2023-04-21 14:44:17 +00:00
{
"type" : "bundle" ,
"id" : "bundle--5d64d069-0fa0-45a4-bd65-b6f0950d210f" ,
"objects" : [
{
"type" : "identity" ,
"spec_version" : "2.1" ,
"id" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:29:12.000Z" ,
"modified" : "2019-08-28T12:29:12.000Z" ,
"name" : "CIRCL" ,
"identity_class" : "organization"
} ,
{
"type" : "report" ,
"spec_version" : "2.1" ,
"id" : "report--5d64d069-0fa0-45a4-bd65-b6f0950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:29:12.000Z" ,
"modified" : "2019-08-28T12:29:12.000Z" ,
"name" : "OSINT - Gamaredon group" ,
"published" : "2019-08-28T12:30:00Z" ,
"object_refs" : [
"observed-data--5d64f6d2-8cf4-4612-93cc-4fa1950d210f" ,
"file--5d64f6d2-8cf4-4612-93cc-4fa1950d210f" ,
"artifact--5d64f6d2-8cf4-4612-93cc-4fa1950d210f" ,
"observed-data--5d64f6e5-1bbc-4db9-9d29-4bb1950d210f" ,
"file--5d64f6e5-1bbc-4db9-9d29-4bb1950d210f" ,
"artifact--5d64f6e5-1bbc-4db9-9d29-4bb1950d210f" ,
"observed-data--5d64fd50-ff84-44de-b5d0-4387950d210f" ,
"file--5d64fd50-ff84-44de-b5d0-4387950d210f" ,
"artifact--5d64fd50-ff84-44de-b5d0-4387950d210f" ,
"observed-data--5d64fd61-8eec-4a45-be64-47c2950d210f" ,
"file--5d64fd61-8eec-4a45-be64-47c2950d210f" ,
"artifact--5d64fd61-8eec-4a45-be64-47c2950d210f" ,
"observed-data--5d6512bb-13cc-4741-a1fa-4290950d210f" ,
"file--5d6512bb-13cc-4741-a1fa-4290950d210f" ,
"artifact--5d6512bb-13cc-4741-a1fa-4290950d210f" ,
"observed-data--5d6515aa-2b50-471a-892a-427c950d210f" ,
"file--5d6515aa-2b50-471a-892a-427c950d210f" ,
"artifact--5d6515aa-2b50-471a-892a-427c950d210f" ,
"observed-data--5d65216c-c7a8-46b4-9146-4e1f950d210f" ,
"file--5d65216c-c7a8-46b4-9146-4e1f950d210f" ,
"artifact--5d65216c-c7a8-46b4-9146-4e1f950d210f" ,
"observed-data--5d6521a1-7c5c-4f23-ac50-486c950d210f" ,
"file--5d6521a1-7c5c-4f23-ac50-486c950d210f" ,
"artifact--5d6521a1-7c5c-4f23-ac50-486c950d210f" ,
"observed-data--5d65238f-d530-4a38-bb36-43bf950d210f" ,
"file--5d65238f-d530-4a38-bb36-43bf950d210f" ,
"artifact--5d65238f-d530-4a38-bb36-43bf950d210f" ,
"observed-data--5d6523c3-5388-42d5-bfd6-4f07950d210f" ,
"file--5d6523c3-5388-42d5-bfd6-4f07950d210f" ,
"artifact--5d6523c3-5388-42d5-bfd6-4f07950d210f" ,
"observed-data--5d6523fb-2aac-46d2-a15a-456e950d210f" ,
"file--5d6523fb-2aac-46d2-a15a-456e950d210f" ,
"artifact--5d6523fb-2aac-46d2-a15a-456e950d210f" ,
"observed-data--5d652c3c-7d4c-4c94-b60c-caa1950d210f" ,
"file--5d652c3c-7d4c-4c94-b60c-caa1950d210f" ,
"artifact--5d652c3c-7d4c-4c94-b60c-caa1950d210f" ,
"observed-data--5d652c51-7478-4bff-a1a2-b3dc950d210f" ,
"file--5d652c51-7478-4bff-a1a2-b3dc950d210f" ,
"artifact--5d652c51-7478-4bff-a1a2-b3dc950d210f" ,
"observed-data--5d65305d-db8c-483f-ac89-efc7950d210f" ,
"file--5d65305d-db8c-483f-ac89-efc7950d210f" ,
"artifact--5d65305d-db8c-483f-ac89-efc7950d210f" ,
"observed-data--5d653271-9780-4fcd-8224-4d42950d210f" ,
"file--5d653271-9780-4fcd-8224-4d42950d210f" ,
"artifact--5d653271-9780-4fcd-8224-4d42950d210f" ,
"observed-data--5d6532f8-5f78-45ac-8157-09c9950d210f" ,
"file--5d6532f8-5f78-45ac-8157-09c9950d210f" ,
"artifact--5d6532f8-5f78-45ac-8157-09c9950d210f" ,
"observed-data--5d653341-ce34-4173-9c7a-caa2950d210f" ,
"file--5d653341-ce34-4173-9c7a-caa2950d210f" ,
"artifact--5d653341-ce34-4173-9c7a-caa2950d210f" ,
"observed-data--5d653c6a-02e4-4a19-996a-4a17950d210f" ,
"file--5d653c6a-02e4-4a19-996a-4a17950d210f" ,
"artifact--5d653c6a-02e4-4a19-996a-4a17950d210f" ,
"observed-data--5d662e19-43e0-48f2-b5db-4c10950d210f" ,
"file--5d662e19-43e0-48f2-b5db-4c10950d210f" ,
"artifact--5d662e19-43e0-48f2-b5db-4c10950d210f" ,
"observed-data--5d662e31-6270-4c87-887e-8b0c950d210f" ,
"file--5d662e31-6270-4c87-887e-8b0c950d210f" ,
"artifact--5d662e31-6270-4c87-887e-8b0c950d210f" ,
"observed-data--5d662e67-6cf4-49aa-9ec0-8b0c950d210f" ,
"file--5d662e67-6cf4-49aa-9ec0-8b0c950d210f" ,
"artifact--5d662e67-6cf4-49aa-9ec0-8b0c950d210f" ,
"observed-data--5d663374-e3bc-43ae-a0e3-4517950d210f" ,
"file--5d663374-e3bc-43ae-a0e3-4517950d210f" ,
"artifact--5d663374-e3bc-43ae-a0e3-4517950d210f" ,
"observed-data--5d6633a2-1e3c-40c9-9dda-4202950d210f" ,
"file--5d6633a2-1e3c-40c9-9dda-4202950d210f" ,
"artifact--5d6633a2-1e3c-40c9-9dda-4202950d210f" ,
"observed-data--5d66364b-2d88-4969-80e8-4d87950d210f" ,
"file--5d66364b-2d88-4969-80e8-4d87950d210f" ,
"artifact--5d66364b-2d88-4969-80e8-4d87950d210f" ,
"indicator--5d64dadb-1654-4b89-bd0f-437c950d210f" ,
"indicator--5d64db7e-6634-42f3-a837-40db950d210f" ,
"indicator--5d64dbc7-5564-4729-aaa5-46ca950d210f" ,
"indicator--5d64dbe0-c9a8-4a69-af77-4dbc950d210f" ,
"x-misp-object--5d64dc36-bfb4-4909-84a4-4870950d210f" ,
"indicator--5d64e1e8-1628-4f3d-a20c-4508950d210f" ,
"indicator--5d64e219-7654-48ab-85a7-4e7f950d210f" ,
"indicator--5d64e230-3134-42f9-89ec-4979950d210f" ,
"indicator--5d64e288-df60-4d0d-8f8a-4081950d210f" ,
"indicator--5d64e32f-f018-4a7f-b22f-47d9950d210f" ,
"indicator--5d64e3bd-6474-4db5-ae6b-1e07950d210f" ,
"indicator--5d64f324-5260-43cf-b1e2-af53950d210f" ,
"indicator--5d64f35a-142c-4672-8bcf-49d1950d210f" ,
"indicator--5d64f3de-1fa8-4573-882e-4b24950d210f" ,
"indicator--5d64f451-9930-41fd-951a-48c7950d210f" ,
"indicator--5d64f4e2-156c-4616-84b5-4d97950d210f" ,
"indicator--5d653cd6-1190-4192-8e01-4679950d210f" ,
"indicator--0711a0d0-fa31-44b0-a6ba-2874d8997878" ,
"x-misp-object--b6188b63-e953-4d96-8f98-850ebfafef1b" ,
"indicator--50a80329-012a-4924-86eb-5fd85597cbed" ,
"x-misp-object--18225ad2-1e0a-49a2-bc87-b8cf7235a94f" ,
"indicator--b859bc0d-6e14-45b4-80e8-4d5d79f6880d" ,
"x-misp-object--cee3c9ac-0af1-4ab3-a484-c92874ed9bdb" ,
"indicator--b7d07cd9-63db-42d0-bacd-1e38ea200b6a" ,
"x-misp-object--136f1c84-a4aa-4f07-876d-c5eb3aba5a80" ,
"indicator--abf752c2-dbf6-4f1e-9731-c4d4b9f9759d" ,
"x-misp-object--6d04e4a8-bd44-4cd6-9c80-c13fbbae11be" ,
"indicator--cf01e1fa-bb40-4d0b-b52b-908910c2fd26" ,
"x-misp-object--8df78dd1-7cda-4e63-b3c2-9bcc3d77077c" ,
"indicator--41714cfe-419c-4827-824f-90f281a2785b" ,
"x-misp-object--c29ee2c4-9889-402f-b864-ae08eac1c5d0" ,
"indicator--3c64cb44-c63c-4da7-a2ae-0bdeb778f9dc" ,
"x-misp-object--ab3fe092-6f45-489e-bef1-e1af90f1fe74" ,
"indicator--253f4638-714a-4229-9f2c-95f73e86e0cc" ,
"x-misp-object--694eee41-afe4-4a3c-9759-10499c17f5a7" ,
"indicator--8a9d306f-3fa1-4b7a-b5be-5af92c041fce" ,
"x-misp-object--9788ebc6-52c7-496d-8d53-e79676970b3c" ,
2023-05-19 09:05:37 +00:00
"relationship--17c00e60-f621-49a2-ae17-a559b599bc4e" ,
"relationship--3ad72016-6dcd-4cda-889c-1134d2357db7" ,
"relationship--711c84c7-f616-4db1-8c16-cc00017080a2" ,
"relationship--b3a9ea17-43f1-4bd9-949d-cb18d4e8361e" ,
"relationship--3d047033-f66b-48b8-a88e-156267bd5f0f" ,
"relationship--f5555bf7-90e0-4c48-8f22-58bba2524826" ,
"relationship--5ca33860-0ee7-4585-87a7-8ff1724d8543" ,
"relationship--ae266710-b6ab-4cc1-8e87-e5dcd4a1aef3" ,
"relationship--064121f8-55c8-4623-a43c-597a3a7e7ab2" ,
"relationship--79347a7d-afa9-4762-a721-a43529b3413e"
2023-04-21 14:44:17 +00:00
] ,
"labels" : [
"Threat-Report" ,
"misp:tool=\"MISP-STIX-Converter\"" ,
"misp-galaxy:mitre-attack-pattern=\"Command-Line Interface - T1059\"" ,
"misp-galaxy:mitre-attack-pattern=\"Execution through API - T1106\"" ,
"misp-galaxy:mitre-attack-pattern=\"Scripting - T1064\"" ,
"misp-galaxy:mitre-attack-pattern=\"Scheduled Task - T1053\"" ,
"misp-galaxy:mitre-attack-pattern=\"Modify Registry - T1112\"" ,
"misp-galaxy:mitre-attack-pattern=\"Query Registry - T1012\"" ,
"misp-galaxy:mitre-enterprise-attack-intrusion-set=\"Gamaredon Group\"" ,
"misp-galaxy:mitre-enterprise-attack-intrusion-set=\"Gamaredon Group - G0047\"" ,
"misp-galaxy:mitre-intrusion-set=\"Gamaredon Group\"" ,
"misp-galaxy:mitre-intrusion-set=\"Gamaredon Group - G0047\"" ,
"misp-galaxy:threat-actor=\"Gamaredon Group\"" ,
"type:OSINT" ,
"osint:lifetime=\"perpetual\"" ,
"osint:certainty=\"50\""
] ,
"object_marking_refs" : [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d64f6d2-8cf4-4612-93cc-4fa1950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T09:24:34.000Z" ,
"modified" : "2019-08-27T09:24:34.000Z" ,
"first_observed" : "2019-08-27T09:24:34Z" ,
"last_observed" : "2019-08-27T09:24:34Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d64f6d2-8cf4-4612-93cc-4fa1950d210f" ,
"artifact--5d64f6d2-8cf4-4612-93cc-4fa1950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d64f6d2-8cf4-4612-93cc-4fa1950d210f" ,
"name" : "Info.PNG" ,
"content_ref" : "artifact--5d64f6d2-8cf4-4612-93cc-4fa1950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d64f6d2-8cf4-4612-93cc-4fa1950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A B U Q A A A G T C A Y A A A D g C B j T A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A F i U A A B Y l A U l S J P A A A G H N S U R B V H h e 7 d 3 f s y R X Y S d 43 s a O m C A 8 E Q 4 i 7 G F W t o Y B / U B G q I U k k O S m W + o W k h o j Q L Q s t 4 R a 8 w P Q W N J g o C 2 D Y l 4 W b C N 2 T U t o I g a 8 D + Z l x B V + I A Q R f l u i F x 70 s r E L j x M T u + s X n v F / c L Z O / q g 8 m X k y q + r 2 r b q Z d T 8 P n 6 A q T + Y 5 J 0 9 m 3 S a / O q f q H f / m p l s D A A A A A M B J I B A F A A A A A E 4 M g S g A A A A A c G I I R A E A A A C A E 0 M g C g A A A A C c G A J R A A A A A O D E E I g C A A A A A C e G Q B Q A A A A A O D E E o g A A A A D A i S E Q B Q A A A A B O D I E o A A A A A H B i C E Q B A A A A g B N D I A o A A A A A n B g C U Q A A A A D g x B C I A g A A A A A n h k A U A A A A A D g x B K I A A A A A w I k h E A U A A A A A T g y B K A A A A A B w Y g h E A Q A A A I A T Q y A K A A A A A J w Y A l E A A A A A 4 M Q Q i A I A A A A A J 4 Z A F A A A A A A 4 M Q S i A A A A A M C J I R A F A A A A A E 4 M g S g A A A A A c G I I R A E A A A C A E 0 M g C g A A A A C c G A J R A A A A A O D E E I g C A A A A A C e G Q B Q m 6 L 0 3 v z 984 P Y 7 A A A A m J G b b n l / 9 h k P m B a B K E z Q A w 88 G M 6 c P R / u + 8 M z A A A A z M B H z 54 L D z x 4 L v u M B 0 y L Q B Q m 6 I E H z o W b b / 1 g u O H G m w A A A J i B W 97 / w c W z 3 P n s M x 4 w L Q J R m C C B K A A A w L w I R G E + B K I w Q Q J R A A C A e R G I w n w I R G G C B K I A A A D z I h C F + R C I w g Q J R A E A A O Z F I A r z I R C F C R K I A g A A z I t A F O Z D I A o T J B A F A A C Y F 4 E o z I d A F C Z I I A o A A D A v A l G Y D 4 E o T J B A F A A A Y F 4 E o j A f A l G Y I I E o A A D A v A h E Y T 4 E o j B B A l E A A I B 5 E Y j C f A h E Y Y I E o g A A A P M i E I X 5 E I j C B A l E A Q A A 5 k U g C v M h E I U J G g t E / 9 X v v z f 87 g 0 3 A g A A s C 2 / 957 s 89 g Y g S j M h 0 A U J m g s E P 2 f f v + 94 X d u + H 0 A A A C 2 J I a i u e e x M Q J R m A + B K E y Q Q B Q A A O D 4 C E R h v w l E Y Y K 2 H 4 i e C R / + u 5 + F i 3 / 3 U n h P u v 3 + l 8 K F f 1 h s r 3 X L N 1 a 1882 n M 2 W r v e e L P 6 z 68 s P w 4 f v z + 2 z q A 9 + s z + + 18 I F M + f G r x i y 5 D h e + e C a z 34 A j v 4 a 1 O 8 I 3 D 14 I 3 z z d 3 f Z y + N W 1 l 8 P b V + 5 I t g M A w L w J R G G / C U R h g r Y b i J a B 2 w N P 9 M t i W J j b f r 2 K E H L D U D Q e 0 w S B w 33 O e u K 1 b H v t 83 s 6 P H B U Q e t A e 9 c l B p u H C D O 3 d Q 3 P X n k h / O p a O x D 93 N X m / e e u C k U B A N g f A l H Y b w J R m K C t B q I j 4 d 0 H v j k e E M Y Z m 4 O z F R f 1 D s 9 k 3 D D Q X C s M H A 408 / 2 M + 1 / P r N B 4 f P 4 c R s d l p J / N e C / 26 V 6 T V W M w M N 7 j 1 z B e h 0 O M w e l P h r c P n g k H v R m i i W K f T 4 a z u T I A A J g Z g S j s N 4 E o T N D 2 A t E Y i G U C s + 4 y 627 w F 0 P U x b Y Y w N X L 2 M v y M u y 7 U C 2 L L 8 q G Q r x Y x 7 o z H k f D 1 X I W Z L n k v Q x a m 4 C 3 D C 3 T 80 j D 38 G Z q s X 5 p U F h W W / d h 6 a 99 u u 12 s v 0 s x n D + v j X w o e 7 o W o 2 E B 0 Z 7 x X X s O x L v P Z V m 7 l x y K q X y u e W z D f M E A U A Y J 8 I R G G / C U R h g r Y X i M Y w L A 3 + 2 v K z C 8 s Q L j / r s F s 2 V v 9426 n R G Z e 9 o L A f 8 s b w b 2 g 2 a h 1 G d s P Z V p u t N s o w c 6 i + K N v e S D + b t p I x 6 Y b A I 4 H o 2 H h n r + E a Y z Y k L p U v g 858 I F o u p X 85 / M r s U A A A 9 o h A F P a b Q B Q m a K u B a C 9 k a 6 w X p q W 6 g V w / o G u s H 8 K 1 A 9 F Y Z z n j s d h W z V Z t a 9 c 7 F o g u d W e F J u f Z D 2 S b P u R m u W b b G + n n 9 Q W i 4 + O d u 4 a x v e 6 M 0 P 45 Z r S W w Y / P E P 2 d S 8 + E X 109 m y 8 D A I C Z E Y j C f h O I w g R N a o b o k Q W i 4223 x D C x 0 + Y y w I t l K 5 Z 7 r x W I L r T 3 q w P b + L / D / S z C x V 4 I O R C I D v R z 14 F o r i 9 r j V E M O e P s z 46 D S 5 l 9 b z g b D q 49 E z 7 X 2 w 4 A A P M j E I X 9 J h C F C d r m j y q N B W H Z M K 1 a M t 4 O 685 U Q d 3 q g G 4 p E 3 I O K 9 t M + 9 k O E X P 9 b M R z b P W 38 H T 4 c G t b Z s Z q 0 c d F O 63 w 8 E z 4 w B P j x w 21 N 9 T P n Q e i v b 4 M 921 Y f 4 b o 2 U t n m 2 X y M T y 1 b B 4 A g D 0 h E I X 9 J h C F C d p m I D o W T O b D t C g G a O 3 l 32 V Y u T q g K / U D z t W 6 b S b 1 x r B w q C y K 57 g s q 84 p / o D R N 9 N j h k L M T j / j j x D F H z E a O y 7 X X n F s v p / j g W g 5 V s 0 x C 8 u A N t k / + 37 k G r b 6 u O m 1 i L q B a J w R m s 4 c H V l O D w A A M y M Q h f 0 m E I U J 2 m o g u p C f 0 b g 9 x T L z F c v c p 6 E f M A I A A C e P Q B T 2 m 0 A U J m j b g W g z C 3 H b 4 V 8 M G N M Z j t M U A + J 65 u Q u g 2 I A A G C a B K K w 3 w S i M E H j g e j 7 i n + c A Q A A 2 J L f + 9 f Z 57 E x A l G Y D 4 E o T N D 2 Z 4 g C A A A w J I a i u e e x M Q J R m A + B K E y Q Q B Q A A O D 4 C E R h v w l E Y Y K m F I h + 7 u r L 4e0 r d 7 S 3 X 3 o m / O r q 2 d Y + x S + N H 3 w y n E 33 K 36 Z P P 0 l 8 q S u W E e y / e B S e t x q x Q 81 F d / 7 O f T L + J t r v k t 0 q j + s 1 P 8 F + o 2 + 87 T 7 q / d / 91 J 4 T 26 / j V X X e X n 94 y / Q P x M + 19 t v 4 f Q n w 9 v J d f 9 V Z r / l / Z S U F d u S e y 46 e + W F / H 2 Y H F f s 0 2 q v V N y H v b 5 E z a / l x 2 O 7935 u W 9 + K + 77 z O Y n 9 L u ///nHdX+8f/qwNSescuCYjcmM6LSNjvY7uPbByXKv2OvciALB/BKKw3wSiMEGTmiEaA4MVAc4yzMyEPYVMHdlQdc2Qof0r+WVI+MAT/f2ynngt+yNPsc6mjvhjUEcUtA60d11isHmIMLN9jkelcw8UVgSi6b1QBOPt4LOpK9ZTB4Lp6/r9OsdVcvdgbluiDFPT84j1bhC4Dd33izrS8Wp/noaCxzU/a4Pa47WOlWN6WJ3P/pFYcS2HtM9xffE4oSgA7DeBKOw3gShM0LSWzMcgZiCIygQb2YBhKBhqHbtm4LJWGDgcaMaZpf1ZlXH/65kVWv6afi5szLdXG+7nB75Zb1/s0w1UV43BE69l22zqzInB8iHGIBtujYRvmXuhuWfGQ7t0Rmh7pub4cYXcPbgiRCsD0SYA7b5faei+X3ye0u3N+Y8Eout+1gatGttnOp+9NcZ0VDw+37/2teuKx+X/Dnzuar19sU/3nltxLeP45dps6szZIKAGAPaOQBT2m0AUJmhq3yHaCjCSYCYXbGTDjqFg6DABz0DYVyuXvcdgr1pevgwTy9AyXW6eztwsjsvN5IwzPFthaVlv3YemvfbrtdrL9LP+KoAHnqiPfy18uBuqZgPRMly9UNVV1FPv010qX9TfHFv2JYalVZu5ccjqhuW1kTCtdy+0g6V4D/QD1lodlvXbHT9uIXcPrgjRynv5k9W5lOf0zdEwr2Pkvo/9retp7vvhAG7tz9qgzDWJ/bu2GLci5D1bXId01ungmMZzaNVVXsP0fOry9HXZh7K9paT+Zt+yvrosnmfc9+BSfXzmOmSvZXm/vF3VVdRT75Ocey3921P2Jd5jVZtD45C7f3rjAwDMkUAU9ptAFCZocj+qlIQNMShIw6tegJkJOseCoXS/dQKe0RmXvaAwho3tWZEx/BtaNl6Hkd3v1my12WqjDDPHlqFn2xvpZ9NWDCercLUbAo8Eos25JsdXsjNE1xizYZmQbXT7QiaIyt0HxfZM2LQsywRUY8dl78EVoVh9P9b1xrJ627KOMaP3fTNGzeeoCgIz/Vn7szYoc02K80+3le13x6DoS+c8WuPQOs9+HV3Zc+mNVaynDL2btpJzWJx76zrkxrrYPw3O+2OQnSE60pfWfrkxXTgb+xaD7d7+AMCcCERhvwlEYYImF4guA4F2AJALh7KBUS6syIQ52aCkox2IVjMaF4ptxWzO8n1j/UB0qTsrNAkN+4Fs04fcjxRl2xvp5/UFomkAul4gGtvrzgjtn+OQxf3QC6Gq7ZmgqJANrgbEe6RXT6w7F04lcsfl2l3Rl1YQV+2Xvb+HrLjvY13xdTs
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d64f6e5-1bbc-4db9-9d29-4bb1950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T09:24:53.000Z" ,
"modified" : "2019-08-27T09:24:53.000Z" ,
"first_observed" : "2019-08-27T09:24:53Z" ,
"last_observed" : "2019-08-27T09:24:53Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d64f6e5-1bbc-4db9-9d29-4bb1950d210f" ,
"artifact--5d64f6e5-1bbc-4db9-9d29-4bb1950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d64f6e5-1bbc-4db9-9d29-4bb1950d210f" ,
"name" : "InfoSys.PNG" ,
"content_ref" : "artifact--5d64f6e5-1bbc-4db9-9d29-4bb1950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d64f6e5-1bbc-4db9-9d29-4bb1950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A B N M A A A K R C A Y A A A B + 0e8 V A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A F i U A A B Y l A U l S J P A A A J r S S U R B V H h e 7 f 39 r x 33 n e D 59 U + 7 O 5 j B o B c Y d G b b n W 2 P 2 m N Z T 7 Y o y p K l K 5 k m 9 W S R E m 3 Z M i U N K V G c 3 n F b P Z L W L Z u m P c o k u 3 H 3 t O 2 F T b I 1 u 2 P 1 I u h J E F t X 6 l k I j L N G N h P 0 c G 1 g h C B A 4 A m w w C b Z y f Q P 60 W e E P 8 J l f O t h 1 P f + p 6 q O g / 31 K 1 b 975 + e E H 3 n n o 8 h x R 5 z 5 u f O v V r f / t j d 2 Q A A A A A w H J i G g A A A A C s S E w D A A A A g B W J a Q A A A A C w I j E N o M V t d 9 y V 3 X 7 n x w E A O O B u v a 395 z m A o Y h p A I n b Z j + U n T 79 V P b o 458 F A O A A e + K z p 7 P P f O Z k 6890 A E M R 0 w A S d 3787 u z U o 0 9 k v 33 L x w A A O M B u v / N Y 9 s g j j 7 f + T A c w F D E N I C G m A Q B M g 5 g G j E F M A 0 i I a Q A A 0 y C m A W M Q 0 w A S Y h o A w D S I a c A Y x D S A h J g G A D A N Y h o w B j E N I C G m A Q B M g 5 g G j E F M A 0 i I a Q A A 0 y C m A W M Q 0 w A S Y h o A w D S I a c A Y x D S A h J g G A D A N Y h o w B j E N I C G m A Q B M g 5 g G j E F M A 0 i I a Q A A 0 y C m A W M Q 0 w A S Y h o A w D S I a c A Y x D S A h J g G A D A N Y h o w B j E N I L E s p v 3 W 3 / r b 2 Y c + / B E A A L Y o / I z V 9 r N X H z E N G I O Y B p B Y F t N + 88 O / k / 17 v / 23 A A D Y o t / 87 V t a f / b q I 6 Y B Y x D T A B J i G g D A / h P T g K k Q 0 w A S h y 6 m P X w l e + q n P 8 v O V f 7 s S v a R t v W 25 C N f f S 8 / z l N f P b n W s s L J 7 I E / e y 974 O H m 433 b f e I 75 f P 6 z o s L y 2 p h v z / L H n k u e q z j d a m O l T 7e3 B 8 A s G 1 i G j A V Y h p A 4 r D F t B C b G h F p Q H m I K q N W O G 4 c v / q W N d b 5 a T O m d W / X D G T 5 e p 3 h a z H S d b 0 u + / l 6 A Q A 1 M Q 2 Y C j E N I H H 4 Y t r i p F c s R K j O S b H n r n c v W / B i 9 s h P r 2 e f q L 6 f b X t u / n 3 f s l K Y F P u z 69 k j j e i 1 w n Z z y b p B v s 8 Q 2 N p i W v v r s u z 1 A g C G I a Y B U y G m A S Q G j 2 m 9 Q W i L 0 s s Y Z x o T V / l 5 F J N e x U R Y t T x E q f e y p / 5 s t s 13 X l w y 8 R U J x 6 s u t c y P f T 17 p A p T f c v y 7 a v Y l U S v p d v F m j E t T J j l 551 v F 55 / d C 7 l 69 H 2 u o S Y F o 5 R v T b 1 / k v 79 e s H A E e M m A Z M h Z g G k B g 6 p n 3 k u e v 5 B N Y n G k E o h K B m 4 G l O d X U t W 6590 q o I Z t 1 R K l 7 W j F S d Q m T K w 1 c d x O a X T P Y t m 21 b T 8 c l M W 3 J d r W w P H o 8 B L N G A F x 8 v u 2 v S 7 G f K q K 1 h c T 2 X z 8 A Y K / E N G A q x D S A x J G 4 z H M h N s X S e L Z e T I t j V x r T W p c 1 z q U 9 p r V u l 68 f N A N Y v F 1 z n V V i W m p x O w B g G G I a M B V i G k B C T N s w p u X r p T c I q I 7 d s y y E r 8 b U X a E I Z n 37 r L 5 P 49 r M Q k w L + 2 m + D m I a A B w s Y h o w F W I a Q O J o 3 I C g i F C N a a 6 H T 5 Z x L Y 1 n 6 f f d G l N j S b D r W 1 Z b j F d 923 X f P C E 557 D d i j H t E 1 + N z i v f b r X n D g D s j Z g G T I W Y B p A Y / D P T G h / 2 P 7 z u C a x i 6 q t 9 G q w / p h X P o W 2 / 8 T 7 T C N W 3 r N I 2 C d a 1 X f x 4 J d o 2 n n h b u E t o x + v y 8 J V 8 v X i f 6 a 9 T 93 M H A P Z C T A O m Q k w D S A w / m e b S Q Q C A l J g G T I W Y B p A Y O q a F y x b b L 0 0 E A D i 6 x D R g K s Q 0 g M S y m P a h D 39 k 9 s P e 7 w A A s E 2 z n 7 H a f v b q I 6 Y B Y x D T A B K H 7 Q Y E A A B T Y D I N m A o x D S A h p g E A 7 D 8 x D Z g K M Q 0 g s T 8 x L d y E I N x l 8 k r 2 k f j x h 69 k T 0 V 3 k l x Y v p b y G N 95 s W X Z K k 5 m n 3 h u W 5 / t F u 682 X X T h f I 8 o + e 91 m f K b f U 1 i 92 T f W f 3 t e w 7 J 9 L H 3 s x + e f P N 7 I P L 90 S P 105 d f q 13 O Q D Q T k w D p k J M A 0 g M H 9 O K e P T I c 4 v L w s 0 J 2 h 7 f i 7 D P j Y J a H q m u Z 59 o W 7 a 2 E N O W 7 C s c b 4 M Q N s R r F h R R r B n T v n y 1 / v 7 L V x e D W b 7 N 1 V O d y w G A b m I a M B V i G k B i 8 J j 23 P X O u P W J 73 R N b x U + 8 t X 3 u q e 2 Z v t t X 9 Y d 7 / q E Y 4 V J r + 7 t w n 7 b z 3 f x P K O Y 1 n W e y 2 J a x 3 b 9 r 1 k 4 x w 2 C 4 I l n s g 92 L 2 a 7 C 5 N p k X y d Z 7 J T 88 d O Z b s 3 L 2 Z f r r 4 / f z H 7 Z f w 9 A N B L T A O m Q k w D S A w b 0 z o C V H q p Y h q x Q o C b P R Z i U j N y F Z d P P l V e z p k v a w t S Y f u 1 p r 7 K C B W 2 S 8 J f P u m W n 2 N 4 H k m o 28 t 5 t s a 0 n u 2 W v G b F e Y Z z D P s o t q / 326e6 v L P t M s / a w u R Z i G v l V F r + 9 c 2 L 2 W 40 y Q Y A 9 B P T g K k Q 0 w A S w 8 a 0 a E K r R f u U V R G U 2 q e v 0 m V d + + 8 / 7 o I Q q v L 4 t D j Z l U e q 1 j C 3 x / P s i W l 927 W + Z g v 76 o i Y L c K l m k U k a 49 p 1 W e i / b I x l T Y T J t H y m F Z v F 4 L b 7 v l o H Q C g k 5 g G T I W Y B p A Y P K a 1 h q j C a m E o l s a l l k i V W z 0 m B W E C r J r y C l / H l 1 e G m L b + Z Z o r n G d n T O v f r u 0 1 y y f Y k k m 0 9 H m 0 a l y 62 T + Z V s e z 5 v d x Q B P T A G B 1 Y h o w F W I a Q O L A T a Z t J a b 1 H 7 e p W P e R 8 n L O p 75 z v X H 8 z g / 8 P 0 A x L b / c N I l p n e c d y z / n r L h b Z 6 w 9 i C W f k Z Z / H 1 / 6 u S T G A Q A N Y h o w F W I a Q G L o G x D 0 R Z 3 W M J R P l S X T Y A + f L K P T C p E q W O c z 0 x Z C V H O q r f v 893 i e 24 x p + X r x 4 + n 3 q 1 i M Y a f O n 6 o v 7 Q z h L b n U s z G J t n C D A g C g j 5 g G T I W Y B p A Y O q b 1 h a 32 M B S E G F R M i j U / b H 95 b K o i 19 K p r F z 7 u v E H //dPeG1ynsUx423qmLf8+XW+ZuXNECqrPf9YGtOKybN6Yq1t6ixex508AWAdYhowFWIaQGLwmDYTgtTSz+/akrbPDwMAOGjENGAqxDSAxH7EtHoaK50i26ZySkxIAwAmQEwDpkJMA0gsi2kfymMaAADbFH7GavvZq4+YBoxBTANI7M9kGgAAMZNpwFSIaQAJMQ0AYP+JacBUiGkAiYMb005mn3huWzctCJ+n1nXn0MW7a651s4SHr2RPRdt23bl0feHumm9mv9x9JjsVP37imeyDm29mu+ejx/akPM5snx9cvmdh+ZevlnfrvHpqYdlhMX+Ojdc63Km07Q6mW+DXcB8s+/UrX7Mj9ZoAB42YBkyFmAaQOLAxLY9U27phQYhpS/YVjrdBCAt3Kn3kufZlmyve6G8vtsycv9gaDr58tQ4OIbrUMaZ5Dqcuv7YY9pbpOOZBEp7X/Dk3zjfEmIvZl6N1R7ffv4YT+PXrttqvXx4aJ/scgakT04CpENMAEgc1pn3kq+/lk17doSpMlLVPm4Vtm9NlUUx77nr75NmymNax3Se+0zXxFoRz3CAI7iVizLZtm05qRKMuYWKqM7asH5dWOmarZccKkWhx6iiPRdV2s+eyu8Kx4xDVfP7ROXS8poM5IL+GU/j1qyye66q/fgOEa4AViWnAVIhpAImDGdPKCPXc9ezcd15sLAuTYMUllSFiFZdozoNbWH+2LESvZowrLvN8KlzOOdtfviwNZ60xrWe79PLO+bEKxXmGcwz7KLav99unPTQERWwIl+yloSKEg9eyD8rL1vL1GlEobBPpCHXNqabUOiFm9WOmiksSw3HKfURhqFgWhNcnjiDF18W519t9ebZOuv8FIVyWx2g+/7Cfrtd0c9P4NVz9eKlRfv1m64dtq9e22GfYz4q/ftHvgYXHV/49D7A+MQ2YCjENIHEgY1oIVXl8WpzsyiNV6wRZEb7ap8TSZeH7ZGKsJ6b1bdc6mbawr+4pukXLgkfb8iIc1AFucZ0QMrqmb+aBpys2bDi903fM1YTj1s8jjzFt55hMY4Xn0x2UFs0jT2Pfy1/TzU3j1/Dg//qlr1nfsrbXvH/ZqTDRFs6/df8AeyemAVMhpgEkDmJMCxNg1ZRXeslmiGnrX6aZRrB1Ylr/dm0xLZ9gSybR0ufRbfbGvjOIBG1v/NPHFtdZKYyESZyFCaR4aih+fLlNY0weXUIYytVBJDzefh7h+VbrrRONknUbE0rLX9PNte1r+fH2+9fwwP/6rXVJa9trXgn
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d64fd50-ff84-44de-b5d0-4387950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T09:52:16.000Z" ,
"modified" : "2019-08-27T09:52:16.000Z" ,
"first_observed" : "2019-08-27T09:52:16Z" ,
"last_observed" : "2019-08-27T09:52:16Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d64fd50-ff84-44de-b5d0-4387950d210f" ,
"artifact--5d64fd50-ff84-44de-b5d0-4387950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d64fd50-ff84-44de-b5d0-4387950d210f" ,
"name" : "Window.png" ,
"content_ref" : "artifact--5d64fd50-ff84-44de-b5d0-4387950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d64fd50-ff84-44de-b5d0-4387950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A C I o A A A m S C A I A A A A 6 O 2 F T A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A F i U A A B Y l A U l S J P A A A P + l S U R B V H h e 7 P 3 P b x x p n u d 55 q l Q Q A G J O u S h k E g g L q m W W N n s F T v I n G r + G F L 8 k R 0 V c j U z u R x q O K 72 p B C N a E 4 N h S E i x W E k d J j F C p m Q D j m + r t 5 d J P c S p y i 6 d C F A Y O N Y 44 g 4 C N g T 57 L A Y O e Q F 531 L + z z 257 n s c f c z U k 3 O s 35 J l 4 o m D / 22 G O P m b s S 3 f a J 72 M / u n P v F w A A A A A A A A A A A L g 2 x D M A A A A A A A A A A A D X i n g G A A A A A A A A A A D g W h H P A A A A A A A A A A A A X C v i G Q A A A A A A A A A A g G t F P A M A A A A A A A A A A H C t i G c A A A A A A A A A A A C u F f E M A A A A A A A A A A D A t S K e A Q A A A A A A A A A A u F b E M w A A o M b u / W L 67 //1vwEAAACq8K+m4v/3JwAAo0I8AwAA6kr8/5b/8R8frq3/CgAAABi5zz5/ODv3X0X/T1AAAEaFeAYAANTYw4ePfvbJzwEAAICRu/9v5/7h381H/+9PAABGhXgGAADUGPEMAAAAKkI8AwCoFPEMAACoMeIZAAAAVIR4BgBQKeIZAABQY8QzAAAAqAjxDACgUsQzAACgxohnAAAAUBHiGQBApYhnAABAjRHPAAAAoCLEMwCAShHPAACAGiOeAQAAQEWIZwAAlSKeAQAANUY8AwAAgIoQzwAAKkU8AwAAaox4BgAAABUhngEAVIp4BgAA1BjxDAAAACpCPAMAqBTxDAAAqDHiGQAAAFSEeAYAUCniGQAAUGPEMwAAAKgI8QwAoFLEMwAAoMaIZwAAAFAR4hkAQKWIZwAAQI0RzwAAAKAixDMAgEoRzwAAgBojngEAAEBFiGcAAJUingEAADVGPAMAAICKEM8AACpFPAMAAGpsdPHM2vw33+988/Vd17L09aPvvt/R/PbB1FCvWrn2Apc/UT93D9+JAR8drg1sVMSc380vZS2pnuq6cofPvFIzT1xvPKbpOfgaZ193X3zovXh/NDuo8ec/a+6JRuFt02sEAAAYBeIZAECliGcAAECNjSiekcHD+uOgceZV3DIUGUWUS2iueKIkGa6os4vBXZqSbMx2fZdFKcmeM69Mh7DRbItDBo5pOjx+0//O7LefvV7WG1kYk2yU2Ux3a0Nuz77u7u3rRgAAgBEhngEAVIp4BgAA1Nho4plUYODSiEg+h5Aev8k1JiKfpCufKK+1/t2bGb0tLs1sJxuVpa8fffNmPat0Ke6pyf66AsbrKbaj2qNgTO8ys8MHWd56b9KXdKPLbAAAAKpAPAMAqBTxDAAAqLFRxDPxGlzBamPfeRGLzCpksYiqC9HtrfXv3j1SS5nJxih1EP375xCjOlFEDKvTJjn+m3WdiyQbZX99+d5NKOxpeNUzfjwjRvC3wzEFezfytTtFgkKZROPa297evvy/iW4AAABXRzwDAKgU8QwAAKixUcQzfsaQyRW1yIAkCirCxvw46ZEjozhR6LEuBjLpyIxePC3ZmNXoeFFKQU/dWSZJXjiU7ZWRkhkhMabtHB1eZOPomXyjTFg6k2uUwcwHmdCoXe1SkQ8AAEB5xDMAgEoRzwAAgBobTTyTCgzi1GQpuSSXn5TkU5M4n0gaxYlCKl9xwYnZSDZm54rjmbinG9x2sB/FgSp0efW1GSE5pupmxhGHp254QnMvEbpkjbp6Rrfz7hkAADB6xDMAgEoRzwAAgBq7vuqZy6Qmg3IUZfTxjOzgFhBzGUmq8bFcRc2nEpTk4b7kBGxjcszgopJjJvkBTL4ximd4Dw0AABgx4hkAQKWIZwAAQI2NIp5JFYjkUxNV/2FDi5//bGlNhQ1+UJELLcqViYzgRDnZFXm5SLLRCiKTZM+7j1vmkNR12QXN/EZ/zCHmv9FcM8uXNffcUmbJxuw9NMtb78OV0AAAAK6OeAYAUCniGQAAUGMjiWeSeUMuNRFa61FRSL/UQaYs+dQn74onUu+D6TOCP6VkoxbEM6merkVwPeU1msbcDYzH9Kpq+t4W/UYZzRXEJBuD9rdN1wgAADAaxDMAgEoRzwAAgBobTTyj6kVyxR9XIlOT7AUtAAAAqB/iGQBApYhnAABAjY0qnrGFIPmykktQhSZkMwAAADVHPAMAqBTxDAAAqLHRxTMAAABAgHgGAFAp4hkAAFBjxDMAAACoCPEMAKBSxDMAAKDGiGcAAABQEeIZAECliGcAAECNXXc8s/T1o+++39G++fputPdS7h6+E6M9Olwb2KiszX/zbn4paynoqV+lE7fPvFIzT7wXJx7W9Cx7jbOvuy8+dLc2XMvy1vvei7dN12EoarTei/dHs377fls2fmjn78nIbBw9808afSyruSfn2Xv2ejm3a2TULaryVgAAAIF4BgBQKeIZAABQY9ccz8y8+n79cdx4FTJcUWGJGNlFKcnGbNd3WY5S1HPmlenjt7ttcdTAYU2Hx29SWU5ERgWXTWJUmBHGDPttE2zst11Ck51i4+hZkAMl5cYsSQ7e29s3H9fe5iKigWSGZE59tdsSSV2Rdy4AAFAJ4hkAQKWIZwAAQI1dezwTlJg4+cBDevwm0RhorX/3ZkZvP36zY7aTjcrS14++ebOelbkU93TkIboCxusstv2ymHhY7zKzw4sNlYU096LAo1+FyvLW+0QSs/Y2S1DShqt68aak4hkTyfjbyuDz5ie8sewOn33dHXS4U/YujTQBAgAAOcQzAIBKEc8AAIAau754xl/W7DuvhkbmIrIqRRWg6PbW+nfvHn0j1xCTjX3iDTGmrk2Rg79Z16FIslH21+uPeauQFfbMeNUzfjwjBvG3w2EFcVFq2vnynZzZ1914FS8dbHhlKMLa296z92o9LrnXZBiyPEX1TK9a5lXP+PrHJAPG9CSmpFKQLTW+PMtrG4qoddV0o13DTa1gpveq61U3oSCpUoeLDupw3SEIcuRM1D1MTGnAFYkzZuPYloExEgAAKId4BgBQKeIZAABQY+OunpFJTC4U8Rv9UCTnsV46zEQjM3rltGRjVqDj5SgFPTUdF/nhUNZBRkpmkMSwtnN0eIG1grAkancJRLxrv52o/1CBR/gyG6NUvUhyzJzElFQ8M6vPLkbQH8Oj/CIYNUIzC1pS/aMkxqZZxfFM+bukBN2EjebeezFDMwgAALgS4hkAQKWIZwAAQI2NOZ5ZSq795Ucyg+MZl5qYjWRjdqI4nol7usE1E+Hoj+JYFbq8+toMkhxWdTNDicMHJDRrbxMhihDFBv7HksFDvhhFZjOJ/COndDwTT8nmK+ai/LhFjGlLWFyCoktVwo+56hkZ9niNZszCeGbYu5SoXgIAAKNCPAMAqBTxDAAAqLF6xzNyr1s9zAUkqcbHcgk1n4pPkodHkhOwjclhg4sqGtYJUoTi9ksED4Lfs1TdjHbleMb0yaIUVUyjGoM4xGQ2Ln0JQhcrzGzM3EYWzwTdAADAaBHPAAAqRTwDAABqbNyLm8lCExuQ/PxnS2sq1fATkWQ6kslKXrxQJNloBXlJUc+7j1tmO1X+Yhc08xv9YYeYv1CQHESxQb/gwU9EhI3mmsktmtmLVaLgpL/8mCmJKaXjGT9fkVGNjWfM9PzcKMiQNo72bOjiEh237TWKcUrEM+kr8m4RAAAYOeIZAECliGcAAECNjTueEVrrUfVJcbyh3gcTjeAO91OQZKMWlbP0P1xwnWWSZBpzgU08rFdVY+KfPnIJwX62DpgLFQqDBxVO6M4uonCH+6mGa/TbC8RjJiWmlI5nVOhiBuzuvdXVM1mmojMbl8p4U21v7TfVaNl8/PBGvV9HdtsbWD1TcEWJiiI9bNQIAAAuh3gGAFAp4hkAAFBj1xzPIKlctcqIZfGGdf1zGC95B3KvuomWXwMAAFdBPAMAqBTxDAAAqDHimZtB15d41R6olqrRSWQz44nKAACYVMQzAIBKEc8AAIAaI54BAABARYhnAACVIp4BAAA1RjwDAACAihDPAAAqRTwDAABqjHgGAAAAFSGeAQBUing
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d64fd61-8eec-4a45-be64-47c2950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T09:52:33.000Z" ,
"modified" : "2019-08-27T09:52:33.000Z" ,
"first_observed" : "2019-08-27T09:52:33Z" ,
"last_observed" : "2019-08-27T09:52:33Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d64fd61-8eec-4a45-be64-47c2950d210f" ,
"artifact--5d64fd61-8eec-4a45-be64-47c2950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d64fd61-8eec-4a45-be64-47c2950d210f" ,
"name" : "LNKFILE.png" ,
"content_ref" : "artifact--5d64fd61-8eec-4a45-be64-47c2950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d64fd61-8eec-4a45-be64-47c2950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A B V I A A A H o C A I A A A A k P 4 M p A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A F i U A A B Y l A U l S J P A A A H p 6 S U R B V H h e 7 d 3 L k 1 z n m d / 5 X v k S d j j a E R 0 d d l s z c s t t k x D N N i k S o p r F c r F w o S g K b F 4 E F R p T A F i Y 8 F C g X Z A h k G U Q Q s x m o A v Z E e p C Q R t R G 3 p D s g A t G A I j 6 J j F O C q I B R a z o S b m G h P 2 a I M 1 / o V 53 v v l P O f k y a y s Q u X J b 8 Y n E C f f f M 973 v O e L G T + z n s y 8 w / + + a O P A Q A A A A C A Q S L 2 A w A A A A A w W M R + A A A A A A A G i 9 g P A A A A A M B g E f s B A A A A A B g s Y j 8 A A I P 1 n 87 + m 7985 r m q E A A A z B V i P w A A g 0 X s B w A A x H 4 A A A a L 2 A 8 A A I j 9 A A A M F r E f A A A Q + w E A G C x i P w A A I P Y D A D B Y x H 4 A A E D s B w B g s I j 9 A A C A 2 A 8 A w G A R + w E A A L E f A I D B I v Y D A A B i P w A A g 0 X s B w A A x H 4 A A A a L 2 A 8 A A I j 9 A A A M F r E f A A A Q + w E A G C x i P w A A I P Y D A D B Y x H 4 A A E D s B w B g s I j 9 A A C A 2 A 8 A w G A R + w E A A L E f A I D B I v Y D A A B i P w A A g 0 X s B w A A x H 4 A A A a L 2 A 8 A A I j 9 A A A M F r E f A A A Q + w E A G C x i P w A A I P Y D A D B Y x H 4 A A E D s B w B g s I j 9 A A C A 2 A 8 A w G A R + w E A A L E f A I D B I v Y D A A B i P w A A g 0 X s B w A A x H 4 A A A a L 2 A 8 A A I j 9 A A A M F r E f A A A Q + w E A G C x i P w A A I P Y D A D B Y x H 4 A A E D s B w B g g J 7582 / 8 j 9 / + y //136z/8pVTqwvL1aMAAGB+EPsBABig9068/v/+28v/3/o7/+XfvfN/XPhR9SgAAJgfxH4AAIbpv/y7t3+/vvH/vPX25WPfqR4CAADzg9gPAMAw/U/fefW/rr/zf711uSoHAABzhdgPAMBg/dd/987PvvtaVQgAAObKAYr933jq6Zdf/svvfvdlAAAwFS+fePm7olEOAACm6Pjxb/+LQ/+ySrgHxwGK/QvPLT7x1DP/9J8dAgAAAABgVrz03Zcf+TqxvwcT+7/xza9+7VEAAAAAAGYFsb8vYj8AAAAAYOYQ+/si9gMAAAAAZg6xvy9iPwAAAABg5hD7+yL2AwAAAABmDrG/L2I/AAAAAGDmEPv7IvYDAAAAAGYOsb8vYj8AAAAAYOYQ+/si9gMAAAAAZg6xvy9iPwAAAABg5hD7+yL2AwAAAABmDrG/L2I/AAAAAGDmEPv7IvYDAAAAAGYOsb8vYj8AAAAAYOYQ+/si9gMAAAAAZg6xv68DEPsvn/j0d0cWq8LJPPPX29dunQ13l793bye7C+y1szd34u3GWv7Q6g1buH11qatwbXPn5mpWYYTlq9u2AXOLjfg+3NpYLisDAAAAw0Ls7+tgxP7PnqkLJyOx/4d/TdrBwyKRO6T9pSu3QhQ/vrG9s+lOP0mFrsLxYv/qjdBCVhI6kLW/e9l+AQAAAAcEsb+vKcb+xy5+1m/SXnL+gxMr+V0b+1c+O3Xxlaxamxdu7TSy/fL37m1/79vEfjxcRTwOGb7MzD6rq4Vjx/5ySn/56na6cMBYWj4el+2JgOoSANlc86IApQ9LV25tX8mbctTVAQAAgH1C7O9rCrF/8ZenPn1w/tMHpy5ePvLrB+d//cvHXKFbMNJl/M/8RGqakB8X3KOnZMWfXH7s4u/86i3eunHt/s75t+zF/PdvvJAKJfPbS/rvhzMC377yw/vmrlROqwOTk6A+MpPnYT4sV5nZ3VULx4j9+eX9O9lVA9mphMh/lMBE9HQJgC2UbZmSuFYolG7ETw3Y5XiraxarAwAAAPuJ2N/XlGJ/vEr/FUn+ZiZfj/3hUV/upJMCaeZf5af03d0wsV8UVhcCyF1iP6Zj6ezN7e2bq92T2+bUQLz5mfAwk5/VubGmFo4R+61qtr9lTt5G9PIqgPK6gOZVAK4w9aTu7ejVAQAAgD1H7O9rOrE/m6J/7OLvzLX6LbP9dtlcGpDN6udRvzP2nz1vJ/Ajm/ClMEz7Nz7bT+zH/irm2/018Hsy22/VF/m3z/bXpwOK0xNyS+2YcwT+VhTWJymKG7EfAAAADwGxv6+px/5nfvKgM/Z75nr+dJF/79ifEr5ayGw/HqoyePu03L9wl7G/8dl+pw7toty6Zz84EGoWc/hK7NfOLwAAAAD7idjf15Qu8s8n891yFvVXPjvvl195ZiV+ad8rR34da/aL/XWqj4Uh25uP9xP78fAUedjP9mcLbtkF+7bCXcR++0n7mM+Xrtx0jyqxv9h6kHfenAJIFaSF8noBbXUAAABgfxH7+5rSbP9nJ35tL903X+zng72dz7eFP/nMnwJYvByrZTX7x34X7ONF/iHSx4v/t8/fChf52y//8+5deSa1AExk6cqtnTQZ3kKSc3ZLle1Eurt1Fkqczm8jonUj9oushRtXV8+arK7F/mLr4asKzVkDf9u+uZl/Yj/tVyhUVgcAAAD2FbG/r6lf5A8MFN9dBwAAABwgxP6+iP1AH40L3QEAAAA8TMT+vvTY/6eP/Dd/+s8BAAAAANhndT5tQezvqy32/+Ov/ikAAAAAAPvsv/3aI3VE1RD7+yL2AwAAAAAODmL/lB2A2P/D73765dJCVQjMrNUb9vvtt99eSoV/5b9h/8Zf+ZLn386+Cv+TjeezFc3tb1bjumf+Jq01gWJDVa9KsWbb5kyFrGMAAADAniD2T9nBiP2/faouBGaSifebZ+xyCslSGNKyZPgseC/9h0+2/8OCWxbmp/bcunk7u4/9Y63esTlpquOsAQAAADAdxP4pm2Lsf2T9t/0m7SXnP/juyfyujf0nf7uy/lJWrc2R7Z2L79XZQwrfeLMoAfZdFeO/+qcLS893Ben22J+dIBg/9q/e8JcPGB2xX31I25zvZxX7Yw8rnB0AAADArhD7p2wKsX/hxsqnD85/+mBl/YdLHzw4/8GNR1yhWzDSZfxPXZeaJuTHBffoiqx4/YePrH/pV2/x5ua1+ybef+O97Wv3N4+UhZL8r93ffu2IFK6+cX/n2r2Nb8ijRzYu3ldOEwBjMlfgj4rfRW5Psqn7Ulfsj9cI9I/9Jod/sm22tbCxveNb1mO/6ZIJ7bJK1bd6c6amNCVdNdf/+zxvV5dq0nha3Ra6OqacjwMAAABgMsT+KZtS7I9X6b8kyd/M5OuxPzzqy510UiDN/KuWXrvnUr0hyb8Z5qUwzvnbiwJW81WAyS2s3vhE8nPn+SMJ29k0e8HkcJOIs5AvOmN/aG282B+m2eNaNpmHm4/ixXaryflyc0XN0H7L6v4EgS8HAAAAJkTsn7LpxP5siv6R9S/Ntfots/122VwakM3q51G/M/bbOfxMiv12wr8utPWZ58c+apntT6pLBjpjv6To8Wf7Y8089term3MQyvkFd7fcXNGlkPDNXuS3FPvbznoAAAAA/RH7p2zqsf+p6w86Y79nrudPF/n3jv3hwv5k6bV7O9e2/eXExSUA/lxAcxVgj1QxXhPCvNUV++Ms+vRjf8v5Bacj9stDIfZnq0dlOwAAAMCEiP1TNqWL/PPJfLecRf2Tvz3vl1966mT80r6Xlj6INfvFfvXL/PJzAeYUQKgg5ebyfvMtAOGkALDXJGOn6LuwccPl9reLL9jzc+NGR+xPy3sQ+2OAr5fd3bx+dld662tWq3jEfgAAAEwFsX/KpjTb/9vvfmAv3Tdf7OeDvZ3Pt4XXf+tPASz8MFbLavaP/S7Yx+v53cf47df7uZLtN7bdbH9+eX9xOQAwIffh/B6xViJxuG3+h79aff4fr575G/9dd+YWLoM3JwjSzSV8ifrxlk4HZA2am5K3gzyxx2U19hfbCjtVdil2INbcvvE38ZyFOQUQb759Yj8AAACmgtg/ZVO/yB8YqHKiHgAAAMDeIPZPGbEf6OOv+L46AAAAYF8Q+6dMj/1fe/RP/uk/AwAAAABgnxH7p6wt9gMAAAAAcGAR+/si9gMAAAAAZg6xv69pxP5n3vjN1V/dFWsn6odmwfL30q8DbH/v26bwuP3WdrndXM1r7sby1exb0idodm1
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d6512bb-13cc-4741-a1fa-4290950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T11:23:39.000Z" ,
"modified" : "2019-08-27T11:23:39.000Z" ,
"first_observed" : "2019-08-27T11:23:39Z" ,
"last_observed" : "2019-08-27T11:23:39Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d6512bb-13cc-4741-a1fa-4290950d210f" ,
"artifact--5d6512bb-13cc-4741-a1fa-4290950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d6512bb-13cc-4741-a1fa-4290950d210f" ,
"name" : "CMDextractfile.png" ,
"content_ref" : "artifact--5d6512bb-13cc-4741-a1fa-4290950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d6512bb-13cc-4741-a1fa-4290950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A C 1 g A A A s A C A I A A A A / D P 5 H A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A F i U A A B Y l A U l S J P A A A P + l S U R B V H h e 7 P 3 N b 13 p n e B 5 x s o w Y C D g R S w M I z G B R l s t K Z z K F t O U y 8 W X o k S R z n A E Y + h U q a l m M p q W O r J d q k p F N c c W R 5 E I T E 9 h Y p y I G I y b o A Y N p H o a E 40e2 K K 0 0 U C L m J 1 B R C x i F o O B t g X U T O U m 1 v E v z H n O 63 P O P f f y U j x H v L r 6 s D 9 o X D 73 O S + U s 4 w E 8 o v f 89 q Z c z 8 G A A A A A A A A A G A K C E E A A A A A A A A A A K a E E A Q A A A A A A A A A Y E o I Q Q A A A A A A A A A A p o Q Q B A A A A A A A A A B g S g h B A A A A A A A A A A C m h B A E A A A A A A A A A G B K C E E A A A A A A A A A A K a E E A Q A A A A A A A A A Y E o I Q Q A A A A A A A A A A p o Q Q B A A A A A A A A A B g S g h B A A A A A A A A A A C m h B A E A A A A A A A A A G B K C E E A A A A A A A A A A K a E E A Q A A A A A A A A A Y E o I Q Q A A A A A A A A A A p o Q Q B A A A A A A A A A B g S g h B A A A A A A A A A A C m h B A E A A A A A A A A A G B K C E E A A A A A A A A A A K a E E A Q A A A A A A A A A Y E o I Q Q A A A A A A A A A A p o Q Q B A A A g C 6 d f e v P L / 7 l L M A I 5358 o f F f H Q A A A E B X h C A A A A B 0 6 f L l 5 Y V / c e U n l / 45 Q K u f / f P F t 3 / x T u O / O g A A A I C u C E E A A A D o 0 t L S l b f + / O K f v f k j g F b / 6 Z m 3 f v 5 X b z f + q w M A A A D o i h A E A A C A L g l B g N G E I A A A A N A r I Q g A A A B d E o I A o w l B A A A A o F d C E A A A A L o k B A F G E 4 I A A A B A r 4 Q g A A A A d E k I A o w m B A E A A I B e C U E A A A D o k h A E G E 0 I A g A A A L 0 S g g A A A N A l I Q g w m h A E A A A A e i U E A Q A A o E t C E G A 0 I Q g A A A D 0 S g g C A A B A l 4 Q g w G h C E A A A A O i V E A Q A A I A u C U G A 0 Y Q g A A A A 0 C s h C A A A A F 0 S g g C j C U E A A A C g V 0 I Q A A A A u i Q E A U Y T g g A A A E C v h C A A A A B 0 S Q g C j C Y E A Q A A g F 4 J Q Q A A A O i S E A Q Y T Q g C A A A A v R K C A A A A 0 C U h C D C a E A Q A A A B 6 J Q Q B A A C g S 0 I Q Y D Q h C A A A A P R K C A I A A E C X J j o E W f z o v S + + 3 M h 8 / t H Z x r f P 5 e z O 4 + R u 7 + 1 c P X I x d X X u 88 d z i 9 X K 4 M 5 s J R e 95 D E f B J N L C A I A A A C 9 E o I A A A D Q p U k O Q W Y + / X L l R n P x J E K H 8 e l 28 i G 5 c 1 l j t C 5 W X 31 R h S C t O 1 t f 8 r g P g k k m B A E A A I B e C U E A A A D o 0 m S H I L V p H K W z O 49 b Q o o b 94 + q K 7 Z X v r g / k 32 + c X 8 j / 9 y 6 m F r 86 L 3 P 769 U E 0 H a d 7 a 95 D E f F L 5 q / 0 t h E g h B A A A A o F d C E A A A A L r U T Q j S L B t O L D 4 U 5 o t o 5 E Z 4 U B i n k c 7 q y N Z D R f H e 519 u f L o d F k e c I J P c M x 3 I k d 78 / k o W c L Q u h v 3 Z o T D R 0 T B D d s 58 + j j 5 n L 1 V e u G Q n U M v T / 7 A 5 J 8 u e V D 4 E / I 7 J D r / J 4 X n J Q Q B A A C A X g l B A A A A 6 F I n I c j Z G / f f + / z + T J 5 Q J L Z X o o w j C h q G r b c b G L b R O j k j X k w + D 7 / n j f t p a Z G 3 H f m R L q 2 L 1 d C R K A R p 3 x k C j i w B q T K U 8 R + 0 + N F 7 V b k S P a v l n x R O j R A E A A A A e i U E A Q A A o E s v 0 9 E w t W y i F M c f R 4 c g Z e o R 9 x n N x e p B U Z z R u r O 8 e b x 5 / A c l i 7 U y p v 73 w m Q Q g g A A A E C v h C A A A A B 0 6 R U K Q c K 35 Q E u Z e H R t t j s M 7 J 6 o / X y 2 M h 7 D n t Q G B O S r M D k E o I A A A B A r 4 Q g A A A A d O l l C k F C P 1 G 2 F D / 6 s 8 W r a R S y P X Y I E o 3 x i J q S 1 s V C L f h o v 3 y n u C R Z L J 4 + 9 o O S F 278 j T B x h C A A A A D Q K y E I A A A A X e o k B D m 787 g Y m 9 G l g R A k E e Z q D A z q a A 9 B 0 r d q 3 K G 8 P O 5 F W h c z t R C k Z e f i R y u f h 789 E / 0 L j P 2 g k I 9 k i 7 X 1 t p e H 0 y E E A Q A A g F 4 J Q Q A A A O h S R x N B G s E E M D 2 E I A A A A N A r I Q g A A A B d 6 i Q E m f k 0 O r E F m C 5 C E A A A A O i V E A Q A A I A u d T Q R B J h a Q h A A A A D o l R A E A A C A L g l B g N G E I A A A A N A r I Q g A A A B d E o I A o w l B A A A A o F d C E A A A A L r U X Q h y d e 7 z L z c + / + h s u b L 40 X t f f L m R i d f H k t 7 t 0 + 2 B 9 e M 40 Q u 8 d M K / 2 M q N x u K g 2 c 8 O P v x s 6 Y j F 23 s f f 3 P 48 T c H 11 a r P b y 6 h C A A A A D Q K y E I A A A A X e o o B G m p E G Y + H a d L G C W 5 w 0 l a k J O / Q I s b 90 + a p w z q 5 p 7 J f w S P 5 x Y b i 0 2 r u x 9 + c 9 g M Q R q L y a 9 f 786 G z 1 s 3 v 9 m 7 m i 3 y K h O C A A A A Q K + E I A A A A H S p m x C k L W W Y + X R o l 3 B 25 / F 7 O w O F w Y 37 A 4 t j T r l I b K 98 M V i i H B 1 G F J L L x 9 r c / u b B Y I e R 3 P P + T P V r b v A O w + 45 u F 78 R d s r 8 b / 24 k f v h X k n Y 4 Q g S 9 e + P r j 5 q D E R Z G D x 9 l 7 x O X x l K A h C E A A A A O i X E A Q A A I A u d R G C D C Q I 8 Z k s j T 7 j x v 1 k 5 b 2 d q 2 d 3 H h d f h Q j j v f Q g m L D Y O M M l 2 X / U q S 5 h c E i a X J Q f 2 l + g e H T y O X 16 / s 7 F V S E 6 y X O W 9 p 2 h N S n v W Y Y v 6 e W J Z E + V r R T 3 T C 8 p 37 / 9 b y 9 u m C j z j o G d x Y d s //25ohEJD0run/+9o0OQ7PyXxikwbYtbN7NDYW7vfZyPBuHVJgQBAACAXglBAAAA6FIXIch26+iLtoEcyc7Ri4O3ar95pMovGoa+wI1shEa6ko/TyL6Ni5aBnamZgeNm8hQjWqlL7pm9f/xn1gzcs2Xn2bz8KP41sukptZcfev9MceBLrfloXUzc3vv4m8OPsxykXOSVJQQBAACAXglBAAAA6FI3IUhbCdHSYdTChVIRNzQ/Z+I4Y5jkqnSiRjPaaLswDNuI1tPZG5HGV807tIYg2XCOhhCIxPds/9uD5j3bdraHIMkbVmfEjPyHqg55iZqP1sXw+eNHW+nnYjRIfhNeVUIQAAAA6JUQBAAAgC690IkgzxOCtN+8VXp+SrW5NQTJ+4z4EJaqpahp7iwWB0OQxkr4M8vzaMo+o/cQJPlqeAiydTNM+IiE1KN1sapDEs1JIbyahCAAAADQKyEIAAAAXeoiBGmLIcLiYJdwde7zaH7G4tU0dxgZgty4P/LglcTVmRvlQI7aVIyWF8jvFl6jeOEh/UTLziD5S6v3L1aaf3vcZ4QoJLt/698eDNyzZWd7CBL/c1UPGq217YgXrz46vHk7X48/8+oSggAAAECvhCAAAAB0qZMQpDXXaD+ZJbQL5ZkpWUIRxx/x50Szw2ixuL3yeXXDuKhovkDykmUqEQ/tSD8Xd8gzi/ad+VfZznxDWwQTXjvf9vn9lapNGfzbUwP3HNw5JASJrq09aIQjQ5DapJD8jBhebUIQAAAA6JUQBAAAgC51E4K0jLXoQDjqZci5LcALIwQBAACAXglBAAAA6FJXIUgxBiOe53ES6UgMFQhMACEIAAAA9EoIAgAAQJe6C0GA6SQEAQAAgF4JQQAAAOiSEAQYTQgCAAAAvRKCAAAA0CUhCDCaEAQAAAB6JQQBAACgS5MSgix+9N4XX25kPv/obOPbaXN17vMvV240FgfNfnbw8TcH11aTz1s3vzn8OPNoq/z2w8+Wys2Jq4+yzW/+6PZeurn49c+Wrn1dXF4tttxzHOGthu9P37l81mH0huk71C8sN9+8XS2OMHt7a3Zg8WQabxV+HfNlTij92/euDqxPIiEIAAAA9EoIAgAAQJcmJASZ+XScMOKYbtzf+HS7uXhC3dzz6tznj+cWG4sN9d5i62YZDYTII/28uvthtuH2XtouLF37OqxHFyZXZdlH8lWt/0j3t91zDMn9GwFKLPn2uCHF1UdjthetlUb0VxyxOI74H2ocz/2g1HH+2U+TEAQAAAB6JQQBAACgS6cRgmyvfNHMPmY+PTKMKCWXj7X57M7j93Za/6/sgx1Gcs/7M9WvucE7DLvn4HrxF22vxOHI4kfvhXknY4QgjcKg9uvVR9mkja2bX+/ONn+tX3h7L41Can1DUYq03jP/tU1+kxcTgrS8z+ruh4PDS5LF9B/h6MXU6Jev/qHyf7fGtwOGPKj1HzN
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d6515aa-2b50-471a-892a-427c950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T11:36:10.000Z" ,
"modified" : "2019-08-27T11:36:10.000Z" ,
"first_observed" : "2019-08-27T11:36:10Z" ,
"last_observed" : "2019-08-27T11:36:10Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d6515aa-2b50-471a-892a-427c950d210f" ,
"artifact--5d6515aa-2b50-471a-892a-427c950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d6515aa-2b50-471a-892a-427c950d210f" ,
"name" : "runas.png" ,
"content_ref" : "artifact--5d6515aa-2b50-471a-892a-427c950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d6515aa-2b50-471a-892a-427c950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A B g A A A A d c C A I A A A D i t 9 c E A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A F i U A A B Y l A U l S J P A A A P + l S U R B V H h e 7 P 3 P c x z X v e d 9 e n f j R v T C v f H M v f b T s t m + T U q 8 b I v E f Q i T I F V C k Q A f E R R M k x R E C o Q I j O a 5 a k 5 D n G t R E E R x M Q u 5 Z U s L o g R G T 5 i K e M K K W U g F c 2 I Y C E U o 4 l m M H 4 S 14 J Z e z z M T 3 n D N f 2 H O 7 z y Z e T I r C 8 g s J u q 8 K 17 h m 3 X y 5 M m s l D r U + M T 3 n P O D f z p 0 G A A A A A A A A G O M A A g A A A A A A G D M E Q A B A A A A A A C M O Q I g A A A A A A C A M U c A B A A A A A A A M O Y I g A A A A A A A A M Y c A R A A A A A A A M C Y I w A C A A A A A A A Y c w R A A A A A A A A A Y 44 A C A A A A A A A Y M w R A A E A A A A A A I w 5 A i A A A A A A A I A x R w A E A A A A A A A w 5 g i A A A A A A A A A x h w B E A A A A A A A w J g j A A I A A A A A A B h z B E A A A A A A A A B j j g A I A A A A A A B g z B E A A Q A A A A A A j D k C I A A A A A A A g D F H A A Q A A A A A A D D m C I A A A A A A A A D G H A E Q A A A A A A D A m C M A A g A A A A A A G H M E Q I j L f 3 r x 8 I m T p z q v T g M A 0 C q v T n e P / O L l z H + 2 A A A A 6 k I A h L g c e u m f L 1 y Y / + d f T A A A 0 C o n p l 555 Z V X M //ZAgAAqAsBEOJy6KV/fu38hRcOHAIAoFX+89H/8fQrncx/tgAAAOpCAIS4EAABANqJAAgAADSKAAhxIQACALQTARAAAGgUARDiQgAEAGgnAiAAANAoAiDEhQAIANBOBEAAAKBRBECICwEQAKCdCIAAAECjCIAQFwIgAEA7EQABAIBGEQAhLgRAAIB2IgACAACNIgBCXAiAAADtRAAEAAAaRQCEuBAAAQDaiQAIAAA0igAIcSEAAgC0EwEQAABoFAEQ4kIABABoJwIgAADQKAIgxKU4ADr4HwAAaMLPDub+oxNAAAQAABpFAIS4FAVAP/npz//hhZ8BAFC7H//0P2b+oxNEAAQAABpFAIS4EAABAEaMAAgAALQBARDi0uoA6PT6he/+sqD9cf3nmbO78vN/+5MY7cK/TQ9sVKZP/PFPJ04nLcU9hWznsDe/0L/ozJtJ4y9+r37j75dcCwCMMQIgAADQBgRAiEubA6Bf/D6VkuydjG9UyCJGdiFOsDE59V2S6ZT0FDKdw978wiZZ0yf++MUvzIH5mXKEmnIuAGgzAiAAANAGBECIS7sDoHCe8vN/+1OgBufNLwoKc5ylM9/pzEWX4ejjYKNyev3CH784kxT1FPcUsp017xKl6BdZ2f4AMJYIgAAAQBsQACEutQVA+UxkL/zJX/5sKXkXWX2jym10+9KZ7/504Y9y/tSAChoxpp5jJQf/4ozOYoKNsr+ez+XN6irsGeqsqoTUC1k6I36CeSpxbFoKsirdwX6t95UCQGsQAAEAgDYgAEJc6gqAfv7mFxf++MUvbPyhsowkwbFBRrCxUK5eRlyeack0iuPiMd/8Qk3gMjGNmV8WbEyKjLxMp6BnuHOKaPd/vjyWWZWOk1LdvKgr8EoBYEwQAAEAgDYgAEJc9tMUsNPrFwIFPkte6OMf56gExwU3fgCUbUxulA2Asj1Fe7CzIvrYqEu3+4/nUiH3tagsCADGDQEQAABoAwIgxCWiAEiedSGLC2tCjW/KiWY+lfUELy/oLKeJ2YQodS8/AHK/Thy7zgAw/giAAABAGxAAIS77ahFoGZQkZTKnp72FdXQH/zggVLYTbrT8mKa8p+B1VuVCpl2GQaZdjGCe3xvBziBTnQEgAgRAAACgDQiAEJfa1gBKVmWuTWjPrCV/FSF1O9ESDoDUI2VGcJf7OVGwUUsFQKU9Bb+zzKr0Qy5ktxIz7fZdJS1KcrvQ8wPAOCAAAgAAbUAAhLjUVwGUyUoAAAgjAAIAAG1AAIS41BUAJZObAAAoRQAEAADagAAIcSkKgH7805//H174GQAAtfvHFwiAAADA80cAhLi0eRFoAMBYogIIAAC0AQEQ4kIABAAYMQIgAADQBgRAiEutAZDa+srfH13ugG73twrsm15CDeV2Ui+x+1vsxi9+r++V2USs4urXbmsw//JgY6F/3bj7dOfu043uwEbl2O/77/2+k2kEgOeMAAgAALQBARDiUl8AJIOMzDbwv/j9njaGl2nLwAzo9PoFl/u8+UXFGGV3vJ/jhz7ieKibBvtXGeTY7/t3+4vyuLv23tP+r7uFjYZs2SEAAtA6BEAAAKANCIAQl9oCoDe/yIc1v/h9uDTm5//2p8CWYW9+kWsMhEpZfgBUpb8QuFFRKOOPVpTR2PbwsPk3EBynaPAi3f7OjX8tb+z8+nH/Rp8KIADtQwAEAADagAAIcakpAJo+8cd00uHPzPJjFFmkIzeM//m//cm2y5TkgprwJRsz07hE//KJXdkASD1GqlGOr54tfCM1q+uLX8izySQy25gcmMZARVL5sDKTSl8l+ueznmBjiYEBkJ78xRQwAG1EAAQAANqAAAhxqSkACucXuQogmZWEKmJcozjOjJNvSUsnTaYGpzgAKr6RMH3ij7qxsJJI51bpTCo0bDCWMl+Dtw42FkmmfRU1dtfee7x2zMZArg8AtAIBEAAAaAMCIMSltgAolYkY2QAoFYs4fvaRz0Ey6UmOG9Ofg1YYAIVvpKp1ND/KUS2h36XqmIJD2WNV6OSpMQCSQY8Kd4ob5eQvt0IQARCA1iEAAgAAbUAAhLiMtAJoNwHQoGQkGdOLiqoHQKJnMkMtEDapkp/AA/witSB0blg/jcry+5c35qXKfAobF2/ITcE8uUsA4HkiAAIAAG1AAIS41LUItBeI+I2ZPEVOrUpWSj49rTKaUIDiDLUGUBK7iHHsrWUxTnEA5Cc1MgzSPad/8aZbztmlQksnkjWe/agoNKz/AFl+//LGLDuxa3CjRQUQgDYiAAIAAG1AAIS41BUABZOa0C5gS2ZqlWIXgc4HKJoMjIJr8SRSxT5JwGQW6xF+/0XpFDB5ien5xy/O6Fjn9NIZ1+jWFXpz6UwyU8yLsYqeX9UW2f65ewnmsYONQd1+qq5HJzvBRocACEAbEQABAIA2IABCXGoLgFQRkBeL1ECGOIUTqQAA+xUBEAAAaAMCIMSlxgDIFrO4cpi9WJKFQqQ/ADCOCIAAAEAbEAAhLrUGQAAADEYABAAA2oAACHEpCoB+/NOf/x9f+BkAALX7RwIgAADQAgRAiAsVQACAEaMCCAAAtAEBEOJCAAQAGDECIAAA0AYEQIjLSAMgf2f0sv3O6/ELs2u7v0d7flv6ILc1u7+gdbBxoGO/79992v9117V0fv14525/0XUYihpt5+7jtWN++79uqD3gN7p+YwuZ50zeRref3bd+eBG/zxBe6R4FXmB37b30Lwq+ZPXD9+W/M88HARAAAGgDAiDEZdQBkMt93vyipv3Cwn7x+7+ceVMfu9xHHAx1x2D/oQaRfxPu9g/pn/3D4o3M35P/umH+7BR/Tts/R5NbyD9T/aQpKDfmyIjHM8+cPIP4Q/rGv3p9mjVe77MAr3TXVIKzI6TCHfnM6nm8X1T4kmXO1a5/H9qLAAgAALQBARDi8twCIFVQYzOaYm9+ceHfptONRbmMP1ppdhMeM18cVDpIFUP9Kbt4w/55aSSJSV7n148Df0gP/uO/bMysotHE38m5v5B1z86v+8WDu2jAe3h7i9xvr0Hr3qdQ8yvV0s8Q1Stt4n1mrvVuIf6fszkueckyRdp95hsTAiAAANAGBECIy3MNgFTmkmp0QYw8uPDHvyz8funn//YnN19Mzer64hfybDKJzDYmB6bx90tqTKd8TDXDK3WJ6J/PeoKNQdm/QgX1h+hd+2ekJv6YfO+xmjwizybJiC5GUHIpkleM4Cv6e1gbMKZPFjLIodQl9s941SiIH+X+ypUH6klMz3/tFP91Lf5+VkOlKynyv30I++V9Ck29UjU1Sb8Hdbm4KopX2sj7lER/7//Zdn79WD+GONi50Tchphiq+CXbf8+TFt1Y9sNjRAAEAADagAAIcXluawB
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d65216c-c7a8-46b4-9146-4e1f950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T12:26:20.000Z" ,
"modified" : "2019-08-27T12:26:20.000Z" ,
"first_observed" : "2019-08-27T12:26:20Z" ,
"last_observed" : "2019-08-27T12:26:20Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d65216c-c7a8-46b4-9146-4e1f950d210f" ,
"artifact--5d65216c-c7a8-46b4-9146-4e1f950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d65216c-c7a8-46b4-9146-4e1f950d210f" ,
"name" : "CMDdetails.png" ,
"content_ref" : "artifact--5d65216c-c7a8-46b4-9146-4e1f950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d65216c-c7a8-46b4-9146-4e1f950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A C n w A A A U G C A I A A A A + U h p t A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A F i U A A B Y l A U l S J P A A A P + l S U R B V H h e 7 P 1 N i 11 X t u D 93 k + i z i 3 D f S h 1 C l s d J R x X U S Q o k l K n o F x g y c c g C l K 6 F K e l h k + V E l I i n P i A O q 6 C S i 4 V j S h z y z z 4 E I 3 A 53 D N a T 0 g H i O c Y N w w P g 3 n h / A n S O 4 c Y 76 N M V / W X n v H 3 q G I 0 P / H R l 5 r r v m + X m J 7 j t g 7 / h + 3 A A A A A A A A A A A A A A D A T g i 6 A w A A A A A A A A A A A A C w I 4 L u A A A A A A A A A A A A A A D s i K A 7 A A A A A A A A A A A A A A A 7 I u g O A A A A A A A A A A A A A M C O C L o D A A A A A A A A A A A A A L A j g u 4 A A A A A A A A A A A A A A O y I o D s A A A A A A A A A A A A A A D s i 6 A 4 A A A A A A A A A A A A A w I 4 I u g M A A A A A A A A A A A A A s K P D B d 2 P z 39 M X p 8 + T G l b + / T 9 k 5 / e v 592 D u v O F 0 c n P 32 g r 6 P H H 6 V E I X 2 I 6 R 88 + z S l A Q A A A A A A A A A A A A B w q K D 7 w 9 P X P / 54 f h x 3 J P q e t 7 d 1 a U F 3 a c j H 2 q O P 3 n t J r B 0 A A A A A A A A A A A A A M H a I o L u E 3 F 2 U / f h 810 + 7 X 1 b Q X T 7 m / t 17 d 9 K e c Y k f t Q c A A A A A A A A A A A A A X D c H C L o P Q u w h K U f h 73 + d v q q 9 C 2 b f f p a / x b 1 + 6 D z G v O V f T b d x c f 0 M + i B 9 z j T d f n i d o D s A A A A A A A A A A A A A Y H v 7 D 7 o / P H 2 t M X f 9 i v n 0 J 93 D t g b d J e y d Y 9 v 6 N 9 R L P F s i 7 i + / e C f t F T H c n o q Y P P 5 b 3221 M y 5 P L f 7 O 4 + 9 q J D 69 v r 4 d D t g I f X p t a g I A A A A A A A A A A A A A 8 J b Z f 9 A 9 x t z z V 8 z H z 7 i n Q P z t Z + 7 v p k s Q P Q b O V 37 Q X A L h G h F v 80 s Q f f Q X 2 a v a V l S q i v i k O w A A A A A A A A A A A A B g e 4 c I u s c o u 8 b c U 7 Q 9 f t L d f i F 8 f s V A e B M C r y Z B 9 y 5 / G 1 N v d V H 5 J s p O 0 B 0 A A A A A A A A A A A A A s L 39 B 931 o + 3577 q n / 6 a / 6 d 580 r 3 i k + 4 A A A A A A A A A A A A A g G v o Q J 90 r 8 H 2 F I K X m H s M d Q 9 j 2 / o h + M n f d B 8E3 W P + H E T X v 8 v u P v g + 4 J q W a p c + + F 4 R d A c A A A A A A A A A A A A A T B 3 q b 7 p L u P 3 H H 1 + f n q b / P k x H N f h d v 17 e x L P d l 8 / n i P g s 6 B 7 I o Z x / U 8 R d a W y + q T 8 j 6 A 4 A A A A A A A A A A A A A 2 N 7 + g + 7 p z 7 g D A A A A A A A A A A A A A H D T 7 T / o L l F 3 / V L 5 v H d O C B 4 A A A A A A A A A A A A A c C M d I O g e a N w 9 K e F 3 A A A A A A A A A A A A A A B u l s M E 3 Q E A A A A A A A A A A A A A e A s Q d A c A A A A A A A A A A A A A Y E c E 3 Q E A A A A A A A A A A A A A 2 B F B d w A A A A A A A A A A A A A A d k T Q H Q A A A A A A A A A A A A C A H R F 0 B w A A A A A A A A A A A A B g R w T d A Q A A A A A A A A A A A A D Y E U F 3 A A A A A A A A A A A A A A B 2 d K l B 93 c e f / f B y y / e S X s H 9 G 9 P / u c / f v 9 / f n n y r 9 O + i o n 6 + p / P P 0 y J w X 86 i 4 n p 5 U v 96 + e v 2 v w A A A A A A A A A A A A A A E Q 3 L + g u Y f I v T z 757034 / M N P v n z 1 y b / V T Y 2 + / 91 / 0 u 3 g P 5214 f k k F P n + f z 4 / + T u C 7 g A A A A A A A A A A A A C A o Z s W d P + 3 J //zvz8P//3rNujuyFHNJiZB93/9/JUG5p8TdAcAAAAAAAAAAAAAjB0s6H7ni6OTnz5Ir69va1oMut8O/8b0Z59qcnL7Wcn/09HjjzTt0/dPvnvvTvg3pb9/X5M3u3jQPSPoDgAAAAAAAAAAAACYOEzQXSPufYBcgu4l1u7zSMR98CH4GG7/7r07sqPFU/x+k6Wge//18vVvuuevoK8IugMAAAAAAAAAAAAAJg4SdJcIuv8Ue+S/Xv6j917mT7RLAD5F1j0Jupvgffzge9pZNA+6y19qn8Xj5e/Bt3F3gu4AAAAAAAAAAAAAgIlDBN1NNN2bBt3vfz35CHsfdF/5DfOToLtG3P/x7K/Tbk9C7PVD8IKgOwAAAAAAAAAAAABg4lp90n2arTcMukviUsS9++Z5QdAdAAAAAAAAAAAAADBxmL/pLp9cH3wkfRp01+3Z33Qv9Uz+7vtQH3QffXV8Y/jN8wTdAQAAAAAAAAAAAAAThwm6Bxp3z6/01fHzoHugcfdcJKdL0L0kDj8935IY+f/pXvrRdv0Iu09PAXgNxqdEF1z/T2clPb3++/N0CAAAAAAAAAAAAACA4GBB9/1Y/0fcAQAAAAAAAAAAAAC4bATdAQAAAAAAAAAAAADYEUF3AAAAAAAAAAAAAAB2dMWD7gAAAAAAAAAAAAAAXF0E3QEAAAAAAAAAAAAA2BFBdwAAAAAAAAAAAAAAdkTQHQAAAAAAAAAAAACAHRF0BwAAAAAAAAAAAABgRwTdAQAAAAAAAAAAAADYEUF3AAAAAAAAAAAAAAB2RNAduDoenr5+ffow7dwYN3NUAAAAAAAAAAAAgDpI0P0/PvjH//sP/1d9/e1/+4/pyGEcn//44/lx3H54+vpHa0Ww7+jB959/cnZkNpZJtgfP007n3XuvPv/k1aPbafcCPnz0JPRnTVUxZ/PaUHB5FJdDJ/z7p3fTbhaG056FMqvrpvcPf/zdP/+TvP7htzHhV/8Qt3/7cUz/5z/+Kh6QnHlbycWU5GtqzGSMlrOvoNduX4s2dMHKzW1x4W4umnTW3qKb+Im9BtH6j799+ee/nKTXL48/1sTPfpbdb77SneCrZ/GQy2wzZFrw2Wdpb9HvH//wl5df/j7tbXb7i7+P98XffPFrTfj1b/6k29P7pTAXEL8/AQAAAAAAAAAA0DhY0P3QgXbj+NzEgSQ4tGVUSEK/T07eNRvLLiPofvvkRajk3tmWVT1/Oohhj735oPtdGd2LJ6bDMuqzoxx0Dz0sh3RWJbFsLJBQ4sd/uHXro+O/+ee//81HGln/03GYRgk6SigxxxolBq8ZsknYe8EO19vEtKbtOzW1Tex7N9POStPrJsp1UiPwh+1y653H333w8ot30t4msxi5pP/y8oef76d9G3TPgXmNmp/88O2duBcdLuier/b8iyb2dhjeL8X6kwcAAAAAAAAAAPA2uv5B9yZWuUMQVOK4GmsvG8sOH67OH/XWsPQNDbrLp/Of3o3/piQlQ4gf1nfpMhVlTrYIuv/xVyay3kQZf/UP5SO/yfZB6R2ut7F503trYpfxbWuhs2sbb/JJjQfutLdV0P3Ol7+0UfNIYuc/P/7ylxwUHwbdg5C+1afVrd2D7n86vp3ujmB6v2R7vAIBAAAAAAAAAABuossOuttvnv+nB/8hpd762//9h3/8H//qP/yPv42HwnY6sJHEg2xEbq/xoRoAtsFvG66W7RIelnhwm1mE9Ccn79ajG2LGlRS5cNBdPj4e23Wf45+OIn2aPBYxrTejcL+dMJ6oBfn3GxaC7lsNvJG/Lvtvvvi1j6z/Nn29/J+Ob3cf5w32EXQPdYQEqUmtvBhjqbSzrItCS1ulcGk46IYiB7cYn62rG+T2n31e2XqbzU6xjj1Z1/ydL45Ofvogvb425/uj917m9Bxil3B7zRxf3703iKhXEnSfftL95/sff/syheRnQfdb97/JXzJvvnm+rdAckmpTqg2664fmfc2d8vXyH/8hB9qj6f0S7fWhCgAAAAAAAAAAcPNcatBdI+7/67+mvb/93zXuLtslDL/NB+W7ON7+4kMSD35x78O0Z5RwtWy42LOK3wxvo7kxUJ1ySrUp2l3D8OXl4/EXD7prxL2k2A7PRuG+v912wI1CGsqTM5soG4lPr9yTcChW64Pu7uvl/aEdjSLrqvk4rw0vJ+uuov56i1WlNNlZU1F3HS/yuc2ea04D1L7SbZpxdbXk4KqBOaHUijJtJ8s4/IAW+5d9+v7JT+/nGLWhEfdnn8ad289q3D3Y7uvlY9S8j5THoLscjYHwxaC7+6y8fPbdB937lKgE3TXiXv88vJ4dz5/1/JUPneZ+0RlvrL1+AAAAAAAAAAAA3h4HC7rnj7PL6z//rSbLB9nNp9ttcN0G4G/d+vX/MrH5RX0Urw0T7R4i0uh4H1NP4eq
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d6521a1-7c5c-4f23-ac50-486c950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T12:27:13.000Z" ,
"modified" : "2019-08-27T12:27:13.000Z" ,
"first_observed" : "2019-08-27T12:27:13Z" ,
"last_observed" : "2019-08-27T12:27:13Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d6521a1-7c5c-4f23-ac50-486c950d210f" ,
"artifact--5d6521a1-7c5c-4f23-ac50-486c950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d6521a1-7c5c-4f23-ac50-486c950d210f" ,
"name" : "VBS.png" ,
"content_ref" : "artifact--5d6521a1-7c5c-4f23-ac50-486c950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d6521a1-7c5c-4f23-ac50-486c950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A B A s A A A B g C A I A A A D 0 J G x q A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A F i U A A B Y l A U l S J P A A A D L Y S U R B V H h e 7 Z 0 7 b x z Z s c f v J 1 H m b L P 1 J k p s w 4 k Y K N 1 g e X 0 F C A 6 k n M E a Y L A U Z I D G K l k 4 N A P B A W E I Y C A Y B p g L W C w c C A o W m 6 w + h D 6 B c K v q v K r q 1 O n p n u k Z i t T / h w b V f R 51 n l V d N d 2 j + Z 97 A A A A A A A A A F B A h A A A A A A A A A B o I E I A A A A A A A A A N B A h A A A A A A A A A B q I E A A A A A A A A A A N R A g A A A A A A A C A B i I E A A A A A A A A Q A M R A g A A A A A A A K C B C A E A A A A A A A D Q Q I Q A A A A A A A A A a C B C A A A A A A A A A D Q Q I Q C g + d + X P / 308 n / z B b j l P H / 98 + v n + R w A A A A A c 9 k p Q v j i 9 J e v L 8 p x + t e c u h I P r z 9 e X L / K F 4 n z X y / e / f h V v t i e r y 4 / W D n f P X n 38 e L 9 h y e P 8 v W 2 J D n p + P W h S n x x + V 2 + C n n 0 44 v 3 m 8 p s z x 8 u 3716 / z 4 d 35 / n x J s l 7 B I n v r v 8 Q 74 K e f S X d + 83 l d k J C g 9 + t i 7 l F x f P v n 377 M E 37 e T e v S 8 f v P n h 6 c W X q U C C c 6 + O 8 s U O 3 L / 6 Y a Y c L v n 2 h + O z f L k d S Q g f b x 5 / k d M a a s j 7 Y p 0 m z k 7 y V N S T C q 8 o I j 4 A A A B g I V t H C H / 67 Y t f v n 7 x z 9 / k y 5 n 89 X c X v / y u + M 7 T H C 5 C I A f 93 Y 9 P r n f 0 0 S U 8 K B 3 m z u c g 4 W Y j B P H F 3 / 2 l x D 6 P r q 93 D Y M C 2 H G / u J w r W L p U u n F + X Y O E A 0 U I 3 O J g E i J v U l z Y k / v q 5 N O I E I 6 O 3548 W K l R 7 v w + I 4 S J Q a 3 T B A c G I q S e K P q o D w A A A A A b 2 D p C W O D r K x b U Y j / + I B E C X b J 3 v q N w q t 6 e G x C v T t 9 / P G X P d 0 a E s D c e X V 4 c 4 r n B o g j h / H v b p U f X 719 d 8 / W M C G E N x h H C 89 e R J 8 l O p w Q G 9 U R c 3 h u O E K g z V O y b x 0 9 L l 3 Z h F C G s x e y w Z 1 t 4 H i Q w q C c G P E c A A A A A F r J T h D B 8 h v D w 3 / X t o x I P S H l 3 T L 6 Y V P 34 F i q Q F 15 i B k 7 M 7 / N o / 5 v 88 g 9 P H t W 3 f f S L Q z V R j h Y M c D q 78 v x B f i u f G m 2 t 1 P I p k O B 4 I I n K U U H / x K O k p A j h V W 299 l Y P Q a e v x 4 T P T X 45 + f T y c T 6 / 6 q P 9 + 5 q o H z 4 w 8 n l / P s S n T 7 F B S 0 x H a 1 H l 1 s T e Q S 8 p q b e P a u u 1 i s Q 5 O V G n M 1 E T G Q 5 F S i 0 Z i O 5 / O V S s Q g H C X D e y u r w 1 V C A n u 8 Y M n J t e 3 d F v v G R v / u g 4 Z 2 n P v i b K M c O Z L u 1 y x d p E i l L k U 3 m R U 53 + 1 D T / T U 14 H z q I E D g c i g u n R y g l V 7 / S o 0 f R Q q l a 0 m V N N N G G 8 F Z F Y n 4 U C 0 I j h A g A A A D A M n b 4 H s J X / z x K j r 6 L E z g 8 + O 9 v k 0 M t Z d R D g y V P H s q H + v W N n R o q i G 9 d P 7 D n T + u L e 83 n 1 d v m Y t m z l / B A R x f V 4 + f A I H g d K L v v u Y p q I s U G n V j q p H P x d Y R A V e R 5 Q q r e f + H B N D 1 E X p e w T L s 9 / P G 895 s z n E U u c s p l F z w H A x I e 6 F e A a p B w / n 2 O C l J 57 V u H z x D E d y 9 V W k 9 I p u u S j h C o S 7 k K + / f 9 c 4 k U R Z T q g y a Y u D p T m v P E T x B i k i + e f W X x r W u o w D 6 x c c 2 L D 11 c 23 T J x X I k w I 61 i S 42 R w h U J X v V u n x 2 r H u x u W n l t d t 4 I I g Q E l z R u e 8 y 5 K i H 96 + q y + 7 L T A 2 q a 0 J G U U W N R j H s R g y r D l 40 A g A A A G a z 0 z e V m R I n H D 35 U 0 r 44 r S d E / x t 5 v a s Y I s I 4 d W p f E m A P O w S I X h / W n n 8 O l o Q C c n 7 b 2 E A o y O E I r O c 6 / R y T r R i V W Y i d 3 J D h K C y + D J H C 415 E c J i N k Q I 1 p 8 W j 5997 k 2 u P + H S o 2 I c R S h H v A Y h 0 x G C y u L L G p M U T J l R E 50 o w y B C W P Q x c 44 Q y G e 9 e v z g D T u 45 A S L I 8 s e r f p Y X T n H 4 u C a z / u T U 352 o r 3 z K W e 6 o q v w J / H Z n 3 a O f u 4 k 4 b x w v q w u O O M q N l x F Q j U 3 g R O 4 J E J g 17 / G S 0 Q T Z U s O + x y C h w g A A A D A I n a O E B L t u Y F 8 g z k 9 W 6 j H d h F C c u v p r 7 z t Q w 50 + p v C A O N k N 6 + 9 y 0 p Y t 155 / 9 Y 1 V 8 W C C C F d 9 h G C X J Z 4 o F F i h i B C U J e J e R H C 4 m c I E 44 y R w i d / 0 3 D U W / m 5 K O 6 / l w l S q e c I E J g R 9 y U V 6 / 6 W A e 9 x A x B h N B 13 i S O m h i O T l g j Q s g + + t k J + b L k / p L f n / 72 L v X I w a 0 s c K Y L p o w S 60 Q N m 57 o p G N + S Y K D h / T + j x w z B + W b 8 C F W i 0 l s y a m e 9 C B C A A A A A B a x U o S g X H / 3 D M G y O E J 4 c v m B P X 46 b //dkPenlTe/MELgJvLXAOqRqrsIoQUAI1Eucmg9cb0NezgvQlgOe8P1NSHDwId2zxAa7Jo3x3r5M4RGfV6RqT1xIUHYQ1Nm2EQcXWQGEcKit4xShPDgShxWOucnCcmvnX6GYLzthPN0Z0QI3ITxxct7OENRrunqcxfmRwh93QyXbANfMCjfxP6eIeAtIwAAAGA260QIv3ny368v/p1v1/p7CB55wjDzlxOy+57e2mcf2rjv1R2XYsXnHkQIKl3q5i8SuDCAqJGAydJNmEiAxRbPns/rYwSWk6sb79/0vLGvCEF8d+0Q1//tdPQpu40EGly++NxSxoQEOrcgTUdNcOHahIphOu8/iFWs6z9sIlX3QUtiIHlZiMCOMrnmyVdOLnt2Xtkbrp4rFytObe9tJ1Q61yVR2pkWz9s45WP/3jjNUjG77Kbp4A3+obcd9FkG27v7fqTmGQLLD+MKomvCFB6OYtznCDxCAAAAAJaxbYRQv6acjxIeJNT/ZUSHeWigK24IFcTnLm46+9zK+0+X6VAhwShCSJ69lCeBdC5iSYj3y0sAkAOJfKjvFlc5cti2pMPpUG8c6a62qMOwtwiBEY88H9UzHkUIRAoAylEfQagXkK7Pqbr1v1Wu8+CDdN0lFY2Yt4biRx82QiCGTaRIIJSmB6hDhQUhQnKCs6MsPrdzwdmt14mBK1wRn1jKp/+JaDJC8AWIIrnJ4cM1XdP1J/T944jcUI5V1KEejJhaNV1VOblPAYNx3/WcbG5CZ7V27QQuiRAQIAAAAAALWesto7tG/3ghY54hrMVeI4S7RBchrAp7krf4ZZSh0zwOTj4HEB8AAAAAi0GEEHOACOHhZZHPMvv/AhVkzi/1c4z43aGVuNUxAiKEAMQHAAAAwBYgQog5xDOE9j1phAeTtFeJ9hoeJMilvKUeJSKEnuev8Q1lAAAAYDmIEAAAAAAAAAANRAgAAAAAAACABiIEAAAAAAAAQAMRAgAAAAAAAKCBCAEAAAAAAADQQIQAAAAAAAAAaCBCAAAAAAAAADQQIQCgub2/h3BnwBIAAAAAN8xOEcIXp798fVGO07/m1JV4eP3x4vpVvkic/xr/itnOcFsr/A7ad0/epV9A09I48cXld/kqRH46bUOZ7fnD5bv0c2N0fH+eE2+WsEuc+O7yD/kqRH46bUOZneh/U5l/hkx+bqye3Lv35YM3Pzy9+DIVSHDu1VE7f/tDPsKfMFsAt7WzkAlEfultHdT9qx/qcOah5NiKLCql+1EcHefC9aTy/PXt/WlrAAAA4A6wdYTwp9+++OXrF//8Tb6cyV9/d/HL7+Z54p9whPDq9P3HU+9rS3hQOqwE3myEIL74u7+UXyJ+dH29hx8lZsd9/q8dS5dKN86va5BwoAiBWxxMAscH/sNrcfdP7quT6QhBHOJUbBUWRgjLfj65d80zyyOEzKgiz08UIcg01hMFxwh4kAAAAADcEFtHCAt8fcWCWl9dfjhYhLCQKEKgvpkYo5aZESHsjUeXF4d4brAoQjj/3nbp0fX7V9d8PSNCWINxhBB/cH12kj3+eiJ+8CBCCIKHg7IoQhgXPkiEUOcqnjQ8RwAAAABujJ0ihOEzhIf/rm8flXhAyrtj8sUkjhAkHmihAnnhNWZgj7y80mPDBvn8Ph/VNadEOmdRNr2muGcIqdGWm5tgv7+UL4d0qX/iUVJShPCKnzBI+ahpk74eEz43+eXk08vH+fyqj/bva6J++MDI5/35EJ8+f6hfE9PRWlS5NbF30EtK6u2j2nqtInFOTtTpTNREhkORUks
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d65238f-d530-4a38-bb36-43bf950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T12:35:27.000Z" ,
"modified" : "2019-08-27T12:35:27.000Z" ,
"first_observed" : "2019-08-27T12:35:27Z" ,
"last_observed" : "2019-08-27T12:35:27Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d65238f-d530-4a38-bb36-43bf950d210f" ,
"artifact--5d65238f-d530-4a38-bb36-43bf950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d65238f-d530-4a38-bb36-43bf950d210f" ,
"name" : "powershell.png" ,
"content_ref" : "artifact--5d65238f-d530-4a38-bb36-43bf950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d65238f-d530-4a38-bb36-43bf950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A 5 E A A A G W C A I A A A B u K p B 5 A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A F i U A A B Y l A U l S J P A A A H K r S U R B V H h e 7 b 1 N i y V H u q A 5 v 0 S r q a F h B M 1 Q 0 m K 0 U R V 3 B i o X u Z u u A a V U C e I u Q t B L L S Q 6 F k q R G v J S 2 Y u i o G m 4 s c g W T H B J y B k S U R D M a k C M S L Q Q s R C 1 y f w R + Q u K s f e 1 r / c 1 N / N z 3 O O c C I / I 58 H J d D e 3 b z N 3 f 8 K O R 5 z / 7 j 0 A A A C 403 z 44 Y f / 9 b / + 1 //8n/9zOga4heCsAAAAdxycFe4AOCsAAAAAbB2cFQAAAAC2Ds4KAAAAAFsHZwUAAACArYOzAgAAAMDWwVkBAAAAYOvgrAAAAACwdXBWAAAAANg66531/sU/Tp+k/dvIp89e/Zp49ezTFAgT6CcAAAC4edY4a7DVszd5u/zpQwn75uTyH0/Pv9Hzwofnb/OpjSIuNpWwD7+/d/b3P5rt4/vpzDrePw2Z/PB+OrrF9Ltrfx6//PXXl4/TQaA9vjqSo80zHCPZAAAAd4Wlzipuenbx/L33np++eXvyMIXeLWf9+YPD1fsWOatU9fS7dDDhdjjrq1evSqY4KwAAwB1iobM+/Onpm/hKQHDW12YJEme99dwFZ3357NmrXEucFQAA4A6xdJ01qKq+DxDk1SnprLOq6ebXCVrT9e8YCJL24vl7T16nU7Kse3iWOev9H/749PvfhH/jOwNhX4N/c/KzX0b97uOzv987+Szs6an4goFfZ5UiQojEbM+W/MNW9THEDFUq8XP1tEofyDpuKPG7D57KTn2TwWTlAnut0MXgZmvXhrvdJYFd9RR/9NFnnVWjJyapEjWxlBqOyrl0JuYYTqYcwnHNK9Y0kkM1wjPN5dWzxzFCLaVbNAAAANwQy99nLQK6r7OK5vZ+W0uFNfuovCObM5S0UkS021HyivWRhBOfPpJqGq19n9UIYjhMklfFNO57U/S2Nw3JRcRUdXVTYhZd/kwcNGlrtNV0SuLHamiVQjWiHIfc+llpcamGmqTXCmHFOmvs+Y7SqfC56NEo00GgHvcHIiBR8gktKaWPpebDklHeefwyJgrHNfXLUkDNVfZkt7SiZGUi+aIBAADghljzO1iBrJVFOnc4a2etVNzXrLnKYXpBVjMvp9qcD0VflWbWWY16Wr1r9q0FCj6hYCUyLseqRLbKWBMOtDjvlBxkR3NoqlFzHrci0FbA0++u/ak+GKnH6oSdrEMMG9okKHmVipUIYUf+b9IXbDzdKTnITj7TLxoAAABuiJXOev9CPVI/vtdF0BlnDai26lbjlI/+62ac1S3i7kAdxtOVFU8xFcdyZ9UkRS4naX1CoV+ELKw6363RljqrrtHqUm7dNuysATOCvbBCPDmoSs0x7IWd8G+J1Wam8XKCkp/s5ICWmDMAAADcEOudNf8m1thZ+2ur+YP+Zp3VsNRZ19E3nxXOqo4oThniTJ3PJxQGRbTKWBNedZ214itz08468M4c3I8RGFTFlBBivHxc09tcTby8U/KTnXymXzQAAADcEOucNRiqrInqh/i9D/Stmzrsy6miud3fr7ptzqpnT78LgdUsCz6hMFdECbcvmy52Vp+VwVemaYUkb6pq6HaXBHaXIEUHm+hOHN2BwZWyV6SKRM9VCVFevsziqbXMZ7RmxUx1p+QnOzHeqGgAAAC4IRY6q8qo+TTfLZTa7xqowuqT+DdTVVvL2eypN+2s7lP1JIuzthe1MopjZvoBfZbIkbMma0zxzULpcmdNZ0vRe7bC1rmV1253qQ0WHTSoGbbRY+yIORctMuMz657rj1xR0IirgSk5/oUAjZcTlPxkp+QwVy0AAAC4blatswYNPb5THpuB+UAfugsAAABukFXO+uT1NayDHhskbBF0FwAAANwgK38H6w4gEpbAxWagnwAAAODmeXedFQAAAABuCzgrAAAAAGwdnBUAAAAAtg7OCgAAAABbB2cFAAAAgK2DswIAAADA1sFZAQAAAGDrrHfW+xfmC1rvEvxB0v2gnwAAAODaWOOswVbP3uQtfSHWNyeXZT/w/DSfipGr3W7/O7T63/gkX/pfvr4/bPdOPktn1iFf/f/3j++no1tMv7v2Rr/Wv3ybf/TglV/uL1nNJNW8r2bXWllTRjhG1wEAAK6Fpc6qbnrxXK307cnDFJrCS8jDn55aZ718+1SSKLfZWQ+pmLfHWX9z8vMfn37/m3Q04RDOWjSwlcJFXI+zvnr1qhSCswIAAFwXC51VZVQXTYOzvjbGJQp7evH26fk34eDD87en5yGmRBBnvfjp5DLrLM562ziqs0rqly9fJtd8/PLVs2erPXCHsx4ALeHZs1e5gjgrAADAdbF0nTV/6B/k1amnKmwIlPXUb04udb866/NgsVFnvbPG1dm4Oak90TcKnp4/jxHcqwUp/tHepl3mrCH85w8+LG8OhH0NlmXUvC989sHTv//x9DvZ/fD7e/kFA59hzEpj2qyEkn/Yfng/BUrMj++X+CU3zedE1nGDa74fjDPsxKIDpnTzekO/FWKrOXLebK2UXndJWNcfRfpc7BAzHIqrhjD9z3qgRk/43GIJiXRKjfJxSWOKqfmYwJjJy8c1K1eEKbuExxJindNxzdBWKYdqhGDhGvQ4Rqil9IoAAACALsvfZ42f+4dt6qzFVoO5emeVCDG+cdYPz1+Xtwv0FYIcQWz1m6C5UUxzDvGUe/1gh7Y6sYk4Z+kjqabRrDXKZgSxmtz7p6KJuiQpKlmlUEyxsT1JOHFWyTmmMqubEl6yUo+M2ppsNWZiwjWfkDbqabBVEWg9pSG25jnbWPS0FcKKddbY8R0PU0uzsUNMOUy2GndzhMcvSw6a4eCoEBWwJJ4M9qSmsZopJ5epTW1OSLDsJceW4xrrZcm6ppY92Y0lhaQ5BxupKRsAAAA6rPkdrEAUStmiTWZDlfXUy7eikq2zyo6EG2d1iI9K/LIjRWhM2ck5pMVapbrsYRGByDJREavzihnx4cUOverJflnpTEwztBJpsjJ5KiXhSItzhBIiO5JDUw1Tw2ErAiucdX+y9QULDMS9Xna2lOp9Hh8+jTWpqQ8wR00dSlZ2R/5v4hUmCUrespPPdIsAAACALiudNemjrolaQ/U7siZazTJEDjvWWSVO+qBft3lntS8S5G3eWUUQGrqK4fEmk5kqZmTG9sKpKJHxQ/wYWJhm2C9iooxFVRc7qyyg6lJu3bbirG4n25vsGlIpwwK99/kjYZLQB9Qj2WvJopnyDHthJ/xb0reJXIKSt+zkgJaYMwAAAPRY76z6uby83uqctSK/leWcNb45UJ1V0tZ106yqY2fNonxsil84+kI5b3vBEcUpgzJ2nG+a4aCIo62zGuZacT3OWnBWVzTOllLN0ePDp7EmNfUB5mhaq4jJM8TWd2drCpOkxMs7JW/ZyWe6RQAAAECXdc4a7FN8VGwyvmC6l7NK/NOL7Ky6yKriGxB/3emsekqLOyreZDIDoZy1vWir75/8XM2yMs1wroiSwx6vzOZ8Js6qO8tbIYcx5x697pKw1hgVcTgXe6pu2eokaj4V8ysRNZdp7hJcQ/2RMKmpD7BHtnCDzTNElz94EGNpBfMZrV48yglK3rIT4w2KAAAAgC4LnbX7aX6grJJWOs6a3DSts0bljfm8PXmSrXfGWdPZUnpR3oNi3aUiVmc/Vc+yOGt7qpU+RJct98nKoq6Z4tclz+XOmqLtKrpthX2pYCKvve5ShSsOZ1CdM7E7ib3VJeySpmLOlYIkrJZpjlxkJZ7wpTd18YlqjXwJJUVsshL/QoDGywlK3rV16WylZgwAAAATVq2zBnPN3nkHadwF5qG7AAAA4PisctYng9/9vxsgYYuguwAAAOD4rPwdrLuMSFgCF5uBfgIAAIBrA2cFAAAAgK2DswIAAADA1sFZAQAAAGDr4KwAAAAAsHVwVgAAAADYOjgrAAAAAGwdnBUAAAAAts56Z71/cZyvTgWAO8Pd/s48AAC4RtY4a7DV+qX/V3gg1Xyu/FR79OVXv/zlwSOzo3z
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d6523c3-5388-42d5-bfd6-4f07950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T12:36:19.000Z" ,
"modified" : "2019-08-27T12:36:19.000Z" ,
"first_observed" : "2019-08-27T12:36:19Z" ,
"last_observed" : "2019-08-27T12:36:19Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d6523c3-5388-42d5-bfd6-4f07950d210f" ,
"artifact--5d6523c3-5388-42d5-bfd6-4f07950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d6523c3-5388-42d5-bfd6-4f07950d210f" ,
"name" : "obstool.png" ,
"content_ref" : "artifact--5d6523c3-5388-42d5-bfd6-4f07950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d6523c3-5388-42d5-bfd6-4f07950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A b Y A A A X p C A I A A A C V / K o W A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A F i U A A B Y l A U l S J P A A A P + l S U R B V H h e 7 L 0 9 z y X J d e e 5 n 0 T O 7 g I a z E C W N J 4 k j K U Z Q O 2 M s G t x V w Y h d G O h T z B b A G n U A C W y R X 8 B G Y U h 2 U Z b f N A 0 G j T W L F T T K i y I d V p 0 16 a A s Y U 950 T E e Y u I z M j 73 L x 1 n 7 r / H x L d 8 X r i 9 f x v Z D 0 3 b / 4 P f w Q A A G A C J B I A A K Z A I g E A Y A o k E g A A p k A i A Q B g C i Q S A A C m Q C I B A G A K J B I A A K Z A I g E A Y A o k E g A A p k A i A Q B g C i Q S A A C m Q C I B A G A K J B I A A K Z A I g E A Y A o k E g A A p u x K 5 P / 2 p 1 / + v //rP+n1zb+r6X/0R3/23/6TpfP1l59x8r975YuV6q7WjD/70//9//pf/o9y/Zd/WxM/Lf7sv7QB/l9/8Wc17WT++i922nLT/r9//j/VxIfjf/oP/6BLo9d//A+XLZKb0v/81zUNvFyWJPI/ffG/lQjL35f/7X8uEZbI3/5pt41EIqtc/tEf/de/TMI6RHaVuehf/8V97K1/+5+vt8v/zef/8XbKqOxIJA/woygjz8Y//Om/qbH74Yorfs3NAz4ixyTyjz77xvRuLJFc/i9fffO/vvqvHPvsm//0xX/7y5GSOuQz/B5Pjtfc5XyEvP0YtyWSP5kuPSs9j9Ml8o///X//q3//8xpZBxIJMockUu6ai/YRU4mkxP/6l3LY/HevJLwtkZuOKoevetvSzjssqf/583I78xd/xirwvxR/48L/5U/LTdN//mveo/52aXifK1X+rbVSVazUjZcJXLgvW3SDsUSWzmf7XJgGq71aOeiNJqpJpLUS5XIw8zw0q54K+N5GgXNz63vrJ6ra8f1MWYxr4pn68n/+yV/897/6i//7f6zRNYa65jeDn8DB6ByQyE+Eg/8WqfpI5H+LLDpYJLKJIwvlnkSyV/Q7jBF30k3Je07cr2xNSpe9S77aPLm4H+1L8VhKMYfnlObV3mz12CJPbMdv6/EuH4vdFO9g9aoiEgYug2pmq+KUDm9+hBQmE9UUpw7cmqijDlepbjPG+Kbn3fBz6/k3n/+Flk9luAN9FT8heS0ugs+Sf/X//cm6TPYr7iYzzHNYr9EeHm8e8OI4cIrkf2TMEtlrXxNEusX+8rdS8WKJjO5qfqXpugspwBbU8VTFKNBK+iZs+0ZfTS2Od7nol+rRKtolJafwPFSznGW9GnfDMZuoYJOhqJmlZnrVi6ayRIZWKnPpDMSexGmvtMWq9DN2Cf/jn/x/f/VX//3f/3GN7tBNdZpALZBHnZdgYdXAy+DIjTZrYvqL9lwiQ0D/ejNi6mOz/XpcIsW907mpWL5AIgm2X+x0fj6jc/jOqdw8HFSH2UR1Hp6ig5mfSyThptGayyLiyNNuxUYSyU27wnLtTkJoYriL/vj/IYlcvePOM9n1s81PN+puyaabB7wsjv25hg6SGt6TSIUtbEmkbKYgFpUsIm2/arruQgpsSmQr0HOZRDbEq9e0rFe9nOK8ri+8yWyisn5lhz8qkQqbbemzMmlZt3sitMW6Hs+/0c5S2ArkUeclWNg84GVwTCIX/qJ9gUSKw/j91L70I+ltg8p5QdJ1O+oupADvV3U8lRj1Ok7pfJKIvpo2Oke3pWpdywYlvdDIWLTpdbOFyUQlDw9NMCN1c01z+fHRLFSUWern1nejmnJaE8beGCZeypX+XNOtSx1p2Bth/iu9KfAiOSiREq3/IskS6f9cIzo40M19iWTYPdodk1MH3pQtvW24SySyhNWUbuhNiaQ67Oe1Su2V+IYm9tIwQbvkEdeqpny7w8Lb+NGZZ/r+9x47kkhXhbLqxDJ+gbKpMCc6EDe6//gf/prMBhFxHXZ92GrlCFf80o+fw7DcXLh11Ybm17RcYUeBl8auRAIAwOMCiQQAgCmQSAAAmAKJBACAKZBIAACYAokEAIApkEgAAJgCiQQAgCmQSAAAmAKJBACAKZBIAACYchcS+dm3//pP335dIyv87bsv//kPX/xtja3ATfyzv77femr89dPvfvf+7Q9qTPjB2/cuiQtUamLM93EOOZ5elwJXZN72lNSpNgw3LmOzxzqxr96UhK9f1fCPv/jwr19+9eOSusSb73fWJcNNuDX913/68I6flWY7Em2bKm+w1095uvIgeSI0qV/tmE9o/PzVBrflJInc+43IyA0ksvBnX/2hetEOvOODyDjVESewzB+8feKwKyBYPOR0hq/BvO09sqc3Vi3wQrCo6cTSUjZZvIFEVuL+4XZZo3WTkNm26DReHlaRSBpkGSOPNk6DzYvk2VTU1e4mTuNh5jjV6oIXCSRyTNrctvF7dyoE1yBiDcvJvnUN5m3vMevNqgUvkbSCTozuQyLJGp1qw1bhoRVsgJLm5iEI3nCC8sSFGueuNrgtSxJZ3vtaLvfDaLQ3v9H0JogsjppYL/86hxF+i3O43bUVx+P/xvumIJEcbndYBb3PSulHJDJtboqVfT/VjpxhcZ/DYTVbjHJDhexLY/8SE42SPW+7RpS1JnqLc8p6/RMvRxIjL5EcljI1/OpNSeGr3aFHiSyL6D44W0N8JeWNEmkbgIpRVips8+EGHsfLMcmcT0OeOI37KtJUK1WMSpKwNr3go7Mvkf/zF7+1d2d7WB/bT0PKb0e6Y+OFp0gOOAmr4lh2v0hhdSeVSJ9YYPfwjhroJdIESql72juBhTk03NzZmyxuXsE0k0Rpu1aSUi6T8D2oDEoRsYVCNTuw4ZllW++X6cRIJVLU0CSsiqN9CgZZlHC3iGljJHT/ZMhOt9w8rHKjXSOCH7CFeXq0SCBPnMbjWrgiNaOmzC2DO2NNIge/Lh5f0pBf/nWBRL5jz4kbOiqaulyTyK/4sBD00ZcZceAU6b3A+YPb2hwUJJ5FxeLR45zT9FFvoMsn+hRh3rbUGFWpTAx2FnfpxKitxbtX8TCY10g/7QiRyC9YNOOHnC8zYiKR+RbbiH+uEUbrJdPjJ5Ip8TxxGrfaqUiaUo7O1wXcD0s32qKS5a5ZX+8lPz+ut9Lleo5Eyp1R1LttiZQq2S31z6ljjpwibY/7vZ42umRKPGdY3OVEv0g+1KJcqGPYRiOnxzjbLfR1UxeUYUtmiAi1ihjxAsk6llOhRpNObUukVEl6J9K5sZuGEkmJ1IqcUtnmxq4otCH7oXfTQFNQ4nniNO6qcNDKJFudaXCnHPtzDR8V2013OkVGLrrRFuHzW3nnFPm3UjFIXnS/jkOnSNnFtMejN3DMb+3mNHnLm3+EnFa8hucuRMR8pk8RRm1HUwyn5toTgxMLE4oY6UGyRnUtWOC8Sm5LJEkhFwiS58uMqPvHUzvTDpKtb1vwXLx/+zqMvKTZPFC8RPPEaUaYOU0l0pRmA+BeOSaR4d8l/b9FZtwrbhawLc5OYiq5K5El0e9+OTVM3emYRBZR6Y5MvLktJfiGJvtI9A3nGsFLOOI8iAn5BU7KaZ33dfHKxF5njphYGKHq0wJZIvOi7EokwXcDTvXyKic6idRb7CMSWSaXCAOPM06xmsvpWtBFpqsdMjgynHhwd+xLpP9ztrvRFtxftOkKx0b/8q8jf9EWd6rRBYkkxJ0s2iyUq1XnJjSRr60bN0V28mAvi98owVMaVifJjXlHtNI7jPMvR6hVslMLLl4HUMm98Pj6vcUZYSFEyGxugxSW+U/SyYwlsqT7ZVLjaicn8sXLHezrZti90SbK1Hbjjuuk2X4KrU6aOSkkqxRnfGVywV1w7BQJrslYAsGnyeqnDrgzIJEfD0jkIwGJfKFAIj8ekMhHAhL5QoFEAgDAFEgkAABMgUQCAMAUSCQAAEyBRAIAwBRIJAAATIFEAgDAFEgkAABMuWeJjA/z5ke2hwwf2i0P/8Z0usIPH3Qc/6bv4W+Cx6d2ic32pHSyH5r05mpi7pLFOWQ84yvN+vB7ewiaH5lfeSB6nfwrFe5R7vzofSmmy91qZQsALHOSRB77MbQJF0hkZeYS6xZuIZGV1Xq9RrqaInm
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d6523fb-2aac-46d2-a15a-456e950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T12:37:15.000Z" ,
"modified" : "2019-08-27T12:37:15.000Z" ,
"first_observed" : "2019-08-27T12:37:15Z" ,
"last_observed" : "2019-08-27T12:37:15Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d6523fb-2aac-46d2-a15a-456e950d210f" ,
"artifact--5d6523fb-2aac-46d2-a15a-456e950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d6523fb-2aac-46d2-a15a-456e950d210f" ,
"name" : "FTP.png" ,
"content_ref" : "artifact--5d6523fb-2aac-46d2-a15a-456e950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d6523fb-2aac-46d2-a15a-456e950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A B J M A A A p 5 C A I A A A C m 8 a h q A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A F i U A A B Y l A U l S J P A A A P + l S U R B V H h e 7 P 3 v j x 33 n e D 7 z b O b B R Y X c 4 G L S c a e v b I 59 t K S R j u m a J s W W z L N J i n Z I t W W 5 Z 6 W O G x K 7 F 1 c 29 q l G Y 1 p / f A I N 4 u E s 772 I M N u U U H W P c G F 5 w Y Z s 2 U B I d q D a y A B Y j B W A j 1 Y I O A C N w G C B L j z I H q Q B w H / h X w + 3 / r + r P p W n f r 2 q e 4 + V f 0 + e G F w W K d O n d N H 1 K j f / t S p 7 + 99 / g u P A w A A A A A W G e U G A A A A A I u O c g M A A A C A R U e 5 A Q A A A M C i o 9 w A A A A A Y N F R b g A A A A C w 6 C g 3 A A A A A F h 0 l B s A A A A A L D r K D Q A A A A A W H e U G A A A A A I u O c g P 24 g u P P f H Y n / w L A A D G 6 / h j f 1 L 7 r x u A R U a 5 A c X + + a N / 8 s 3 n L 55 / 9 h s A A I z U N 7558 W t n v l 77 D x y A R U a 5 A c W + 8 J i U 26 V H j n 0 B A I C R e u x P T p x d P l / 7 D x y A R U a 5 A c U o N w D A 2 F F u w O h Q b k A x y g 0 A M H a U G z A 6 l B t Q j H I D A I w d 5 Q a M D u U G F K P c A A B j R 7 k B o 0 O 5 A c U o N w D A 2 F F u w O h Q b k A x y g 0 A M H a U G z A 6 l B t Q j H I D A I w d 5 Q a M D u U G F K P c A A B j R 7 k B o 0 O 5 A c U o N w D A 2 F F u w O h Q b k A x y g 0 A M H a U G z A 6 l B t Q j H I D A I w d 5 Q a M D u U G F K P c A A B j R 7 k B o 0 O 5 A c X a y u 2 f f e b z n / 7 M 5 w A A O F y 1 / z x l U W 7 A 6 F B u Q L G 2 c v u j z 3 z u D x / 5 L A A A h + j T n / n j 2 n + e s i g 3 Y H Q o N 6 A Y 5 Q Y A W F i U G z B V l B t Q b N B y O / v U L 3639 o u 3 P + e 3 P P P 2 p d / 8 b q 0 S b 5 / N H O q n V x v b W + z 9 h d r t w z G X 3 / z B J / f f t X a + v R w e W t 65 / 4 O f n v F / V N / d N L t t L s / c C A B T R b k B U 0 W 5 A c W G K z d t r X M v J x v / 9 K f 1 L U X k 6 T 3 j b c 4 X y s o f 8 + X 3 C n q y Q b p r 50 p t 45 M / 3 a l a L i 433 V j t q b H n G k + e / v G b T 1 Y b q z s A M G 2 U G z B V l B t Q b L B y y y X N n / 70 V 0 89 k 2 y p f O 6 N X 11642 x t o x y h s T F T g 1 l z v 1 B G 9 p j 5 A x q f e + O 97 H u I f X e z P l h z J N X a H l r e u f / a d 5 M 75 n 4 y s g O A a a L c g K m i 3 I B i A 5 W b J F b a O f G p h r + J 6 k s C 7 z e / k / i R B H L b r 577 z a 8 u m X M j d W P t v E T Z v / t M x a F e K J Y / p j w 9 b A y Z 6 n a + 9 M b V + s m i D V J u O 5 t 6 w m R j Y l Z a b r K / v w 8 A k 0 W 5 A V N F u Q H F B i o 3 q Z r 3 / r S + s T m 20 n Z q D K b i j X K / d p z m l o w h X q g u O 3 P L n E K p 5 e Y P 1 T 0 k 1 H M g / e m O 6 f f c 2 s p N n + J P s A w n W 155 L T 27 E g C m i X I D p o p y A 4 o N V m 65 W V M 9 f i R y M r v F E d U M q s Y 0 L 2 e I F 6 o r K L f o t T p O p 0 z V U i 1 b b q H 0 4 i 3 m C i X f b p / R A c B 0 U G 7 A V F F u Q L E D n b n t J a j y R 65 Z n H K T H Q Y q N 420 x u V M v P j M S Q C Y L M o N m C r K D S g 2 U L n l k i Y T P 3 o y Y Q i b Z 86 a 4 O k M q p n f c z M G e K G G t n K r h 5 m U W 3 I S Z u Z Z 3 n f f d G d I n v n 2 x 0 l 61 c u t + + q R X F s S w B F B u Q F T R b k B x Y Y q t 2 x i 5 e J H 2 i Z c 58 P E n m x p C 6 r u r 40 F c 76 Q u Y p J / Q j Z c q s u f G K 4 R 3 X m 9 t 65 X 9 g X 6 h q 4 n f n 2 z k 5 Y z y 2 d p 9 X K b X n H 7 W Z U D + k U z m 7 h w p I A j g b K D Z g q y g 0 o N l i 5 Z e d R 89 G g m m P x t A O S P z M T A D A A y g 2 Y K s o N K D Z g u V U j s r V Z Z y H 2 c 1 U n Z o u f b Y J y A 4 B 9 Q 7 k B U 0 W 5 A c V a y + 2 z n //UI38MAMAhotyAqaLcgGKDztwAABgS5QZMFeUGFKPcAAALi3IDpopyA4odQrnpZfTtlRj7XPG/l/04pjKXc4wv5KhX8+9YZm0me33I2jX9v7tprhi5uRxvXED2fYYPZHnHXvdyDnN9pOP+PHP4SOeU+QCX39RrukY/0aF/yGKCn7MhP5ffnt3H/OAlPyDlBkwV5QYUO/hyy678Nqf8MV9+b75rnOhvGHP8ZvbZP7zyWu0XlO9u2t9j5Pcz9xtbeBX9/XLm5f4bxzwwYRG58B7kN7MDXBB8Wp9nCz7SPTNJINmT1oK+Z/N+op/oYD9kcQQ+54q+87C99XOWn7r/m6fcgKmi3IBih1FuuXXSzBoAmUUFXn6vz0oD2WPmD6jb38u+gbrSX4yuvOZ+A7Pkl5jaluDMtz/O/GY2+xfKrmPWtR1NfvFq/Gpb7Xnm2zvtB/e/a0Zv3r1E42cfwGg/T9HzI62k74GPVOzxr6hRe270EvJvtL1/oB+yOAKfs6E/y2s7YXvH5yxP7/u/i1FuwFRRbkCxAy23+JxGuzq2YZa3lsoyK2L7VbN/dekXujCAbuw4ATJ/TLOogFdN3tyel964qqsXzDipMvN7ifm15l33y58nv5384GNz/o/uEJKm+p+ljUYBRv9De6z717UZx4zp/6SthzJPcb8Xmo1Cfi7/a5PeMe/E7vndM+2/rskvvuZQ0ZuXZzV/9gK5jzR7zBk/+8J8nqLwIzXny1WfgzmCPIuPdK9/RZXsH/2bKy1RvQ25c/+1Hfu/PsihDuZDrrZXP5Qx1c85bIm3y6HaP2f3/0+SLbmfmnIDpopyA4otwMxNI60xBIs3yv0Za8RlZ271Uyi13PxxdOm5zAmWQdtvTs3t+ttJ9JtKeFR+PXK/zQf2d77ML4v+V6gu2WN2ksPat6S/rtVeN/rf++WN5X6DTNhf+MJBWn/2ErUnjvnzFAUfafyTZjfWPpn+ak9sPeYIPtLCv6LmaNGnKjGgYWM3uvd2oB+ymP7nHJ4Vb+/+nOtblq+89rG8w+iYFcoNmCrKDSh2+OUmQZUZf8W1Nly5RS/Udi6ls7yT+Y1KdP/+kTza9auV/YXSb9Hf1Xr8tlTw65r+cia/Fyr7y5NsabyEvOHq0Zm/LEY7hP+xvPVnL1F7Yusxx/B5CnnP/T7S6HflSOuPX6L2xNZjjuEjlTfc869oRXazR1Pmp/Bvyd1p/UBK1J7Ydcyuz2Qan3P4yxxv7/pM6kdoR7kBU0W5AcWObLnJozPKrf57RqW5vfW3k85freI9e/6qpHr9uia/RYWr3oVfj/LPlV8czW91Mw6bZIY/ZuvPXqL2xNZjjuPzFHv5SL3WH79E7YmtxxzHR9rz87TC0Qz5KXyl+IdaP5AStSd2HXP6n7N7rmcO0vWZ5LbkUW7AVFFuQLHDLzdz4mKIqGfOmrgaptySNtOzJf1ucszMU2Itvxh1//6RPCpHqP0P28tXlu1v6vKLjvutvd+5SVbzmBlycP+/4uuvbh2/rvX95anlx2z92UvUnth6zDF8nqL/56C/podXP/Okef+tP36J2hNbjzmGj7T0Q0iLIj6mvJD9iVo/kBK1J3Yd8yh8zrntXZ9J/IN3o9yAqaLcgGILUG5COipcUMQMymRLvtzMVUzqR8iWW3XhE8M8qjO39879wr5K58DNaPxiIb/u+P9FOfqdqf23EzmC3b/6VUYe9UeIf7nxG+PtLerHzNIksLtFl3rL/bqmvyy6A4rOX93CS/vjtP7s1WGbL1eT+0hbjzmKz1MUfKTpuzVHa/3xj+xHWvJ5imZR+Pef/RCSD2RfPmRxJD7nSry94zPRN1Z7D20fPuUGTBXlBhQ7+HI7NPnTMrvI7zez/1ftfZD+CqX2622kV+uW15VfmwZ69bZf7A7BwX2ego90WPv4eWYt0Icspvo565GTb/dV8h8+5QZMFeUGFKPcOun/MNzjf34eq8ZvZoP9pIcVvYeOj3RY+/d5ZvH3dv8/ZzNazGRb64dPuQFTRbkBxdrK7dOf/fwfPvLHAAAcok8/QrkB00S5AcWO0MwNADA2zNyAqaLcgGKUGwBgYVFuwFRRbkCxiZTbmbfu3r9/e9YV4Vp8/ebOfbndffPr8fZXNnXj/c31eOMCWnrTvPvqtvPWUro9+qHWb9/fudn70guPL/+riy+Jyye/UH9ohi+cP/fSyuO1jYWOnb4sr37u9BO17TXVbtbz54+l22c+HcDio9yAqaLcgGJHbuZ2ZasWY69s2p6
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d652c3c-7d4c-4c94-b60c-caa1950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T13:12:28.000Z" ,
"modified" : "2019-08-27T13:12:28.000Z" ,
"first_observed" : "2019-08-27T13:12:28Z" ,
"last_observed" : "2019-08-27T13:12:28Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d652c3c-7d4c-4c94-b60c-caa1950d210f" ,
"artifact--5d652c3c-7d4c-4c94-b60c-caa1950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d652c3c-7d4c-4c94-b60c-caa1950d210f" ,
"name" : "Proxy.png" ,
"content_ref" : "artifact--5d652c3c-7d4c-4c94-b60c-caa1950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d652c3c-7d4c-4c94-b60c-caa1950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A B 3 g A A A O o C A I A A A C 867 K 0 A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A F i U A A B Y l A U l S J P A A A M W C S U R B V H h e 7 P 3 v b 11 n g u B 31 q t B A w M U 5 k W 9 G B Q K a y x Q a Z X s U r X V p q q r z F J R M i m 3 S k W 1 b b W K G g 81 N D 0 / P O w p q l u t M l t 2 t N j 5 o b g i J e N h p M x 0 r M w u n M 2 s y q S Q i R P t j I N N Z i u M F U A v d o H 1 i w A J N p t M v d H u Y n e x + h f 2 P O f 3 O f f c y 3 t 4 D 3 n J e z / C B 92 X z z 3 n O e d e U m r z i 6 e f + 7 V / 4 z s v A Q A A A A D A n g n N A A A A A A C M R G g G A A A A A G A k Q j M A A A A A A C M R m g E A A A A A G I n Q D A A A A A D A S I R m A A A A A A B G I j Q D A A A A A D A S o R k A A A A A g J E I z Q A A A A A A j E R o B g A A A A B g J E I z A A A A A A A j E Z o B A A A A A B i J 0 A w A A A A A w E i E Z g A A A A A A R i I 0 A w A A A A A w E q E Z A A A A A I C R C M 0 A A A A A A I x E a A Y A A A A A Y C R C M w A A A A A A I x G a Y X f / 1 t b P f z j / w 9 o g A A A A A J A Q m m F 3 Q j M A A A A A D C A 0 w + 6 E Z g A A A A A Y Q G i G 3 Q n N A A A A A D C A 0 A y 7E5 o B A A A A Y A C h G X Y n N A M A A A D A A E I z 7E5 o B g A A A I A B h G b Y n d A M A A A A A A M I z b A 7 o R k A A A A A B h C a Y X d C M w A A A A A M I D T D 7 o R m A A A A A B h A a I b d C c 0 A A A A A M I D Q D L s T m g E A A A B g A K E Z d i c 0 A w A A A M A A Q j P s T m g G A A A A g A G E Z t i d 0 A w A A A A A A w j N s D u h G Q A A A A A G E J p h d 0 I z A A A A A A w g N M P u h G Y A A A A A G E B o h t 19 t P 3 z 13 / 22 q k f f x 8 A A A C m w f E T 36 v 9 a g w w m N A M u 1 t 5 / 627 n //xnX8OAAAAk+/f/c+vr/2Dv1L71RhgMKEZAAAAgML8m2f+zX/6N2uDAIMJzQAAAAAUhGZgD4RmAAAAAApCM7AHQjMAAAAABaEZ2AOhGQAAAICC0AzsgdAMAAAAQEFoBvZAaAYAAACgIDQDeyA0AwAAABD8zvdPfvAf/q1/9C9v/JNf/9nHj//0D1Zerx0A0I/QDAAAAEDq3/7n1z558mHk/r/6s/k352rPAvQjNAMAAACQOveHZ/79f7XxyZMP/8HDv1N7CmAAoRkAAACAwt3/7E/+g//mw7MXf1wbBxhAaAYAAGDvXjzxvRPfOwlMkotv//61X16tDQIT6fh3v1f7v+x7JjQDAACwR8dfOvGTny7OnV0AAI6iCxcWf/v4d2v/931vhGYAAAD26MXv/s65189/64VvAwBH0U8u/PTYi0IzAAAAYyU0A8CRJjQDAAAwfkIzABxpQjMAAADjJzQDwJEmNAMAADB+QjMAHGlCMwAAAOMnNAPAkSY0AwAAMH5CMwAcaUIzAAAA4yc0A8CRJjQDAAAwfkIzABxpQjMAAADjJzQDwJEmNAMAADB+QjMAHGlCMwAAAOMnNAPAkSY0AwAAMH5CMwAcaUIzAAAA4yc0A8CRJjQDAAAwfkIzABxpQjMAAADjJzQDwJEmNAMAADB+QnPJzN2tW9vLtcERDTHn3KWnO7eeJbYunas926m3N3fCn82V2njVyubO1vtztcHwQtKb3Ll2t/4shWPXHy198eXF6/O18V4n73wZHbl0Z/C3oyvzr3461F21ObKVaNpHr54eZhBoR2gGAABg/ITmkpm7W50n1CHmnLv0dLPzqNfrtfe3djbj5H16Y2tn6+bp+gG5lc2de2/XBwtrm0JzX6Eyx+H45J3BrTbE3IUr4XE45dMPjtUP6F50S8kVdzX8kcOL+3u9KTcOAm0JzQAAAIxfV6H5wr31lRAf52/cK8e1mZVH71wovmxrfrth8Ww0uLpWGRnZ3KWnYSnxMKE5Oqbx6j3nDj9nu9DcrwK/9v5W7zLkfuqTnN7Y+mzjtfqzy/dKgwWhub+VhS/un0weX7m/lD/eRemszLHrjzpeU3z6g4tD3s/wRw4vmvPT+wu1xcuNg0B7QjMAAADjN3ponrm5/smTD29cnb/x5MNPnryzcnP9o5sz0fiFe9GX6ytz8Xhcn+Mji+4cHXDjajFPzdrmrWchKM+EHRuyDpsNzm/nu0wsrz7bufV0I1zx3Ma1PezqEOaMpkr3r4hOD1eMN7vImnIWguOrRwfEV6/cUu3E3jnTazXrCc1hxXEpBL+9ma5Ejje+iMZXwv/OliSnu2GEzS6KNcu7KYXm5XvRyZ9tvBZfNDk9enbrs+irzZXGtc9TGpqHCcenP7iY7IMRt9qFO3FCDSemq5v7LOCthubs+Pjg3VYWt8jZ+2DYqyf7Y9R2yWgcBPZCaAYAAGD8OgnNcVmev5FE5KvvhC/n3vro0Vsz6TEzK4+S9c7luDx/ozigx1yyHDj5snFRcFaBg3jh83L5lKFVLpQtoF5ejct19cs+t5Q25XQ81jhn/myvntAcyeNyyL4N21y89v5WWopDaB60D0avco8OTblnHXR5sJSkM9MZmo9duX/x0/snByfRK/fjfTPSeFragGJl4YtHr1754GLDFhnRweWaHB85dHgd6q72zZBXz1ZnV5py4yCwN0IzAAAA47dPoTksXi7toZEdE57NVzcPWM6crFMuKcpmtoK4Mhgfv6f6GZ1YRN4sHyfld3l1ezMk5nMb17aX4+XSpRwcfZkso47uJ3lQaJwzf7ZXU2gOC43jj+w7vbFVXqScrV+O/qQtOBpp3OCij1CZi+Pnbn7WEKnLcVlobiMOzXlfrux0HBb/9hbVUJkrW2SE3SQOYr/mg1O8olJTbhwE9kpoBgAAYPz2a0VzFpQTpYXMyerm7OB+Kq02Mxd2okj2pqgF3LQ+956yq8qF8tXH89tbl9Y2VsMuGVuX7iZdtXpL0RXzXTKyW8o0z9lfY2hO91wudd65m5+lW1vkz4bHpbXPuyqvZY4JzR1bWch2yagl1JN3vlz64svkcwIzoTLXd8aYvNAcCnv82jPhJTcO1k4EhiY0AwAAMH77FZrDl+l2GdXH8fGPsgXOfTX12XLADdE5OyAaD1tVzORbJLcRXSjbgqOYM0yVbIgRJ+zkgPItFY8bQnPznP01h+b4A/q2Sp/Rl61xDkJ0bh2aw4T1tc+1Bc6vxdFZaN67YhVzORlfub8UHlfKcp+P+wvHFOOn5ycoOjcuXm4cBNoRmgEAABi/fQvN8S4Z4eMBg8ouGXNvfVTqzn2FRJvvkpF027j/JiNbq9vJiubl0qYZ8Sl59g2bXZS+7CvMUJ0zzsfJhhhhknzD5fzI0rRNobl5zr76hOZyTY6FKJz+2bq32XpF80qx60b4k89cGY+nEpobDPXRfEFY1Byv0s0+Ja+8acbpDy6mk+SHJcqxtfLU4CsOfVfNDvZ0oRn2i9AMAADA+I0emg+xIfZHPgzKSb32uYJ7cnojD9LpnzabOPdTqvy7rtGeTIcziY54V+M9HeiG0AwAAMD4TXBozlclw+hO3ql+at/hMOJdjfd0oCtCMwAAAOM30SuaAWDyCc0AAACMn9AMAEea0AwAAMD4Cc0AcKQJzQAAAIzfIQjN1xc//+rMbG0QABiK0AwAAMD4HY7Q/PhUfRAAGIrQDAAAwPh1GJqPrz8ebmHy9cXPny9eLn8Zh+bLj5fWF0uH9TO/vXPt7lzv4OpaZQQApoLQDAAAwPh1EJpn7y19/vzdz58vrV8/8+D5uw/uHU8GkwdBsTnGqdvRkSEr5w+SZ5eiE29fP77+VXp6H2ubt56FoDxzd+vWs8356uD89s6tZ1uXzkWDy6vPdm493ZiJnj23ce1ZQ5gGgAkhNAMAADB+HYXmfO+LxTMP4tXKzaE5ezYdTxQZuljd3Gju0tOkIwczd7d683E0mK9rjhc+L5dPAYAJJDQDAAAwft2E5tIy5OPrX4UdMPqsaI4fh+XPpZXL5bg8MDTH65RLitAcL2quD8bHW8sMwIQTmgEAABi/zkPzqdvPB4bmVNglo9g6Y+jQnG2XUZi79HTn1vZy8mVlmXNan3tPAYAJIjQDAAAwfh1tnVFesJw8LsXly4/fTR8vnrqcf9zf4pkH+ZHDheb
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d652c51-7478-4bff-a1a2-b3dc950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T13:12:49.000Z" ,
"modified" : "2019-08-27T13:12:49.000Z" ,
"first_observed" : "2019-08-27T13:12:49Z" ,
"last_observed" : "2019-08-27T13:12:49Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d652c51-7478-4bff-a1a2-b3dc950d210f" ,
"artifact--5d652c51-7478-4bff-a1a2-b3dc950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d652c51-7478-4bff-a1a2-b3dc950d210f" ,
"name" : "Progressbar.png" ,
"content_ref" : "artifact--5d652c51-7478-4bff-a1a2-b3dc950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d652c51-7478-4bff-a1a2-b3dc950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A B G U A A A H 5 C A I A A A C n F B S W A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A F i U A A B Y l A U l S J P A A A F f C S U R B V H h e 7 d 3 t b x 3 X n e B 5 v Q o C B B D y w i 8 C I 4 B 2 s V 7 r y b J J i 1 Q c U z J F k 7 K e K O s h N B W 1 Z I r q y b j p m M q y p S h W V t u 9 S D R 25 J 0 R N K K T a Q v b M 5 r t R B 5 J S T o Y A W 30 A g O 328 K 0 B 7 O Y g R e 9 T 43 Z d P v F u H e 7 t x v 6 F / Z 3 T l W d O l V 1 q l j 3 n l u s h / s F P h A u D 6 v q X p K X q v r e U 6 y 74 b / e s h 0 A g O r 8 x 9e+87 W n n 7 V H z l 46 s f C 9 E / Y I A K B R F u 799 Z a n x 1 K D w 4 l e A g B U i 14 C g N a h l w x 6 C Q B Q L X o J A F q H X j L o J Q B A t e g l A G g d e s m g l w A A 1 a K X A K B 16 C W D X g I A V I t e A o D W o Z c M e g n w 9 c z 46 H f f X f z e T 34 T g N P / 9 L O L V 37 v W / b I 1 X / 1 x j d e O 5 T 6 V Q I A N M c r P / l 3 W 57 e m R o c T v Q S 4 O u V 12 c v / f j c / v k X A T h 9 + M P f n v u N / a n B 1 O 8 R A K B R m F 8 y 6 C X A l / T S 0 g + / m R o E Y G T P x w M A N B y 9 Z N B L g C 96 C S h G L w F A 69 B L B r 0 E + K K X g G L 0 E g C 0 D r 1 k 0 E u A L 3 o J K E Y v A U D r 0 E s G v Q T 4 o p e A Y v Q S A L Q O v W T Q S 4 A v e g k o R i 8 B Q O v Q S w a 9 B P i i l 4 A 8 u 0 f H v / P i / v 99 a e X 7 L 80e3 v V 1 + 1 M A g C a j l w x 6 C f B F L w F 53 j + 58 B e v X / y r 5 U t / 8e0 L f / a b b 6 Q + C w B o L H r J o J c A X / Q S k G f P 6 N j / + f q F z 5 Y v / R 9 L v / 2 b k z O p z w I A G o t e M u g l w B e 9 B B S 4 M 78 g v f S //MPzqXEAQJPRSwa9BPiil4ACu0fG/uqNS+df3J8aBwA0Gb1k0EuAr157aev2HQcPHj5w4BAwJI4cmj1wMD0IDJW9e6dS+wKg4eglg14CfPXaS8+MPLt7z9R/8V9tAQAMicOzR57c+lRqdwA0Gb1k0EuArz566fndk1/d9AQAYEgcOjxLL6Fd6CWDXgJ80UsAgGL0ElqHXjLoJcAXvQQAKEYvoXXoJYNeAnzRSwCAYvQSWodeMuglwBe9BAAoRi+hdeglg14CfNFLAIBi9BJah14y6CXAF70EAChGL6F16CWDXgJ80UsAgGL0ElqHXjLoJcAXvQQAKEYvoXXoJYNeAnzRSwCAYvQSWodeMuglwBe9BAAoRi+hdeglg14CfNFLAIBi9BJah14y6CXAF70EAChGL6F16CWDXgJ80UsAgGL0ElqHXjLoJcAXvQQAKEYvoXXoJYNeAny1sJdWZn/16d6J1GCu3c9NfXjspfef25Yaz9h28cBL2SVPTanBDw+M784OTo2YEaBvo9c+nv/g4/nblzdnB68tmJF4MLkksA7oJbQOvWTQS4CvdvbSg/H0oJuKJV01UjjFyXRqauriluBGvKSsHt4emYjqSGXV9ZHws6mOAnq1eeX+kZVpdfvkqqkj6aJgMP5szpLA+qCX0Dr0kkEvAb5q7KWtyw/KTRNJID2anbM/1L0092B+edZaLGvk+rGJU8FtCR5zu9iW8fejCjIRZQ9arO0DfRm9dv/5Pfr2nstHwomjhZkPVkfDBRZmotkk15LAOqGX0Dr0kkEvAb5q6KWJm/O/enTuV4/ml1f23np07tbNrcFgcEOJz7gbvypLqjoyN4LPzsuKV1e2Ln8aru4kkRNMCsmNYxPXg/hR4RTOIOlT9aIiiiRmomRhnUk501P0EvKdXJ2PsyefLKbjx8wpJXtp+vnb0W3HksA6oZfQOvSSQS8BvmrqJXNC3awkk5o7cvdS9NlwPBDXVDzX5BSeRLft4gEVRdI8wXl0unOmLo6kp4yCv3Ry/6mSY3IpPjEPyNp8cvWIpE4wI1Qo+1dJMjJzUt9W0RVNK7mWBNYHvYTWoZcMegnwVU8vWZNCW5c/VafV5cwv6dtqMsqaR7Ibae1eMplk9VIwy5SeWQqFlSW3rSKKJpqixdSnXDNOQE+mn79tpVEcQmpcX+/h8vO3g17KWxJYD/QSWodeMuglwFftvTR+9VFhL4XUqXfx+XjleknNI5mqCWeZgk+Fs0ZhF6VEZ9kl/mbJXp2ZJQxI4i+RpIjiqaRIdG7e2ksCFaKX0Dr0kkEvAb5qOh/Pnj4KbluNNPfgXHh7dnzOXNFhdu8ts2TJXrLmlOz4CSeLEtmze2Qk+Vm5bf95Unw7vmge4Ct5aYfM3ztZ18dbY0mgUvQSWodeMuglwFdN80sPZm/ps+zUVR/CItIzSHrw6oOwnSZWzGLWkj30UjDFpKaSTPnYZ+Kp60AEyWQWE9Z5emrhcDwqK3tJkXNSH4aepM78B9EZdAXUXyjpU+/ihaOT8VJ/quRYElgn9BJah14y6CXAV+3n4wEdxVlz6A56Ca1DLxn0EuCLXgKqwFW/0SX0ElqHXjLoJcBXDb0EAGgVegmtQy8Z9BLgi14CABSjl9A69JJBLwG+6CUAQDF6Ca1DLxn0EuCrhb1kXXkcaL/gSnql/9ip1GUknNscvaYvr3dtwTGYfANc56CvPZePfKAeecf/squjXya9hNahlwx6CfDVzl4qvoZ4CSdXU0eNQC1U2OinYsnDax1Ca/SSa5vqGuXBVcjVZ6MQktvhAtZvhHNwEMK3jZJH1enroXfzy6SX0Dr0kkEvAb5q7KWtyw/KTRNJID2anbM/1L0098C8d1MhOXxJH7jER4RpZa8BvXll1bVYdnUZcbwJ6XzwfqN7Ls8kHkZ2dXnw2cfj+IpyBt3yv3yss/DYWt1Wb6+Ufqqk7bl85PbqjONJYq+45jbjBUavRZtSWw4jyjnoTz3tVX2lHm3wqe78NhV8ma1GL6F16CWDXgJ81dBLEzfnw/efXdl769G54NriiYuMx2fcjV+VJVUdmRvBZ+dlxasr6i1uCy9NPqpOK1JHLeZGcCSkzjUKRC+f6wWEHE7JYVb+oZI62UYteWRlQb2paHyI6VhdD8qIvsfwjtRn9dGVHrx9eXSPOtLKX10esxpJPs7UV+QedFMH0OoB6KPMskeE6EfJ/gl+sup5tToThEr0M5Jx/WPSg2p5eSYEzxAzYn7i4dNJPRud29QLR6xDebkvvZZsJz7odw4WKPOVOvHb1B70ElqHXjLoJcBXTb1kTqiblWRSc0fuXoo+G44H4pqK55rc4qOlFDkSSo2rY6PocK2IPgaNDqGSR2Op1WXJeESW1Iet1qD9snTZ1d1fUe6XmSGHlcF2ULnNJ1eP3F4dLf5uywG3OnYPf77W01L/pE4mpneiJ4x5MqTIuH5m5m7TLJYYUc89HRv20885mKfUV+rEb1N70EtoHXrJoJcAX/X0kjUptHX5U3VaXc78kr6tJqOseSS7kYp7SegXnl2Hg6lDIhkxx1tFEgde8VFadnX1knP0MnbwoV7AHGMlDssc965furaYIzPnV+T+MtOSDx71021jno2Jp6V6AliH4/HPzhzuh2StxJOkYJv6WWc906wnoawVbz87WA1+m9qDXkLr0EsGvQT4qr2Xxq8+KuylkDr1Lj4fr3wvhdTxlnVqTfIg0j3iljxIMkdmjtX1Yav5MF4gOnSzl19z9azUV1QwGKOXGkcdmkcH94kQkqeEep6Y50D6iF8/YeQHGj+RzOp520xEhZJ4PkRLOgfDDweN36b2oJfQOvSSQS8Bvmo6H8+ePgpuW4009+BceHt2fM5c0WF27y2zZMlemh49aV5mThz5mSMzw3GM5aSOUM12zMvbztXjz1q35YbjCGyt1Q3nV5T7ZWbIZ60vfM807VS7+EdvH3/L8b26rX5emSeG9SO2M8B6Zjq3KUf/qed88tlobjsHq8FvU3vQS2gdesmglwBfNc0vPZi9pc+yU1d9CItIzyDpwasPwnaaWDGLWUuW7qU9CzO349fjEweL0cvS5swc1zGWol9jto6Z1AHoqtms2aZ79fhe4s/qDYaD5tVr9+rqaDK5pPMryv8y0w9ekQPHeGHnl4yBCH7QJb7D5icSHfqrp030U9PPgeRG7IN4dcge/jQT183LbDP5c4+373qKugfzlf5KM/htag9
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d65305d-db8c-483f-ac89-efc7950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T13:30:05.000Z" ,
"modified" : "2019-08-27T13:30:05.000Z" ,
"first_observed" : "2019-08-27T13:30:05Z" ,
"last_observed" : "2019-08-27T13:30:05Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d65305d-db8c-483f-ac89-efc7950d210f" ,
"artifact--5d65305d-db8c-483f-ac89-efc7950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d65305d-db8c-483f-ac89-efc7950d210f" ,
"name" : "strings.png" ,
"content_ref" : "artifact--5d65305d-db8c-483f-ac89-efc7950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d65305d-db8c-483f-ac89-efc7950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A B D Q A A A K P C A I A A A A d U Q 2 h A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A F i U A A B Y l A U l S J P A A A J X 0 S U R B V H h e 7 d 1 b b t z I E q 7 t f y 4 b 2 M C e i 2 F 4 J o a g Q a x r G 56 I Y A 1 E k A f i 9 g x + R i Q P k R m R B 9 a R J b 3 A c y E n m U d S v b 6 o c q / + //7P//1/AAAAAHB3FCcAAAAADoHiBAAAAMAhUJwAAAAAOASKEwAAAACHQHECAAAA4BAerDj58vPP3/9ev7v2Xb7//vf3v8m54wChi7ylAAAAn9BIcfLtx3tK85M/P74WV2vavcbG/Prrbbrh9/PaMhD77MjB+NkIaXzv/deX5f58wDMSp8718jTQeFhH2sL0HN9+fpv/eLCzpTgBAAA4Tbc4eX6ZQvlSHmjqGqlP2r1Gx5y/4thXnMjg9UiqlYYZ0Cm6Z0vV9ZweOqW7mzpsvKH2cZWOsYW5XNyKk4Od7RnFyb7HAQAA8MF0ihMXs7rhXrR7jY6pn3xfozixobYgcdZ8beKmk8Eb3TueXoMyLGy8mb1fL9x7C/KA0ltRPIgjne3AW1pxv297AAAAjqBdnARlw0DwavcaHDNVEc/Fzf3ZJd418mi7OCkLG5nO/xWvfPF7hLO3l3Rlu9PwfbewTuRnvO/CMgO/IxUUJwAA4HNrFyfRFwXLp9GawGyQkps1uLd69a7Olngn4TIqTrR9/gQ9L0UaxYnMsvYKaowgU0oX2xItfg+ZIqt2qo3KbnNe8PzdTtrL+6//5V/1bL20MTqu7ZHZbyGEOZD8UnYme7YQrH+VTbFcmnenGT1dqpy2jFxcutTCvOUY9Q23Xcw67SDL/XaW8p302w8fx3wgy+N2G5ns2wsAAMCRNYuT8HNcU0jMyUnbt5/bvXpjiu0eDV5l7JtC2HZzatkGTDFuVea5INQuwsIjW4DGxyyp7yezlNsPG1Pw3fb+/LKmVduu+836mhPuH1fwODSCm3PTGc3TGd/C06s5T7lh+aOe6jbFvLXJvLv1kt/dLHyO5y8sthzj8uj10N7ep8a8ZRmkd+zV7fvHUT7ugt7vXxIAAIAHdVZxsiU/uXNpbPfqj2nrgaw2mJTZWkmAK4uQRJaXlxNhqFWyhrDw0DXIOMVQJ5LVugTpG2ub0rRa7qg8oqVj/7jc44jmLafwq601WmbksIoQco/J9H5q2+6f49kLi+kx2lX5dWaD9I69uv34cdTfuu7KAQAAHsuZxYn+8f31xSbF84qTPI1FydtltbBxUXwuHofaiczrI6wszKy2+ONpZBC32rKxGd/zPJpvP9tv/7jKx1Ec16wcZ2gLiT7BubRbV54as3Cf+N1V8nflOZ67sJg/xnaLv5o3VrcfFyfVtdWLHAAAgMd0dnHi89M5xUk5uMa4s4qTYoRKqA1XpeGvqFiacw0K15A3xusRUVo1ITUP4v3jKieKi5Ni2KEtpKWa0YqVp6vCnLDfXbTfSeU5XmJhnj/Gdkv/2Cvb98+9tbb6SwIAAPCg2v9CfBD1JGPZtKTlxNu7DUntXo2rcmlObE4afyT25XTMbnFShm+l4a+8uSyfTlGeoW/cV5xsjfKDCbv94xorTvw4J2whztl629ru74l71Z7jBRdmxNuvt/irtcZi+/vW5m4GAAB4dO3ixGejIhQun9nn4b7dqzemJZdc2i5qg/KejAY4M3g8lywpGKH2zcm5xYmuyg2SNVY3FafVVDI9lcP2j2soDUeL6W6hHFkH8SufmHrPzx7vt/IcxQUXtvB1Rbulf+yWLXfLtdW2n9THBAAAeEyd4qQI6EUmk+Q0XypyUqtX76pVxi+9+V+5BvPHLz9fTSjUibJsJwO6UCu3hUk3TbeFRcmRlUxcpVtw+dIcXaVR5zL3mP+3rkpYl/vzS93jCvau+diO47qY9tYWsqesg6zDZv+nUnJpmc7+7K8a4XOcmTWEjY2Fxfwr2m7pHXt1+/5x5Fcn+etUeUkAAAAeVLc4mWiYS0xO0rxlPh7WUGtyVdxr7OpKo5jJW3METAF65jPiesnn1yjUuo+rMyn/Laq3VeVpciXDZiuPGs0pLVO7tDpLGy+21j0usW5wO2dd89ql9oC6WzDzTgszK8/2Zcf3u6vsN3qOq9MXFpuPcbild+zV7Yv8cbi1+dcpeEkAAAAe1EhxgmuQTOmiZNg4xMflWuPlXHgLl3PYhQEAAKCF4uRupHJwH9iHjQP0A3X3V3quXJxcdguXdNiFAQAAoIHi5COoFSG1dkTkq5X170etqn95DAAAAJdGcfLYtPyYMnRcgVCcAAAA4IFQnAAAAAA4BIoTAAAAAIdAcQIAAADgEChOAAAAABwCxQkAAACAQ6A4AQAAAHAIFCcAAAAADoHiBAAAAMAhUJwAAAAAOIQHK04u8p88//77X+O/qo5Ludl/n57/ED4AAMDHMFKcfPvxntL85M+Pr8XVmnavsTG//nqbbvj9vLYMxFA7cjD+iUHWrWQ3HeHlaaDxsHZu4fSa4WYTXZK+eO+/vpTtAAAAGNUtTp5fTCjXFDhSn7R7jY45f8WxrziRwetxXxPk/hrDr+QEMogbIWy8ofZxlXZt4Zya4WYTXc6u4mTfsQMAAHwSneLExb6hcN/uNTqmflJ+jeLk7ec3194UreQUT69BGRY23kz964jYni2cVTPcbKK72HvsAAAAn0O7OAnKhoEg2O41OGaqIp6Lm/uzS+xrZP0TipN4JScJZz9hSZezOyXv2MJ5NcPNJroHihMAAIBIuziRbyHKLLh8eq2J0AYsuVnje6tX7+psiZsSRqPiRNvTtxlFKdIoTmSWtdc6rB0qKD9qKzmNjOb+5k/YqIK1yV9tmm5Oe3n/9b/0R99LG6Pj2h6ZDLU0CrO7/FKW+8e3EM2ePZp5L5rU0w32xbjZRKFozKycKB7EtKS5xV6NZpRLS6OIX6ps3vNfPAAAgIfQLE7Cz3dNIRGksenndq/emGK7RyOaSWYaGae4tt2cWrYBU1hcLctbyIBZMH16NX90hVN9JaeSKcrth406tZnx+UV/nqPt2q77zfqaE+4fV/A4ZDH23HRG83SGt9Cdfd7LOle5l5tNFBgd07wS0rJM0ZkxOHaj8ugBAAA+vLOKky0pyp1LY7tXf0xbBsTFSdHdhsKcLC//4N8VJ7l8qNZKTiZTuHF8Y21T0u52VB7R0rF/XO5xRPOWU/jVho3d2eVnk/7vOJE3NqZ9EHtmDH8LFnYcAACAT+XM4kT/+P76YhP/ecVJnvmi5J0nwlrjQuoTU43IgK440VmkjFFx+uzH2VGyWbfasjH80kD45JpvP9tv/7jKx1Ec16wcZ2gL/dn9XsqWm03knDlmZ8ZWcVJ99AAAAB/e2cWJz2HnFCfl4OcXJ8UIZXEiiy/+fYC0l95KzlCuIWish1eferM4K8vejqJ/XOVEcXFSDDu0hYHZ/V5cy80mKp05ZmfG+vNtXQIAAPjo2v9CfBANJZ/Z1KUh/u3dxql2r8ZVubR9g5FL43cjo6Nj1ooTFwSXBNlfyTnKM/SN+4qTrVF+2FXLjRUnfpz+FgZm93vxLTebqHDmmJ0ZKU4AAAAi7eLEZ6yitFg+s88/WW/36o1paZFQpu3sext/T0ajnhk8n6sMgjpUnimzS5f55iTNW+yiaKxO51OvSN/zPJXD9o/LReFo/Ggx/S30Z/dzBbPfbKLcmWN2ZnTHbkSnDQAA8Dl0ipNUfqxRSRNbXoTMl4pE1erVu2qVQU1v/leuwfzxy89XEyh1oiwjyoBFcbWOr0OVmXJxcmTUjm5Mc3SVRqk37D3m/60rWKHO4hbfPa50AlllqLnZjuO6mPbmFrqzyx/zBfuWufEmE1lnjtmbsTj2/CWpPHoAAIAPr1ucTDTBJyZvaVYzHy1rqC1zv+s1dnVVlgQaGV+/pwA92/LicsN6KY/dQgYMsvhys8+Ui3Ilw/Lcucq/a6o0mlNaPmivrTBtvNhv97hEisKTbXe65rVL7QH1ttCdvZfgFzebyDhzzP6M2bH7lyR49AAAAB/eSHGCa5D06UJn2DhkDtM
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d653271-9780-4fcd-8224-4d42950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T13:38:57.000Z" ,
"modified" : "2019-08-27T13:38:57.000Z" ,
"first_observed" : "2019-08-27T13:38:57Z" ,
"last_observed" : "2019-08-27T13:38:57Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d653271-9780-4fcd-8224-4d42950d210f" ,
"artifact--5d653271-9780-4fcd-8224-4d42950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d653271-9780-4fcd-8224-4d42950d210f" ,
"name" : "listalogo.png" ,
"content_ref" : "artifact--5d653271-9780-4fcd-8224-4d42950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d653271-9780-4fcd-8224-4d42950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A o Y A A A V i C A I A A A A Q m q o 0 A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A F i U A A B Y l A U l S J P A A A P + l S U R B V H h e 7 P 3 P i 1 x Z l u e L 1 r R n N S q 4 v H q 3 b u f l d o d L r b r x 3 C 7 h h d o l L 9 c L s 2 y v l j 85 V I c L E w h k o 0 A Q S n C h I M F z 2 I L A i 0 Y k 2 K g 10 u Q 6 m W g g C g c N R a I Y 5 P T G f 5 C T G u t f e G v t n 2 v v s / a x b W 7 n m B 83 / 8 I H c X z b / n F M t v b + n L X t x / m r / + O r 2 w A A A A C 4 c q B k A A A A Y B B A y Q A A A M A g g J I B A A C A Q Q A l A w A A A I M A S g Y A A A A G A Z Q M A A A A D A I o G Q A A A B g E U D I A A A A w C K B k A A A A Y B B A y Q A A A M A g g J I V v r p 15 + + //v8AAAC4Wv7T3/+f2fq82UDJCv/l4J/+cX98/x//vwAAAK6Qf/qnw1t3bpCVoWSF/3LwX//3//Cf/u5XXwEAALhC/vHB5D/9/dfZEr3BQMkKUDIAAAwBKBlAyQAAMAigZAAlAwDAIICSAZQMAACDAEoGUDIAAAwCKBlAyQAAMAigZAAlAwDAIICSAZQMAACDAEoGUDIAAAwCKBlAyQAAMAigZAAlAwDAIICSAZQMAACDAEoGUDIAAAwCKBlAyQAAMAigZAAlAwDAIICSQYdKnuy++3z87nQrlOydHn78fGyR5YsxXZ3NGuVNZuOP81Fe6DEnMJ42ymuZjKYT+SefFT+d8oiXZPLHP/3mX/aTwl//9jf/9qff/fm3O75k51/+8Dsq8cyeFwsBANcSKBl0pWTWVSa/0dkqOuTmFVZuVXI907kyFhu92XlHIzqCUxMls49/z1cDz38vrex5Ovu3P/zzr2sKAQDXBygZdKRkTWmjs/e7e0mJZevk/eGJzD4N03mjUNF8g0sIkprk3aqnRIWUEzdOQBnR1DSFe6fj2A+df+W5kZilkilp9vkuibaR+5Kn//g0KSkVAgCuEVAy6ETJ5J7UvnLLWlqNzP3xM8lP2I4M9/7QbFNzYba/TfUX7HgXlWyHyDaZOfM2JeHAGtqeJxMvLIxQlUuNbES+bjA6N/28Ox3tsZJN//R/YgoX5/qpkvf/+c8mReaDP83++Pt0T9sU5hvUaiEA4FoBJYNOlKx7sZElU7Vm3iwLm/3oPQvaK2SPFtNuZY+dripYpc1MN+2TqvmLBroIcKm2KFSuVxRSJVNmzEp2hVn6++vf/qa5la0WAgCuF1Ay6EjJWi6bKzkRVUAarunXhT5bSsm2xGTD6Zk0lUx+tSVRtI6sT/rTnmH0PSfoIjNu9NBEUXIwcarkbIu7pRAAcM2AksEas+TLKFnvWdBeofgoW1M81FAyNxzz5vPnw7N5etqNPs1uPBF7SLe7lRQ8J3Pq5I/xs9bpQ/v//OfmZ7jUQgDAdQNKBt18vEu1TmPjmvPImC/uTYznpOE022n5t6AoXUP2qPxSU5J/0/kniWzi1CxTz/pUT4AKQxN5XCJPc2NmnOqWypsb1GohAODaASWDbpSsulP7xDX5yewbx7RSKi3TW9wKLpN0aD5R5R4iy4Zy/xbvbOy+WCwKLT7TNT3k43JKzc+Oy0Pz8HxNwh3K/fnHDhc+BaK588yJcv5VY/4MV2ODWi0EAFxDoGTQkZKbiebKZO/IDpT0u1t0zhUCBgAABSgZdKZkm9RmXzq6LCb3Hb6P8xS5q6cPALiJQMmgQyUDAAC4PFAygJIBAGAQQMkASgYAgEEAJYN1Kjn7QLVgr9tbNnGJ/3R0H2/u7vC9Itx3k8yx/f1LAABYASgZDEPJ9STfGPaw0dWeuxgxhx2c3eDh+e9hZQDAqkDJYMhK5s9dZ6nz1hK3bCKUEU1lU3i5uza5H6DOyhVPAwDAUkDJ4OqV7L9HlDxkfuiDS8KBNbT/rlHNLZuIbETezTZGN11d5q5Nzd/08DRvV6zdVxEAAEpAyWAgWbLiTvWtZdJnXr5XumUTkXYrfmQ7ZtvJL29TJ+0/finuZJyTP/Trp7M//2H2HL+rBQCoA0oGw1SyLTHZcPo7nU0lk1xtSbRsJOuW/rTGjcrnHF1kxlonkskfizd4KCfQAABQAZQMBqtkBytTPNRQMjcs3LLJPZp06396OnaS7ngrWXjCElkyAAAsBZQMBrpx3cUtm4isW/UEqDC0ksc66d2LBc33kgEAYBmgZLBmJZu9aIeTH1k2FPr3d1e8ZRMd80Ohhy7v2qSrV/nE9a9/+5t/+xM+hg0AqAVKButU8lXT0V2bmvcnZvvq34zCu8sAgFqgZHCDlJymyERpF30hnBP7LziZGxtrvxPSNDcAALQAJYOblCUDAMCAgZIBlAwAAIMASgZQMgAADAIoGUDJAAAwCKBkACUDAMAggJIBlAwAAIMASgZXruSXDz/88uBeVrhG1N8J4Rswh+9KEfEnvfwPm4ifGUnuWrHox0bccL5DMXp+E6qsJrg+2K/btf5YuqT5q3MKLvDSn4xtDJT+Qs7lv+ZXAc8RPu34g3rXayo1z38AQMlgCEq+2MkLl4SmXDYJ6xFteY2wx8ntoSJUwS8T8ac3Y+Gi04j9hxVHNOHl1Q+q1DTlYPjw62heO3oRa9Z6o9XUFg2oTtSeDJiWgaimFsPd4X6eVo3/GMDDnUqN8x8AUDLoTMm3X1zUJbvk4C8Pj+WfRsnHF49fPBLVSvCvcmZTKC5YCjQPW9e7ZPL71UFfR9wcTgtD5UUDNfrc2ps0Rjf9qzXFn2DAiCChF1cNGAm/1vPxgt9mJ234CjE2FgzUNE3rNFkaf0GQnsb1mUrK+Q8AKBmsrOR788cfvsw+fHn84uWDt19mb+e3baE9YOLW9M5rqskCDgf20cfU8PXL2y9+cc0L8AWvmT/hwMwov1uVbliZOgTN7ezqOCWZyX4h09cR06eoHHBjaQ9F0oGUwnCs1gRXDr0uC5dvihz72tEB36PMqIUbukSWTRBzYuuexEA+tk1ghyCkHswxPeq0qg5kK/vCeKr+BMzoi5LCmqepQg1F3GIqXQIoGXSi5LDz/IiszBmwrmT/qCu3RGHHjFmnaFY3+RuFVRt36aR1mQSvaNbojOzcLmqNnmkBTdfEBq7nrJxGjwO5HvSa4KrZms4pox21vso+nJxlRWSaCJkmfvIvdKJkAZVHNTpXhebFgZg0hBYHp6Tqaar0MpXMpUmE/0P0CbIRUwlKBl0oWaS2lOny/nMhSzbHnFKLbFhquF3JhJ+f6TQuKblqNqbriOuqcGkf4fkfl0u3uIh+FNKBtEK/GKk1wbXAvHYhIJPI5JgRsokxliuZWqVqoQq+H+rEtmoZKOtwYTB3RRq37pQwlZYBSgYdK3nn9ZdWJTt4jzpuXNcr2WHmbZJAiPWorVAhmbR+LatYxWL/VJlPJru6b6D2mS4ZtasYGC581eivBRM10oubyIZeeuddh3vpYyqpRmPoszhQHj9rCydMpZWBkkEnG9cyCbbHQsPHFzN3/GjnOHyA69GDt6FmpZIno2nIevPFrpkQx3nejpzJ4VifybPdOEo8gTh6uig0oCbxlLZO5tw8aRJWIq2mqwOGTiKYEEX0QvNx8sp6RDDLeGA/2XIKjHABGo/1gZTpwIPGkr1JX4qSJx+OMZWWAUoGnWTJFw/fmu1o/pCXk67Jg03h6wun53svQzVRs1rJe7Ox+M5lsujQbHTlfmmTC1aKybBjNdFW7IfzaugLGVN/OhvHHUV3AtxbXHHStU+BVgrfw9kpX2HI0ZN32ho1YyfgarB7qmpQpYTXznuUX2Ufcia00k6ik2wIudddfhJbxIkWJEHYtn8R3g4RToueQvXTbICptDJQMuh44xoQdlGTtC4u4Log3bnB3JCnOUSgZAAlA1BFY0N4M7khT3OYQMlgZSUDAADoAigZQMkAADAIoGQAJQMAwCCAksGVK1l8XaqC+3f3Px1Nzu/eycpVnuxPqPKng537olDtQS10zfe3ZSEAAPQElAyGoOSqnwchWJxGkCTLhVamyq7O9m7QqtqDVnjn1cHkzbZ/NJU6AAD0AZQMOlNy/3eC2n5ztPvEHpNlw3G
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d6532f8-5f78-45ac-8157-09c9950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T13:41:12.000Z" ,
"modified" : "2019-08-27T13:41:12.000Z" ,
"first_observed" : "2019-08-27T13:41:12Z" ,
"last_observed" : "2019-08-27T13:41:12Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d6532f8-5f78-45ac-8157-09c9950d210f" ,
"artifact--5d6532f8-5f78-45ac-8157-09c9950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d6532f8-5f78-45ac-8157-09c9950d210f" ,
"name" : "cyber.png" ,
"content_ref" : "artifact--5d6532f8-5f78-45ac-8157-09c9950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d6532f8-5f78-45ac-8157-09c9950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A B 1 Q A A A V m C A I A A A C h u B s U A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A D s M A A A 7 D A c d v q G Q A A P + l S U R B V H h e 7 P 3 p d 1 x X g T f 6 / 973 A 0 / T 3 b E 1 T 6 U q m q Z p h g Y 6 S Q N N x / M 8 D 7 I t S 7 J m V c n z G N m O L Q / y L C U E 0 g m Q d q d z 0 y Q P D z z c w O X y h L V 4 f 3 l x e X P z V 8 B a / A m / U 3 W k U m l r K l t T S f q s 9 V l a p 757 n 33 K h u j F N z v 7 / P / + 2 x e / A w A A A A D A C q P 8 B Q A A A A B Y g Z S / A A A A A A A r k P I X A A A A A G A F U v 4 C A A A A A K x A y l 8 A A A A A g B V I + Q s A A A A A s A I p f w E A A A A A V i D l L w A A A A D A C q T 8 B Q A A A A B Y g Z S / A A A A A A A r k P I X A A A A A G A F U v 4 C A A A A A K x A y l 8 A A A A A g B V I + Q s A A A A A s A I p f w E A A A A A V i D l L w A A A A D A C q T 8 B Q A A A A B Y g Z S / A A A A A A A r k P I X A A A A A G A F U v 4 C A A A A A K x A y l 8 A A A A A g B V I + Q s A A A A A s A I p f w E A A A A A V i D l L w A A A A D A C q T 8 B Q A A A A B Y g Z S / A A A A A A A r k P I X A A A A A G A F U v 4 C A A A A A K x A y l 8 A A A A A g B V I + Q s A A A A A s A I p f w E A A A A A V i D l L w A A A A D A C q T 8 B Q A A A A B Y g Z S / A A A A A A A r k P I X A A A A A G A F U v 4 C A A A A A K x A y l 8 A A A A A g B V I + Q s A A A A A s A I p f w E A A A A A V i D l L w A A A A D A C q T 8 B Q A A A A B Y g Z S / A A A A A A A r k P I X A A A A A G A F U v 4 C A A A A A K x A y l 8 A A A A A g B V I + Q s A A A A A s A I p f w E A A A A A V i D l L w A A A A D A C q T 8 B Q A A A A B Y g Z S / A A A A w D P Y 1 H 75 / M h / X X r z f 9 z 40 c d D 73 + y E K K V o / W j p 0 T P C p 4 O Q P G U v w A A A E C x / u X o q a C o X W h b u l 4 N v g M A R V L + A g A A A M X q v P l W v p a 99 s 7 / u v T m / 1 g 48 V M u f u / D 4 D s A U C T l L w A A A F C s n j v v D L 3 / y c D b P / u L z 79 U / o 1 N 61 r O f / 6 V A 9 F 15 K + + / K / f O X L y K 9 t b P v O F f 44 + / v c v f v s b e z t f P t A X X c Q T n t X p R / 8 Z 97 / B d w C g S M p f A A A A o F j n R z 4 Y e v + T S 2 / + j 3 / Y e j x / 5 u + W r l c r v r E 5 f e / d + O P h C / f / 4 v M v H b v y J P 7 Y f e v t 8 m 9 s L m x 1 i 3 T 4 w o N 4 h e A 7 F O 8 v P v / a h 3 / 684 d n X w p y g F V C + Q s A A A A U 68 I b P x n K l b + 7 M j f i Z j b + + L W d b f m P k f J v b C r 8 + H c b j w T F b j G U v w B z p P w F A A A A i p U v f / 9 p f 3 f c z E Z a r 32 v 6 s V t d 977 T f x x 4 O 2 f f e Y L / z z 47 q / i j 1 F e + c 0 t Q b F b D O U v w B w p f w E A A I B i n X n y / l C u / P 2 L z 7 + 0 r e f q y Y f / 0 X r t e 3 G 3 + 4 + 72 / u G f p S + / + / x P t + / X X + 45847 Z 4 f / j 5 c P 9 M V l 7 r P a 0 z 9 Y f P n 74 p v / 3 x //9OdRH78Wh6Pl75vv/j9jQ4VF8NS37Iom/39DZ8dv+X/ePJ6/JTDlCrG/OPu/80PxCrmVoy+Q/Ur5PA7jj0pqYN4pfwEAAIBixTt/r73zv14+0LfQ+oZ+VGT5myth/7+hXdnyNC58R/vW3HV+qHDatLeMtbEfns110LkOd8padroVsh/H7sq12Lnv8PFrYysXfoHo4/9u+3z+4+g1wHxR/gIAAADFisvfRRZ8h0BQvBYKO9nRvbejhezUt+TmREP5DcjZWvb/fffFibXsjA89PvT/Tlgh1wWP7iYOvkzw0eZfYH4pfwEAAIBilWL5O31tGle0+aH8x5luGRsKq9vcdt3J0wrD2BQrxEnu9In8LcEKMywI8NyUvwAAAECx4vL3xo8+3tL16kI7/eg/iy5/w3I2NmP5O80tY0Pj1e205e8MK+Sekl8hfq7yF1h0yl8AAACgWHH5G7/wrRhrv7Zh3+nbPXfeiXQN/tuWrlc/84V/DuZMp8gXvs1Qmz7vzt8iy98ZVsg9Jb9CnCh/gUWn/AUAAACKNV7+/u1Ls/rbDYcH3v5ZXODm9Q39aO0/bghmTmnPyeLK37/NVrpTH7+bG/rw3FjBOvZxpltyJWz2xN6xr9H28Z//+Id3X/zbCbXsjA89PvSHCSv8xblcfXwuV+/mv0zc9k7zEWBeKH8BAACAYhVf/q79xw2D7/4qbm8DHTd/EEyeUpHlbyT7Traxzblx9/rHj1/LXU9d/s50S66EjYeyXyPb207dyU63Qvbj2F25P0j2odHQzG2v8hdYCMpfAAAAoFjFl79/t+lIXN2eH/mvxn/d91df/tev7GiJ6+BbT3/93//+28H8yYovfyO5KvbPo/Il7PTlb2TqW+ISNndEQzwUzw/q3diUK8Ti/jcWbxBW/gKLT/kLAAAAFKv48veFr63vG/pRz513ql7alg+PXHoc97l/u+FwPpzO4QsPii9/54sSFlhJlL8AAABAsZ7pzN/JDp6/F/e5Nd/aEQxN9kw7f+eL8hdYSZS/AAAAQLHmUv5+c1/nlbd+Gt3+6lv/83P/8C/B6GTKX4A5Uv4CAAAAxXru8vfz6w/2P/iPuMzd2j0QjE5pScpfgJVE+QsAAADLT7L3Uc3B80G4CJ6v/F3zjxuaX30SN7nHB0aij8GEKS3Jmb8AK4nyFwAAAJafRMdQKjMSq2u+VralPZiwQJ6v/P2nA91xjXvtnf9V+U9bgtHp2PkLMEfKXwAAAFh+Eh138+VvMv0kvmjsvFe592Qwc349X/nbev17cY37tZ1twdAMlL8Ac6T8BQAAgOWnvvVGKjOc739j2RY4nQ0bu+5VHzi7ZsPx4K65e77y9/Tj/4zuuvbO//rM3/1zMDQDxz4AzJHyFwAAAJafumNXC2vfKcTbgfue1B0bKNvWGdz+3J6v/I338O4/czfIZ6b8BZgj5S8AAAAsP7XHriZzm3ynlx8dvUh03avaeypY51k9X/kbqfnWjiCZlfIXYI6UvwAAALAMlG1uq9ydqWm61NA2mOx9lEw/nnzsw5SSfdktwMn0cO3hS8Gaz+HUw/94jvJ3z8nB6JaWgdef6dgHZ/4CzJHyFwAAAEpO2Zb26kMXEu23C2vcbIfb87C+9UY0VH/iVjA0WbLvcfSzvvXm0h77sPYfN8QdbuRvNxwORmdg5y/AHCl/AQAAYOmt3dBac/hiY/eD8eo2PVzfeqNy76kp39tWuedkfuZEw6NbffseVx88H9w1d+dHPhgaLX9fLtJ///vvxB3unfd+U/XS9mB0BocvPFT+AsyF8hcAAACWTM3B88meh3Fvm+x7XNd8rXJXJpgzpYpdfWNt75j0cLzVt6H9dvn2nmD+fOm5886zlr+Rv9t0ZFPHlcZ/3R/kMzv9+D+VvwBzofwFAACARVW+o6eu+Vrc2DZ23qs5fLlsa1cwZ1blWztzKwyn0iOpdHarbyRaNpg27zpvvhUXsgNv/+z8yH/13PlhoZaB1w9feDhHrde/Fy118Xsfxg+KLoLvAECRlL8AAACwGCr3nkp0DcUtbaL9dvm2Zy58C42Xv7mDgIvcLzx3Lx/sizvZRbOt52rwHQAokvIXAAAAFlD51s76lteyFW36Se3RK+VbOoIJz2fNhuPRmnXHXwvyRfAvx0533fq3i9/78NKb/2PhROtHT1nXeiF4OgDFU/4CAADAgqjceyo+hDfRfrts84lgFAAWmvIXAAAA5ln1gbONfY+S6SfVB84HQwCwaJS/AAAAMD/WbDhee+RKdqtv51Dl7v5gFAAWmfIXAAAA5ip/sG99642yub3JDQDmi/IXAAAAnl/Fjt74YN/61pvBEIvpL/7lRvcH31/X+9HAB7+LdPfumziUDQc++Gjdv7ycz/P+Yv/347sKJ6x7/aN1vWP5tb7RmX/bd2B05ve/+rfjSxU84ncH9o/mUy4LsJiUvwAAAPCcEh13U5mR2iNXgpzFF9evceeba11Hy9m4rj2w/+W/+NuXC/O83ITRcjY74fUbcb7u9dGGN14hXjkK46Vqej/Kz5zwiFwHPXbXFMsCLCblLwAAADyzqn2nU5mRuuZra9Y1B0MsiVzrOla2jjWwhdfZZragkM3LV7eFYSTf845Wvdf6plsq7nZrRvO
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d653341-ce34-4173-9c7a-caa2950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T13:42:25.000Z" ,
"modified" : "2019-08-27T13:42:25.000Z" ,
"first_observed" : "2019-08-27T13:42:25Z" ,
"last_observed" : "2019-08-27T13:42:25Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d653341-ce34-4173-9c7a-caa2950d210f" ,
"artifact--5d653341-ce34-4173-9c7a-caa2950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d653341-ce34-4173-9c7a-caa2950d210f" ,
"name" : "ip.png" ,
"content_ref" : "artifact--5d653341-ce34-4173-9c7a-caa2950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d653341-ce34-4173-9c7a-caa2950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A B a M A A A M 1 C A I A A A D i j n p W A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A F i U A A B Y l A U l S J P A A A P + l S U R B V H h e 7 P 2 L d x z V n e 8 N v 39 B 1 l l r F i t r Z T 2 Z M + + s n P W c 8 x z m W f M e z n N m E s K Q k J C Z J H O e i U k I m A T i J B A I J G A w y D a + g M E Y b M A 2 F 9 s Y G 4 O N 75 Y v S L J l + Y b v k i + y L b V a 3 a 1 r S 32 r 6 q q + d 6 t v 6 u 73 t / e u L r V K L a k l 6 + b W 9 + s P R X X V r t q 7 q n a p 6 / f t v X f 9 f 7 y R B A A A A A A A A A A A A E B 5 A K c D A A A A A A A A A A A A 5 Q O c D g A A A A A A A A A A A J Q P c D o A A A A A A A A A A A B Q P s D p A A A A A A A A A A A A Q P k A p w M A A A A A A A A A A A D l A 5 w O A A A A A A A A A A A A l A 9 w O g A A A A A A A A A A A F A + w O k A A A A A A A A A A A B A + Q C n A w A A A A A A A A A A A O U D n A 4 A A A A A A A A A A A C U D 3 A 6 A A A A A A A A A A A A U D 7 A 6 Q A A A A C K c X X n Q w t 21 h k W M h y b V q 58 a I H O 6 r l r d u 665 R u S b H Q c Z 7 Y 9 t G D d + n b j 8 g J u L B 3 I i D F 30 e a l B 0 1 m Y z K d M a Z n x 1 i Q f t G 657 c 3 F E 9 s S M l 5 + q D D m C w S r q / e + f w i L c F c 2 u G W C / U + Q x p C q t 6 + e d 5 A s s 2 v 7 L n R Y U w z H I b z z 3 P Z 3 n D D Y 0 i m Y z w n j J V 1 h Y d p P v i x M Y H O x h t 6 s k H 4 G m i 38 / Y M P Q M 6 r J z F T h H P b n A B i l H i m Q Q A A A B A E e B 0 A A A A A M U Y 0 e m Y t 93 a 4 f E R N 241 r F + / + q E F q 9 + 4 G h 6 S c m R 8 u 9 b w I H Z 755 B V O i x K X 3 q G Z c R o N 1 U e 3 P k 0 h b 6 L t l U W D + z H m J 4 f Y 6 V I 3 N N Z d 3 w f S 1 w 0 C C 9 M q T M k 8 K 7 f v o 5 O x S t 7 G s 62 + 8 x m U / X x Q 6 + s r 7 s x O A 3 F 8 J X r 6 c D X v X H c V N 9 D J / B G 5 c F 9 z 2 + 54 T A m G 45 B 558 X + x B 3 B D 5 e b S 56 C Q a f E 43 B K X 0 D q y o 3 r n x o Y 4 P + c e g x C j q q N z M P Y t G h + i G r 8 t y W 0 1 H a m Q Q A A A B A c e B 0 A A A A A M U Y 0 e k Y H M F y z 2 L N h Z J b J X D a q + c t 2 L z r + M 6 H F u 0 r l o u A R + l X B y / 0 m d 6 g w L 54 q D z G 9 E O P 8 e q + u Q t W r 75 V s E R b P t z Z K M S 6 e t H I x g 3 H c + H 5 B S t f O T N W Y 0 i n q I P g 2 L V m 9 U O L d t Y V M S a K n Z P h q W N O x z D t O A Z w r F + + 8 v n q C 0 u Z w 2 V Y p X M 7 T k d p Z x I A A A A A w w C n A w A A A C j G G J y O R P 321 a P + S m + g b s v q h 9 Y 3 O C L M h l g 6 b N g / T J T O / Y h i M f Y Y 0 w 89 x v a 6 p 4 v v o V S n Y 16 x 2 H 4 Q 3 O l Y e n H I 8 l I Z x k H w n K H d P l 89 t B v R J D g d 7 H x u q / T p F 3 F I A s b t O h 2 j n 0 k A A A A A D A O c D g A A A K A Y Y 3 A 6 w p V j b t P B w 29 u c L B o e c 2 Z Y b Y d L k o 3 v V G 828 s Y 0 w 89 R v M h 1 q b D X L B E U J L T k T i 7 f T X r R X J 15 F F L e B O Y R d s q 28 f X r G M 4 B 0 H a t n J l M d 9 h 4 p 0 O l k Z k x C y P z b u K 9 y S 6 H a e j x D M J A A A A g O L A 6 Q A A A A C K U Z r T 4 f A 46 r Z v H u s 4 H W w s U r 3 T C j M X P t 5 U f F z S 4 a J 0 V o Z i A f k Y 0 w 8 + R k d 7 w x v L R + j n o o 2 O m a d o m a X q L e v Y 2 k W b 3 z h o u j H c C J q + z k 1 s c J O V c 1 d u W 3 + m c 2 y 9 f o Z 3 E J g B U a T w 7 J w U F J t R d H P B 6E4 H G 4 t U b y D T u X r R c H u 7 L a e j 1 D M J A A A A g G L A 6 Q A A A A C K M a L T U R g 2 P 7 R o 26 a x v X u F N W q Y u 92 a / 8 g G f R j m L R 5 T 4 H Q U H s v q 57 c P 8 w 4 U f j Y M I 5 I O O 4 a o p 7 P 64 M 6 n 2 S i h q 185 P q y n 4 G g 37 d q + e R 7 L d 93 q M f h E 43E6 j C O S D m 8 c j O p 0 s L F I F + 0 7 m / 94 Y 8 + 6 h 5 Z X F x s r 9 D a d D k 5 p Z x I A A A A A B u B 0 A A A A A M U Y 0 e k Y e P f H O H 5 s Z 2 O R C m e h g O L j k g 7 n X L D l x c Z x G G P 6 Q v / i 6 q F 5 C 1 Y v v T i M 4 z D s 2 R g B 39 n t H 1 O I X m R 800 F I l a x 9 x + Z h 3 i Y z l O E c h G H c n G H P S X F G c z q Y L W W 8 d s X H T J k I p 0 O j x D M J A A A A A A 0 4 H Q A A A E A x R n Q 6 i k a w J c I H 5 q i 7 I f w F Q X s d G 6 S z y L i k x a N 0 x 9 W d x d + Q M t b 0 g 4 + R j Q 1 R / P U l 43 M 6 C F a e 0 c / V c M O g F m e Y 88938 v z x S R 6 R l A / M s a m 94 N p 5 H J v W F B 0 f Z A K d D q K 0 M w k A A A A A D p w O A A A A o B i T 5 X S w k H X I K 0 L C l e u L j m l a L E r 3 N C x d N N w A q G N M b z h G 3 w 1 K W d C t p o D x O R 2 + h l e K u w + D E c O g l t p g o d j 593 W u X s n a x e i d S g q Y S K e D r R 0 y f C w b d a X I u K Q T 6 n S U e C Y B A A A A w I H T A Q A A A B R j c p w O H h W z F 5 Q a l g / z F g 8 e p e f H m L h x q 2 H T l s 1 z F 6 x 8 a P m + 4 i 0 v x p p + y D H y 4 g 3 b + s M w T o e x 507 P h a V r 9 m 0 6 Y 6 r v o b V S / d U z b H z T o Y 1 E r h 56 f v 2 h X R d N v F W L 4 + y Z 6 u c X D T M M a n H Y + d d 7 D 5 n N p l 17 t j 1 N x 7 h o 864 R R n U 1 j N P h G X Z Y k J G c D j Y W a d G m N + x V w U P c q x G d j u W H z g 4 q z + B B T 0 o 8 k w A A A A A Y B j g d A A A A Q D E m x e n g Y 5 F u M Q 1 Z T r B o e c i 4 p C x K L x w P Y u 7 y z a v P O I o P G s o Y Y / o i x 8 h f A b v 8 U P 2 g h S J l 4 Z 4 Z Q x p W W N e v W T e X D Z / J W b T u + e 0 N R V 4 a 0 t 6 w d M 1 q 5 r 9 o y T Y v P W g a / o i G w s 6 / t i 1 n L t / D 8 E a J 4 Z x w h j d W R n A 6 x F i k R R u 2 s B 5 J x n F J R 3 Q 6 D O U x t D o p 8 U w C A A A A Y B j g d A A A A A A A A A A A A K B 8 g N M B A A A A A A A A A A C A 8 g F O B w A A A A A A A A A A A M o H O B 0 A A A A A A A A A A A A o H + B 0 A A A A A A A A A A A A o H y A 0 w E A A A A A A A A A A I D y A U 4 H A A A A A A A A A A A A y g c 4 H Q A A A A A A A A A A A C g f 4 H Q A A A A A A A A A A A C g f I D T A Q A A A A A A A A A A g P I B T g c A A A A A A A A A A A D K B z g d A A A A A A A A A A A A K B / g d A A A A A A A A A A A A K B 8 g N M B A A A A A A A A A A C A 8 g F O B w A A A A A A A A A A A M o H O B 0 A A A A A A A A A A A A o H + B 0 A A A A A A A A A A A A o H y A 0 w E A A A A A A A A A A I D y A U 4 H A A A A A A A A A A A A y g c 4 H Q A A A M o W u x I 6 f P 760 o 0 7 f 7 n g r b / 7 t y e I b 3 z 3 F w a + 9 a O 5 t P y H T y 56 f 9 d X h s 3 B T M P p j 9 I F f X H t V r p e d N W + + Y N f G y 7 l f / 2 P J + l a 76 q 72 O 72 G b Y F U 4 n F I X + 47 y h d C 7 o i h v v u P 937 k L j j 6 D p e M L U b N r x N U E M A A A A I 4 H Q A A M B s Y V v 1 G Y o x C p / 7 C 9 l 8 q M 6 Q v i i G r S a V / z 7 n K U P u J U I x z N K N O 7 / z 77837 H B k / v f z r x v 2 M 7E8 / + 6 n h h x v n + G u G k V 6 h p S T S o m V Z 9 x Q + P r p 4 Z P //Pj8ESrwUCg9Bb2GXU0gE3JDFTKVNWSSuGbreXrlx9/60VxDMUbgmz/4NVXX2/QdZmYNAQAAMI3A6QAAgFnBn1dtMDzlGygPp+N8cxtFL4b9lMhkOx20f0OOt0/ZOx0UwS7dsNPwy/yY+G+/eIpqhWG3t89E3VCFTGUNmXBu59Yj/tO9D1Glpctt2O2ozNgaAgAAYHqB0wEAAGWOXQnd+7uXDA/3Q7nTnY6mLte//OEVwx7GBJyOcTNJ4fT+U/V/+5PHDXmNDwqGDTsfNxN7QxVyhzoddEJ+9fIqQ77j47/8+x/oRjbsfwRmZg0BAAAwE4DTAQAA5UxtQ1OJLcnvaKdjW/WZv7nvV4bNx8pkOx10OIYcb59ydTqc/uicF9805HKbPLZ4jSGXcTDhN1QhU1lDJoqDX18dU1+VUaG9nbpuNuQylBlbQwAAAMwQ4HQAAEDZ8u6Ow6X3Wr9znY5R+xGUCJyOcTOx4XSDueu//PsfDFlMCHRaDHmNicm4oQq545yOSapm3/rR3FaHbMirkBlbQwAAAMwc4HQAAEAZ4vRHH1u8xvAQPzJ3qNMx1sMcgcl2OsY0VmKJlJ/TcfDrq5NxonSqLt4w5FgKk3dDFTKVNeQ2oRPy4z+9ashrAvnBHxcactSZmTUEAADATANOBwAAlButDvl/PPKc4fF9VO5Ep2Ni4/nJdjoM2U0IZeZ0tNg9kxrEEiU2FCpkUm+oQgx7mBAmyen4w+vrDRl
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d653c6a-02e4-4a19-996a-4a17950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T14:21:30.000Z" ,
"modified" : "2019-08-27T14:21:30.000Z" ,
"first_observed" : "2019-08-27T14:21:30Z" ,
"last_observed" : "2019-08-27T14:21:30Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d653c6a-02e4-4a19-996a-4a17950d210f" ,
"artifact--5d653c6a-02e4-4a19-996a-4a17950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d653c6a-02e4-4a19-996a-4a17950d210f" ,
"name" : "Writefile.PNG" ,
"content_ref" : "artifact--5d653c6a-02e4-4a19-996a-4a17950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d653c6a-02e4-4a19-996a-4a17950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A B b 0 A A A J T C A Y A A A A s U b u p A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A F i U A A B Y l A U l S J P A A A K t k S U R B V H h e 7 f 3 v k 2 X F n e d 51 q P 5 Y d 0 2 V m 1 W V j Z T V T Z 0 U Z p G i G I E I p E E o a w k M w F J k K I E y k q U F Z C Z T P V Q q C d h K S C U U t O z P 4 a W G s p M R A Z l a y t 6 Z k d t a y M R i X Y W g z K T r e 2 M a c O K B z x c 5 s H O g 519 U E + 0 Z r u 2 s / w J v u f r f v y c r / t x 93 P O j e s 3 b t x 4 P 3 g Z 9 x w / x 3 + d e z M j P u n 4 / a 3 / 6 P N 3 G Q A A A A A A A A A A N g G h N w A A A A A A A A B g Y x B 6 A w A A A A A A A A A 2 B q E 3 A A A A A A A A A G B j E H o D A A A A A A A A A D Y G o T c A A A A A A A A A Y G M Q e g M A A A A A A A A A N g a h N w A A A A A A A A B g Y x B 6 A w A A A A A A A A A 2 B q E 3 A A A A A A A A A G B j E H o D A A A A A A A A A D Y G o T c A A A A A A A A A Y G M Q e g M A A A A A A A A A N g a h N w A A A A A A A A B g Y x B 6 A w A A A A A A A A A 2 B q E 3 A A A A A A A A A G B j E H o D A A A A A A A A A D Y G o T c A A A A A A A A A Y G M Q e g M A A A A A A A A A N g a h N w A A A A A A A A B g Y x B 6 A w A A A A A A A A A 2 B q E 3 A A A A A A A A A G B j E H o D A A A A A A A A A D Y G o T c A A A A A A A A A Y G M Q e g M A A A A A A A A A N g a h N w A A A A A A A A B g Y x B 6 A w A A A A A A A A A 2 B q E 3 A A A A A A A A A G B j E H o D A K r 6 w h 9 / E Q A A A F h r d 3 z h j 5 M / y w I A j i d C b w B A N Q 88 + D X z z c c v m E e //hgAAACwlr752AXz0EPnkj/PAgCOJ0JvAEA1X/uTM+Y/vud+c9vtnwcAAADW0hf++F5z/vyjyZ9nAQDHE6E3AKAaQm8AAACsO0JvANg8hN4AgGoIvQEAALDuCL0BYPMQegMAqiH0BgAAwLoj9AaAzUPoDQCohtAbAAAA647QGwA2D6E3AKAaQm8AAACsO0JvANg8hN4AgGoIvQEAALDuCL0BYPMQegMAqiH0BgAAwLoj9AaAzUPoDQCohtAbAAAA647QGwA2D6E3AKAaQm8AAACsO0JvANg8hN4AgGoIvQEAALDuCL0BYPMQegMAqiH0BgAAwLoj9AaAzUPoDQCohtAbAAAA647QGwA2D6E3AKCacuh9h/n9f/w5AAAAYKnSP3vmEXoDwOYh9AYAVFMKvf/D2+8w/8FtfwgAAAAsze/ddnvyZ88SQm8A2DyE3gCAagi9AQAAsEqE3gAAQegNAKhm40Lv0zfMhV/9nbnk/eyG+VzquiX53Mvv23YuvHx2Vplz1jzws/fNA6fj88+a879KnZfr3bjydQ75fnSiOfnim+nzAAAANRB6AwAEoTcAoJpNC70lwD3/dLps2WyY/Oaz9rW0q4PoUllwTRBu96F2eN754pv9uVydKaU5kT509Ty91/UZAACgFkJvAIAg9AYAVLN5oXdqhXQvCHljT+9NDpLdauw980V/LIFxd1wqa8mK9J/tmfPJld65FeCKvT9emR212yrNSVCWrBMAAGC5CL0BAILQGwBQTdXQOxX21hJva9IIVjfbvrjV0W6FtS93W4lckBXWbz7ryqYEv9KeXxVt294z532AXCqz9/tQOxduj4fe8UpvOXZzLeNpXqsxSLAt7fvx+3ssmZf22uTq8VU+QwAAcCIQegMABKE3AKCamqH3557es6uZvzgIb9tgNuCD1VLZuPSqZhdsp0PkuEyOJ7QnYbANtvuAuttGpFTW3NuvNp8fevvAvhzMy/1+DPK6D7NTob4LzNN15p8hAADAYgi9AQCC0BsAUM2J2N5EVltnQ+I45J4XeuswOw69k2VBX+aH3p0uWO/PdeG1lbtf1+0Ccd9HW2cxTAcAADg8Qm8AgCD0BgBUQ+i9YOhtr9PbgegwuVAmwXIXTPe64HlQV47qp91CRddRul+VDeZlSrsAAACHQ+gNABCE3gCAak7GF1lKmBvtV336bBv2Lhp6q9XbchwFyKWyXi5kTp//3NPP9nXoVdnxqm8bgvf3f/Fl1bYt8+NbfOwAAACLIvQGAAhCbwBANVX39A6+MHI10qG3kEA3tbp6PPh140jVq+uMw+JSmTcn9I77r8tdqN+V/WzPnPf3n75hX/f3Rc8jWnkeP6v82AEAABZD6A0AEITeAIBq6q70zoW6AAAAOKkIvQEAgtAbAFBNzdBbtvgIthQBAADAiUfoDQAQhN4AgGpKofdtt99hfu8/vB0AAABYnn/8R4mfO8sIvQFg8xB6AwCq2bQvsgQAAMB6Y6U3AEAQegMAqiH0BgAAwCoRegMABKE3AKCa+qG3fJnl35lLP7thPheXnb5hLvyqKfNS10zWtvPms4myitoxnH86UTaXrWvPfDFVtmbO7bxofnPwem//SXNOlT+/mz4PAABA6A0AEITeAIBq6obeLojOBcLyRZdLCYsVqXPlwXfO03vz+iKh92GC/7ntHYKE2vvb6TIJxD/Z+ZI73r5qfrN7bnANAAA4uQi9AQCC0BsAUE3V0HskhP3im++bB06ny8TnXn7fXHj5bLJM6k6XlYP2xUm95f7Giv2/7Vlz/ldRfSr0XuQfBGa3F5TNa+/53RfNm2cmlJ150nzCam8AAKAQegMABKE3AKCaeqF3ISSOtzWJA1cJy5tzEuBKkNuXu+D2QruNiS1LrYyW+yetmNYBubxutxaR/rVhvV05bvsoYwkDdd+3S4MtSVyI7MpaKvx3dco9rr6uTM2LtGGv8+Owc6Lbcfe6kHvB9oKy8LUvz5Fge78hW5h0q7o9Wd3dBt2yInxQDgAATjRCbwCAIPQGAFRTL/SWILYcoKZXertgO78iWZfl2hhvu9OtGFd1q1XkQfCclG9L7g3CfDHYwkSC6LZdG3rrulRZcxys5B7Us0B7bQg+uGfUl8yb+32Ybff3Zk9vAAAwEaE3AEAQegMAqqkaehfD4kzonQhze3HAnAucw7C4SNqTlc9P75nzb7qwW8JlHwRLkNwFzUkzQ2+7YltWVGsq9C4F2ao8CMBT13ql9uw10v/2/MjzypMQ3G9p4gLxbr9vtep7eB8AADiJCL0BAILQGwBQzdqt9F5K6D3edq+5tmnviy/vNX1xrx9Q/UoGyYF8W9kQWm0vEhgLvbswX/47bHN2exG3XcvUedNU6D3Yw1sH4gAAAITeAACH0BsAUE3NL7IcC4zT25u4LTeCVcynz7ZBcBwwZwJnCXonr1p27fnrpc86+B0bw1joPVwlLtenxt2Q0Hts+xY7tve7Pce12e01Y//i0/r66Svkn99RwbYE3QdXzfP2+JzZ716njgEAwElH6A0AEITeAIBqaobeY+FzOvQWEtS2W260XPAch8CJULgNsctBdUiHxXa1s+pzKfSWMt3HQeAs4+/K1VhtuK3vbccg59+84UL4tmzYtpubZJ9mt9fUpdoSw9A84cyTZn/ffYml121nImRLk1wZAAA48Qi9AQCC0BsAUE3V0LuRXn1cjw2tJ27ncTylgn4AAIDjg9AbACAIvQEA1dQOvbvtQ6oHtW4F9KYG3npV+Sr/EQEAAGDZCL0BAILQGwBQTSn0Fr/3j/8IAAAAWJ7b/ij5c2cJoTcAbB5CbwBANfVXegMAAAA9VnoDAAShNwCgGkJvAAAArBKhNwBAEHoDAKrZuND79A1z4Vd/Z84/nSiby9Z13L408kvmzf3XzW/2nzTn7PE5s39w1Tw/uK5x5knzyUFzbUddt31VnX/d7G/7+6T+F82bZ/yx17TTtfmH5vnd9l51btCeLsu2N6Ydr70vM84UaU+335A+T283w45xRj9mSM6pl5rbaE5/s3suvGdlpr1nitrxHfr5HIVj81kaUeMzw+cl6dzOi2FfWp/sfCl5vbNhn7Mqfen/vkjNZfeeOcJnX5f8PJB6j/TvuXBe8td3c3mIuSL0BgAIQm8AQDUnaqX303vzvuhSQu+f3TCfS5VNMbe9Q3O/hIYhgfzSWgi9B2FZe628Vr/M2jCgPZZfjn0bz++210tdtjzqgw7KFmxvmsI4U2zb4VwdOsAT8RiXojC
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d662e19-43e0-48f2-b5db-4c10950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T07:32:41.000Z" ,
"modified" : "2019-08-28T07:32:41.000Z" ,
"first_observed" : "2019-08-28T07:32:41Z" ,
"last_observed" : "2019-08-28T07:32:41Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d662e19-43e0-48f2-b5db-4c10950d210f" ,
"artifact--5d662e19-43e0-48f2-b5db-4c10950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d662e19-43e0-48f2-b5db-4c10950d210f" ,
"name" : "SFX.png" ,
"content_ref" : "artifact--5d662e19-43e0-48f2-b5db-4c10950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d662e19-43e0-48f2-b5db-4c10950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A C L o A A A b 4 C A I A A A A N 77 + + A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A D s M A A A 7 D A c d v q G Q A A P + l S U R B V H h e 7 P 3 P a z P t n f h 7 z r / h Z B L 3 r T z n 2 I z G 9 L i 1 C F Y 9 H T m y C S d S j u b b x j h y p B C M I R y Y + 9 Y J G L k D P Z z F 1 w x k J V W v 5 p g s m q x U d A L G m 16 L 76 Y 3 s / A / 0 W v / C 3 P 9 r q u u q p J k 2 b p v l / U W L 4 x 0 V a l U V j 95 G u e d T 9 X / 5 X / a r w M A A A A A A A A A A G B r k Y s A A A A A A A A A A A C 2 G r k I A A A A A A A A A A B g q 5 G L A A A A A A A A A A A A t h q 5 C A A A A A A A A A A A Y K u R i w A A A A A A A A A A A L Y a u Q g A A A A A A A A A A G C r k Y s A A A A A A A A A A A C 2 G r k I A A A A A A A A A A B g q 5 G L A A A A A A A A A A A A t h q 5 C A A A A A A A A A A A Y K u R i w A A A A A A A A A A A L Y a u Q g A A A A A A A A A A G C r k Y s A o H r 2 / 28 H B 39 / C A A A A A D Y q P r B 3 w d / j g E A 8 F G R i w C g e n 71 q //1l53/9X/5ZRcAAAAAsDn/7b/9E8UIALAlyEUAUD3/z//2T9/9z//33do+AAAAAGBz/pdf/urg/3EY/EUGAMCHRC4CgOohFwEAAADAV0AuAgBsD3IRAFQPuQgAAAAAvgJyEQBge5CLAKB6yEUAAAAA8BWQiwAA24NcBADVQy4CAAAAgK+AXAQA2B7kIgCoHnIRAAAAAHwF5CIAwPYgFwFA9ZCLAAAAAOArIBcBALYHuQgAqodcBAAAAABfAbkIALA9yEUAUD3kIgAAAAD4CshFAIDtQS4CgOohFwEAAADAV0AuAgBsD3IRAFRPPhf9X//uf/rh330HAAAAAFjFj2t7/p9UZchFAIDtQS4CgOrJ56If/N1PdnY/AQAAAABW8aNP/7P/J1UZchEAYHuQiwCgeshFAAAAAPAa5CIAAALkIgConlflon/851/9x7/+vX353R/+/eI//of0p9+m+xT77Yn3xgVecswSv/7XX/3h5+HiKw1+lwwyK+3xl/+attOV3A4AAAAAPipyEQAAAXIRAFTP+rnoH//5V//2z9+lK789MS9//t2vf+6tl/ntyX/8+9E/BouBlx4z8POjf5OdSTUn/VniQ1V8Un7xJ7Guq5VcP/m1e2PgH/6U/Mt/jv9Bv/z99F/+a9rWP92K3Dr43X8l/9Qu2gEAAADAB0YuAgAgQC4CgOpZNxf9/OjfgvEgl3asX/+rjTSWnEbyVsLglPfyY/oKjl9wwF/94eff/eHfy1vRp/b4d38a/87kotY//aeJQO1k/uVPLf3kd7+XK//wp+R3vy/YAQAAAMBHRi4CACBALgKA6lkzF/3jP//KvzqcrDhmZEdd+c2M9egnckVGnf9xIVPNb/3L0P39n0pKj7DuMX1//6fgKna5XKQPGy56Wv+UqMkhk4vMVeZkGfrT+Iu+4py8El3yT78ff9EzRvkdAAAAAHxg5CIAAALkIgConjVzUcENgbwSE8Sk7IqfiBaP9ax3zJDOTmbP37qL0bnzzyUl3z/8aSqvLxfkot9P/0V2IHuDovb4y39Of/efc3X1uaIdAAAAAHxg5CIAAALkIgCono3kovzW1+eilY9ZyH5QbrpIHOTf/vmo5O1ybGj+L44eHvrPRE0Rqa2yBqVXn/v0++mXP33J7ZA9JgAAAIAPhlwEAECAXAQA1bP+xeiC7hJMAgVXhytJO8syzzrH9Pz8O7v43R/+XdWmMBeZNxb8Olluumi3nSRq3kjfqUhtkkNFajc1VJTbAQAAAMCHRi4CACBALgKA6lkzFxUUmmyJ8e48JMd6CtPO0kjz4mPa2xrl9rd3J8oc8Ls//Lu7DN3CS9L5uUj1ITVs5CaHfj+1E0i6G+V2AAAAAPCBkYsAAAiQiwCgetbORbLWBOM+L/Pbk/8oHAkCAAAAgCohFwEAECAXAUD1rJ+LBFmM1ko+r01NAAAAAPBekIsAAAiQiwCgevK56IcyF9UAAAAAAKv4UW3P/5OqDLkIALA9yEUAUD2vmi4CAAAAgK3HdBEAAAFyEQBUD7kIAAAAAF6DXAQAQIBcBADVs7lc9N0f/v3iP/6H9KffBpte4Nf/+qs//DxcfKnWP/3n/He/ty/b4y//NW2nW5dq/UM7WBn8LhlkV74t8Qsm/xSe5Ape/FUI7//b0PyzWuv7+chfju+r/cNTkS8n83t9w/9k8U+O731+OQtOg38n587h9f/J+jhfjrDgH2n+nZw/MYd/7eS5E+PLWWDdL+elyEUAAATIRQBQPRvLRb89+bd//k4++fl3v/65evJSPz/6N5maVHb696N//O2Jjk/Kya91jvrXv5d7yk1iJXcE5cV/Iv7Dn5Ivf2rp5+1k/i//lXz5T/HT/C2tVqbt30/Fetlh/SNslPigf/nP8T/I3/Glf+qvJPhF3ue3Ib+E/0pPSZLno89KL36N7+fd/qNS8P3oRflPjnjOl+N9OeJ85Ncy+J05q2/zn6z3/E+O5/1+OcKmv5+y05Bf2tb/O7ngHMTzr/6frPf55Qjhicnz0Welz5MvJ3NiWVv972RNfJD9f9/BPzxb/e9kLfPlZFY29eWEyEUAAATIRQBQPZvPRZ5f/6sKP/blP/7zr/yXAbE1c4TiA/7qDz//7g//XtqK5B+K6VxRMfE35Nz/I7bwLQWLv5+W/em79EPln6/5v6vNH/zmpfwL3Pz3ayV/4rbHv/vT+Hfpn8HhL7KWzEHKfpGv/G0s/ir+oS0+1/8vAtLn4o3qrN7q+wmPUPirvasvR8h9P/4/OeLlR/5yhBf9wyN21p9oP/qrfjlCuP6KL0co+H5e8eVYYmf9u7zVlyNkDvL6L0dY+v288stJ+afBv5MD9hy+7X+y3umXYz5LfxXypXijOquP/OUIK34/3me5f+eI51/1yxHC9Vd8OULB9/PSL6fg/33LdfUPz6/f6MsRMgd5/ZcjLP1+3vrLCVb0d/UmX85C5CIAAALkIgCono3kIpmFzBiQvZScGRXST371//7//EpslfnntydmQqjA3//Jv5BdUS7Shy1Yt9K/pQ35x6f+g1Nvlf8bSfHXqfgrVP0dq1c076/W9viL//enUvKnb8kRPOKN6o9Vuac+gvojef4v8lIeA/tnrdq06AohrX9KxJ7p/tlfZAWZr0IIDlL+i3zVb+O/95d/FYJ4u9tqLooiT+lP4y/yefCruXeVW/LluJXcr/YevxxBHMHt4P+TozeZE1j3H578EUp+ta/65YgPsptW/4dH7pn80+/deerT+CpfjpD7ftb+coTg+3mDL8d8w/KlfKL+8XvdlyPo38UdpPxXW/XLEcoPYr3RlyN5p8G/k0PpOcidX/efrI/272R3Ym/x/7CED/Xv5PTE1BHcv3PMEb7SlyPkvp+1vxwh+H7W+nKC//cd/MPzJferreDj/Ds5+HKCleD3cu96a+QiAAAC5CIAqJ6vNF30j//8K/8ORt7Lv/9T+YCRoMuT3FlecS6boKRsUsrx/27ML4q/Hu2fnd7/KLKdZP6aNX+1BscRf2Crv9ILBUcoZT/U/p3sNhWdYdY//GmqPsL9GVzwi6zA/34KDpL/Rb76t7H8q1D8req/QDGnpP/LlPW+nyVfjvCt/1FZ8csR0h2y/+RkNr3kyxGWHOFbfznCy//hkf/91/R38r9U0itf6csRCr6fN/lyBPW5b/DlhHu+/ssRCg7y+i9HeNE/POt+OZnT4N/JIf8c3uY/WUu+HCH41d7tl+Od2Fv9Pyyh6NPf0ZcjrPT9eCeW3+0rfTlCwffzJl+OoD53jS8n9/++g394vrz6yxEKvp/XfznCi/7heYsvJ1hZ+5+cFyIXAQAQIBcBQPV8pVykrhqXbl09FynqcnNF00XqgnVHC47g/w2cX1z1vzWQfj91/2tE+XfyK/4qbif6f2Ip/tJOfqc+VBww+J86mj/F0wuwZMn/faU9iDzOf+9/rf+OwPiK38aSr8Lw/xsE8Usl5n/0Kr4oeW7r/dcES74c4Zv/o7LalyPY8w//yRG/4HpfjlD9/xwZ7vzzv8j
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d662e31-6270-4c87-887e-8b0c950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T07:33:05.000Z" ,
"modified" : "2019-08-28T07:33:05.000Z" ,
"first_observed" : "2019-08-28T07:33:05Z" ,
"last_observed" : "2019-08-28T07:33:05Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d662e31-6270-4c87-887e-8b0c950d210f" ,
"artifact--5d662e31-6270-4c87-887e-8b0c950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d662e31-6270-4c87-887e-8b0c950d210f" ,
"name" : "CMD.PNG" ,
"content_ref" : "artifact--5d662e31-6270-4c87-887e-8b0c950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d662e31-6270-4c87-887e-8b0c950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A B O 8 A A A F q C A Y A A A B C o 37 k A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A D s M A A A 7 D A c d v q G Q A A F n I S U R B V H h e 7 d 3 P j x 5 H n t 95 n Q x j D Q x 8 m I N h G O i L d / W j V z B p i T N a U d w S W V Q P V 1 N s q d l s a t j k U t X j H Z m L I d 2 E x G q q l 7 a w 0 2 z J F N a a p 0 v z o 0 U P v J o Z Q G J R Y 4 x m B b t h w L P a c g u G 9 s j T n v v C M / + E 2 P j G r 4 y I j M g n n 6 q s Z D 5 V 78 M L r I y M j I i M z K p 66 s P I 53 n s v 33 i m w o A A A A Y 0 u r v f 6 B W r 3 x Q 3 A c A A I D + C O 8 A A A A w O M I 7 A A C A Y R D e A Q A A Y H C E d w A A A M M g v A M A A M D g C O 8 A A A C G Q X g H A A C A w R H e A Q A A D I P w D g A A A I M j v A M A A B g G 4 R 0 A A A A G R 3 g H A A A w D M I 7 A A A A D I 7 w D g A A Y B i E d w A A A B g c 4 R 0 A A M A w C O 8 A A A A w O M I 7 A A C A Y R D e A Q A A Y H C E d w A A A M M g v A M A A M D g C O 8 A A A C G Q X g H A A C A w R H e A Q A A D I P w D g A A A I M j v A M A A B g G 4 R 0 A A A A G R 3 g H A A A w D M I 7 A A A A D I 7 w D g A A Y B i E d w A A A B g c 4 R 0 A A M A w C O 8 A A A A w O M I 7 A A C A Y R D e A Q A A Y H C E d w A A A M M g v A M A A M D g C O 8 A A A C G Q X g H A A C A w R H e A Q A A D I P w D g A A A I M j v A M A A B g G 4 R 0 A A A A G R 3 g H A A A w D M I 7 A A A A D I 7 w D g A A Y B i E d w A A A B g c 4 R 0 A A M A w C O 8 A A A A w O M I 7 A A C A Y R D e A Q A A Y H C E d w A A A M M g v A M A A M D g C O 8 A A A C G Q X g H A A C A w R H e A Q A A D I P w D g A A A I M j v A M A A B g G 4 R 0 A A A A G R 3 g H A A A w D M I 7 A A A A D I 7 w D g A A Y B i E d w A A A B g c 4 R 0 A A M A w C O 8 A A A A w O M I 7 A A C A Y R D e A Q A A Y H C E d w A A A M M g v A M A A M D g C O 8 A A A C G Q X g H A A C A w R H e A Q A A D I P w D g A A A I M j v A M A A B g G 4 R 0 A A A A G R 3 g H A A A w D M I 7 A A A A D I 7 w D g A A Y B i E d w A A A B g c 4 R 0 A A M A w C O + c J w / 9 p n r u z G U A A A A M Y O 1 //yvCOwAAgAEQ3jkv/6tP1ZnZtvr2u18AAABgl159/z+pbz57rPi6CwAAAP0R3jmv/Ov/qH7z1d8r7gMAAAAAAAAeBcI7h/AOAAAAAAAAU0N45xDeAQAAAAAAYGoI7xzCOwAAAAAAAEwN4Z1DeAcAAAAAAICpIbxzCO8AAAAAAAAwNYR3DuEdAAAAAAAApobwziG8AwAAAAAAwNQQ3jmEdwAAAAAAAJgawjuH8A4AAAAAAABTQ3jnEN4BAAAAAABgagjvHMI7AAAAAAAATA3hnUN4BwAAAAAAgKkhvHMI7wAAAAAAADA1hHcO4R0AAAAAAACmhvDOIbwDAAAAAADA1BDeOYR3AAAAAAAAmBrCO4fwDgAAAAAAAFNDeOcQ3gEAAAAAAGBqCO8cwjsAAAAAAABMDeGdQ3gHAAAAAACAqSG8cwjvAAAAAAAAMDWEdw7hHQAAAAAAAKaG8M4hvAMAAAAAAMDUEN45hHcAAAAAAACYGsI7h/AOAAAAAAAAU0N45xDeAQAAAAAAYGoI7xzCOwAAAAAAAEwN4Z1DeAcAAAAAAICpIbxzCO8AAAAAAAAwNY/9T7+zqrCqvv8nf6teffNHxX0AAABoK724BAAAwLAeu/5HP1D4gfrnd/+r+hd/9n8U9wEAACD1k7u/r85efrn4AhMAAADD4bFZh8dmAQAA+nt944y69KMzxX0AAAAYDuGdQ3gHAADQH+EdAADAOAjvHMI7AACA/gjvAAAAxkF45xDeAQAA9Ed4BwAAMA7CO4fwDgAAoD/COwAAgHEQ3jmEdwAAAP0R3gEAAIyD8M4hvAMAAOiP8A4AAGAchHcO4R0AAEB/hHcAAADjILxzCO8AAAD6I7wDAAAYB+GdQ3gHAAAw37U/fF19+J831J/8PzeMP/rbDXXt31wq1gUAAMDuEd45hHcAAADzXbr+HfVHX/5IffTVj40//r9vqP/5rVeLdQEAALB7hHcO4R0AAEA/suIuhHf661IdAAAADIPwziG8AwAA6OfCtVfUn26/rf70v9xQ37/GqjsAAIC9RHjnEN4BAAD096f/5W31821W3QEAAOw1wjtn6PDuv3vyv1dP/5PDAAAA+9Lv/K/fNkr7AAAADopSJjQ0wjtn6PDuxeMn1G+f/rb61qmXAQAAAAAAsM+88sp31OF/+mwxFxoS4Z0zdHh38uS31NOHnlX/6Bv/GAAAAAAAAPvM/3D0f1RHfuO5Yi40JMI7h/AOAAAAAAAAfRHejYzwDgAAAAAAAH0R3o2M8A4AAAAAAAB9Ed6NjPAOAAAAAAAAfRHejYzwDgAAAAAAAH0R3o2M8A4AAAAAAAB9Ed6NjPAOAAAAAAAAfRHejYzwDgAAAAAAAH0R3o2M8A4AAAAAAAB9Ed6NjPAOAAAAAAAAfRHejYzwDgAAAAAAAH0R3o2M8A4AAAAAAAB9Ed6NjPCu7aWNq+rehfK+pfbah+r0tdVW+ePXPlPnfvFL6/al1v5edNsnX8vKjq2qx+Ptkcj5tMZy0JSux17Q/XTdM3ItqvfcTu+1RfkxzhlrJ33szr93VtXzH3+mnj9W2qeVrtUUvneGmDcAAAAA+xLh3cgI79rGCe/m/EE/1yV10ocGhmtL/tBOyn+p/xiXvvTX+g9wGzbE/ep2Pn7bBQWr6nFdd9HQ4PBt27b/N4xNn99p+XfkP/yTAOIAal+Pcr2UvUdsQOXulz7XrhrsNO3lQZ2My/Qjx4Z7bw/pfkx/x95Wp01/437vHL4tx0g7H6rDyTxP/HunNW9pXQAAAAAHF+HdyCYb3q18R7372XfUs/qP3Te/el29HO17efPH6iOzL6q/oMuzm+rB1hn1Uih7Vr2/dVN9vfHsnoR35o/zX8gf777M/zGf1vMWCl78H9m18s4/vuMAYgek7TBOCR7icEN0n+dcJlDJ2kxCGN92E4oc6PBu7vUoe/zah+p5zd5Heg7lmKSthrk3/T0j10fqmOsUXefs2MO3/b78mu3i3ujJhmd23K37YoTvHTO3PrzT7YYxzL1Wj/Z7p3PeAAAAABxohHcjm2J49+yNKzacu/i6+kiCOwnyNm2o8OZXP1ZvXtT1pEzv+x1fNzr23Rtd/a+qe9s3bTi3ckZ9vb2uLpuyq+r9Fbvq7oHff2Fdf23Lk6+L7dbYP4ztH7/uD/Tv6j+go9U9zeojW9eu+NHbtWAhIcfkf/SL+I9z+wd4Kww0f9w34zB9xX/wl/74z+k69txs0PB8FpxJGBDOYaG23VyYMduvfbhg5sscr8/PBCB/EIIPs9/PX7HdZdXMQXm/U7seXXOv5/Cku/ZJ+0m4JOSecnMr+2T+TVv+OkUBVHasD4Lka38ND8f3RlX/847v77i/Omm7VG+H3zuh3LUZvvb96HbjsE/vL14rt5/vHQAAAABTRXg3sqmGdyagu/i6DeJceJcHc3775c0r6pIJ1VbVm/NW5F1YN6vr/LZZZffOerLSTlblNds27EtX6S3CBh7t8CH7Q96ohQkd5A/wVjuV1TLmj/Y8iCiNw465CRU7uAAi9Oe2Q4DQOveebbeCI0sCBt+PaVfqffSXybke6JVC1eshSnOvr9Ntt+3n1O/Lr0G231yLt/U9FdWJAycZg3xt/tX3tR+HqXNbt9W6F3dBjy1uq1d4tyffO668cI+He9eXuWvTvlZ87wAAAACYNsK7kS1beGfKfV2/P/o32V9iVtDdDEqPyabhnXvEdhb/Eb04+cPZ/PEfVvSU/vCXP9qbFT99tAIBUfnj3UuPKQcQ8kd8r2BFgoCPm8CmNJ7mkUm/3aNtHzBk5aUA4tsff5H0eaADiDnXI5972W/vy0aY9/w+0m236klZVie+br7/EKZlbfZbIddDNo4+7Zbu1SG+d0T7Htd19bafbz93fO8AAAAAWEaEdyNbpvBOtj8yj8/aevLedzask8dpr6h3P0vfG69IHpXNgzgJ9EKZfe+7EN65lXo7fx889/5hbrv541hW0eRB3aLhXam+lOXBRToG+SO++eO+EEC
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d662e67-6cf4-49aa-9ec0-8b0c950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T07:33:59.000Z" ,
"modified" : "2019-08-28T07:33:59.000Z" ,
"first_observed" : "2019-08-28T07:33:59Z" ,
"last_observed" : "2019-08-28T07:33:59Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d662e67-6cf4-49aa-9ec0-8b0c950d210f" ,
"artifact--5d662e67-6cf4-49aa-9ec0-8b0c950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d662e67-6cf4-49aa-9ec0-8b0c950d210f" ,
"name" : "command.PNG" ,
"content_ref" : "artifact--5d662e67-6cf4-49aa-9ec0-8b0c950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d662e67-6cf4-49aa-9ec0-8b0c950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A B P Q A A A H J C A Y A A A A C Z W e 7 A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A D s M A A A 7 D A c d v q G Q A A F + d S U R B V H h e 7 d 3 v z y X X Y R 92 v 0 p S J A h c w D X S x I D R Q I U t C w Z p U a L E i J v 17 n I p 0 1 n V F H 8 s w 65 X W s a I S K Z c l b K y W U t s 0 C K y L V K A u 0 u q L 2 w 3 g P w m 7 K 70 Q r A N C E 2 B C g v x x b 6 N U e R N + 0 Z v 9 r X + h O m c + X X P z J w 598 d z 7 z z 3 u f f z 4 g P e O 2 f m n D N n 5 j 7 a 89 W Z e 3 / u v / 3 V T x Q A A A A A w N k g 0 A M A A A C A M 0 S g B w A A A A B n i E A P A A A A A M 4 Q g R 4 A A A A A n C E C P Q A A A A A 4 Q w R 6 A A A A A H C G C P Q A A A A A 4 A w R 6 A E A A A D A G S L Q A w A A A I A z R K A H A A A A A G e I Q A 8 A A A A A z h C B H g A A A A C c I Q I 9 A A A A A D h D B H o A A A A A c I Y I 9 G C J p 58 + B w A A A K w g N a 9 m + w R 6 k B H + G L 3 w 4 s v F h U v P A g A A A B k v v v R y 8 b m n n 0 7 O r 9 k u g R 5 k h E A v / F H 65 X / 8 q w A A A E D G x X L + L N C b h 0 A P M g R 6 A A A A s B q B 3 n w E e p A h 0 A M A A I D V C P T m I 9 C D D I E e A A A A r E a g N x + B H m Q I 9 A A A A G A 1 A r 35 C P Q g Q 6 A H A A A A q x H o z U e g B x k C P Q A A A F i N Q G 8 + A j 3 I E O g B A A D A a g R 68 x H o Q Y Z A D w A A A F Y j 0 J u P Q A 8 y B H o A A A C w G o H e f A R 6 k C H Q A w A A g N U I 9 O Y j 0 I M M g R 4 A A A C s R q A 3 H 4 E e Z A j 0 A A A A Y D U C v f k I 9 C B j W a D 3 X //yfwMAAAAHITXvXYdAbz4CPcgQ6AEAAHAsUvPedQj05iPQgwyBHgAAAMciNe9dh0BvPgI9yDjEQO+xd39SXP1R43u3i48l9gEAAOD4pOa96xDozUegBxkHF+i98n4vxPvY298vLr0y2GdrLhRPfa8ODq+8fWFQdr241IaKo/JNy6bbC+fZHtNanPem7QEAAByW1Lx3HQK9+Qj0IOPQAr0QbM0VSj327veLp86l2wyrBBeBWgji6n1PVjbdXu68N20PAADg0KTmvesQ6M1HoAcZxxTohbJ2JdrVH71fPFZtDyvUvl889crt4kpbtuZjuuM2Q51t/aWwarBb/bZpWbOtlDrHfjAXO3l7AAAAhyI1712HQG8+Aj3I2HmgN1tIFMKpNqxrvHu9K6/CvOh91a8quGuO60K8sEptKhxLGwVs524XV9r6wusQmoX2QvublrV1l6YCvfjcu/KTthfex/UBAACcYal57zoEevMR6EHG6azQS4RvXWiUK0vV1ZcKu+o6px4lHZeFcGydAGvUZheKRY+wtuHZpmW59qpt70fnEIWSW2gPAADgUKTmvesQ6M1HoAcZR/HIbQipwuqzeFtnHOilQ8Fpo/2bUOyp+DHYNjzbtKytu7RK/8I+22oPAADgUKTmvesQ6M1HoAcZx/Edeuut0DtxoFfV+ZNeMLbYZ9Oytu7V+hf2qes5eXsAAACHIjXvXYdAbz4CPciYI9B77O35HuGcCqSq75iLgqsQZj1WrUoLodayQO9C8dS70+eQajNsW7TXb2PTslaqvfYXcOv30SO3zf6bt5c/dwAAgLMkNe9dh0BvPgI9yDicH8WopcKuWh1y9b6b73shqBqHWKM6lpxDus1+e90jrScqq43bu1489m7dx04X0gUnaG/m6wcAALBLqXnvOgR68xHoQcYcK/T6q8AAAADgdKTmvesQ6M1HoAcZuw/0rheXqpVwqTIAAACYT2reuw6B3nwEepCx60DvY2/fnvh1WQAAAJhXat67DoHefAR6kDHHI7cAAACwD1Lz3nUI9OYj0IMMgR4AAADHIjXvXYdAbz4CPcgQ6AEAAHAsUvPedQj05iPQg4zjCvQuFE997yfFlbcvJMoAAAA4dKl57zoEevMR6EGGQA8AAIBjkZr3rkOgNx+BHmR45BYAAIBjkZr3rkOgNx+BHmQcVqBXr8C7+qNabyXeK+932y+9Eh1z7nZx5UfvF49F5Vffvb4oBwAA4GCk5r3rEOjNR6AHGTsP9JqgbPePudZh3iKsG76f2FYFenGIl3gsd7ZzAAAAYJdS8951CPTmI9CDjNNZoXe9uNSuhovUgVmuLFVXIwRz37tdfCzeFoK43mq7qUDv/eKxbp9SOG5YFwAAAGdeat67DoHefAR6kHEwj9zGj8zGNgn0UtsAAAA481Lz3nUI9OYj0IOMgwn0Uiv0RqzQAwAAOGapee86BHrzEehBxhyB3mNvzxGOJcK6kalAr7/tsXeHj/iWx70r4AMAADjrUvPedQj05iPQg4zD+VGMYPz9e227H3v7+73tV9tVec0KvUvvRmWp7+Irt89zDgAAAOxKat67DoHefAR6kDHHCr0qTOt9l90e8X15AAAARyM1712HQG8+Aj3I2H2gd724tM/fRyfQAwAAOBqpee86BHrzEehBxq4DvY+9fXu/wzKBHgAAwNFIzXvXIdCbj0APMuZ45BYAAAD2QWreuw6B3nwEepAh0AMAAOBYpOa96xDozUegBxkCPQAAAI5Fat67DoHefAR6kDFfoHe9uPSj7xdPnetvf+zdnxRXf9Q44Y9nhLouvZIuO0TxrwfH45gegwvFU9/7SXHl7QuJMgAAgOOQmveuQ6A3H4EeZMwS6FU/PBHCvAvFx+JA75X3eyFeCKg2D+RC3SE03CC0qvoXBYuTodh+CePVP9c6tNufQO+Txbv33ike3vrkaNujB8PtAAAAu5ea965DoDcfgR5k7D7QS6/MC8aB1DbUod7qgVwqBAt17P8v364X6M3v4q2bxcN7pSi4+8qdm8W755sygR4AADCz1Lx3HQK9+Qj0IGPXgV78WGiqbCrQq47rVsy14VoTDr4SrahLPaY7WPmXFVbnZfetQ7K2L21/q76/+37Tj/eLp9r+lueaK6vqHK4I7MZn2fnVYWV93PeLS++uGOiF8WiOGweXufbS576S818sHt65OBncCfQAAIDTkJr3rkOgNx+BHmTsOtBLf69dHEw1otBvFAJ2AV1zXBc6Ta1IC9vTqwJHQt1xWz11/Ysga9Fe1cemH+Ec631C/94vnsyUhWDysXfj1X/xOeTOb3hO9b4rBXqTZcvai/fP1T0UHqv9cvGV8rVADwAA2Cepee86BHrzEehBxm4DvRACTQdr1Uq20aqvEDJNHTMuWwRm8X5TQWJCLtBLrfRrtv161PdFW6F/daA3VZZ6jHcxDpnzS6wkHI9fLnRLla3XXj78XAhh3b1ri9cCPQAAYF+k5r3rEOjNR6AHGbsN9MaBUSwZ6FWPo059f924vnQoGAVTg+0jywK9YVkTdJ0o0Bs+ctuttMucX6Ivuwj0eu0N+lhZFuiFR20f1D960XPvi8XFaD+BHgAAcBpS8951CPTmI9CDjN2v0JsKmKbCuHHIlCvLBXpT7fbkAsQQam17hV6ivcU5LAnYBn0JdffPfYuBXhNc9s59Fec/uVJwJ9ADAABOQ2reuw6B3nwEepAxx49i9EOn5WUhqOqvBLtePNaFYqsEek141ts2bdReCLOq96GefgjWhmhxu8PQLhvojYK5Omir98+d37Av9fu2nbiufmiXK8u1l6trdQI9AABgn6TmvesQ6M1HoAcZuw70civgpgK9NkzqPepZhWC5AKq/bemjoT3D9so2XrlQh25V/6Oypt643bUCvWZb3Nbi12qXnF/vMdjm13Or/iTGq9SGcdV49Mra67FsPEN5fNwwQFxOoAcAAOyT1Lx3HQK9+Qj0IGPngV6pCpQ2eXxzE1XotfrqPAAAAI5Hat67DoHefAR6kDFHoBdUq9J2HOrVK9GEeQAAAKSl5r3rEOjNR6AHGXMFepVX3j/xd7JNu15cWusxWwAAAI5Nat67DoHefAR6kDFroAcAAACnKDXvXYdAbz4CPcgQ6AEAAHAsUvPedQj05iPQgwyBHgAAAMciNe9dh0BvPgI9yBDobU/1oxzN9/hVPwLyo1r6ewMvFE997yfFlbcvJMp26WJx78HN4t3z9fuv3HmnuHdtuA8AAMBhSs171yHQm49ADzL2MtA7d7u
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d663374-e3bc-43ae-a0e3-4517950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T07:55:32.000Z" ,
"modified" : "2019-08-28T07:55:32.000Z" ,
"first_observed" : "2019-08-28T07:55:32Z" ,
"last_observed" : "2019-08-28T07:55:32Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d663374-e3bc-43ae-a0e3-4517950d210f" ,
"artifact--5d663374-e3bc-43ae-a0e3-4517950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d663374-e3bc-43ae-a0e3-4517950d210f" ,
"name" : "cyber-.PNG" ,
"content_ref" : "artifact--5d663374-e3bc-43ae-a0e3-4517950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d663374-e3bc-43ae-a0e3-4517950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A B j M A A A N g C A Y A A A B p 5 p q t A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A D s M A A A 7 D A c d v q G Q A A P + l S U R B V H h e 7 P 3 Z d x R X n u / 99 / W v L W a E G I U Q o t t l Y 4 O N b c C M Y p 5 H M Y p B T A I E N t h 4 x G A M Z r C Z b L e H r u q q a n d 1 P e 62 T 5 / u p 46 r T j 91 X G v 1 / a m L x z e n 1 n r + B 3 s t / w f 7 l 9 + d G U l E 5 C e l T C k i x / f F a 6 H c O y I y y Y y I h O 9 H e + + / + v 91 P e 9 S M W d k / j p R L 6 D W / c 1 C A A A A A A A A A E i O q k O i x q h 6 v p Z 8 m J E 56 E i p F z o 86 s 1 B V a m b C g A A A A A A A E o y c V 63 O / b u 37 l L n / x r 3 v V //J/u/X/6fxJhxwof256r9ZlV8rUAdUvVLVFlqr4flWyYkTngSKgXWD71RqAq1I0CAAAAAAAAw7b31Tvu9m+/q6jTN38hXwvQUFR9E1Wi6v5JhRmZA42UenHlU39xVIS6AQAAAAAAACBR/Td+4QOGlYcvuqc2HXbLD77sfrZ2vxd+PG3hRte+ZKt7dlufm/r8+mGZt/mwf67rv/6DfC1Aw1N1UFRIYf1/5GFG5iAjoV5U+dRfFqlRFzYAAAAAAABS9+rDr3zA8OzWYz5ksJ/P3v6lm/TM6kEfq2MNpeXxxX5/o/pLsu3X7n//+L9cn+oD6pGqlyJFj3KA4YcZmZ1HKvxChkf95ZA4ddECAAAAAACg4i59/C8+XLCRGUHQYJ7ZenTQx+pYpRjp/oQZaHiqnooUDDfMyOw4EoWhRLnUXwaJURclAAAAAAAAqu7Cvd/4cKGre7cfcWE/7754y417ekX+8Y7z193oJ5ZE+tWxSnHtl9+WEWZcdV//+JP7wfs/7va2TFsuzPj626D9J/f1K0Ps49v+l7v96f+JtRejjhFvDwcqh93t/zez3af/K9f3k/vfnx52f/1K7HF+e6AMqt6KRJQXZswZOR1OlEr/JTBC6qIDAAAAAABAzQlGZqw6cskt7jmTOnuu0sIMCwhCQYUFA//vr91CH2aEwoGgfbB9ghAi2M6HDMVGdxQ7xkLX9+3gz/vDt1ezfbnXGH3MaBIkRNVjMSylhxlzRkaHE+XQfwEMg7qoAAAAAAAAUPOCMKPS1GuJKBYAxNvDj4uGBtkw49EIjtxICjU6Y9BjhNvtcXCM+PHij8PbAglT9VqUZOgwY87I6XCiVPqFo0zqwgEAAAAAAEBdCcKMtz7/7+6NT/9b6soKM/IjH2Ltg4UZah8RJtgoi+j0VDmlPm8ksCDMQI1QdVwUNXiYMWfkdEBRKv2iUSJ1gQAAAAAAAKBuBWHG1OfXy/44WzvDFgvf99qHbtu5d90Lu/tdy+OL5bZKWWGGGiERbw8/LrZPQZgQDxtCBj1GuD18TMIM1CBV30WEDjPmjJwOJ0qlXyxKoC4EAAAAAAAANIQgzJi1fLvsD5v0zGp34d4/5wOJwIn3Pndj5i6T+8SVvgC4BQKh0RNByDBYmFFsHx8mhNawiKx3EVfsGEOtmUGYgRqm6r4QYcackdMBRan0C8Ug1AkPAAAAAACAhlNOmLHlzBW/7c3f/NEdufyRDzHsZ2tbsm9A7hNXephhciGElwsDBg0ziuyTCxO+/vb/xNrV/sH28WPE28P7EGagjqh6cJOKhhlzRkaHE6XSLxBFqBMbAAAAAAAADa2caaZseqkrv/i/3bPbj+fbDrxxz++/++KtyLbF2LalhxlJIUwAJFUnbiKPwow5I6MDilLpF4cYdQIDAAAAAACgaZQzMkOxEMP233H+uuyPK29kRlIIM4Ahqfpxg/srFUyUQ4cT5dAvDDnqRAUAAAAAAEBTGkmY8bO1+/PTTNlC4GqbuOqEGQDKourKDWhEYYYOJ0qlXxAy1AkJAAAAAACAplfONFNhc7p3u4EPfu33PfjmfTfu6eVyuzjbnjADqCOq3twghhVm6HCiHPrFND118gHIWQQAAAAAQNN7FGZskP3F7HvtQ7/f5Z//u5v83Dq5jfIozND91aXqBwA8VX+uc2WHGTqcKId+IU1NnWxAQ1P/AAEAAAAAAEN5NM3UDtmvtDz+orv+6z/4/Z7Z2ie3KebRNFO6v/6oOgXQwFQ9uk6VHGboYKIc+gU0NXVyARWhvswBAAAAAECtG87IjNFPLHFvff7f/b7ljMow9lyNFWZUm6rTABWg6tN1ZsgwQwcT5dJP3pTUiQQMm/pSBAAAAAAAtaLlyRVuwtLdbsrWs2767lfcYz9bKrcr1XCnmbKRHH/T3SP7BkOYUStUXQgYJlW3rgODhhk6mCiHftKmpE4aIEJ9UQEAAAAAgHoy+pm1buKKA276rouu88RNN+fcR17X2fu+T+1TjuGEGWPmLncDH/yje/3vvnbTFm6S2xRDmFHPVP0JCFF17BomwwwdTJRDP1lTUicJmpT6UgEAAAAAAPXqsb9d7MY+v8lNWnPEzdj3hus6cy8XXDzI/PkwJ/N44CM3/sVd8hjlGk6Y8ber9+VDiRd298ttiiHMaGSqfoWmpOraNaggzNDhRDn0EzUddVKgSagvBwAAAAAA0AgswJiy5bSbeeRdN2fAQovsqIuuUHgR1nX2npu8+bQ81nCcvfPLssOM0U8sdfte+9DtefWO/1lto9hzEGY0I1XvQlNQde4aEgkzdDhRKv0ETUedBGhA6kYPAAAAAACawbTdr8jgIq7r9F03s/cdH4Co4wzH8Xc/8+HCpY/+xZ2++Yu8A2/c94FFEg699dAf841P/5t/LpueSr0WNCNVJ0PDUXXvGpAPM3RAUSp98KaiPnQ0AHXTBgAAAAAAzeyxJ5e52ac/zE0npYOM2afvutkn7/ht1TGG68n1B93N3/wxP2IibfZcz24/Ll8L8Iiqq6HuqTp4FfkwQwcUpdAHbSrqQ0adUTdgAAAAAACA4sYv7fFrYaggo+vsQz/11JgFpU8FVQ5bxPtnaw+4Z7b2ucU9Z1Nhx7bnKHfBcKCQqsehrqi6eBX8lQ4pSqEP2BTUB4oap26kAAAAAAAAw9dx5N38ot8RAw/cxBX75D4AwlQdDzVN1csrZBhhhj5Q01AfIGqMujECAAAAAAAkq/3gZdc1EF07o+vMfTd1x0tyewClUPU+1BRVN6+AMsMMfZCmoD401AB1wwMAAAAAAEhXy9wVrvPkHTdt58v5QMPW0Eh6wW8ARtUFUXWqjp6iMsIMfYCGpz4kVIm6kQEAAAAAAFTe2Oc2+gBj1NyVruPwu/7n2afu+Mdq+6aw7Jrr//hr1//Vf7nL5uNrbkaub/6VXJu5cia63+7P8n09u0Ptdrwrn7kesV/4eP1ndvq2GWe+zrfln7vYsdEAVP0QVaHq6ikoIczQOzY89aGggtQNCgAAAAAAoDZMWL7Hze7/wP88+tn1fsHvsc83+WLZPswIAoydbtXHX7tVyzI/W6AQCyLCwcL8K7ntMj/PWJYNJjw73lefufn57XL7xY5nIUbPmfBzZ9ss5Ch6bDQoVWdExag6e4KGCDP0Tg1NfQioAHXzAQAAAAAAqE2T1h51HUeu5R+Pfnp1pL8p+ZEU4dAiGyT4sCE8KmL3Z/nRFJ4PLaKjLPLt4VEcuf0iIzCC/WxESHjfQLFjo0moOiRSp+ruCRgkzNA7NDT1xiMl6uaCuva3AAAAAAA0jynbzroZ+16XfU1reS58yD32YcbyzM/BSIp8e26ERe5xnu1voyvCj21kRu5xeGSGDyaC7YJtw/vGnrOgvxSq/oE6p+qUSIWqv4+QCDP0hg1NvdlImLp5oKaoL20AAAAAACDZwt9G9TWtYmGG/zk0kiIcMsT6IiGHP15szQyxT7BfdMRGNgQpeuxKUPUX1BhVx0SiVD1+mGJhht6oYak3FwlRNwdUjPoCBQAAAAAAiSHMqIBYONIUVJ0HFaTqnEiEqs+XKRRm6A0aknozMULq4kci1BcbAAAAAACoKsKMCmjGMGM4VD0JCVF1UIyIqteXKBdm6M6GpN5ADIO6uFEy9cUDAAAAAADqxrRdFwkzUH9UnQplUHVSlE3V7UvwV6qxIak3DWVQFy+
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d6633a2-1e3c-40c9-9dda-4202950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T07:56:18.000Z" ,
"modified" : "2019-08-28T07:56:18.000Z" ,
"first_observed" : "2019-08-28T07:56:18Z" ,
"last_observed" : "2019-08-28T07:56:18Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d6633a2-1e3c-40c9-9dda-4202950d210f" ,
"artifact--5d6633a2-1e3c-40c9-9dda-4202950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d6633a2-1e3c-40c9-9dda-4202950d210f" ,
"name" : "IP-.png" ,
"content_ref" : "artifact--5d6633a2-1e3c-40c9-9dda-4202950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d6633a2-1e3c-40c9-9dda-4202950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A 7 g A A A I E C A I A A A C 8 J B W 2 A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A D s M A A A 7 D A c d v q G Q A A P + l S U R B V H h e 7 P 3 p k y T F n e + N 3 r + A V 9 I r P X o j m z e y q x d j N m a P j J G Z d E x X j N 0 j x q 4 B Z 5 A G Z E d C Z 8 T D H H Q E a J C A A Y E G a L r p t X r f 94 V e q F 6 r u 5 b e u 2 v f 96 r c 94 x 9 y X 1 f 7 t f D M 7 O y q r J 6 L a E u 9 P v y J d r D w 8 P D w y M q 4 h O e H h 7 / L y W e I Z P J Z D K Z T C a T y Q t M o E w m k 8 l k M p l M J j c w g T K Z v N L t 3 v z a y 0 89 / d w 8 P 7 e n d 2 G y e 9 n l H N m 1 b u 0 P f / b y t 35 Y n 8 + L 3 / r J r 77 / W t M n N y d d + s J V 7 u 1 l z / B B L Q Z b z u 556 b U 3 v / u T l 78 x t 93 n v v G T l 7 / 7 i / d f 29 d 5 W 1 y 0 y r 29 L B m 2 / L m 24 k P 52 Z Z F W T 26 Y 66 B z k 9 W / Z k d l J + 8 W L c V H J T X f / j e n l 1 d w e D C V R 7 B + s H f 1 W d e 8 b L u y A I v w / l f b 5 d / s v l I 5 Y j P P 3 t h 1 N X L z x y R F q x y P y 9 z C c l k 8 l d p A m U y e S X b e e 6 Z n 8 y / A X M / 8 G 14 e u D c C 881 I J t F f v n v 32 v p f Q C 6 X f Y M H 9 D B 6 Z a X f r E I R x r 5 u 68 d b P Y v X H 2 x l z H D 3 n W v L l j l A b 1 M f C k 1 b 37 / u w u Z r 5 F / 8 v p L Z 92 P g 8 u u l j / X P 0 7 U / J c C 5 c c + / + s s d R x Z + / 2 G u c 33 d 9 f Z F q 27 t J e z h G Q y + a 9 g A m U y e a V 6 u n 3 V d x b c f W t + o N u w f u K 9 X y 1 c 8 d 7 + y Z u f j C 3 I p N 7 L n u G D W X f v + t 1 D b v f p 11 / r 0 h f m U / N y Z / h X B O X p m 3 u + / y C I X O d v v X Z u Z F E + D 2 S x 45 k l t v W X A O X H P v / n P H J 21 X c X 5 L C 0 H x y U l 7 G E Z D L 5 r 2 U C Z T J 5 J V p v W f X 6 w l t v v e 9 / G 278 E / k D + N U 3 G q P t s m f 4 Q A 4 O H H x Y E K z 6 V y / d b I C 2 y 54 h f O J 3 C 1 I + q B + P L 6 W H f m 6 p + h u / O P f w G K d v / v X C f G p e b l B + / P O / 5 o e u p Q c D 5 W U s I Z l M / m u a Q J l M X m n W J z / 5 x f 2 Q 9 H 634 a V + I n 8 g N 8 p 82 T N 8 E I + c f P 9 b C 7 J 6 K P / w z y f m 9 z B e 9 g y 5 D 371 o C y O v P a z h b k 9 l L + 7 + W E 6 G K D q 9 t 2 L C 5 c T l J f j / K / a v f n X D / 10 d 39 Q X s 4 S k s n k v 7 I J l M n k F e W l u j w u 8 H 1 u w 8 F P l q C o b / 1 s 1 R t H O p p v d u 462 / H J e 28 u 8 c P x i y / d / E t n + E B + L D q 3 / J 1 V k 3 / R D C 1 L n / x i Y b I H 9 G P w p e 2 N 5 x b m 9 p D + w + Y H f / F x b M + 9 u y 4 s G y g v z / l f c f N 798 H Z b / z k Z e v 10 z + / 8 D Z / C Z K 90 H k f U F 7 W E p L J 5 L + 6 C Z T J 5 B X j e 3 V 5 X O B 734 b 9 p 7 + / I D 3 z i 8 + e X f Q 6 v 9 j x b K N + C N / 6 a G R e s m X P 8 I F 9 u 1 H 332889 / 4 b Z 0 d 6 / V Z H C F 2 f H r j 52 q + X e C 3 v J 0 0 t f + E M l 2 D W 99 f 6 g 9 P 382 O N D d K 4 q l / + / n s H m w c q O b v 87 p Y j S 3 b P / e H J J X t d z / f 9 o X x Z Q H n Z z n / L S z 8 U v f j d 1 / Y c H J B c i 1 a 5 r 5e3 h G Q y + U k w g T K Z v C I s N S / V 5 f G H L z a 439 / 7 N t y w / e 8 X 5 x q T Q f u q B v n / r m N e m m X P 8 C E 8 v 2 / 0 T 1 f t m o 4 t S g M v 1 Y X 61 T 9 O 3 z P l M m Q 48 s r i J s a f b r 89 L 81 f x v O O y 8 s / X N c 3 v S A B 91 L t w b + 7 u T B l I z d 8 t F j g x w b l Z T 3 / m U d e + e m i t e C f b X + Q E V E a e d l L S C a T n w g T K J P J T 7 z 1 y T e W 6 m / 6 X F N L V y P K e X h Q / s 5 S P y g 3 p K g H A O X H y v D h z F s 0 X / z + u p F 7 t Q I 6 D / 79 g o 1 a f q E B w y 1 v h h 3 P L k r z l X F S p d 30 p 3 / e 5 V y 4 q N 4 n 3 m 4 E / Q 9 S y K 6 m + W 2 o L 37 / F w 24 + b F A e d n P f 1 T L y T 8 s X O X p 577 x 60 c d 7 u M v U E I y m f y E m E C Z T F 4 B b t x o 97 M 9 H f o S H 7 O 49214 u t G d + 7 U l U L W r a f H 7 b Q t 7 S i x 7 h g 9 r c e T g P Y Z 7 q 7 g R s C 7 F c M u Z Y c c z i 9 I 83 o P B w / l 2 + 8378 l / j A e z u D 3 N 9 L y 3 o 3 f G L 0 y c a Z f W Y L c r L f P 437 F K / x I u Y D + j l L i G Z T H 5 S T K B M J q 8 I L / y h / z v v 3 a z 8 j P 4 o t + H J 1 x r 87 v z q H x s M 0 9 a 4 g 8 E i 7 l n 2 D P 8 S b s i 1 v 3 q M w e k e L M N G L e i P + 2 C w 3 G 4 M y k s 96 l S s n 1 h 4 K H / 1 S l f j r B 77 + C 7 r + d + o S / 0 P j z x g h + y l v L x / o W Q y + U k x g T K Z v F J c a 717 + Z m T 7 r n 4 R 7 o N N w a j n 7 y / e d 4 P 9 L G O d Y 26 X f 5 w V f N c m o q X P c P l d + M 3 D h 9 m b I c F f s A M G 4 H y w 33 d 7 S / v h u M / 3 J v m F 78 M 9433 + h D f M K v l e B B a t v O / U b + L x z g N 5 r y c f 6 F k M v k J M Y E y m b x y D O T 6 y Z u f D M x / t + z R b s P i z R c a D I k A V 175 C k 63 v N D w b a e n X 3 y 2 p V H b 27 J n u N x u 2 C 31 q V + c r j T 7 P b w f N M N G B + g 7 v 7 C G G 6 u v s R + + / K 2 f v v n M q o P N Y 19 F b c x 3 o 9 c N 7 z 1 m 3 + I h N X 5 a G e 6 j 4 a D R y / O L w T K d / w 2 + / z J 31 P T b L X t e + M W v 6 g 7 N i 9 Z x O d f i b P h O 53 w v 418 o m U x + M k y g T C a v c D / y b b h R S + d 9 / f f 3 + A 7 F s m e 4 n G 48 y s H f b w 4 u S v m A f u A M G x 6 g e / o b z y 0 11 M Z f x I 2 J / 4 e r T i x K W b W + 67 U F z c Z z n 1 f 8 C 4 J y Q z / 0 + d 9 g M D v e F h 4 c O P j D e w 6 B / K 1 f H 2 R 9 j h d m e D 8 T K J P J K 9 k E y m T y C v d j 3 I Z d D z 7 s K / O v X j h b 94 N y I y 97 h s v l x u 9 a P U a X j w f P s H d z o 5 T 39 / y f 7 / 9 y X m J k 6 + / v W / I R Y j F Y 1 / c k e e J B u U H P c p T / Q U / d n / z 54 M N 20 i B Q J p N X s g m U y e Q V 7 s e 8 D T s 7 l u g R M c / f + v W e B x 1 f d t k z f G w v 8 W m J F 585 + 4 i d H B 4 q w 8 a 9 t x / I X 0 G n l C W + F f L c 0 s M 8 O x f 1 z H 5 u T 33 i J x 2 U G 43 Q 8 u y R j m c a d x x q 5 P n 7e38 T K J P J K 9 k E y m T y C v d j 34 Z d A w e / f 29 K + O G b b 9 x c 9 I 29 p b 3 s G T 6 W l + g Q 8 o 3 f d T z C p 9 e Y H z L D + 34 n + Z 5 + / Z N 7 j n / 8 e G 48 A k l 9 P 4 p F t v 1 x I V g v H N v k S Q f l R + o g t M D f e a h B S w i U y e S V b A J l M n m F + 3 F u w / r k J 0 t 9 i n m R H 6 g N e N k z f E y P n W 6 M 7 A / b K F j z I 2 T o 73 t j c Z 388 O V v / W T + y 3 x L + N G B / j 7 W T 7 z 3 q w X b s n y v Z u z F H U 6 + u 6 i L + Z M O y g 3 T 1 / k b P 33 z m b f //AL869cb/W7A/TCjZBAok8kr2QTKZPIK96PehoP3bfdt4NdfW/ozHMue4ePaea7x7+k/fPhuptyPkWFwuuW1VQcPdrmnxYVv6bn8kwfXvb90M+eyjFy2wHrLR407hNxr3LrFbbG/OL34UyYrGJR/+uddC96h1N1rf934B4FnTj7weUugTCavZBMok8kr3I92G176B+hv/WztJ0e2L/36/xItjsue4WN6Saj9w/yhnR/Yy57hAoudLy3Rt7vRR7Yfx0tT8kf3+GT34lE+GhP8SgXlJX8TaNyNmw+U8UAmUCaTV7IJlMnkFe5HuQ0v+vIw90/quw7Hes+uWoJ9F/dhXfYMH88rjpK5u5oaDrywrF8neTRKXtzTeslXIVcmKP/qtYFFKatuPHzeg5MugTKZvJJNoEwmr3A//G248TgMzzW1LG4g9Pe90nBUhJ9u76hLtuwZPpaX6kb8kz/verQu0cue4ZK2vdGoUfkhGi/v46X6JT/39+smgwsT1/nm2qV76z60l/mrhA97/o9tb/A0cu+BAhv+WkKgTCb/bZhAmUxe4X7o23DDz7DdoyNsw5+eX3yhvZZg2TN8DC/5sl0jan8QL3uG93TD5tinftexINkjecm39+4/YHPDc+xR/VcG5UbDwz31k8pnBRubQJlM/hs2gTKZvMK9HKDwrXsPd9WoS8BcM+eyZ/jIHtvz94uyhb/xi9OPOsbFcmd4P+96beG24O8sA1nqB3/XcDSSX73U/gAdxL9OoBy/+cKCxMzv71qYrM4EymTy37AJlMnkFe6HvQ03Sv/M2UXJ5rnBx8ye+vW5SpfWZc/w0bzE24Tf+F3H9IKUD+hlz/D+btg2/9x3Nz/mJ/qWHi954ME+lN3wHHtU/7VBWfrkF4vS3/sHjZurGvQ8IVAmk/8
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--5d66364b-2d88-4969-80e8-4d87950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T08:07:39.000Z" ,
"modified" : "2019-08-28T08:07:39.000Z" ,
"first_observed" : "2019-08-28T08:07:39Z" ,
"last_observed" : "2019-08-28T08:07:39Z" ,
"number_observed" : 1 ,
"object_refs" : [
"file--5d66364b-2d88-4969-80e8-4d87950d210f" ,
"artifact--5d66364b-2d88-4969-80e8-4d87950d210f"
] ,
"labels" : [
"misp:type=\"attachment\"" ,
"misp:category=\"External analysis\""
]
} ,
{
"type" : "file" ,
"spec_version" : "2.1" ,
"id" : "file--5d66364b-2d88-4969-80e8-4d87950d210f" ,
"name" : "query.PNG" ,
"content_ref" : "artifact--5d66364b-2d88-4969-80e8-4d87950d210f"
} ,
{
"type" : "artifact" ,
"spec_version" : "2.1" ,
"id" : "artifact--5d66364b-2d88-4969-80e8-4d87950d210f" ,
"payload_bin" : " i V B O R w 0 K G g o A A A A N S U h E U g A A A d s A A A D d C A Y A A A D z V N i d A A A A A X N S R 0 I A r s 4 c 6 Q A A A A R n Q U 1 B A A C x j w v 8 Y Q U A A A A J c E h Z c w A A D s M A A A 7 D A c d v q G Q A A D g H S U R B V H h e 7 Z 0 / j i R J r q d z 7 z L A 9 g U S K / U J S n 8 Y r Y 5 Q Q B 2 i t B Z K 2 x s U U F I n 9 g K F k U Z J t D A Y o E / w t N e Y G 9 Q a S a M 5 n U 6 j m X u E Z 0 Z k / o Q P m e G 0 P y T N j H R z 9 / B 4 + O W X X 37 + 9 //+Pz//19/+CwAAAAAn8PCvf/0LyRYAAAA4ESRbAAAA4GSQbAEAAICTQbIFAAAATgbJFgAAADiZqWT78Lfffn7/nz9/fvkQy0dI/f/8fP76OZSD1+eMMTra5uOnHz+fS72/Kt8/xeVem5ea19qP+uMa/Umbx9c0AGAfLdl++WO78HhB/vHt5+MdLcyHD59/fvxKwfrHz4+BvMfHr38uAf6PUtfY+vCB/LDIzvSDD6x/Fb9///R+TlJaEriBBHuLCenjE5ItAPdIS7a0iP0O4uHDt5/PT7/dzcJ8LEn2+9O33cn24W8lQX/6rZxU1P+LL/4qdqvsS0m0GuBo1/UXn4DEbV2K9/XjpzIGJene6u7u2oj9+06UzgLJFgBwLVqyfSw7OwronGDrInygy3llYbeFWQK/7vDsgudyZWf8/an+rYlB2lp2aT5hUHJc5Eu9DNJTE6HiA5D0ezxgcx81ofq2xBfnJb8oCFqbe76mMs9f6/iUslyHx6zKud4yFuqvbIxG497jSJt6UqN1FhZfdOcZt0lXI8pfbaP666hf+ISr6aDIPBjN61zP/f60RMm2118m8/NMypEPA5lZA9YG9QGdkGt/AICYlmx5sVHQK381CFBgosUpC6wsrJKAeDFyGRt4/MJcPvOxGkhXQcAv6FJmZrco9aTv6DMfM8FBj82itragRLaanazf6V4b7xc+pjokvuYkwsFS9NfxUz0fy/Fmgxm/1kd3jOJx1zIZR9qMxpOPJ7Zrmy1ZkMwk26N+icbCEto3oedRfxLxiWWnv6Eu8r+ccNg5vrZb6omezdd04uLapLIAgJhVstUz/+9lx6n/+4XJlezio3qrhRoF2O0x4uOT7DK+l50HBR8ry7ABh4OpO7O2+tnjI9hOPvs3waxjnw14EVpOdz+MaaeH9zUfUx0SX2sCkfpiu00qq/vOzNo/8bj1x13LZBxp0+qvdfh4YnvkM+USv2Ttijywb4eeR+bpJtlm/U3o8r2sQduelOvruZHVNn0bAIA1S7KlBVUW5pensqg4ANX/qVC2+JIF3ToJjlkZ32PdsWCX/qndbTA8EsRER9nJr467tsQXsS3XwPua4Eua5YQi83WWVJrO1b+Rf+Jx64+7lsk40qbVX+vw8WHiiPW6xC9eV09o30SCO+pP4trJ9guvvbUOmZ4bWeADAMCWh3/84x+SbOsikstJtIDo/84Cs4uP//ey5TMfCxYkPzVc0M8UAP0ONYODTjkZiOr0gpgcl8RljxM+iCmqu8pe/gGpEgzr58zX46SynEjQvfK729kmtvfqEJf4xcs98bwe6dm3fYZNss36m9SFkzLpoeWM3cvOX/QUWbG56sDrwfQBAIhZdrY1cGgi4t1UTSqjIEGLtfeABsvDoKSLuFLvt9l6GRIg1m1ywtb2DFpG9C7HXLLVALKqZ3cEVtei55mBZaOL66/n6yypiJySNrVZ6nz9TcbajuGNJ1uWdWzP6lzqF/pKWBsL10dkHx9P9TzuTyI6KczW36wusnaKLvVzs5vWJT8MJXpqPW5P/ebsBwBsack2EgIAgMUnaQDAHEi2AIBpkGwBOAaSLQAAAHAyN51s5Sw6fnAp4iXOuuWBpe19Og/dK/uL75HN6Q5ennvbpe1dD5dyi+sPgHtllWzpgY31Q0vfdj288dqMFvulwYC/F+we5Mp8pg9W7X3DztH3NPdkGjStjrNPUx/XJX5H9UaXSnby0uoYP9oH+GzZPRydD1t/nvvQ3L1w1J8AvAdasuWnFjnoLWexjyVgnvUVlzMYLfZLgoHsVNfBfcZnGphnn9ikJ1yPvKc5lxUdDiSmo7rQE76z76jmJ3IHuon+lPSlrfb5gE2Wo/PB1+Mndy/U5S1w1J8AvAdasrWBM2L4FQL3rlQfjG07FLClHu2Uyt9SjncIGsj5KxH1WMEnKrubfKY34NQFbnVp8to/JwrTppAnAkVtsXr07Ivgr1VU2/bCdWsgF78sOou9olcqo/+vkAxmddHyvoxHfDgOzqr/lzKGbA/NRX7f8WITX97XeVTQcRG9ig7RPGPZ0r/McSq77t8T1Vud2FiZ88HyVSNi/bWZnkza0ON+Htb+Ou9b7q3baE7q14qy/ggeN377m5ah/se6APCeack2233J4vMBRD7LAiuLqizcJQhXGf9vA/ISXFu9Gty4rFv8cZKr9eoilnuo6zYp8HGbFAQ3CWGxY5aonvbV85nF+2EW34cN6iJfEn4qU7+Q3yaSScQeXVqdgd2cCCaCMfdNfVGfZY7Q5fwvnDyX/nvvOFa9o3kmMhlXSdZLexm2Hl1Kt3ZbGX82PtjIis8W//Vlivo4Wg/RnJe+vS5Vb663jI3/LMe2/RF6CV/nEeva2uyvPwDeM3PJlhaNCUR2EUZBwgYfPVtu7QSBjj5HhMHFLWDbzkYXF+xn+oyI6smxvs8sXo8ZuH3eiZjk1RkH8m8ma/XLMXlZgfWJlFt2KRIsbaDfq0srk9gtba776bGUJZ/r5eN1/dX9Y0b6lXGKx1xl0fuBM6Te0pc9SfT9eR9k7wMfvStcfbxaD0l/vTHS+nZtRjvdfn/xvB/ZDsB7ZnUZ2S+2VihZtJsF5hbosuDouC1H9fKFGC520sXUs/2PFruXzxLVU916PrPsDTrSNiU3dzy0p45DItu2Me+DI7r0ylgosfg2e3Dbdf61S53mWOu7Jg7br8hiHURWfEGXb2nnG5SJaPWKDzlJbfyw+DfyAfm09z7wkWyzHpL+Rsl2KStj7OdEv7/1sbUstx2A98rqASk+S/9qLsfVh31k0fhFJJ/b4tMzZG5nvXA5QJbFvN0B5AsxXOzcNx2jgKs7NatLf7GrPAoUGZEefDzxmS0X7Roy7I7Donq03YgJpiOZ6uSTw4gjurQynWDbO96Dx823bY75caV7n+udbdyX1uO5w2NZypl528PWo8/kI3/FhnRZdttVF3pCu6Dt2Hkx867waB56Xaxv5X8vWz4TPL5PxfZgfkb9EWxv8X18GTnWxdYH4D3Ski1/KItjdSnO3N+jYJQ9IJW9KzVa5FIvX4i9xc7317QvelCmtj2z2CU5q43zgcDvEtrxxGcsZ522NvTQ8ouO1ObSb/51m1gmfojrZBzVRRK6qVNRH+w9+WA9nO/9sf47jsmGeJzFvmW+tBORgX98PX/i0eYYzQX7XmF/qZvk2kYiU/YmW/7cWbetPp9kxPOzt/74OF/yVn2pXX02IF9/ALxXVsn2CH6BbeXljL2zOzoKfb2m/c+J92UWdPQ92wwNoP7BLwAAAO+LU5MtX24qZ77PT9sd4VEkeZuzarOjegl0Vx3tBCyyE5Yz/kgOAADg/XBxsgUAAABAzoskW9n9XvdS8kuhuutO+h5tuEUwJwAA74nBA1Kvdxk0uzz9Wlz73jPYB+YEAOBeaclWnjxcJ1f5OsK20kuAwAo8mBMAgHvFJFsJZH4nq4//+4DCDwDVp2yv/U5XfbBqjfk6g/vqwfr1e/S0cPmrO/SVLO6P4AefzK4+CqBRYM3edXtN9GTIJxq2648fhSOy8YNrkX2YEwvXnBPeBqpL7xxmGetS2grecSzviS7li13y9aWlHgDgNlhdRm7fX6UnfEvSXb5P6b67ZwJ/C1g1mJPMB3ANztvASn3F71H17VpsgONytW1ts/8e3H5/vXfr0mfFB1avY2T7NaH+2c6asNr/xcajsqgfJbNP2sKcuOacoLZUF/rMdVVn26b5zMmVbat2Fl0kAa9PAAAAr0v4gBQFGTnDXoLLKphR4DGB+trvdI3k63olKDlIt16dpV7Sn935MOPAKsdy2yPUH1Z/CrKjoKxBlPz
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d64dadb-1654-4b89-bd0f-437c950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T07:25:15.000Z" ,
"modified" : "2019-08-27T07:25:15.000Z" ,
"pattern" : "[file:hashes.MD5 = '1426f88edaf207d2c62422f343209fae' AND file:hashes.SHA256 = '204da6b16288cf94890ab036836a27a8163bef259092b3eb21c99e52144256e8']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-27T07:25:15Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d64db7e-6634-42f3-a837-40db950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T07:27:58.000Z" ,
"modified" : "2019-08-27T07:27:58.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'a94b4e7ecd9482b0e610b2521727715d1d401d775617512514bdd2e0b9351e06' AND file:name = 'a.exe']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-27T07:27:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d64dbc7-5564-4729-aaa5-46ca950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T07:29:11.000Z" ,
"modified" : "2019-08-27T07:29:11.000Z" ,
"pattern" : "[file:hashes.SHA256 = '29389990ce789001c337e98abd3ff49b3c80dd34e66033c62732e4af89e13f4f' AND file:name = '18535.cmd']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-27T07:29:11Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d64dbe0-c9a8-4a69-af77-4dbc950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T07:29:36.000Z" ,
"modified" : "2019-08-27T07:29:36.000Z" ,
"pattern" : "[file:hashes.SHA256 = '825deff8a0d7635b2e45ac2d7ad09c80e45cd380a0e54831910e0bb62063d20b' AND file:name = '21826.cmd']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-27T07:29:36Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--5d64dc36-bfb4-4909-84a4-4870950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T07:31:02.000Z" ,
"modified" : "2019-08-27T07:31:02.000Z" ,
"labels" : [
"misp:name=\"microblog\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "text" ,
"object_relation" : "post" ,
"value" : "I have decided to push the recent analysis of the #Gamaredon group on the repository and added the IOC (can be exported in JSON) and the MITRE ATTACK references." ,
"category" : "Other" ,
"uuid" : "5d64dc36-1958-45c0-abde-48d4950d210f"
} ,
{
"type" : "text" ,
"object_relation" : "type" ,
"value" : "Twitter" ,
"category" : "Other" ,
"uuid" : "5d64dc36-9280-41d6-91e4-48a7950d210f"
} ,
{
"type" : "link" ,
"object_relation" : "url" ,
"value" : "https://mobile.twitter.com/Arkbird_SOLG/status/1165375513709486082" ,
"category" : "External analysis" ,
"to_ids" : true ,
"uuid" : "5d64dc36-23e4-4b90-b0f4-4c93950d210f"
} ,
{
"type" : "link" ,
"object_relation" : "link" ,
"value" : "https://github.com/StrangerealIntel/CyberThreatIntel/tree/master/Russia/APT/Gamaredon" ,
"category" : "External analysis" ,
"to_ids" : true ,
"uuid" : "5d64dc36-c838-40fb-a501-435f950d210f"
} ,
{
"type" : "link" ,
"object_relation" : "link" ,
"value" : "https://t.co/STsb0kt4aU?amp=1" ,
"category" : "External analysis" ,
"to_ids" : true ,
"uuid" : "5d64dc36-0e9c-4385-abc4-48b5950d210f"
} ,
{
"type" : "text" ,
"object_relation" : "username" ,
"value" : "Arkbird_SOLG" ,
"category" : "Other" ,
"uuid" : "5d64dc36-ddc4-48b1-a592-4bcb950d210f"
} ,
{
"type" : "text" ,
"object_relation" : "state" ,
"value" : "Informative" ,
"category" : "Other" ,
"uuid" : "5d64dc36-02b0-437c-a4dc-4b01950d210f"
} ,
{
"type" : "datetime" ,
"object_relation" : "creation-date" ,
"value" : "2019-08-24T23:29:00" ,
"category" : "Other" ,
"uuid" : "5d64dc36-6f30-48aa-9284-455a950d210f"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "microblog"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d64e1e8-1628-4f3d-a20c-4508950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T07:55:20.000Z" ,
"modified" : "2019-08-27T07:55:20.000Z" ,
"pattern" : "[file:hashes.SHA256 = '37b05d4273e3e0a558d431ed3cc443d2a93001b121c4aae9fc8f9778a5578316' AND file:name = 'QoceoIJ.vbs']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-27T07:55:20Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d64e219-7654-48ab-85a7-4e7f950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T07:56:09.000Z" ,
"modified" : "2019-08-27T07:56:09.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'f29d970f4ace8516a254515be3b3adf14ebf9651c0ee1aecaddd68a3d12c0315' AND file:name = 'zZBwUAc.vbs']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-27T07:56:09Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d64e230-3134-42f9-89ec-4979950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T07:56:32.000Z" ,
"modified" : "2019-08-27T07:56:32.000Z" ,
"pattern" : "[file:hashes.SHA256 = '6de997b9bbfa09def80109108def78a42bc16820c681d12210011ea5d1a86321' AND file:name = 'PowerShellCertificates_C4BA3647.ps1']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-27T07:56:32Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d64e288-df60-4d0d-8f8a-4081950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T07:58:00.000Z" ,
"modified" : "2019-08-27T07:58:00.000Z" ,
"pattern" : "[file:hashes.SHA256 = '2a5c7e6e9347f74e8a5d288274117cb638ff0305a3e46813d64316f869d5e7ec' AND file:name = 'Document.docx']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-27T07:58:00Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d64e32f-f018-4a7f-b22f-47d9950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T08:00:47.000Z" ,
"modified" : "2019-08-27T08:00:47.000Z" ,
"description" : "URL request" ,
"pattern" : "[url:value = 'http://document-listing.ddns.net/']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-27T08:00:47Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"url\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d64e3bd-6474-4db5-ae6b-1e07950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T08:03:09.000Z" ,
"modified" : "2019-08-27T08:03:09.000Z" ,
"description" : "C2" ,
"pattern" : "[domain-name:value = 'document-listing.ddns.net' AND domain-name:resolves_to_refs[*].value = '188.225.24.161']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-27T08:03:09Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"domain-ip\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d64f324-5260-43cf-b1e2-af53950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T09:08:52.000Z" ,
"modified" : "2019-08-27T09:08:52.000Z" ,
"pattern" : "[file:hashes.SHA256 = '02013f0c6767eb7f0538510ba6ede0103e797fa7b9bc2733d00e3710702fdf1c' AND file:name = '02013f0c6767eb7f0538510ba6ede0103e797fa7b9bc2733d00e3710702fdf1c.scr']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-27T09:08:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d64f35a-142c-4672-8bcf-49d1950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T09:09:46.000Z" ,
"modified" : "2019-08-27T09:09:46.000Z" ,
"pattern" : "[file:hashes.SHA256 = '630c0c86faf828bc4645526ca58b855d1a2db57cca0e406c1d5b7e2de88a1322' AND file:name = 'FDGSKGN.vbs']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-27T09:09:46Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d64f3de-1fa8-4573-882e-4b24950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T09:11:58.000Z" ,
"modified" : "2019-08-27T09:11:58.000Z" ,
"pattern" : "[file:hashes.SHA256 = '8f33ce796ee08525d32f5794ebd355914140e43e4b63e09b384dabda93a8b22c' AND file:name = 'PowerShellCertificates_C4BA3647.ps1']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-27T09:11:58Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d64f451-9930-41fd-951a-48c7950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T09:14:18.000Z" ,
"modified" : "2019-08-27T09:14:18.000Z" ,
"description" : "C2" ,
"pattern" : "[domain-name:value = 'shell-create.ddns.net' AND domain-name:resolves_to_refs[*].value = '176.57.215.22']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-27T09:14:18Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"domain-ip\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d64f4e2-156c-4616-84b5-4d97950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T09:16:18.000Z" ,
"modified" : "2019-08-27T09:16:18.000Z" ,
"description" : "URL request" ,
"pattern" : "[url:value = 'http://shell-create.ddns.net/']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-27T09:16:18Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "network"
}
] ,
"labels" : [
"misp:name=\"url\"" ,
"misp:meta-category=\"network\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d653cd6-1190-4192-8e01-4679950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-27T14:23:18.000Z" ,
"modified" : "2019-08-27T14:23:18.000Z" ,
"pattern" : "[file:hashes.SHA256 = 'a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599' AND file:name = '9856.txt' AND file:name = '23379.txt']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-27T14:23:18Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0711a0d0-fa31-44b0-a6ba-2874d8997878" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:28:49.000Z" ,
"modified" : "2019-08-28T12:28:49.000Z" ,
"pattern" : "[file:hashes.MD5 = 'a510822b1a425efc55cc7052972ae59b' AND file:hashes.SHA1 = 'c6f1e82edd5a3c817166668603d767e700c930d3' AND file:hashes.SHA256 = '630c0c86faf828bc4645526ca58b855d1a2db57cca0e406c1d5b7e2de88a1322']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-28T12:28:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--b6188b63-e953-4d96-8f98-850ebfafef1b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:28:49.000Z" ,
"modified" : "2019-08-28T12:28:49.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-05T04:35:23" ,
"category" : "Other" ,
"uuid" : "7dfb5a3e-3681-4269-b2df-e775b6da61d8"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/630c0c86faf828bc4645526ca58b855d1a2db57cca0e406c1d5b7e2de88a1322/analysis/1564979723/" ,
"category" : "Payload delivery" ,
"uuid" : "0f21dbf0-342c-4bdf-a279-6c2c7a7a23c9"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "0/55" ,
"category" : "Payload delivery" ,
"uuid" : "99252912-f5db-4a89-a65e-f8f433f8592c"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--50a80329-012a-4924-86eb-5fd85597cbed" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:28:49.000Z" ,
"modified" : "2019-08-28T12:28:49.000Z" ,
"pattern" : "[file:hashes.MD5 = '73bc90e40f241df4e7b60125ad372ab8' AND file:hashes.SHA1 = '9f28284e42ccf1d042b30e80f2ae123ff3972d58' AND file:hashes.SHA256 = '02013f0c6767eb7f0538510ba6ede0103e797fa7b9bc2733d00e3710702fdf1c']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-28T12:28:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--18225ad2-1e0a-49a2-bc87-b8cf7235a94f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:28:49.000Z" ,
"modified" : "2019-08-28T12:28:49.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-17T15:59:55" ,
"category" : "Other" ,
"uuid" : "7c14a4e0-2884-46c5-8c39-d32198492d0e"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/02013f0c6767eb7f0538510ba6ede0103e797fa7b9bc2733d00e3710702fdf1c/analysis/1566057595/" ,
"category" : "Payload delivery" ,
"uuid" : "182e8670-8124-4701-86d0-002da0e29ec7"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "37/71" ,
"category" : "Payload delivery" ,
"uuid" : "858d3f83-f025-4407-a2ad-04311deb90fc"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b859bc0d-6e14-45b4-80e8-4d5d79f6880d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:28:50.000Z" ,
"modified" : "2019-08-28T12:28:50.000Z" ,
"pattern" : "[file:hashes.MD5 = '5850172495a36c0850a459cf9063e9ff' AND file:hashes.SHA1 = 'd2c56c4521db1fd829ac9fe0d3cadd913880dde8' AND file:hashes.SHA256 = '29389990ce789001c337e98abd3ff49b3c80dd34e66033c62732e4af89e13f4f']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-28T12:28:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--cee3c9ac-0af1-4ab3-a484-c92874ed9bdb" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:28:50.000Z" ,
"modified" : "2019-08-28T12:28:50.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-18T16:32:06" ,
"category" : "Other" ,
"uuid" : "61b4ff21-07bd-4869-8523-eb2566a820ba"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/29389990ce789001c337e98abd3ff49b3c80dd34e66033c62732e4af89e13f4f/analysis/1566145926/" ,
"category" : "Payload delivery" ,
"uuid" : "0e3ab5bf-aecd-484a-a7ac-444b3ab51a62"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "3/56" ,
"category" : "Payload delivery" ,
"uuid" : "ffaeea0a-699b-4b97-9269-506e79a8acec"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b7d07cd9-63db-42d0-bacd-1e38ea200b6a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:28:50.000Z" ,
"modified" : "2019-08-28T12:28:50.000Z" ,
"pattern" : "[file:hashes.MD5 = 'e427637799ecaaaaac6a7a2a21af3870' AND file:hashes.SHA1 = '3c082ca475eba394ccbc14c734b395955afafd22' AND file:hashes.SHA256 = 'f29d970f4ace8516a254515be3b3adf14ebf9651c0ee1aecaddd68a3d12c0315']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-28T12:28:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--136f1c84-a4aa-4f07-876d-c5eb3aba5a80" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:28:50.000Z" ,
"modified" : "2019-08-28T12:28:50.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-15T20:00:25" ,
"category" : "Other" ,
"uuid" : "0105b097-ed59-409e-9596-aa6763c2eb69"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/f29d970f4ace8516a254515be3b3adf14ebf9651c0ee1aecaddd68a3d12c0315/analysis/1565899225/" ,
"category" : "Payload delivery" ,
"uuid" : "8fa80388-17d3-48fd-a044-000c19d6f8b8"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "0/56" ,
"category" : "Payload delivery" ,
"uuid" : "0b3589cc-c435-4b84-bdf4-64c0a9b1d56a"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--abf752c2-dbf6-4f1e-9731-c4d4b9f9759d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:28:50.000Z" ,
"modified" : "2019-08-28T12:28:50.000Z" ,
"pattern" : "[file:hashes.MD5 = '1426f88edaf207d2c62422f343209fae' AND file:hashes.SHA1 = '5e94c7a8df9ab65fc2b2fbdabea61ade8c3b0018' AND file:hashes.SHA256 = '204da6b16288cf94890ab036836a27a8163bef259092b3eb21c99e52144256e8']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-28T12:28:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--6d04e4a8-bd44-4cd6-9c80-c13fbbae11be" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:28:50.000Z" ,
"modified" : "2019-08-28T12:28:50.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-20T02:21:12" ,
"category" : "Other" ,
"uuid" : "ff1f826b-fde8-423a-b728-79bef43078d0"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/204da6b16288cf94890ab036836a27a8163bef259092b3eb21c99e52144256e8/analysis/1566267672/" ,
"category" : "Payload delivery" ,
"uuid" : "c95f4c33-6497-46a1-9dc3-2fe567ebfabd"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "24/69" ,
"category" : "Payload delivery" ,
"uuid" : "f3eb1c81-5dac-4eeb-9138-129977f41ee1"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cf01e1fa-bb40-4d0b-b52b-908910c2fd26" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:28:50.000Z" ,
"modified" : "2019-08-28T12:28:50.000Z" ,
"pattern" : "[file:hashes.MD5 = '1676158ff7d9751413308094c97c7055' AND file:hashes.SHA1 = 'f53bfcc0acd1978bd9e4e032fe25ca51c2a32f7a' AND file:hashes.SHA256 = 'a94b4e7ecd9482b0e610b2521727715d1d401d775617512514bdd2e0b9351e06']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-28T12:28:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--8df78dd1-7cda-4e63-b3c2-9bcc3d77077c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:28:51.000Z" ,
"modified" : "2019-08-28T12:28:51.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-22T04:16:19" ,
"category" : "Other" ,
"uuid" : "b1c888cf-e0eb-46c0-bdf3-76cfcb1e4366"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/a94b4e7ecd9482b0e610b2521727715d1d401d775617512514bdd2e0b9351e06/analysis/1566447379/" ,
"category" : "Payload delivery" ,
"uuid" : "6d63994b-134c-4dfd-8b13-9ff61aba2a20"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "31/68" ,
"category" : "Payload delivery" ,
"uuid" : "dd87da85-5ff6-4154-b632-960a1590bf41"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--41714cfe-419c-4827-824f-90f281a2785b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:28:51.000Z" ,
"modified" : "2019-08-28T12:28:51.000Z" ,
"pattern" : "[file:hashes.MD5 = 'df366065b771ec78320e9fa64e213f39' AND file:hashes.SHA1 = '5223f3c84108c6b7800fc0160c2dc0dbeb5b7107' AND file:hashes.SHA256 = '825deff8a0d7635b2e45ac2d7ad09c80e45cd380a0e54831910e0bb62063d20b']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-28T12:28:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--c29ee2c4-9889-402f-b864-ae08eac1c5d0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:28:51.000Z" ,
"modified" : "2019-08-28T12:28:51.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-15T20:00:25" ,
"category" : "Other" ,
"uuid" : "cf26bfcd-0c49-47e6-9750-f2fdd67d8363"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/825deff8a0d7635b2e45ac2d7ad09c80e45cd380a0e54831910e0bb62063d20b/analysis/1565899225/" ,
"category" : "Payload delivery" ,
"uuid" : "d11518fb-4858-437a-9084-c800b807ba9e"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "0/56" ,
"category" : "Payload delivery" ,
"uuid" : "c17cb473-1517-416a-ad5d-0f3cbf6dfee2"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3c64cb44-c63c-4da7-a2ae-0bdeb778f9dc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:28:51.000Z" ,
"modified" : "2019-08-28T12:28:51.000Z" ,
"pattern" : "[file:hashes.MD5 = '19e85555e91bb07d70639a9f12dffb33' AND file:hashes.SHA1 = '617fff945957dbc4c57a1d961f3132454a2b744f' AND file:hashes.SHA256 = '37b05d4273e3e0a558d431ed3cc443d2a93001b121c4aae9fc8f9778a5578316']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-28T12:28:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--ab3fe092-6f45-489e-bef1-e1af90f1fe74" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:28:51.000Z" ,
"modified" : "2019-08-28T12:28:51.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-19T16:37:32" ,
"category" : "Other" ,
"uuid" : "ea81adf0-49f5-4324-8f2c-2898405366f7"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/37b05d4273e3e0a558d431ed3cc443d2a93001b121c4aae9fc8f9778a5578316/analysis/1566232652/" ,
"category" : "Payload delivery" ,
"uuid" : "f0aa02e1-357f-4c00-92e7-c0b0916373a9"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "1/54" ,
"category" : "Payload delivery" ,
"uuid" : "42bf37b1-da36-4da6-a398-95797d64a396"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--253f4638-714a-4229-9f2c-95f73e86e0cc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:28:51.000Z" ,
"modified" : "2019-08-28T12:28:51.000Z" ,
"pattern" : "[file:hashes.MD5 = 'bd126a7b59d5d1f97ba89a3e71425731' AND file:hashes.SHA1 = '457b1cd985ed07baffd8c66ff40e9c1b6da93753' AND file:hashes.SHA256 = 'a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-28T12:28:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--694eee41-afe4-4a3c-9759-10499c17f5a7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:28:52.000Z" ,
"modified" : "2019-08-28T12:28:52.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-27T23:45:43" ,
"category" : "Other" ,
"uuid" : "969d556b-ee90-4f22-9572-18703bbf94e3"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/a48ad33695a44de887bba8f2f3174fd8fb01a46a19e3ec9078b0118647ccf599/analysis/1566949543/" ,
"category" : "Payload delivery" ,
"uuid" : "4bb23eec-24fa-4138-acce-8aa2666eb5c9"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "1/68" ,
"category" : "Payload delivery" ,
"uuid" : "ea33de9a-c505-4378-860e-20f4d61d0ec7"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8a9d306f-3fa1-4b7a-b5be-5af92c041fce" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:28:52.000Z" ,
"modified" : "2019-08-28T12:28:52.000Z" ,
"pattern" : "[file:hashes.MD5 = 'd2e34941fefe458c98e5f382364fe195' AND file:hashes.SHA1 = 'c41162e2130dc8ff73e2a0a962af490b8e0a5915' AND file:hashes.SHA256 = '2a5c7e6e9347f74e8a5d288274117cb638ff0305a3e46813d64316f869d5e7ec']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2019-08-28T12:28:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "file"
}
] ,
"labels" : [
"misp:name=\"file\"" ,
"misp:meta-category=\"file\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--9788ebc6-52c7-496d-8d53-e79676970b3c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2019-08-28T12:28:52.000Z" ,
"modified" : "2019-08-28T12:28:52.000Z" ,
"labels" : [
"misp:name=\"virustotal-report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "datetime" ,
"object_relation" : "last-submission" ,
"value" : "2019-08-15T05:00:23" ,
"category" : "Other" ,
"uuid" : "dcecf358-1519-4ea9-8eaa-2a7c385d7b38"
} ,
{
"type" : "link" ,
"object_relation" : "permalink" ,
"value" : "https://www.virustotal.com/file/2a5c7e6e9347f74e8a5d288274117cb638ff0305a3e46813d64316f869d5e7ec/analysis/1565845223/" ,
"category" : "Payload delivery" ,
"uuid" : "450a5bc4-9a3f-4128-a966-a9793de6df26"
} ,
{
"type" : "text" ,
"object_relation" : "detection-ratio" ,
"value" : "0/59" ,
"category" : "Payload delivery" ,
"uuid" : "52f01a1b-b382-47d4-ac1a-19bbbd4a4705"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "virustotal-report"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-05-19 09:05:37 +00:00
"id" : "relationship--17c00e60-f621-49a2-ae17-a559b599bc4e" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-28T12:28:52.000Z" ,
"modified" : "2019-08-28T12:28:52.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--0711a0d0-fa31-44b0-a6ba-2874d8997878" ,
"target_ref" : "x-misp-object--b6188b63-e953-4d96-8f98-850ebfafef1b"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-05-19 09:05:37 +00:00
"id" : "relationship--3ad72016-6dcd-4cda-889c-1134d2357db7" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-28T12:28:52.000Z" ,
"modified" : "2019-08-28T12:28:52.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--50a80329-012a-4924-86eb-5fd85597cbed" ,
"target_ref" : "x-misp-object--18225ad2-1e0a-49a2-bc87-b8cf7235a94f"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-05-19 09:05:37 +00:00
"id" : "relationship--711c84c7-f616-4db1-8c16-cc00017080a2" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-28T12:28:52.000Z" ,
"modified" : "2019-08-28T12:28:52.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--b859bc0d-6e14-45b4-80e8-4d5d79f6880d" ,
"target_ref" : "x-misp-object--cee3c9ac-0af1-4ab3-a484-c92874ed9bdb"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-05-19 09:05:37 +00:00
"id" : "relationship--b3a9ea17-43f1-4bd9-949d-cb18d4e8361e" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-28T12:28:52.000Z" ,
"modified" : "2019-08-28T12:28:52.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--b7d07cd9-63db-42d0-bacd-1e38ea200b6a" ,
"target_ref" : "x-misp-object--136f1c84-a4aa-4f07-876d-c5eb3aba5a80"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-05-19 09:05:37 +00:00
"id" : "relationship--3d047033-f66b-48b8-a88e-156267bd5f0f" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-28T12:28:52.000Z" ,
"modified" : "2019-08-28T12:28:52.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--abf752c2-dbf6-4f1e-9731-c4d4b9f9759d" ,
"target_ref" : "x-misp-object--6d04e4a8-bd44-4cd6-9c80-c13fbbae11be"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-05-19 09:05:37 +00:00
"id" : "relationship--f5555bf7-90e0-4c48-8f22-58bba2524826" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-28T12:28:53.000Z" ,
"modified" : "2019-08-28T12:28:53.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--cf01e1fa-bb40-4d0b-b52b-908910c2fd26" ,
"target_ref" : "x-misp-object--8df78dd1-7cda-4e63-b3c2-9bcc3d77077c"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-05-19 09:05:37 +00:00
"id" : "relationship--5ca33860-0ee7-4585-87a7-8ff1724d8543" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-28T12:28:53.000Z" ,
"modified" : "2019-08-28T12:28:53.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--41714cfe-419c-4827-824f-90f281a2785b" ,
"target_ref" : "x-misp-object--c29ee2c4-9889-402f-b864-ae08eac1c5d0"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-05-19 09:05:37 +00:00
"id" : "relationship--ae266710-b6ab-4cc1-8e87-e5dcd4a1aef3" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-28T12:28:53.000Z" ,
"modified" : "2019-08-28T12:28:53.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--3c64cb44-c63c-4da7-a2ae-0bdeb778f9dc" ,
"target_ref" : "x-misp-object--ab3fe092-6f45-489e-bef1-e1af90f1fe74"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-05-19 09:05:37 +00:00
"id" : "relationship--064121f8-55c8-4623-a43c-597a3a7e7ab2" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-28T12:28:53.000Z" ,
"modified" : "2019-08-28T12:28:53.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--253f4638-714a-4229-9f2c-95f73e86e0cc" ,
"target_ref" : "x-misp-object--694eee41-afe4-4a3c-9759-10499c17f5a7"
} ,
{
"type" : "relationship" ,
"spec_version" : "2.1" ,
2023-05-19 09:05:37 +00:00
"id" : "relationship--79347a7d-afa9-4762-a721-a43529b3413e" ,
2023-04-21 14:44:17 +00:00
"created" : "2019-08-28T12:28:53.000Z" ,
"modified" : "2019-08-28T12:28:53.000Z" ,
"relationship_type" : "analysed-with" ,
"source_ref" : "indicator--8a9d306f-3fa1-4b7a-b5be-5af92c041fce" ,
"target_ref" : "x-misp-object--9788ebc6-52c7-496d-8d53-e79676970b3c"
} ,
{
"type" : "marking-definition" ,
"spec_version" : "2.1" ,
"id" : "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ,
"created" : "2017-01-20T00:00:00.000Z" ,
"definition_type" : "tlp" ,
"name" : "TLP:WHITE" ,
"definition" : {
"tlp" : "white"
}
}
]
}