2023-04-21 13:25:09 +00:00
|
|
|
{
|
2023-06-14 17:31:25 +00:00
|
|
|
"type": "bundle",
|
|
|
|
"id": "bundle--5ad0ae92-71c4-44bb-a47d-4c17950d210f",
|
|
|
|
"objects": [
|
|
|
|
{
|
|
|
|
"type": "identity",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2018-04-16T08:28:42.000Z",
|
|
|
|
"modified": "2018-04-16T08:28:42.000Z",
|
|
|
|
"name": "CIRCL",
|
|
|
|
"identity_class": "organization"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "report",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "report--5ad0ae92-71c4-44bb-a47d-4c17950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2018-04-16T08:28:42.000Z",
|
|
|
|
"modified": "2018-04-16T08:28:42.000Z",
|
|
|
|
"name": "Crypren Ransomware",
|
|
|
|
"published": "2018-04-16T08:31:41Z",
|
|
|
|
"object_refs": [
|
|
|
|
"observed-data--5ad0b376-b2d8-4cf9-8575-4dd8950d210f",
|
|
|
|
"file--5ad0b376-b2d8-4cf9-8575-4dd8950d210f",
|
|
|
|
"artifact--5ad0b376-b2d8-4cf9-8575-4dd8950d210f",
|
|
|
|
"observed-data--5ad0b383-5aac-473b-ac89-4b08950d210f",
|
|
|
|
"file--5ad0b383-5aac-473b-ac89-4b08950d210f",
|
|
|
|
"artifact--5ad0b383-5aac-473b-ac89-4b08950d210f",
|
|
|
|
"indicator--5ad0b624-62e4-45b4-ba09-4e48950d210f",
|
|
|
|
"x-misp-object--5ad0b16c-97c8-4b8f-8cda-48f4950d210f",
|
|
|
|
"indicator--a21432e3-570a-48ee-939f-d95a10ef6cff",
|
|
|
|
"x-misp-object--905ec2f4-8e70-493e-a2a0-496bd114bf8a",
|
|
|
|
"relationship--a788b9d1-759b-4b9d-b969-65a2523c3576"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"Threat-Report",
|
|
|
|
"misp:tool=\"MISP-STIX-Converter\"",
|
|
|
|
"osint:source-type=\"microblog-post\"",
|
|
|
|
"malware_classification:malware-category=\"Ransomware\"",
|
|
|
|
"misp-galaxy:ransomware=\"Crypren\""
|
|
|
|
],
|
|
|
|
"object_marking_refs": [
|
|
|
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--5ad0b376-b2d8-4cf9-8575-4dd8950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2018-04-16T07:16:55.000Z",
|
|
|
|
"modified": "2018-04-16T07:16:55.000Z",
|
|
|
|
"first_observed": "2018-04-16T07:16:55Z",
|
|
|
|
"last_observed": "2018-04-16T07:16:55Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"file--5ad0b376-b2d8-4cf9-8575-4dd8950d210f",
|
|
|
|
"artifact--5ad0b376-b2d8-4cf9-8575-4dd8950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"attachment\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "file",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "file--5ad0b376-b2d8-4cf9-8575-4dd8950d210f",
|
|
|
|
"name": "DZ3XmsHW4AIBUMf.jpg",
|
|
|
|
"content_ref": "artifact--5ad0b376-b2d8-4cf9-8575-4dd8950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "artifact",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "artifact--5ad0b376-b2d8-4cf9-8575-4dd8950d210f",
|
|
|
|
"payload_bin": "/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAUDBAQEAwUEBAQFBQUGBwwIBwcHBw8LCwkMEQ8SEhEPERETFhwXExQaFRERGCEYGh0dHx8fExciJCIeJBweHx7/2wBDAQUFBQcGBw4ICA4eFBEUHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh7/wgARCAD7A30DASIAAhEBAxEB/8QAGwABAQACAwEAAAAAAAAAAAAAAAECBAMFBgf/xAAYAQEBAQEBAAAAAAAAAAAAAAAAAQIDBP/aAAwDAQACEAMQAAAB8NljlJlljlLbjnFyxsvJlx5S+c6f3vS6nFz6PYnfZ8Lj058texs8mnTQ6ftu065+bep1dfefeTzXd+frszWkbU1ou1dQbV1BttUbU1obbUG01YbbVWbc1YbTVG01Ybc1obU1htNXljmY5QCpRAiFAiWWJQBFhFglVAAgVFlCIEARZqShBQQFRYJVQpAdPlhnuZ3G5Xn19hcnPwaAAAAAAAAAAAAAAAAAAAAAAZOX1Z43Z1ufF2uTj5OHUqIBLBKILEsQlsEgKS2zFCkJQoJKlGWJFglJFtYixLiUAlWWAhUtIJ0vJx57Z3HLKbOv7VfKPpDU+bvpA+bvpA+bvpA+bvpA+bvpA+bvpA+bvpA+bvpA+bvpA+bvpA+bvpA+bvpA+bvpA+bvpA+bvpA+bvpA+bvpA+bvpA+bvpA+bvpA+bvpA+bvpA+cvow+b8/0HyGNa/Lxcvn6gQIlLBUVJO26ng1Pqvzn03j95vtfFewjqujyhx/SPm3udTX8hx82b23uflHttzzGtLz0A5OPjs+peP7Xwu5y+y8d2uXf+H+ifO9L9D+de7jHxPBzp2f0D5P7bTzvXTLL3PS9t4zUw7fqezl7fund7nx3LjzxUpOk5OPk3Ms8c5Z9i+P/AGBfbjcAAAAAAAAAAAAAAAAAAAAAAAfG/snxvnrpOXi5fP1oiTKJBalGKknDzcNe28d7Dx+8z2fjPYnmNWyJ3nReu1Oo6r2nio4vbeI9tZ44Z0BMcuZPR9D6rR6TzHFycGL73w/tfF6je0PXmt5r3HhrMPbeJ9qvjLjcz2/lPU+M6THtOs7PN+qaXnMdzwueHJiwHS8mHJuZZzPKfYPkX12a9j13L0/XPqXz3nPdvJYS+w4PI61nueTwHbHqnhNmvZOl6DL3L5/hb9D4PJ6h754PdT1/B5LGvbPKdPl7l5Lu67zDwXojvuDyuke+eN4j1u14vTX6Br+U3U9LfH9sdnz/AD/NfevB6KfQNrxPKexfOvooA+N/ZPjfPXS8nHy+bqCoCWWAkCzDkibemWTd08a7rpVOP0HR42c/CHHv6kAJQnHyE9H53DLScfLMt3SlrHuOpwrd01TDf0hGUN7d6OWXkwxOTZ0lY5wAdRyY8mply4589T658l+tV6zruw6rrnm2NDtNOiw7fhl3N/Q30AAAAAAAAAAAAAAAAAAAAfG/snxvnrpeXi5PL1oWKthGQsSlgIsRO909zrp2XOdMjKvS9budW3tGJe20K13dcSdS3e9PKu0xOtdntHQuyp1h2x1M3u608vO76ZI9t050Ds9g6Sdr1MlFIAJ1fLOVcs3Jz3h9Y+U/Vtz2ho98bzHIAAAAAAAAAAAAAAAAAAAAAAfG/snxvnrpeTj5fL1TKKhaFkCJYgRJR2WfT8fSd1v+WlnLjkzru+Hp2s72phnm7+XVzU9Ro9HbNz1PiuM77HpR3c6dGxzaIy7jp8Db9d4TDU9HodYX6X5/ySzvOy8nI9F03BTJZAJFlafLjy41eSZ51h9U+W/Uuk9V5r1zvzAAAAAAAAAAAAAAAAAAAAAAAfG/snxvnrpOXj5fL2BqASy5BAIsRLKSlkqyCgIAEASwSxCykoSwQoBLLAgEgohAOHlnJz6XNlnfH9R+Y/TumPZOu836eXtcPDbp6KeW1pfac/i++s2NzzXXNey2PN6jPr74ThX3l6HrE9vh4LvLPQvGdLNfUHQdKnuXhO8Tv3heJfeX59lL77Ppep1n2Dx+hm+/eK7Ku9eA5j3+Hk+kPo+fg+7ju+b5122nrM/nvZR7B4D3Ncwh8b+yfG+e+l5eLl8vYIgtCyBkBASykpEsEKSygAEEAJUgpKSSxagCksQFSmUuICSwuXJOTl1Z3LOuL6b81+ldcexHq4gANPcEoAAAAAAAAAAAcXKAAAAAHDzAA+N/ZPjfPXS8nHyeXvRLBUVZAggmUVC5ERLKFMVgFAIAJLAIlJSWCWCxVlgBAiWIlgUc/Iz4dmVyxri+k/Off98e3ab18NxpjcaY3GmNxpjcaY3GmNxpjcaY3GmNxpjcaY3GmNxpjcaY3GmNxpjcaY3GmNxpjcaY3GmNxpjcaY3Pjf1j5Jz11HLxcnk70KllJYAgllgqDKWUFAkEJZSVUAggAgBAiFABQRAQWCxBW7yY5+btclzrj9/4H33fn6oezgAAAAAAAAAAAAAAAAAB0+23TSbulKeYXPp26XS67vvOHo/kn1v5Jz11PJx8nk9FlkCUlVAiWFhSCIWAAJZYlgIolgAQJYlEBFlgpAEFgJRLCJYdlljn5vRlVl4/e+C9735eqHs4AAAAAAAAAAAAAAAAAAeU2PRjzj0Y849GPOPRjzmPpQ+SfW/kvPfT8vHyeTuERZQEFkAFkBFlACICBUJCVpBAAlBJAJZVJYWKICJYACCdlnhl5fRyXHKXHa15p2DrbvHZOuV2Trqdg0CdhNAb7QLvtAb7Qi77QkdhNCHYOuR2Drldi60vYuuidlOth2brJXZ3q0dm6yHaTq1do6snaTqldq6lHbTqVds6mHb9ZhYucubBSAIBZAJZYIABSCAglJUQCWAEWUIAJYgUBFhZLYgAJYnYZ8Ofm78ufFlnXKwylyKMpVtlFlJRClxqklEmUXFkjGZRJMpWMzhioxZQxmcskyLgylYsokmUMZnDC5QxmcsxZSoogSCkBLLASCkKIACALmABAEBKJCrAQCBYsAEhYoLIAEQXay4s+Hblz4c83ly48s65MuOxyXCy53CmVxGbEZWCsaCLUSWFsSkICWEKIAIVJYhcbLAiwS4xYaJZYlkJcassA1lLAgCyEFxVZRCIWWFksstiWAiLAllCKEiWUFAiCAqWJKUlkgW//8QANRAAAAYABAUEAQIFBAMAAAAAAAECAwQFBhETFRASFjVQFCAwMSEzNCIjMkFgJCU2QCZFcP/aAAgBAQABBQL4CB5GU2IbfCvmk0mUs5chJElPtt3D0pda40gV1jkM8y+LP3Z8cxn/AIQSfxymOUZcZMIlK290QWXY6+chzkOchqENQhqEEJzm6xB2EtxXoHRBKTHGqkapDVIahDUIahDUIahDUIahDUIahDUIahDUIahDUIahDUIahDUIahDUIahDnIahDnIc5DnIc5BKs/PJ/o8clKlGlKlqCPrzqf6G0JUnxsfV13+XTCAXzZ+9JGr4yIzL3JI1ezMvlL2p/o8clSkmlSkKCAXy19suububZcBqXKcmSRhNXKmddvzo4V+BaTtljYrQ0iYK62XXN3VsuA1LlOTJPsYSS5M6xODa4iQ01ajCayU/Sf6aoT9GFSdpw7iM2noIrbJdc5Mt1x6awsHbB8YQVyon3j86MKQ/94xc3pWMZvTwin4aSm3GF0sOlh0sOlh0sOlh0sOlh0sOlh0sOlh0sOlh0sOlh0sOlh0sOlh0sOlh0sOlh0sOlh0sOlh0sOlh0sOlh0sOlh0sOlh0sOlh0sOlh0sOlh0sOlh0sOlh0sOlh0sLCL6KaXyul+MVF/ILhhX8s+mfZQHPqySVrQFmpQdL8YrL+QXt5jbcxE2UuKkuFC7o3OIElEp0/S/qORWuGi5jML+rUv8AxQvoYS/LJxn2Eil7zjZnmiWbejh1H1xL24L7T5HEfeyBfI79Yq/Q/sYwmZpblWEqfwP6w5M9LOuInorAOfWKv0Par8lheUk1zWDiyxzG27jRR6wMU8w6+wxJEKPNC/q1/wCKF9DCCjS3LsZU8xS95dJM47R7WrE
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--5ad0b383-5aac-473b-ac89-4b08950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2018-04-16T07:16:55.000Z",
|
|
|
|
"modified": "2018-04-16T07:16:55.000Z",
|
|
|
|
"first_observed": "2018-04-16T07:16:55Z",
|
|
|
|
"last_observed": "2018-04-16T07:16:55Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"file--5ad0b383-5aac-473b-ac89-4b08950d210f",
|
|
|
|
"artifact--5ad0b383-5aac-473b-ac89-4b08950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"attachment\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "file",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "file--5ad0b383-5aac-473b-ac89-4b08950d210f",
|
|
|
|
"name": "DZ3XmsNV4AAofZW.jpg",
|
|
|
|
"content_ref": "artifact--5ad0b383-5aac-473b-ac89-4b08950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "artifact",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "artifact--5ad0b383-5aac-473b-ac89-4b08950d210f",
|
|
|
|
"payload_bin": "/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAUDBAQEAwUEBAQFBQUGBwwIBwcHBw8LCwkMEQ8SEhEPERETFhwXExQaFRERGCEYGh0dHx8fExciJCIeJBweHx7/2wBDAQUFBQcGBw4ICA4eFBEUHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh7/wgARCAJtBK8DASIAAhEBAxEB/8QAHAABAAEFAQEAAAAAAAAAAAAAAAUBAgMEBgcI/8QAGgEBAQEBAQEBAAAAAAAAAAAAAAECAwQFBv/aAAwDAQACEAMQAAAB8ZFAAABQUArQK0FVK2BarRZWtGm3vw1ebqtjnJXy9pLLFbPPpE6XRxHt8epdfi78Ml+G6zNdhvzq+6y6XJfZkxbrrb87XUuit1Lmq3W3RW6lc2taVVWiKilSBWlaVClQEqAVUBUgqKVAVKKgACoqiqCtBS6gpdRKKiiqqK0CtAEAACyitKUrRCtCiotqFAUVFKVJQVRWiCiAKVoAUBSlaUpWi8UM9gAAoAAKAAVApWgsqpXQUrJKw9+E/ijtjjuUy6G1x6NScz1yVOmifT5tC/LZ15Lrbkvvx3y5MmK/G8laXZtb7blrdSudXVtuitaVWqlQqgBWlaAqBUQFqIqVKVApUFQACoBUoqKKgVKKi2qpRUUpcS1UKVFFS0pVZQQFilRQUUrZRWiUVFAUVoUVolKqClVUCUVoAUVoilaClaKpWlcSM9gAAoAAKAAAVALA0AqKrlw1szb8Zlw6Kc42Z8Pq6HDrbvn7a2lNW6zzWt1sX6fPC31r6fPW6mQVXZ1bd65gl8rr7FbHkF3rUmviVfZto8Pr7sPCa+6jwp7qPC3ug8Me51PC6+5jwx7liPE6+sWnlL1geT19XR5RT1geT19XV5RX1ZHlNfVR5U9VHlT1UeVvVFeV19THlj1MeWPUx5Y9THlj1OseVV9UpXlj1MeWU9UHlb1QeVvVB5XT1UeUvVh5S9WHlFfVieUPVx5Q9XV5Q9XJ5O9YHkz1ip5NT1keTPWap5I9aV5I9bHklPXB5G9cHkdPXR5E9dxJ5M9bvPIHr1DyGvr3KHjAnQKCgBUorQCgAAFSgAsClaCqldF9lU2JCJyYS8ny+zx6dffEbnj9UtdFbuNakR1nMenzY8ll/o4XFc69Z5XvqmvC9COc6/T3yClJRVl4VAUqUqABVETvbGE5+NnRr4N8aObYGvXYGu2Brtga7YGu2Brtga7YGu2Brtga7YGu2Brtga7YGu2Brtga7YGu2Brtga7YGu2BrthWu2BrNmhrtga7YJrtga7YGu2BrNkazYGu2Br49waObYGvHTIi9zYGvDdCNbku245PEg0FBQCoAKVpQAACtK0AFBYArStBS62tl2XDfMyW5F7nm6bW/GSnDtMc7Pc/FuTHf6vPlusuxr6GpXS03mO8ra1TcpjymjsaFxJqDBscfNkrbWhvY9mLJBg1SRaI3mnQ3UdebzTxEi0Km8jqkgj7SSRm6ZkfU32DGbbRxkkjrjfaNpINCUMTKMTKMTKMTKMTKMTKMTKMTKMTKMTKMTKMTKMTKMTKMTKMTKNe2uI2dfd4k7HXjpQ1wmDY5LZOjNU15Ll+nKnLLO7nK9SVNI3eC7fiE8DChQBWlVABRVVAAAFaVUAWABQFVK0Glb7MjOzLRvQ+LtllsO/4fbrxc5kTjq9Jz3s8lVLumPoamrXU22oNqmsNquoL7A22oNbcsG3brCXwR4l0QJekSJdECXRAl0QJdECXRAl0QJe2KEuiBKooS1YgS6IEuiBLogS6IEuiBLogS6IEuiBLogS6IEuiBLogS6IEuiBLogS6IEuiBLogS6IEnZHiX1NMb10eNtqEvzaw27NcX5dcbenUt2zqDbpq0Nzgu24dPBQpStAVoVUAAFBQACtK0AFgAUArStBV2XDlZk5yBk/D6Ohzx214vZk2LM2NZIiTxb58yzYPoeH1jluq5zcwM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wM4wTMbKHYcR0vHJ4vUUKAAVpWgAFKqorQArStKqAKBAoBWiqil9lybUnES3n30Upz0x873bmXS1Mak7daL3i3Tut93i9d5zo+c3AAAAAAAAAAAAAANrZxSpo6fQxhHbuHdTVzbuxLCZZLJUZg6bUOd1eggI3rtm6zRtkb4j9WVsXRbcpqROKXtzecl4nsLIBK2y6EX2HJVt3SGZI2ya0jTu3qLG5daXqOxzGllCigAAAAAAAAAAAAEpFyhPcd2PHJ4wFCq0CtAVpWgAHunhfrO+fQcjJ85248GPP6laKVpUACwKAVpWqVpUVpWzL0PPTPn3ObkBL+H2b1t+fj02bK7GWlozeHpz6nnOj5z6XiAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASkXKE9x/YceeLgACgAqqlRdbImW7cvkj9bdzrDas9C1jFVFABYFAK0rVK0FRV+xq35klIQmxw30e5A73k9M9vQu75vTLa9lNcOs5zo+c+n4wAAAAAAAAAAAAAAAAAAAAAABcWs2EAAAAAAAAAAAAAAAAAAAAAAASkXKE9x/YceeLgpWlQKAVoqtKilQAUqKCgFaVoAKCwAAKqCtaVsybGrlzmQ3YyX8nolZSOlPB7mtLwGsehc50fOfS8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACUi5QnuP7DjzzPL9E33Pzm+prZr5bfTmfF+XK/UND5er9S2bny5X6lqfLL6msPlx9UVPlZ9Uq+Vn1SPlan1UPlWv1SPlZ9Uj5WfVI+Vn1Ss+Vn1SPlZ9Uj5WfVI+Vq/VA+V6/U6vlm/6jSfNEl9CuXTwve9mcuvkmv7FE3HKc50XO9+e7sxuc2bseqa8zDSBnpitL9bJgNzc19WNq/DhM9lttaWbPrEvgtti3f0clm3hw4pdjHhurSzZ9clMupji7d0bzPr1xG1gxq1peG2k2o/awy3a2xq1NYtTPJbsaGS2zfit02qalkWbmhls3tW1Llae/Zdfr2y7GvTCZNvSz1fnj0acrFSNa29qZS/HrbBs3atI24be0alcmDGmfTy4Jd3NqrKZrMpfCb+jLMX6N1lluS5du2uhEjgx6tb9MeCJCzWrWhKRcoT3H9hx8ehXedSPv8HqGHzWld/t8P6F4fXot5x7Wa+2651LN6hpV3RbcAAAAAAAAAAAAAAAFImWiTk+d6LnQBOQeQlcODWLeh53dTYvj8y479e83JCIom/hpgl3MsXfTSuvN3bhqpKYcdi6XSc5uJIZYrJLn1LLDd2ofJZK4dfDLqysVvVvaNLYSMRsWbWGwujMxGeN6mpbV8jC7RfZhE3g07Y3YXc06l2jea81CbSZcmqXds1hpScZvGzTUvTJq4rVnsMfmM2TTGlMw27G7WOzWSWtpF3NLFQ2JKKqm7h17lzR+3pJ0urpYjf0NmOWUu08RLQe3qACUi5QnuP7Dj456T7ma+z8fzuM9XV577BDyvg9vO55t5fXp79mMrCTaIKdKzamUQ+zvjMwjMwjMwjMwjMwjMwjMwjMwjMwjMwjMwjMwjMwjMwjLEyMScxzvRc6Og5/cJLW1bjPfpZzexR9xK89u65inIPLU7oalcsm7o2VI62C0lcOnaSUTm1UnbYzOuHY07jZ0drTiTv07a37tDAk3qYMct+zo3VXbjto2seDVLJqF3EktbDpSzFNC2pCI2cBL00sRLwmzpnS6ujiMt2tcS+voZjNG7ekTeSLyFuXXwG/gu1je24XYMu3HVNvJo402te29dxpXm7D5MMTV0XkrPp5dMm9FgjYmIHLZsU19aWQ2NHJWXSY0kWsXcjL9YSkXKE9x/YchHoefBO1bfUYslRhjZiwwxU7p3NmeuaXnHQ2rAye9aY4efsIJOUO
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5ad0b624-62e4-45b4-ba09-4e48950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2018-04-13T13:52:36.000Z",
|
|
|
|
"modified": "2018-04-13T13:52:36.000Z",
|
|
|
|
"pattern": "[file:hashes.SHA256 = 'c290907b168b106296718bab628cbbe42281ab5f066de4653fb38ffc21989690']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-04-13T13:52:36Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"sha256\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "x-misp-object",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "x-misp-object--5ad0b16c-97c8-4b8f-8cda-48f4950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2018-04-13T13:32:28.000Z",
|
|
|
|
"modified": "2018-04-13T13:32:28.000Z",
|
|
|
|
"labels": [
|
|
|
|
"misp:name=\"microblog\"",
|
|
|
|
"misp:meta-category=\"misc\""
|
|
|
|
],
|
|
|
|
"x_misp_attributes": [
|
|
|
|
{
|
|
|
|
"type": "text",
|
|
|
|
"object_relation": "post",
|
|
|
|
"value": "Crypren #Ransomware sample @malwrhunterteam @BleepinComputer https://www.virustotal.com/#/file/c290907b168b106296718bab628cbbe42281ab5f066de4653fb38ffc21989690/detection \u00e2\u20ac\u00a6 26/65 atm. First submitted: today.",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ad0b16c-6880-4382-8a21-41a9950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "text",
|
|
|
|
"object_relation": "type",
|
|
|
|
"value": "Twitter",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ad0b16d-bcc0-44e7-a4ca-41cd950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "url",
|
|
|
|
"object_relation": "url",
|
|
|
|
"value": "https://twitter.com/leotpsc/status/981177718686466048",
|
|
|
|
"category": "Network activity",
|
|
|
|
"to_ids": true,
|
|
|
|
"uuid": "5ad0b16d-fc24-45b2-9efc-450d950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "datetime",
|
|
|
|
"object_relation": "creation-date",
|
|
|
|
"value": "2018-04-03T00:00:00",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ad0b16d-6c90-4835-be9f-40fb950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "text",
|
|
|
|
"object_relation": "username",
|
|
|
|
"value": "@leotpsc",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ad0b16d-8524-4a2d-b4e4-40ae950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"x_misp_meta_category": "misc",
|
|
|
|
"x_misp_name": "microblog"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--a21432e3-570a-48ee-939f-d95a10ef6cff",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2018-04-16T07:16:59.000Z",
|
|
|
|
"modified": "2018-04-16T07:16:59.000Z",
|
|
|
|
"pattern": "[file:hashes.MD5 = '7e7ecaceec4e30e9e1aaec6ac31d6c5c' AND file:hashes.SHA1 = '6190247aefb85720372101c9d69c87ee7dee21a1' AND file:hashes.SHA256 = 'c290907b168b106296718bab628cbbe42281ab5f066de4653fb38ffc21989690']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-04-16T07:16:59Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "file"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:name=\"file\"",
|
|
|
|
"misp:meta-category=\"file\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "x-misp-object",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "x-misp-object--905ec2f4-8e70-493e-a2a0-496bd114bf8a",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2018-04-16T07:16:57.000Z",
|
|
|
|
"modified": "2018-04-16T07:16:57.000Z",
|
|
|
|
"labels": [
|
|
|
|
"misp:name=\"virustotal-report\"",
|
|
|
|
"misp:meta-category=\"misc\""
|
|
|
|
],
|
|
|
|
"x_misp_attributes": [
|
|
|
|
{
|
|
|
|
"type": "datetime",
|
|
|
|
"object_relation": "last-submission",
|
|
|
|
"value": "2018-04-06T07:57:46",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ad44de9-47f8-4689-8076-437402de0b81"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "link",
|
|
|
|
"object_relation": "permalink",
|
|
|
|
"value": "https://www.virustotal.com/file/c290907b168b106296718bab628cbbe42281ab5f066de4653fb38ffc21989690/analysis/1523001466/",
|
|
|
|
"category": "External analysis",
|
|
|
|
"uuid": "5ad44dea-c004-4d20-b177-477102de0b81"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "text",
|
|
|
|
"object_relation": "detection-ratio",
|
|
|
|
"value": "46/65",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ad44dea-ad54-4946-b399-46b402de0b81"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"x_misp_meta_category": "misc",
|
|
|
|
"x_misp_name": "virustotal-report"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "relationship",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "relationship--a788b9d1-759b-4b9d-b969-65a2523c3576",
|
|
|
|
"created": "2018-04-16T07:16:58.000Z",
|
|
|
|
"modified": "2018-04-16T07:16:58.000Z",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "analysed-with",
|
2023-06-14 17:31:25 +00:00
|
|
|
"source_ref": "indicator--a21432e3-570a-48ee-939f-d95a10ef6cff",
|
|
|
|
"target_ref": "x-misp-object--905ec2f4-8e70-493e-a2a0-496bd114bf8a"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "marking-definition",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
|
|
|
"created": "2017-01-20T00:00:00.000Z",
|
|
|
|
"definition_type": "tlp",
|
|
|
|
"name": "TLP:WHITE",
|
|
|
|
"definition": {
|
|
|
|
"tlp": "white"
|
|
|
|
}
|
|
|
|
}
|
2023-04-21 13:25:09 +00:00
|
|
|
]
|
|
|
|
}
|