2023-04-21 13:25:09 +00:00
{
2023-06-14 17:31:25 +00:00
"type" : "bundle" ,
"id" : "bundle--e7ba6328-3c18-4578-a7c2-96a151170246" ,
"objects" : [
{
"type" : "identity" ,
"spec_version" : "2.1" ,
"id" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-24T07:46:10.000Z" ,
"modified" : "2022-08-24T07:46:10.000Z" ,
"name" : "CIRCL" ,
"identity_class" : "organization"
} ,
{
"type" : "report" ,
"spec_version" : "2.1" ,
"id" : "report--e7ba6328-3c18-4578-a7c2-96a151170246" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-24T07:46:10.000Z" ,
"modified" : "2022-08-24T07:46:10.000Z" ,
"name" : "OSINT - Reservations Requested: TA558 Targets Hospitality and Travel" ,
"published" : "2022-08-24T07:46:39Z" ,
"object_refs" : [
"indicator--4008c754-2dc9-43e1-9270-91d20eff4eed" ,
"indicator--b64ed2cf-929c-454b-b78f-4394e6224d02" ,
"indicator--c1cf733a-b313-4eaf-a6c8-7c6943cb0cb7" ,
"indicator--5f91f381-5018-4ece-8714-c5262aa45d34" ,
"indicator--dc1cb63b-e198-4a98-a538-0db4257acfd0" ,
"indicator--80a5abf2-985c-427f-9303-7a576c98f5b3" ,
"indicator--b8c2bfbf-d9fe-4b8e-8559-9db5fde85160" ,
"indicator--621b1550-a05b-46fb-a8ef-24f602d8b2b2" ,
"indicator--dd383eb5-4b43-4e56-883c-ab6a759b82ab" ,
"indicator--9120e461-179d-437a-9ad7-c20c3a893619" ,
"indicator--368fe61d-d39d-4dd9-b1a9-51214d7d68c2" ,
"indicator--100cdf20-c229-43e1-a55b-5074d5cb90aa" ,
"indicator--628b8bd9-ea2f-4c0c-810a-35269746dfc9" ,
"indicator--679581be-827b-4ddd-ba3b-0582bb9fdca1" ,
"indicator--c92bb92b-136d-42f7-baa9-04730fb29b3e" ,
"indicator--e229e6bb-fb66-4682-80fe-f6988858c55b" ,
"indicator--40a458f9-235c-4589-858e-401a7ff8e8f0" ,
"indicator--3f682801-330f-4561-91e6-406ba24048e0" ,
"indicator--d956761d-c690-4ba0-985e-f0681df99701" ,
"indicator--736ae39c-2800-45cd-b998-6b1a15fb5d57" ,
"indicator--e20ff3b6-870b-43d0-8ba4-42e7f3859178" ,
"indicator--23fee22b-8f6a-4d73-b101-9097a98c87e0" ,
"indicator--6342d829-3ce8-48c3-b100-c5600260b82d" ,
"indicator--129297ea-88a4-47cd-a071-39895efede47" ,
"indicator--b3ed619c-782e-47ce-8ca1-5dbefad1e733" ,
"indicator--7a6586bf-59bd-444f-81d8-26229926b154" ,
"indicator--ce4d7592-d674-4d07-b393-0fa36cedfc3a" ,
"indicator--60860d22-7a36-48ce-ba4a-613ecb58691a" ,
"indicator--c2d832d4-fa8e-41f4-8234-4081996997e5" ,
"indicator--51a5665b-fbef-4e5c-b5e7-6ffde7bf1045" ,
"indicator--136f1cf5-3bd3-48c9-9b05-7493129f9134" ,
"indicator--6ba96613-4864-4184-aa28-54f665d2c2c5" ,
"indicator--20256053-3a6d-401a-802c-540740505140" ,
"vulnerability--ca630b95-9955-4e4b-b461-cee4a9bd7d9a" ,
"vulnerability--00d589c3-2ab7-4587-8f08-77dd869ca869" ,
"x-misp-object--ba5cbf43-23db-4b15-84f9-f6ea0376e95d" ,
"x-misp-object--de7a3de5-9870-48e3-9d3d-8a02af97a3c8" ,
"indicator--9c9a982c-a37e-4e24-85f6-0bb85d0365cf" ,
"indicator--8809def6-57c4-40fb-b31c-db538af6bad6" ,
"indicator--20c2cfc4-4abe-42e5-ac49-5759447323a8" ,
"indicator--dfac55b4-672a-45b3-aaa6-0e60dbdbaf96" ,
"indicator--ccc9024a-2748-4e43-bba0-df53f0332f5e" ,
"indicator--46cbebab-5fb3-4286-beac-500e45976ff0" ,
"indicator--3c167f94-5bac-465c-9765-b48cab0fddf5" ,
"indicator--aba989e1-7952-4225-8f27-be5a626323db" ,
"relationship--9f081c46-7aa1-4fb3-b073-051c3f79a328" ,
"relationship--4d1d789c-5145-48a5-80fe-f39eebc517d4" ,
"relationship--146c7820-bf03-45bb-b5c3-45de23506a57" ,
"relationship--265d7f80-e3f3-4857-9a2a-66e243922865"
] ,
"labels" : [
"Threat-Report" ,
"misp:tool=\"MISP-STIX-Converter\"" ,
"type:OSINT" ,
"osint:lifetime=\"perpetual\"" ,
"osint:certainty=\"50\"" ,
"misp-galaxy:region=\"005 - South America\"" ,
"misp-galaxy:target-information=\"Mexico\"" ,
"misp-galaxy:threat-actor=\"TA558\""
] ,
"object_marking_refs" : [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4008c754-2dc9-43e1-9270-91d20eff4eed" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[domain-name:value = 'warzonecdt.duckdns.org']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b64ed2cf-929c-454b-b78f-4394e6224d02" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[domain-name:value = 'system11.sslblindado.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c1cf733a-b313-4eaf-a6c8-7c6943cb0cb7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[domain-name:value = 'successfully.hopto.org']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5f91f381-5018-4ece-8714-c5262aa45d34" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[domain-name:value = 'success20.hopto.org']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--dc1cb63b-e198-4a98-a538-0db4257acfd0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[domain-name:value = 'quedabesouro.ddns.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--80a5abf2-985c-427f-9303-7a576c98f5b3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[domain-name:value = 'queda212.duckdns.org']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b8c2bfbf-d9fe-4b8e-8559-9db5fde85160" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[domain-name:value = 'passagensv.sslblindado.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--621b1550-a05b-46fb-a8ef-24f602d8b2b2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[domain-name:value = 'msin.hopto.org']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--dd383eb5-4b43-4e56-883c-ab6a759b82ab" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[domain-name:value = 'microsofft.sslblindado.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9120e461-179d-437a-9ad7-c20c3a893619" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[domain-name:value = 'googledrives.ddns.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--368fe61d-d39d-4dd9-b1a9-51214d7d68c2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[domain-name:value = 'firefoxsystem.sytes.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--100cdf20-c229-43e1-a55b-5074d5cb90aa" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[domain-name:value = 'cdtpitbull.hopto.org']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--628b8bd9-ea2f-4c0c-810a-35269746dfc9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[domain-name:value = 'cdt2021.zapto.org']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--679581be-827b-4ddd-ba3b-0582bb9fdca1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[domain-name:value = '4success.zapto.org']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c92bb92b-136d-42f7-baa9-04730fb29b3e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[domain-name:value = '3030pp.hopto.org']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e229e6bb-fb66-4682-80fe-f6988858c55b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[domain-name:value = '111234cdt.ddns.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--40a458f9-235c-4589-858e-401a7ff8e8f0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[email-message:from_ref.value = 'quickbooks@unimed-corporated.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"email-src\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3f682801-330f-4561-91e6-406ba24048e0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[email-message:from_ref.value = 'maringa.turismo@system11.com.br']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"email-src\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d956761d-c690-4ba0-985e-f0681df99701" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[email-message:from_ref.value = 'financeiro@unimed-corporated.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"email-src\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--736ae39c-2800-45cd-b998-6b1a15fb5d57" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[email-message:from_ref.value = 'contato@155hotel.com.br']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"email-src\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e20ff3b6-870b-43d0-8ba4-42e7f3859178" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[url:value = 'http://maringareservas.com.br/seila.rtf']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--23fee22b-8f6a-4d73-b101-9097a98c87e0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[url:value = 'http://hypemediardf.com.pl/css/css.doc']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6342d829-3ce8-48c3-b100-c5600260b82d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[url:value = 'http://corporated.com/tur/turismo.jpg']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--129297ea-88a4-47cd-a071-39895efede47" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[url:value = 'http://corporated.com/microsoft.txt']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b3ed619c-782e-47ce-8ca1-5dbefad1e733" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[url:value = 'http://cdtmaster.com.br/DadosDaReserva.doc']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"url\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7a6586bf-59bd-444f-81d8-26229926b154" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '38.132.101.45']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ce4d7592-d674-4d07-b393-0fa36cedfc3a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'c2b817b02e56624c8ed7944e76a3896556dc2b7482f747f4be88f95e232f9207']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--60860d22-7a36-48ce-ba4a-613ecb58691a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'b57a9f7321216c3410ebcc9d4b09e73a652dee9e750f96b2f6d7d1e39e2923d6']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c2d832d4-fa8e-41f4-8234-4081996997e5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[file:hashes.SHA256 = '7dc70d023b2ee5a941edd925999bb6864343b11758c7dc18309416f2947ddb6e']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--51a5665b-fbef-4e5c-b5e7-6ffde7bf1045" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[file:hashes.SHA256 = '796c02729c9cd5d37976ddae205226e6339b64859e9980d56cbfc5f461d00910']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--136f1cf5-3bd3-48c9-9b05-7493129f9134" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[file:hashes.SHA256 = '2f0f99cbac828092c0ec23e12ecb44cbf53f5a671a80842a2447e6114e4f6979']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6ba96613-4864-4184-aa28-54f665d2c2c5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[file:hashes.SHA1 = 'c396cfb2744bf92575274b277a6c47fe9566dbff']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--20256053-3a6d-401a-802c-540740505140" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"pattern" : "[file:hashes.MD5 = '070950303d80db5d2eb93e21aad77d04']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T07:27:40Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"md5\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "vulnerability" ,
"spec_version" : "2.1" ,
"id" : "vulnerability--ca630b95-9955-4e4b-b461-cee4a9bd7d9a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"name" : "CVE-2017-8570" ,
"labels" : [
"misp:type=\"vulnerability\"" ,
"misp:category=\"External analysis\""
] ,
"external_references" : [
{
"source_name" : "cve" ,
"external_id" : "CVE-2017-8570"
}
]
} ,
{
"type" : "vulnerability" ,
"spec_version" : "2.1" ,
"id" : "vulnerability--00d589c3-2ab7-4587-8f08-77dd869ca869" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:27:40.000Z" ,
"modified" : "2022-08-19T07:27:40.000Z" ,
"name" : "CVE-2017-11882" ,
"labels" : [
"misp:type=\"vulnerability\"" ,
"misp:category=\"External analysis\""
] ,
"external_references" : [
{
"source_name" : "cve" ,
"external_id" : "CVE-2017-11882"
}
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--ba5cbf43-23db-4b15-84f9-f6ea0376e95d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:08:08.000Z" ,
"modified" : "2022-08-19T07:08:08.000Z" ,
"labels" : [
"misp:name=\"report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "link" ,
"value" : "https://www.proofpoint.com/us/blog/threat-insight/reservations-requested-ta558-targets-hospitality-and-travel" ,
"category" : "External analysis" ,
"uuid" : "c0eaa5d0-e310-402e-90fb-61bbee5a0749"
} ,
{
"type" : "text" ,
"object_relation" : "summary" ,
"value" : "Key Findings:\r\n\r\n TA558 is a likely financially motivated small crime threat actor targeting hospitality, hotel, and travel organizations.\r\n Since 2018, this group has used consistent tactics, techniques, and procedures to attempt to install a variety of malware including Loda RAT, Vjw0rm, and Revenge RAT.\r\n TA558\u2019s targeting focus is mainly on Portuguese and Spanish speakers, typically located in the Latin America region, with additional targeting observed in Western Europe and North America.\r\n TA558 increased operational tempo in 2022 to a higher average than previously observed. \r\n Like other threat actors in 2022, TA558 pivoted away from using macro-enabled documents in campaigns and adopted new tactics, techniques, and procedures." ,
"category" : "Other" ,
"uuid" : "8de3129e-f920-4607-8cd2-0fe04b1a8c3b"
} ,
{
"type" : "text" ,
"object_relation" : "type" ,
"value" : "Blog" ,
"category" : "Other" ,
"uuid" : "4b432ccd-99e2-4bf5-b619-2c4fe09068f7"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "report"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--de7a3de5-9870-48e3-9d3d-8a02af97a3c8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T07:16:47.000Z" ,
"modified" : "2022-08-19T07:16:47.000Z" ,
"labels" : [
"misp:name=\"report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "link" ,
"value" : "https://otx.alienvault.com/pulse/62fe1e074b82e798cd731a70/" ,
"category" : "External analysis" ,
"uuid" : "7d50063e-e8ec-4fbe-9bb0-625fadb0bb47"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9c9a982c-a37e-4e24-85f6-0bb85d0365cf" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T12:11:49.000Z" ,
"modified" : "2022-08-19T12:11:49.000Z" ,
"pattern" : " [ e m a i l - m e s s a g e : s u b j e c t = ' C o r r i g i r d a t a d a r e s e r v a p a r a o d i a 0 3 ' A N D e m a i l - m e s s a g e : b o d y _ m u l t i p a r t [ 0 ] . b o d y _ r a w _ r e f . n a m e = ' B o o k i n g - D a d o s d a R e s e r v a . d o c x ' A N D e m a i l - m e s s a g e : b o d y _ m u l t i p a r t [ 0 ] . c o n t e n t _ d i s p o s i t i o n = ' a t t a c h m e n t ' A N D e m a i l - m e s s a g e : b o d y _ m u l t i p a r t [ 1 ] . b o d y _ r a w _ r e f . p a y l o a d _ b i n = ' i V B O R w 0 K G g o A A A A N S U h E U g A A A t Q A A A K S C A Y A A A D y L E y B A A A Y b 2 l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A W I W V W Q c 8 l e 3 f v + 6 z z 7 H P s f f e Z O + 9994 k H O t Y c c x Q I s k q U S F K J Z m V S q E S k Y Z S R g 9 J E s m o F C o q I + 9 t 1 P 95 n + f 9 v O / n v T 6 f 676 + 53 f 9 r t + 61 v 0 7 N w B c n b 6 R k W E I R g D C I 2 K o D q Y G / G 7 u H v z Y K Y A F P A A P 2 I C S L z k 6 U t / O z g r A 5 X f 738 v S I I A 22 u c y G 7 L + 3 f + / F q J / Q D Q Z A M g L x n 7 + 0 e R w G N 8 F A J V G j q T G A I A x g u l C 8 T G R G z g Y x s x U 2 E A Y J 2 / g o C 18 d A P 7 b e G K T R 4 n B 0 M Y N w O A o / X 1 p Q Y B Q N 8 J 0 / n j y E G w H P p 3 c B 8 x w p 8 S A b P + g L E O O d j X H w A u N Z h H O j x 89 w a G K x C H + S N h n A t j N b + / y Q z 6 b / L 9 / s j 39 Q 36 g 7 f 82 i w 4 I 0 p 0 Z J j v n v 9 n a P 7 v E h 4 W + 1 u H K F x p g 6 l m D h v + w z E c C t 1 t u Y F p Y T w b 4 W d j u x F r G P + g + G / F H Q A E I T j W z H m L H 8 F N j j a E 4 w d Y Y S z n 72 t k C W N u G J t E h N l Y b d P 9 A i k m 5 j C G V w s i g R J j 7 r Q 9 N j M g 2 t h x W + Y p 6 m 4 H 2984 k G q o v z 32 s i 91 U + 8 G f 2 d s q L P + t v y h 4 A D z 3 / K / J Q Y 7 u c K Y A A C S E E d x s Y E x P Y y Z o 0 M d L b d 4 k I K J w Y Y 2 v 3 m o s Q 4 b 9 g v D W C 0 g w t R g S z 7 S K 5 B q 4 r D N H x k e / d t f Z E Y w x d x m G x f H B D u Z b c U H W U v 23 b S f H c a N A R H 6 z r / l B E S 7 W f 32 x T / A y H j L d + S z g A j n b X + R o 5 E x B g 7 b Y + c j w + y 2 + V G 4 g D D T D b o g j D m j 4 x y 3 x 6 K 0 Y u D F u S U f Z R U Z Y + e 0 Z S f K J 8 T X w m 7 L H l Q c s A K G w A j w g 1 i 4 + o H d I A R Q n s 0 2 z c K / t n p M g C + g g i A Q A G S 2 K b 9 H u G 72 R M B P R 5 A I P s E o A E T / G W e w 2 R s A 4 m D 62 h / q 1 l M G B G 72 x m 2 O C A V T M A 4 H l i A M / h 27 O S r i j z Y X 8 A 6 m U P 6 l n Q z b G g b X j b 5 / 0 / R h i t U 2 J f a 3 X H 6 G 35 w Y Y 4 w R x g x j g p F A c a J 0 U J o o K / i p B 1 c F l B p K / b e 1 / + F H T 6 H 70 G / R A + g x 9 M t d l D T q P 2 y x B m O w f J N t j / 3 + 7 j F K F J a p j D J A a c P S Y c k o V h Q n k E E p w X r 0 U b q w Z m W Y a r h t 94 b v / P + D n 388 + F v M t / n w c n g E n g 2 v h x f / 50 h 6 S X r l P 1 I 2 I v r 3 + G z Z 6 v c n q o Z / e v 6 p 3 / B v c f a H W 8 t / c i I z k Q 3 I h 8 h 2 Z B e y B d k E + J F t y G Z k N / L O B v 6 z h t 5 t r q H f 2 h w 27 Q m F 5 V D + p c 93 W + d G J K P l 6 u T e y 61 u 94 G Y g I S Y j Q 1 m u D t y D 5 U S F B z D r w / f A g H 85 h F k W W l + B T k F B Q A 27 p S t Y + q r w + Z d A b H 2 / I d G P g i A 6 j w A + O X / 0 M K / A n A F 3 u P 81 v + h i X j D 2 w w D Q P U U O Z Y a t 0 V D b T z Q 8 G n A A O 8 o D s A L h I A 47 J E C U A G a Q A 8 Y A w t g C 5 y A O / C G 4 x w M r 2 c q i A f J I B V k g B x w F J w A J e A M O A + q w S V w D T S B F t A O H o A n o B c M g F f w + p k E H 8E8 W A I r E A R h I T q I B H F A f J A I J A U p Q G q Q D m Q M W U E O k D v k A w V B E V A s l A w d g H K g A q g E O g f V Q F e h m 1 A 71 A X 1 Q S + h c e g 99 A V a R i A R t A h m B A 9 C F L E D o Y b Q R 1 g i n B A 7 E U G I K E Q i I h 1 x B F G M K E d c R D Q i 2 h F P E A O I M c R H x C I S I G m Q r E g B p A x S D W m I t E V 6 I A O R V O Q + Z D a y E F m O v I y 8 B c / 0 c + Q Y c h b 5E4 V B k V D 8 K B l 4 D Z u h n F F k V B R q H y o X V Y K q R j W i O l H P U e O o e d Q v N B 2 a G y 2 F 1 k C b o 93 Q Q e h 4 d A a 6 E F 2 J v o G + D + + m S f Q S B o N h x Y h h V O H d 6 I 4 J w S R h c j G n M f W Y u 5 g + z A R m E Y v F c m C l s N p Y W 6 w v N g a b g T 2 J v Y h t w / Z j J 7 E / c D Q 4 P p w C z g T n g Y v A p e E K c b W 4 V l w / b h q 3 g m f E i + A 18 L Z 4 f / w e f B 6 + A n 8 L 34 O f x K 8 Q m A h i B G 2 C E y G E k E o o J l w m 3 C e M E L 7 S 0 N A I 0 q j T 2 N N Q a P b T F N N c o X l E M 0 7 z k 5 Z I K 0 l r S O t F G 0 t 7 h L a K 9 i 7 t S 9 q v d H R 0 o n R 6 d B 50 M X R H 6 G r o 7 t G N 0 v 2 g J 9 H L 0 p v T + 9 O n 0 J f S N 9 L 3039 m w D O I M O g z e D M k M h Q y N D D 0 M M w y 4 h l F G Q 0 Z f R n 3 M Z Y y 3 m R 8 w b j I R G K S Z 7 J l C m f K Z a p l 6 m K a I W K J o k R j o j 8 x n X i e e I 84 Q U K S h E i G J D L p A K m C d J 80 y Y x h F m M 2 Z w 5 h z m G + x P y M e Z 6 F y K L E 4 s K S w F L K c o d l j B X J K s p q z h r G m s d 6 j X W Q d Z m N h 0 2 f L Y A t i + 0 y W z / b d 3 Y u d j 32 A P Z s 9 n r 2 A f Z l D n 4 O Y 45 Q j n y O J o 7 X n C h O S U 57 z n j O M s 77 n L N c z F y a X G S u b K 5 r X M P c C G 5 J b g f u J O 7 z 3 N 3 c i z y 8 P K Y 8 k T w n e e 7 x z P K y 8 u r x h v A e 523 l f c 9 H 4 t P h o / A d 52 v j + 8 D P w q / P H 8 Z f z N / J P y / A L W A m E C t w T u C Z w I q g m K C z Y J p g v e B r I Y K Q m l C g 0 H G h D q F 5 Y T 5 h a + F k 4 T r h Y R G 8 i J p I s E i R y E O R 76 J i o q 6 i h 0 S b R G f E 2 M X M x R L F 6 s R G x O n E d c W j x M v F / 5 L A S K h J h E q c l u i V R E g q S w Z L l k r 2 S C G k V K Q o U q e l + q T R 0 u r S E d L l 0 i 9 k a G X 0 Z e J k 6 m T G Z V l l r W T T Z J t k P + 8 Q 3 u G x I 3 / H w x 2 / 5 J T l w u Q q 5 F 7 J E + U t 5 N P k b 8 l / U Z B U I C u U K v y l S K d o o p i i 2 K y 4 o C S l F K B U p j S k T F K 2 V j 6 k 3 K G 8 p q K q Q l W 5 r P J e V V j V R / W U 6 g s 1 Z j U 7 t V y 1 R + p o d Q P 1 F P U W 9 Z 8 a K h o x G t c 0 5 j R l N E M 1 a z V n t M S 0 A r Q q t C a 0 B b V 9 t c 9 p j + n w 6 / j o n N U Z 0 x X Q 9 d U t 132 r J 6 T n r 1 e p N 60 v o R + i f 1 H / s 4 G c A d X g h s F 3 Q w 3 D v Y Z 3 j Z B G p k b Z R s + M i c b O x i X G o y a C J k E m d S b z p s q m S a Z 3 z d B m l m b 5 Z i / M e c z J 5 j X m 8 x a q F n s t O i 1 p L R 0 t S y z f W k l a U a 1 u W S O s L a y P W Y / Y i N h E 2 D T Z A l t z 22 O 2 r + 3E7 K L s b t t j 7 O 3 s S + 2 n H O Q d k h 0 e O p I c d z n W O i 45 G T j l O b 1 y F n e O d e 5 w Y X D x c q l x + e 5 q 5 F r g O u a 2 w 22 v 2 x N 3 T n e K e 7 M H 1 s P F o 9 J j 0 d P Y 84 T n p J e y V 4 b X 4E6 x n Q k 7 u 7 w 5 v c O 87 + x i 2 O W 7 q 8 E H 7 e P q U + u z 6 m v r W + 676 G f u d 8 p v n m x I L i J / 9 N f z P + 7 / P k A 7 o C B g O l A 7 s C B w J k g 76 F j Q + 2 D d 4 M L g W Y o h p Y S y E G I W c i b k e 6 h t a F X o e p h r W H 0 4 L t w n / G Y E M S I 0 o n M 37 + 6E3 X 2 R U p E Z k W N R G l E n o u a p l t T K a C h 6 Z 3 R z D D P 88 t 4 d K x 57 M H Y 8 T i e u N O 5 H v E t 8 Q w J T Q k R C 9 x 7 J P V l 7 p h N N E i 8 k o Z L I S R 3 J A s m p y e N 79 f e e 2 w f t 89 v X k S K U k p 4 y u d 90 f 3 U q I T U 0 9 W m a X F p B 2 r c D r g d u p f O k 70 + f O G h 6 s C 6 D P o O a 8 e K Q 5 q E z m a h M S u a z L M W s k 1 m / s v 2 z H + f I 5 R T m r O a S c x 8 f l j 9 c f H j 9 S O C R Z 3 k q e W V H M U c j j g 7 m 6 + Z X F z A V J B Z M H L M + 1 n i c / 3 j 28 W 8 n d p 3 o K l Q q P F N E K I o t G i u 2 K m 4 + K X z y 6 M n V k u C S g V K D 0 v p T 3 K e y T n 0 / 7 X + 6 v 0 y v 7 P I Z n j M 5 Z 5 b P U s 4 O n T M 911 g u W l 54 H n M + 7 v x U h U v F w w t q F 2 o q O S t z K t e q I q r G q h 2 q O 2 t U a 2 p q u W v z 6 h B 1 s X X v L 3 p d 7 L 1 k d K n 5 s s z l c / W s 9 T l X w J X Y K x + u + l w d v G Z 5 r a N B r e H y d Z H r p 26 Q b m Q 3 Q o 17 G u e b g p v G m t 2 b + 25 a 3 O y 4 p X n r x m 3 Z 21 U t A i 2 l d 1 j u 5 L U S W t N b 19 s S 2 x b v R t 6 d b Q 9 q
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T12:11:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"email\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8809def6-57c4-40fb-b31c-db538af6bad6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-19T12:15:35.000Z" ,
"modified" : "2022-08-19T12:15:35.000Z" ,
"pattern" : "[file:hashes.SHA256 = '796c02729c9cd5d37976ddae205226e6339b64859e9980d56cbfc5f461d00910' AND file:name = 'Booking - Dados da Reserva.docx' AND file:x_misp_text = 'Author\u201d: C.D.T Original']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-19T12:15:35Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--20c2cfc4-4abe-42e5-ac49-5759447323a8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-22T12:27:47.000Z" ,
"modified" : "2022-08-22T12:27:47.000Z" ,
"pattern" : "[file:hashes.SHA256 = '7dc70d023b2ee5a941edd925999bb6864343b11758c7dc18309416f2947ddb6e' AND file:name = 'RESERVA.docx' AND file:x_misp_text = 'Attachment \u201cAuthor\u201d: msword\r\n\r\nAttachment \u201cLast Saved By\u201d: Richard']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-22T12:27:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--dfac55b4-672a-45b3-aaa6-0e60dbdbaf96" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-22T12:16:11.000Z" ,
"modified" : "2022-08-22T12:16:11.000Z" ,
"pattern" : " [ e m a i l - m e s s a g e : s u b j e c t = ' R E S E R V A ' A N D e m a i l - m e s s a g e : b o d y _ m u l t i p a r t [ 0 ] . b o d y _ r a w _ r e f . n a m e = ' R E S E R V A . d o c x ' A N D e m a i l - m e s s a g e : b o d y _ m u l t i p a r t [ 0 ] . c o n t e n t _ d i s p o s i t i o n = ' a t t a c h m e n t ' A N D e m a i l - m e s s a g e : b o d y _ m u l t i p a r t [ 1 ] . b o d y _ r a w _ r e f . p a y l o a d _ b i n = ' i V B O R w 0 K G g o A A A A N S U h E U g A A A 58 A A A H v C A Y A A A D T r G u U A A A Y b 2 l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A W I W V W Q c 8 l e 3 f v + 6 z z 7 H P s f f e Z O + 9994 k H O t Y c c x Q I s k q U S F K J Z m V S q E S k Y Z S R g 9 J E s m o F C o q I + 9 t 1 P 95 n + f 9 v O / n v T 6 f 676 + 53 f 9 r t + 61 v 0 7 N w B c n b 6 R k W E I R g D C I 2 K o D q Y G / G 7 u H v z Y K Y A F P A A P 2 I C S L z k 6 U t / O z g r A 5 X f 738 v S I I A 22 u c y G 7 L + 3 f + / F q J / Q D Q Z A M g L x n 7 + 0 e R w G N 8 F A J V G j q T G A I A x g u l C 8 T G R G z g Y x s x U 2 E A Y J 2 / g o C 18 d A P 7 b e G K T R 4 n B 0 M Y N w O A o / X 1 p Q Y B Q N 8 J 0 / n j y E G w H P p 3 c B 8 x w p 8 S A b P + g L E O O d j X H w A u N Z h H O j x 89 w a G K x C H + S N h n A t j N b + / y Q z 6 b / L 9 / s j 39 Q 36 g 7 f 82 i w 4 I 0 p 0 Z J j v n v 9 n a P 7 v E h 4 W + 1 u H K F x p g 6 l m D h v + w z E c C t 1 t u Y F p Y T w b 4 W d j u x F r G P + g + G / F H Q A E I T j W z H m L H 8 F N j j a E 4 w d Y Y S z n 72 t k C W N u G J t E h N l Y b d P 9 A i k m 5 j C G V w s i g R J j 7 r Q 9 N j M g 2 t h x W + Y p 6 m 4 H 2984 k G q o v z 32 s i 91 U + 8 G f 2 d s q L P + t v y h 4 A D z 3 / K / J Q Y 7 u c K Y A A C S E E d x s Y E x P Y y Z o 0 M d L b d 4 k I K J w Y Y 2 v 3 m o s Q 4 b 9 g v D W C 0 g w t R g S z 7 S K 5 B q 4 r D N H x k e / d t f Z E Y w x d x m G x f H B D u Z b c U H W U v 23 b S f H c a N A R H 6 z r / l B E S 7 W f 32 x T / A y H j L d + S z g A j n b X + R o 5 E x B g 7 b Y + c j w + y 2 + V G 4 g D D T D b o g j D m j 4 x y 3 x 6 K 0 Y u D F u S U f Z R U Z Y + e 0 Z S f K J 8 T X w m 7 L H l Q c s A K G w A j w g 1 i 4 + o H d I A R Q n s 0 2 z c K / t n p M g C + g g i A Q A G S 2 K b 9 H u G 72 R M B P R 5 A I P s E o A E T / G W e w 2 R s A 4 m D 62 h / q 1 l M G B G 72 x m 2 O C A V T M A 4 H l i A M / h 27 O S r i j z Y X 8 A 6 m U P 6 l n Q z b G g b X j b 5 / 0 / R h i t U 2 J f a 3 X H 6 G 35 w Y Y 4 w R x g x j g p F A c a J 0 U J o o K / i p B 1 c F l B p K / b e 1 / + F H T 6 H 70 G / R A + g x 9 M t d l D T q P 2 y x B m O w f J N t j / 3 + 7 j F K F J a p j D J A a c P S Y c k o V h Q n k E E p w X r 0 U b q w Z m W Y a r h t 94 b v / P + D n 388 + F v M t / n w c n g E n g 2 v h x f / 50 h 6 S X r l P 1 I 2 I v r 3 + G z Z 6 v c n q o Z / e v 6 p 3 / B v c f a H W 8 t / c i I z k Q 3 I h 8 h 2 Z B e y B d k E + J F t y G Z k N / L O B v 6 z h t 5 t r q H f 2 h w 27 Q m F 5 V D + p c 93 W + d G J K P l 6 u T e y 61 u 94 G Y g I S Y j Q 1 m u D t y D 5 U S F B z D r w / f A g H 85 h F k W W l + B T k F B Q A 27 p S t Y + q r w + Z d A b H 2 / I d G P g i A 6 j w A + O X / 0 M K / A n A F 3 u P 81 v + h i X j D 2 w w D Q P U U O Z Y a t 0 V D b T z Q 8 G n A A O 8 o D s A L h I A 47 J E C U A G a Q A 8 Y A w t g C 5 y A O / C G 4 x w M r 2 c q i A f J I B V k g B x w F J w A J e A M O A + q w S V w D T S B F t A O H o A n o B c M g F f w + p k E H 8E8 W A I r E A R h I T q I B H F A f J A I J A U p Q G q Q D m Q M W U E O k D v k A w V B E V A s l A w d g H K g A q g E O g f V Q F e h m 1 A 71 A X 1 Q S + h c e g 99 A V a R i A R t A h m B A 9 C F L E D o Y b Q R 1 g i n B A 7 E U G I K E Q i I h 1 x B F G M K E d c R D Q i 2 h F P E A O I M c R H x C I S I G m Q r E g B p A x S D W m I t E V 6 I A O R V O Q + Z D a y E F m O v I y 8 B c / 0 c + Q Y c h b 5E4 V B k V D 8 K B l 4 D Z u h n F F k V B R q H y o X V Y K q R j W i O l H P U e O o e d Q v N B 2 a G y 2 F 1 k C b o 93 Q Q e h 4 d A a 6 E F 2 J v o G + D + + m S f Q S B o N h x Y h h V O H d 6 I 4 J w S R h c j G n M f W Y u 5 g + z A R m E Y v F c m C l s N p Y W 6 w v N g a b g T 2 J v Y h t w / Z j J 7 E / c D Q 4 P p w C z g T n g Y v A p e E K c b W 4 V l w / b h q 3 g m f E i + A 18 L Z 4 f / w e f B 6 + A n 8 L 34 O f x K 8 Q m A h i B G 2 C E y G E k E o o J l w m 3 C e M E L 7 S 0 N A I 0 q j T 2 N N Q a P b T F N N c o X l E M 0 7 z k 5 Z I K 0 l r S O t F G 0 t 7 h L a K 9 i 7 t S 9 q v d H R 0 o n R 6 d B 50 M X R H 6 G r o 7 t G N 0 v 2 g J 9 H L 0 p v T + 9 O n 0 J f S N 9 L 3039 m w D O I M O g z e D M k M h Q y N D D 0 M M w y 4 h l F G Q 0 Z f R n 3 M Z Y y 3 m R 8 w b j I R G K S Z 7 J l C m f K Z a p l 6 m K a I W K J o k R j o j 8 x n X i e e I 84 Q U K S h E i G J D L p A K m C d J 80 y Y x h F m M 2 Z w 5 h z m G + x P y M e Z 6 F y K L E 4 s K S w F L K c o d l j B X J K s p q z h r G m s d 6 j X W Q d Z m N h 0 2 f L Y A t i + 0 y W z / b d 3 Y u d j 32 A P Z s 9 n r 2 A f Z l D n 4 O Y 45 Q j n y O J o 7 X n C h O S U 57 z n j O M s 77 n L N c z F y a X G S u b K 5 r X M P c C G 5 J b g f u J O 7 z 3 N 3 c i z y 8 P K Y 8 k T w n e e 7 x z P K y 8 u r x h v A e 523 l f c 9 H 4 t P h o / A d 52 v j + 8 D P w q / P H 8 Z f z N / J P y / A L W A m E C t w T u C Z w I q g m K C z Y J p g v e B r I Y K Q m l C g 0 H G h D q F 5 Y T 5 h a + F k 4 T r h Y R G 8 i J p I s E i R y E O R 76 J i o q 6 i h 0 S b R G f E 2 M X M x R L F 6 s R G x O n E d c W j x M v F / 5 L A S K h J h E q c l u i V R E g q S w Z L l k r 2 S C G k V K Q o U q e l + q T R 0 u r S E d L l 0 i 9 k a G X 0 Z e J k 6 m T G Z V l l r W T T Z J t k P + 8 Q 3 u G x I 3 / H w x 2 / 5 J T l w u Q q 5 F 7 J E + U t 5 N P k b 8 l / U Z B U I C u U K v y l S K d o o p i i 2 K y 4 o C S l F K B U p j S k T F K 2 V j 6 k 3 K G 8 p q K q Q l W 5 r P J e V V j V R / W U 6 g s 1 Z j U 7 t V y 1 R + p o d Q P 1 F P U W 9 Z 8 a K h o x G t c 0 5 j R l N E M 1 a z V n t M S 0 A r Q q t C a 0 B b V 9 t c 9 p j + n w 6 / j o n N U Z 0 x X Q 9 d U t 132 r J 6 T n r 1 e p N 60 v o R + i f 1 H / s 4 G c A d X g h s F 3 Q w 3 D v Y Z 3 j Z B G p k b Z R s + M i c b O x i X G o y a C J k E m d S b z p s q m S a Z 3 z d B m l m b 5 Z i / M e c z J 5 j X m 8 x a q F n s t O i 1 p L R 0 t S y z f W k l a U a 1 u W S O s L a y P W Y / Y i N h E 2 D T Z A l t z 22 O 2 r + 3E7 K L s b t t j 7 O 3 s S + 2 n H O Q d k h 0 e O p I c d z n W O i 45 G T j l O b 1 y F n e O d e 5 w Y X D x c q l x + e 5 q 5 F r g O u a 2 w 22 v 2 x N 3 T n e K e 7 M H 1 s P F o 9 J j 0 d P Y 84 T n p J e y V 4 b X 4E6 x n Q k 7 u 7 w 5 v c O 87 + x i 2 O W 7 q 8 E H 7 e P q U + u z 6 m v r W + 676 G f u d 8 p v n m x I L i J / 9 N f z P + 7 / P k A 7 o C B g O l A 7 s C B w J k g 76 F j Q + 2 D d 4 M L g W Y o h p Y S y E G I W c i b k e 6 h t a F X o e p h r W H 0 4 L t w n / G Y E M S I 0 o n M 37 + 6E3 X 2 R U p E Z k W N R G l E n o u a p l t T K a C h 6 Z 3 R z D D P 88 t 4 d K x 57 M H Y 8 T i e u N O 5 H v E t 8 Q w J T Q k R C 9 x 7 J P V l 7 p h N N E i 8 k o Z L I S R 3 J A s m p y e N 79 f e e 2 w f t 89 v X k S K U k p 4 y u d 90 f 3 U q I T U 0 9 W m a X F p B 2 r c D r g d u p f O k 70 + f O G h 6 s C 6 D P o O a 8 e K Q 5 q E z m a h M S u a z L M W s k 1 m / s v 2 z H + f I 5 R T m r O a S c x 8 f l j 9 c f H j 9 S O C R Z 3 k q e W V H M U c j j g 7 m 6 + Z X F z A V J B Z M H L M + 1 n i c / 3 j 28 W 8 n d p 3 o K l Q q P F N E K I o t G i u 2 K m 4 + K X z y 6 M n V k u C S g V K D 0 v p T 3 K e y T n 0 / 7 X + 6 v 0 y v 7 P I Z n j M 5 Z 5 b P U s 4 O n T M 911 g u W l 54 H n M + 7 v x U h U v F w w t q F 2 o q O S t z K t e q I q r G q h 2 q O 2 t U a 2 p q u W v z 6 h B 1 s X X v L 3 p d 7 L 1 k d K n 5 s s z l c / W s 9 T l X w J X Y K x + u + l w d v G Z 5 r a N B r e H y d Z H r p 26 Q b m Q 3 Q o 17 G u e b g p v G m t 2 b + 25 a 3 O y 4 p X n r x m 3 Z 21 U t A i 2 l d 1 j u 5 L U S W t N b 19 s S 2 x b v R t 6 d b Q 9 q n + j Y 1 f H q n t u 9 v z r t O 5 / d t 7 z / 6 I H J g 3 s P 9 R + 2 P d J + 1 N K l 0 X X z s d
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-22T12:16:11Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"email\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ccc9024a-2748-4e43-bba0-df53f0332f5e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-22T13:17:53.000Z" ,
"modified" : "2022-08-22T13:17:53.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'c2b817b02e56624c8ed7944e76a3896556dc2b7482f747f4be88f95e232f9207' AND file:name = 'reserva.ppa']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-22T13:17:53Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--46cbebab-5fb3-4286-beac-500e45976ff0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-22T13:12:39.000Z" ,
"modified" : "2022-08-22T13:12:39.000Z" ,
"pattern" : " [ e m a i l - m e s s a g e : f r o m _ r e f . v a l u e = ' f e r n a n d o 1540 @ b o l [ . ] c o m [ . ] b r ' A N D e m a i l - m e s s a g e : f r o m _ r e f . d i s p l a y _ n a m e = ' O a b B r a s i l ' A N D e m a i l - m e s s a g e : s u b j e c t = ' O r \ u 0 0e7 a m e n t o C o n f e r e n c i s t a s - 515449939 ' A N D e m a i l - m e s s a g e : b o d y _ m u l t i p a r t [ 0 ] . b o d y _ r a w _ r e f . n a m e = ' r e s e r v a . p p a ' A N D e m a i l - m e s s a g e : b o d y _ m u l t i p a r t [ 0 ] . c o n t e n t _ d i s p o s i t i o n = ' a t t a c h m e n t ' A N D e m a i l - m e s s a g e : b o d y _ m u l t i p a r t [ 1 ] . b o d y _ r a w _ r e f . p a y l o a d _ b i n = ' i V B O R w 0 K G g o A A A A N S U h E U g A A A 7 U A A A I d C A Y A A A D i Y V o C A A A Y b 2 l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A W I W V W Q c 8 l e 3 f v + 6 z z 7 H P s f f e Z O + 9994 k H O t Y c c x Q I s k q U S F K J Z m V S q E S k Y Z S R g 9 J E s m o F C o q I + 9 t 1 P 95 n + f 9 v O / n v T 6 f 676 + 53 f 9 r t + 61 v 0 7 N w B c n b 6 R k W E I R g D C I 2 K o D q Y G / G 7 u H v z Y K Y A F P A A P 2 I C S L z k 6 U t / O z g r A 5 X f 738 v S I I A 22 u c y G 7 L + 3 f + / F q J / Q D Q Z A M g L x n 7 + 0 e R w G N 8 F A J V G j q T G A I A x g u l C 8 T G R G z g Y x s x U 2 E A Y J 2 / g o C 18 d A P 7 b e G K T R 4 n B 0 M Y N w O A o / X 1 p Q Y B Q N 8 J 0 / n j y E G w H P p 3 c B 8 x w p 8 S A b P + g L E O O d j X H w A u N Z h H O j x 89 w a G K x C H + S N h n A t j N b + / y Q z 6 b / L 9 / s j 39 Q 36 g 7 f 82 i w 4 I 0 p 0 Z J j v n v 9 n a P 7 v E h 4 W + 1 u H K F x p g 6 l m D h v + w z E c C t 1 t u Y F p Y T w b 4 W d j u x F r G P + g + G / F H Q A E I T j W z H m L H 8 F N j j a E 4 w d Y Y S z n 72 t k C W N u G J t E h N l Y b d P 9 A i k m 5 j C G V w s i g R J j 7 r Q 9 N j M g 2 t h x W + Y p 6 m 4 H 2984 k G q o v z 32 s i 91 U + 8 G f 2 d s q L P + t v y h 4 A D z 3 / K / J Q Y 7 u c K Y A A C S E E d x s Y E x P Y y Z o 0 M d L b d 4 k I K J w Y Y 2 v 3 m o s Q 4 b 9 g v D W C 0 g w t R g S z 7 S K 5 B q 4 r D N H x k e / d t f Z E Y w x d x m G x f H B D u Z b c U H W U v 23 b S f H c a N A R H 6 z r / l B E S 7 W f 32 x T / A y H j L d + S z g A j n b X + R o 5 E x B g 7 b Y + c j w + y 2 + V G 4 g D D T D b o g j D m j 4 x y 3 x 6 K 0 Y u D F u S U f Z R U Z Y + e 0 Z S f K J 8 T X w m 7 L H l Q c s A K G w A j w g 1 i 4 + o H d I A R Q n s 0 2 z c K / t n p M g C + g g i A Q A G S 2 K b 9 H u G 72 R M B P R 5 A I P s E o A E T / G W e w 2 R s A 4 m D 62 h / q 1 l M G B G 72 x m 2 O C A V T M A 4 H l i A M / h 27 O S r i j z Y X 8 A 6 m U P 6 l n Q z b G g b X j b 5 / 0 / R h i t U 2 J f a 3 X H 6 G 35 w Y Y 4 w R x g x j g p F A c a J 0 U J o o K / i p B 1 c F l B p K / b e 1 / + F H T 6 H 70 G / R A + g x 9 M t d l D T q P 2 y x B m O w f J N t j / 3 + 7 j F K F J a p j D J A a c P S Y c k o V h Q n k E E p w X r 0 U b q w Z m W Y a r h t 94 b v / P + D n 388 + F v M t / n w c n g E n g 2 v h x f / 50 h 6 S X r l P 1 I 2 I v r 3 + G z Z 6 v c n q o Z / e v 6 p 3 / B v c f a H W 8 t / c i I z k Q 3 I h 8 h 2 Z B e y B d k E + J F t y G Z k N / L O B v 6 z h t 5 t r q H f 2 h w 27 Q m F 5 V D + p c 93 W + d G J K P l 6 u T e y 61 u 94 G Y g I S Y j Q 1 m u D t y D 5 U S F B z D r w / f A g H 85 h F k W W l + B T k F B Q A 27 p S t Y + q r w + Z d A b H 2 / I d G P g i A 6 j w A + O X / 0 M K / A n A F 3 u P 81 v + h i X j D 2 w w D Q P U U O Z Y a t 0 V D b T z Q 8 G n A A O 8 o D s A L h I A 47 J E C U A G a Q A 8 Y A w t g C 5 y A O / C G 4 x w M r 2 c q i A f J I B V k g B x w F J w A J e A M O A + q w S V w D T S B F t A O H o A n o B c M g F f w + p k E H 8E8 W A I r E A R h I T q I B H F A f J A I J A U p Q G q Q D m Q M W U E O k D v k A w V B E V A s l A w d g H K g A q g E O g f V Q F e h m 1 A 71 A X 1 Q S + h c e g 99 A V a R i A R t A h m B A 9 C F L E D o Y b Q R 1 g i n B A 7 E U G I K E Q i I h 1 x B F G M K E d c R D Q i 2 h F P E A O I M c R H x C I S I G m Q r E g B p A x S D W m I t E V 6 I A O R V O Q + Z D a y E F m O v I y 8 B c / 0 c + Q Y c h b 5E4 V B k V D 8 K B l 4 D Z u h n F F k V B R q H y o X V Y K q R j W i O l H P U e O o e d Q v N B 2 a G y 2 F 1 k C b o 93 Q Q e h 4 d A a 6 E F 2 J v o G + D + + m S f Q S B o N h x Y h h V O H d 6 I 4 J w S R h c j G n M f W Y u 5 g + z A R m E Y v F c m C l s N p Y W 6 w v N g a b g T 2 J v Y h t w / Z j J 7 E / c D Q 4 P p w C z g T n g Y v A p e E K c b W 4 V l w / b h q 3 g m f E i + A 18 L Z 4 f / w e f B 6 + A n 8 L 34 O f x K 8 Q m A h i B G 2 C E y G E k E o o J l w m 3 C e M E L 7 S 0 N A I 0 q j T 2 N N Q a P b T F N N c o X l E M 0 7 z k 5 Z I K 0 l r S O t F G 0 t 7 h L a K 9 i 7 t S 9 q v d H R 0 o n R 6 d B 50 M X R H 6 G r o 7 t G N 0 v 2 g J 9 H L 0 p v T + 9 O n 0 J f S N 9 L 3039 m w D O I M O g z e D M k M h Q y N D D 0 M M w y 4 h l F G Q 0 Z f R n 3 M Z Y y 3 m R 8 w b j I R G K S Z 7 J l C m f K Z a p l 6 m K a I W K J o k R j o j 8 x n X i e e I 84 Q U K S h E i G J D L p A K m C d J 80 y Y x h F m M 2 Z w 5 h z m G + x P y M e Z 6 F y K L E 4 s K S w F L K c o d l j B X J K s p q z h r G m s d 6 j X W Q d Z m N h 0 2 f L Y A t i + 0 y W z / b d 3 Y u d j 32 A P Z s 9 n r 2 A f Z l D n 4 O Y 45 Q j n y O J o 7 X n C h O S U 57 z n j O M s 77 n L N c z F y a X G S u b K 5 r X M P c C G 5 J b g f u J O 7 z 3 N 3 c i z y 8 P K Y 8 k T w n e e 7 x z P K y 8 u r x h v A e 523 l f c 9 H 4 t P h o / A d 52 v j + 8 D P w q / P H 8 Z f z N / J P y / A L W A m E C t w T u C Z w I q g m K C z Y J p g v e B r I Y K Q m l C g 0 H G h D q F 5 Y T 5 h a + F k 4 T r h Y R G 8 i J p I s E i R y E O R 76 J i o q 6 i h 0 S b R G f E 2 M X M x R L F 6 s R G x O n E d c W j x M v F / 5 L A S K h J h E q c l u i V R E g q S w Z L l k r 2 S C G k V K Q o U q e l + q T R 0 u r S E d L l 0 i 9 k a G X 0 Z e J k 6 m T G Z V l l r W T T Z J t k P + 8 Q 3 u G x I 3 / H w x 2 / 5 J T l w u Q q 5 F 7 J E + U t 5 N P k b 8 l / U Z B U I C u U K v y l S K d o o p i i 2 K y 4 o C S l F K B U p j S k T F K 2 V j 6 k 3 K G 8 p q K q Q l W 5 r P J e V V j V R / W U 6 g s 1 Z j U 7 t V y 1 R + p o d Q P 1 F P U W 9 Z 8 a K h o x G t c 0 5 j R l N E M 1 a z V n t M S 0 A r Q q t C a 0 B b V 9 t c 9 p j + n w 6 / j o n N U Z 0 x X Q 9 d U t 132 r J 6 T n r 1 e p N 60 v o R + i f 1 H / s 4 G c A d X g h s F 3 Q w 3 D v Y Z 3 j Z B G p k b Z R s + M i c b O x i X G o y a C J k E m d S b z p s q m S a Z 3 z d B m l m b 5 Z i / M e c z J 5 j X m 8 x a q F n s t O i 1 p L R 0 t S y z f W k l a U a 1 u W S O s L a y P W Y / Y i N h E 2 D T Z A l t z 22 O 2 r + 3E7 K L s b t t j 7 O 3 s S + 2 n H O Q d k h 0 e O p I c d z n W O i 45 G T j l O b 1 y F n e O d e 5 w Y X D x c q l x + e 5 q 5 F r g O u a 2 w 22 v 2 x N 3 T n e K e 7 M H 1 s P F o 9 J j 0 d P Y 84 T n p J e y V 4 b X 4E6 x n Q k 7 u 7 w 5 v c O 87 + x i 2 O W 7 q 8 E H 7 e P q U + u z 6 m v r W + 676 G f u d 8 p v n m x I L i J / 9 N f z P + 7 / P k A 7 o C B g O l A 7 s C B w J k g 76 F j Q + 2 D d 4 M L g W Y o h p Y S y E G I W c i b k e 6 h t a F X o e p h r W H 0 4 L t w n / G Y E M S I 0 o n M 37 + 6E3 X 2 R U p E Z k W N R G l E n o u a p l t T K a C h 6 Z 3 R z D D P 88 t 4 d K x 57 M H Y 8 T i e u N O 5 H v E t 8 Q w J T Q k R C 9 x 7 J P V l 7 p h N N E i 8 k o Z L I S R 3 J A s m p y e N 79 f e e 2 w f t 89 v X k S K U k p 4 y u d 90 f 3 U q I T U 0 9 W m a X F p B 2 r c D r g d u p f O k 70 + f O G h 6 s C 6 D P o O a 8 e K Q 5 q E z m a h M S u a z L M W s k 1 m / s v 2 z H + f I 5 R T m r O a S c x 8 f l j 9 c f H j 9 S O C R Z 3 k q e W V H M U c j j g 7 m 6 + Z X F z A V J B Z M H L M + 1 n i c / 3 j 28 W 8 n d p 3 o K l Q q P F N E K I o t G i u 2 K m 4 + K X z y 6 M n V k u C S g V K D 0 v p T 3 K e y T n 0 / 7 X + 6 v 0 y v 7 P I Z n j M 5 Z 5 b P U s 4 O n T M 911 g u W l 54 H n M + 7 v x U h U v F w w t q F 2 o q O S t z K t e q I q r G q h 2 q O 2 t U a 2 p q u W v z 6 h B 1 s X X v L 3 p d 7 L 1 k d K n 5 s s z l c / W s 9 T l X w
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-22T13:12:39Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"email\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3c167f94-5bac-465c-9765-b48cab0fddf5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-22T14:00:48.000Z" ,
"modified" : "2022-08-22T14:00:48.000Z" ,
"pattern" : " [ e m a i l - m e s s a g e : f r o m _ r e f . v a l u e = ' f i n a n c e i r o @ u n i m e d - c o r p o r a t e d [ . ] c o m ' A N D e m a i l - m e s s a g e : f r o m _ r e f . d i s p l a y _ n a m e = ' F i n a n c e i r o U N I M E D ' A N D e m a i l - m e s s a g e : a d d i t i o n a l _ h e a d e r _ f i e l d s . r e p l y _ t o = ' c d t [ n a m e ] c d t @ g m a i l [ . ] c o m ' A N D e m a i l - m e s s a g e : s u b j e c t = ' R e s e r v a ' A N D e m a i l - m e s s a g e : b o d y _ m u l t i p a r t [ 0 ] . b o d y _ r a w _ r e f . n a m e = ' O f i c i o C i r c u l a r e n c a m i n h a d o a o S e t o r F i n a n c e i r o U N I M E D . d o c x ' A N D e m a i l - m e s s a g e : b o d y _ m u l t i p a r t [ 0 ] . c o n t e n t _ d i s p o s i t i o n = ' a t t a c h m e n t ' A N D e m a i l - m e s s a g e : b o d y _ m u l t i p a r t [ 1 ] . b o d y _ r a w _ r e f . p a y l o a d _ b i n = ' i V B O R w 0 K G g o A A A A N S U h E U g A A B C I A A A J F C A Y A A A A I 8 F a L A A A Y b 2 l D Q 1 B J Q 0 M g U H J v Z m l s Z Q A A W I W V W Q c 8 l e 3 f v + 6 z z 7 H P s f f e Z O + 9994 k H O t Y c c x Q I s k q U S F K J Z m V S q E S k Y Z S R g 9 J E s m o F C o q I + 9 t 1 P 95 n + f 9 v O / n v T 6 f 676 + 53 f 9 r t + 61 v 0 7 N w B c n b 6 R k W E I R g D C I 2 K o D q Y G / G 7 u H v z Y K Y A F P A A P 2 I C S L z k 6 U t / O z g r A 5 X f 738 v S I I A 22 u c y G 7 L + 3 f + / F q J / Q D Q Z A M g L x n 7 + 0 e R w G N 8 F A J V G j q T G A I A x g u l C 8 T G R G z g Y x s x U 2 E A Y J 2 / g o C 18 d A P 7 b e G K T R 4 n B 0 M Y N w O A o / X 1 p Q Y B Q N 8 J 0 / n j y E G w H P p 3 c B 8 x w p 8 S A b P + g L E O O d j X H w A u N Z h H O j x 89 w a G K x C H + S N h n A t j N b + / y Q z 6 b / L 9 / s j 39 Q 36 g 7 f 82 i w 4 I 0 p 0 Z J j v n v 9 n a P 7 v E h 4 W + 1 u H K F x p g 6 l m D h v + w z E c C t 1 t u Y F p Y T w b 4 W d j u x F r G P + g + G / F H Q A E I T j W z H m L H 8 F N j j a E 4 w d Y Y S z n 72 t k C W N u G J t E h N l Y b d P 9 A i k m 5 j C G V w s i g R J j 7 r Q 9 N j M g 2 t h x W + Y p 6 m 4 H 2984 k G q o v z 32 s i 91 U + 8 G f 2 d s q L P + t v y h 4 A D z 3 / K / J Q Y 7 u c K Y A A C S E E d x s Y E x P Y y Z o 0 M d L b d 4 k I K J w Y Y 2 v 3 m o s Q 4 b 9 g v D W C 0 g w t R g S z 7 S K 5 B q 4 r D N H x k e / d t f Z E Y w x d x m G x f H B D u Z b c U H W U v 23 b S f H c a N A R H 6 z r / l B E S 7 W f 32 x T / A y H j L d + S z g A j n b X + R o 5 E x B g 7 b Y + c j w + y 2 + V G 4 g D D T D b o g j D m j 4 x y 3 x 6 K 0 Y u D F u S U f Z R U Z Y + e 0 Z S f K J 8 T X w m 7 L H l Q c s A K G w A j w g 1 i 4 + o H d I A R Q n s 0 2 z c K / t n p M g C + g g i A Q A G S 2 K b 9 H u G 72 R M B P R 5 A I P s E o A E T / G W e w 2 R s A 4 m D 62 h / q 1 l M G B G 72 x m 2 O C A V T M A 4 H l i A M / h 27 O S r i j z Y X 8 A 6 m U P 6 l n Q z b G g b X j b 5 / 0 / R h i t U 2 J f a 3 X H 6 G 35 w Y Y 4 w R x g x j g p F A c a J 0 U J o o K / i p B 1 c F l B p K / b e 1 / + F H T 6 H 70 G / R A + g x 9 M t d l D T q P 2 y x B m O w f J N t j / 3 + 7 j F K F J a p j D J A a c P S Y c k o V h Q n k E E p w X r 0 U b q w Z m W Y a r h t 94 b v / P + D n 388 + F v M t / n w c n g E n g 2 v h x f / 50 h 6 S X r l P 1 I 2 I v r 3 + G z Z 6 v c n q o Z / e v 6 p 3 / B v c f a H W 8 t / c i I z k Q 3 I h 8 h 2 Z B e y B d k E + J F t y G Z k N / L O B v 6 z h t 5 t r q H f 2 h w 27 Q m F 5 V D + p c 93 W + d G J K P l 6 u T e y 61 u 94 G Y g I S Y j Q 1 m u D t y D 5 U S F B z D r w / f A g H 85 h F k W W l + B T k F B Q A 27 p S t Y + q r w + Z d A b H 2 / I d G P g i A 6 j w A + O X / 0 M K / A n A F 3 u P 81 v + h i X j D 2 w w D Q P U U O Z Y a t 0 V D b T z Q 8 G n A A O 8 o D s A L h I A 47 J E C U A G a Q A 8 Y A w t g C 5 y A O / C G 4 x w M r 2 c q i A f J I B V k g B x w F J w A J e A M O A + q w S V w D T S B F t A O H o A n o B c M g F f w + p k E H 8E8 W A I r E A R h I T q I B H F A f J A I J A U p Q G q Q D m Q M W U E O k D v k A w V B E V A s l A w d g H K g A q g E O g f V Q F e h m 1 A 71 A X 1 Q S + h c e g 99 A V a R i A R t A h m B A 9 C F L E D o Y b Q R 1 g i n B A 7 E U G I K E Q i I h 1 x B F G M K E d c R D Q i 2 h F P E A O I M c R H x C I S I G m Q r E g B p A x S D W m I t E V 6 I A O R V O Q + Z D a y E F m O v I y 8 B c / 0 c + Q Y c h b 5E4 V B k V D 8 K B l 4 D Z u h n F F k V B R q H y o X V Y K q R j W i O l H P U e O o e d Q v N B 2 a G y 2 F 1 k C b o 93 Q Q e h 4 d A a 6 E F 2 J v o G + D + + m S f Q S B o N h x Y h h V O H d 6 I 4 J w S R h c j G n M f W Y u 5 g + z A R m E Y v F c m C l s N p Y W 6 w v N g a b g T 2 J v Y h t w / Z j J 7 E / c D Q 4 P p w C z g T n g Y v A p e E K c b W 4 V l w / b h q 3 g m f E i + A 18 L Z 4 f / w e f B 6 + A n 8 L 34 O f x K 8 Q m A h i B G 2 C E y G E k E o o J l w m 3 C e M E L 7 S 0 N A I 0 q j T 2 N N Q a P b T F N N c o X l E M 0 7 z k 5 Z I K 0 l r S O t F G 0 t 7 h L a K 9 i 7 t S 9 q v d H R 0 o n R 6 d B 50 M X R H 6 G r o 7 t G N 0 v 2 g J 9 H L 0 p v T + 9 O n 0 J f S N 9 L 3039 m w D O I M O g z e D M k M h Q y N D D 0 M M w y 4 h l F G Q 0 Z f R n 3 M Z Y y 3 m R 8 w b j I R G K S Z 7 J l C m f K Z a p l 6 m K a I W K J o k R j o j 8 x n X i e e I 84 Q U K S h E i G J D L p A K m C d J 80 y Y x h F m M 2 Z w 5 h z m G + x P y M e Z 6 F y K L E 4 s K S w F L K c o d l j B X J K s p q z h r G m s d 6 j X W Q d Z m N h 0 2 f L Y A t i + 0 y W z / b d 3 Y u d j 32 A P Z s 9 n r 2 A f Z l D n 4 O Y 45 Q j n y O J o 7 X n C h O S U 57 z n j O M s 77 n L N c z F y a X G S u b K 5 r X M P c C G 5 J b g f u J O 7 z 3 N 3 c i z y 8 P K Y 8 k T w n e e 7 x z P K y 8 u r x h v A e 523 l f c 9 H 4 t P h o / A d 52 v j + 8 D P w q / P H 8 Z f z N / J P y / A L W A m E C t w T u C Z w I q g m K C z Y J p g v e B r I Y K Q m l C g 0 H G h D q F 5 Y T 5 h a + F k 4 T r h Y R G 8 i J p I s E i R y E O R 76 J i o q 6 i h 0 S b R G f E 2 M X M x R L F 6 s R G x O n E d c W j x M v F / 5 L A S K h J h E q c l u i V R E g q S w Z L l k r 2 S C G k V K Q o U q e l + q T R 0 u r S E d L l 0 i 9 k a G X 0 Z e J k 6 m T G Z V l l r W T T Z J t k P + 8 Q 3 u G x I 3 / H w x 2 / 5 J T l w u Q q 5 F 7 J E + U t 5 N P k b 8 l / U Z B U I C u U K v y l S K d o o p i i 2 K y 4 o C S l F K B U p j S k T F K 2 V j 6 k 3 K G 8 p q K q Q l W 5 r P J e V V j V R / W U 6 g s 1 Z j U 7 t V y 1 R + p o d Q P 1 F P U W 9 Z 8 a K h o x G t c 0 5 j R l N E M 1 a z V n t M S 0 A r Q q t C a 0 B b V 9 t c 9 p j + n w 6 / j o n N U Z 0 x X Q 9 d U t 132 r J 6 T n r 1 e p N 60 v o R + i f 1 H / s 4 G c A d X g h s F 3 Q w 3 D v Y Z 3 j Z B G p k b Z R s + M i c b O x i X G o y a C J k E m d S b z p s q m S a Z 3 z d B m l m b 5 Z i / M e c z J 5 j X m 8 x a q F n s t O i 1 p L R 0 t S y z f W k l a U a 1 u W S O s L a y P W Y / Y i N h E 2 D T Z A l t z 22 O 2 r + 3E7 K L s b t t j 7 O 3 s S + 2 n H O Q d k h 0 e O p I c d z n W O i 45 G T j l O b 1 y F n e O d e 5 w Y X D x c q l x + e 5 q 5 F r g O u a 2 w 22 v 2 x N 3 T n e K e 7 M H 1 s P F o 9 J j 0 d P Y 84 T n p J e y V 4 b X 4E6 x n Q k 7 u 7 w 5 v c O 87 + x i 2 O W 7 q 8 E H 7 e P q U + u z 6 m v r W + 676 G f u d 8 p v n m x I L i J / 9 N f z P + 7 / P k A 7 o C B g O l A 7 s C B w J k g 76 F j Q + 2 D d 4 M L g W Y o h p Y S y E G I W c i b k e 6 h t a F X o e p h r W H 0 4 L t w n / G Y E M S I 0 o n M 37 + 6E3 X 2 R U p E Z k W N R G l E n o u a p l t T K a C h 6 Z 3 R z D D P 88 t 4 d K x 57 M H Y 8 T i e u N O 5 H v E t 8 Q w J T Q k R C 9 x 7 J P V l 7 p h N N E i 8 k o Z L I S R 3 J A s m p y e N 79 f e e 2 w f t 89 v X k S K U k p 4 y u d 90 f 3 U q I T U 0 9 W m a X F p B 2 r c D r g d u p f O k 70 + f O G h 6 s C 6 D P o O a 8 e K Q 5 q E z m a h M S u a z L M W s k 1 m / s v 2 z H + f I 5 R T m r O a S c x 8 f l j 9 c f H j 9 S O C R Z 3 k q e W V H M U c j j g 7 m 6 + Z X F z A V J B Z M H L M + 1 n i c / 3 j 28 W 8 n d p 3 o K l Q q P F N E K I o t G i u 2 K m 4 + K X z y 6 M n V k u C S g V K D 0 v p T 3 K e y T n 0 / 7 X + 6 v 0 y v 7 P I Z n j
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-22T14:00:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"email\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--aba989e1-7952-4225-8f27-be5a626323db" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-08-22T14:01:38.000Z" ,
"modified" : "2022-08-22T14:01:38.000Z" ,
"pattern" : "[file:hashes.SHA256 = '2f0f99cbac828092c0ec23e12ecb44cbf53f5a671a80842a2447e6114e4f6979' AND file:name = 'OficioCircularencaminhadoaoSetorFinanceiroUNIMED.docx']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-08-22T14:01:38Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--9f081c46-7aa1-4fb3-b073-051c3f79a328" ,
"created" : "2022-08-19T12:15:35.000Z" ,
"modified" : "2022-08-19T12:15:35.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "contained-within" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--8809def6-57c4-40fb-b31c-db538af6bad6" ,
"target_ref" : "indicator--9c9a982c-a37e-4e24-85f6-0bb85d0365cf"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--4d1d789c-5145-48a5-80fe-f39eebc517d4" ,
"created" : "2022-08-22T12:27:47.000Z" ,
"modified" : "2022-08-22T12:27:47.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "contained-within" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--20c2cfc4-4abe-42e5-ac49-5759447323a8" ,
"target_ref" : "indicator--dfac55b4-672a-45b3-aaa6-0e60dbdbaf96"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--146c7820-bf03-45bb-b5c3-45de23506a57" ,
"created" : "2022-08-22T13:17:53.000Z" ,
"modified" : "2022-08-22T13:17:53.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "contained-within" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--ccc9024a-2748-4e43-bba0-df53f0332f5e" ,
"target_ref" : "indicator--46cbebab-5fb3-4286-beac-500e45976ff0"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
"id" : "relationship--265d7f80-e3f3-4857-9a2a-66e243922865" ,
"created" : "2022-08-22T14:01:38.000Z" ,
"modified" : "2022-08-22T14:01:38.000Z" ,
2023-04-21 13:25:09 +00:00
"relationship_type" : "contained-within" ,
2023-06-14 17:31:25 +00:00
"source_ref" : "indicator--aba989e1-7952-4225-8f27-be5a626323db" ,
"target_ref" : "indicator--3c167f94-5bac-465c-9765-b48cab0fddf5"
} ,
{
"type" : "marking-definition" ,
"spec_version" : "2.1" ,
"id" : "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ,
"created" : "2017-01-20T00:00:00.000Z" ,
"definition_type" : "tlp" ,
"name" : "TLP:WHITE" ,
"definition" : {
"tlp" : "white"
}
}
2023-04-21 13:25:09 +00:00
]
}
