27.000Z" ,
"modified" : "2018-01-29T09:27:27.000Z" ,
"description" : "PE32 executable (DLL) (GUI) Intel 80386" ,
"pattern" : "[file:hashes.SHA256 = '675c3d96070dc9a0e437f3e1b653b90dbc6700b0ec57379d4139e65f7d2799cd']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee900-50a0-4cd6-8dae-4dd4950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:28.000Z" ,
"modified" : "2018-01-29T09:27:28.000Z" ,
"description" : "PE32 executable (GUI) Intel 80386" ,
"pattern" : "[file:hashes.SHA256 = 'ed25b0c20b1c1b271a511a1266fe3967ab851aaa9f793bdf4f3d19de1dcf6532']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:28Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee900-63b4-4cc6-9610-4e00950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:28.000Z" ,
"modified" : "2018-01-29T09:27:28.000Z" ,
"description" : "PE32 executable (GUI) Intel 80386" ,
"pattern" : "[file:hashes.SHA256 = 'f581a75a0f8f8eb200a283437bed48f30ae9d5616e94f64acfd93c12fcef987a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:28Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a6ee901-f140-4edc-bb20-4d25950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-29T09:27:29.000Z" ,
"modified" : "2018-01-29T09:27:29.000Z" ,
"description" : "PE32 executable (GUI) Intel 80386" ,
"pattern" : "[file:hashes.SHA256 = 'd57701321f2f13585a02fc8ba6cbf1f2f094764bfa067eb73c0101060289b0ba']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-29T09:27:29Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f2af-057c-4808-aa48-0699950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T15:07:30.000Z" ,
"modified" : "2018-01-25T15:07:30.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'b0151434815f8b3796ab83848bf6969a2b2ad721' AND file:name = 'com.primo.mobile.android.app' AND file:x_misp_state = 'Malicious']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-25T15:07:30Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f6e2-769c-450c-838d-6372950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T15:25:25.000Z" ,
"modified" : "2018-01-25T15:25:25.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'ed4754effda466b8babf87bcba2717760f112455' AND file:name = 'com.gbwhatsapp' AND file:x_misp_state = 'Malicious']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-25T15:25:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f753-6070-450f-81c2-0316950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T15:27:18.000Z" ,
"modified" : "2018-01-25T15:27:18.000Z" ,
"pattern" : "[file:hashes.SHA1 = '47243997992d253f7c4ea20f846191697999cd57' AND file:name = 'com.psiphon3' AND file:x_misp_state = 'Malicious']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-25T15:27:18Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f775-1f20-4bdc-b27d-032c950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T15:27:52.000Z" ,
"modified" : "2018-01-25T15:27:52.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'bfbe5218a1b4f8c55eadf2583a2655a49bf6a884' AND file:name = 'org.thoughtcrime.securesms' AND file:x_misp_state = 'Malicious']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-25T15:27:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f7eb-a520-44f2-93cf-4f84950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T15:29:50.000Z" ,
"modified" : "2018-01-25T15:29:50.000Z" ,
"pattern" : "[file:hashes.SHA1 = '309038fceb9a5eb6af83bd9c3ed28bf4487dc27d' AND file:name = 'org.telegram.plus' AND file:x_misp_state = 'Malicious']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-25T15:29:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f83d-9168-41a6-a41e-062f950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T15:31:12.000Z" ,
"modified" : "2018-01-25T15:31:12.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'eaed6ce848e68d5ec42837640eb21d3bfd9ae692' AND file:name = 'org.torproject.android' AND file:x_misp_state = 'Malicious']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-25T15:31:12Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f852-e7c0-42e2-aae4-0304950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T15:31:33.000Z" ,
"modified" : "2018-01-25T15:31:33.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'edf037efc400ccb9f843500103a208fe1f254453' AND file:name = 'org.telegram.plus' AND file:x_misp_state = 'Malicious']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-25T15:31:33Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f86b-64ec-4735-982a-459e950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T15:31:58.000Z" ,
"modified" : "2018-01-25T15:31:58.000Z" ,
"pattern" : "[file:hashes.SHA1 = '35b70d89af691ac244a547842b7c8dfd9a7233fe' AND file:name = 'ch.threema.app' AND file:x_misp_state = 'Malicious']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-25T15:31:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f87f-3778-41b9-b4f6-0633950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T15:32:15.000Z" ,
"modified" : "2018-01-25T15:32:15.000Z" ,
"pattern" : "[file:hashes.SHA1 = '7d47da505f8d3ee153629b373f6792c8858f76e8' AND file:name = 'com.flashplayer.player' AND file:x_misp_state = 'Malicious']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-25T15:32:15Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f890-317c-4002-8221-45a8950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T15:32:32.000Z" ,
"modified" : "2018-01-25T15:32:32.000Z" ,
"pattern" : "[file:hashes.SHA1 = '4896b0c957b6a985b2b6efe2ffe517dceaa6ce01' AND file:name = 'com.flashplayer.player' AND file:x_misp_state = 'Malicious']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-25T15:32:32Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a69f8a1-bed0-46ad-b373-0304950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T15:32:49.000Z" ,
"modified" : "2018-01-25T15:32:49.000Z" ,
"pattern" : "[file:hashes.SHA1 = '6a2d5c0a4cc5b5053f5c8f15c447316fae66b57b' AND file:x_misp_text = 'com.flashplayer.player' AND file:x_misp_state = 'Malicious']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-25T15:32:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4b82c28e-db6a-49ef-a4b6-f1b0e7c481da" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T16:47:44.000Z" ,
"modified" : "2018-01-25T16:47:44.000Z" ,
"pattern" : "[file:hashes.MD5 = '4416beffba77e4a78227e4aeb687f0a7' AND file:hashes.SHA1 = '309038fceb9a5eb6af83bd9c3ed28bf4487dc27d' AND file:hashes.SHA256 = 'fd4c5c86a5df0bc6793f5155f148572a33af77ca37f4e2bd254e3f81467958ff']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-25T16:47:44Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--8fee2299-9627-412b-8bb7-8295639ab6ce" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T16:47:42.000Z" ,
"modified" : "2018-01-25T16:47:42.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/fd4c5c86a5df0bc6793f5155f148572a33af77ca37f4e2bd254e3f81467958ff/analysis/1516638617/" ,
"category" : "External analysis" ,
"uuid" : "5a6a0a2e-03a0-482c-97da-457102de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "21/61" ,
"category" : "Other" ,
"uuid" : "5a6a0a2f-b78c-4b74-bed9-47c002de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-22T16:30:17" ,
"category" : "Other" ,
"uuid" : "5a6a0a2f-b25c-4e48-81db-4f2802de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cd9e737c-b0dc-4401-a385-2b247115c07a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T16:47:47.000Z" ,
"modified" : "2018-01-25T16:47:47.000Z" ,
"pattern" : "[file:hashes.MD5 = 'cd57c9d2167e5b7893b4ef965cd863b3' AND file:hashes.SHA1 = 'bfbe5218a1b4f8c55eadf2583a2655a49bf6a884' AND file:hashes.SHA256 = '2744c948f716b7e4f6e75f1ea05b9c404696e498f213ca7e564fc4088de72ce9']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-25T16:47:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--88e6dbc8-6003-42ac-92ba-34993ebdae96" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T16:47:45.000Z" ,
"modified" : "2018-01-25T16:47:45.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/2744c948f716b7e4f6e75f1ea05b9c404696e498f213ca7e564fc4088de72ce9/analysis/1516638665/" ,
"category" : "External analysis" ,
"uuid" : "5a6a0a31-37dc-4d09-a27d-4f7002de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "15/60" ,
"category" : "Other" ,
"uuid" : "5a6a0a32-b450-41e9-b587-422302de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-22T16:31:05" ,
"category" : "Other" ,
"uuid" : "5a6a0a32-9040-426a-866a-4ce102de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--dc410def-7c1a-4244-8752-f2771457d938" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T16:47:50.000Z" ,
"modified" : "2018-01-25T16:47:50.000Z" ,
"pattern" : "[file:hashes.MD5 = 'c1852f1116527f27c8115d876ca70d87' AND file:hashes.SHA1 = 'eaed6ce848e68d5ec42837640eb21d3bfd9ae692' AND file:hashes.SHA256 = '4ef6007037d858b888a0160277858f4aa05c5507d07952ba374522670bbb052e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-25T16:47:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--028f420e-ff18-4832-a89a-075bc13a20d8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T16:47:48.000Z" ,
"modified" : "2018-01-25T16:47:48.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/4ef6007037d858b888a0160277858f4aa05c5507d07952ba374522670bbb052e/analysis/1516638623/" ,
"category" : "External analysis" ,
"uuid" : "5a6a0a34-52a0-4c91-9806-412e02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "27/60" ,
"category" : "Other" ,
"uuid" : "5a6a0a34-cc88-4cf9-b128-4b6c02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-22T16:30:23" ,
"category" : "Other" ,
"uuid" : "5a6a0a35-e310-46d0-9c43-472502de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2f720e4a-7d3a-41e3-b7c0-6c7b0878a56d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T16:47:52.000Z" ,
"modified" : "2018-01-25T16:47:52.000Z" ,
"pattern" : "[file:hashes.MD5 = '739aea2e591ff8e5fd7021ba1fb5df5d' AND file:hashes.SHA1 = '47243997992d253f7c4ea20f846191697999cd57' AND file:hashes.SHA256 = 'df4097c6130fc1fafda7fa912982f94026b1b4f5b7e18fda34d56f2f742f8e66']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-25T16:47:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--786bf5d0-36e8-4526-8fc5-edd10c0fb0c2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T16:47:51.000Z" ,
"modified" : "2018-01-25T16:47:51.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/df4097c6130fc1fafda7fa912982f94026b1b4f5b7e18fda34d56f2f742f8e66/analysis/1516638609/" ,
"category" : "External analysis" ,
"uuid" : "5a6a0a37-3f04-4932-9e6c-4c8902de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "24/61" ,
"category" : "Other" ,
"uuid" : "5a6a0a37-e344-45f1-89b7-489702de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-22T16:30:09" ,
"category" : "Other" ,
"uuid" : "5a6a0a38-3258-4c10-904a-429802de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--38c787a4-bc7b-4155-9d98-e2956dd87357" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T16:47:55.000Z" ,
"modified" : "2018-01-25T16:47:55.000Z" ,
"pattern" : "[file:hashes.MD5 = 'cda2bbcf9414001233f1d025c377b0ac' AND file:hashes.SHA1 = '35b70d89af691ac244a547842b7c8dfd9a7233fe' AND file:hashes.SHA256 = '20fd6d2c4058ff01add0e8e260540d98fc6af8c7a6db8c6b1038497bdedd028d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-25T16:47:55Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--abd194a4-37ed-4d5e-90fc-5e15706ea96d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T16:47:54.000Z" ,
"modified" : "2018-01-25T16:47:54.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/20fd6d2c4058ff01add0e8e260540d98fc6af8c7a6db8c6b1038497bdedd028d/analysis/1516638649/" ,
"category" : "External analysis" ,
"uuid" : "5a6a0a3a-e1c0-45a1-9ff9-4b9702de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "16/61" ,
"category" : "Other" ,
"uuid" : "5a6a0a3b-f48c-4a00-b5b7-470102de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-22T16:30:49" ,
"category" : "Other" ,
"uuid" : "5a6a0a3b-e91c-49e4-b758-488302de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--840a1999-f34d-4abc-975b-e26a1c3634c9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T16:47:58.000Z" ,
"modified" : "2018-01-25T16:47:58.000Z" ,
"pattern" : "[file:hashes.MD5 = '4b1918576e4be67de835a85d986b75ef' AND file:hashes.SHA1 = 'ed4754effda466b8babf87bcba2717760f112455' AND file:hashes.SHA256 = 'a49a9932f48c923e56733309193f5015c35e5d430baf88aae231526e4812b509']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-25T16:47:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--759de2f9-1ccf-459c-a173-4562d4581517" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T16:47:57.000Z" ,
"modified" : "2018-01-25T16:47:57.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/a49a9932f48c923e56733309193f5015c35e5d430baf88aae231526e4812b509/analysis/1516717825/" ,
"category" : "External analysis" ,
"uuid" : "5a6a0a3d-2bac-4efa-bded-483502de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "22/60" ,
"category" : "Other" ,
"uuid" : "5a6a0a3d-c098-4a3b-9d30-4f4502de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-23T14:30:25" ,
"category" : "Other" ,
"uuid" : "5a6a0a3e-9e68-4327-90e6-45ae02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ce937f02-67ce-4f9a-aa22-fab767eb2f30" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T16:48:01.000Z" ,
"modified" : "2018-01-25T16:48:01.000Z" ,
"pattern" : "[file:hashes.MD5 = 'bc6bd454281171a9ccfc464c2dd65291' AND file:hashes.SHA1 = 'edf037efc400ccb9f843500103a208fe1f254453' AND file:hashes.SHA256 = 'c034a300ce281c8e65e4215eb20c7bb3046bb96c98c99ef30ad1fae77401c5f4']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-25T16:48:01Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--4d5131dd-0180-41a1-ad6d-696968e33bb6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T16:47:59.000Z" ,
"modified" : "2018-01-25T16:47:59.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/c034a300ce281c8e65e4215eb20c7bb3046bb96c98c99ef30ad1fae77401c5f4/analysis/1516638642/" ,
"category" : "External analysis" ,
"uuid" : "5a6a0a40-29f0-4657-911c-406f02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "19/62" ,
"category" : "Other" ,
"uuid" : "5a6a0a40-bf28-471d-b343-4f3c02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-22T16:30:42" ,
"category" : "Other" ,
"uuid" : "5a6a0a41-2e0c-491d-81e4-476502de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--701ad363-057b-4b4e-b22f-9798958a5da2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T16:48:04.000Z" ,
"modified" : "2018-01-25T16:48:04.000Z" ,
"pattern" : "[file:hashes.MD5 = 'a254d46e8fe36ab3fc4310d9bcf1dafc' AND file:hashes.SHA1 = 'b0151434815f8b3796ab83848bf6969a2b2ad721' AND file:hashes.SHA256 = '8f1a3002e17e1ccaaa20323775d8482f0ffbcfaf809fe0921da4665eea894fcf']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-01-25T16:48:04Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--4d535d51-bd69-457f-ba43-da4db6fa1f26" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-01-25T16:48:02.000Z" ,
"modified" : "2018-01-25T16:48:02.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/8f1a3002e17e1ccaaa20323775d8482f0ffbcfaf809fe0921da4665eea894fcf/analysis/1516638656/" ,
"category" : "External analysis" ,
"uuid" : "5a6a0a42-cf54-4841-b7f6-4a5b02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "22/61" ,
"category" : "Other" ,
"uuid" : "5a6a0a43-f860-4155-89a4-45db02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-22T16:30:56" ,
"category" : "Other" ,
"uuid" : "5a6a0a43-cf00-4800-adac-41d702de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--241ddb47-6f1f-4d1a-b13c-c582100f97c4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:01.000Z" ,
"modified" : "2018-02-09T12:50:01.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/c034a300ce281c8e65e4215eb20c7bb3046bb96c98c99ef30ad1fae77401c5f4/analysis/1517227034/" ,
"category" : "External analysis" ,
"uuid" : "5a7d98f9-f728-47cf-8fae-4d3a02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "24/60" ,
"category" : "Other" ,
"uuid" : "5a7d98fa-ac08-496a-8bc7-47cb02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-29T11:57:14" ,
"category" : "Other" ,
"uuid" : "5a7d98fa-7140-4d6f-8cba-424502de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c7c2dec5-5e7e-4d9d-98cc-fccbab11dad3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:06.000Z" ,
"modified" : "2018-02-09T12:50:06.000Z" ,
"pattern" : "[file:hashes.MD5 = 'c08edc46d28d62379aed5b71620f86f2' AND file:hashes.SHA1 = '7d47da505f8d3ee153629b373f6792c8858f76e8' AND file:hashes.SHA256 = '0faf0bae114f3e5c17e7abb8fd97b4726d8a01de386e72442c4ce837ffac2405']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:50:06Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--f1e880b4-ac32-44dc-acb4-b27778ef826e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:04.000Z" ,
"modified" : "2018-02-09T12:50:04.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/0faf0bae114f3e5c17e7abb8fd97b4726d8a01de386e72442c4ce837ffac2405/analysis/1517430710/" ,
"category" : "External analysis" ,
"uuid" : "5a7d98fc-8f04-40d8-9226-460802de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "4/60" ,
"category" : "Other" ,
"uuid" : "5a7d98fc-c85c-460d-804e-44bb02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-31T20:31:50" ,
"category" : "Other" ,
"uuid" : "5a7d98fd-803c-405f-83ab-4c9802de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--66867a54-b961-40c2-bdd6-5ff50d8c5751" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:05.000Z" ,
"modified" : "2018-02-09T12:50:05.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/4ef6007037d858b888a0160277858f4aa05c5507d07952ba374522670bbb052e/analysis/1517559648/" ,
"category" : "External analysis" ,
"uuid" : "5a7d98fd-2938-4f4b-9a0a-469302de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "31/60" ,
"category" : "Other" ,
"uuid" : "5a7d98fe-4bb4-4be1-8161-452a02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-02-02T08:20:48" ,
"category" : "Other" ,
"uuid" : "5a7d98ff-158c-4f24-a476-4d3d02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--7cc3b8f1-0cdd-459a-b20d-f0e735aecb38" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:07.000Z" ,
"modified" : "2018-02-09T12:50:07.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/a49a9932f48c923e56733309193f5015c35e5d430baf88aae231526e4812b509/analysis/1518118267/" ,
"category" : "External analysis" ,
"uuid" : "5a7d9900-dc2c-4b4c-bf57-465e02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "28/62" ,
"category" : "Other" ,
"uuid" : "5a7d9900-486c-4931-a7d8-4f7e02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-02-08T19:31:07" ,
"category" : "Other" ,
"uuid" : "5a7d9900-1b3c-4187-9014-4e6b02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--57f3705c-5159-409f-bf1c-7f38475bcf19" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:09.000Z" ,
"modified" : "2018-02-09T12:50:09.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/2744c948f716b7e4f6e75f1ea05b9c404696e498f213ca7e564fc4088de72ce9/analysis/1517293423/" ,
"category" : "External analysis" ,
"uuid" : "5a7d9901-a36c-4bb9-bd07-465f02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "18/60" ,
"category" : "Other" ,
"uuid" : "5a7d9901-5c8c-4381-b76f-4e1902de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-30T06:23:43" ,
"category" : "Other" ,
"uuid" : "5a7d9902-fbe4-49f9-8f82-462102de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--8c91c8dd-4cf5-43ab-b0ac-15320aa7d53a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:10.000Z" ,
"modified" : "2018-02-09T12:50:10.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/8f1a3002e17e1ccaaa20323775d8482f0ffbcfaf809fe0921da4665eea894fcf/analysis/1517293144/" ,
"category" : "External analysis" ,
"uuid" : "5a7d9902-fddc-4aaa-944d-40ff02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "26/61" ,
"category" : "Other" ,
"uuid" : "5a7d9903-6810-481a-bb7b-463c02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-30T06:19:04" ,
"category" : "Other" ,
"uuid" : "5a7d9903-ef14-40ae-8082-4cc202de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--bcd8cf4c-61f8-4ae0-8a79-43dbb402f00b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:12.000Z" ,
"modified" : "2018-02-09T12:50:12.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/df4097c6130fc1fafda7fa912982f94026b1b4f5b7e18fda34d56f2f742f8e66/analysis/1517159980/" ,
"category" : "External analysis" ,
"uuid" : "5a7d9904-c100-4e81-8238-469502de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "27/59" ,
"category" : "Other" ,
"uuid" : "5a7d9904-6d64-428a-8514-4b3802de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-28T17:19:40" ,
"category" : "Other" ,
"uuid" : "5a7d9904-1164-4493-939b-4eb802de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--169a13cc-1941-4b6a-a2a7-e80e51799878" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:13.000Z" ,
"modified" : "2018-02-09T12:50:13.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/fd4c5c86a5df0bc6793f5155f148572a33af77ca37f4e2bd254e3f81467958ff/analysis/1517159983/" ,
"category" : "External analysis" ,
"uuid" : "5a7d9905-afd4-49b3-8b6c-427c02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "24/60" ,
"category" : "Other" ,
"uuid" : "5a7d9905-b724-4b5a-9a8f-4c2002de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-28T17:19:43" ,
"category" : "Other" ,
"uuid" : "5a7d9906-d520-4749-a860-46eb02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--19831d57-9ef1-48b8-aff6-2c983c9f0ba8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:14.000Z" ,
"modified" : "2018-02-09T12:50:14.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/20fd6d2c4058ff01add0e8e260540d98fc6af8c7a6db8c6b1038497bdedd028d/analysis/1517559601/" ,
"category" : "External analysis" ,
"uuid" : "5a7d9906-f37c-409e-bbb5-492302de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "24/59" ,
"category" : "Other" ,
"uuid" : "5a7d9907-afc8-4f1e-bfb6-4d6f02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-02-02T08:20:01" ,
"category" : "Other" ,
"uuid" : "5a7d9907-8288-474e-ba7e-4ca202de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--74e3af5a-8812-4f48-bdd6-12ad52393c54" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:19.000Z" ,
"modified" : "2018-02-09T12:50:19.000Z" ,
"pattern" : "[file:hashes.MD5 = 'd38ee304db5692030838d0dc1e37c97b' AND file:hashes.SHA1 = '8ba3977352e5a0fb06f0ac7d774665d3dc908cce' AND file:hashes.SHA256 = 'a3ae05a134b30b8c8869d0acd65ed5bca160988b404c146a325f2399b9c1a243']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:50:19Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--7c415a81-aed3-46be-92e8-a758058dd2ee" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:17.000Z" ,
"modified" : "2018-02-09T12:50:17.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/a3ae05a134b30b8c8869d0acd65ed5bca160988b404c146a325f2399b9c1a243/analysis/1517160003/" ,
"category" : "External analysis" ,
"comment" : "PE32 executable (DLL) (GUI) Intel 80386" ,
"uuid" : "5a7d990a-f348-4e29-b924-49a002de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "38/65" ,
"category" : "Other" ,
"comment" : "PE32 executable (DLL) (GUI) Intel 80386" ,
"uuid" : "5a7d990a-4508-40a4-950d-46e402de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-28T17:20:03" ,
"category" : "Other" ,
"comment" : "PE32 executable (DLL) (GUI) Intel 80386" ,
"uuid" : "5a7d990a-b984-46d6-b4af-417802de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--da2ba3a3-17d7-461a-b404-534fd38010cb" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:22.000Z" ,
"modified" : "2018-02-09T12:50:22.000Z" ,
"pattern" : "[file:hashes.MD5 = '84a825480f054767814598df235061fa' AND file:hashes.SHA1 = 'd69858d89c55f1a11c5602a32e1297baa180f10a' AND file:hashes.SHA256 = 'b6ac374f79860ae99736aaa190cce5922a969ab060d7ae367dbfa094bfe4777d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:50:22Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--787df865-465c-4541-a216-64fcf44fc092" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:20.000Z" ,
"modified" : "2018-02-09T12:50:20.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/b6ac374f79860ae99736aaa190cce5922a969ab060d7ae367dbfa094bfe4777d/analysis/1518009782/" ,
"category" : "External analysis" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d990c-0dcc-4e28-bb90-494302de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "45/67" ,
"category" : "Other" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d990d-d0a4-41bd-bc1c-435002de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-02-07T13:23:02" ,
"category" : "Other" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d990d-390c-4e75-925d-481902de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--43d2c79a-4fd4-494d-9e33-ccf91540a12a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:24.000Z" ,
"modified" : "2018-02-09T12:50:24.000Z" ,
"pattern" : "[file:hashes.MD5 = '05bd5ac2baf0abbce24deb916d0fb79c' AND file:hashes.SHA1 = '7070263d9c43c80b1b1f997268be72926cc0dc98' AND file:hashes.SHA256 = 'f9f2e632535b214a0fab376b32cbee1cab6507490c22ba9e12cfa417ed8d72bb']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:50:24Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--dd304192-4087-4b7b-9ab7-c26944da4599" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:23.000Z" ,
"modified" : "2018-02-09T12:50:23.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/f9f2e632535b214a0fab376b32cbee1cab6507490c22ba9e12cfa417ed8d72bb/analysis/1517866336/" ,
"category" : "External analysis" ,
"comment" : "MS-DOS executable" ,
"uuid" : "5a7d990f-58d0-4571-8dec-49c802de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "1/67" ,
"category" : "Other" ,
"comment" : "MS-DOS executable" ,
"uuid" : "5a7d990f-16d8-45f7-82bf-42e802de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-02-05T21:32:16" ,
"category" : "Other" ,
"comment" : "MS-DOS executable" ,
"uuid" : "5a7d9910-240c-4a03-bdd8-470102de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a9f396b1-467d-404f-9807-99da56d0d323" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:27.000Z" ,
"modified" : "2018-02-09T12:50:27.000Z" ,
"pattern" : "[file:hashes.MD5 = '6e5e829e7a503dcefc753ba6f33f1e3d' AND file:hashes.SHA1 = 'a887426dcb133e22449bafd6498eddc2a5fa67e6' AND file:hashes.SHA256 = '5c1622cabf21672a8a5379ce8d0ee0ba6d5bc137657f3779faa694fcc4bb3988']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:50:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--bd54daba-66eb-421f-9abd-1c084cd5d2b2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:26.000Z" ,
"modified" : "2018-02-09T12:50:26.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/5c1622cabf21672a8a5379ce8d0ee0ba6d5bc137657f3779faa694fcc4bb3988/analysis/1517160030/" ,
"category" : "External analysis" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d9912-e328-4518-8984-473b02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "43/65" ,
"category" : "Other" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d9912-61c8-4b67-ab46-4ba102de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-28T17:20:30" ,
"category" : "Other" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d9913-e574-4651-8c01-464e02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--02f09617-b7a7-4608-9456-18dc06951c95" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:31.000Z" ,
"modified" : "2018-02-09T12:50:31.000Z" ,
"pattern" : "[file:hashes.MD5 = '825ffbca0f80a7f1999712a0d6d2000c' AND file:hashes.SHA1 = 'c0a3058e7749c6b5744a13962000e71770851e93' AND file:hashes.SHA256 = 'f581a75a0f8f8eb200a283437bed48f30ae9d5616e94f64acfd93c12fcef987a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:50:31Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--38359a42-3677-4098-9d0a-2cd90571882b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:29.000Z" ,
"modified" : "2018-02-09T12:50:29.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/f581a75a0f8f8eb200a283437bed48f30ae9d5616e94f64acfd93c12fcef987a/analysis/1518009773/" ,
"category" : "External analysis" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d9915-e288-4efc-be7b-4e6202de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "44/66" ,
"category" : "Other" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d9915-5764-4d97-addc-462202de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-02-07T13:22:53" ,
"category" : "Other" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d9916-b3c4-4b14-9322-4e3602de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--44db43b1-3e65-435d-9685-449aaa4006c0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:33.000Z" ,
"modified" : "2018-02-09T12:50:33.000Z" ,
"pattern" : "[file:hashes.MD5 = '95ad2569e58d4c7d9d81c3b93f1437ab' AND file:hashes.SHA1 = 'd67d631e5d9020bbc0b8b499ebdd1882aed7df24' AND file:hashes.SHA256 = 'ba4e063472a2559b4baa82d5272304a1cdae6968145c5ef221295c90e88458e2']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:50:33Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--6d5f7d29-1065-444b-b1db-78546504d7bc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:31.000Z" ,
"modified" : "2018-02-09T12:50:31.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/ba4e063472a2559b4baa82d5272304a1cdae6968145c5ef221295c90e88458e2/analysis/1517159991/" ,
"category" : "External analysis" ,
"comment" : "PE32 executable (DLL) (GUI) Intel 80386" ,
"uuid" : "5a7d9917-ee4c-4c08-9f5c-430002de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "34/64" ,
"category" : "Other" ,
"comment" : "PE32 executable (DLL) (GUI) Intel 80386" ,
"uuid" : "5a7d9918-70f0-4157-a609-432e02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-28T17:19:51" ,
"category" : "Other" ,
"comment" : "PE32 executable (DLL) (GUI) Intel 80386" ,
"uuid" : "5a7d9918-d4d8-4c90-9976-464b02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3cbb7b20-9488-4e2f-bc0d-e3f83b51f459" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:36.000Z" ,
"modified" : "2018-02-09T12:50:36.000Z" ,
"pattern" : "[file:hashes.MD5 = 'e0c854bda714fed48fdc72d86c0226a3' AND file:hashes.SHA1 = '173271b1587f7c041317a4944fcf6967343dd089' AND file:hashes.SHA256 = '675c3d96070dc9a0e437f3e1b653b90dbc6700b0ec57379d4139e65f7d2799cd']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:50:36Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--b1f7e2ee-d752-4256-bfa8-e9a30fbe397b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:34.000Z" ,
"modified" : "2018-02-09T12:50:34.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/675c3d96070dc9a0e437f3e1b653b90dbc6700b0ec57379d4139e65f7d2799cd/analysis/1518009786/" ,
"category" : "External analysis" ,
"comment" : "PE32 executable (DLL) (GUI) Intel 80386" ,
"uuid" : "5a7d991b-2f6c-456c-a97e-4d4f02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "39/66" ,
"category" : "Other" ,
"comment" : "PE32 executable (DLL) (GUI) Intel 80386" ,
"uuid" : "5a7d991b-b2d8-4263-9ecc-45cf02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-02-07T13:23:06" ,
"category" : "Other" ,
"comment" : "PE32 executable (DLL) (GUI) Intel 80386" ,
"uuid" : "5a7d991c-960c-45ca-88dc-4a9702de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--65a214f5-5b53-4c1a-a8fe-37f5e95f6112" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:39.000Z" ,
"modified" : "2018-02-09T12:50:39.000Z" ,
"pattern" : "[file:hashes.MD5 = '643b0db380149d220ce9074a29f83841' AND file:hashes.SHA1 = '8aff7278e29341030e4b4c3ff1ae644303fe896b' AND file:hashes.SHA256 = 'a91c2cad20935a85d6eed72ef663254396914811f043018732d29276424a9578']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:50:39Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--168cd917-b755-4849-afbc-45a4168d1303" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:37.000Z" ,
"modified" : "2018-02-09T12:50:37.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/a91c2cad20935a85d6eed72ef663254396914811f043018732d29276424a9578/analysis/1518009790/" ,
"category" : "External analysis" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d991e-7920-4576-a323-41e402de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "49/67" ,
"category" : "Other" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d991e-1610-4d63-b53e-4ba402de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-02-07T13:23:10" ,
"category" : "Other" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d991e-fb2c-4562-969d-480c02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f9ea42d3-7a78-410e-85f1-8a2f4776c247" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:42.000Z" ,
"modified" : "2018-02-09T12:50:42.000Z" ,
"pattern" : "[file:hashes.MD5 = 'f4340bb3bd18a4c500c9c3d24e74fe97' AND file:hashes.SHA1 = 'd9faa08251e927d4eaf83063d1d95be7abeb3fe0' AND file:hashes.SHA256 = 'da81aec00b563123d2fbd14fb6a76619c90f81e83c5bd8aa0676922cae96b9ad']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:50:42Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--3dbc76ad-00e1-4689-afa5-d77cdf602a8e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:40.000Z" ,
"modified" : "2018-02-09T12:50:40.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/da81aec00b563123d2fbd14fb6a76619c90f81e83c5bd8aa0676922cae96b9ad/analysis/1518085584/" ,
"category" : "External analysis" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d9920-fdf4-4429-a877-47ed02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "45/67" ,
"category" : "Other" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d9921-ee2c-4ee3-9bd0-47af02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-02-08T10:26:24" ,
"category" : "Other" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d9921-adac-4826-ab20-4ee602de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c39b0327-e7cc-444a-9630-4803dc1a465c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:44.000Z" ,
"modified" : "2018-02-09T12:50:44.000Z" ,
"pattern" : "[file:hashes.MD5 = '150cce17d72f765217e69f36d6d6bf64' AND file:hashes.SHA1 = 'b1c51c585b9c4a255a607c36141fa3eca811d410' AND file:hashes.SHA256 = 'ed97719c008422925ae21ff34448a8c35ee270a428b0478e24669396761d0790']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:50:44Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--6060493f-a1d0-460e-90dc-b9cfbabf17b2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:43.000Z" ,
"modified" : "2018-02-09T12:50:43.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/ed97719c008422925ae21ff34448a8c35ee270a428b0478e24669396761d0790/analysis/1517160027/" ,
"category" : "External analysis" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d9923-4ee0-47b3-80a1-4cd102de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "45/65" ,
"category" : "Other" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d9923-b03c-498f-bf1f-4fdf02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-28T17:20:27" ,
"category" : "Other" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d9923-bf0c-474e-95b8-441d02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0f9e1972-3921-4abe-a99c-6c23bebb1581" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:47.000Z" ,
"modified" : "2018-02-09T12:50:47.000Z" ,
"pattern" : "[file:hashes.MD5 = '85b794e080d83a91e904b97769e1e770' AND file:hashes.SHA1 = 'b23e070dadc997759574d5ee92c7753b84968f50' AND file:hashes.SHA256 = '15af5bbf3c8d5e5db41fd7c3d722e8b247b40f2da747d5c334f7fd80b715a649']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:50:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--911d6dae-bfc2-42d7-a088-042c4effa1ca" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:46.000Z" ,
"modified" : "2018-02-09T12:50:46.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/15af5bbf3c8d5e5db41fd7c3d722e8b247b40f2da747d5c334f7fd80b715a649/analysis/1517919064/" ,
"category" : "External analysis" ,
"comment" : "Zip archive data" ,
"uuid" : "5a7d9926-8a44-4a4b-b26b-4cb402de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "38/59" ,
"category" : "Other" ,
"comment" : "Zip archive data" ,
"uuid" : "5a7d9926-b004-4381-87a7-442902de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-02-06T12:11:04" ,
"category" : "Other" ,
"comment" : "Zip archive data" ,
"uuid" : "5a7d9927-d500-4d51-b038-4f2202de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--364ba1a1-3b83-41d3-954e-219edf85848e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:50.000Z" ,
"modified" : "2018-02-09T12:50:50.000Z" ,
"pattern" : "[file:hashes.MD5 = 'b14a16af8e9feacb215db2b6434214fc' AND file:hashes.SHA1 = '5aa76d9d40fdc9a608772147289f1018b9423377' AND file:hashes.SHA256 = 'd57701321f2f13585a02fc8ba6cbf1f2f094764bfa067eb73c0101060289b0ba']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:50:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--e9b619e3-a088-4d4e-963c-b5946d4c4d0b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:48.000Z" ,
"modified" : "2018-02-09T12:50:48.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/d57701321f2f13585a02fc8ba6cbf1f2f094764bfa067eb73c0101060289b0ba/analysis/1517160048/" ,
"category" : "External analysis" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d9928-5d54-4b5c-9022-46df02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "43/64" ,
"category" : "Other" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d9929-ef3c-4a3b-882a-4b0a02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-28T17:20:48" ,
"category" : "Other" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d9929-c690-4292-bd6d-4e3702de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6e708a06-6ebf-4276-97ce-60c45ea9ff40" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:53.000Z" ,
"modified" : "2018-02-09T12:50:53.000Z" ,
"pattern" : "[file:hashes.MD5 = 'd5249bfc8909a669e1675c2d81754748' AND file:hashes.SHA1 = '04d07fa4dd5635b012c2d61d0e33da594ad58f12' AND file:hashes.SHA256 = '091ae8d5649c4e040d25550f2cdf7f1ddfc9c698e672318eb1ab6303aa1cf85b']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:50:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--f720dfb3-da2b-4b0b-8e3c-d4d432812eae" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:51.000Z" ,
"modified" : "2018-02-09T12:50:51.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/091ae8d5649c4e040d25550f2cdf7f1ddfc9c698e672318eb1ab6303aa1cf85b/analysis/1517160021/" ,
"category" : "External analysis" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d992b-1d50-4303-bf69-461c02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "48/65" ,
"category" : "Other" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d992b-cbac-41ac-a26a-478602de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-01-28T17:20:21" ,
"category" : "Other" ,
"comment" : "PE32 executable (GUI) Intel 80386" ,
"uuid" : "5a7d992c-0c40-45c8-8907-490b02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e43bd01f-7bfb-4d31-98ff-6c3bc7be8dbc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:55.000Z" ,
"modified" : "2018-02-09T12:50:55.000Z" ,
"pattern" : "[file:hashes.MD5 = 'd5a658db102da78958f1aea1c3d0f202' AND file:hashes.SHA1 = '985de5654865b62a0f2a529364de87ced142956a' AND file:hashes.SHA256 = 'ce583821191345274cd954b2db7da9742c239fe413fc17dcb97ffdd7b51cb072']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:50:55Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--99c0f455-4ee5-421d-ac89-403a91423f94" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:53.000Z" ,
"modified" : "2018-02-09T12:50:53.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/ce583821191345274cd954b2db7da9742c239fe413fc17dcb97ffdd7b51cb072/analysis/1517472510/" ,
"category" : "External analysis" ,
"comment" : "MS Windows HtmlHelp Data" ,
"uuid" : "5a7d992d-1d70-4eec-93df-4cbb02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "16/58" ,
"category" : "Other" ,
"comment" : "MS Windows HtmlHelp Data" ,
"uuid" : "5a7d992e-444c-4f38-8729-4ebb02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-02-01T08:08:30" ,
"category" : "Other" ,
"comment" : "MS Windows HtmlHelp Data" ,
"uuid" : "5a7d992f-6050-40d7-9422-401c02de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2e86cfd5-d1f9-4835-813a-c62688c98ea7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:58.000Z" ,
"modified" : "2018-02-09T12:50:58.000Z" ,
"pattern" : "[file:hashes.MD5 = 'e8b61369ae7894baba2e26b3b58f23b6' AND file:hashes.SHA1 = 'c032d611c875ad7a14475c285fc0dd1ae31c275c' AND file:hashes.SHA256 = 'bf600e7b27bdd9e396e5c396aba7f079c244bfb92ee45c721c2294aa36586206']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2018-02-09T12:50:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--eff608c5-dcff-4ebb-b36d-0056758f216c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2018-02-09T12:50:56.000Z" ,
"modified" : "2018-02-09T12:50:56.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/bf600e7b27bdd9e396e5c396aba7f079c244bfb92ee45c721c2294aa36586206/analysis/1518009778/" ,
"category" : "External analysis" ,
"comment" : "PE32 executable (GUI)" ,
"uuid" : "5a7d9931-c61c-4531-82f7-4adf02de0b81"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "43/67" ,
"category" : "Other" ,
"comment" : "PE32 executable (GUI)" ,
"uuid" : "5a7d9931-37c8-4b42-9996-41ae02de0b81"
} ,
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2018-02-07T13:22:58" ,
"category" : "Other" ,
"comment" : "PE32 executable (GUI)" ,
"uuid" : "5a7d9932-d518-4907-9277-4cf102de0b81"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--e39bcacb-cb92-4e0d-a763-b09c2ffc4dc6" ,
"created" : "2018-02-16T08:55:46.000Z" ,
"modified" : "2018-02-16T08:55:46.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--5a69f2af-057c-4808-aa48-0699950d210f" ,
"target_ref" : "x-misp-object--8c91c8dd-4cf5-43ab-b0ac-15320aa7d53a"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--8e132392-eaba-48c4-a806-86582eff2538" ,
"created" : "2018-02-16T08:55:46.000Z" ,
"modified" : "2018-02-16T08:55:46.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--5a69f6e2-769c-450c-838d-6372950d210f" ,
"target_ref" : "x-misp-object--7cc3b8f1-0cdd-459a-b20d-f0e735aecb38"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--78663ecd-e033-4a0a-8de5-a9b760ce5e35" ,
"created" : "2018-02-16T08:55:46.000Z" ,
"modified" : "2018-02-16T08:55:46.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--5a69f753-6070-450f-81c2-0316950d210f" ,
"target_ref" : "x-misp-object--bcd8cf4c-61f8-4ae0-8a79-43dbb402f00b"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--8186e14f-e4ab-468c-b1a1-e7dabcfb01f8" ,
"created" : "2018-02-16T08:55:46.000Z" ,
"modified" : "2018-02-16T08:55:46.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--5a69f775-1f20-4bdc-b27d-032c950d210f" ,
"target_ref" : "x-misp-object--57f3705c-5159-409f-bf1c-7f38475bcf19"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--b03f9de3-cdff-4c09-b2bb-86e4ee12d114" ,
"created" : "2018-02-16T08:55:46.000Z" ,
"modified" : "2018-02-16T08:55:46.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--5a69f7eb-a520-44f2-93cf-4f84950d210f" ,
"target_ref" : "x-misp-object--169a13cc-1941-4b6a-a2a7-e80e51799878"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--69661baa-eb16-4315-a95f-a309517d95fa" ,
"created" : "2018-02-16T08:55:47.000Z" ,
"modified" : "2018-02-16T08:55:47.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--5a69f83d-9168-41a6-a41e-062f950d210f" ,
"target_ref" : "x-misp-object--66867a54-b961-40c2-bdd6-5ff50d8c5751"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--79e7f5f7-2ed3-4b79-9529-50dc703a3ec5" ,
"created" : "2018-02-16T08:55:47.000Z" ,
"modified" : "2018-02-16T08:55:47.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--5a69f852-e7c0-42e2-aae4-0304950d210f" ,
"target_ref" : "x-misp-object--241ddb47-6f1f-4d1a-b13c-c582100f97c4"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--dc419658-1fb6-458a-99df-a4904306edbe" ,
"created" : "2018-02-16T08:55:47.000Z" ,
"modified" : "2018-02-16T08:55:47.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--5a69f86b-64ec-4735-982a-459e950d210f" ,
"target_ref" : "x-misp-object--19831d57-9ef1-48b8-aff6-2c983c9f0ba8"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--c9e23aa9-bd73-46cc-a385-ed323727f658" ,
"created" : "2018-02-16T08:55:47.000Z" ,
"modified" : "2018-02-16T08:55:47.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--4b82c28e-db6a-49ef-a4b6-f1b0e7c481da" ,
"target_ref" : "x-misp-object--8fee2299-9627-412b-8bb7-8295639ab6ce"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--238e0b80-e4f7-4873-92c2-ef398fb62a3d" ,
"created" : "2018-02-16T08:55:47.000Z" ,
"modified" : "2018-02-16T08:55:47.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--cd9e737c-b0dc-4401-a385-2b247115c07a" ,
"target_ref" : "x-misp-object--88e6dbc8-6003-42ac-92ba-34993ebdae96"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--b9e6c716-bd10-42b1-9f88-3296a5912037" ,
"created" : "2018-02-16T08:55:47.000Z" ,
"modified" : "2018-02-16T08:55:47.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--dc410def-7c1a-4244-8752-f2771457d938" ,
"target_ref" : "x-misp-object--028f420e-ff18-4832-a89a-075bc13a20d8"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--4edf3c9f-3bdd-4f5b-8acd-ccdde0f1ebd9" ,
"created" : "2018-02-16T08:55:47.000Z" ,
"modified" : "2018-02-16T08:55:47.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--2f720e4a-7d3a-41e3-b7c0-6c7b0878a56d" ,
"target_ref" : "x-misp-object--786bf5d0-36e8-4526-8fc5-edd10c0fb0c2"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--93004869-e982-49cc-8a97-693e45c4aa26" ,
"created" : "2018-02-16T08:55:47.000Z" ,
"modified" : "2018-02-16T08:55:47.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--38c787a4-bc7b-4155-9d98-e2956dd87357" ,
"target_ref" : "x-misp-object--abd194a4-37ed-4d5e-90fc-5e15706ea96d"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--0c8601dd-9c7c-45d5-a87b-578b9dbf10ba" ,
"created" : "2018-02-16T08:55:47.000Z" ,
"modified" : "2018-02-16T08:55:47.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--840a1999-f34d-4abc-975b-e26a1c3634c9" ,
"target_ref" : "x-misp-object--759de2f9-1ccf-459c-a173-4562d4581517"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--0b94271b-1151-48ec-8d10-023aacd2b383" ,
"created" : "2018-02-16T08:55:47.000Z" ,
"modified" : "2018-02-16T08:55:47.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--ce937f02-67ce-4f9a-aa22-fab767eb2f30" ,
"target_ref" : "x-misp-object--4d5131dd-0180-41a1-ad6d-696968e33bb6"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--22ceb717-d70d-4325-b634-a8ac95b92677" ,
"created" : "2018-02-16T08:55:47.000Z" ,
"modified" : "2018-02-16T08:55:47.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--701ad363-057b-4b4e-b22f-9798958a5da2" ,
"target_ref" : "x-misp-object--4d535d51-bd69-457f-ba43-da4db6fa1f26"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--259295c1-084c-4ad8-9b18-822075dc0713" ,
"created" : "2018-02-16T08:55:47.000Z" ,
"modified" : "2018-02-16T08:55:47.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--c7c2dec5-5e7e-4d9d-98cc-fccbab11dad3" ,
"target_ref" : "x-misp-object--f1e880b4-ac32-44dc-acb4-b27778ef826e"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--b1fdd640-8b63-41d1-a36c-0cc9c305a8f5" ,
"created" : "2018-02-16T08:55:47.000Z" ,
"modified" : "2018-02-16T08:55:47.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--74e3af5a-8812-4f48-bdd6-12ad52393c54" ,
"target_ref" : "x-misp-object--7c415a81-aed3-46be-92e8-a758058dd2ee"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--fcae890e-71a4-4c78-819b-9de4955b9ecc" ,
"created" : "2018-02-16T08:55:48.000Z" ,
"modified" : "2018-02-16T08:55:48.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--da2ba3a3-17d7-461a-b404-534fd38010cb" ,
"target_ref" : "x-misp-object--787df865-465c-4541-a216-64fcf44fc092"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--cd105e10-0ab1-4b44-ab3f-6c5c3bbd52e4" ,
"created" : "2018-02-16T08:55:48.000Z" ,
"modified" : "2018-02-16T08:55:48.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--43d2c79a-4fd4-494d-9e33-ccf91540a12a" ,
"target_ref" : "x-misp-object--dd304192-4087-4b7b-9ab7-c26944da4599"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--c390b9b8-1966-40f8-9936-f3767642fa48" ,
"created" : "2018-02-16T08:55:48.000Z" ,
"modified" : "2018-02-16T08:55:48.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--a9f396b1-467d-404f-9807-99da56d0d323" ,
"target_ref" : "x-misp-object--bd54daba-66eb-421f-9abd-1c084cd5d2b2"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--35faedc9-cd8e-4834-b511-809d640e0a7b" ,
"created" : "2018-02-16T08:55:48.000Z" ,
"modified" : "2018-02-16T08:55:48.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--02f09617-b7a7-4608-9456-18dc06951c95" ,
"target_ref" : "x-misp-object--38359a42-3677-4098-9d0a-2cd90571882b"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--da1fb4b8-ebae-4b4a-bde7-58bffadcc97a" ,
"created" : "2018-02-16T08:55:48.000Z" ,
"modified" : "2018-02-16T08:55:48.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--44db43b1-3e65-435d-9685-449aaa4006c0" ,
"target_ref" : "x-misp-object--6d5f7d29-1065-444b-b1db-78546504d7bc"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--a7dc1088-ae6c-44c7-9831-4c89d5716e2d" ,
"created" : "2018-02-16T08:55:48.000Z" ,
"modified" : "2018-02-16T08:55:48.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--3cbb7b20-9488-4e2f-bc0d-e3f83b51f459" ,
"target_ref" : "x-misp-object--b1f7e2ee-d752-4256-bfa8-e9a30fbe397b"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--5a78bac5-d28c-4338-9815-a8b8fd42ba2b" ,
"created" : "2018-02-16T08:55:48.000Z" ,
"modified" : "2018-02-16T08:55:48.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--65a214f5-5b53-4c1a-a8fe-37f5e95f6112" ,
"target_ref" : "x-misp-object--168cd917-b755-4849-afbc-45a4168d1303"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--48737e1a-377e-43c7-bb7d-21a8f7e0d6ff" ,
"created" : "2018-02-16T08:55:48.000Z" ,
"modified" : "2018-02-16T08:55:48.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--f9ea42d3-7a78-410e-85f1-8a2f4776c247" ,
"target_ref" : "x-misp-object--3dbc76ad-00e1-4689-afa5-d77cdf602a8e"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--20f2743c-a62b-4308-ab94-3fe380b98983" ,
"created" : "2018-02-16T08:55:48.000Z" ,
"modified" : "2018-02-16T08:55:48.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--c39b0327-e7cc-444a-9630-4803dc1a465c" ,
"target_ref" : "x-misp-object--6060493f-a1d0-460e-90dc-b9cfbabf17b2"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--b29547c1-3ea7-4860-8951-f61ef0edba7d" ,
"created" : "2018-02-16T08:55:49.000Z" ,
"modified" : "2018-02-16T08:55:49.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--0f9e1972-3921-4abe-a99c-6c23bebb1581" ,
"target_ref" : "x-misp-object--911d6dae-bfc2-42d7-a088-042c4effa1ca"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--58683f80-c0e5-4b1c-bded-6750a233c0fb" ,
"created" : "2018-02-16T08:55:49.000Z" ,
"modified" : "2018-02-16T08:55:49.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--364ba1a1-3b83-41d3-954e-219edf85848e" ,
"target_ref" : "x-misp-object--e9b619e3-a088-4d4e-963c-b5946d4c4d0b"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--bc55d485-0794-48a4-a3a0-fe09e8a0e461" ,
"created" : "2018-02-16T08:55:49.000Z" ,
"modified" : "2018-02-16T08:55:49.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--6e708a06-6ebf-4276-97ce-60c45ea9ff40" ,
"target_ref" : "x-misp-object--f720dfb3-da2b-4b0b-8e3c-d4d432812eae"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--96b078d0-b332-45b8-ab77-ac2816dd64c7" ,
"created" : "2018-02-16T08:55:49.000Z" ,
"modified" : "2018-02-16T08:55:49.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--e43bd01f-7bfb-4d31-98ff-6c3bc7be8dbc" ,
"target_ref" : "x-misp-object--99c0f455-4ee5-421d-ac89-403a91423f94"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--3949c8b2-1cf9-49d9-a82c-20b7a1ac3465" ,
"created" : "2018-02-16T08:55:49.000Z" ,
"modified" : "2018-02-16T08:55:49.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--2e86cfd5-d1f9-4835-813a-c62688c98ea7" ,
"target_ref" : "x-misp-object--eff608c5-dcff-4ebb-b36d-0056758f216c"
} ,
{
"type" : "marking-definition" ,
"spec_version" : "2.1" ,
"id" : "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ,
"created" : "2017-01-20T00:00:00.000Z" ,
"definition_type" : "tlp" ,
"name" : "TLP:WHITE" ,
"definition" : {
"tlp" : "white"
}
}
2023-04-21 13:25:09 +00:00
]
}