2023-04-21 13:25:09 +00:00
|
|
|
{
|
2023-06-14 17:31:25 +00:00
|
|
|
"type": "bundle",
|
|
|
|
"id": "bundle--5ca603ab-903c-4818-99a4-4b4b950d210f",
|
|
|
|
"objects": [
|
|
|
|
{
|
|
|
|
"type": "identity",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-04-05T09:59:02.000Z",
|
|
|
|
"modified": "2019-04-05T09:59:02.000Z",
|
|
|
|
"name": "CIRCL",
|
|
|
|
"identity_class": "organization"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "report",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "report--5ca603ab-903c-4818-99a4-4b4b950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-04-05T09:59:02.000Z",
|
|
|
|
"modified": "2019-04-05T09:59:02.000Z",
|
|
|
|
"name": "Tor hidden services for GandCrab and jokeroo \"vendor\"",
|
|
|
|
"published": "2019-04-05T09:59:50Z",
|
|
|
|
"object_refs": [
|
|
|
|
"observed-data--5ca60871-28d8-432b-833e-4bbe950d210f",
|
|
|
|
"domain-name--5ca60871-28d8-432b-833e-4bbe950d210f",
|
|
|
|
"observed-data--5ca60a18-ae20-49c7-b5bc-44e3950d210f",
|
|
|
|
"file--5ca60a18-ae20-49c7-b5bc-44e3950d210f",
|
|
|
|
"artifact--5ca60a18-ae20-49c7-b5bc-44e3950d210f",
|
|
|
|
"observed-data--5ca60bd4-7f10-4055-82c3-4d34950d210f",
|
|
|
|
"file--5ca60bd4-7f10-4055-82c3-4d34950d210f",
|
|
|
|
"artifact--5ca60bd4-7f10-4055-82c3-4d34950d210f",
|
|
|
|
"observed-data--5ca60c0a-2f8c-4521-9a9b-46c0950d210f",
|
|
|
|
"file--5ca60c0a-2f8c-4521-9a9b-46c0950d210f",
|
|
|
|
"artifact--5ca60c0a-2f8c-4521-9a9b-46c0950d210f",
|
|
|
|
"observed-data--5ca60c77-1ed8-426f-b2fd-4aad950d210f",
|
|
|
|
"file--5ca60c77-1ed8-426f-b2fd-4aad950d210f",
|
|
|
|
"artifact--5ca60c77-1ed8-426f-b2fd-4aad950d210f",
|
|
|
|
"observed-data--5ca60cd3-7e68-4824-8947-4373950d210f",
|
|
|
|
"file--5ca60cd3-7e68-4824-8947-4373950d210f",
|
|
|
|
"artifact--5ca60cd3-7e68-4824-8947-4373950d210f",
|
|
|
|
"observed-data--5ca60d55-4400-4eec-8a06-4066950d210f",
|
|
|
|
"domain-name--5ca60d55-4400-4eec-8a06-4066950d210f",
|
|
|
|
"observed-data--5ca60d83-f2d8-4dbf-becd-42ed950d210f",
|
|
|
|
"domain-name--5ca60d83-f2d8-4dbf-becd-42ed950d210f",
|
|
|
|
"observed-data--5ca60def-92a0-4ffb-a42d-437b950d210f",
|
|
|
|
"domain-name--5ca60def-92a0-4ffb-a42d-437b950d210f",
|
|
|
|
"observed-data--5ca60e0f-a0c4-4d42-beac-43d9950d210f",
|
|
|
|
"domain-name--5ca60e0f-a0c4-4d42-beac-43d9950d210f",
|
|
|
|
"x-misp-object--5ca7222c-a9d8-4560-9715-4ae6950d210f",
|
|
|
|
"x-misp-object--5ca722b5-7bd0-49c3-9621-4966950d210f",
|
|
|
|
"x-misp-object--5ca7244b-5c9c-457f-b724-4e44950d210f",
|
|
|
|
"x-misp-object--5ca72523-bf54-471e-8d50-46ce950d210f",
|
|
|
|
"x-misp-object--5ca725e7-432c-4ce4-8fc9-4e4e950d210f",
|
2023-06-24 09:36:52 +00:00
|
|
|
"relationship--4995e23a-5c88-4a0b-acb8-b0c5fca94c62",
|
|
|
|
"relationship--7af2a530-1814-483a-855a-704929296965",
|
|
|
|
"relationship--986bcf33-c995-499f-93ac-1c2b4e3b4c36",
|
|
|
|
"relationship--9e5c6a53-103b-453a-b7b3-03dea1679ea4",
|
|
|
|
"relationship--1ce57853-a5c2-4dc0-b174-43cd3899435c",
|
|
|
|
"relationship--473c7d7e-a0a6-4b19-a14f-f3b9aa7f6ab5",
|
|
|
|
"relationship--bcf3cec8-1232-4107-9e01-dfcd5b6e80f0",
|
|
|
|
"relationship--6addcd4d-77ee-4219-8fb9-d17d88ca7e4f",
|
|
|
|
"relationship--eff17429-0a53-4f1e-9478-bb558e86967c",
|
|
|
|
"relationship--aa8dfc1b-9bec-4c24-af08-655553f35c0b"
|
2023-06-14 17:31:25 +00:00
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"Threat-Report",
|
|
|
|
"misp:tool=\"MISP-STIX-Converter\"",
|
|
|
|
"misp-galaxy:malpedia=\"Gandcrab\"",
|
|
|
|
"misp-galaxy:ransomware=\"GandCrab\"",
|
|
|
|
"misp-galaxy:ransomware=\"Jokeroo\"",
|
|
|
|
"type:OSINT",
|
|
|
|
"osint:lifetime=\"perpetual\"",
|
|
|
|
"osint:certainty=\"50\"",
|
|
|
|
"osint:source-type=\"automatic-analysis\"",
|
|
|
|
"estimative-language:confidence-in-analytic-judgment=\"high\""
|
|
|
|
],
|
|
|
|
"object_marking_refs": [
|
|
|
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--5ca60871-28d8-432b-833e-4bbe950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-04-04T13:36:49.000Z",
|
|
|
|
"modified": "2019-04-04T13:36:49.000Z",
|
|
|
|
"first_observed": "2019-04-04T13:36:49Z",
|
|
|
|
"last_observed": "2019-04-04T13:36:49Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"domain-name--5ca60871-28d8-432b-833e-4bbe950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"domain\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "domain-name",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "domain-name--5ca60871-28d8-432b-833e-4bbe950d210f",
|
|
|
|
"value": "gandcrasgyol4tol.onion"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--5ca60a18-ae20-49c7-b5bc-44e3950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-04-04T13:48:12.000Z",
|
|
|
|
"modified": "2019-04-04T13:48:12.000Z",
|
|
|
|
"first_observed": "2019-04-04T13:48:12Z",
|
|
|
|
"last_observed": "2019-04-04T13:48:12Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"file--5ca60a18-ae20-49c7-b5bc-44e3950d210f",
|
|
|
|
"artifact--5ca60a18-ae20-49c7-b5bc-44e3950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"attachment\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "file",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "file--5ca60a18-ae20-49c7-b5bc-44e3950d210f",
|
|
|
|
"name": "gandcrasgyol4tol.onion.png",
|
|
|
|
"content_ref": "artifact--5ca60a18-ae20-49c7-b5bc-44e3950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "artifact",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "artifact--5ca60a18-ae20-49c7-b5bc-44e3950d210f",
|
|
|
|
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAABAAAAAz7CAYAAAAzp4w+AAAgAElEQVR4nOydeVxU5eL/QRRDLW2zzW9ZuHaNbre0xUy7Wla/7q00W4zK9Ja3/ebWtTRLvLiBigsiuKGiLK6kKG6guKCIiAJuKAqyDDMMMMwMs5xzPr8/DjMyzAyrgjWf9+v1/kOEmeecOWfO83yezQ2EEEIIIYQQQgj50+PW0gUghBBCCCGEEELIzYcBACGEEEIIIYQQ4gIwACCEEEIIIYQQQlwABgCEEEIIIYQQQogLwACAEEIIIYQQQghxARgAEEIIIYQQQgghLgADAEIIIYQQQgghxAVgAEAIIYQQQgghhLgADAAIIYQQQgghhBAXgAEAIYQQQgghhBDiAjAAIIQQQgghhBBCXAAGAIQQQgghhBBCiAvAAIAQQgghhBBCCHEBGADUQBRFlJaWIjs7G8nJyUhLS0NGRgYKCwtRUlICk8kESZIgSVJLF5UQQgghhBBCCKk3DACqIQgCUlNT8cUXX8DHxwddunRBly5d0LVrVzzxxBN44403MH36dKSlpSElJQU5OTkQRbGli00IIYQQQgghhNQJA4Bq6HQ6/P7775g3bx6Cg4Px7TffYODAgbjjjjvg5uaGVq1awcvLC928vfHII4/gpZdeQkxMDPR6fUsXnRBCCCGEEEIIqRUGADWorKyEIAgQBAEVFRU4d+4cxo8bh4cffhgeHh5wc3Oz2rp1azz22GPw8/NDXl4epwUQQgghhBBCCLllYQBQA0mSoNPpoFQqUVBQgFOnTmHDhg2YOmUK7rvvPpsAwGLHjh0xcuRIpKSkwGQytfQhEEIIIYQQQgghdjAAqIHRaMTKlSvx4QcfoH///ujVqxc6dOiAzp07o0OHDg4DADc3N3h4eGDQoEHYvXs3zGZzSx8GIYQQQgghhBBiAwOAGgiCgMzMTMyaNQuvv/46/u///g9t27Z12vCvrru7O1566SUcPXq0pQ+DEEIIIYQQQgixwaUDAFEUUVhYiISEBCxZsgRTpkzB3DlzsH//fly7dg35+flISEjA+PHj0atXL3h5edUZAnh6euKtt97C5cuXW/rwCCGEEEIIIYQQKy4XAIiiCKVSif379yMqMhIffPABunfvjt69e+Pbb7/FmjVrEB8fj0uXLkGSJIiiCI1Gg0OHDuGrr77Co48+arcYYE07dOiAeYGBEAShpQ+XEEIIIYQQQggB4GIBgCAIyDhzBl99+SUefPBB3H333fD09IS3tzdCQ0Nx+fJl6HQ6pw13rVaL3bt347NRo3DvvfeiVatWTkOAN998EyUlJc18hIQQQgghhBBCiGNcJgAwm83YtWsXBg0aBHd3d5vF+x566CG89tpreG/ECPz00084cOBArVv6lZeXIzY2FoMHD3Y6LaB3797IyMiwvo4oijAajc11uIQQQgghhBBCiA1/ugCgrKwMO3fuhF6vt/7MbDYjJjoaffv2teu1b9WqFby9vTF+/Hhs2rQJx44dw5UrV+ocvm8ymXDlyhUEBgbiuWeftVso0NPTE5988glyc3MhiiISEhKwfv167hBACCGEEEIIIaRF+FMFAEajEQsXLoSvry9KS0utP9uxYwf69u1rN3e/U6dOeO+995CQkACtVmtt9JvNZuj1equ1hQF6vR6nT5/G66+/bjOywPL627Ztg9FoRHBwMN765z+t5fozI4oiSkpKoNFoWrooDjGZTFCr1TCZTC1dFEIIIYQQQghpNv5UAUB2djYGDBiAn3/6CTqdDkajEYcOHUK/fv1sev49PDzQrVs3TJkyBZcvX4bJZILJZEJ5eTkuXbqE8PBw/PDDD/jY1xeTJk3C6tWrcfbsWahUKuj1elRWVkIURev7Go1GTJwwweGaAHPmzIHRaMTixYvh4+ODq1evNvr4LIsSmkwmiKJoU4ZbiejoaAwaNAgTJ06ss4yW4xAEoVmOyWg0YtKkSXjuueeQnJx8U9+LEEIIIYQQQm4l/lQBQHR0NPr06YPdu3fDYDAgYt06vPjii9aGubu7O9q2bQsfHx8EBwcjMzMT8fHxCAkJwcyZMzHq00/h4+ODe+65x6Y3v2PHjnj66afx4YcfYvy4cfhl6lRs2bIFWVlZUKlU0Gg0CA0NRceOHW0a/+7u7li5YoV1ZIKPjw9ycnIafFyiKOLq1avYsmUL/Pz8MO6HH/DL1KlYsmQJEhMTUVZWVuuaBc3NlClT4Obmhn/9619OG/Q6nQ6pqalYsmQJJowfj3E//ICAgABs2bIFubm5N613XqfTYfDgwfD09MS+fftuynsQQgghhBBCyK3InyYAqKysxKRJk+Dj44PTp0/j8uXLeLZfP2tD3tPTE8899xwmjB+Pf//73xj54Yd48cUXcfddd6FNmzZo06YNPDw87IbxV9fDwwMeHh5o3bo17r77bjz55JMYOHAgfvrpJ2zbtg1P9Olj8/udO3fGrl27kJeXh3/+858YMGAAcnNzG3RcpaWlmDFjBrp16wZPT094eHjAy8sLrVu3RuvWrdGuXTv069cP58+fv0lntuHUFQAcP34cr7zyCu68807rOW/Xrh1atWpl3ZXh999/vyllYwBACCGEEEIIcVX+NAFAXl4ehr76Km7v0AGrV6/G77//jgceeMDaGG/bti1eeeUVDHjxRdxxxx3w8PCodRu/+tqqVSu0a9cOT/r44L777rPp/X/xxReRk5OD2G3b0LlzZ6cjACzD32uSn5+PkSNHwtPTEw888ADGjh2LqKgoJCYmYteuXVi2bBlGjRqFwYMHQ6VSNcNZrh/OAgBBELBlyxY88sgjaNOmDZ599lnMmTMH8fHxOHDgACIjIzFhwgT069cPR44cuSllYwBACCGEEEIIcVX+cAGA0WjExYsX7RaYU6lUePfdd+Hu7o5PP/kEIUuX2g3J9/T0ROvWrZvc6K9PKNCtWzds2rQJGo0Gv/36K2677Tb069cPhYWFNuUuLy9HQkICiouLbX5uGdHg6emJrl27IjY2FgaDweH5KCoqspsCYJlXbzAYYDAYIAhCndMEqv++5W/qg8lksv4N4DwAOHPmDLp16wYPDw989tlnyMnJsXsPs9kMhUJhNwWgPsdTn+OtGQCIotigc0QIIYQQQgghf1T+kAFAYGAgwsPDbbb6MxgMmDFjBjw8PODj44OAuXNx11133fTGviM7d+6MZSEhMBqNyM/PxyuvvILWrVvj32PHQqvVWstsNpuxadMmjPvhBygUCpvjPHLkCO6//360adMGYWFhDVocT6fTYc2aNRg3bhyGDx+O4cOHY9y4cYiOjrbbhUAURaSnpyMiIgI//fQTRo4cieHDh2PEiBGYPn06UlNTYTQaHb6PWq3G77Gx+ObrrzF8+HCMHTsWERER+Oqrr+wCAJPJhAkTJsDNzQ3PP/98vadCmEwmpKenY+XKlfjmm2+sZZswYQIOHjwISZKg1WoRFRWF7779Fr6+vhg2bBj+NWYMNm7ciJKSErtzYwkAQkNDERQUBF9fX7z//vuYNGkS9u7da/MZEUIIIYSQG8/kyZMxbdo0O/fs2dPSRbslyMnJQVhY2E19j/z8fAQHB9/Q15w3bx7UanWTXiMpKQnx8fFO//9mlLuxaLVazJo1q6WL0SD+cAEAcH2V+bi4OJuf79ixA507d8Y999yDwMBAvDxoUIsEAE8//bR1qP+xY8fQu3dvtG/fHlFRUdYeb1EUkZKSgqeeegqLFi2yCTMA4Ndff4Wbmxt8fHzswoG6KC4uRpcuXeDm5oZ27drBy8vLOg3i3XfftRk9UVlZib+//LLNKIl27dpZ/92pUyeHN9jVq1cxdOhQ6zSK6u9jGWVRPQC4cOECHn74Ybi7uyM0NLTeowtycnJw//33W8tT/X0WLVoEQN79wRL2tGvXDrfddpv19z/77DObBr0lAHBzc7O+Tps2bax/c9ttt2H8+PEMAQghhBBCbiI///xzSxfhlqY5AgCNRoNjx47d0NdkAHDr84cMAK5du4aRI0figw8+QGFhoXXYdnJyMh577DG0b98eCxYsQExMDPr27XtD5vo
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--5ca60bd4-7f10-4055-82c3-4d34950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-04-04T13:51:16.000Z",
|
|
|
|
"modified": "2019-04-04T13:51:16.000Z",
|
|
|
|
"first_observed": "2019-04-04T13:51:16Z",
|
|
|
|
"last_observed": "2019-04-04T13:51:16Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"file--5ca60bd4-7f10-4055-82c3-4d34950d210f",
|
|
|
|
"artifact--5ca60bd4-7f10-4055-82c3-4d34950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"attachment\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "file",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "file--5ca60bd4-7f10-4055-82c3-4d34950d210f",
|
|
|
|
"name": "gandcrab2pie73et.onion.png",
|
|
|
|
"content_ref": "artifact--5ca60bd4-7f10-4055-82c3-4d34950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "artifact",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "artifact--5ca60bd4-7f10-4055-82c3-4d34950d210f",
|
|
|
|
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAABAAAAAMACAYAAAC6uhUNAAAgAElEQVR4nOzdd1hTZwMFcEAR1Gpr1RZtqXFFUVBRWq22ausW2Vtwd3y2tSquqnVj1bqp2Iq46t6rWq04AQcuVJyI4sQJCCIjJOf7A3IlJIQAgRByzvP8nqeFjJshyXvue99r5OXbH0RERERERERUvhnpegOIiIiIiIiIqOSxACAiIiIiIiIyACwAiIiIiIiIiAwACwAiIiIiIiIiA8ACgIiIiIiIiMgAsAAgIiIiIiIiMgAsAIiIiIiIiIgMAAsAIiIiIiIiIgPAAoCIiIiIiIjIALAAICIiIiIiIjIALACIiIiIiIiIDAALACIiIiIiIiIDwAKAiIiIiIiIyACwACAiIiIiIiIyACwAiIiIiIiIiAwACwAiIiIiIiIiA8ACgIiIiIiIiMgAsAAgIiIiIiIiMgAsAIiIiIiIiIgMAAsAIiIiIiIiIgPAAoCIiIiIiIjIALAAICIiIiIiIjIALACIiIiIiIiIDAALACIiIiIiIiIDwAKAiIiIiIiIyACwACAiIiIiIiIyACwAiIiIiIiIiAwACwAiIiIiIiIiA8ACgIiIiIiIiMgAsAAgIiIiIiIiMgAsAIiIiIiIiIgMAAsAIiIiIiIiIgPAAoCIiIiIiIjIALAAICIiIiIiIjIALACIiIiIiIiIDAALACIiIiIiIiIDwAKAiIiIiIiIyACwACAiIiIiIiIyACwAiIiIiIiIiAwACwAiIiIiIiIiA8ACgIiIiIiIiMgAsAAgIiIiIiIiMgAsAIiIiIiIiIgMAAsAIiIiIiIiIgPAAoCIiIiIiIjIALAAICIiIiIiIjIALACIiIiIiIiIDAALACIiIiIiIiIDwAKAiIiIiIiIyACwACAiIiIiIiIyACwAiIiIiIiIiAwACwAiIiIiIiIiA8ACgIiIiIiIiMgAsAAg0gOeffsRERERlWm6/r5ERAVjAUBUBuj6A5uIiIiopOn6+xYRsQAgKjW6/tAlIiIiKqt0/T2NyFCwACAqIbr+ICUiIiLSV7r+HkdUXrEAINISXX9QEhEREZVXuv6eR1ResAAgKiZdfyASERERGQpdf+8j0ncsAIgKSdcffERERESUTdffC4n0DQsAokLQ9YccERERESnS9fdDIn3CAoCoALr+UCMiIiIizej6eyNRWccCgEgNXX+IFcTDx4+IiIioVOn6+w9LAKKiYwFApIKuP7iK/+Hcj4iIiKiY9Lso0PX3SaKyiAUAUS5lb6Cv6w9+IiIiosIqW8WArr9fEpUlLACIcuh2wK/rD2oiIiKikqa7QkDX3zOJygoWAES+JTf41/pgv29eftpXBo4tNGh8DQwbX3/DxtffsJXU618S3xXyfh/RcinAEoCo5LAAIINWegP/ogzwS+pDuwC6/gJk6PgaGDa+/oaNr79h06sCQBNFKQgUt51FAJH2sQAgg1UmBv1FGOi7+xARERGVDUUqBspAGaDr76FEusICgAxSyQ38Ndm7X7IDfJ3vwSAiIqJyo+QLAk1mCbzdHpYARMXDAoAMjm4G/qo/9DigJyIiovKkeKVA6RcBuv5eSlTaWACQQSm1gX8RBv0af7h6+xIRERGVDcUsBopWBmi3CND191Oi0sQCgAyK9gb/mg/8izTgL+SHrzsRERFRCdNmOaB5IVBwEcACgEhzLADIYJToXn8NB/6FHezr+oOeiIiIqLAKWwoUrwjQzmwAXX9PJSotLADIIJTYXn8VA383b18FKj8cvfoqcdMVTx8iIiIyFDr6vqHqu4+q70h5v0cVtghgCUCkHgsAKvdKZK9/PgN/V6++cHLzgqOrJxxdPAQOzu5wcHZT0KeonFyJiIiIyoYifp/J+73Iwdld4buTo6snnNy84OrVtxBFQPFnA+j6eytRSWMBQOVayQz+laf6ywf/bl6+2L5zNxISE8EwDMMwDMMULQmJidi+czfcvHyFEkDloQEsAYgKhQUAlWvan/KvfIy/fIqas5sXtu/crevPS4ZhGIZhmHKT7Tt3w9nN6+2hlarWCNDyIQG6/v5KVJJYAFC5pdXBf9/8B//u3r5w8+oLR1dP7vlnGIZhGIbRYl4mJMDR1TN7HQF1JYCaQwJYAhC9xQKAyqXSHPzLP4wcnN10/RnJMAzDMAxT7uLg7Kb0vYslAFHRsACgcqkkBv95T+cnfAh59oWrpw/6OLnq+vORYRiGYRim3KWPkytcPX3g5vn2zAF5Tx9YEiWArr/PEpUEFgBU7mht77+Kvf7uwuX8hNP5uXn1haunN+ydXHT9+cgwDMMwDFPuYu/kAldP77enE8wpAPIvAfLu1OEsACI5FgBU7pTK4D/nA8jNsy9cPH3g4uGN3g4sABiGYRiGYbSd3g4ucPHwhot8FkDO97DSKAF0/b2WSNtYAFC5op3Bf/7T/j18/OCRs+ff3asvXHOm/7t4eKEXCwCGYRiGYRitp5eDC1w8vODq6QPX3AVAgTMBeCgAUV4sAKhcKY3Bv0fOqv9uXn3hmjP939ndC70cnHX9+cgwDMMwDFPu0svBGc7uXnD19IZrzncwN3kBUAolgK6/3xJpEwsAKjeKtvc/76J/BQ/+3fMUAC4e3nB280LPPiwAGIZhGIZhtJ2efZzh7OYFFw/FAsBdXgAUVAKoWBSQswDIULEAoHKjJI77VzX4VyoA3L3g7OaJHiwAGIZhGIZhtJ4efZzh7OYJF3cvpQJAXQmgzfUAdP09l0hbWABQuVGsvf8qpv7nN/iXFwCuHt7Ze//dveDo6oke9o66/nxkGIZhGIYpd+lh7whHV084u+fMAvDwVigANCsBijcLQNffc4m0hQUAlQva2vuvNPiXL/qXtwDw9IGrhzechQLAgwUAwzAMwzBMCSS7APCAs7sXnOUFgKeP0vez3AWAyhKAswCIWABQ+VC8vf+aT/13zzkDgFvOqf+yCwDPnALASdefjwzDMAzDMOUuPeydcgoATzjnzMB08/TJPhtAoWYBKJcALADI0LAAoHKhyHv/Czn1X14AuAoFgFd2AeDiyQKAYRiGYRimBNLD3gmOLp45BUDOYQAqCoDCHwpQuFkAuv6+S6QNLABI72lj739hBv9uQgHglV0AuHmxAGAYhmEYhimhCAWAm1dOAeAFV0+f7HUAilICcBYAGTAWAKT3Sm3vf86HTHYB4J1dALh75yoAuAYAwzAMwzCMttPD3vFtAeDunVMAeL8tAIq1ICBnAZBhYQFAeq3U9v7nGvwLBYC7N5zdveHEAoBhGIZhGKbEIi8AnOQFgLu3UAAUuQTgLAAyUCwASK+V1N7//Kb+Z/OBq4cPXNy94SQUAB7o0ZsFAMMwDMMwjLbTo7cjHF084OTmBSd5AeDhAzcvH8USQM1ZATgLgCgbCwDSa6W/9z/7g8bVwyd777+7N5zcPOHozNMAMgzDMAzDlER62DvC0dkDTm6ecMqZgZldALz9blaaswB0/f2XqDhYAJBeK4kCQN3UfzcvH7h59oWLUAB4wcnVE44uHujOAoBhGIZhGEbr6W6fMwPA1RNO7vJ1ALK/kynNAlBVArAAIBKwACC9Vdzp/5ru/c87+H9bAHgJBYADCwCGYRiGUYpMJkNSUhIuX76Mw4cP48iRI4iIiMDNmzfx6NEjZGRkQCaTQSqV6npTmTKc7vaOcFAoALzeFgCqSgCNZwHwMAAyPCwASG+V7t7/nA8Wz75wzV0AuHnB0U1eADjo+vORYRiGYcpU7t+/j19++QV2dnaoW7cuateujQ8++AD169fHl19+iXHjxuHIkSPYt28f7t27xyKAUZnu9g5wcPGAo5t8IcDsAsBVKAA0OBSAswCI4OXLAoD0mDYKgKLs/c8uALJP/+fkLi8A3NGtNwsAhmEYhsmdq1evYvPmzTh06BCCg4MxaNAgfPjhhzAyMhLUrFkTlStXRteuXXHq1ClkZGToerOZMpZuvR3g4OKeXQC4e8HZzQsuHt5vC4AizAJgAUCGigUA6S1tT//XdO+/q6ePUAA4unvB0c2DBQDDMAzDqIhMJoNMJgMASKVSJCU
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--5ca60c0a-2f8c-4521-9a9b-46c0950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-04-04T13:56:16.000Z",
|
|
|
|
"modified": "2019-04-04T13:56:16.000Z",
|
|
|
|
"first_observed": "2019-04-04T13:56:16Z",
|
|
|
|
"last_observed": "2019-04-04T13:56:16Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"file--5ca60c0a-2f8c-4521-9a9b-46c0950d210f",
|
|
|
|
"artifact--5ca60c0a-2f8c-4521-9a9b-46c0950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"attachment\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "file",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "file--5ca60c0a-2f8c-4521-9a9b-46c0950d210f",
|
|
|
|
"name": "gandcrabmfe6mnef.onion.png",
|
|
|
|
"content_ref": "artifact--5ca60c0a-2f8c-4521-9a9b-46c0950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "artifact",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "artifact--5ca60c0a-2f8c-4521-9a9b-46c0950d210f",
|
|
|
|
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAABAAAAAMACAYAAAC6uhUNAAAgAElEQVR4nOzdd1hTZwMFcEAR1Gpr1RZtqXFFUVBRWq22ausW2Vtwd3y2tSquqnVj1bqp2Iq46t6rWq04AQcuVJyI4sQJCCIjJOf7A3IlJIQAgRByzvP8nqeFjJshyXvue99r5OXbH0RERERERERUvhnpegOIiIiIiIiIqOSxACAiIiIiIiIyACwAiIiIiIiIiAwACwAiIiIiIiIiA8ACgIiIiIiIiMgAsAAgIiIiIiIiMgAsAIiIiIiIiIgMAAsAIiIiIiIiIgPAAoCIiIiIiIjIALAAICIiIiIiIjIALACIiIiIiIiIDAALACIiIiIiIiIDwAKAiIiIiIiIyACwACAiIiIiIiIyACwAiIiIiIiIiAwACwAiIiIiIiIiA8ACgIiIiIiIiMgAsAAgIiIiIiIiMgAsAIiIiIiIiIgMAAsAIiIiIiIiIgPAAoCIiIiIiIjIALAAICIiIiIiIjIALACIiIiIiIiIDAALACIiIiIiIiIDwAKAiIiIiIiIyACwACAiIiIiIiIyACwAiIiIiIiIiAwACwAiIiIiIiIiA8ACgIiIiIiIiMgAsAAgIiIiIiIiMgAsAIiIiIiIiIgMAAsAIiIiIiIiIgPAAoCIiIiIiIjIALAAICIiIiIiIjIALACIiIiIiIiIDAALACIiIiIiIiIDwAKAiIiIiIiIyACwACAiIiIiIiIyACwAiIiIiIiIiAwACwAiIiIiIiIiA8ACgIiIiIiIiMgAsAAgIiIiIiIiMgAsAIiIiIiIiIgMAAsAIiIiIiIiIgPAAoCIiIiIiIjIALAAICIiIiIiIjIALACIiIiIiIiIDAALACIiIiIiIiIDwAKAiIiIiIiIyACwACAiIiIiIiIyACwAiIiIiIiIiAwACwAiIiIiIiIiA8ACgIiIiIiIiMgAsAAg0gOeffsRERERlWm6/r5ERAVjAUBUBuj6A5uIiIiopOn6+xYRsQAgKjW6/tAlIiIiKqt0/T2NyFCwACAqIbr+ICUiIiLSV7r+HkdUXrEAINISXX9QEhEREZVXuv6eR1ResAAgKiZdfyASERERGQpdf+8j0ncsAIgKSdcffERERESUTdffC4n0DQsAokLQ9YccERERESnS9fdDIn3CAoCoALr+UCMiIiIizej6eyNRWccCgEgNXX+IFcTDx4+IiIioVOn6+w9LAKKiYwFApIKuP7iK/+Hcj4iIiKiY9Lso0PX3SaKyiAUAUS5lb6Cv6w9+IiIiosIqW8WArr9fEpUlLACIcuh2wK/rD2oiIiKikqa7QkDX3zOJygoWAES+JTf41/pgv29eftpXBo4tNGh8DQwbX3/DxtffsJXU618S3xXyfh/RcinAEoCo5LAAIINWegP/ogzwS+pDuwC6/gJk6PgaGDa+/oaNr79h06sCQBNFKQgUt51FAJH2sQAgg1UmBv1FGOi7+xARERGVDUUqBspAGaDr76FEusICgAxSyQ38Ndm7X7IDfJ3vwSAiIqJyo+QLAk1mCbzdHpYARMXDAoAMjm4G/qo/9DigJyIiovKkeKVA6RcBuv5eSlTaWACQQSm1gX8RBv0af7h6+xIRERGVDcUsBopWBmi3CND191Oi0sQCgAyK9gb/mg/8izTgL+SHrzsRERFRCdNmOaB5IVBwEcACgEhzLADIYJToXn8NB/6FHezr+oOeiIiIqLAKWwoUrwjQzmwAXX9PJSotLADIIJTYXn8VA383b18FKj8cvfoqcdMVTx8iIiIyFDr6vqHqu4+q70h5v0cVtghgCUCkHgsAKvdKZK9/PgN/V6++cHLzgqOrJxxdPAQOzu5wcHZT0KeonFyJiIiIyoYifp/J+73Iwdld4buTo6snnNy84OrVtxBFQPFnA+j6eytRSWMBQOVayQz+laf6ywf/bl6+2L5zNxISE8EwDMMwDMMULQmJidi+czfcvHyFEkDloQEsAYgKhQUAlWvan/KvfIy/fIqas5sXtu/crevPS4ZhGIZhmHKT7Tt3w9nN6+2hlarWCNDyIQG6/v5KVJJYAFC5pdXBf9/8B//u3r5w8+oLR1dP7vlnGIZhGIbRYl4mJMDR1TN7HQF1JYCaQwJYAhC9xQKAyqXSHPzLP4wcnN10/RnJMAzDMAxT7uLg7Kb0vYslAFHRsACgcqkkBv95T+cnfAh59oWrpw/6OLnq+vORYRiGYRim3KWPkytcPX3g5vn2zAF5Tx9YEiWArr/PEpUEFgBU7mht77+Kvf7uwuX8hNP5uXn1haunN+ydXHT9+cgwDMMwDFPuYu/kAldP77enE8wpAPIvAfLu1OEsACI5FgBU7pTK4D/nA8jNsy9cPH3g4uGN3g4sABiGYRiGYbSd3g4ucPHwhot8FkDO97DSKAF0/b2WSNtYAFC5op3Bf/7T/j18/OCRs+ff3asvXHOm/7t4eKEXCwCGYRiGYRitp5eDC1w8vODq6QPX3AVAgTMBeCgAUV4sAKhcKY3Bv0fOqv9uXn3hmjP939ndC70cnHX9+cgwDMMwDFPu0svBGc7uXnD19IZrzncwN3kBUAolgK6/3xJpEwsAKjeKtvc/76J/BQ/+3fMUAC4e3nB280LPPiwAGIZhGIZhtJ2efZzh7OYFFw/FAsBdXgAUVAKoWBSQswDIULEAoHKjJI77VzX4VyoA3L3g7OaJHiwAGIZhGIZhtJ4efZzh7OYJF3cvpQJAXQmgzfUAdP09l0hbWABQuVGsvf8qpv7nN/iXFwCuHt7Ze//dveDo6oke9o66/nxkGIZhGIYpd+lh7whHV084u+fMAvDwVigANCsBijcLQNffc4m0hQUAlQva2vuvNPiXL/qXtwDw9IGrhzechQLAgwUAwzAMwzBMCSS7APCAs7sXnOUFgKeP0vez3AWAyhKAswCIWABQ+VC8vf+aT/13zzkDgFvOqf+yCwDPnALASdefjwzDMAzDMOUuPeydcgoATzjnzMB08/TJPhtAoWYBKJcALADI0LAAoHKhyHv/Czn1X14AuAoFgFd2AeDiyQKAYRiGYRimBNLD3gmOLp45BUDOYQAqCoDCHwpQuFkAuv6+S6QNLABI72lj739hBv9uQgHglV0AuHmxAGAYhmEYhimhCAWAm1dOAeAFV0+f7HUAilICcBYAGTAWAKT3Sm3vf86HTHYB4J1dALh75yoAuAYAwzAMwzCMttPD3vFtAeDunVMAeL8tAIq1ICBnAZBhYQFAeq3U9v7nGvwLBYC7N5zdveHEAoBhGIZhGKbEIi8AnOQFgLu3UAAUuQTgLAAyUCwASK+V1N7//Kb+Z/OBq4cPXNy94SQUAB7o0ZsFAMMwDMMwjLbTo7cjHF084OTmBSd5AeDhAzcvH8USQM1ZATgLgCgbCwDSa6W/9z/7g8bVwyd777+7N5zcPOHozNMAMgzDMAzDlER62DvC0dkDTm6ecMqZgZldALz9blaaswB0/f2XqDhYAJBeK4kCQN3UfzcvH7h59oWLUAB4wcnVE44uHujOAoBhGIZhGEbr6W6fMwPA1RNO7vJ1ALK/kynNAlBVArAAIBKwACC9Vdzp/5ru/c87+H9bAHgJBYADCwCGYRiGUYpMJkNSUhIuX76Mw4cP48iRI4iIiMDNmzfx6NEjZGRkQCaTQSqV6npTmTKc7vaOcFAoALzeFgCqSgCNZwHwMAAyPCwASG+V7t7/nA8Wz75wzV0AuHnB0U1eADjo+vORYRiGYcpU7t+/j19++QV2dnaoW7cuateujQ8++AD169fHl19+iXHjxuHIkSPYt28f7t27xyKAUZnu9g5wcPGAo5t8IcDsAsBVKAA0OBSAswCI4OXLAoD0mDYKgKLs/c8uALJP/+fkLi8A3NGtNwsAhmEYhsmdq1evYvPmzTh06BCCg4MxaNAgfPjhhzAyMhLUrFkTlStXRteuXXHq1ClkZGToerOZMpZuvR3g4OKeXQC4e8HZzQsuHt5vC4AizAJgAUCGigUA6S1tT//XdO+/q6ePUAA4unvB0c2DBQDDMAzDqIhMJoNMJgMASKVSJCU
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--5ca60c77-1ed8-426f-b2fd-4aad950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-04-04T13:56:08.000Z",
|
|
|
|
"modified": "2019-04-04T13:56:08.000Z",
|
|
|
|
"first_observed": "2019-04-04T13:56:08Z",
|
|
|
|
"last_observed": "2019-04-04T13:56:08Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"file--5ca60c77-1ed8-426f-b2fd-4aad950d210f",
|
|
|
|
"artifact--5ca60c77-1ed8-426f-b2fd-4aad950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"attachment\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "file",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "file--5ca60c77-1ed8-426f-b2fd-4aad950d210f",
|
|
|
|
"name": "gandcratjyr44pms.onion.png",
|
|
|
|
"content_ref": "artifact--5ca60c77-1ed8-426f-b2fd-4aad950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "artifact",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "artifact--5ca60c77-1ed8-426f-b2fd-4aad950d210f",
|
|
|
|
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAABAAAAAMACAYAAAC6uhUNAAAgAElEQVR4nOzdeXiU9aH28QTckAMCtSxWQajQWlHrUt9WLHax1LogLijCcUF7qseq1dYCAgdFqmylAQkQ9iXsW9hDAoGAAULY15A9hCUhmSSTSWaSMMv9/oEZiaCETGAmv/l+r+vzh1kmTyJXZubOzDMhbyzMFwAAAAAAMFuIvw8AAAAAAABceQwAAAAAAAAEAQYAAAAAAACCAAMAAAAAAABBgAEAAAAAAIAgwAAAAAAAAEAQYAAAAAAAACAIMAAAAAAAABAEQvouzBcAAAAAADBbSN8F+QIAAAAAAGZjAAAAAAAAIAiE9F1wRgAAAAAAwGwMAAAAAAAABAEGAAAAAAAAggADAAAAAAAAQYABAAAAAACAIMAAAAAAAABAEGAAAAAAAAAgCDAAAAAAAAAQBBgAAAAAAAAIAgwAAAAAAAAEAQYAAAAAAACCAAMAAAAAAABBgAEAAAAAAIAgwAAAAAAAAEAQCHl9wRkBAAAAAACzMQAAAAAAABAEGAAAAAAAAAgCDAAAAAAAAAQBBgAAAAAAAIJAyOvzzwgAAAAAAJiNAQAAAAAAgCDAAAAAAAAAQBBgAAAAAAAAIAgwAAAAAAAAEARCXp+fJwAAAAAAYDYGAAAAAAAAggADAAAAAAAAQYABAAAAAACAIMAAAAAAAABAEGAAAAAAAAAgCIS8Nj9PAAAAAADAbAwAAAAAAAAEAQYAAAAAAACCAAMAAAAAAABBgAEAAAAAAIAgwAAAAAAAAEAQYAAAAAAAACAIMAAAAAAAABAEGAAAAAAAAAgCDAAAAAAAAASBkNfm5QkAAAAAAJiNAQAAAAAAgCDAAAAAAAAAQBBgAAAAAAAAIAgwAAAAAAAAEAQYAAAAAAAACAIMAAAAAAAABAEGAAAAAAAAgkDIq/NyBQAAAAAAzMYAAAAAAABAEGAAAAAAAAAgCDAAAAAAAAAQBBgAAAAAAAAIAgwAAAAAAAAEAQYAAAAAAACCAAMAAAAAAABBgAEAAAAAAIAgwAAAAAAAAEAQYAAAAAAAACAIMAAAAAAAABAEQl6dmysAAAAAAGA2BgAAAAAAAIIAAwAAAAAAAEGAAQAAAAAAgCDAAAAAAAAAQBAIeWVurgAAAAAAgNkYAAAAAAAACAIMAAAAAAAABAEGAAAAAAAAggADAAAAAAAAQYABAAAAAACAIMAAAAAAAABAEAh5Ze5pAQAAAAAAszEAAAAAAAAQBBgAAAAAAAAIAgwAAAAAAAAEAQYAAAAAAACCAAMAAAAAAABBgAEAAAAAAIAgwAAAAAAAAEAQYAAAAAAAACAIhLwSeVoAAAAAAMBsIf8deVoAAAAAAMBsDAAAAAAAAAQBBgAAAAAAAIIAAwAAAAAAAEGAAQAAAAAAgCDAAADAfHNOAQBwaf6+vgKAK4wBAIC55pzS35blaUeWXVaHS0RERBfL6nBpR5Zdf1uWxxAAwGgMAADMNOeU3l+Wq7JKt79vVxIRUT2prNKt95flMgIAMBYDAAAzzTmlHVl2f9+WJCKietaOLDsDAABjMQAAMM+cU+oz56SKedg/ERFdZsUOl/rMOckIAMBIDAAAzDPnlPrMPuHv25BERFRP6zP7BAMAACMxAAAwz5xT6jMrx9+3H4mIqJ7WZ1YOAwAAIzEAADAPAwAREfkQAwAAUzEAADAPAwAREfkQAwAAU4X8d+QpAYBR5pxUn1nH/X37kYiI6ml9Zh3Xf8856f/rMwCoYwwAAMzDAEBERD7EAADAVAwAAMzDAEBERD7EAADAVCF9Ik8JAIwy56R6MwAQEVEt6z3ruPrMOen/6zMAqGMMAADMwwBAREQ+xAAAwFQMAADMwwBAREQ+xAAAwFQhfeacEgAYZfZJ9Z7JAEBERLWr98zj6jP7pP+vzwCgjjEAADAPAwAREfkQAwAAUzEAADAPAwAREfkQAwAAUzEAADAPAwAREfkQAwAAUzEAADAPAwAREfkQAwAAUzEAADAPAwAREfkQAwAAUzEAADAPAwAREfkQAwAAUzEAADAPAwAREfkQAwAAUzEAADAPAwAREfkQAwAAUzEAADAPAwAREfkQAwAAUzEAADAPAwAREfkQAwAAUzEAADAPAwAREfkQAwAAUzEAADAPAwAREfkQAwAAUzEAADAPAwAREfkQAwAAU4X0nnNKAGCU2Sf1MgMAERHVspdnHlfv2Sf9f30GAHWMAQCAeRgAiIjIhxgAAJiKAQCAeRgAiIjIhxgAAJiKAQCAeRgAiIjIhxgAAJgqpPeckwIAo8w+oZdnZvv79iMREdXTXp6Zrd6zT/j/+gwA6hgDAADzMAAQEZEPMQAAMBUDAADzMAAQEZEPMQAAMFVI79knBQBGmXVCL89gACAiotr18oxs9Z51wv/XZwBQxxgAAJiHAYCIiHyIAQCAqRgAAJiHAYCIiHyIAQCAqRgAAJiHAYCIiHyIAQCAqRgAAJiHAYCIiHyIAQCAqRgAAJiHAYCIiHyIAQCAqRgAAJiHAYCIiHyIAQCAqRgAAJiHAYCIiHyIAQCAqRgAAJiHAYCIiHyIAQCAqRgAAJiHAYCIiHyIAQCAqUJenn1SAGCUWSfUiwGAiIhqWa8Z2Xp51gn/X58BQB1jAABgHgYAIiLyIQYAAKZiAABgHgYAIiLyIQYAAKZiAABgHgYAIiLyIQYAAKZiAABgHgYAIiLyIQYAAKZiAABgHgYAIiLyIQYAAKZiAABgHgYA8nMej0dut1tOp1Mul8vfh0NElxkDAABTMQAAMA8DAPmxsrIyxcXFadSoURo0aJBGjhyp6dOnKy4uTvn5+SopKVFlZaW/D5OIvicGAACmYgAAYB4GAPJTHo9H27dvV79+/fTKK6/ogQceUPPmzdWoUSO1adNG3bp104svvqiRI0eqoKDA34dLRN8RAwAAUzEAADAPAwD5sfLycjkcDtntdmVmZurTTz9Vu3bt1KBBA4WGhio0NFSNGzdW7969tW/fPp4iQBSAMQAAMBUDAADzMACQH/N4PMrOztZXX32lqKgoffrpp+rdu7duuOEGhYSEeDVs2FD33Xefli5dKofD4e/DJqLzYgAAYKqQl2edEAAYZWaOek3P8vftRwrSXC6X1qxZox49eqh9+/Zq1KiRrr/+ejVo0KDaABASEqIGDRqoffv2ioyMlNPp9PehE9HX9ZqepZdn5vj/+gwA6hgDAADzMADQVa6kpER79+7V/PnzFRkZqe3bt+vYsWNauXKl3nzzTf3oRz9Sw4YNLxgAQkJCFBoaqk6dOik+Pt7f3wYRfR0DAABTMQAAMA8DAF2FKisrlZiYqClTpuiFF17QHXfcoddee00LFixQYmKiiouLJUl2u11bt27Vq6++qptvvvmijwQIDQ3Vc889p6KiIj9/V0QkMQAAMBcDAADzMADQFa6oqEjh4eG64447dMMNN+i6665T165dNWvWLCUmJl70DP82m03r1q3Ts88+q+bNmys0NLTaCNChQwft37/f+/Eej+dqfktEdF4MAABMxQAAwDwMAFSH5eXlqbCw0PvfBQUFGjhwoH7wgx9478Q3aNBAd9xxh/76178qIiJCu3btuujZ/T0ej3JzczVlyhQ9+OCDuv76670DwI033qhPPvlENptNNptN27Zt47wARH6KAQCAqRgAAJiHAYDqqNLSUv3jH/9QQkKCpHN/+f/444910003eV/S78Ybb9RTTz2luLg4lZWVyeVyqaKiQmVlZSorK9PZs2cvuFyXy6WMjAy98cYb3nMDhIaGql27dtq+fbvS0tLUu3dv5efnX+1v2eesVqusVutV/7oej0c2m80vX5vMiwEAgKlCes06IQAwyswcvcQAQHXQpk2b9PjjjystLU0Wi0VffPGFmjZt6r3D3rp1aw0aNEjJycnKy8tTdna2Nm3apI8//ljdunXTH//4R/3973/XmjVrlJycrKysLJWUlMjpdMrtdmvKlCnVXh6wadOmWrp0qVJTU/Xoo48qJSWlxsfqdDpVXFys06dP68yZM7JarVf9EQS5ubn
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--5ca60cd3-7e68-4824-8947-4373950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-04-04T14:34:37.000Z",
|
|
|
|
"modified": "2019-04-04T14:34:37.000Z",
|
|
|
|
"first_observed": "2019-04-04T14:34:37Z",
|
|
|
|
"last_observed": "2019-04-04T14:34:37Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"file--5ca60cd3-7e68-4824-8947-4373950d210f",
|
|
|
|
"artifact--5ca60cd3-7e68-4824-8947-4373950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"attachment\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "file",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "file--5ca60cd3-7e68-4824-8947-4373950d210f",
|
|
|
|
"name": "gandcr4cponzb2it.onion.png",
|
|
|
|
"content_ref": "artifact--5ca60cd3-7e68-4824-8947-4373950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "artifact",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "artifact--5ca60cd3-7e68-4824-8947-4373950d210f",
|
|
|
|
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAABAAAAAwECAYAAADXYyfyAAAgAElEQVR4nOzdd3zUheH/8cut7L3nZe+9d0JIQiCEhAzC3tMgQzYoKMgQGYIDAVGGe1AVR2ut2qG2P9e31X6rtta6d8UBKJC8fn8ETzGgqK349d7Px+P1KAcBLh/OPh6f9919zoCIiIiIiIiI/OwZzvYdEBEREREREZH/Pg0AIiIiIiIiIg5AA4CIiIiIiIiIA9AAICIiIiIiIuIANACIiIiIiIiIOAANACIiIiIiIiIOQAOAiIiIiIiIiAPQACAiIiIiIiLiADQAiIiIiIiIiDgADQAiIiIiIiIiDkADgIiIiIiIiIgD0AAgIiIiIiIi4gA0AIiIiIiIiIg4AA0AIiIiIiIiIg5AA4CIiIiIiIiIA9AAICIiIiIiIuIANACIiIiIiIiIOAANACIiIiIiIiIOQAOAiIiIiIiIiAPQACAiIiIiIiLiADQAiIiIiIiIiDgADQAiIiL/QUePHuXo0aP861//Yvny5dTU1GCz2TCbzeTn57Nz504OHToEQE9PDy+//DK79+5j34038+BvfsNrr73GkSNHePfddzl48CA9PT1n+TsSERGRnwsNACIiIj9Ad3c3Dz30EJMmTaKoqIiIiAiioqLw8fHByckJg8GAwWDAycnJXnp6Go8++ihXXXUVEWl5hObWEJrbn+CsCoKTsggNC8fFxQUvLy8GDRrEXXfdxfHjx8/2tyoiIiL/x2kAEBER+R6OHz/ODTfcQHJyEsFBnuTlRdKvOp6mwWnU1iaSEB+I1Wo+6cTf6OREakoc9bWlhIYE4RsRQ1RpE5Elg4kobiSiaBBhBQMITi/BZLGeNCDk5+fz0EMP6RUBIiIi8r1pABAREfmOXnjhBerr64mM8KVfv3iamtIZOjSTtrYshg3LprMzl+HDcxkyJJ2IcB+MRqM9i8VC65Aa4uNshOf1I6aqjZjKNqIrWrFVDCWqrJnIkiZCssqJio4iIy2BAH8fDAYDJpOJKVOm8OGHH57tQyAiIiL/B2kAEBER+Q4efvhhoiJDKS6y0diYSnNzBu3tvSf9I0fmM3p0AWPHFjJu3BcVUFhgw9lqoaQ4h6ryPJoGVeEdGkV87QgSakeRUDuS+NqRxPcfQVxNJzHVHURXthJRUEd2fjb9KgvIyUohMiIEJycn4uPj+e1vf0t3d/fZPhwiIiLyf4gGABERkTP02GOPERYWSL/qeBobU2lp6T35HzEijzFjChg3roiJE4sZM6aQzIxwJk4sYcqUUqZOLaFfvwS8vT3pGFpHUUEG4TmVJDWMJ3ngBJIHTej934ETSGoYR2L9GOJrRxLbrxNbeTPhKdmYrVZSkmPJyU7FZDJhMpkYOHAgv/71rzUEiIiIyBnRACAiInIG3nzzTeLjbVRVxTJwYBKNjSkMGpRC0+A02tqyGD0qn/HjC5k4sZjJk0uor0smItyX4cNzmT69lBkzyqiuTsDPzwf/oGBSGieQOngKqU1TSR0ytfd/m6aSOngKyYMmktQwnoT6McT1H0FMVQeRRQ14hcfi6uFJaHCA/foATk5OtLa26hUBIiIi8q00AIiIiJyBUaNGUVAQQU1NHPFx/ri6WL68uJ/RiIeHM5GRvhQW2mgdmsmUycXk5kRitZpJTwth0qQizj23grTUUMKzSkkdMo305hlkDO06qfSWGaQNmU5q01SSGyeR2DCO+NpRxPbrJLqynaiyIQSmFOAeGHbShQKNRiMNDQ3s27ePN954QxcLFBERkT40AIiIiHyLp59+mpiYAIoKI3F2PvnK/qfKaDTi5mrF09PF/nM+Pm40N2eQEB9EbGUz6UO7yGybRVbHnJNrn01m67mkD+0irXlG7xAwaCIJA8YSVzuKmOph2CpaiSwdQnhRA37xWbj4BJz0iQEWi4Xq6mq2b9/Ov//977N9+EREROQnQgOAiIjIt5gxfTq5OeFYLaZvPfn/plHAaDRiMptJbZpERtsssobNJWf4fHKGzye7cz7ZnfPIHnYeWR1zyGibRfrQmaQ1zyBl8BSSvjoC9OvEVtlGZFkz4UWNhBUMICA5H6uHt30E+CIfHx/mzJnDe++9d7YPo4iIiJxlGgBERES+wYcffkhsbBQuZ/DM/5mMAJ5BYWS2zyJr2HlkD59P7shF5I5YRM6IhSeGgHlkdsw9MQB0kdo8g2T7ADCOuLrRxNSMILp6GFEnRoCIksGEFQ4kNK8W39g0TBbnPkNAZGQkjz322Nk+nCIiInIWaQAQERE5he7ubnbv3k1YWJj9JPqHnvwbjUbCs8vJ7JhL9vAF5I5cRN7opeSNWkLuyN4RILtzPpkdc8lsn0V6axcpgyeS3DiBpMZJxDeMJ65+LOF5NYRklhHTbxjRVe1EVbSeeDXAIELz6gnKKMPi5tFnBPDy8uLRRx8924dWREREzhINACIiIl9z5MgRpk2bRlCgB87O5pNOok95cu/khNHYe5L/TQOA2eJM6pApZHXOJ+fEyX/+2PPJG7OM3NFLyBm5iIy2mQQnZePq5YfFxRWzxYrJYsXq5oFfbCrRFUOIrx9FUEou/rGpxNZ0EtOvk+iqdvtbAkLz6wnKKMfi6tZnBLDZbHzwwQdn+xCLiIjIWaABQERE5CuOHz/O+HHjsEX54O5u/caTfx9vT0qLMmlr6U9n2wBGdDTQUFdKaEjgKQeAiPx+ZHbOI2fkYvJGLyN/3AUUjF9B/rgLyBuzjJxRi8nsmEPywLEkDhhNQt0IYvu1E5xejF9sGlY3D5ycnHDx8iUorQA3Hz/c/IKwlTURU935lYsDNva+EiC9FJO19+0A3l4emM0mDAYDXV1dZ/swi4iIyFmgAUBEROQrdu3ahS3Kh6BA99Oe+JvNJrIyEhnWVk9eTgrRtlAiw4OJjgolKiKEhvpysjKTT/o9bn7BZHTMJnvkInLHLCN/3HIKJlxI4cSLKBi/gryxF5A7einZIxaSMWweaW2zSW7pIrFpGvGDJhNTM5yIwlq8QiL73B+LixuRxQ1EV3Vgq2glqqyFiKJGQvPq8IvPxGAw4OvrTYC/LyHBgbi7u/POO++c7UMtIiIiPzINACIiIie8++67xMZGkJoSdNpn/l1dnBlQV0Z1RT4R4cHU9iti0rgWhncMpLgwi+EdA7FFhZOVkUxIcID9vf+RRfVkDl/Qe/I/fgUFEy6icOJKiiatomDCReSNW07u6GVkjVhExrB5pLbNJmXoOcTVjyKytJHA5Bx8wqNP+xYDF09voitbiKkeRkxVB1HlLSeuCVCL1cMLg8FAYkI0IcGBOFstLFu2jJ6enrN9yEVERORHpAFAREQE6OnpYcqUKSQlBWIyGfuc/Hu4u+Hi4kxjQyWpybFkZiQxYUwzE8YMITHBRlZGEmkp8bi7ueDq6kJSYgxBgf74+XpjMptJGTKF7JGLyR+3gsKJKymctIqiyRdTNHk1hRNXkj9+BbljlpE9ajHJg8YRmJiNi6c3RtOZf/SgV6iN2JrhxNYMJ6aqncjSIYQVNhCYko+TkxOhIYEkJtjw8fEiPT1dA4CIiIiD0QAgIiICvPfee0RHBxMc7HnKZ/9jYyLJz00jMd5GbHQEoSGBmE0mAgN8cXG22p/pNxqNBLi6YDQaKS/NJykxBmcPL7JGLiBnzDIKJq60n/gXTVlD0ZQ1FE5eRe7I+aQOHo9/dBImk8ne6S4seLq3JwQl5xLXfwQx1b2vAogobiQsvx4Xbz+MRiOF+WkEBvgSExOjAUBERMTBaAAQEREBrrvuOlJTgzCZnPoMAJ6e7mRnJlPbrxiT6csTcqPRSGCAH4MHVREZEWIfAJqiInGzWpk8vo2pE1px9fQme9Qi8sYtp3DSxRRPWUvx1N7yRy8gNDUPq7MLZrMZs9ncZwD4+gjw9Sv7f/XXTGYL0eVDiO33xUUBmwgvbMAvNh2DwUBaSixhoYF4eHjQ3d19tg+7iIiI/Ig0AIiIiABz587GFuVjP6H+6sl1QnwUbc01eHq49XnGvaGujFkzOpk1YyR+vt4YjUamJSWS4O1NYX4GSxdMxtPLk6zh55E
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--5ca60d55-4400-4eec-8a06-4066950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-04-04T14:35:53.000Z",
|
|
|
|
"modified": "2019-04-04T14:35:53.000Z",
|
|
|
|
"first_observed": "2019-04-04T14:35:53Z",
|
|
|
|
"last_observed": "2019-04-04T14:35:53Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"domain-name--5ca60d55-4400-4eec-8a06-4066950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"domain\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "domain-name",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "domain-name--5ca60d55-4400-4eec-8a06-4066950d210f",
|
|
|
|
"value": "gandcrab2pie73et.onion"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--5ca60d83-f2d8-4dbf-becd-42ed950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-04-04T14:35:06.000Z",
|
|
|
|
"modified": "2019-04-04T14:35:06.000Z",
|
|
|
|
"first_observed": "2019-04-04T14:35:06Z",
|
|
|
|
"last_observed": "2019-04-04T14:35:06Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"domain-name--5ca60d83-f2d8-4dbf-becd-42ed950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"domain\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "domain-name",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "domain-name--5ca60d83-f2d8-4dbf-becd-42ed950d210f",
|
|
|
|
"value": "gandcr4cponzb2it.onion"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--5ca60def-92a0-4ffb-a42d-437b950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-04-04T14:35:47.000Z",
|
|
|
|
"modified": "2019-04-04T14:35:47.000Z",
|
|
|
|
"first_observed": "2019-04-04T14:35:47Z",
|
|
|
|
"last_observed": "2019-04-04T14:35:47Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"domain-name--5ca60def-92a0-4ffb-a42d-437b950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"domain\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "domain-name",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "domain-name--5ca60def-92a0-4ffb-a42d-437b950d210f",
|
|
|
|
"value": "gandcratjyr44pms.onion"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--5ca60e0f-a0c4-4d42-beac-43d9950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-04-04T14:35:43.000Z",
|
|
|
|
"modified": "2019-04-04T14:35:43.000Z",
|
|
|
|
"first_observed": "2019-04-04T14:35:43Z",
|
|
|
|
"last_observed": "2019-04-04T14:35:43Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"domain-name--5ca60e0f-a0c4-4d42-beac-43d9950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"domain\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "domain-name",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "domain-name--5ca60e0f-a0c4-4d42-beac-43d9950d210f",
|
|
|
|
"value": "gandcrabmfe6mnef.onion"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "x-misp-object",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "x-misp-object--5ca7222c-a9d8-4560-9715-4ae6950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-04-05T09:42:55.000Z",
|
|
|
|
"modified": "2019-04-05T09:42:55.000Z",
|
|
|
|
"labels": [
|
|
|
|
"misp:name=\"tor-hiddenservice\"",
|
|
|
|
"misp:meta-category=\"misc\""
|
|
|
|
],
|
|
|
|
"x_misp_attributes": [
|
|
|
|
{
|
|
|
|
"type": "text",
|
|
|
|
"object_relation": "address",
|
|
|
|
"value": "gandcrab2pie73et.onion",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ca7222c-71c4-4182-b53f-4e5b950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "datetime",
|
|
|
|
"object_relation": "first-seen",
|
|
|
|
"value": "2018-10-04T00:00:00",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ca7222c-31e8-4ac5-8b68-47bb950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "datetime",
|
|
|
|
"object_relation": "last-seen",
|
|
|
|
"value": "2019-03-05T00:00:00",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ca7222c-dd84-4a0c-96bf-4d60950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"x_misp_meta_category": "misc",
|
|
|
|
"x_misp_name": "tor-hiddenservice"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "x-misp-object",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "x-misp-object--5ca722b5-7bd0-49c3-9621-4966950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-04-05T09:42:30.000Z",
|
|
|
|
"modified": "2019-04-05T09:42:30.000Z",
|
|
|
|
"labels": [
|
|
|
|
"misp:name=\"tor-hiddenservice\"",
|
|
|
|
"misp:meta-category=\"misc\""
|
|
|
|
],
|
|
|
|
"x_misp_attributes": [
|
|
|
|
{
|
|
|
|
"type": "text",
|
|
|
|
"object_relation": "address",
|
|
|
|
"value": "gandcr4cponzb2it.onion",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ca722b5-128c-471e-a296-47da950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "datetime",
|
|
|
|
"object_relation": "first-seen",
|
|
|
|
"value": "2019-01-12T00:00:00",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ca722b5-bf44-410b-bd70-4e8d950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "datetime",
|
|
|
|
"object_relation": "last-seen",
|
|
|
|
"value": "2019-04-04T00:00:00",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ca722b5-bce8-48e5-a0bc-4c69950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"x_misp_meta_category": "misc",
|
|
|
|
"x_misp_name": "tor-hiddenservice"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "x-misp-object",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "x-misp-object--5ca7244b-5c9c-457f-b724-4e44950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-04-05T09:49:11.000Z",
|
|
|
|
"modified": "2019-04-05T09:49:11.000Z",
|
|
|
|
"labels": [
|
|
|
|
"misp:name=\"tor-hiddenservice\"",
|
|
|
|
"misp:meta-category=\"misc\""
|
|
|
|
],
|
|
|
|
"x_misp_attributes": [
|
|
|
|
{
|
|
|
|
"type": "text",
|
|
|
|
"object_relation": "address",
|
|
|
|
"value": "gandcrabmfe6mnef.onion",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ca7244b-5354-4ba4-8619-4b96950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "datetime",
|
|
|
|
"object_relation": "first-seen",
|
|
|
|
"value": "2018-10-04T00:00:00",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ca7244b-b4d8-408b-a17c-44e4950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "datetime",
|
|
|
|
"object_relation": "last-seen",
|
|
|
|
"value": "2019-03-05T00:00:00",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ca7244b-df04-4685-b5b4-45c7950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"x_misp_meta_category": "misc",
|
|
|
|
"x_misp_name": "tor-hiddenservice"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "x-misp-object",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "x-misp-object--5ca72523-bf54-471e-8d50-46ce950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-04-05T09:52:41.000Z",
|
|
|
|
"modified": "2019-04-05T09:52:41.000Z",
|
|
|
|
"labels": [
|
|
|
|
"misp:name=\"tor-hiddenservice\"",
|
|
|
|
"misp:meta-category=\"misc\""
|
|
|
|
],
|
|
|
|
"x_misp_attributes": [
|
|
|
|
{
|
|
|
|
"type": "text",
|
|
|
|
"object_relation": "address",
|
|
|
|
"value": "gandcratjyr44pms.onion",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ca72523-ab1c-4ab5-adda-4640950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "datetime",
|
|
|
|
"object_relation": "first-seen",
|
|
|
|
"value": "2019-02-03T00:00:00",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ca72523-a314-4535-8b00-4d79950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "datetime",
|
|
|
|
"object_relation": "last-seen",
|
|
|
|
"value": "2019-03-05T00:00:00",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ca72523-8d94-4eeb-97c6-4e19950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"x_misp_meta_category": "misc",
|
|
|
|
"x_misp_name": "tor-hiddenservice"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "x-misp-object",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "x-misp-object--5ca725e7-432c-4ce4-8fc9-4e4e950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-04-05T09:56:04.000Z",
|
|
|
|
"modified": "2019-04-05T09:56:04.000Z",
|
|
|
|
"labels": [
|
|
|
|
"misp:name=\"tor-hiddenservice\"",
|
|
|
|
"misp:meta-category=\"misc\""
|
|
|
|
],
|
|
|
|
"x_misp_attributes": [
|
|
|
|
{
|
|
|
|
"type": "text",
|
|
|
|
"object_relation": "address",
|
|
|
|
"value": "gandcrasgyol4tol.onion",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ca725e7-0cf8-4848-8cb3-474a950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "datetime",
|
|
|
|
"object_relation": "first-seen",
|
|
|
|
"value": "2019-02-03T00:00:00",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ca725e7-2588-4307-8428-4366950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "datetime",
|
|
|
|
"object_relation": "last-seen",
|
|
|
|
"value": "2019-03-05T00:00:00",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ca725e7-91b4-4315-b5d3-4f3e950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"x_misp_meta_category": "misc",
|
|
|
|
"x_misp_name": "tor-hiddenservice"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "relationship",
|
|
|
|
"spec_version": "2.1",
|
2023-06-24 09:36:52 +00:00
|
|
|
"id": "relationship--4995e23a-5c88-4a0b-acb8-b0c5fca94c62",
|
2023-06-14 17:31:25 +00:00
|
|
|
"created": "2019-04-05T09:39:45.000Z",
|
|
|
|
"modified": "2019-04-05T09:39:45.000Z",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "related-to",
|
2023-06-14 17:31:25 +00:00
|
|
|
"source_ref": "x-misp-object--5ca7222c-a9d8-4560-9715-4ae6950d210f",
|
|
|
|
"target_ref": "observed-data--5ca60d55-4400-4eec-8a06-4066950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "relationship",
|
|
|
|
"spec_version": "2.1",
|
2023-06-24 09:36:52 +00:00
|
|
|
"id": "relationship--7af2a530-1814-483a-855a-704929296965",
|
2023-06-14 17:31:25 +00:00
|
|
|
"created": "2019-04-05T09:42:54.000Z",
|
|
|
|
"modified": "2019-04-05T09:42:54.000Z",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "related-to",
|
2023-06-14 17:31:25 +00:00
|
|
|
"source_ref": "x-misp-object--5ca7222c-a9d8-4560-9715-4ae6950d210f",
|
|
|
|
"target_ref": "observed-data--5ca60bd4-7f10-4055-82c3-4d34950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "relationship",
|
|
|
|
"spec_version": "2.1",
|
2023-06-24 09:36:52 +00:00
|
|
|
"id": "relationship--986bcf33-c995-499f-93ac-1c2b4e3b4c36",
|
2023-06-14 17:31:25 +00:00
|
|
|
"created": "2019-04-05T09:41:50.000Z",
|
|
|
|
"modified": "2019-04-05T09:41:50.000Z",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "related-to",
|
2023-06-14 17:31:25 +00:00
|
|
|
"source_ref": "x-misp-object--5ca722b5-7bd0-49c3-9621-4966950d210f",
|
|
|
|
"target_ref": "observed-data--5ca60d83-f2d8-4dbf-becd-42ed950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "relationship",
|
|
|
|
"spec_version": "2.1",
|
2023-06-24 09:36:52 +00:00
|
|
|
"id": "relationship--9e5c6a53-103b-453a-b7b3-03dea1679ea4",
|
2023-06-14 17:31:25 +00:00
|
|
|
"created": "2019-04-05T09:42:30.000Z",
|
|
|
|
"modified": "2019-04-05T09:42:30.000Z",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "related-to",
|
2023-06-14 17:31:25 +00:00
|
|
|
"source_ref": "x-misp-object--5ca722b5-7bd0-49c3-9621-4966950d210f",
|
|
|
|
"target_ref": "observed-data--5ca60cd3-7e68-4824-8947-4373950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "relationship",
|
|
|
|
"spec_version": "2.1",
|
2023-06-24 09:36:52 +00:00
|
|
|
"id": "relationship--1ce57853-a5c2-4dc0-b174-43cd3899435c",
|
2023-06-14 17:31:25 +00:00
|
|
|
"created": "2019-04-05T09:48:42.000Z",
|
|
|
|
"modified": "2019-04-05T09:48:42.000Z",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "related-to",
|
2023-06-14 17:31:25 +00:00
|
|
|
"source_ref": "x-misp-object--5ca7244b-5c9c-457f-b724-4e44950d210f",
|
|
|
|
"target_ref": "observed-data--5ca60c0a-2f8c-4521-9a9b-46c0950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "relationship",
|
|
|
|
"spec_version": "2.1",
|
2023-06-24 09:36:52 +00:00
|
|
|
"id": "relationship--473c7d7e-a0a6-4b19-a14f-f3b9aa7f6ab5",
|
2023-06-14 17:31:25 +00:00
|
|
|
"created": "2019-04-05T09:49:10.000Z",
|
|
|
|
"modified": "2019-04-05T09:49:10.000Z",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "related-to",
|
2023-06-14 17:31:25 +00:00
|
|
|
"source_ref": "x-misp-object--5ca7244b-5c9c-457f-b724-4e44950d210f",
|
|
|
|
"target_ref": "observed-data--5ca60e0f-a0c4-4d42-beac-43d9950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "relationship",
|
|
|
|
"spec_version": "2.1",
|
2023-06-24 09:36:52 +00:00
|
|
|
"id": "relationship--bcf3cec8-1232-4107-9e01-dfcd5b6e80f0",
|
2023-06-14 17:31:25 +00:00
|
|
|
"created": "2019-04-05T09:52:05.000Z",
|
|
|
|
"modified": "2019-04-05T09:52:05.000Z",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "related-to",
|
2023-06-14 17:31:25 +00:00
|
|
|
"source_ref": "x-misp-object--5ca72523-bf54-471e-8d50-46ce950d210f",
|
|
|
|
"target_ref": "observed-data--5ca60c77-1ed8-426f-b2fd-4aad950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "relationship",
|
|
|
|
"spec_version": "2.1",
|
2023-06-24 09:36:52 +00:00
|
|
|
"id": "relationship--6addcd4d-77ee-4219-8fb9-d17d88ca7e4f",
|
2023-06-14 17:31:25 +00:00
|
|
|
"created": "2019-04-05T09:52:41.000Z",
|
|
|
|
"modified": "2019-04-05T09:52:41.000Z",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "related-to",
|
2023-06-14 17:31:25 +00:00
|
|
|
"source_ref": "x-misp-object--5ca72523-bf54-471e-8d50-46ce950d210f",
|
|
|
|
"target_ref": "observed-data--5ca60def-92a0-4ffb-a42d-437b950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "relationship",
|
|
|
|
"spec_version": "2.1",
|
2023-06-24 09:36:52 +00:00
|
|
|
"id": "relationship--eff17429-0a53-4f1e-9478-bb558e86967c",
|
2023-06-14 17:31:25 +00:00
|
|
|
"created": "2019-04-05T09:55:32.000Z",
|
|
|
|
"modified": "2019-04-05T09:55:32.000Z",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "related-to",
|
2023-06-14 17:31:25 +00:00
|
|
|
"source_ref": "x-misp-object--5ca725e7-432c-4ce4-8fc9-4e4e950d210f",
|
|
|
|
"target_ref": "observed-data--5ca60a18-ae20-49c7-b5bc-44e3950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "relationship",
|
|
|
|
"spec_version": "2.1",
|
2023-06-24 09:36:52 +00:00
|
|
|
"id": "relationship--aa8dfc1b-9bec-4c24-af08-655553f35c0b",
|
2023-06-14 17:31:25 +00:00
|
|
|
"created": "2019-04-05T09:56:04.000Z",
|
|
|
|
"modified": "2019-04-05T09:56:04.000Z",
|
2023-04-21 13:25:09 +00:00
|
|
|
"relationship_type": "related-to",
|
2023-06-14 17:31:25 +00:00
|
|
|
"source_ref": "x-misp-object--5ca725e7-432c-4ce4-8fc9-4e4e950d210f",
|
|
|
|
"target_ref": "observed-data--5ca60871-28d8-432b-833e-4bbe950d210f"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "marking-definition",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
|
|
|
"created": "2017-01-20T00:00:00.000Z",
|
|
|
|
"definition_type": "tlp",
|
|
|
|
"name": "TLP:WHITE",
|
|
|
|
"definition": {
|
|
|
|
"tlp": "white"
|
|
|
|
}
|
|
|
|
}
|
2023-04-21 13:25:09 +00:00
|
|
|
]
|
|
|
|
}
|