494 lines
22 KiB
JSON
494 lines
22 KiB
JSON
|
{
|
||
|
"type": "bundle",
|
||
|
"id": "bundle--5d108cdd-eae4-471e-b0ca-7ad4950d210f",
|
||
|
"objects": [
|
||
|
{
|
||
|
"type": "identity",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-07-19T09:16:26.000Z",
|
||
|
"modified": "2019-07-19T09:16:26.000Z",
|
||
|
"name": "CIRCL",
|
||
|
"identity_class": "organization"
|
||
|
},
|
||
|
{
|
||
|
"type": "grouping",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "grouping--5d108cdd-eae4-471e-b0ca-7ad4950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-07-19T09:16:26.000Z",
|
||
|
"modified": "2019-07-19T09:16:26.000Z",
|
||
|
"name": "OSINT - Felipe, a new infostealer Trojan",
|
||
|
"context": "suspicious-activity",
|
||
|
"object_refs": [
|
||
|
"indicator--5d109aae-7258-4c36-82d2-349d950d210f",
|
||
|
"indicator--5d10a4dd-9130-4c72-b3ec-482d950d210f",
|
||
|
"indicator--5d10a4dd-8900-4d2d-89a9-4b84950d210f",
|
||
|
"indicator--5d109029-f448-4859-b7c3-acd8950d210f",
|
||
|
"indicator--5d1092e1-eb28-463b-83ec-47da950d210f",
|
||
|
"indicator--5d10960d-6330-4179-8a72-34c0950d210f",
|
||
|
"indicator--5d10968d-e280-472b-9a3f-55b2950d210f",
|
||
|
"indicator--5d10a495-ca5c-4920-bb2d-4e7a950d210f",
|
||
|
"indicator--88a609e6-3d3d-4325-bac6-6be3cd920d7b",
|
||
|
"x-misp-object--855e4596-70af-4ec9-8471-2efd8ba7ea66",
|
||
|
"indicator--0b40b29f-6b71-4cfb-b529-2b30ea155b66",
|
||
|
"x-misp-object--25782699-9e62-4a5c-a1d3-f6bbdcec04cb",
|
||
|
"x-misp-object--02aee86e-c588-4ea9-bd2e-aef1535846cd",
|
||
|
"x-misp-object--ecc0c45a-2208-4171-a606-ccacbe28b955",
|
||
|
"relationship--ae3e1dec-d04a-406f-ad7b-2c7c3bf4d0c9",
|
||
|
"relationship--a514f971-b232-4437-94c4-35ee4aee4918",
|
||
|
"relationship--1476c9e2-a9a1-4975-aa68-692290529c57",
|
||
|
"relationship--ec1c4f58-055a-4607-a6e1-5a166496d35c"
|
||
|
],
|
||
|
"labels": [
|
||
|
"Threat-Report",
|
||
|
"misp:tool=\"MISP-STIX-Converter\"",
|
||
|
"type:OSINT",
|
||
|
"osint:lifetime=\"perpetual\"",
|
||
|
"osint:certainty=\"50\"",
|
||
|
"malware_classification:malware-category=\"Trojan\"",
|
||
|
"ms-caro-malware:malware-type=\"Trojan\"",
|
||
|
"ms-caro-malware-full:malware-type=\"Trojan\"",
|
||
|
"ecsirt:malicious-code=\"trojan\"",
|
||
|
"CERT-XLM:malicious-code=\"trojan-malware\"",
|
||
|
"keylogger/infostealer",
|
||
|
"workflow:state=\"incomplete\"",
|
||
|
"workflow:todo=\"add-missing-misp-galaxy-cluster-values\""
|
||
|
],
|
||
|
"object_marking_refs": [
|
||
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5d109aae-7258-4c36-82d2-349d950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-06-24T09:41:02.000Z",
|
||
|
"modified": "2019-06-24T09:41:02.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.99.215.95']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-06-24T09:41:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5d10a4dd-9130-4c72-b3ec-482d950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-06-24T10:24:29.000Z",
|
||
|
"modified": "2019-06-24T10:24:29.000Z",
|
||
|
"description": "Download URLs",
|
||
|
"pattern": "[url:value = '192.99.215.95/uploads']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-06-24T10:24:29Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5d10a4dd-8900-4d2d-89a9-4b84950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-06-24T10:24:29.000Z",
|
||
|
"modified": "2019-06-24T10:24:29.000Z",
|
||
|
"description": "Download URLs",
|
||
|
"pattern": "[domain-name:value = 'inmemory.tech']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-06-24T10:24:29Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5d109029-f448-4859-b7c3-acd8950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-07-19T09:16:19.000Z",
|
||
|
"modified": "2019-07-19T09:16:19.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = '15ce8f849fff4cc8675900ec838a93f9' AND file:name = 'vshost.exe' AND file:parent_directory_ref.path = '\\\\%UserProfile\\\\%\\\\AppData\\\\Local\\\\Temp\\\\' AND file:x_misp_fullpath = '\\\\%UserProfile\\\\%\\\\Local Settings\\\\Temp\\\\vshost.exe' AND file:x_misp_fullpath = '\\\\%UserProfile\\\\%\\\\AppData\\\\Local\\\\Temp\\\\vshost.exe']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-07-19T09:16:19Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "file"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:name=\"file\"",
|
||
|
"misp:meta-category=\"file\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5d1092e1-eb28-463b-83ec-47da950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-07-19T09:16:20.000Z",
|
||
|
"modified": "2019-07-19T09:16:20.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = 'd912771c8cd5720ad835e08eb80a77b6' AND file:name = 'explorer32.exe' AND file:parent_directory_ref.path = '\\\\%UserProfile\\\\%\\\\AppData\\\\Local\\\\Temp\\\\' AND file:x_misp_fullpath = '\\\\%UserProfile\\\\%\\\\Local Settings\\\\Temp\\\\explorer32.exe' AND file:x_misp_fullpath = '\\\\%UserProfile\\\\%\\\\AppData\\\\Local\\\\Temp\\\\explorer32.exe']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-07-19T09:16:20Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "file"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:name=\"file\"",
|
||
|
"misp:meta-category=\"file\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5d10960d-6330-4179-8a72-34c0950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-06-24T09:50:02.000Z",
|
||
|
"modified": "2019-06-24T09:50:02.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = '7d016a3bb29904a6e00161694fc6ab4e' AND file:name = 'install2.bat' AND file:parent_directory_ref.path = '\\\\%UserProfile\\\\%\\\\AppData\\\\Local\\\\Temp\\\\' AND file:x_misp_fullpath = '\\\\%UserProfile\\\\%\\\\Local Settings\\\\Temp\\\\install2.bat' AND file:x_misp_fullpath = '\\\\%UserProfile\\\\%\\\\AppData\\\\Local\\\\Temp\\\\install2.bat']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-06-24T09:50:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "file"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:name=\"file\"",
|
||
|
"misp:meta-category=\"file\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5d10968d-e280-472b-9a3f-55b2950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-06-24T09:23:25.000Z",
|
||
|
"modified": "2019-06-24T09:23:25.000Z",
|
||
|
"pattern": "[file:name = 'infect.txt' AND file:parent_directory_ref.path = '\\\\%UserProfile\\\\%\\\\AppData\\\\Local\\\\Temp\\\\' AND file:x_misp_fullpath = '\\\\%UserProfile\\\\%\\\\Local Settings\\\\Temp\\\\infect.txt' AND file:x_misp_fullpath = '\\\\%UserProfile\\\\%\\\\AppData\\\\Local\\\\Temp\\\\infect.txt']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-06-24T09:23:25Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "file"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:name=\"file\"",
|
||
|
"misp:meta-category=\"file\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5d10a495-ca5c-4920-bb2d-4e7a950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-06-24T10:23:17.000Z",
|
||
|
"modified": "2019-06-24T10:23:17.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = '61b06e49d514f3dc5be4f4ef08f6b43c' AND file:name = 'down.exe']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-06-24T10:23:17Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "file"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:name=\"file\"",
|
||
|
"misp:meta-category=\"file\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--88a609e6-3d3d-4325-bac6-6be3cd920d7b",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-07-18T09:41:39.000Z",
|
||
|
"modified": "2019-07-18T09:41:39.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = '15ce8f849fff4cc8675900ec838a93f9' AND file:hashes.SHA1 = '5089aa7a2895e07a9f182a77407f8d7570c7ad56' AND file:hashes.SHA256 = 'bf6e6c7808a9bb023fc1fea1822438ad0b6ebefd1bdc703d2acb280c328a4eb1']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-07-18T09:41:39Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "file"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:name=\"file\"",
|
||
|
"misp:meta-category=\"file\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-object",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-object--855e4596-70af-4ec9-8471-2efd8ba7ea66",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-07-18T09:41:39.000Z",
|
||
|
"modified": "2019-07-18T09:41:39.000Z",
|
||
|
"labels": [
|
||
|
"misp:name=\"virustotal-report\"",
|
||
|
"misp:meta-category=\"misc\""
|
||
|
],
|
||
|
"x_misp_attributes": [
|
||
|
{
|
||
|
"type": "datetime",
|
||
|
"object_relation": "last-submission",
|
||
|
"value": "2019-06-19 21:05:11",
|
||
|
"category": "Other",
|
||
|
"uuid": "cbaec671-305f-4f57-aef0-4cd165490955"
|
||
|
},
|
||
|
{
|
||
|
"type": "link",
|
||
|
"object_relation": "permalink",
|
||
|
"value": "https://www.virustotal.com/file/bf6e6c7808a9bb023fc1fea1822438ad0b6ebefd1bdc703d2acb280c328a4eb1/analysis/1560978311/",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "05e95691-153a-4e2d-8120-a6da025b555a"
|
||
|
},
|
||
|
{
|
||
|
"type": "text",
|
||
|
"object_relation": "detection-ratio",
|
||
|
"value": "46/72",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "e402f89d-c139-423b-90a9-9432114dd561"
|
||
|
}
|
||
|
],
|
||
|
"x_misp_meta_category": "misc",
|
||
|
"x_misp_name": "virustotal-report"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--0b40b29f-6b71-4cfb-b529-2b30ea155b66",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-07-18T09:41:40.000Z",
|
||
|
"modified": "2019-07-18T09:41:40.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = 'd912771c8cd5720ad835e08eb80a77b6' AND file:hashes.SHA1 = '24767b14ab8ab53a3194ad16ba65cf9a5e2279e7' AND file:hashes.SHA256 = 'ae0655e0a18286a797171a891c96ca9fed5e880ad171bfeb21ed6c0afc00261d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-07-18T09:41:40Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "file"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:name=\"file\"",
|
||
|
"misp:meta-category=\"file\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-object",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-object--25782699-9e62-4a5c-a1d3-f6bbdcec04cb",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-07-18T09:41:41.000Z",
|
||
|
"modified": "2019-07-18T09:41:41.000Z",
|
||
|
"labels": [
|
||
|
"misp:name=\"virustotal-report\"",
|
||
|
"misp:meta-category=\"misc\""
|
||
|
],
|
||
|
"x_misp_attributes": [
|
||
|
{
|
||
|
"type": "datetime",
|
||
|
"object_relation": "last-submission",
|
||
|
"value": "2019-06-20 22:19:40",
|
||
|
"category": "Other",
|
||
|
"uuid": "ee2f27a1-5677-47a6-8e25-ddc8113659fb"
|
||
|
},
|
||
|
{
|
||
|
"type": "link",
|
||
|
"object_relation": "permalink",
|
||
|
"value": "https://www.virustotal.com/file/ae0655e0a18286a797171a891c96ca9fed5e880ad171bfeb21ed6c0afc00261d/analysis/1561069180/",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "ad6c4b04-e40b-4195-83ae-3320c5554afd"
|
||
|
},
|
||
|
{
|
||
|
"type": "text",
|
||
|
"object_relation": "detection-ratio",
|
||
|
"value": "48/72",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "48eda93b-9a4a-4564-95b5-0bf61abfd7ff"
|
||
|
}
|
||
|
],
|
||
|
"x_misp_meta_category": "misc",
|
||
|
"x_misp_name": "virustotal-report"
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-object",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-object--02aee86e-c588-4ea9-bd2e-aef1535846cd",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-07-19T09:16:20.000Z",
|
||
|
"modified": "2019-07-19T09:16:20.000Z",
|
||
|
"labels": [
|
||
|
"misp:name=\"virustotal-report\"",
|
||
|
"misp:meta-category=\"misc\""
|
||
|
],
|
||
|
"x_misp_attributes": [
|
||
|
{
|
||
|
"type": "datetime",
|
||
|
"object_relation": "last-submission",
|
||
|
"value": "2019-06-20 22:19:40",
|
||
|
"category": "Other",
|
||
|
"uuid": "a34f65ae-9d55-4730-b4bc-d9743afa3bd9"
|
||
|
},
|
||
|
{
|
||
|
"type": "link",
|
||
|
"object_relation": "permalink",
|
||
|
"value": "https://www.virustotal.com/file/ae0655e0a18286a797171a891c96ca9fed5e880ad171bfeb21ed6c0afc00261d/analysis/1561069180/",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "749ba503-e2a8-4491-8c9c-0e607d2cd3dc"
|
||
|
},
|
||
|
{
|
||
|
"type": "text",
|
||
|
"object_relation": "detection-ratio",
|
||
|
"value": "48/72",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "c9a70846-ec1a-4716-85a2-18ae57937c17"
|
||
|
}
|
||
|
],
|
||
|
"x_misp_meta_category": "misc",
|
||
|
"x_misp_name": "virustotal-report"
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-object",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-object--ecc0c45a-2208-4171-a606-ccacbe28b955",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-07-19T09:16:20.000Z",
|
||
|
"modified": "2019-07-19T09:16:20.000Z",
|
||
|
"labels": [
|
||
|
"misp:name=\"virustotal-report\"",
|
||
|
"misp:meta-category=\"misc\""
|
||
|
],
|
||
|
"x_misp_attributes": [
|
||
|
{
|
||
|
"type": "datetime",
|
||
|
"object_relation": "last-submission",
|
||
|
"value": "2019-06-19 21:05:11",
|
||
|
"category": "Other",
|
||
|
"uuid": "7f93341a-29e0-4a52-b71a-15b07b632f4a"
|
||
|
},
|
||
|
{
|
||
|
"type": "link",
|
||
|
"object_relation": "permalink",
|
||
|
"value": "https://www.virustotal.com/file/bf6e6c7808a9bb023fc1fea1822438ad0b6ebefd1bdc703d2acb280c328a4eb1/analysis/1560978311/",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "f3e93485-3178-490f-a77a-0412f6d09e1a"
|
||
|
},
|
||
|
{
|
||
|
"type": "text",
|
||
|
"object_relation": "detection-ratio",
|
||
|
"value": "46/72",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "52fb0fb6-0dce-4d09-a876-820f06f4762d"
|
||
|
}
|
||
|
],
|
||
|
"x_misp_meta_category": "misc",
|
||
|
"x_misp_name": "virustotal-report"
|
||
|
},
|
||
|
{
|
||
|
"type": "relationship",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "relationship--ae3e1dec-d04a-406f-ad7b-2c7c3bf4d0c9",
|
||
|
"created": "2019-07-19T09:16:20.000Z",
|
||
|
"modified": "2019-07-19T09:16:20.000Z",
|
||
|
"relationship_type": "analysed-with",
|
||
|
"source_ref": "indicator--5d109029-f448-4859-b7c3-acd8950d210f",
|
||
|
"target_ref": "x-misp-object--ecc0c45a-2208-4171-a606-ccacbe28b955"
|
||
|
},
|
||
|
{
|
||
|
"type": "relationship",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "relationship--a514f971-b232-4437-94c4-35ee4aee4918",
|
||
|
"created": "2019-07-19T09:16:20.000Z",
|
||
|
"modified": "2019-07-19T09:16:20.000Z",
|
||
|
"relationship_type": "analysed-with",
|
||
|
"source_ref": "indicator--5d1092e1-eb28-463b-83ec-47da950d210f",
|
||
|
"target_ref": "x-misp-object--02aee86e-c588-4ea9-bd2e-aef1535846cd"
|
||
|
},
|
||
|
{
|
||
|
"type": "relationship",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "relationship--1476c9e2-a9a1-4975-aa68-692290529c57",
|
||
|
"created": "2019-07-18T09:41:42.000Z",
|
||
|
"modified": "2019-07-18T09:41:42.000Z",
|
||
|
"relationship_type": "analysed-with",
|
||
|
"source_ref": "indicator--88a609e6-3d3d-4325-bac6-6be3cd920d7b",
|
||
|
"target_ref": "x-misp-object--855e4596-70af-4ec9-8471-2efd8ba7ea66"
|
||
|
},
|
||
|
{
|
||
|
"type": "relationship",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "relationship--ec1c4f58-055a-4607-a6e1-5a166496d35c",
|
||
|
"created": "2019-07-18T09:41:42.000Z",
|
||
|
"modified": "2019-07-18T09:41:42.000Z",
|
||
|
"relationship_type": "analysed-with",
|
||
|
"source_ref": "indicator--0b40b29f-6b71-4cfb-b529-2b30ea155b66",
|
||
|
"target_ref": "x-misp-object--25782699-9e62-4a5c-a1d3-f6bbdcec04cb"
|
||
|
},
|
||
|
{
|
||
|
"type": "marking-definition",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
||
|
"created": "2017-01-20T00:00:00.000Z",
|
||
|
"definition_type": "tlp",
|
||
|
"name": "TLP:WHITE",
|
||
|
"definition": {
|
||
|
"tlp": "white"
|
||
|
}
|
||
|
}
|
||
|
]
|
||
|
}
|