2023-04-21 13:25:09 +00:00
{
2023-06-14 17:31:25 +00:00
"type" : "bundle" ,
"id" : "bundle--5cae46c1-c198-49cb-9036-4a34950d210f" ,
"objects" : [
{
"type" : "identity" ,
"spec_version" : "2.1" ,
"id" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2021-09-09T11:00:08.000Z" ,
"modified" : "2021-09-09T11:00:08.000Z" ,
"name" : "CIRCL" ,
"identity_class" : "organization"
} ,
{
"type" : "report" ,
"spec_version" : "2.1" ,
"id" : "report--5cae46c1-c198-49cb-9036-4a34950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2021-09-09T11:00:08.000Z" ,
"modified" : "2021-09-09T11:00:08.000Z" ,
"name" : "Malware Analysis Report (AR19-100A) MAR-10135536-8 \u00e2\u20ac\u201c North Korean Trojan: HOPLIGHT MAR-10135536.r8.v1" ,
"published" : "2021-09-09T11:01:32Z" ,
"object_refs" : [
"x-misp-attribute--5e467348-32d1-47d4-9a18-f52265ff5294" ,
"x-misp-attribute--7cc187fb-ca19-4786-bc4c-902f8197c54a" ,
"x-misp-attribute--c8a6e23e-304b-4bc4-a895-0856488ba1e5" ,
"x-misp-attribute--aef17f31-c143-4862-8e5e-afb944ec51d6" ,
"x-misp-attribute--4205f3b8-0878-4286-9fc0-b98718e3a838" ,
"x-misp-attribute--8c604b84-78ae-40cc-af41-6a39ccf913dc" ,
"x-misp-attribute--66c7ad51-1cfe-413e-8697-a15d695c883c" ,
"x-misp-attribute--ccf4f3c2-365f-4c77-a640-d7f86a8e8244" ,
"x-misp-attribute--13b173ea-f663-487b-962c-68c963883a85" ,
"x-misp-attribute--18c83f34-ed5a-4e61-a1dd-ef01bfd7e82e" ,
"x-misp-attribute--4fc843e5-e45e-4727-b4f4-5b377860c252" ,
"x-misp-attribute--47f96d91-741d-4458-a13b-9d2f57bdf6ed" ,
"observed-data--5e64eddb-9dc7-4976-9c08-4884f931c92e" ,
"network-traffic--5e64eddb-9dc7-4976-9c08-4884f931c92e" ,
"ipv4-addr--5e64eddb-9dc7-4976-9c08-4884f931c92e" ,
"observed-data--0031ec2d-46ed-4835-93ef-e6b868a26e40" ,
"network-traffic--0031ec2d-46ed-4835-93ef-e6b868a26e40" ,
"ipv4-addr--0031ec2d-46ed-4835-93ef-e6b868a26e40" ,
"observed-data--9b5d58a8-fedd-424b-9e95-1fa9dee6113b" ,
"network-traffic--9b5d58a8-fedd-424b-9e95-1fa9dee6113b" ,
"ipv4-addr--9b5d58a8-fedd-424b-9e95-1fa9dee6113b" ,
"observed-data--a7455d44-d858-472a-96ee-edea677be659" ,
"network-traffic--a7455d44-d858-472a-96ee-edea677be659" ,
"ipv4-addr--a7455d44-d858-472a-96ee-edea677be659" ,
"observed-data--aa8e532e-3b80-47e4-bb04-22d666a10bd7" ,
"network-traffic--aa8e532e-3b80-47e4-bb04-22d666a10bd7" ,
"ipv4-addr--aa8e532e-3b80-47e4-bb04-22d666a10bd7" ,
"observed-data--3d25e903-29f5-4b88-bf80-bd6bd8a9616b" ,
"network-traffic--3d25e903-29f5-4b88-bf80-bd6bd8a9616b" ,
"ipv4-addr--3d25e903-29f5-4b88-bf80-bd6bd8a9616b" ,
"observed-data--bc976e66-b5d6-464d-9adc-0d53da3ec01a" ,
"network-traffic--bc976e66-b5d6-464d-9adc-0d53da3ec01a" ,
"ipv4-addr--bc976e66-b5d6-464d-9adc-0d53da3ec01a" ,
"observed-data--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3" ,
"network-traffic--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3" ,
"ipv4-addr--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3" ,
"observed-data--dfa5812c-f91e-42b8-811d-718121a46fd9" ,
"network-traffic--dfa5812c-f91e-42b8-811d-718121a46fd9" ,
"ipv4-addr--dfa5812c-f91e-42b8-811d-718121a46fd9" ,
"observed-data--930261a1-dfbe-4f99-957b-27f14a50a397" ,
"network-traffic--930261a1-dfbe-4f99-957b-27f14a50a397" ,
"ipv4-addr--930261a1-dfbe-4f99-957b-27f14a50a397" ,
"observed-data--4fb3c39a-2c59-46d9-be12-028f54e577c9" ,
"network-traffic--4fb3c39a-2c59-46d9-be12-028f54e577c9" ,
"ipv4-addr--4fb3c39a-2c59-46d9-be12-028f54e577c9" ,
"observed-data--e773193c-a490-442a-a41f-63e402cf3865" ,
"network-traffic--e773193c-a490-442a-a41f-63e402cf3865" ,
"ipv4-addr--e773193c-a490-442a-a41f-63e402cf3865" ,
"observed-data--d959b41a-72bb-478a-b453-5dfac6fe0dc1" ,
"network-traffic--d959b41a-72bb-478a-b453-5dfac6fe0dc1" ,
"ipv4-addr--d959b41a-72bb-478a-b453-5dfac6fe0dc1" ,
"observed-data--378c38f0-377c-4626-949c-5eaa0a6367ae" ,
"network-traffic--378c38f0-377c-4626-949c-5eaa0a6367ae" ,
"ipv4-addr--378c38f0-377c-4626-949c-5eaa0a6367ae" ,
"observed-data--206ae99c-1cda-41e0-a81f-8e0e8c433156" ,
"network-traffic--206ae99c-1cda-41e0-a81f-8e0e8c433156" ,
"ipv4-addr--206ae99c-1cda-41e0-a81f-8e0e8c433156" ,
"indicator--eea5fb73-96a6-4aae-9d36-74cdbefbe4e7" ,
"indicator--adad988c-643d-4c25-a6fb-50d3e07c62e6" ,
"indicator--7e8543c5-336f-4337-a217-c88bf569d8c6" ,
"indicator--70971c87-fa69-4300-882e-5ce6e256496f" ,
"indicator--6e32e619-e0ca-4e75-b7dc-01f5d1917d9a" ,
"indicator--2dd85ad6-0987-4542-822b-df9e89eb9e65" ,
"indicator--2612714e-52b6-481c-8fb6-75d5b889548b" ,
"indicator--6ab25fb7-8818-49cc-9ace-c227806fe342" ,
"indicator--27db0397-2a1b-429b-8bae-d0427d55c164" ,
"indicator--f431fcf2-94fe-495a-8fe2-f39c15e442f2" ,
"observed-data--9379eade-cf5a-477a-a8b4-6eb2199c340b" ,
"file--9379eade-cf5a-477a-a8b4-6eb2199c340b" ,
"observed-data--22effacf-e4e2-4e50-b638-8246fd0e093e" ,
"file--22effacf-e4e2-4e50-b638-8246fd0e093e" ,
"observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9" ,
"file--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9" ,
"x-misp-object--3dacf4c2-9dfc-46e4-8617-4786537e8ae8" ,
"x-misp-object--fca17017-c7b9-4985-ae07-bf616a36f172" ,
"x-misp-object--16d9cbf2-43e4-4e6f-adf5-ec883d2e5091" ,
"x-misp-object--2c63c35f-d552-4324-a60b-ecf98f7cfd99" ,
"observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca" ,
"file--f7d0f16d-6367-4770-ae6e-db03c68a82ca" ,
"observed-data--e245ed73-c585-4e0b-9190-38647d7f215d" ,
"file--e245ed73-c585-4e0b-9190-38647d7f215d" ,
"observed-data--ebf0b816-7fdf-425a-8298-134f91e7cdf2" ,
"file--ebf0b816-7fdf-425a-8298-134f91e7cdf2" ,
"x-misp-object--26db93d0-b8c2-48c0-9068-e8ddce10b2ac" ,
"observed-data--6c10ee1b-a1c9-414d-92cc-8574decc8af4" ,
"file--6c10ee1b-a1c9-414d-92cc-8574decc8af4" ,
"observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90" ,
"file--02f5bf02-c1ac-4142-be6b-978554a19a90" ,
"x-misp-object--5e26a8e6-9554-46b4-9b95-e31d69198ea6" ,
"x-misp-object--f08a32dc-ddbc-4164-8f6d-a564d7a7e31c" ,
"x-misp-object--6e01219a-94b3-47e9-86c4-7f770ccb0fbb" ,
"x-misp-object--d3914c3e-70f1-4dc8-9748-009b973cacc2" ,
"x-misp-object--b5d6f570-a5ec-4760-8d47-ae9c8d2533b6" ,
"x-misp-object--2ba66826-3848-41e9-a0b0-18433680ff80" ,
"x-misp-object--955a399e-186e-4973-b937-eac9a78c3caa" ,
"x-misp-object--a5e80ae2-c3ea-4d96-ae64-9e67bb8823b8" ,
"x-misp-object--476563e7-aac9-4a76-b8d8-c33020d34baf" ,
"x-misp-object--5053da1b-c011-42ca-b739-3cf3d1a9e05e" ,
"observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2" ,
"file--d090d7bd-5ff5-4f00-be49-c6d7436144d2" ,
"observed-data--454b39cf-332b-4236-8015-6d343c883f40" ,
"file--454b39cf-332b-4236-8015-6d343c883f40" ,
"observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c" ,
"file--ec166754-a5ff-4729-ac26-ac79ce02133c" ,
"observed-data--dc846c76-af3d-4aab-ba62-ccc9a5582e5d" ,
"file--dc846c76-af3d-4aab-ba62-ccc9a5582e5d" ,
"observed-data--03272933-d90e-4e38-87fa-5490bd1c37d8" ,
"file--03272933-d90e-4e38-87fa-5490bd1c37d8" ,
"observed-data--ec5b0828-fc8e-4d29-9a2a-59806d987175" ,
"file--ec5b0828-fc8e-4d29-9a2a-59806d987175" ,
"x-misp-object--5cae46d6-3cf8-4a8c-9ffc-46e0950d210f" ,
"x-misp-object--b2d62cb5-8052-47f2-997e-dd4238004f97" ,
"x-misp-object--42d5dff2-e1f0-428f-a415-b83a757b7768" ,
"x-misp-object--a314859d-026b-4b02-bcf5-09d7e3c08026" ,
"x-misp-object--2fc2e78c-c6e8-424c-9ad7-e166e7737e9c" ,
"x-misp-object--603e0902-44f7-4457-9d0e-6246e8fce379" ,
"x-misp-object--1c222ada-8f9b-4a30-9cb1-fc81cd47dee8" ,
"x-misp-object--1cba5ef3-2f91-4b11-855e-9480c7fb943d" ,
"x-misp-object--c8b6f1f2-e727-4120-8d78-62dabe459c41" ,
"x-misp-object--e25a593a-6702-4694-90f3-f0858a21b5e1" ,
"x-misp-object--d0962325-2049-4b8a-9cc0-8597888ef490" ,
"x-misp-object--c6acfd6b-0a6a-40cc-8f76-c2fdf02f41d9" ,
"x-misp-object--292b76e3-83c8-4bb0-89c8-8105cf22899d" ,
"x-misp-object--ae92ce2a-cac9-4284-8ce9-641e2a6d948b" ,
"indicator--a10931bb-7045-47ad-bc16-e2684051e353" ,
"indicator--335302ab-5969-43ef-aae3-ded36c7331b5" ,
"indicator--d047f984-e129-4e7d-95f7-b3883eb4d380" ,
"indicator--738d6709-4996-4265-b9db-a44258b97eca" ,
"indicator--d158344a-e9a9-4e03-9832-fb1264c3d1aa" ,
"indicator--8ac82864-35d9-4232-ad60-e3e6fab47b66" ,
"indicator--c2881aa4-04fd-45b9-922b-93273fd2f4a7" ,
"indicator--ab715c6a-5b26-4280-a328-6d748e83e680" ,
"indicator--4bef19cc-01f6-4b03-9f08-6b51796cb5ca" ,
"indicator--cb4560bb-f70e-44a7-9496-1d7d017e9880" ,
"x-misp-object--6a82a81c-cc1c-4568-95e8-65da2aa8a8ec" ,
"x-misp-object--132d7802-77e5-432c-8cf6-7648b90e7acd" ,
"x-misp-object--51c3c827-4e60-4f91-b6b4-b1e99fab0df8" ,
"x-misp-object--a4f1d6f8-842e-42f9-8d2c-b69a2d04a1ea" ,
"x-misp-object--a61f2333-075a-4f7e-9145-b7e624c99d43" ,
"x-misp-object--904eab59-fca8-4005-ae01-fa802500e52c" ,
"x-misp-object--e02bda87-4522-4849-b60b-cd07a598b48f" ,
"x-misp-object--21bbfcf1-6d03-46ab-926e-8c513e3c9c6f" ,
"x-misp-object--23520dbd-c625-44d0-816a-fff60adf8c08" ,
"x-misp-object--8c51db87-a216-44c0-bd75-69239348d2a1" ,
"x-misp-object--b4eb4fd7-5fee-43e6-8ecd-63c87632d4c0" ,
"x-misp-object--d7d9f6b7-4b64-49a9-843a-a675d8130f4b" ,
"x-misp-object--b6b3a355-04df-468c-b334-3553062b12c7" ,
"x-misp-object--99a21cae-aca7-4dc5-a057-c31d995c3de7" ,
"x-misp-object--81b7d5fc-2afa-4313-b589-1773e410cd85" ,
"x-misp-object--b0039524-0831-4150-9367-0c01132e1f6d" ,
"x-misp-object--dbc2c668-6778-40ee-a1d2-0a8eed89d382" ,
"x-misp-object--08b33dc6-0d4c-4441-85b9-19177bfce17f" ,
"x-misp-object--cf24fa43-ec76-41ac-a2c9-c76a86ccd334" ,
"x-misp-object--06b00c8c-78e4-4833-a79a-c70ac79d8b25" ,
"x-misp-object--7b055b6f-f844-470b-958f-918ada8231bc" ,
"x-misp-object--3014952d-8c6c-47f4-9e95-a2e07d248668" ,
"x-misp-object--03f59ed6-d83e-4769-a8ac-611f258d0429" ,
"x-misp-object--681912d6-af0d-4b11-af8f-576123bb2ef7" ,
"x-misp-object--a2dfae6d-1e63-4f17-aa63-b82b363d2000" ,
"x-misp-object--cb37303a-fd4b-4a66-a6e8-ff5dffc84ac7" ,
"x-misp-object--737ccfd6-1e0e-494d-bcdc-5cbf6ae072f7" ,
"x-misp-object--d032374b-36e3-4c4b-895b-c3a776cb60c4" ,
"x-misp-object--9c760cfe-2e23-4e32-b35b-d7097fd4c799" ,
"x-misp-object--34135ff1-138a-4297-afe6-6e17271fbeec" ,
"x-misp-object--1435e56d-5f38-40c6-a7c7-d85df67a37ea" ,
"x-misp-object--b29bf9b8-09d1-41ec-8cf6-1556913a36b7" ,
"x-misp-object--409a8ca2-3740-4465-be76-e1ebed4570e6" ,
"x-misp-object--855ac261-1c2a-412b-8320-1aa8d22f8c33" ,
"x-misp-object--5760f7f9-6817-48fb-be8f-112dbd443f0a" ,
"x-misp-object--081fda7a-462f-411a-b541-1c85411baee2" ,
"x-misp-object--2c3e7740-a7bc-46d7-bed6-5da54b4327f0" ,
"x-misp-object--8e875ae8-911f-4dcd-b7bb-8a9072d3644e" ,
"x-misp-object--f4844fcb-3d68-4d09-8bbb-7619a0942846" ,
"x-misp-object--8da40bf6-a137-4af6-b7d2-4a6fec51aecd" ,
"x-misp-object--6f0934e5-279f-4bd3-93e1-b881f5c59504" ,
"x-misp-object--11f10ac7-5b61-4363-bd6a-59ac0b8fcc9e" ,
"x-misp-object--1b766990-d382-462f-a49c-1f5c53715ed4" ,
"x-misp-object--eb73eb8b-04c4-4e27-b803-b60d56347fec" ,
"x-misp-object--0145ba7f-231a-4fd8-aba1-438b70fae9fa" ,
"x-misp-object--f20d5f20-e19c-49e3-a2e0-d47a0e0b499e" ,
"x-misp-object--542776ab-dc9a-49f5-8504-4201f4eb85f7" ,
"x-misp-object--001f3b62-1dc5-46b7-a5d1-0d172470284f" ,
"x-misp-object--b144f1bb-4a25-4b2f-9e73-640f10889fec" ,
"x-misp-object--06738787-de97-4d46-b799-b0492c57d3e5" ,
"x-misp-object--6cd4ce4a-6876-4fc6-a865-3a078c3f63e8" ,
"x-misp-object--ac51556a-91c0-4267-9e61-de0a0dbabf05" ,
"x-misp-object--ea7cc58d-1fe6-4a0b-8070-4fe5b38cb690" ,
"x-misp-object--c57a6cf7-e544-4364-adba-a72ea3e6573f" ,
"x-misp-object--1746f20a-4522-4af5-b779-165a2b829958" ,
"x-misp-object--9500fb1e-bb08-45d5-a3eb-3b82f649c624" ,
"x-misp-object--0f41e5c5-7f40-44a1-885b-7f9597eb99f9" ,
"x-misp-object--2c0897ef-be21-4b08-a096-899c8545c0a6" ,
"x-misp-object--6fa43c7f-c294-43cf-8b40-d00655aaa96e" ,
"x-misp-object--ce21b7c4-404c-4a76-96c8-e50ba9773a30" ,
"relationship--9a52e28b-3f14-42cc-89f0-b271211e944d" ,
"relationship--c7b1afcf-3e5f-4c34-a178-335e05fe9ba8" ,
"relationship--cf80a419-fff9-488b-bc47-acad7992107a" ,
"relationship--371883ac-ffa1-480c-b5f1-ce899bc2c3d5" ,
"relationship--58006fe6-a21e-45e2-8da6-fbb737bb754a" ,
"relationship--0261cba6-d9ad-4853-bf55-723982b2e9bc" ,
"relationship--2b562d6a-9bb8-4eb4-9b82-10ed52052ddf" ,
"relationship--2258aadd-d13c-4537-a0f5-114f3e0accf7" ,
"relationship--ecd1cea5-351c-4061-82dc-f63dde3e3ca0" ,
"relationship--568696e6-7817-464c-8ebc-bdec08328f50" ,
"relationship--76338b96-a904-45ef-958c-2cfdc2a150f4" ,
"relationship--36ac4d10-7758-4d1c-9025-deaf17b49b65" ,
"relationship--ea7222d1-9547-40f3-8553-5409fa3d152a" ,
"relationship--1a3c3027-0685-4717-9368-c60f285b4130" ,
"relationship--413d6a76-7a99-4495-a713-e47c925cee2a" ,
"relationship--972b842a-dcf2-4c7d-a976-d8bf77e59cdc" ,
"relationship--5d5174d4-a068-4a9c-a7b1-ce3b3099fba6" ,
"relationship--9c32622a-a1d2-4168-9b2f-46032d6914d4" ,
"relationship--52c4a17b-f954-47bf-b6da-c91006a0ec38" ,
"relationship--217c28d4-c99f-44fa-9a50-53c13c15b4cd" ,
"relationship--6b121804-2c7c-4e7e-aba2-6dd29f00a5cc" ,
"relationship--2c09c805-a6a4-4a64-82d2-3eb76c3f554b" ,
"relationship--2793a572-85a9-46fa-ae7d-5bdafd46a64b" ,
"relationship--b3c76f09-220d-4d55-a5af-b4aeac28edcb" ,
"relationship--469629a0-e452-44d4-bcc1-983eda72fc69" ,
"relationship--1d0dbb3c-4cb7-4ef2-9343-6ad5fc29b7f8" ,
"relationship--b52557f0-bac6-4a2f-9ade-96d3d0426b73" ,
"relationship--bfb36205-c6cf-4c44-8901-af3450ecc9f5" ,
"relationship--8f031914-9e0b-4a17-bf63-d4e446fa52e6" ,
"relationship--12608760-b656-4edb-bc9e-beb4582a296d" ,
"relationship--fb97bc7b-6508-4bc3-b790-db5948a4210c" ,
"relationship--3b3a0ee4-331d-4086-b0a2-7d4974076fbe" ,
"relationship--3c5f958c-5946-4988-872e-74bfa9ac2d43" ,
"relationship--4fb6a247-56b0-4245-993e-737b19e8dc0b" ,
"relationship--bc27aa01-b6d5-468a-bddb-6e39b208e792" ,
"relationship--74d7bb43-2589-426f-9bd8-8f582939a03f" ,
"relationship--58a1cfa0-ae6e-4d10-b6ed-1573e7beb3bb" ,
"relationship--8a6fca34-9ca7-42eb-affc-38fb4a59439c" ,
"relationship--ea7b0ffc-51b3-4ba2-8a96-27b5d54c2884" ,
"relationship--7a74b52e-b531-45c7-986f-6ccf9680e3df" ,
"relationship--e468dccb-7391-4c8a-8621-c340ea31a412" ,
"relationship--c99a7b6b-168b-4386-8d53-15fb6e17b589" ,
"relationship--a8c06cd0-a6c1-4263-9b90-53e608694fbb" ,
"relationship--b4569476-6c05-4a36-b9a1-e0866f66f990" ,
"relationship--fbba3758-9e76-49dc-9f22-b91e51ab0fef" ,
"relationship--4a1c404f-3534-4000-af73-d59ecd8e3562" ,
"relationship--14cdc4a8-8c1e-4f3a-8af3-aaeceeb35eb0" ,
"relationship--f4128454-44ad-43f1-aa02-c7230ce86fea" ,
"relationship--3cf83f5c-89ec-4f61-9858-61af749204c8" ,
"relationship--7c140490-1f70-4c80-b5c9-a9d0777e652f" ,
"relationship--428e3902-581a-4f32-9c0e-e0dd60550e3d" ,
"relationship--f35cbe24-8562-4d8b-9157-7f1534093e3c" ,
"relationship--d50b3fbe-a86d-4e2e-a65d-09387ee2d730" ,
"relationship--1bc8333a-468c-4f93-9ab4-f9d925750a90" ,
"relationship--c76425c4-b92c-41c9-a1f1-d2e307eb22ab" ,
"relationship--4b390732-189b-4351-a7d3-8969eaef258a" ,
"relationship--95ded383-121a-40ac-ba51-2e8737606b37" ,
"relationship--f793ba67-ad62-4edf-bbba-c9bd3f0d1acd" ,
"relationship--785a4094-94df-4c37-b4b6-d81fe5fb70b5" ,
"relationship--bc855dc7-a29e-4f2c-8806-8e5886cd9930" ,
"relationship--dbd26615-300e-4044-8265-ead44e982ca7" ,
"relationship--e4c4564c-a97e-4333-96c1-fcf4297dde23" ,
"relationship--b52dbec3-42b6-45b6-907a-dad41b880008" ,
"relationship--dce42961-f244-433e-9524-9afcc65c2c29" ,
"relationship--a92844bc-2627-4646-9485-1aafe7f11498"
] ,
"labels" : [
"Threat-Report" ,
"misp:tool=\"MISP-STIX-Converter\"" ,
"type:OSINT" ,
"osint:lifetime=\"perpetual\"" ,
"osint:certainty=\"50\"" ,
"misp-galaxy:mitre-enterprise-attack-intrusion-set=\"Lazarus Group\"" ,
"misp-galaxy:mitre-intrusion-set=\"Lazarus Group\"" ,
"misp-galaxy:threat-actor=\"COVELLITE\"" ,
"misp-galaxy:threat-actor=\"Lazarus Group\""
] ,
"object_marking_refs" : [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
} ,
{
"type" : "x-misp-attribute" ,
"spec_version" : "2.1" ,
"id" : "x-misp-attribute--5e467348-32d1-47d4-9a18-f52265ff5294" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"labels" : [
"misp:type=\"port\"" ,
"misp:category=\"Network activity\""
] ,
"x_misp_category" : "Network activity" ,
"x_misp_type" : "port" ,
"x_misp_value" : "7443"
} ,
{
"type" : "x-misp-attribute" ,
"spec_version" : "2.1" ,
"id" : "x-misp-attribute--7cc187fb-ca19-4786-bc4c-902f8197c54a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"labels" : [
"misp:type=\"port\"" ,
"misp:category=\"Network activity\""
] ,
"x_misp_category" : "Network activity" ,
"x_misp_type" : "port" ,
"x_misp_value" : "443"
} ,
{
"type" : "x-misp-attribute" ,
"spec_version" : "2.1" ,
"id" : "x-misp-attribute--c8a6e23e-304b-4bc4-a895-0856488ba1e5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"labels" : [
"misp:type=\"port\"" ,
"misp:category=\"Network activity\""
] ,
"x_misp_category" : "Network activity" ,
"x_misp_type" : "port" ,
"x_misp_value" : "23164"
} ,
{
"type" : "x-misp-attribute" ,
"spec_version" : "2.1" ,
"id" : "x-misp-attribute--aef17f31-c143-4862-8e5e-afb944ec51d6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"labels" : [
"misp:type=\"port\"" ,
"misp:category=\"Network activity\""
] ,
"x_misp_category" : "Network activity" ,
"x_misp_type" : "port" ,
"x_misp_value" : "59681"
} ,
{
"type" : "x-misp-attribute" ,
"spec_version" : "2.1" ,
"id" : "x-misp-attribute--4205f3b8-0878-4286-9fc0-b98718e3a838" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"labels" : [
"misp:type=\"port\"" ,
"misp:category=\"Network activity\""
] ,
"x_misp_category" : "Network activity" ,
"x_misp_type" : "port" ,
"x_misp_value" : "23397"
} ,
{
"type" : "x-misp-attribute" ,
"spec_version" : "2.1" ,
"id" : "x-misp-attribute--8c604b84-78ae-40cc-af41-6a39ccf913dc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"labels" : [
"misp:type=\"port\"" ,
"misp:category=\"Network activity\""
] ,
"x_misp_category" : "Network activity" ,
"x_misp_type" : "port" ,
"x_misp_value" : "59067"
} ,
{
"type" : "x-misp-attribute" ,
"spec_version" : "2.1" ,
"id" : "x-misp-attribute--66c7ad51-1cfe-413e-8697-a15d695c883c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"labels" : [
"misp:type=\"port\"" ,
"misp:category=\"Network activity\""
] ,
"x_misp_category" : "Network activity" ,
"x_misp_type" : "port" ,
"x_misp_value" : "17770"
} ,
{
"type" : "x-misp-attribute" ,
"spec_version" : "2.1" ,
"id" : "x-misp-attribute--ccf4f3c2-365f-4c77-a640-d7f86a8e8244" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"labels" : [
"misp:type=\"port\"" ,
"misp:category=\"Network activity\""
] ,
"x_misp_category" : "Network activity" ,
"x_misp_type" : "port" ,
"x_misp_value" : "2248"
} ,
{
"type" : "x-misp-attribute" ,
"spec_version" : "2.1" ,
"id" : "x-misp-attribute--13b173ea-f663-487b-962c-68c963883a85" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"labels" : [
"misp:type=\"port\"" ,
"misp:category=\"Network activity\""
] ,
"x_misp_category" : "Network activity" ,
"x_misp_type" : "port" ,
"x_misp_value" : "64694"
} ,
{
"type" : "x-misp-attribute" ,
"spec_version" : "2.1" ,
"id" : "x-misp-attribute--18c83f34-ed5a-4e61-a1dd-ef01bfd7e82e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"labels" : [
"misp:type=\"port\"" ,
"misp:category=\"Network activity\""
] ,
"x_misp_category" : "Network activity" ,
"x_misp_type" : "port" ,
"x_misp_value" : "37120"
} ,
{
"type" : "x-misp-attribute" ,
"spec_version" : "2.1" ,
"id" : "x-misp-attribute--4fc843e5-e45e-4727-b4f4-5b377860c252" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"labels" : [
"misp:type=\"port\"" ,
"misp:category=\"Network activity\""
] ,
"x_misp_category" : "Network activity" ,
"x_misp_type" : "port" ,
"x_misp_value" : "52884"
} ,
{
"type" : "x-misp-attribute" ,
"spec_version" : "2.1" ,
"id" : "x-misp-attribute--47f96d91-741d-4458-a13b-9d2f57bdf6ed" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"labels" : [
"misp:type=\"port\"" ,
"misp:category=\"Network activity\""
] ,
"x_misp_category" : "Network activity" ,
"x_misp_type" : "port" ,
"x_misp_value" : "65292"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5e64eddb-9dc7-4976-9c08-4884f931c92e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"first_observed" : "2019-04-10T19:40:49Z" ,
"last_observed" : "2019-04-10T19:40:49Z" ,
"number_observed" : 1 ,
"object_refs" : [
"network-traffic--5e64eddb-9dc7-4976-9c08-4884f931c92e" ,
"ipv4-addr--5e64eddb-9dc7-4976-9c08-4884f931c92e"
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\""
]
} ,
{
"type" : "network-traffic" ,
"spec_version" : "2.1" ,
"id" : "network-traffic--5e64eddb-9dc7-4976-9c08-4884f931c92e" ,
"dst_ref" : "ipv4-addr--5e64eddb-9dc7-4976-9c08-4884f931c92e" ,
"protocols" : [
"tcp"
]
} ,
{
"type" : "ipv4-addr" ,
"spec_version" : "2.1" ,
"id" : "ipv4-addr--5e64eddb-9dc7-4976-9c08-4884f931c92e" ,
"value" : "112.175.92.57"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--0031ec2d-46ed-4835-93ef-e6b868a26e40" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"first_observed" : "2019-04-10T19:40:49Z" ,
"last_observed" : "2019-04-10T19:40:49Z" ,
"number_observed" : 1 ,
"object_refs" : [
"network-traffic--0031ec2d-46ed-4835-93ef-e6b868a26e40" ,
"ipv4-addr--0031ec2d-46ed-4835-93ef-e6b868a26e40"
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\""
]
} ,
{
"type" : "network-traffic" ,
"spec_version" : "2.1" ,
"id" : "network-traffic--0031ec2d-46ed-4835-93ef-e6b868a26e40" ,
"dst_ref" : "ipv4-addr--0031ec2d-46ed-4835-93ef-e6b868a26e40" ,
"protocols" : [
"tcp"
]
} ,
{
"type" : "ipv4-addr" ,
"spec_version" : "2.1" ,
"id" : "ipv4-addr--0031ec2d-46ed-4835-93ef-e6b868a26e40" ,
"value" : "84.49.242.125"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--9b5d58a8-fedd-424b-9e95-1fa9dee6113b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"first_observed" : "2019-04-10T19:40:49Z" ,
"last_observed" : "2019-04-10T19:40:49Z" ,
"number_observed" : 1 ,
"object_refs" : [
"network-traffic--9b5d58a8-fedd-424b-9e95-1fa9dee6113b" ,
"ipv4-addr--9b5d58a8-fedd-424b-9e95-1fa9dee6113b"
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\""
]
} ,
{
"type" : "network-traffic" ,
"spec_version" : "2.1" ,
"id" : "network-traffic--9b5d58a8-fedd-424b-9e95-1fa9dee6113b" ,
"dst_ref" : "ipv4-addr--9b5d58a8-fedd-424b-9e95-1fa9dee6113b" ,
"protocols" : [
"tcp"
]
} ,
{
"type" : "ipv4-addr" ,
"spec_version" : "2.1" ,
"id" : "ipv4-addr--9b5d58a8-fedd-424b-9e95-1fa9dee6113b" ,
"value" : "81.94.192.147"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--a7455d44-d858-472a-96ee-edea677be659" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"first_observed" : "2019-04-10T19:40:49Z" ,
"last_observed" : "2019-04-10T19:40:49Z" ,
"number_observed" : 1 ,
"object_refs" : [
"network-traffic--a7455d44-d858-472a-96ee-edea677be659" ,
"ipv4-addr--a7455d44-d858-472a-96ee-edea677be659"
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\""
]
} ,
{
"type" : "network-traffic" ,
"spec_version" : "2.1" ,
"id" : "network-traffic--a7455d44-d858-472a-96ee-edea677be659" ,
"dst_ref" : "ipv4-addr--a7455d44-d858-472a-96ee-edea677be659" ,
"protocols" : [
"tcp"
]
} ,
{
"type" : "ipv4-addr" ,
"spec_version" : "2.1" ,
"id" : "ipv4-addr--a7455d44-d858-472a-96ee-edea677be659" ,
"value" : "128.200.115.228"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--aa8e532e-3b80-47e4-bb04-22d666a10bd7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"first_observed" : "2019-04-10T19:40:49Z" ,
"last_observed" : "2019-04-10T19:40:49Z" ,
"number_observed" : 1 ,
"object_refs" : [
"network-traffic--aa8e532e-3b80-47e4-bb04-22d666a10bd7" ,
"ipv4-addr--aa8e532e-3b80-47e4-bb04-22d666a10bd7"
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\""
]
} ,
{
"type" : "network-traffic" ,
"spec_version" : "2.1" ,
"id" : "network-traffic--aa8e532e-3b80-47e4-bb04-22d666a10bd7" ,
"dst_ref" : "ipv4-addr--aa8e532e-3b80-47e4-bb04-22d666a10bd7" ,
"protocols" : [
"tcp"
]
} ,
{
"type" : "ipv4-addr" ,
"spec_version" : "2.1" ,
"id" : "ipv4-addr--aa8e532e-3b80-47e4-bb04-22d666a10bd7" ,
"value" : "47.206.4.145"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--3d25e903-29f5-4b88-bf80-bd6bd8a9616b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"first_observed" : "2019-04-10T19:40:49Z" ,
"last_observed" : "2019-04-10T19:40:49Z" ,
"number_observed" : 1 ,
"object_refs" : [
"network-traffic--3d25e903-29f5-4b88-bf80-bd6bd8a9616b" ,
"ipv4-addr--3d25e903-29f5-4b88-bf80-bd6bd8a9616b"
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\""
]
} ,
{
"type" : "network-traffic" ,
"spec_version" : "2.1" ,
"id" : "network-traffic--3d25e903-29f5-4b88-bf80-bd6bd8a9616b" ,
"dst_ref" : "ipv4-addr--3d25e903-29f5-4b88-bf80-bd6bd8a9616b" ,
"protocols" : [
"tcp"
]
} ,
{
"type" : "ipv4-addr" ,
"spec_version" : "2.1" ,
"id" : "ipv4-addr--3d25e903-29f5-4b88-bf80-bd6bd8a9616b" ,
"value" : "70.224.36.194"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--bc976e66-b5d6-464d-9adc-0d53da3ec01a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"first_observed" : "2019-04-10T19:40:49Z" ,
"last_observed" : "2019-04-10T19:40:49Z" ,
"number_observed" : 1 ,
"object_refs" : [
"network-traffic--bc976e66-b5d6-464d-9adc-0d53da3ec01a" ,
"ipv4-addr--bc976e66-b5d6-464d-9adc-0d53da3ec01a"
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\""
]
} ,
{
"type" : "network-traffic" ,
"spec_version" : "2.1" ,
"id" : "network-traffic--bc976e66-b5d6-464d-9adc-0d53da3ec01a" ,
"dst_ref" : "ipv4-addr--bc976e66-b5d6-464d-9adc-0d53da3ec01a" ,
"protocols" : [
"tcp"
]
} ,
{
"type" : "ipv4-addr" ,
"spec_version" : "2.1" ,
"id" : "ipv4-addr--bc976e66-b5d6-464d-9adc-0d53da3ec01a" ,
"value" : "197.211.212.59"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"first_observed" : "2019-04-10T19:40:49Z" ,
"last_observed" : "2019-04-10T19:40:49Z" ,
"number_observed" : 1 ,
"object_refs" : [
"network-traffic--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3" ,
"ipv4-addr--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3"
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\""
]
} ,
{
"type" : "network-traffic" ,
"spec_version" : "2.1" ,
"id" : "network-traffic--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3" ,
"dst_ref" : "ipv4-addr--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3" ,
"protocols" : [
"tcp"
]
} ,
{
"type" : "ipv4-addr" ,
"spec_version" : "2.1" ,
"id" : "ipv4-addr--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3" ,
"value" : "113.114.117.122"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--dfa5812c-f91e-42b8-811d-718121a46fd9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"first_observed" : "2019-04-10T19:40:49Z" ,
"last_observed" : "2019-04-10T19:40:49Z" ,
"number_observed" : 1 ,
"object_refs" : [
"network-traffic--dfa5812c-f91e-42b8-811d-718121a46fd9" ,
"ipv4-addr--dfa5812c-f91e-42b8-811d-718121a46fd9"
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\""
]
} ,
{
"type" : "network-traffic" ,
"spec_version" : "2.1" ,
"id" : "network-traffic--dfa5812c-f91e-42b8-811d-718121a46fd9" ,
"dst_ref" : "ipv4-addr--dfa5812c-f91e-42b8-811d-718121a46fd9" ,
"protocols" : [
"tcp"
]
} ,
{
"type" : "ipv4-addr" ,
"spec_version" : "2.1" ,
"id" : "ipv4-addr--dfa5812c-f91e-42b8-811d-718121a46fd9" ,
"value" : "21.252.107.198"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--930261a1-dfbe-4f99-957b-27f14a50a397" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"first_observed" : "2019-04-10T19:40:49Z" ,
"last_observed" : "2019-04-10T19:40:49Z" ,
"number_observed" : 1 ,
"object_refs" : [
"network-traffic--930261a1-dfbe-4f99-957b-27f14a50a397" ,
"ipv4-addr--930261a1-dfbe-4f99-957b-27f14a50a397"
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\""
]
} ,
{
"type" : "network-traffic" ,
"spec_version" : "2.1" ,
"id" : "network-traffic--930261a1-dfbe-4f99-957b-27f14a50a397" ,
"dst_ref" : "ipv4-addr--930261a1-dfbe-4f99-957b-27f14a50a397" ,
"protocols" : [
"tcp"
]
} ,
{
"type" : "ipv4-addr" ,
"spec_version" : "2.1" ,
"id" : "ipv4-addr--930261a1-dfbe-4f99-957b-27f14a50a397" ,
"value" : "81.94.192.10"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--4fb3c39a-2c59-46d9-be12-028f54e577c9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"first_observed" : "2019-04-10T19:40:49Z" ,
"last_observed" : "2019-04-10T19:40:49Z" ,
"number_observed" : 1 ,
"object_refs" : [
"network-traffic--4fb3c39a-2c59-46d9-be12-028f54e577c9" ,
"ipv4-addr--4fb3c39a-2c59-46d9-be12-028f54e577c9"
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\""
]
} ,
{
"type" : "network-traffic" ,
"spec_version" : "2.1" ,
"id" : "network-traffic--4fb3c39a-2c59-46d9-be12-028f54e577c9" ,
"dst_ref" : "ipv4-addr--4fb3c39a-2c59-46d9-be12-028f54e577c9" ,
"protocols" : [
"tcp"
]
} ,
{
"type" : "ipv4-addr" ,
"spec_version" : "2.1" ,
"id" : "ipv4-addr--4fb3c39a-2c59-46d9-be12-028f54e577c9" ,
"value" : "186.169.2.237"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--e773193c-a490-442a-a41f-63e402cf3865" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"first_observed" : "2019-04-10T19:40:49Z" ,
"last_observed" : "2019-04-10T19:40:49Z" ,
"number_observed" : 1 ,
"object_refs" : [
"network-traffic--e773193c-a490-442a-a41f-63e402cf3865" ,
"ipv4-addr--e773193c-a490-442a-a41f-63e402cf3865"
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\""
]
} ,
{
"type" : "network-traffic" ,
"spec_version" : "2.1" ,
"id" : "network-traffic--e773193c-a490-442a-a41f-63e402cf3865" ,
"dst_ref" : "ipv4-addr--e773193c-a490-442a-a41f-63e402cf3865" ,
"protocols" : [
"tcp"
]
} ,
{
"type" : "ipv4-addr" ,
"spec_version" : "2.1" ,
"id" : "ipv4-addr--e773193c-a490-442a-a41f-63e402cf3865" ,
"value" : "181.39.135.126"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--d959b41a-72bb-478a-b453-5dfac6fe0dc1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"first_observed" : "2019-04-10T19:40:49Z" ,
"last_observed" : "2019-04-10T19:40:49Z" ,
"number_observed" : 1 ,
"object_refs" : [
"network-traffic--d959b41a-72bb-478a-b453-5dfac6fe0dc1" ,
"ipv4-addr--d959b41a-72bb-478a-b453-5dfac6fe0dc1"
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\""
]
} ,
{
"type" : "network-traffic" ,
"spec_version" : "2.1" ,
"id" : "network-traffic--d959b41a-72bb-478a-b453-5dfac6fe0dc1" ,
"dst_ref" : "ipv4-addr--d959b41a-72bb-478a-b453-5dfac6fe0dc1" ,
"protocols" : [
"tcp"
]
} ,
{
"type" : "ipv4-addr" ,
"spec_version" : "2.1" ,
"id" : "ipv4-addr--d959b41a-72bb-478a-b453-5dfac6fe0dc1" ,
"value" : "97.90.44.200"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--378c38f0-377c-4626-949c-5eaa0a6367ae" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"first_observed" : "2019-04-10T19:40:49Z" ,
"last_observed" : "2019-04-10T19:40:49Z" ,
"number_observed" : 1 ,
"object_refs" : [
"network-traffic--378c38f0-377c-4626-949c-5eaa0a6367ae" ,
"ipv4-addr--378c38f0-377c-4626-949c-5eaa0a6367ae"
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\""
]
} ,
{
"type" : "network-traffic" ,
"spec_version" : "2.1" ,
"id" : "network-traffic--378c38f0-377c-4626-949c-5eaa0a6367ae" ,
"dst_ref" : "ipv4-addr--378c38f0-377c-4626-949c-5eaa0a6367ae" ,
"protocols" : [
"tcp"
]
} ,
{
"type" : "ipv4-addr" ,
"spec_version" : "2.1" ,
"id" : "ipv4-addr--378c38f0-377c-4626-949c-5eaa0a6367ae" ,
"value" : "26.165.218.44"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--206ae99c-1cda-41e0-a81f-8e0e8c433156" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"first_observed" : "2019-04-10T19:40:49Z" ,
"last_observed" : "2019-04-10T19:40:49Z" ,
"number_observed" : 1 ,
"object_refs" : [
"network-traffic--206ae99c-1cda-41e0-a81f-8e0e8c433156" ,
"ipv4-addr--206ae99c-1cda-41e0-a81f-8e0e8c433156"
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\""
]
} ,
{
"type" : "network-traffic" ,
"spec_version" : "2.1" ,
"id" : "network-traffic--206ae99c-1cda-41e0-a81f-8e0e8c433156" ,
"dst_ref" : "ipv4-addr--206ae99c-1cda-41e0-a81f-8e0e8c433156" ,
"protocols" : [
"tcp"
]
} ,
{
"type" : "ipv4-addr" ,
"spec_version" : "2.1" ,
"id" : "ipv4-addr--206ae99c-1cda-41e0-a81f-8e0e8c433156" ,
"value" : "137.139.135.151"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--eea5fb73-96a6-4aae-9d36-74cdbefbe4e7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"pattern" : "[file:hashes.MD5 = '23e27e5482e3f55bf828dab885569033' AND file:hashes.SHA1 = '139b25e1ae32a8768238935a8c878bfbe2f89ef4' AND file:hashes.SHA256 = '05feed9762bc46b47a7dc5c469add9f163c16df4ddaafe81983a628da5714461']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-04-10T19:40:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--adad988c-643d-4c25-a6fb-50d3e07c62e6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"pattern" : "[file:hashes.MD5 = '5c3898ac7670da30cf0b22075f3e8ed6' AND file:hashes.SHA1 = '91110c569a48b3ba92d771c5666a05781fdd6a57' AND file:hashes.SHA256 = '2151c1977b4555a1761c12f151969f8e853e26c396fa1a7b74ccbaf3a48f4525']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-04-10T19:40:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7e8543c5-336f-4337-a217-c88bf569d8c6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"pattern" : "[file:hashes.MD5 = 'c5dc53a540abe95e02008a04a0d56d6c' AND file:hashes.SHA1 = '4cfe9e353b1a91a2add627873846a3ad912ea96b' AND file:hashes.SHA256 = '4c372df691fc699552f81c3d3937729f1dde2a2393f36c92ccc2bd2a033a0818']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-04-10T19:40:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--70971c87-fa69-4300-882e-5ce6e256496f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:49.000Z" ,
"modified" : "2019-04-10T19:40:49.000Z" ,
"pattern" : "[file:hashes.MD5 = 'be588cd29b9dc6f8cfc4d0aa5e5c79aa' AND file:hashes.SHA1 = '06be4fe1f26bc3e4bef057ec83ae81bd3199c7fc' AND file:hashes.SHA256 = 'ddea408e178f0412ae78ff5d5adf2439251f68cad4fd853ee466a3c74649642d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-04-10T19:40:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6e32e619-e0ca-4e75-b7dc-01f5d1917d9a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:50.000Z" ,
"modified" : "2019-04-10T19:40:50.000Z" ,
"pattern" : "[file:hashes.MD5 = '868036e102df4ce414b0e6700825b319' AND file:hashes.SHA1 = '7f1e68d78e455aa14de9020abd2293c3b8ec6cf8' AND file:hashes.SHA256 = '12480585e08855109c5972e85d99cda7701fe992bc1754f1a0736f1eebcb004d']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-04-10T19:40:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2dd85ad6-0987-4542-822b-df9e89eb9e65" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:50.000Z" ,
"modified" : "2019-04-10T19:40:50.000Z" ,
"pattern" : "[file:hashes.MD5 = 'dc268b166fe4c1d1c8595dccf857c476' AND file:hashes.SHA1 = '8264556c8a6e460760dc6bb72ecc6f0f966a16b8' AND file:hashes.SHA256 = '49757cf85657757704656c079785c072bbc233cab942418d99d1f63d43f28359']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-04-10T19:40:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2612714e-52b6-481c-8fb6-75d5b889548b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:50.000Z" ,
"modified" : "2019-04-10T19:40:50.000Z" ,
"pattern" : "[file:hashes.MD5 = '42682d4a78fe5c2eda988185a344637d' AND file:hashes.SHA1 = '4975de2be0a1f7202037f5a504d738fe512191b7' AND file:hashes.SHA256 = '4a74a9fd40b63218f7504f806fce71dffefc1b1d6ca4bbaadd720b6a89d47761']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-04-10T19:40:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6ab25fb7-8818-49cc-9ace-c227806fe342" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:50.000Z" ,
"modified" : "2019-04-10T19:40:50.000Z" ,
"pattern" : "[file:hashes.MD5 = '3021b9ef74c7bddf59656a035f94fd08' AND file:hashes.SHA1 = '05ad5f346d0282e43360965373eb2a8d39735137' AND file:hashes.SHA256 = '83228075a604e955d59edc760e4c4ed16eedabfc8f6ac291cf21b4fcbcd1f70a']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-04-10T19:40:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--27db0397-2a1b-429b-8bae-d0427d55c164" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:50.000Z" ,
"modified" : "2019-04-10T19:40:50.000Z" ,
"pattern" : "[file:hashes.MD5 = '61e3571b8d9b2e9ccfadc3dde10fb6e1' AND file:hashes.SHA1 = '55daa1fca210ebf66b1a1d2db1aa3373b06da680' AND file:hashes.SHA256 = '70034b33f59c6698403293cdc28676c7daa8c49031089efa6eefce41e22dccb3']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-04-10T19:40:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f431fcf2-94fe-495a-8fe2-f39c15e442f2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:50.000Z" ,
"modified" : "2019-04-10T19:40:50.000Z" ,
"pattern" : "[file:hashes.MD5 = '0893e206274cb98189d51a284c2a8c83' AND file:hashes.SHA1 = 'd1f4cf4250e7ba186c1d0c6d8876f5a644f457a4' AND file:hashes.SHA256 = 'cd5ff67ff773cc60c98c35f9e9d514b597cbd148789547ba152ba67bfc0fec8f']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-04-10T19:40:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--9379eade-cf5a-477a-a8b4-6eb2199c340b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:50.000Z" ,
"modified" : "2019-04-10T19:40:50.000Z" ,
"first_observed" : "2019-04-10T19:40:50Z" ,
"last_observed" : "2019-04-10T19:40:50Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--9379eade-cf5a-477a-a8b4-6eb2199c340b"
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"False\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--9379eade-cf5a-477a-a8b4-6eb2199c340b" ,
"hashes" : {
"MD5" : "c4103f122d27677c9db144cae1394a66" ,
"SHA-1" : "1489f923c4dca729178b3e3233458550d8dddf29" ,
"SHA-256" : "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7"
}
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--22effacf-e4e2-4e50-b638-8246fd0e093e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:15.000Z" ,
"modified" : "2019-04-12T09:38:15.000Z" ,
"first_observed" : "2019-04-12T09:38:15Z" ,
"last_observed" : "2019-04-12T09:38:15Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--22effacf-e4e2-4e50-b638-8246fd0e093e"
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"False\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--22effacf-e4e2-4e50-b638-8246fd0e093e" ,
"hashes" : {
"MD5" : "23e27e5482e3f55bf828dab885569033" ,
"SHA-1" : "139b25e1ae32a8768238935a8c878bfbe2f89ef4" ,
"SHA-256" : "05feed9762bc46b47a7dc5c469add9f163c16df4ddaafe81983a628da5714461" ,
"SHA-512" : "2c481ef42dfc9a7a30575293d09a6f81943e307836ec5b8a346354ab5832c15046dd4015a65201311e33f944763fc55dd44fbe390245be5be7a216026ecfb28b" ,
"SSDEEP" : "6144:YnDlYMzUvLFOL9wqk6+pqC8iooIBgajvQlm/Z0cp1:alYiXiooIKajvQeZ3"
} ,
"size" : 242688 ,
"name" : "23E27E5482E3F55BF828DAB885569033" ,
"x_misp_entropy" : "6.537337" ,
"x_misp_mimetype" : "PE32 executable (GUI) Intel 80386, for MS Windows"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:15.000Z" ,
"modified" : "2019-04-12T09:38:15.000Z" ,
"first_observed" : "2019-04-12T09:38:15Z" ,
"last_observed" : "2019-04-12T09:38:15Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9"
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"False\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9" ,
"hashes" : {
"MD5" : "5c3898ac7670da30cf0b22075f3e8ed6" ,
"SHA-1" : "91110c569a48b3ba92d771c5666a05781fdd6a57" ,
"SHA-256" : "2151c1977b4555a1761c12f151969f8e853e26c396fa1a7b74ccbaf3a48f4525" ,
"SHA-512" : "700ec4d923cf0090f4428ac3d4d205b551c3e48368cf90d37f9831d8a57e73c73eb507d1731662321c723362c9318c3f019716991073dc9a4cc829ce01540337" ,
"SSDEEP" : "3072:nKBzqEHcJw0sqz7vLFOLBAqui1mqLK1VaU9BzNRyHmdMaF0QqWN0Qjpthmu:nKg0cJ19z7vLFOLSqp0q7syHeFhnhm"
} ,
"size" : 221184 ,
"name" : "5C3898AC7670DA30CF0B22075F3E8ED6" ,
"x_misp_entropy" : "6.346504" ,
"x_misp_mimetype" : "PE32 executable (GUI) Intel 80386, for MS Windows"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--3dacf4c2-9dfc-46e4-8617-4786537e8ae8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:52.000Z" ,
"modified" : "2019-04-10T19:40:52.000Z" ,
"labels" : [
"misp:name=\"whois\"" ,
"misp:meta-category=\"network\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "text" ,
"value" : "inetnum: 197.211.208.0 - 197.211.215.255\nnetname: ZOL-16e-MOBILE-CUSTOMERS\ndescr: ZOL Customers on ZTE Mobile WiMAX Platform\ncountry: ZW\nadmin-c: BS10-AFRINIC\nadmin-c: GJ1-AFRINIC\nadmin-c: JHM1-AFRINIC\ntech-c: BS10-AFRINIC\ntech-c: GJ1-AFRINIC\ntech-c: JHM1-AFRINIC\nstatus: ASSIGNED PA\nmnt-by: LIQUID-TOL-MNT\nsource: AFRINIC # Filtered\nparent: 197.211.192.0 - 197.211.255.255\n\nperson: B Siwela\naddress: 3rd Floor Greenbridge South\naddress: Eastgate Center\naddress: R. Mugabe Road\naddress: Harare\naddress: Zimbabwe\nphone: +263774673452\nfax-no: +2634702375\nnic-hdl: BS10-AFRINIC\nmnt-by: GENERATED-DVCNVXWBH3VN3XZXTRPHOT0OJ77GUNN3-MNT\nsource: AFRINIC # Filtered\n\nperson: G Jaya\naddress: 3rd Floor Greenbridge South\naddress: Eastgate Center\naddress: R. Mugabe Road\naddress: Harare\naddress: Zimbabwe\nphone: +263773373135\nfax-no: +2634702375\nnic-hdl: GJ1-AFRINIC\nmnt-by: GENERATED-QPEEUIPPW1WPRZ5HLHRXAVHDOKWLC9UC-MNT\nsource: AFRINIC # Filtered\n\nperson: John H Mwangi\naddress: Liquid Telecom Kenya\naddress: P.O.Box 62499 - 00200\naddress: Nairobi Kenya\naddress: Nairobi, Kenya\naddress: Kenya\nphone: + 254 20 556 755" ,
"category" : "Other" ,
"uuid" : "82790198-9c25-4f4b-9a46-3b13150e6b81"
}
] ,
"x_misp_meta_category" : "network" ,
"x_misp_name" : "whois"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--fca17017-c7b9-4985-ae07-bf616a36f172" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:52.000Z" ,
"modified" : "2019-04-10T19:40:52.000Z" ,
"labels" : [
"misp:name=\"whois\"" ,
"misp:meta-category=\"network\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "text" ,
"value" : "inetnum: 181.39.135.120/29\nstatus: reallocated\nowner: Clientes Guayaquil\nownerid: EC-CLGU1-LACNIC\nresponsible: Tomislav Topic\naddress: Kennedy Norte Mz. 109 Solar 21, 5, Piso 2\naddress: 5934 - Guayaquil - GY\ncountry: EC\nphone: +593 4 2680555 [101]\nowner-c: SEL\ntech-c: SEL\nabuse-c: SEL\ncreated: 20160720\nchanged: 20160720\ninetnum-up: 181.39/16\n\nnic-hdl: SEL\nperson: Carlos Montero\ne-mail: networking@TELCONET.EC\naddress: Kennedy Norte MZ, 109, Solar 21\naddress: 59342 - Guayaquil - \ncountry: EC\nphone: +593 42680555 [4601]\ncreated: 20021004\nchanged: 20170323" ,
"category" : "Other" ,
"uuid" : "35e253e4-588e-4e66-b8bd-fe491f62b43c"
}
] ,
"x_misp_meta_category" : "network" ,
"x_misp_name" : "whois"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--16d9cbf2-43e4-4e6f-adf5-ec883d2e5091" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:52.000Z" ,
"modified" : "2019-04-10T19:40:52.000Z" ,
"labels" : [
"misp:name=\"whois\"" ,
"misp:meta-category=\"network\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "text" ,
"value" : "inetnum: 112.160.0.0 - 112.191.255.255\nnetname: KORNET\ndescr: Korea Telecom\nadmin-c: IM667-AP\ntech-c: IM667-AP\ncountry: KR\nstatus: ALLOCATED PORTABLE\nmnt-by: MNT-KRNIC-AP\nmnt-irt: IRT-KRNIC-KR\nlast-modified: 2017-02-03T02:21:58Z\nsource: APNIC\n\nirt: IRT-KRNIC-KR\naddress: Seocho-ro 398, Seocho-gu, Seoul, Korea\ne-mail: hostmaster@nic.or.kr\nabuse-mailbox: hostmaster@nic.or.kr\nadmin-c: IM574-AP\ntech-c: IM574-AP\nauth: # Filtered\nmnt-by: MNT-KRNIC-AP\nlast-modified: 2017-10-19T07:36:36Z\nsource: APNIC\n\nperson: IP Manager\naddress: Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro 90\ncountry: KR\nphone: +82-2-500-6630\ne-mail: kornet_ip@kt.com\nnic-hdl: IM667-AP\nmnt-by: MNT-KRNIC-AP\nlast-modified: 2017-03-28T06:37:04Z\nsource: APNIC" ,
"category" : "Other" ,
"uuid" : "45b63232-b1a0-4e64-ab06-b46e02bcb55a"
}
] ,
"x_misp_meta_category" : "network" ,
"x_misp_name" : "whois"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--2c63c35f-d552-4324-a60b-ecf98f7cfd99" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:52.000Z" ,
"modified" : "2019-04-10T19:40:52.000Z" ,
"labels" : [
"misp:name=\"whois\"" ,
"misp:meta-category=\"network\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "text" ,
"value" : "inetnum: 81.94.192.0 - 81.94.192.255\nnetname: IOMARTHOSTING\ndescr: iomart Hosting Limited\ncountry: GB\nadmin-c: RA1415-RIPE\ntech-c: RA1415-RIPE\nstatus: ASSIGNED PA\nremarks: ABUSE REPORTS: abuse@redstation.com\nmnt-by: REDSTATION-MNT\nmnt-domains: REDSTATION-MNT\nmnt-routes: REDSTATION-MNT\ncreated: 2016-02-14T11:44:25Z\nlast-modified: 2016-02-14T11:44:25Z\nsource: RIPE\n\nrole: Redstation Admin Role\naddress: Redstation Limited\naddress: 2 Frater Gate Business Park\naddress: Aerodrome Road\naddress: Gosport\naddress: Hampshire\naddress: PO13 0GW\naddress: UNITED KINGDOM\nabuse-mailbox: abuse@redstation.com\ne-mail: abuse@redstation.com\nnic-hdl: RA1415-RIPE\nmnt-by: REDSTATION-MNT\ncreated: 2005-04-22T17:34:33Z\nlast-modified: 2017-05-02T09:47:13Z\nsource: RIPE\n\n% Information related to '81.94.192.0/24AS20860'\n\nroute: 81.94.192.0/24\ndescr: Wayne Dalton - Redstation Ltd\norigin: AS20860\nmnt-by: GB10488-RIPE-MNT\ncreated: 2015-11-03T12:58:00Z\nlast-modified: 2015-11-03T12:58:00Z\nsource: RIPE" ,
"category" : "Other" ,
"uuid" : "e7ab133f-dd4d-47ae-9a68-6127ff4539ae"
}
] ,
"x_misp_meta_category" : "network" ,
"x_misp_name" : "whois"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:15.000Z" ,
"modified" : "2019-04-12T09:38:15.000Z" ,
"first_observed" : "2019-04-12T09:38:15Z" ,
"last_observed" : "2019-04-12T09:38:15Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--f7d0f16d-6367-4770-ae6e-db03c68a82ca"
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"False\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--f7d0f16d-6367-4770-ae6e-db03c68a82ca" ,
"hashes" : {
"MD5" : "ae829f55db0198a0a36b227addcdeeff" ,
"SHA-1" : "04833210fa57ea70a209520f4f2a99d049e537f2" ,
"SHA-256" : "70902623c9cd0cccc8513850072b70732d02c266c7b7e96d2d5b2ed4f5edc289" ,
"SHA-512" : "1b4509102ac734ce310b6f8631b1bedd772a38582b4feda9fee09f1edd096006cf5ba528435c844effa97f95984b07bd2c111aa480bb22f4bcfbc751f069868d" ,
"SSDEEP" : "3:ElclFUl8GlFcmzkXIil23X1ll:ElcUXmQkXQ3"
} ,
"size" : 1171 ,
"name" : "udbcgiut.dat" ,
"x_misp_entropy" : "0.395693" ,
"x_misp_mimetype" : "data"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--e245ed73-c585-4e0b-9190-38647d7f215d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:15.000Z" ,
"modified" : "2019-04-12T09:38:15.000Z" ,
"first_observed" : "2019-04-12T09:38:15Z" ,
"last_observed" : "2019-04-12T09:38:15Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--e245ed73-c585-4e0b-9190-38647d7f215d"
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"False\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--e245ed73-c585-4e0b-9190-38647d7f215d" ,
"hashes" : {
"MD5" : "c5dc53a540abe95e02008a04a0d56d6c" ,
"SHA-1" : "4cfe9e353b1a91a2add627873846a3ad912ea96b" ,
"SHA-256" : "4c372df691fc699552f81c3d3937729f1dde2a2393f36c92ccc2bd2a033a0818" ,
"SHA-512" : "fc33c99facfbc98d164e63167353bdcff7c1704810e4bb64f7e56812412d84099b224086c04aea66e321cd546d8cf6f14196f5b58d5e931c68064d659c33b6a2" ,
"SSDEEP" : "6144:LA5cWD93YuzTvLFOLoqbWbnuX7ZEAV6efA/Pawzq:Xc93YbLZEAV6mX"
} ,
"size" : 241152 ,
"name" : "C5DC53A540ABE95E02008A04A0D56D6C" ,
"x_misp_entropy" : "6.534884" ,
"x_misp_mimetype" : "PE32 executable (GUI) Intel 80386, for MS Windows"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--ebf0b816-7fdf-425a-8298-134f91e7cdf2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:15.000Z" ,
"modified" : "2019-04-12T09:38:15.000Z" ,
"first_observed" : "2019-04-12T09:38:15Z" ,
"last_observed" : "2019-04-12T09:38:15Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--ebf0b816-7fdf-425a-8298-134f91e7cdf2"
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"False\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--ebf0b816-7fdf-425a-8298-134f91e7cdf2" ,
"hashes" : {
"MD5" : "be588cd29b9dc6f8cfc4d0aa5e5c79aa" ,
"SHA-1" : "06be4fe1f26bc3e4bef057ec83ae81bd3199c7fc" ,
"SHA-256" : "ddea408e178f0412ae78ff5d5adf2439251f68cad4fd853ee466a3c74649642d" ,
"SHA-512" : "c074ec876350b3ee3f82208041152c0ecf25cc8600c8277eec389c253c12372e78da59182a6df8331b05e0eefb07c142172951115a582606f68b824e1d48f30d" ,
"SSDEEP" : "6144:UEFpmt3md/iA3uiyzOvLFOLYqnHGZlDwf/OYy85eqmJKRPg:/PQ3mJxeigqi/OYy+/g"
} ,
"size" : 267776 ,
"name" : "BE588CD29B9DC6F8CFC4D0AA5E5C79AA" ,
"x_misp_entropy" : "6.554499" ,
"x_misp_mimetype" : "PE32 executable (GUI) Intel 80386, for MS Windows"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--26db93d0-b8c2-48c0-9068-e8ddce10b2ac" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:55.000Z" ,
"modified" : "2019-04-10T19:40:55.000Z" ,
"labels" : [
"misp:name=\"whois\"" ,
"misp:meta-category=\"network\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "text" ,
"value" : "Domain name:\n redstation.net.uk\n\n Registrant:\n Redstation Limited\n\n Registrant type:\n UK Limited Company, (Company number: 3590745)\n\n Registrant's address:\n 2 Frater Gate Business Park\n Aerodrome Road\n Gosport\n Hampshire\n PO13 0GW\n United Kingdom\n\n Data validation:\n Nominet was able to match the registrant's name and address against a 3rd party data source on 21-Feb-2017\n\n Registrar:\n Easyspace Ltd [Tag = EASYSPACE]\n URL: https://www.easyspace.com/domain-names/extensions/uk\n\n Relevant dates:\n Registered on: 11-Apr-2005\n Expiry date: 11-Apr-2019\n Last updated: 12-Apr-2017\n\n Registration status:\n Registered until expiry date.\n\n Name servers:\n ns1.redstation.com\n ns2.redstation.com" ,
"category" : "Other" ,
"uuid" : "4e134e95-f503-4166-8d49-a60a39733d96"
}
] ,
"x_misp_meta_category" : "network" ,
"x_misp_name" : "whois"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--6c10ee1b-a1c9-414d-92cc-8574decc8af4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:16.000Z" ,
"modified" : "2019-04-12T09:38:16.000Z" ,
"first_observed" : "2019-04-12T09:38:16Z" ,
"last_observed" : "2019-04-12T09:38:16Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--6c10ee1b-a1c9-414d-92cc-8574decc8af4"
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"False\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--6c10ee1b-a1c9-414d-92cc-8574decc8af4" ,
"hashes" : {
"MD5" : "868036e102df4ce414b0e6700825b319" ,
"SHA-1" : "7f1e68d78e455aa14de9020abd2293c3b8ec6cf8" ,
"SHA-256" : "12480585e08855109c5972e85d99cda7701fe992bc1754f1a0736f1eebcb004d" ,
"SHA-512" : "724d83493dbe86cfcee7f655272d2c733baa5470d7da986e956c789aa1b8f518ad94b575e655b4fe5f6f7d426b9aa7d8304fc879b82a385142b8924e0d454363" ,
"SSDEEP" : "12288:eb/3G8vg+Rg1cvAHtE0MLa07rt5POui6z:+/3G8vg+pvi9Sa07rt4ui6z"
} ,
"size" : 453791 ,
"name" : "868036E102DF4CE414B0E6700825B319" ,
"x_misp_entropy" : "7.713852" ,
"x_misp_mimetype" : "PE32+ executable (GUI) x86-64, for MS Windows"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:16.000Z" ,
"modified" : "2019-04-12T09:38:16.000Z" ,
"first_observed" : "2019-04-12T09:38:16Z" ,
"last_observed" : "2019-04-12T09:38:16Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--02f5bf02-c1ac-4142-be6b-978554a19a90"
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"False\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--02f5bf02-c1ac-4142-be6b-978554a19a90" ,
"hashes" : {
"MD5" : "dc268b166fe4c1d1c8595dccf857c476" ,
"SHA-1" : "8264556c8a6e460760dc6bb72ecc6f0f966a16b8" ,
"SHA-256" : "49757cf85657757704656c079785c072bbc233cab942418d99d1f63d43f28359" ,
"SHA-512" : "b47c4caa0b5c17c982fcd040c7171d36ec962fe32e9b8bec567ee14b187507fe90e026aa05eec17d36c49a924eeaed55e66c95a111cfa9dcae0e305ab9515cac" ,
"SSDEEP" : "6144:jfsTC8amAXJeZP6BPjIDeLkigDxcvAHjVXjhtBGshMLa1Mj7rtlkiP60dwtudIye:jvg+Rg1cvAHtE0MLa07rt5POui6"
} ,
"size" : 391680 ,
"name" : "rdpproto.dll" ,
"x_misp_entropy" : "7.893665" ,
"x_misp_mimetype" : "PE32+ executable (DLL) (console) x86-64, for MS Windows"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--5e26a8e6-9554-46b4-9b95-e31d69198ea6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:57.000Z" ,
"modified" : "2019-04-10T19:40:57.000Z" ,
"labels" : [
"misp:name=\"whois\"" ,
"misp:meta-category=\"network\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "text" ,
"value" : "NetRange: 21.0.0.0 - 21.255.255.255\nCIDR: 21.0.0.0/8\nNetName: DNIC-SNET-021\nNetHandle: NET-21-0-0-0-1\nParent: ()\nNetType: Direct Allocation\nOriginAS: \nOrganization: DoD Network Information Center (DNIC)\nRegDate: 1991-06-30\nUpdated: 2009-06-19\nRef: https://whois.arin.net/rest/net/NET-21-0-0-0-1\n\n\nOrgName: DoD Network Information Center\nOrgId: DNIC\nAddress: 3990 E. Broad Street\nCity: Columbus\nStateProv: OH\nPostalCode: 43218\nCountry: US\nRegDate: \nUpdated: 2011-08-17\nRef: https://whois.arin.net/rest/org/DNIC" ,
"category" : "Other" ,
"uuid" : "06c3dfcd-ff56-433f-b0c4-f0d3f9267690"
}
] ,
"x_misp_meta_category" : "network" ,
"x_misp_name" : "whois"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--f08a32dc-ddbc-4164-8f6d-a564d7a7e31c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:57.000Z" ,
"modified" : "2019-04-10T19:40:57.000Z" ,
"labels" : [
"misp:name=\"whois\"" ,
"misp:meta-category=\"network\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "text" ,
"value" : "Domain Name: AMERITECH.NET\n Registry Domain ID: 81816_DOMAIN_NET-VRSN\n Registrar WHOIS Server: whois.corporatedomains.com\n Registrar URL: http://www.cscglobal.com/global/web/csc/digital-brand-services.html\n Updated Date: 2017-06-09T05:27:34Z\n Creation Date: 1996-06-14T04:00:00Z\n Registry Expiry Date: 2018-06-13T04:00:00Z\n Registrar: CSC Corporate Domains, Inc.\n Registrar IANA ID: 299\n Registrar Abuse Contact Email: domainabuse@cscglobal.com\n Registrar Abuse Contact Phone: 8887802723\n Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited\n Name Server: NS1.ATTDNS.COM\n Name Server: NS2.ATTDNS.COM\n Name Server: NS3.ATTDNS.COM\n Name Server: NS4.ATTDNS.COM\n DNSSEC: unsigned\n\nDomain Name: ameritech.net\nRegistry Domain ID: 81816_DOMAIN_NET-VRSN\nRegistrar WHOIS Server: whois.corporatedomains.com\nRegistrar URL: www.cscprotectsbrands.com\nUpdated Date: 2017-06-09T05:27:34Z\nCreation Date: 1996-06-14T04:00:00Z\nRegistrar Registration Expiration Date: 2018-06-13T04:00:00Z\nRegistrar: CSC CORPORATE DOMAINS, INC.\nRegistrar IANA ID: 299\nRegistrar Abuse Contact Email: domainabuse@cscglobal.com\nRegistrar Abuse Contact Phone: +1.8887802723\nDomain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited\nRegistry Registrant ID: \nRegistrant Name: Domain Administrator\nRegistrant Organization: AT&T SERVICES, INC.\nRegistrant Street: 801 Chestnut Street\nRegistrant City: Saint Louis\nRegistrant State/Province: MO\nRegistrant Postal Code: 63101\nRegistrant Country: US\nRegistrant Phone: +1.3142358168\nRegistrant Phone Ext: \nRegistrant Fax: +1.3142358168\nRegistrant Fax Ext: \nRegistrant Email: att-domains@att.com\nRegistry Admin ID: \nAdmin Name: Domain Administrator\nAdmin Organization: AT&T SERVICES, INC.\nAdmin Street: 801 Chestnut Street\nAdmin City: Saint Louis\nAdmin State/Province: MO\nAdmin Postal Code: 63101\nAdmin Country: US\nAdmin Phone: +1.3142358168\nAdmin Phone Ext: \nAdmin Fax: +1.3142358168\nAdmin Fax Ext: \nAdmin Email: att-domains@att.com\nRegistry Tech ID: \nTech Name: Domain Administrator\nTech Organization: AT&T SERVICES, INC.\nTech Street: 801 Chestnut Street\nTech City: Saint Louis\nTech State/Province: MO\nTech Postal Code: 63101\nTech Country: US\nTech Phone: +1.3142358168\nTech Phone Ext: \nTech Fax: +1.3142358168\nTech Fax Ext: \nTech Email: att-domains@att.com\nName Server: ns3.attdns.com\nName Server: ns1.attdns.com\nName Server: ns2.attdns.com\nName Server: ns4.attdns.com\nDNSSEC: unsigned" ,
"category" : "Other" ,
"uuid" : "d29145ee-e6d4-42f3-a004-5fd763446416"
}
] ,
"x_misp_meta_category" : "network" ,
"x_misp_name" : "whois"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--6e01219a-94b3-47e9-86c4-7f770ccb0fbb" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:57.000Z" ,
"modified" : "2019-04-10T19:40:57.000Z" ,
"labels" : [
"misp:name=\"whois\"" ,
"misp:meta-category=\"network\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "text" ,
"value" : "inetnum: 113.112.0.0 - 113.119.255.255\nnetname: CHINANET-GD\ndescr: CHINANET Guangdong province network\ndescr: Data Communication Division\ndescr: China Telecom\ncountry: CN\nadmin-c: CH93-AP\ntech-c: IC83-AP\nremarks: service provider\nstatus: ALLOCATED PORTABLE\nmnt-by: APNIC-HM\nmnt-lower: MAINT-CHINANET-GD\nmnt-routes: MAINT-CHINANET-GD\nlast-modified: 2016-05-04T00:15:17Z\nsource: APNIC\nmnt-irt: IRT-CHINANET-CN\n\nirt: IRT-CHINANET-CN\naddress: No.31 ,jingrong street,beijing\naddress: 100032\ne-mail: anti-spam@ns.chinanet.cn.net\nabuse-mailbox: anti-spam@ns.chinanet.cn.net\nadmin-c: CH93-AP\ntech-c: CH93-AP\nauth: # Filtered\nmnt-by: MAINT-CHINANET\nlast-modified: 2010-11-15T00:31:55Z\nsource: APNIC\n\nperson: Chinanet Hostmaster\nnic-hdl: CH93-AP\ne-mail: anti-spam@ns.chinanet.cn.net\naddress: No.31 ,jingrong street,beijing\naddress: 100032\nphone: +86-10-58501724\nfax-no: +86-10-58501724\ncountry: CN\nmnt-by: MAINT-CHINANET\nlast-modified: 2014-02-27T03:37:38Z\nsource: APNIC\n\nperson: IPMASTER CHINANET-GD\nnic-hdl: IC83-AP\ne-mail: gdnoc_HLWI@189.cn\naddress: NO.18,RO. ZHONGSHANER,YUEXIU DISTRIC,GUANGZHOU\nphone: +86-20-87189274\nfax-no: +86-20-87189274\ncountry: CN\nmnt-by: MAINT-CHINANET-GD\nremarks: IPMASTER is not for spam complaint,please send spam complaint to abuse_gdnoc@189.cn\nabuse-mailbox: antispam_gdnoc@189.cn\nlast-modified: 2014-09-22T04:41:26Z\nsource: APNIC" ,
"category" : "Other" ,
"uuid" : "3c6983a5-708a-4dd9-ac00-19a783aeaf1b"
}
] ,
"x_misp_meta_category" : "network" ,
"x_misp_name" : "whois"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--d3914c3e-70f1-4dc8-9748-009b973cacc2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:57.000Z" ,
"modified" : "2019-04-10T19:40:57.000Z" ,
"labels" : [
"misp:name=\"whois\"" ,
"misp:meta-category=\"network\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "text" ,
"value" : "Domain Name: FRONTIERNET.NET\n Registry Domain ID: 4305589_DOMAIN_NET-VRSN\n Registrar WHOIS Server: whois.register.com\n Registrar URL: http://www.register.com\n Updated Date: 2017-09-14T07:53:05Z\n Creation Date: 1995-10-14T04:00:00Z\n Registry Expiry Date: 2018-10-13T04:00:00Z\n Registrar: Register.com, Inc.\n Registrar IANA ID: 9\n Registrar Abuse Contact Email: abuse@web.com\n Registrar Abuse Contact Phone: +1.8003337680\n Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited\n Name Server: AUTH.DLLS.PA.FRONTIERNET.NET\n Name Server: AUTH.FRONTIERNET.NET\n Name Server: AUTH.LKVL.MN.FRONTIERNET.NET\n Name Server: AUTH.ROCH.NY.FRONTIERNET.NET\n DNSSEC: unsigned\n\nDomain Name: FRONTIERNET.NET\nRegistry Domain ID: 4305589_DOMAIN_NET-VRSN\nRegistrar WHOIS Server: whois.register.com\nRegistrar URL: www.register.com\nUpdated Date: 2017-09-14T00:53:05.00Z\nCreation Date: 1995-10-14T04:00:00.00Z\nRegistrar Registration Expiration Date: 2018-10-13T04:00:00.00Z\nRegistrar: REGISTER.COM, INC.\nRegistrar IANA ID: 9\nDomain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited\nRegistry Registrant ID: \nRegistrant Name: FRONTIERNET HOSTMASTER\nRegistrant Organization: \nRegistrant Street: 95 N. FITZHUGH ST.\nRegistrant City: ROCHESTER\nRegistrant State/Province: NY\nRegistrant Postal Code: 14614-1212\nRegistrant Country: US\nRegistrant Phone: +1.8664747662\nRegistrant Phone Ext: \nRegistrant Fax: \nRegistrant Fax Ext:\nRegistrant Email: HOSTMASTER@FRONTIERNET.NET\nRegistry Admin ID: \nAdmin Name: FRONTIERNET HOSTMASTER\nAdmin Organization: \nAdmin Street: 95 N. FITZHUGH ST.\nAdmin City: ROCHESTER\nAdmin State/Province: NY\nAdmin Postal Code: 14614-1212\nAdmin Country: US\nAdmin Phone: +1.8664747662\nAdmin Phone Ext: \nAdmin Fax: \nAdmin Fax Ext:\nAdmin Email: HOSTMASTER@FRONTIERNET.NET\nRegistry Tech ID: \nTech Name: FRONTIERNET HOSTMASTER\nTech Organization: \nTech Street: 95 N. FITZHUGH ST.\nTech City: ROCHESTER\nTech State/Province: NY\nTech Postal Code: 14614-1212\nTech Country: US\nTech Phone: +1.8664747662\nTech Phone Ext: \nTech Fax: \nTech Fax Ext: \nTech Email: HOSTMASTER@FRONTIERNET.NET\nName Server: AUTH.DLLS.PA.FRONTIERNET.NET\nName Server: AUTH.FRONTIERNET.NET\nName Server: AUTH.LKVL.MN.FRONTIERNET.NET\nName Server: AUTH.ROCH.NY.FRONTIERNET.NET\nDNSSEC: unSigned" ,
"category" : "Other" ,
"uuid" : "f4d8f03d-4796-49d5-858b-9e3ae235dc64"
}
] ,
"x_misp_meta_category" : "network" ,
"x_misp_name" : "whois"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--b5d6f570-a5ec-4760-8d47-ae9c8d2533b6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:57.000Z" ,
"modified" : "2019-04-10T19:40:57.000Z" ,
"labels" : [
"misp:name=\"whois\"" ,
"misp:meta-category=\"network\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "text" ,
"value" : "Domain Name: NEXTGENTEL.COM\n Registry Domain ID: 13395561_DOMAIN_COM-VRSN\n Registrar WHOIS Server: whois.domaininfo.com\n Registrar URL: http://www.ports.domains\n Updated Date: 2017-11-10T23:44:50Z\n Creation Date: 1999-11-17T15:47:51Z\n Registry Expiry Date: 2018-11-17T15:47:51Z\n Registrar: Ports Group AB\n Registrar IANA ID: 73\n Registrar Abuse Contact Email: abuse@portsgroup.se\n Registrar Abuse Contact Phone: +46.707260017\n Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited\n Name Server: ANYADNS1.NEXTGENTEL.NET\n Name Server: ANYADNS2.NEXTGENTEL.NET\n DNSSEC: unsigned\n\nDomain Name: nextgentel.com\nRegistry Domain ID: 13395561_DOMAIN_COM-VRSN\nRegistrar WHOIS Server: whois.domaininfo.com\nRegistrar URL: ports.domains\nUpdated Date: 2017-11-10T23:44:50Z\nCreation Date: 1999-11-17T15:47:51Z\nRegistrar Registration Expiration Date: 2018-11-17T15:47:51Z\nRegistrar: PortsGroup AB\nRegistrar IANA ID: 73\nRegistrar Abuse Contact Email: abuse@portsgroup.se\nRegistrar Abuse Contact Phone: +46.317202000\nDomain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited\nRegistry Registrant ID: \nRegistrant Name: Hostmaster\nRegistrant Organization: NextGenTel AS\nRegistrant Street: Sandslimarka 31\nRegistrant City: SANDSLI\nRegistrant State/Province: \nRegistrant Postal Code: 5254\nRegistrant Country: NO\nRegistrant Phone: +47.55527900\nRegistrant Fax: +47.55527910\nRegistrant Email: hostmaster@nextgentel.com\nRegistry Admin ID: \nAdmin Name: Hostmaster\nAdmin Organization: NextGenTel AS\nAdmin Street: Sandslimarka 31\nAdmin City: Sandsli\nAdmin State/Province: \nAdmin Postal Code: 5254\nAdmin Country: NO\nAdmin Phone: +47.55527900\nAdmin Fax: +47.55527910\nAdmin Email: hostmaster@nextgentel.com\nRegistry Tech ID: \nTech Name: Hostmaster v/ Eivind Olsen\nTech Organization: NextGenTel AS\nTech Street: Postboks 3 Sandsli\nTech City: Bergen\nTech State/Province: \nTech Postal Code: 5861\nTech Country: NO\nTech Phone: +47.41649322\nTech Fax: +47.55527910\nTech Email: hostmaster@nextgentel.com\nName Server: ANYADNS1.NEXTGENTEL.NET\nName Server: ANYADNS2.NEXTGENTEL.NET\nDNSSEC: unsigned" ,
"category" : "Other" ,
"uuid" : "43efc76a-063e-402f-95b1-adda61922cc1"
}
] ,
"x_misp_meta_category" : "network" ,
"x_misp_name" : "whois"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--2ba66826-3848-41e9-a0b0-18433680ff80" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:57.000Z" ,
"modified" : "2019-04-10T19:40:57.000Z" ,
"labels" : [
"misp:name=\"whois\"" ,
"misp:meta-category=\"network\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "text" ,
"value" : "NetRange: 26.0.0.0 - 26.255.255.255\nCIDR: 26.0.0.0/8\nNetName: DISANET26\nNetHandle: NET-26-0-0-0-1\nParent: ()\nNetType: Direct Allocation\nOriginAS: \nOrganization: DoD Network Information Center (DNIC)\nRegDate: 1995-04-30\nUpdated: 2009-06-19\nRef: https://whois.arin.net/rest/net/NET-26-0-0-0-1\n\n\nOrgName: DoD Network Information Center\nOrgId: DNIC\nAddress: 3990 E. Broad Street\nCity: Columbus\nStateProv: OH\nPostalCode: 43218\nCountry: US\nRegDate: \nUpdated: 2011-08-17\nRef: https://whois.arin.net/rest/org/DNIC\n\n\nOrgTechHandle: MIL-HSTMST-ARIN\nOrgTechName: Network DoD\nOrgTechPhone: +1-844-347-2457 \nOrgTechEmail: disa.columbus.ns.mbx.hostmaster-dod-nic@mail.mil\nOrgTechRef: https://whois.arin.net/rest/poc/MIL-HSTMST-ARIN\n\nOrgAbuseHandle: REGIS10-ARIN\nOrgAbuseName: Registration\nOrgAbusePhone: +1-844-347-2457 \nOrgAbuseEmail: disa.columbus.ns.mbx.arin-registrations@mail.mil\nOrgAbuseRef: https://whois.arin.net/rest/poc/REGIS10-ARIN\n\nOrgTechHandle: REGIS10-ARIN\nOrgTechName: Registration\nOrgTechPhone: +1-844-347-2457 \nOrgTechEmail: disa.columbus.ns.mbx.arin-registrations@mail.mil\nOrgTechRef: https://whois.arin.net/rest/poc/REGIS10-ARIN" ,
"category" : "Other" ,
"uuid" : "7f7c6c2b-9522-48cb-8251-4ebdc47299a4"
}
] ,
"x_misp_meta_category" : "network" ,
"x_misp_name" : "whois"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--955a399e-186e-4973-b937-eac9a78c3caa" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:57.000Z" ,
"modified" : "2019-04-10T19:40:57.000Z" ,
"labels" : [
"misp:name=\"whois\"" ,
"misp:meta-category=\"network\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "text" ,
"value" : "NetRange: 137.139.0.0 - 137.139.255.255\nCIDR: 137.139.0.0/16\nNetName: SUC-OLDWEST\nNetHandle: NET-137-139-0-0-1\nParent: NET137 (NET-137-0-0-0-0)\nNetType: Direct Assignment\nOriginAS: \nOrganization: SUNY College at Old Westbury (SCAOW)\nRegDate: 1989-11-29\nUpdated: 2014-02-18\nRef: https://whois.arin.net/rest/net/NET-137-139-0-0-1\n\n\nOrgName: SUNY College at Old Westbury\nOrgId: SCAOW\nAddress: 223 Store Hill Road\nCity: Old Westbury\nStateProv: NY\nPostalCode: 11568\nCountry: US\nRegDate: 1989-11-29\nUpdated: 2011-09-24\nRef: https://whois.arin.net/rest/org/SCAOW\n\n\nOrgTechHandle: SUNYO-ARIN\nOrgTechName: SUNYOWNOC\nOrgTechPhone: +1-516-876-3379 \nOrgTechEmail: sunyownoc@oldwestbury.edu\nOrgTechRef: https://whois.arin.net/rest/poc/SUNYO-ARIN\n\nOrgAbuseHandle: SUNYO-ARIN\nOrgAbuseName: SUNYOWNOC\nOrgAbusePhone: +1-516-876-3379 \nOrgAbuseEmail: sunyownoc@oldwestbury.edu\nOrgAbuseRef: https://whois.arin.net/rest/poc/SUNYO-ARIN\n\nRAbuseHandle: SUNYO-ARIN\nRAbuseName: SUNYOWNOC\nRAbusePhone: +1-516-876-3379 \nRAbuseEmail: sunyownoc@oldwestbury.edu\nRAbuseRef: https://whois.arin.net/rest/poc/SUNYO-ARIN\n\nRTechHandle: SUNYO-ARIN\nRTechName: SUNYOWNOC\nRTechPhone: +1-516-876-3379 \nRTechEmail: sunyownoc@oldwestbury.edu\nRTechRef: https://whois.arin.net/rest/poc/SUNYO-ARIN\n\nRNOCHandle: SUNYO-ARIN\nRNOCName: SUNYOWNOC\nRNOCPhone: +1-516-876-3379 \nRNOCEmail: sunyownoc@oldwestbury.edu\nRNOCRef: https://whois.arin.net/rest/poc/SUNYO-ARIN" ,
"category" : "Other" ,
"uuid" : "7f35fda5-8e4e-4ce1-b8ee-8b13d75f5361"
}
] ,
"x_misp_meta_category" : "network" ,
"x_misp_name" : "whois"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--a5e80ae2-c3ea-4d96-ae64-9e67bb8823b8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:57.000Z" ,
"modified" : "2019-04-10T19:40:57.000Z" ,
"labels" : [
"misp:name=\"whois\"" ,
"misp:meta-category=\"network\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "text" ,
"value" : "Domain Name: CHARTER.COM\n Registry Domain ID: 340223_DOMAIN_COM-VRSN\n Registrar WHOIS Server: whois.markmonitor.com\n Registrar URL: http://www.markmonitor.com\n Updated Date: 2017-07-03T04:22:18Z\n Creation Date: 1994-07-30T04:00:00Z\n Registry Expiry Date: 2019-07-29T04:00:00Z\n Registrar: MarkMonitor Inc.\n Registrar IANA ID: 292\n Registrar Abuse Contact Email: abusecomplaints@markmonitor.com\n Registrar Abuse Contact Phone: +1.2083895740\n Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited\n Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited\n Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited\n Name Server: NS1.CHARTER.COM\n Name Server: NS2.CHARTER.COM\n Name Server: NS3.CHARTER.COM\n Name Server: NS4.CHARTER.COM\n DNSSEC: unsigned\n\nDomain Name: charter.com\nRegistry Domain ID: 340223_DOMAIN_COM-VRSN\nRegistrar WHOIS Server: whois.markmonitor.com\nRegistrar URL: http://www.markmonitor.com\nUpdated Date: 2017-12-18T04:00:14-0800\nCreation Date: 1994-07-29T21:00:00-0700\nRegistrar Registration Expiration Date: 2019-07-28T21:00:00-0700\nRegistrar: MarkMonitor, Inc.\nRegistrar IANA ID: 292\nRegistrar Abuse Contact Email: abusecomplaints@markmonitor.com\nRegistrar Abuse Contact Phone: +1.2083895740\nDomain Status: clientUpdateProhibited (https://www.icann.org/epp#clientUpdateProhibited)\nDomain Status: clientTransferProhibited (https://www.icann.org/epp#clientTransferProhibited)\nDomain Status: clientDeleteProhibited (https://www.icann.org/epp#clientDeleteProhibited)\nRegistry Registrant ID: \nRegistrant Name: Domain Admin\nRegistrant Organization: Charter Communications Operating, LLC\nRegistrant Street: 12405 Powerscourt Drive, \nRegistrant City: Saint Louis\nRegistrant State/Province: MO\nRegistrant Postal Code: 63131\nRegistrant Country: US\nRegistrant Phone: +1.3149650555\nRegistrant Phone Ext: \nRegistrant Fax: +1.9064010617\nRegistrant Fax Ext: \nRegistrant Email: hostmaster@charter.com\nRegistry Admin ID: \nAdmin Name: Domain Admin\nAdmin Organization: Charter Communications Operating, LLC\nAdmin Street: 12405 Powerscourt Drive, \nAdmin City: Saint Louis\nAdmin State/Province: MO\nAdmin Postal Code: 63131\nAdmin Country: US\nAdmin Phone: +1.3149650555\nAdmin Phone Ext: \nAdmin Fax: +1.9064010617\nAdmin Fax Ext: \nAdmin Email: hostmaster@charter.com\nRegistry Tech ID: \nTech Name: Charter Communications Internet Security and Abuse\nTech Organization: Charter Communications Operating, LLC\nTech Street: 12405 Powerscourt Drive, \nTech City: Saint Louis\nTech State/Province: MO\nTech Postal Code: 63131\nTech Country: US\nTech Phone: +1.3142883111\nTech Phone Ext: \nTech Fax: +1.3149090609\nTech Fax Ext: \nTech Email: abuse@charter.net\nName Server: ns4.charter.com\nName Server: ns3.charter.com\nName Server: ns1.charter.com\nName Server: ns2.charter.com\nDNSSEC: unsigned" ,
"category" : "Other" ,
"uuid" : "8d02a0d2-c5f2-4f89-83fc-fd5998ef9bc4"
}
] ,
"x_misp_meta_category" : "network" ,
"x_misp_name" : "whois"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--476563e7-aac9-4a76-b8d8-c33020d34baf" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:57.000Z" ,
"modified" : "2019-04-10T19:40:57.000Z" ,
"labels" : [
"misp:name=\"whois\"" ,
"misp:meta-category=\"network\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "text" ,
"value" : "Domain Name: UCI.EDU\n\nRegistrant:\n University of California, Irvine\n 6366 Ayala Science Library\n Irvine, CA 92697-1175\n UNITED STATES\n\nAdministrative Contact:\n Con Wieland\n University of California, Irvine\n Office of Information Technology\n 6366 Ayala Science Library\n Irvine, CA 92697-1175\n UNITED STATES\n (949) 824-2222\n oit-nsp@uci.edu\n\nTechnical Contact:\n Con Wieland\n University of California, Irvine\n Office of Information Technology\n 6366 Ayala Science Library\n Irvine, CA 92697-1175\n UNITED STATES\n (949) 824-2222\n oit-nsp@uci.edu\n\nName Servers: \n NS4.SERVICE.UCI.EDU 128.200.59.190\n NS5.SERVICE.UCI.EDU 52.26.131.47\n\nDomain record activated: 30-Sep-1985\nDomain record last updated: 07-Jul-2016\nDomain expires: 31-Jul-2018" ,
"category" : "Other" ,
"uuid" : "29d96991-79d7-4b7d-a669-091ccc08a7cd"
}
] ,
"x_misp_meta_category" : "network" ,
"x_misp_name" : "whois"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--5053da1b-c011-42ca-b739-3cf3d1a9e05e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:58.000Z" ,
"modified" : "2019-04-10T19:40:58.000Z" ,
"labels" : [
"misp:name=\"whois\"" ,
"misp:meta-category=\"network\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "text" ,
"value" : "inetnum: 186.168/15\nstatus: allocated\naut-num: N/A\nowner: COLOMBIA TELECOMUNICACIONES S.A. ESP\nownerid: CO-CTSE-LACNIC\nresponsible: Administradores Internet\naddress: Transversal 60, 114, A 55\naddress: N - BOGOTA - Cu\ncountry: CO\nphone: +57 1 5339833 []\nowner-c: CTE7\ntech-c: CTE7\nabuse-c: CTE7\ninetrev: 186.169/16\nnserver: DNS5.TELECOM.COM.CO \nnsstat: 20171220 AA\nnslastaa: 20171220\nnserver: DNS.TELECOM.COM.CO \nnsstat: 20171220 AA\nnslastaa: 20171220\ncreated: 20110404\nchanged: 20141111\n\nnic-hdl: CTE7\nperson: Grupo de Administradores Internet\ne-mail: admin.internet@TELECOM.COM.CO\naddress: Transversal, 60, 114 A, 55\naddress: 571111 - BOGOTA DC - CU\ncountry: CO\nphone: +57 1 7050000 [71360]\ncreated: 20140220\nchanged: 20140220" ,
"category" : "Other" ,
"uuid" : "eb87ff45-c8bd-4a00-943a-933c59fd836b"
}
] ,
"x_misp_meta_category" : "network" ,
"x_misp_name" : "whois"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:16.000Z" ,
"modified" : "2019-04-12T09:38:16.000Z" ,
"first_observed" : "2019-04-12T09:38:16Z" ,
"last_observed" : "2019-04-12T09:38:16Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--d090d7bd-5ff5-4f00-be49-c6d7436144d2"
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"False\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--d090d7bd-5ff5-4f00-be49-c6d7436144d2" ,
"hashes" : {
"MD5" : "42682d4a78fe5c2eda988185a344637d" ,
"SHA-1" : "4975de2be0a1f7202037f5a504d738fe512191b7" ,
"SHA-256" : "4a74a9fd40b63218f7504f806fce71dffefc1b1d6ca4bbaadd720b6a89d47761" ,
"SHA-512" : "213e4a0afbfac0bd884ab262ac87aee7d9a175cff56ba11aa4c75a4feb6a96c5e4e2c26adbe765f637c783df7552a56e4781a3b17be5fda2cf7894e58eb873ec" ,
"SSDEEP" : "6144:nCgsFAkxS1rrtZQXTip12P04nTnvze6lxjWV346vze6lpjWV34Evze6lSjWV34a7:nCgsukxS1vtZ+5nvze6lxjWV346vze6N"
} ,
"size" : 346624 ,
"name" : "42682D4A78FE5C2EDA988185A344637D" ,
"x_misp_entropy" : "6.10281" ,
"x_misp_mimetype" : "PE32+ executable (DLL) (console) x86-64, for MS Windows"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--454b39cf-332b-4236-8015-6d343c883f40" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:16.000Z" ,
"modified" : "2019-04-12T09:38:16.000Z" ,
"first_observed" : "2019-04-12T09:38:16Z" ,
"last_observed" : "2019-04-12T09:38:16Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--454b39cf-332b-4236-8015-6d343c883f40"
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"False\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--454b39cf-332b-4236-8015-6d343c883f40" ,
"hashes" : {
"MD5" : "3021b9ef74c7bddf59656a035f94fd08" ,
"SHA-1" : "05ad5f346d0282e43360965373eb2a8d39735137" ,
"SHA-256" : "83228075a604e955d59edc760e4c4ed16eedabfc8f6ac291cf21b4fcbcd1f70a" ,
"SHA-512" : "f8fcc5ed34b7bf144fc708d01d9685f0cb2e678c173d014987d6ecbf4a7c3ed539452819237173a2ab14609a913cf46c3bd618cffe7b5990c63cfe805a7144ff" ,
"SSDEEP" : "6144:4+ZmN/ix9bd+Rvze6lxjWV346vze6lpjWV34Evze6lSjWV34avze6lkjWV34z5FT:4+ZmN/ix9b8Rvze6lxjWV346vze6lpjn"
} ,
"size" : 245760 ,
"name" : "3021B9EF74c&BDDF59656A035F94FD08" ,
"x_misp_entropy" : "5.93339" ,
"x_misp_mimetype" : "PE32+ executable (DLL) (console) x86-64, for MS Windows"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:16.000Z" ,
"modified" : "2019-04-12T09:38:16.000Z" ,
"first_observed" : "2019-04-12T09:38:16Z" ,
"last_observed" : "2019-04-12T09:38:16Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--ec166754-a5ff-4729-ac26-ac79ce02133c"
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"False\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--ec166754-a5ff-4729-ac26-ac79ce02133c" ,
"hashes" : {
"MD5" : "61e3571b8d9b2e9ccfadc3dde10fb6e1" ,
"SHA-1" : "55daa1fca210ebf66b1a1d2db1aa3373b06da680" ,
"SHA-256" : "70034b33f59c6698403293cdc28676c7daa8c49031089efa6eefce41e22dccb3" ,
"SHA-512" : "235f7b920f54c4d316386cbf6cc14db1929029e8053270e730be15acc8e9f333231d2d984681bea26013a1d1cf4670528ba0989337be13ad4ada3eeba33bdfe8" ,
"SSDEEP" : "6144:d71TKN7LBHvS+bujAfrsxwkm1Ka5l7gTtJUGx:dxKHPuj8WR0K6VgTtZx"
} ,
"size" : 258052 ,
"name" : "61E3571B8D9B2E9CCFADC3DDE10FB6E1" ,
"x_misp_entropy" : "7.82959" ,
"x_misp_mimetype" : "PE32 executable (GUI) Intel 80386, for MS Windows"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--dc846c76-af3d-4aab-ba62-ccc9a5582e5d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:16.000Z" ,
"modified" : "2019-04-12T09:38:16.000Z" ,
"first_observed" : "2019-04-12T09:38:16Z" ,
"last_observed" : "2019-04-12T09:38:16Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--dc846c76-af3d-4aab-ba62-ccc9a5582e5d"
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"False\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--dc846c76-af3d-4aab-ba62-ccc9a5582e5d" ,
"hashes" : {
"MD5" : "0893e206274cb98189d51a284c2a8c83" ,
"SHA-1" : "d1f4cf4250e7ba186c1d0c6d8876f5a644f457a4" ,
"SHA-256" : "cd5ff67ff773cc60c98c35f9e9d514b597cbd148789547ba152ba67bfc0fec8f" ,
"SHA-512" : "8042356ff8dc69fa84f2de10a4c34685c3ffa798d5520382d4fbcdcb43ae17e403a208be9891cca6cf2bc297f767229a57f746ca834f6b79056a0ff1202941cf" ,
"SSDEEP" : "3072:WsyjTzEvLFOL8AqCiueLt1VFu9+zcSywy0mcj90nSJ5NatCmtWwNQLK:W/zEvLFOLdq9uebdSwHN9n5wtkwNwK"
} ,
"size" : 221184 ,
"name" : "UDPTrcSvc.dll" ,
"x_misp_entropy" : "6.359677" ,
"x_misp_mimetype" : "PE32 executable (DLL) (GUI) Intel 80386, for MS Windows"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--03272933-d90e-4e38-87fa-5490bd1c37d8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:16.000Z" ,
"modified" : "2019-04-12T09:38:16.000Z" ,
"first_observed" : "2019-04-12T09:38:16Z" ,
"last_observed" : "2019-04-12T09:38:16Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--03272933-d90e-4e38-87fa-5490bd1c37d8"
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"False\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--03272933-d90e-4e38-87fa-5490bd1c37d8" ,
"hashes" : {
"MD5" : "c4103f122d27677c9db144cae1394a66" ,
"SHA-1" : "1489f923c4dca729178b3e3233458550d8dddf29" ,
"SHA-256" : "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7" ,
"SHA-512" : "5ea71dc6d0b4f57bf39aadd07c208c35f06cd2bac5fde210397f70de11d439c62ec1cdf3183758865fd387fcea0bada2f6c37a4a17851dd1d78fefe6f204ee54" ,
"SSDEEP" : "3::"
} ,
"size" : 2 ,
"name" : "MSDFMAPI.INI" ,
"x_misp_entropy" : "0.0" ,
"x_misp_mimetype" : "data"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--ec5b0828-fc8e-4d29-9a2a-59806d987175" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:16.000Z" ,
"modified" : "2019-04-12T09:38:16.000Z" ,
"first_observed" : "2019-04-12T09:38:16Z" ,
"last_observed" : "2019-04-12T09:38:16Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--ec5b0828-fc8e-4d29-9a2a-59806d987175"
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"False\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--ec5b0828-fc8e-4d29-9a2a-59806d987175" ,
"hashes" : {
"MD5" : "f8d26f2b8dd2ac4889597e1f2fd1f248" ,
"SHA-1" : "dd132f76a4aff9862923d6a10e54dca26f26b1b4" ,
"SHA-256" : "d77fdabe17cdba62a8e728cbe6c740e2c2e541072501f77988674e07a05dfb39" ,
"SHA-512" : "34f8d10ebcab6f10c5140e94cf858761e9fa2e075db971b8e49c7334e1d55237f844ed6cf8ce735e984203f58d6b5032813b55e29a59af4bfff3853b1d07bc44" ,
"SSDEEP" : "12288:MG31DF/ubokxmgF8JsVusikiWxdj3tIQLYe:NlI0UV0ou1kiWvm4Ye"
} ,
"size" : 456241 ,
"name" : "F8D26F2B8DD2AC4889597E1F2FD1F248" ,
"x_misp_entropy" : "7.99935" ,
"x_misp_mimetype" : "data"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--5cae46d6-3cf8-4a8c-9ffc-46e0950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:41:10.000Z" ,
"modified" : "2019-04-10T19:41:10.000Z" ,
"labels" : [
"misp:name=\"original-imported-file\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "attachment" ,
"object_relation" : "imported-sample" ,
"value" : "MAR-10135536-8.stix.xml" ,
"category" : "External analysis" ,
"uuid" : "5cae46d6-58f0-4c3c-9c58-4ff5950d210f" ,
"data" : " P H N 0 a X g 6 U 1 R J W F 9 Q Y W N r Y W d l I H h t b G 5 z O m N 5 Y m 94 Q 29 t b W 9 u P S J o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 2 N v b W 1 v b i 0 y I i B 4 b W x u c z p j e W J v e D 0 i a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 j e W J v e C 0 y I i B 4 b W x u c z p j e W J v e F Z v Y 2 F i c z 0 i a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 k Z W Z h d W x 0 X 3 Z v Y 2 F i d W x h c m l l c y 0 y I i B 4 b W x u c z p B Z G R y Z X N z T 2 J q P S J o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 29 i a m V j d H M j Q W R k c m V z c 0 9 i a m V j d C 0 y I i B 4 b W x u c z p G a W x l T 2 J q P S J o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 29 i a m V j d H M j R m l s Z U 9 i a m V j d C 0 y I i B 4 b W x u c z p Q b 3 J 0 T 2 J q P S J o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 29 i a m V j d H M j U G 9 y d E 9 i a m V j d C 0 y I i B 4 b W x u c z p X a G 9 p c 0 9 i a j 0 i a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 v Y m p l Y 3 R z I 1 d o b 2 l z T 2 J q Z W N 0 L T I i I H h t b G 5 z O l d p b k V 4 Z W N 1 d G F i b G V G a W x l T 2 J q P S J o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 29 i a m V j d H M j V 2 l u R X h l Y 3 V 0 Y W J s Z U Z p b G V P Y m p l Y 3 Q t M i I g e G 1 s b n M 6 V 2 l u R m l s Z U 9 i a j 0 i a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 v Y m p l Y 3 R z I 1 d p b k Z p b G V P Y m p l Y 3 Q t M i I g e G 1 s b n M 6 b W F y a 2 l u Z z 0 i a H R 0 c D o v L 2 R h d G E t b W F y a 2 l u Z y 5 t a X R y Z S 5 v c m c v T W F y a 2 l u Z y 0 x I i B 4 b W x u c z p 0 b H B N Y X J r a W 5 n P S J o d H R w O i 8 v Z G F 0 Y S 1 t Y X J r a W 5 n L m 1 p d H J l L m 9 y Z y 9 l e H R l b n N p b 25 z L 0 1 h c m t p b m d T d H J 1 Y 3 R 1 c m U j V E x Q L T E i I H h t b G 5 z O l R P V U 1 h c m t p b m c 9 I m h 0 d H A 6 L y 9 k Y X R h L W 1 h c m t p b m c u b W l 0 c m U u b 3 J n L 2 V 4 d G V u c 2 l v b n M v T W F y a 2 l u Z 1 N 0 c n V j d H V y Z S N U Z X J t c 19 P Z l 9 V c 2 U t M S I g e G 1 s b n M 6 b W F l Y 0 J 1 b m R s Z T 0 i a H R 0 c D o v L 21 h Z W M u b W l 0 c m U u b 3 J n L 1 h N T F N j a G V t Y S 9 t Y W V j L W J 1 b m R s Z S 0 0 I i B 4 b W x u c z p t Y W V j U G F j a 2 F n Z T 0 i a H R 0 c D o v L 21 h Z W M u b W l 0 c m U u b 3 J n L 1 h N T F N j a G V t Y S 9 t Y W V j L X B h Y 2 t h Z 2 U t M i I g e G 1 s b n M 6 b W F l Y 1 Z v Y 2 F i c z 0 i a H R 0 c D o v L 21 h Z W M u b W l 0 c m U u b 3 J n L 2 R l Z m F 1 b H R f d m 9 j Y W J 1 b G F y a W V z L T E i I H h t b G 5 z O m l u Y 2 l k Z W 50 P S J o d H R w O i 8 v c 3 R p e C 5 t a X R y Z S 5 v c m c v S W 5 j a W R l b n Q t M S I g e G 1 s b n M 6 a W 5 k a W N h d G 9 y P S J o d H R w O i 8 v c 3 R p e C 5 t a X R y Z S 5 v c m c v S W 5 k a W N h d G 9 y L T I i I H h t b G 5 z O n R 0 c D 0 i a H R 0 c D o v L 3 N 0 a X g u b W l 0 c m U u b 3 J n L 1 R U U C 0 x I i B 4 b W x u c z p z d G l 4 Q 29 t b W 9 u P S J o d H R w O i 8 v c 3 R p e C 5 t a X R y Z S 5 v c m c v Y 29 t b W 9 u L T E i I H h t b G 5 z O n N 0 a X h W b 2 N h Y n M 9 I m h 0 d H A 6 L y 9 z d G l 4 L m 1 p d H J l L m 9 y Z y 9 k Z W Z h d W x 0 X 3 Z v Y 2 F i d W x h c m l l c y 0 x I i B 4 b W x u c z p z d G l 4 L W 1 h Z W M 9 I m h 0 d H A 6 L y 9 z d G l 4 L m 1 p d H J l L m 9 y Z y 9 l e H R l b n N p b 25 z L 0 1 h b H d h c m U j T U F F Q z Q u M S 0 x I i B 4 b W x u c z p 5 Y X J h V E 0 9 I m h 0 d H A 6 L y 9 z d G l 4 L m 1 p d H J l L m 9 y Z y 9 l e H R l b n N p b 25 z L 1 R l c 3 R N Z W N o Y W 5 p c 20 j W U F S Q S 0 x I i B 4 b W x u c z p z d G l 4 P S J o d H R w O i 8 v c 3 R p e C 5 t a X R y Z S 5 v c m c v c 3 R p e C 0 x I i B 4 b W x u c z p O Q 0 N J Q z 0 i a H R 0 c D o v L 3 d 3 d y 51 c y 1 j Z X J 0 L m d v d i 8 i I H h t b G 5 z O n h z a T 0 i a H R 0 c D o v L 3 d 3 d y 53 M y 5 v c m c v M j A w M S 9 Y T U x T Y 2 h l b W E t a W 5 z d G F u Y 2 U i I H h z a T p z Y 2 h l b W F M b 2 N h d G l v b j 0 i I C B o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 2 N v b W 1 v b i 0 y I G h 0 d H A 6 L y 9 j e W J v e C 5 t a X R y Z S 5 v c m c v W E 1 M U 2 N o Z W 1 h L 2 N v b W 1 v b i 8 y L j E v Y 3 l i b 3 h f Y 29 t b W 9 u L n h z Z C A g a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 j e W J v e C 0 y I G h 0 d H A 6 L y 9 j e W J v e C 5 t a X R y Z S 5 v c m c v W E 1 M U 2 N o Z W 1 h L 2 N v c m U v M i 4 x L 2 N 5 Y m 94 X 2 N v c m U u e H N k I C B o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 2 R l Z m F 1 b H R f d m 9 j Y W J 1 b G F y a W V z L T I g a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 Y T U x T Y 2 h l b W E v Z G V m Y X V s d F 92 b 2 N h Y n V s Y X J p Z X M v M i 4 x L 2 N 5 Y m 94 X 2 R l Z m F 1 b H R f d m 9 j Y W J 1 b G F y a W V z L n h z Z C A g a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 v Y m p l Y 3 R z I 0 F k Z H J l c 3 N P Y m p l Y 3 Q t M i B o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 1 h N T F N j a G V t Y S 9 v Y m p l Y 3 R z L 0 F k Z H J l c 3 M v M i 4 x L 0 F k Z H J l c 3 N f T 2 J q Z W N 0 L n h z Z C A g a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 v Y m p l Y 3 R z I 0 Z p b G V P Y m p l Y 3 Q t M i B o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 1 h N T F N j a G V t Y S 9 v Y m p l Y 3 R z L 0 Z p b G U v M i 4 x L 0 Z p b G V f T 2 J q Z W N 0 L n h z Z C A g a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 v Y m p l Y 3 R z I 1 B v c n R P Y m p l Y 3 Q t M i B o d H R w O i 8 v Y 3 l i b 3 g u b W l 0 c m U u b 3 J n L 1 h N T F N j a G V t Y S 9 v Y m p l Y 3 R z L 1 B v c n Q v M i 4 x L 1 B v c n R f T 2 J q Z W N 0 L n h z Z C A g a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 v Y m p l Y 3 R z I 1 d o b 2 l z T 2 J q Z W N 0 L T I g a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 Y T U x T Y 2 h l b W E v b 2 J q Z W N 0 c y 9 X a G 9 p c y 8 y L j E v V 2 h v a X N f T 2 J q Z W N 0 L n h z Z C A g a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 v Y m p l Y 3 R z I 1 d p b k V 4 Z W N 1 d G F i b G V G a W x l T 2 J q Z W N 0 L T I g a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 Y T U x T Y 2 h l b W E v b 2 J q Z W N 0 c y 9 X a W 5 f R X h l Y 3 V 0 Y W J s Z V 9 G a W x l L z I u M S 9 X a W 5 f R X h l Y 3 V 0 Y W J s Z V 9 G a W x l X 0 9 i a m V j d C 54 c 2 Q g I G h 0 d H A 6 L y 9 j e W J v e C 5 t a X R y Z S 5 v c m c v b 2 J q Z W N 0 c y N X a W 5 G a W x l T 2 J q Z W N 0 L T I g a H R 0 c D o v L 2 N 5 Y m 94 L m 1 p d H J l L m 9 y Z y 9 Y T U x T Y 2 h l b W E v b 2 J q Z W N 0 c y 9 X a W 5 f R m l s Z S 8 y L j E v V 2 l u X 0 Z p b G V f T 2 J q Z W N 0 L n h z Z C A g a H R 0 c D o v L 2 R h d G E t b W F y a 2 l u Z y 5 t a X R y Z S 5 v c m c v T W F y a 2 l u Z y 0 x I G h 0 d H A 6 L y 9 z d G l 4 L m 1 p d H J l L m 9 y Z y 9 Y T U x T Y 2 h l b W E v Z G F 0 Y V 9 t Y X J r a W 5 n L z E u M S 4 x L 2 R h d G F f b W F y a 2 l u Z y 54 c 2 Q g I G h 0 d H A 6 L y 9 k Y X R h L W 1 h c m t p b m c u b W l 0 c m U u b 3 J n L 2 V 4 d G V u c 2 l v b n M v T W F y a 2 l u Z 1 N 0 c n V j d H V y Z S N U T F A t M S B o d H R w O i 8 v c 3 R p e C 5 t a X R y Z S 5 v c m c v W E 1 M U 2 N o Z W 1 h L 2 V 4 d G V u c 2 l v b n M v b W F y a 2 l u Z y 90 b H A v M S 4 x L j E v d G x w X 21 h c m t p b m c u e H N k I C B o d H R w O i 8 v Z G F 0 Y S 1 t Y X J r a W 5 n L m 1 p d H J l L m 9 y Z y 9 l e H R l b n N p b 25 z L 0 1 h c m t p b m d T d H J 1 Y 3 R 1 c m U j V G V y b X N f T 2 Z f V X N l L T E g a H R 0 c D o v L 3 N 0 a X g u b W l 0 c m U u b 3 J n L 1 h N T F N j a G V t Y S 9 l e H R l b n N p b 25 z L 21 h c m t p b m c v d G V y b X N f b 2 Z f d X N l L z E u M C 4 x L 3 R l c m 1 z X 29 m X 3 V z Z V 9 t Y X J r a W 5 n L n h z Z C A g a H R 0 c D o v L 21 h Z W M u b W l 0 c m U u b 3
} ,
{
"type" : "text" ,
"object_relation" : "format" ,
"value" : "STIX 1.1" ,
"category" : "Other" ,
"uuid" : "5cae46d6-51a8-4570-bb84-4554950d210f"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "original-imported-file"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--b2d62cb5-8052-47f2-997e-dd4238004f97" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:17.000Z" ,
"modified" : "2019-04-12T09:38:17.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-04-12T06:44:27" ,
"category" : "Other" ,
"uuid" : "93b8dd2e-154d-429c-baa1-1d816c2861b6"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/05feed9762bc46b47a7dc5c469add9f163c16df4ddaafe81983a628da5714461/analysis/1555051467/" ,
"category" : "Payload delivery" ,
"uuid" : "4798f052-f860-455d-ad72-5c5675dbc0bc"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "26/69" ,
"category" : "Payload delivery" ,
"uuid" : "e0f10253-c995-4301-9c64-01c080c5b856"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--42d5dff2-e1f0-428f-a415-b83a757b7768" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:17.000Z" ,
"modified" : "2019-04-12T09:38:17.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-04-12T06:23:19" ,
"category" : "Other" ,
"uuid" : "a2315c49-5b25-45c9-935a-609ba79bb4ba"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/4c372df691fc699552f81c3d3937729f1dde2a2393f36c92ccc2bd2a033a0818/analysis/1555050199/" ,
"category" : "Payload delivery" ,
"uuid" : "62d7f6e0-a7f6-4cf7-a869-21c0c2fa1075"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "20/65" ,
"category" : "Payload delivery" ,
"uuid" : "0040fd7e-fb3e-45e9-abe3-06275410051c"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--a314859d-026b-4b02-bcf5-09d7e3c08026" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:18.000Z" ,
"modified" : "2019-04-12T09:38:18.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-04-12T06:53:02" ,
"category" : "Other" ,
"uuid" : "880f50d2-bceb-4345-8793-672b75760927"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/ddea408e178f0412ae78ff5d5adf2439251f68cad4fd853ee466a3c74649642d/analysis/1555051982/" ,
"category" : "Payload delivery" ,
"uuid" : "8bc328ed-c422-47c2-92c7-d9b341cc7ede"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "24/71" ,
"category" : "Payload delivery" ,
"uuid" : "46a21555-699d-4092-9486-b14e92c112d7"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--2fc2e78c-c6e8-424c-9ad7-e166e7737e9c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:18.000Z" ,
"modified" : "2019-04-12T09:38:18.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-04-12T00:08:18" ,
"category" : "Other" ,
"uuid" : "d1f5c894-44c4-49c2-a97d-49a37c85698d"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/cd5ff67ff773cc60c98c35f9e9d514b597cbd148789547ba152ba67bfc0fec8f/analysis/1555027698/" ,
"category" : "Payload delivery" ,
"uuid" : "58dd4071-eaa2-4fb5-befb-d115f8e03c27"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "45/71" ,
"category" : "Payload delivery" ,
"uuid" : "be07e165-b34e-4e5e-982a-1955428d583c"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--603e0902-44f7-4457-9d0e-6246e8fce379" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:18.000Z" ,
"modified" : "2019-04-12T09:38:18.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-04-12T06:23:14" ,
"category" : "Other" ,
"uuid" : "e68c58c8-9662-4509-91a2-f64bd137ce3c"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/2151c1977b4555a1761c12f151969f8e853e26c396fa1a7b74ccbaf3a48f4525/analysis/1555050194/" ,
"category" : "Payload delivery" ,
"uuid" : "d67172a0-b4e2-4d36-846b-36f234b07ec4"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "25/68" ,
"category" : "Payload delivery" ,
"uuid" : "0eb206aa-c688-497f-8faf-ed7b99a0e18b"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--1c222ada-8f9b-4a30-9cb1-fc81cd47dee8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:18.000Z" ,
"modified" : "2019-04-12T09:38:18.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-04-12T07:05:39" ,
"category" : "Other" ,
"uuid" : "169375e9-1b58-4214-866d-e2c4a3c5c84e"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/49757cf85657757704656c079785c072bbc233cab942418d99d1f63d43f28359/analysis/1555052739/" ,
"category" : "Payload delivery" ,
"uuid" : "2f3db7b8-d698-4e25-8daa-32276f0a3898"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "36/70" ,
"category" : "Payload delivery" ,
"uuid" : "5d7317e9-1b1e-4918-82ab-5d104080f463"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--1cba5ef3-2f91-4b11-855e-9480c7fb943d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:19.000Z" ,
"modified" : "2019-04-12T09:38:19.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-04-12T07:13:35" ,
"category" : "Other" ,
"uuid" : "e6bfbca4-2d0d-43fd-b802-54656eed2ed7"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7/analysis/1555053215/" ,
"category" : "Payload delivery" ,
"uuid" : "5c7e5387-5ac8-429e-9723-0b09fb85a125"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "0/55" ,
"category" : "Payload delivery" ,
"uuid" : "9ab6b257-3660-495e-9b89-4a5e2dd5cd9b"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--c8b6f1f2-e727-4120-8d78-62dabe459c41" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:19.000Z" ,
"modified" : "2019-04-12T09:38:19.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-04-12T06:58:29" ,
"category" : "Other" ,
"uuid" : "ca6344f5-5e95-4271-a592-96ccf0314ee7"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/70902623c9cd0cccc8513850072b70732d02c266c7b7e96d2d5b2ed4f5edc289/analysis/1555052309/" ,
"category" : "Payload delivery" ,
"uuid" : "11acd5c2-b8ea-4c81-a710-332791eafeb2"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "1/58" ,
"category" : "Payload delivery" ,
"uuid" : "8f3057df-8a46-4914-b1c2-daf7cc935600"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--e25a593a-6702-4694-90f3-f0858a21b5e1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:19.000Z" ,
"modified" : "2019-04-12T09:38:19.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-04-12T06:23:12" ,
"category" : "Other" ,
"uuid" : "60a0984e-0134-4ff8-a960-91448d364c54"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/12480585e08855109c5972e85d99cda7701fe992bc1754f1a0736f1eebcb004d/analysis/1555050192/" ,
"category" : "Payload delivery" ,
"uuid" : "4be1742a-c1cb-42d4-acdc-3d3b458b082b"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "25/68" ,
"category" : "Payload delivery" ,
"uuid" : "d0ffa81e-eb31-409d-8fbb-ed9b5b60b2de"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--d0962325-2049-4b8a-9cc0-8597888ef490" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:19.000Z" ,
"modified" : "2019-04-12T09:38:19.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-04-12T07:16:31" ,
"category" : "Other" ,
"uuid" : "ec85be6d-aa4e-44a6-88ba-d88198d2618a"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/d77fdabe17cdba62a8e728cbe6c740e2c2e541072501f77988674e07a05dfb39/analysis/1555053391/" ,
"category" : "Payload delivery" ,
"uuid" : "69cedfb6-f6a1-4369-9e41-1a7fd072f9fc"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "1/58" ,
"category" : "Payload delivery" ,
"uuid" : "9c254329-ec28-4e83-b7de-de5a3689e449"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--c6acfd6b-0a6a-40cc-8f76-c2fdf02f41d9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:19.000Z" ,
"modified" : "2019-04-12T09:38:19.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-04-12T07:19:07" ,
"category" : "Other" ,
"uuid" : "210beb7e-7b30-4996-bb9c-983da46c984c"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/4a74a9fd40b63218f7504f806fce71dffefc1b1d6ca4bbaadd720b6a89d47761/analysis/1555053547/" ,
"category" : "Payload delivery" ,
"uuid" : "8b0d2ddb-72ae-4c60-956d-c33e57acb25a"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "22/71" ,
"category" : "Payload delivery" ,
"uuid" : "848f612d-4a00-4188-adf7-42a0f95a1111"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--292b76e3-83c8-4bb0-89c8-8105cf22899d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:19.000Z" ,
"modified" : "2019-04-12T09:38:19.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-04-12T06:23:21" ,
"category" : "Other" ,
"uuid" : "66962cf2-1f81-405b-a0cc-9c327b5d5e50"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/70034b33f59c6698403293cdc28676c7daa8c49031089efa6eefce41e22dccb3/analysis/1555050201/" ,
"category" : "Payload delivery" ,
"uuid" : "c91547fb-0ccd-47ea-b791-305f804ae8df"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "39/72" ,
"category" : "Payload delivery" ,
"uuid" : "0c36ffa3-a0fd-44bd-96bf-13e85d0438b1"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--ae92ce2a-cac9-4284-8ce9-641e2a6d948b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-12T09:38:19.000Z" ,
"modified" : "2019-04-12T09:38:19.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-04-12T06:59:12" ,
"category" : "Other" ,
"uuid" : "7f5f4ca8-184b-4f77-bae9-35bb13903da1"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/83228075a604e955d59edc760e4c4ed16eedabfc8f6ac291cf21b4fcbcd1f70a/analysis/1555052352/" ,
"category" : "Payload delivery" ,
"uuid" : "affa8f4f-0bba-4b33-b4fd-8515e13f42dd"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "8/70" ,
"category" : "Payload delivery" ,
"uuid" : "e58118be-80c3-4569-b3a5-441bcd6d7b63"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a10931bb-7045-47ad-bc16-e2684051e353" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:51.000Z" ,
"modified" : "2019-04-10T19:40:51.000Z" ,
"pattern" : "[file:extensions.'windows-pebinary-ext'.number_of_sections = '6' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = '23E27E5482E3F55BF828DAB885569033' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = '23E27E5482E3F55BF828DAB885569033']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-04-10T19:40:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"pe\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--335302ab-5969-43ef-aae3-ded36c7331b5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:52.000Z" ,
"modified" : "2019-04-10T19:40:52.000Z" ,
"pattern" : "[file:extensions.'windows-pebinary-ext'.number_of_sections = '5' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = '5C3898AC7670DA30CF0B22075F3E8ED6' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = '5C3898AC7670DA30CF0B22075F3E8ED6']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-04-10T19:40:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"pe\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d047f984-e129-4e7d-95f7-b3883eb4d380" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:54.000Z" ,
"modified" : "2019-04-10T19:40:54.000Z" ,
"pattern" : "[file:extensions.'windows-pebinary-ext'.number_of_sections = '6' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = 'C5DC53A540ABE95E02008A04A0D56D6C' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = 'C5DC53A540ABE95E02008A04A0D56D6C']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-04-10T19:40:54Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"pe\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--738d6709-4996-4265-b9db-a44258b97eca" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:54.000Z" ,
"modified" : "2019-04-10T19:40:54.000Z" ,
"pattern" : "[file:extensions.'windows-pebinary-ext'.number_of_sections = '6' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = 'BE588CD29B9DC6F8CFC4D0AA5E5C79AA' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = 'BE588CD29B9DC6F8CFC4D0AA5E5C79AA']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-04-10T19:40:54Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"pe\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d158344a-e9a9-4e03-9832-fb1264c3d1aa" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:56.000Z" ,
"modified" : "2019-04-10T19:40:56.000Z" ,
"pattern" : "[file:extensions.'windows-pebinary-ext'.number_of_sections = '7' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = '868036E102DF4CE414B0E6700825B319' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = '868036E102DF4CE414B0E6700825B319']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-04-10T19:40:56Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"pe\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8ac82864-35d9-4232-ad60-e3e6fab47b66" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:57.000Z" ,
"modified" : "2019-04-10T19:40:57.000Z" ,
"pattern" : "[file:extensions.'windows-pebinary-ext'.number_of_sections = '7' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = 'rdpproto.dll' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = 'rdpproto.dll']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-04-10T19:40:57Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"pe\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c2881aa4-04fd-45b9-922b-93273fd2f4a7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:59.000Z" ,
"modified" : "2019-04-10T19:40:59.000Z" ,
"pattern" : "[file:extensions.'windows-pebinary-ext'.number_of_sections = '7' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = '42682D4A78FE5C2EDA988185A344637D' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = '42682D4A78FE5C2EDA988185A344637D']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-04-10T19:40:59Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"pe\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ab715c6a-5b26-4280-a328-6d748e83e680" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:41:00.000Z" ,
"modified" : "2019-04-10T19:41:00.000Z" ,
"pattern" : "[file:extensions.'windows-pebinary-ext'.number_of_sections = '7' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = '3021B9EF74c&BDDF59656A035F94FD08' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = '3021B9EF74c&BDDF59656A035F94FD08']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-04-10T19:41:00Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"pe\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4bef19cc-01f6-4b03-9f08-6b51796cb5ca" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:41:01.000Z" ,
"modified" : "2019-04-10T19:41:01.000Z" ,
"pattern" : "[file:extensions.'windows-pebinary-ext'.number_of_sections = '4' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = '61E3571B8D9B2E9CCFADC3DDE10FB6E1' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = '61E3571B8D9B2E9CCFADC3DDE10FB6E1']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-04-10T19:41:01Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"pe\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cb4560bb-f70e-44a7-9496-1d7d017e9880" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:41:02.000Z" ,
"modified" : "2019-04-10T19:41:02.000Z" ,
"pattern" : "[file:extensions.'windows-pebinary-ext'.number_of_sections = '5' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = 'UDPTrcSvc.dll' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = 'UDPTrcSvc.dll']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-04-10T19:41:02Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"pe\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--6a82a81c-cc1c-4568-95e8-65da2aa8a8ec" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:50.000Z" ,
"modified" : "2019-04-10T19:40:50.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "2.542817" ,
"category" : "Other" ,
"uuid" : "026bccf0-af5e-4d04-ba13-941a2b97c9fd"
} ,
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "c06924120c87e2cb79505e4ab0c2e192" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "61eab12c-88a3-4fec-bff1-1f0cea073fb0"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "1024" ,
"category" : "Other" ,
"uuid" : "98e8e9d7-8239-498d-9068-2f72767e6848"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--132d7802-77e5-432c-8cf6-7648b90e7acd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:50.000Z" ,
"modified" : "2019-04-10T19:40:50.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "3368eda2d5820605a055596c7c438f0f" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "b8f8095e-4611-4431-b56c-73bd427ffc79"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "6.441545" ,
"category" : "Other" ,
"uuid" : "22f6639e-4e1c-4c21-9e66-4c6f2dd58e8e"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".text" ,
"category" : "Other" ,
"uuid" : "10ae0529-05da-4c1a-9647-e674df77194a"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "197120" ,
"category" : "Other" ,
"uuid" : "c89bb820-7efd-49de-987e-0466ab07af24"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--51c3c827-4e60-4f91-b6b4-b1e99fab0df8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:50.000Z" ,
"modified" : "2019-04-10T19:40:50.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "ec1f06839fa9bc10ad8e183b6bf7c1b5" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "4da7482c-3d35-4d8f-88f6-e73a14c294dd"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "5.956914" ,
"category" : "Other" ,
"uuid" : "10b07ecf-448e-4c7a-8349-19241d4f640d"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".rdata" ,
"category" : "Other" ,
"uuid" : "9040e2be-7b8c-4c63-a13d-7e273b3f6a93"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "27136" ,
"category" : "Other" ,
"uuid" : "d4d042f6-ffa1-4314-81d7-4d5dc65e75d7"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--a4f1d6f8-842e-42f9-8d2c-b69a2d04a1ea" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:51.000Z" ,
"modified" : "2019-04-10T19:40:51.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "1e62b7d9f7cc48162e0651f7de314c8a" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "d520e839-76ab-4991-bcfc-4f67bb4fd738"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "4.147893" ,
"category" : "Other" ,
"uuid" : "5eec8273-6d98-4ef8-ad6a-d00a95b2092b"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".data" ,
"category" : "Other" ,
"uuid" : "63afbe8b-03ca-46bc-82c7-7b6669057e5c"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "8192" ,
"category" : "Other" ,
"uuid" : "c7ab30e9-837a-4262-8acd-a7d3b3dfd3c4"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--a61f2333-075a-4f7e-9145-b7e624c99d43" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:51.000Z" ,
"modified" : "2019-04-10T19:40:51.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "980effd28a6c674865537f313318733a" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "5aa67187-ff2d-4c6d-bf7e-56ba932ae292"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "5.090362" ,
"category" : "Other" ,
"uuid" : "e4739013-d1f6-4da4-8d81-af28aaafe34d"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".rsrc" ,
"category" : "Other" ,
"uuid" : "d0be3f42-d87b-4da7-9113-6d7829fd1676"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "512" ,
"category" : "Other" ,
"uuid" : "959005d0-0b35-495e-8681-16f0eadcb7b2"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--904eab59-fca8-4005-ae01-fa802500e52c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:51.000Z" ,
"modified" : "2019-04-10T19:40:51.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "696fd5cac6e744f336e8ab68a4708fcf" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "edfedbf3-79b4-4209-8df0-98687d42d22b"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "5.247502" ,
"category" : "Other" ,
"uuid" : "4ef97107-db6e-40f9-a63c-1a574c8f1b28"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".reloc" ,
"category" : "Other" ,
"uuid" : "fbf5d6fd-a566-4bda-bddf-f6ef93f7ca1f"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "8704" ,
"category" : "Other" ,
"uuid" : "0cc130d4-bada-4e9f-8cfc-46a5c5451d89"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--e02bda87-4522-4849-b60b-cd07a598b48f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:51.000Z" ,
"modified" : "2019-04-10T19:40:51.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "0.69566" ,
"category" : "Other" ,
"uuid" : "f37c7c4b-d577-45fd-9b5a-8e329adc6efb"
} ,
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "adb596d3ceae66510778e3bf5d4d9582" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "ac76124e-2c79-469d-9bfd-e7757a82ab72"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "4096" ,
"category" : "Other" ,
"uuid" : "2b01230e-a2b5-4db5-be8f-11385fab0af6"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--21bbfcf1-6d03-46ab-926e-8c513e3c9c6f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:51.000Z" ,
"modified" : "2019-04-10T19:40:51.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "6453931a0b6192e0bbd6476e736ca63f" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "35ecbbc7-b2c8-4899-973d-5e7aa032cff1"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "6.343388" ,
"category" : "Other" ,
"uuid" : "8f2641a0-9602-41b2-8fff-1fabf68ba6e5"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".text" ,
"category" : "Other" ,
"uuid" : "7bacab93-e050-4b5e-9f1f-faa1ef0edc7f"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "184320" ,
"category" : "Other" ,
"uuid" : "cf5634c9-4d41-4bae-976f-90f3af3f5239"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--23520dbd-c625-44d0-816a-fff60adf8c08" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:51.000Z" ,
"modified" : "2019-04-10T19:40:51.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "0ba1433cc62ba7903ada2f1e57603e83" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "f28e5c61-c02f-4c96-849f-8bc5bbd65493"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "6.246206" ,
"category" : "Other" ,
"uuid" : "d17e2071-59be-42fc-85a8-20b4ef814576"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".rdata" ,
"category" : "Other" ,
"uuid" : "3a25c314-d3b4-482a-ab56-5553ef8dbb97"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "16384" ,
"category" : "Other" ,
"uuid" : "53662898-0a16-4d57-b8b7-0553c2fb83aa"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--8c51db87-a216-44c0-bd75-69239348d2a1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:51.000Z" ,
"modified" : "2019-04-10T19:40:51.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "76a08265777f68f08e5e6ed2102cb31d" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "95db93c0-facd-405f-8631-382bb0f6bb90"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "4.050945" ,
"category" : "Other" ,
"uuid" : "c1d0f8d4-dc5a-42fa-b143-f45763e3812f"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".data" ,
"category" : "Other" ,
"uuid" : "c0404d60-1075-4886-8265-5065d61c3412"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "12288" ,
"category" : "Other" ,
"uuid" : "8041a49e-2e44-46bd-9cde-5aa2e51df8b6"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--b4eb4fd7-5fee-43e6-8ecd-63c87632d4c0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:52.000Z" ,
"modified" : "2019-04-10T19:40:52.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "cb8939d6bc1cd076acd850c3850bdf78" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "cb311e88-2f90-47d9-89c0-f054fa6e8f5b"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "3.289605" ,
"category" : "Other" ,
"uuid" : "51d75451-596f-46ec-b8da-a3448f8d96ec"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".rsrc" ,
"category" : "Other" ,
"uuid" : "7f9cea95-46bb-4e9f-a65f-28c1ce230732"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "4096" ,
"category" : "Other" ,
"uuid" : "f8eb93ea-77d3-4237-8084-2bfb1d5a3ee5"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--d7d9f6b7-4b64-49a9-843a-a675d8130f4b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:53.000Z" ,
"modified" : "2019-04-10T19:40:53.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "2.625229" ,
"category" : "Other" ,
"uuid" : "1f81d0b9-4e31-4c6a-bd10-80c9785ee32e"
} ,
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "64cb3246aafa83129f7fd6b25d572a9f" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "37634b09-9c3d-45d6-8005-444aa186e704"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "1024" ,
"category" : "Other" ,
"uuid" : "0a15b2f9-e41c-4482-ae9d-af5bdd042ab1"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--b6b3a355-04df-468c-b334-3553062b12c7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:53.000Z" ,
"modified" : "2019-04-10T19:40:53.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "e8c15e136370c12020eb23545085b9f6" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "258993a2-b254-4071-b133-cb5dde33da2e"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "6.431942" ,
"category" : "Other" ,
"uuid" : "b6d6ca82-504b-4c7d-b143-600efa72354d"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".text" ,
"category" : "Other" ,
"uuid" : "c81e9ee1-deb7-4ba8-bf6c-166939c37b5d"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "196096" ,
"category" : "Other" ,
"uuid" : "6a19d2df-7ce7-4818-b01a-f40617f79ba9"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--99a21cae-aca7-4dc5-a057-c31d995c3de7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:53.000Z" ,
"modified" : "2019-04-10T19:40:53.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "cf0eb4ad22ac1ca687b87a0094999ac8" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "597380cc-7507-4998-b3a8-45dd517520dd"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "5.990247" ,
"category" : "Other" ,
"uuid" : "3d0b10a1-d06f-49ba-a9dc-7290e8750906"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".rdata" ,
"category" : "Other" ,
"uuid" : "7d0c309a-d05b-4889-87b8-45f628def06c"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "26624" ,
"category" : "Other" ,
"uuid" : "7655cba8-e280-43fb-b777-6b972ec4e8df"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--81b7d5fc-2afa-4313-b589-1773e410cd85" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:53.000Z" ,
"modified" : "2019-04-10T19:40:53.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "b246681e20b3c8ff43e1fcf6c0335287" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "86206141-3aa8-4886-8e2a-3222156bb54e"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "4.116777" ,
"category" : "Other" ,
"uuid" : "cf0de307-928e-41b2-899f-df59d845d57a"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".data" ,
"category" : "Other" ,
"uuid" : "2a18117d-c785-41a1-9892-4ddc3bc79b92"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "8192" ,
"category" : "Other" ,
"uuid" : "5273e830-5273-4de5-bea8-0ba4505390e5"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--b0039524-0831-4150-9367-0c01132e1f6d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:53.000Z" ,
"modified" : "2019-04-10T19:40:53.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "6545248a1e3449e95314cbc874837096" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "0c0c80fe-1642-485b-983a-19f311bcc4f9"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "5.112624" ,
"category" : "Other" ,
"uuid" : "6410bfcc-e96b-4d8d-8111-d6652828a391"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".rsrc" ,
"category" : "Other" ,
"uuid" : "1afb96a6-68c2-43bf-ba04-abab50a34d9c"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "512" ,
"category" : "Other" ,
"uuid" : "98c12a6a-6401-44ce-98c3-e3e07ac92d6c"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--dbc2c668-6778-40ee-a1d2-0a8eed89d382" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:54.000Z" ,
"modified" : "2019-04-10T19:40:54.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "31a7ab6f707799d327b8425f6693c220" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "3893e4f3-e5a9-45c5-b83c-247b16b3d1de"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "5.176231" ,
"category" : "Other" ,
"uuid" : "3f641459-6fb8-4335-a615-d74c599119fc"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".reloc" ,
"category" : "Other" ,
"uuid" : "2ed36d70-6684-4085-812c-1a0d0f194ca8"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "8704" ,
"category" : "Other" ,
"uuid" : "501634fd-b6bd-48fc-b476-269bb07d6134"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--08b33dc6-0d4c-4441-85b9-19177bfce17f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:54.000Z" ,
"modified" : "2019-04-10T19:40:54.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "2.658486" ,
"category" : "Other" ,
"uuid" : "f00fe537-cd14-47b8-b6df-b8d7ccb8e6d4"
} ,
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "59b5d567b9b7b9da0ca0936675fd95fe" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "24e2ea0e-520b-4a6b-b877-9d2f01ed84b2"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "1024" ,
"category" : "Other" ,
"uuid" : "7e807666-5bbb-4405-ac7a-4bef7a82fb39"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--cf24fa43-ec76-41ac-a2c9-c76a86ccd334" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:54.000Z" ,
"modified" : "2019-04-10T19:40:54.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "c0b6929e0f01a7b61bde3d7400a801e0" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "c02b02bf-849a-4907-b494-430749daae3a"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "6.470188" ,
"category" : "Other" ,
"uuid" : "4d8fa4ef-96e9-45d2-8bde-428a80c7ccb5"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".text" ,
"category" : "Other" ,
"uuid" : "efcc600f-6886-45e6-84d3-aad00c22a98d"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "218624" ,
"category" : "Other" ,
"uuid" : "bb55c1f6-41dc-4ed7-9a69-3da4204317dc"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--06b00c8c-78e4-4833-a79a-c70ac79d8b25" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:54.000Z" ,
"modified" : "2019-04-10T19:40:54.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "ce1e5ab830fcfaa2d7bea92f56e9026e" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "2a4ab050-8faf-4fb7-85b5-1dbb1d2a9713"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "5.962575" ,
"category" : "Other" ,
"uuid" : "10d55f20-9e31-4f11-abdd-af997378272b"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".rdata" ,
"category" : "Other" ,
"uuid" : "eb6d6bc4-a200-42cd-b20c-4e10d1101aa4"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "27136" ,
"category" : "Other" ,
"uuid" : "5993ae0b-3a39-4f4a-96c0-3635d726430d"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--7b055b6f-f844-470b-958f-918ada8231bc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:54.000Z" ,
"modified" : "2019-04-10T19:40:54.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "006bad003b65738ed203a576205cc546" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "bb646ce2-6204-44d1-93e7-d1e3db024e50"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "4.157373" ,
"category" : "Other" ,
"uuid" : "788ceb35-b02b-4c4e-840b-28c8c33e341b"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".data" ,
"category" : "Other" ,
"uuid" : "8cda33eb-b153-4886-9057-9bcaee63ec25"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "8192" ,
"category" : "Other" ,
"uuid" : "d77b76f2-16b7-4585-8a8f-cc476e3934a2"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--3014952d-8c6c-47f4-9e95-a2e07d248668" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:54.000Z" ,
"modified" : "2019-04-10T19:40:54.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "992987e022da39fcdbeede8ddd48f226" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "4103dce2-1897-412a-abcd-38a36bfcbb02"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "5.51187" ,
"category" : "Other" ,
"uuid" : "ea603899-a8a5-4bd6-8a79-1ddf566188d9"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".rsrc" ,
"category" : "Other" ,
"uuid" : "7bf18fef-03c0-4d57-817d-d766ac8edb97"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "3072" ,
"category" : "Other" ,
"uuid" : "daf93f17-ff50-49e0-a4d8-16a5ca8304ca"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--03f59ed6-d83e-4769-a8ac-611f258d0429" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:54.000Z" ,
"modified" : "2019-04-10T19:40:54.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "4be460324f0f4dc1f6a0983752094cce" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "16ba4695-e9a1-41f9-b742-8f8be584c06f"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "5.303151" ,
"category" : "Other" ,
"uuid" : "027fec2c-9566-42ed-b068-ee943edbf127"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".reloc" ,
"category" : "Other" ,
"uuid" : "7e444bcf-fd06-47da-919a-cfd945b62f32"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "9728" ,
"category" : "Other" ,
"uuid" : "d4cb0580-7068-42db-84e8-f41fc287146d"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--681912d6-af0d-4b11-af8f-576123bb2ef7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:55.000Z" ,
"modified" : "2019-04-10T19:40:55.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "2.4864" ,
"category" : "Other" ,
"uuid" : "50c7c57c-4dfa-4686-9335-81a231fa8d6c"
} ,
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "e772c7a04c7e3d53c58fdb8a88bb0c02" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "547b1937-09b0-4973-9534-a614404ff7ad"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "1024" ,
"category" : "Other" ,
"uuid" : "514ca7d3-9ed2-430e-8756-e9cb867f4c0c"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--a2dfae6d-1e63-4f17-aa63-b82b363d2000" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:55.000Z" ,
"modified" : "2019-04-10T19:40:55.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "a6a2750e5b57470403299e0327553042" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "71d5ae1c-3f38-4e9b-bfca-9136c7680eac"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "6.29743" ,
"category" : "Other" ,
"uuid" : "0a32cf4f-d40f-4d99-b929-1d7fa681f215"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".text" ,
"category" : "Other" ,
"uuid" : "b1e8091d-8c41-4f1c-a945-9df2404d1e12"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "34816" ,
"category" : "Other" ,
"uuid" : "29c9c5d2-9c05-4ea5-8241-df4da93e68d8"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--cb37303a-fd4b-4a66-a6e8-ff5dffc84ac7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:55.000Z" ,
"modified" : "2019-04-10T19:40:55.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "cc5d69374e9b0266a4b1119e5274d392" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "1fe9839e-bc54-4e3c-9527-4178f7349491"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "4.71565" ,
"category" : "Other" ,
"uuid" : "44db3c73-4453-4765-ae4a-24ac4ade8e7c"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".rdata" ,
"category" : "Other" ,
"uuid" : "0b3ef129-e647-4a3d-ba0a-fd1112842f5b"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "12288" ,
"category" : "Other" ,
"uuid" : "93d6e715-42d5-430f-9218-6c89a6d6b407"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--737ccfd6-1e0e-494d-bcdc-5cbf6ae072f7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:55.000Z" ,
"modified" : "2019-04-10T19:40:55.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "ac4ee21fcb2501656efc217d139ec804" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "9577dd42-7be8-4cfe-991e-1fc03c133857"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "1.87695" ,
"category" : "Other" ,
"uuid" : "f95c7a9c-cb91-490a-8433-e1081597f624"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".data" ,
"category" : "Other" ,
"uuid" : "35fdd5fa-da9b-47d4-9173-8bf7d37146d4"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "5120" ,
"category" : "Other" ,
"uuid" : "b14dfab0-e748-473d-8139-6709571fdd82"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--d032374b-36e3-4c4b-895b-c3a776cb60c4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:55.000Z" ,
"modified" : "2019-04-10T19:40:55.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "359af12d4a14ced423d39736dfec613a" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "41865ad4-aa5e-4136-ba7c-75121c62071c"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "3.878158" ,
"category" : "Other" ,
"uuid" : "adb4a29e-b7ed-4423-a7fd-997974098aad"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".pdata" ,
"category" : "Other" ,
"uuid" : "4758b794-15c2-4581-826c-123da5633274"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "2560" ,
"category" : "Other" ,
"uuid" : "90ac40d2-8e52-4fd9-8365-b59b6dd23e6a"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--9c760cfe-2e23-4e32-b35b-d7097fd4c799" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:55.000Z" ,
"modified" : "2019-04-10T19:40:55.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "097e0e4be076b795a7316f1746bace8a" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "82e679ce-0fc0-4e34-aef5-6d3d57faecd5"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "5.514584" ,
"category" : "Other" ,
"uuid" : "e0bee652-9e86-4116-bbc1-ba2397c1b2cc"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".rsrc" ,
"category" : "Other" ,
"uuid" : "fcfd25bb-b089-4178-818f-4d310fb1d282"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "3072" ,
"category" : "Other" ,
"uuid" : "5370431c-1840-481c-b92a-d10424739227"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--34135ff1-138a-4297-afe6-6e17271fbeec" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:56.000Z" ,
"modified" : "2019-04-10T19:40:56.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "5849f380266933d6f3c5c4740334b041" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "3b692804-a934-4dd7-9b14-3942beb53f23"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "2.517963" ,
"category" : "Other" ,
"uuid" : "8360ac22-47cf-4aa7-b1cb-900c73d04360"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".reloc" ,
"category" : "Other" ,
"uuid" : "10335091-e394-4085-a76a-fe8f960b2f5d"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "1024" ,
"category" : "Other" ,
"uuid" : "2188d52b-4fa7-4da7-8c82-68f51b9506ec"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--1435e56d-5f38-40c6-a7c7-d85df67a37ea" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:56.000Z" ,
"modified" : "2019-04-10T19:40:56.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "2.524087" ,
"category" : "Other" ,
"uuid" : "92189470-ebf6-48eb-b9e1-017745671592"
} ,
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "3bb2a7d6aab283c82ab853f536157ce2" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "668ce866-63af-4400-8034-46a423aacdc0"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "1024" ,
"category" : "Other" ,
"uuid" : "eaab7e4e-bf2e-4444-843e-e30d6a32dff0"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--b29bf9b8-09d1-41ec-8cf6-1556913a36b7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:56.000Z" ,
"modified" : "2019-04-10T19:40:56.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "b0bf8ec7b067fd3592c0053702e34504" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "cfa05f87-32cb-4909-bbc4-d75395fb29f6"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "6.180871" ,
"category" : "Other" ,
"uuid" : "2fa44e3b-b752-4a79-b504-ed631a606d80"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".text" ,
"category" : "Other" ,
"uuid" : "48a309fb-c98c-4cdc-b0dd-c0232816918d"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "23552" ,
"category" : "Other" ,
"uuid" : "39d0c30a-cdc5-4d17-81f4-3db9a0103744"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--409a8ca2-3740-4465-be76-e1ebed4570e6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:56.000Z" ,
"modified" : "2019-04-10T19:40:56.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "6cc98c5fef3ea1b782262e355b5c5862" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "c7b0a953-b4d4-414b-a877-fbe638908f7e"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "4.635336" ,
"category" : "Other" ,
"uuid" : "0348e323-2dbb-4624-aa70-578dbb3f8406"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".rdata" ,
"category" : "Other" ,
"uuid" : "d26ecbd6-9a8f-4e1c-a5de-2854df69de70"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "10752" ,
"category" : "Other" ,
"uuid" : "efe9abd5-8b25-46ce-a86e-9896ee4d00f4"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--855ac261-1c2a-412b-8320-1aa8d22f8c33" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:56.000Z" ,
"modified" : "2019-04-10T19:40:56.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "484d4698d46b3b5ad033c1a80ba83acf" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "6e59c926-ab16-40b1-adb0-afe8910a3f8a"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "2.145716" ,
"category" : "Other" ,
"uuid" : "30d54d2a-b152-44b1-839e-d14bd9c417d1"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".data" ,
"category" : "Other" ,
"uuid" : "cca4242d-3ffb-43a8-aa9f-a2249f5d83e0"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "4096" ,
"category" : "Other" ,
"uuid" : "5048f385-c6b7-41a5-9b37-237f095ea990"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--5760f7f9-6817-48fb-be8f-112dbd443f0a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:56.000Z" ,
"modified" : "2019-04-10T19:40:56.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "a07c8f17c18c6789a3e757aec183aea6" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "03b83675-3bf2-46c5-b2e8-763f307a218f"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "3.729952" ,
"category" : "Other" ,
"uuid" : "f56959d1-7bc3-4f78-a720-d1d8db5b5658"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".pdata" ,
"category" : "Other" ,
"uuid" : "617de1d1-ee07-442b-adf7-48cddada1c7c"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "2048" ,
"category" : "Other" ,
"uuid" : "2baf96ce-c355-49ba-8f27-27a371939dcd"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--081fda7a-462f-411a-b541-1c85411baee2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:56.000Z" ,
"modified" : "2019-04-10T19:40:56.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "fae0d0885944745d98849422bd799457" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "963374ec-28f8-41a7-8ef1-c95b11ca1871"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "7.997488" ,
"category" : "Other" ,
"uuid" : "45171fb5-f9e2-401e-ae58-28133036e763"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".rsrc" ,
"category" : "Other" ,
"uuid" : "d4df59cd-c664-4518-a52e-791db071d717"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "348672" ,
"category" : "Other" ,
"uuid" : "edaf8327-0cc0-409d-9da9-f64e17a9fb8b"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--2c3e7740-a7bc-46d7-bed6-5da54b4327f0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:56.000Z" ,
"modified" : "2019-04-10T19:40:56.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "0c1c23e1fb129b1b1966f70fc75cf20e" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "79a36606-0756-4edd-931d-e722b7abb09f"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "1.737829" ,
"category" : "Other" ,
"uuid" : "bd534413-3c43-4ded-b48b-8d4e8b1364bc"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".reloc" ,
"category" : "Other" ,
"uuid" : "fef32f0d-fc22-497c-aad3-e38597529c54"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "1536" ,
"category" : "Other" ,
"uuid" : "08d78bd6-8f79-4146-9011-77bb8367ad70"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--8e875ae8-911f-4dcd-b7bb-8a9072d3644e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:58.000Z" ,
"modified" : "2019-04-10T19:40:58.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "2.628651" ,
"category" : "Other" ,
"uuid" : "2ecc3fc2-c6cf-4b52-9363-9c39b33928ff"
} ,
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "40d66d1a2f846d7c3bf291c604c9fca3" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "563ab654-eb9d-4c19-94ea-b0b7f774ebcb"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "1024" ,
"category" : "Other" ,
"uuid" : "8ac6a441-1e36-4d9a-894e-3cf3f5332c97"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--f4844fcb-3d68-4d09-8bbb-7619a0942846" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:58.000Z" ,
"modified" : "2019-04-10T19:40:58.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "d061ffec6721133c433386c96520bc55" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "a4ab07b8-96f9-4084-97f2-9b7345af7ef5"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "5.999734" ,
"category" : "Other" ,
"uuid" : "93b3e0f4-a3d4-4020-8575-a13ab52c5119"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".text" ,
"category" : "Other" ,
"uuid" : "0a7b1c24-9d95-4f16-aacd-418ef62ed999"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "284160" ,
"category" : "Other" ,
"uuid" : "fcadb683-a76d-4312-a5e1-6dc74687ddea"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--8da40bf6-a137-4af6-b7d2-4a6fec51aecd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:58.000Z" ,
"modified" : "2019-04-10T19:40:58.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "cbbc6550dcbdcaf012bdbf758a377779" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "e1d6425e-ea48-4ae1-a60a-1f2cfe667de7"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "5.789426" ,
"category" : "Other" ,
"uuid" : "844ade24-22b9-4573-a4f7-762db4dafa74"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".rdata" ,
"category" : "Other" ,
"uuid" : "895270ad-3f06-4b36-a994-d1c35f4ac2f2"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "38912" ,
"category" : "Other" ,
"uuid" : "0af1ce03-ad1c-4fbd-ab39-178c0fe622fa"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--6f0934e5-279f-4bd3-93e1-b881f5c59504" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:59.000Z" ,
"modified" : "2019-04-10T19:40:59.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "c83bcaab05056d5b84fc609f41eed210" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "07c0c5d4-576b-4e71-8de4-1b8ac6de8207"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "3.105496" ,
"category" : "Other" ,
"uuid" : "69a184b6-4076-4fff-a3ff-5d1b902c2f23"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".data" ,
"category" : "Other" ,
"uuid" : "3fe5fa7d-004c-4a10-be99-64cd94fbbb52"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "7680" ,
"category" : "Other" ,
"uuid" : "0b76128c-6581-41a8-9735-400bfcf05401"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--11f10ac7-5b61-4363-bd6a-59ac0b8fcc9e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:59.000Z" ,
"modified" : "2019-04-10T19:40:59.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "b9fc36206883aa1902566b5d01c27473" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "07a02acc-d3c4-4306-a3fa-8e36d31996f4"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "5.319307" ,
"category" : "Other" ,
"uuid" : "a09e668c-24aa-440f-ae05-685d59ecfb43"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".pdata" ,
"category" : "Other" ,
"uuid" : "10921a52-79ef-4432-87e6-f33b55588ff8"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "8704" ,
"category" : "Other" ,
"uuid" : "3fd44ca1-7d53-446b-b261-df018a620fb0"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--1b766990-d382-462f-a49c-1f5c53715ed4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:59.000Z" ,
"modified" : "2019-04-10T19:40:59.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "1c1d46056b4cb4627a5f92112b7e09f7" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "93a4f8d0-362b-4044-98cc-688f8601efd4"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "5.608168" ,
"category" : "Other" ,
"uuid" : "ad08798d-2954-4bb0-95bc-72d35355bcbe"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".rsrc" ,
"category" : "Other" ,
"uuid" : "bd3d6eeb-cc89-4470-adcf-10adcf41ce62"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "4096" ,
"category" : "Other" ,
"uuid" : "a4033d18-8a40-488e-86fd-b1bb3374ef7c"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--eb73eb8b-04c4-4e27-b803-b60d56347fec" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:59.000Z" ,
"modified" : "2019-04-10T19:40:59.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "3baedaa3d6b6d6dc9fb0ec4f5c3b007c" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "aca886e2-51f8-4835-9211-f22190c5b67c"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "2.331154" ,
"category" : "Other" ,
"uuid" : "958a5c3d-aa8d-4777-b150-2baffe03db3b"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".reloc" ,
"category" : "Other" ,
"uuid" : "59065f07-43bc-439b-93f0-979fb6753c5b"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "2048" ,
"category" : "Other" ,
"uuid" : "6edf96a2-b96d-4757-9f8c-ece9fd724147"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--0145ba7f-231a-4fd8-aba1-438b70fae9fa" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:59.000Z" ,
"modified" : "2019-04-10T19:40:59.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "2.790421" ,
"category" : "Other" ,
"uuid" : "db437369-40d5-4e00-b6ed-1b9982d76ca8"
} ,
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "83ec15e3cf335f784144db4208b328c9" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "65391001-38d1-49da-a085-fe8d94fac44c"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "1024" ,
"category" : "Other" ,
"uuid" : "94fb4869-9255-4e12-b8ae-73b14e8c0bdf"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--f20d5f20-e19c-49e3-a2e0-d47a0e0b499e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:59.000Z" ,
"modified" : "2019-04-10T19:40:59.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "036c57e89ea3a6afa819c242c5816b70" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "85966b57-2605-4b90-8185-1f067b403afb"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "5.688491" ,
"category" : "Other" ,
"uuid" : "5048c911-a599-4242-8e80-643ed510c239"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".text" ,
"category" : "Other" ,
"uuid" : "e1e462b9-3697-4156-b7ff-92def9365b19"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "206848" ,
"category" : "Other" ,
"uuid" : "0146e69e-8919-4bd2-9673-5a00b9eed22e"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--542776ab-dc9a-49f5-8504-4201f4eb85f7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:40:59.000Z" ,
"modified" : "2019-04-10T19:40:59.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "4812d2f39e9a8ae569370d423ba31344" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "5e1aa619-0ba2-46bc-9477-fa14a9b12a8e"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "6.000116" ,
"category" : "Other" ,
"uuid" : "0068ee23-e6cb-455c-ac4e-fc2a134bdbc4"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".rdata" ,
"category" : "Other" ,
"uuid" : "1eb93258-18d5-49bc-87d8-49083789e777"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "26112" ,
"category" : "Other" ,
"uuid" : "8f7dfe97-825a-48b1-82db-7f24295e739b"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--001f3b62-1dc5-46b7-a5d1-0d172470284f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:41:00.000Z" ,
"modified" : "2019-04-10T19:41:00.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "cb41e8f63b7c22c401a0634cb4fe1909" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "1a677867-4ba8-4281-a03b-6e4d45e2285e"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "4.748331" ,
"category" : "Other" ,
"uuid" : "30879ef1-7c9a-460e-8ad8-b6c0644c831b"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".data" ,
"category" : "Other" ,
"uuid" : "2d888451-fc78-444a-a4cc-24e8b0a28d44"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "2048" ,
"category" : "Other" ,
"uuid" : "86c1f0d6-d21b-4d7f-b657-fd1754ebcf48"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--b144f1bb-4a25-4b2f-9e73-640f10889fec" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:41:00.000Z" ,
"modified" : "2019-04-10T19:41:00.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "3cc7651747904bfe94ed18f44354a706" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "554acd1f-4c9c-4c1d-99af-58b7493522d9"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "4.962073" ,
"category" : "Other" ,
"uuid" : "485f0bf4-7faf-4d96-b4ee-d871ef6c3f62"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".pdata" ,
"category" : "Other" ,
"uuid" : "120e916d-363b-4ffe-851d-ee9818ded5e1"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "5120" ,
"category" : "Other" ,
"uuid" : "33b99c6d-6c65-4304-b196-797a6db2e55f"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--06738787-de97-4d46-b799-b0492c57d3e5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:41:00.000Z" ,
"modified" : "2019-04-10T19:41:00.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "9e92c54604ea67e76210c3c914e9608c" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "1c3aec0a-33b8-47a0-a9a5-5dc05b30c9fb"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "5.606351" ,
"category" : "Other" ,
"uuid" : "a2cf0031-d02f-4fa8-b812-7998b837a54f"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".rsrc" ,
"category" : "Other" ,
"uuid" : "a9255c91-81cc-4d09-8a49-5f6e45a73929"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "4096" ,
"category" : "Other" ,
"uuid" : "a3f1fa7f-70b9-45f4-8426-c15950f11c34"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--6cd4ce4a-6876-4fc6-a865-3a078c3f63e8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:41:00.000Z" ,
"modified" : "2019-04-10T19:41:00.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "71dcfb1ec7257ee58dcc20cafb0be691" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "88fadd04-362b-4da3-945c-46123d71b107"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "0.673424" ,
"category" : "Other" ,
"uuid" : "32113860-4289-480d-86df-f54d932dc94d"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".reloc" ,
"category" : "Other" ,
"uuid" : "20ce954c-9c3a-4f34-8beb-17efb4536d2e"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "512" ,
"category" : "Other" ,
"uuid" : "dd0b1837-0a06-4993-9788-d3ed36dd6202"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--ac51556a-91c0-4267-9e61-de0a0dbabf05" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:41:00.000Z" ,
"modified" : "2019-04-10T19:41:00.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "0.586304" ,
"category" : "Other" ,
"uuid" : "879e9228-23e9-4d97-8009-e046b91b7aeb"
} ,
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "84f39a6860555231d60a55c72d07bc5e" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "59e51ead-2783-4216-b44e-90e11857d672"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "4096" ,
"category" : "Other" ,
"uuid" : "ea1ff8d3-922c-4b4a-a44e-7714d6076a12"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--ea7cc58d-1fe6-4a0b-8070-4fe5b38cb690" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:41:00.000Z" ,
"modified" : "2019-04-10T19:41:00.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "649c24790b60bda1cf2a85516bfc7fa0" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "6cc732da-7efb-4ebb-9633-3822c5e4a0ff"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "5.98329" ,
"category" : "Other" ,
"uuid" : "f00c1d4a-87b9-4472-b6b8-29f642a56a18"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".text" ,
"category" : "Other" ,
"uuid" : "70fe749e-dffd-4d2e-b5a2-9814b70979eb"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "24576" ,
"category" : "Other" ,
"uuid" : "545f156d-000a-4918-a06f-e47c76fe7371"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--c57a6cf7-e544-4364-adba-a72ea3e6573f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:41:00.000Z" ,
"modified" : "2019-04-10T19:41:00.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "fbd6ca444ef8c0667aed75820cc99dce" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "3608a534-9bc9-4ba9-a43f-c61d21088d0d"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "3.520964" ,
"category" : "Other" ,
"uuid" : "90bf5690-047d-40fe-ad8b-5c5f1bc77dc1"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".rdata" ,
"category" : "Other" ,
"uuid" : "38646942-7e2b-49b9-88d7-5e04432cf143"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "4096" ,
"category" : "Other" ,
"uuid" : "b9d05716-e01d-40e6-bb96-4f0dfae88e2b"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--1746f20a-4522-4af5-b779-165a2b829958" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:41:01.000Z" ,
"modified" : "2019-04-10T19:41:01.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "0ecb4bcb0a1ef1bf8ea4157fabdd7357" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "24142516-e506-44b7-a682-b34babb0c972"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "3.988157" ,
"category" : "Other" ,
"uuid" : "b443d7d9-2096-43c3-b1b4-c812fbf7193e"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".data" ,
"category" : "Other" ,
"uuid" : "4baa5798-34b6-4f6a-aa94-3e3b596a2f3b"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "4096" ,
"category" : "Other" ,
"uuid" : "6ff4b78b-140f-4592-9ee3-aa1c2f1f5d03"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--9500fb1e-bb08-45d5-a3eb-3b82f649c624" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:41:01.000Z" ,
"modified" : "2019-04-10T19:41:01.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "0.709908" ,
"category" : "Other" ,
"uuid" : "c6cfb719-d72b-4ad4-9a65-3a0ff972a444"
} ,
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "d37b95aa17fa132415b37ec777f439ff" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "9ad2ded7-a7a2-494b-8aed-219afe98ca52"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "4096" ,
"category" : "Other" ,
"uuid" : "ae4061f1-85ca-455e-a60b-71f835ade07c"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--0f41e5c5-7f40-44a1-885b-7f9597eb99f9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:41:01.000Z" ,
"modified" : "2019-04-10T19:41:01.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "badbc93c35554aec904ab0c34f05fbe0" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "37b2712d-92e1-4c80-a022-276c885a225f"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "6.295472" ,
"category" : "Other" ,
"uuid" : "7079daf0-c047-40ea-a6be-b187d0309922"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".text" ,
"category" : "Other" ,
"uuid" : "b93f8d55-2f20-4533-bd95-8adca4c452e6"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "180224" ,
"category" : "Other" ,
"uuid" : "be0569ad-b5e9-481f-85bd-d4ff38268bf2"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--2c0897ef-be21-4b08-a096-899c8545c0a6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:41:01.000Z" ,
"modified" : "2019-04-10T19:41:01.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "64f7a9cafdad34003aba4547bba0e25b" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "1aabb47b-2cfb-4fa6-9795-44bf2e0822b1"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "6.372911" ,
"category" : "Other" ,
"uuid" : "b639555c-1b57-4035-9579-1a73c3b3a53c"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".rdata" ,
"category" : "Other" ,
"uuid" : "a88e067c-fccc-4459-a3e3-09575de7d068"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "16384" ,
"category" : "Other" ,
"uuid" : "add355d4-1e45-486e-ac73-b46318451e43"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--6fa43c7f-c294-43cf-8b40-d00655aaa96e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:41:01.000Z" ,
"modified" : "2019-04-10T19:41:01.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "c792eb0c57577f4f3649775cbf32b253" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "06af0417-7d0a-4485-9377-1a3c1fd33790"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "3.996008" ,
"category" : "Other" ,
"uuid" : "cdbb482d-f5c6-4212-96fe-3c2d12ef61de"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".data" ,
"category" : "Other" ,
"uuid" : "c7e1a6b2-a4c5-4f90-a690-6732494c6f7e"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "12288" ,
"category" : "Other" ,
"uuid" : "326b7108-c787-4182-9b80-2c64576d2fb5"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--ce21b7c4-404c-4a76-96c8-e50ba9773a30" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-04-10T19:41:01.000Z" ,
"modified" : "2019-04-10T19:41:01.000Z" ,
"labels" : [
"misp:name=\"pe-section\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "md5" ,
"object_relation" : "md5" ,
"value" : "8791f715ae89ffe2c7d832c1be821edc" ,
"category" : "Payload delivery" ,
"to_ids" : true ,
"uuid" : "f661d161-f743-4ce2-91c6-9bad164daf22"
} ,
{
"type" : "float" ,
"object_relation" : "entropy" ,
"value" : "5.154376" ,
"category" : "Other" ,
"uuid" : "74fc1c8e-65fb-49f5-ad8f-190e6cdeda2d"
} ,
{
"type" : "text" ,
"object_relation" : "name" ,
"value" : ".reloc" ,
"category" : "Other" ,
"uuid" : "09bb0227-98c7-4da1-9c08-047314d51f89"
} ,
{
"type" : "size-in-bytes" ,
"object_relation" : "size-in-bytes" ,
"value" : "8192" ,
"category" : "Other" ,
"uuid" : "a3f93751-1090-4b2f-ad63-9bc7b55932e5"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "pe-section"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--9a52e28b-3f14-42cc-89f0-b271211e944d" ,
"created" : "2019-04-12T09:38:20.000Z" ,
"modified" : "2019-04-12T09:38:20.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--22effacf-e4e2-4e50-b638-8246fd0e093e" ,
"target_ref" : "x-misp-object--b2d62cb5-8052-47f2-997e-dd4238004f97"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--c7b1afcf-3e5f-4c34-a178-335e05fe9ba8" ,
"created" : "2019-04-10T19:41:03.000Z" ,
"modified" : "2019-04-10T19:41:03.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9" ,
"target_ref" : "observed-data--9b5d58a8-fedd-424b-9e95-1fa9dee6113b"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--cf80a419-fff9-488b-bc47-acad7992107a" ,
"created" : "2019-04-10T19:41:03.000Z" ,
"modified" : "2019-04-10T19:41:03.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9" ,
"target_ref" : "observed-data--5e64eddb-9dc7-4976-9c08-4884f931c92e"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--371883ac-ffa1-480c-b5f1-ce899bc2c3d5" ,
"created" : "2019-04-10T19:41:03.000Z" ,
"modified" : "2019-04-10T19:41:03.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "related-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9" ,
"target_ref" : "observed-data--e773193c-a490-442a-a41f-63e402cf3865"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--58006fe6-a21e-45e2-8da6-fbb737bb754a" ,
"created" : "2019-04-10T19:41:04.000Z" ,
"modified" : "2019-04-10T19:41:04.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "related-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9" ,
"target_ref" : "observed-data--bc976e66-b5d6-464d-9adc-0d53da3ec01a"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--0261cba6-d9ad-4853-bf55-723982b2e9bc" ,
"created" : "2019-04-10T19:41:04.000Z" ,
"modified" : "2019-04-10T19:41:04.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "related-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9" ,
"target_ref" : "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--2b562d6a-9bb8-4eb4-9b82-10ed52052ddf" ,
"created" : "2019-04-10T19:41:04.000Z" ,
"modified" : "2019-04-10T19:41:04.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "dropped" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9" ,
"target_ref" : "observed-data--03272933-d90e-4e38-87fa-5490bd1c37d8"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--2258aadd-d13c-4537-a0f5-114f3e0accf7" ,
"created" : "2019-04-12T09:38:20.000Z" ,
"modified" : "2019-04-12T09:38:20.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9" ,
"target_ref" : "x-misp-object--603e0902-44f7-4457-9d0e-6246e8fce379"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--ecd1cea5-351c-4061-82dc-f63dde3e3ca0" ,
"created" : "2019-04-10T19:41:04.000Z" ,
"modified" : "2019-04-10T19:41:04.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "dropped-by" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca" ,
"target_ref" : "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--568696e6-7817-464c-8ebc-bdec08328f50" ,
"created" : "2019-04-10T19:41:04.000Z" ,
"modified" : "2019-04-10T19:41:04.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "related-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca" ,
"target_ref" : "observed-data--ebf0b816-7fdf-425a-8298-134f91e7cdf2"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--76338b96-a904-45ef-958c-2cfdc2a150f4" ,
"created" : "2019-04-10T19:41:04.000Z" ,
"modified" : "2019-04-10T19:41:04.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "related-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca" ,
"target_ref" : "observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--36ac4d10-7758-4d1c-9025-deaf17b49b65" ,
"created" : "2019-04-10T19:41:04.000Z" ,
"modified" : "2019-04-10T19:41:04.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "related-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca" ,
"target_ref" : "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--ea7222d1-9547-40f3-8553-5409fa3d152a" ,
"created" : "2019-04-10T19:41:04.000Z" ,
"modified" : "2019-04-10T19:41:04.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "related-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca" ,
"target_ref" : "observed-data--6c10ee1b-a1c9-414d-92cc-8574decc8af4"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--1a3c3027-0685-4717-9368-c60f285b4130" ,
"created" : "2019-04-12T09:38:20.000Z" ,
"modified" : "2019-04-12T09:38:20.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca" ,
"target_ref" : "x-misp-object--c8b6f1f2-e727-4120-8d78-62dabe459c41"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--413d6a76-7a99-4495-a713-e47c925cee2a" ,
"created" : "2019-04-12T09:38:20.000Z" ,
"modified" : "2019-04-12T09:38:20.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--e245ed73-c585-4e0b-9190-38647d7f215d" ,
"target_ref" : "x-misp-object--42d5dff2-e1f0-428f-a415-b83a757b7768"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--972b842a-dcf2-4c7d-a976-d8bf77e59cdc" ,
"created" : "2019-04-10T19:41:05.000Z" ,
"modified" : "2019-04-10T19:41:05.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--ebf0b816-7fdf-425a-8298-134f91e7cdf2" ,
"target_ref" : "observed-data--9b5d58a8-fedd-424b-9e95-1fa9dee6113b"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--5d5174d4-a068-4a9c-a7b1-ce3b3099fba6" ,
"created" : "2019-04-10T19:41:05.000Z" ,
"modified" : "2019-04-10T19:41:05.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--ebf0b816-7fdf-425a-8298-134f91e7cdf2" ,
"target_ref" : "observed-data--5e64eddb-9dc7-4976-9c08-4884f931c92e"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--9c32622a-a1d2-4168-9b2f-46032d6914d4" ,
"created" : "2019-04-10T19:41:05.000Z" ,
"modified" : "2019-04-10T19:41:05.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--ebf0b816-7fdf-425a-8298-134f91e7cdf2" ,
"target_ref" : "observed-data--e773193c-a490-442a-a41f-63e402cf3865"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--52c4a17b-f954-47bf-b6da-c91006a0ec38" ,
"created" : "2019-04-10T19:41:05.000Z" ,
"modified" : "2019-04-10T19:41:05.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--ebf0b816-7fdf-425a-8298-134f91e7cdf2" ,
"target_ref" : "observed-data--bc976e66-b5d6-464d-9adc-0d53da3ec01a"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--217c28d4-c99f-44fa-9a50-53c13c15b4cd" ,
"created" : "2019-04-10T19:41:05.000Z" ,
"modified" : "2019-04-10T19:41:05.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "related-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--ebf0b816-7fdf-425a-8298-134f91e7cdf2" ,
"target_ref" : "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--6b121804-2c7c-4e7e-aba2-6dd29f00a5cc" ,
"created" : "2019-04-10T19:41:05.000Z" ,
"modified" : "2019-04-10T19:41:05.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--ebf0b816-7fdf-425a-8298-134f91e7cdf2" ,
"target_ref" : "observed-data--930261a1-dfbe-4f99-957b-27f14a50a397"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--2c09c805-a6a4-4a64-82d2-3eb76c3f554b" ,
"created" : "2019-04-12T09:38:20.000Z" ,
"modified" : "2019-04-12T09:38:20.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--ebf0b816-7fdf-425a-8298-134f91e7cdf2" ,
"target_ref" : "x-misp-object--a314859d-026b-4b02-bcf5-09d7e3c08026"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--2793a572-85a9-46fa-ae7d-5bdafd46a64b" ,
"created" : "2019-04-10T19:41:05.000Z" ,
"modified" : "2019-04-10T19:41:05.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "related-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--6c10ee1b-a1c9-414d-92cc-8574decc8af4" ,
"target_ref" : "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--b3c76f09-220d-4d55-a5af-b4aeac28edcb" ,
"created" : "2019-04-10T19:41:05.000Z" ,
"modified" : "2019-04-10T19:41:05.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "dropped" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--6c10ee1b-a1c9-414d-92cc-8574decc8af4" ,
"target_ref" : "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--469629a0-e452-44d4-bcc1-983eda72fc69" ,
"created" : "2019-04-12T09:38:21.000Z" ,
"modified" : "2019-04-12T09:38:21.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--6c10ee1b-a1c9-414d-92cc-8574decc8af4" ,
"target_ref" : "x-misp-object--e25a593a-6702-4694-90f3-f0858a21b5e1"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--1d0dbb3c-4cb7-4ef2-9343-6ad5fc29b7f8" ,
"created" : "2019-04-10T19:41:06.000Z" ,
"modified" : "2019-04-10T19:41:06.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "dropped-by" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90" ,
"target_ref" : "observed-data--6c10ee1b-a1c9-414d-92cc-8574decc8af4"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--b52557f0-bac6-4a2f-9ade-96d3d0426b73" ,
"created" : "2019-04-10T19:41:06.000Z" ,
"modified" : "2019-04-10T19:41:06.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90" ,
"target_ref" : "observed-data--dfa5812c-f91e-42b8-811d-718121a46fd9"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--bfb36205-c6cf-4c44-8901-af3450ecc9f5" ,
"created" : "2019-04-10T19:41:06.000Z" ,
"modified" : "2019-04-10T19:41:06.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90" ,
"target_ref" : "observed-data--3d25e903-29f5-4b88-bf80-bd6bd8a9616b"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--8f031914-9e0b-4a17-bf63-d4e446fa52e6" ,
"created" : "2019-04-10T19:41:06.000Z" ,
"modified" : "2019-04-10T19:41:06.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90" ,
"target_ref" : "observed-data--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--12608760-b656-4edb-bc9e-beb4582a296d" ,
"created" : "2019-04-10T19:41:06.000Z" ,
"modified" : "2019-04-10T19:41:06.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90" ,
"target_ref" : "observed-data--aa8e532e-3b80-47e4-bb04-22d666a10bd7"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--fb97bc7b-6508-4bc3-b790-db5948a4210c" ,
"created" : "2019-04-10T19:41:06.000Z" ,
"modified" : "2019-04-10T19:41:06.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90" ,
"target_ref" : "observed-data--0031ec2d-46ed-4835-93ef-e6b868a26e40"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--3b3a0ee4-331d-4086-b0a2-7d4974076fbe" ,
"created" : "2019-04-10T19:41:06.000Z" ,
"modified" : "2019-04-10T19:41:06.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90" ,
"target_ref" : "observed-data--378c38f0-377c-4626-949c-5eaa0a6367ae"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--3c5f958c-5946-4988-872e-74bfa9ac2d43" ,
"created" : "2019-04-10T19:41:06.000Z" ,
"modified" : "2019-04-10T19:41:06.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90" ,
"target_ref" : "observed-data--206ae99c-1cda-41e0-a81f-8e0e8c433156"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--4fb6a247-56b0-4245-993e-737b19e8dc0b" ,
"created" : "2019-04-10T19:41:06.000Z" ,
"modified" : "2019-04-10T19:41:06.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90" ,
"target_ref" : "observed-data--d959b41a-72bb-478a-b453-5dfac6fe0dc1"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--bc27aa01-b6d5-468a-bddb-6e39b208e792" ,
"created" : "2019-04-10T19:41:06.000Z" ,
"modified" : "2019-04-10T19:41:06.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90" ,
"target_ref" : "observed-data--a7455d44-d858-472a-96ee-edea677be659"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--74d7bb43-2589-426f-9bd8-8f582939a03f" ,
"created" : "2019-04-10T19:41:07.000Z" ,
"modified" : "2019-04-10T19:41:07.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90" ,
"target_ref" : "observed-data--4fb3c39a-2c59-46d9-be12-028f54e577c9"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--58a1cfa0-ae6e-4d10-b6ed-1573e7beb3bb" ,
"created" : "2019-04-12T09:38:21.000Z" ,
"modified" : "2019-04-12T09:38:21.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--02f5bf02-c1ac-4142-be6b-978554a19a90" ,
"target_ref" : "x-misp-object--1c222ada-8f9b-4a30-9cb1-fc81cd47dee8"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--8a6fca34-9ca7-42eb-affc-38fb4a59439c" ,
"created" : "2019-04-10T19:41:07.000Z" ,
"modified" : "2019-04-10T19:41:07.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2" ,
"target_ref" : "observed-data--dfa5812c-f91e-42b8-811d-718121a46fd9"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--ea7b0ffc-51b3-4ba2-8a96-27b5d54c2884" ,
"created" : "2019-04-10T19:41:07.000Z" ,
"modified" : "2019-04-10T19:41:07.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2" ,
"target_ref" : "observed-data--3d25e903-29f5-4b88-bf80-bd6bd8a9616b"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--7a74b52e-b531-45c7-986f-6ccf9680e3df" ,
"created" : "2019-04-10T19:41:08.000Z" ,
"modified" : "2019-04-10T19:41:08.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2" ,
"target_ref" : "observed-data--93e7d27b-c857-4785-9eb2-3f1a21ab3ac3"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--e468dccb-7391-4c8a-8621-c340ea31a412" ,
"created" : "2019-04-10T19:41:08.000Z" ,
"modified" : "2019-04-10T19:41:08.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2" ,
"target_ref" : "observed-data--aa8e532e-3b80-47e4-bb04-22d666a10bd7"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--c99a7b6b-168b-4386-8d53-15fb6e17b589" ,
"created" : "2019-04-10T19:41:08.000Z" ,
"modified" : "2019-04-10T19:41:08.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2" ,
"target_ref" : "observed-data--0031ec2d-46ed-4835-93ef-e6b868a26e40"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--a8c06cd0-a6c1-4263-9b90-53e608694fbb" ,
"created" : "2019-04-10T19:41:08.000Z" ,
"modified" : "2019-04-10T19:41:08.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2" ,
"target_ref" : "observed-data--378c38f0-377c-4626-949c-5eaa0a6367ae"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--b4569476-6c05-4a36-b9a1-e0866f66f990" ,
"created" : "2019-04-10T19:41:08.000Z" ,
"modified" : "2019-04-10T19:41:08.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2" ,
"target_ref" : "observed-data--206ae99c-1cda-41e0-a81f-8e0e8c433156"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--fbba3758-9e76-49dc-9f22-b91e51ab0fef" ,
"created" : "2019-04-10T19:41:08.000Z" ,
"modified" : "2019-04-10T19:41:08.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2" ,
"target_ref" : "observed-data--d959b41a-72bb-478a-b453-5dfac6fe0dc1"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--4a1c404f-3534-4000-af73-d59ecd8e3562" ,
"created" : "2019-04-10T19:41:08.000Z" ,
"modified" : "2019-04-10T19:41:08.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2" ,
"target_ref" : "observed-data--a7455d44-d858-472a-96ee-edea677be659"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--14cdc4a8-8c1e-4f3a-8af3-aaeceeb35eb0" ,
"created" : "2019-04-10T19:41:08.000Z" ,
"modified" : "2019-04-10T19:41:08.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2" ,
"target_ref" : "observed-data--4fb3c39a-2c59-46d9-be12-028f54e577c9"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--f4128454-44ad-43f1-aa02-c7230ce86fea" ,
"created" : "2019-04-12T09:38:21.000Z" ,
"modified" : "2019-04-12T09:38:21.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--d090d7bd-5ff5-4f00-be49-c6d7436144d2" ,
"target_ref" : "x-misp-object--c6acfd6b-0a6a-40cc-8f76-c2fdf02f41d9"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--3cf83f5c-89ec-4f61-9858-61af749204c8" ,
"created" : "2019-04-10T19:41:09.000Z" ,
"modified" : "2019-04-10T19:41:09.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--454b39cf-332b-4236-8015-6d343c883f40" ,
"target_ref" : "observed-data--5e64eddb-9dc7-4976-9c08-4884f931c92e"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--7c140490-1f70-4c80-b5c9-a9d0777e652f" ,
"created" : "2019-04-12T09:38:21.000Z" ,
"modified" : "2019-04-12T09:38:21.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--454b39cf-332b-4236-8015-6d343c883f40" ,
"target_ref" : "x-misp-object--ae92ce2a-cac9-4284-8ce9-641e2a6d948b"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--428e3902-581a-4f32-9c0e-e0dd60550e3d" ,
"created" : "2019-04-10T19:41:09.000Z" ,
"modified" : "2019-04-10T19:41:09.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "dropped" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c" ,
"target_ref" : "observed-data--dc846c76-af3d-4aab-ba62-ccc9a5582e5d"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--f35cbe24-8562-4d8b-9157-7f1534093e3c" ,
"created" : "2019-04-10T19:41:09.000Z" ,
"modified" : "2019-04-10T19:41:09.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "dropped" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c" ,
"target_ref" : "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--d50b3fbe-a86d-4e2e-a65d-09387ee2d730" ,
"created" : "2019-04-10T19:41:09.000Z" ,
"modified" : "2019-04-10T19:41:09.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "dropped" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c" ,
"target_ref" : "observed-data--03272933-d90e-4e38-87fa-5490bd1c37d8"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--1bc8333a-468c-4f93-9ab4-f9d925750a90" ,
"created" : "2019-04-10T19:41:09.000Z" ,
"modified" : "2019-04-10T19:41:09.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c" ,
"target_ref" : "observed-data--9b5d58a8-fedd-424b-9e95-1fa9dee6113b"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--c76425c4-b92c-41c9-a1f1-d2e307eb22ab" ,
"created" : "2019-04-10T19:41:09.000Z" ,
"modified" : "2019-04-10T19:41:09.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c" ,
"target_ref" : "observed-data--5e64eddb-9dc7-4976-9c08-4884f931c92e"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--4b390732-189b-4351-a7d3-8969eaef258a" ,
"created" : "2019-04-10T19:41:09.000Z" ,
"modified" : "2019-04-10T19:41:09.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c" ,
"target_ref" : "observed-data--e773193c-a490-442a-a41f-63e402cf3865"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--95ded383-121a-40ac-ba51-2e8737606b37" ,
"created" : "2019-04-10T19:41:09.000Z" ,
"modified" : "2019-04-10T19:41:09.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "connected-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c" ,
"target_ref" : "observed-data--bc976e66-b5d6-464d-9adc-0d53da3ec01a"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--f793ba67-ad62-4edf-bbba-c9bd3f0d1acd" ,
"created" : "2019-04-10T19:41:10.000Z" ,
"modified" : "2019-04-10T19:41:10.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "related-to" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c" ,
"target_ref" : "observed-data--f7d0f16d-6367-4770-ae6e-db03c68a82ca"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--785a4094-94df-4c37-b4b6-d81fe5fb70b5" ,
"created" : "2019-04-12T09:38:22.000Z" ,
"modified" : "2019-04-12T09:38:22.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c" ,
"target_ref" : "x-misp-object--292b76e3-83c8-4bb0-89c8-8105cf22899d"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--bc855dc7-a29e-4f2c-8806-8e5886cd9930" ,
"created" : "2019-04-10T19:41:10.000Z" ,
"modified" : "2019-04-10T19:41:10.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "dropped-by" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--dc846c76-af3d-4aab-ba62-ccc9a5582e5d" ,
"target_ref" : "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--dbd26615-300e-4044-8265-ead44e982ca7" ,
"created" : "2019-04-12T09:38:22.000Z" ,
"modified" : "2019-04-12T09:38:22.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--dc846c76-af3d-4aab-ba62-ccc9a5582e5d" ,
"target_ref" : "x-misp-object--2fc2e78c-c6e8-424c-9ad7-e166e7737e9c"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--e4c4564c-a97e-4333-96c1-fcf4297dde23" ,
"created" : "2019-04-10T19:41:10.000Z" ,
"modified" : "2019-04-10T19:41:10.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "dropped-by" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--03272933-d90e-4e38-87fa-5490bd1c37d8" ,
"target_ref" : "observed-data--ec166754-a5ff-4729-ac26-ac79ce02133c"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--b52dbec3-42b6-45b6-907a-dad41b880008" ,
"created" : "2019-04-10T19:41:10.000Z" ,
"modified" : "2019-04-10T19:41:10.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "dropped-by" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--03272933-d90e-4e38-87fa-5490bd1c37d8" ,
"target_ref" : "observed-data--dca04ffe-c8b2-4b22-ba30-6a1eecf47ec9"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--dce42961-f244-433e-9524-9afcc65c2c29" ,
"created" : "2019-04-12T09:38:22.000Z" ,
"modified" : "2019-04-12T09:38:22.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--03272933-d90e-4e38-87fa-5490bd1c37d8" ,
"target_ref" : "x-misp-object--1cba5ef3-2f91-4b11-855e-9480c7fb943d"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--a92844bc-2627-4646-9485-1aafe7f11498" ,
"created" : "2019-04-12T09:38:22.000Z" ,
"modified" : "2019-04-12T09:38:22.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "analysed-with" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "observed-data--ec5b0828-fc8e-4d29-9a2a-59806d987175" ,
"target_ref" : "x-misp-object--d0962325-2049-4b8a-9cc0-8597888ef490"
} ,
{
"type" : "marking-definition" ,
"spec_version" : "2.1" ,
"id" : "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ,
"created" : "2017-01-20T00:00:00.000Z" ,
"definition_type" : "tlp" ,
"name" : "TLP:WHITE" ,
"definition" : {
"tlp" : "white"
}
}
2023-04-21 13:25:09 +00:00
]
}