2023-12-14 13:47:04 +00:00
|
|
|
{
|
2023-12-14 14:30:15 +00:00
|
|
|
"Event": {
|
|
|
|
|
"analysis": "0",
|
|
|
|
|
"date": "2023-10-10",
|
|
|
|
|
"extends_uuid": "",
|
|
|
|
|
"info": "AA23-250A: Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475",
|
|
|
|
|
"publish_timestamp": "1696961413",
|
|
|
|
|
"published": true,
|
|
|
|
|
"threat_level_id": "3",
|
|
|
|
|
"timestamp": "1696961391",
|
|
|
|
|
"uuid": "08af4546-b6e5-4cdc-ab0f-d5290dec8307",
|
|
|
|
|
"Orgc": {
|
|
|
|
|
"name": "CIRCL",
|
|
|
|
|
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
|
|
|
|
|
},
|
|
|
|
|
"Tag": [
|
|
|
|
|
{
|
|
|
|
|
"colour": "#828f60",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"041bc611-87da-4ad4-a46b-b37926180b7d\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#e4b282",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"e56fb691-4acb-4a45-890f-9988ca8e1db1\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#caa635",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"89ec2169-2205-4c7e-95e2-11d3e85443a4\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#d05c29",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"719b79ce-4e59-4862-8d3e-282b97124d57\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#7be860",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"bbd6c5d0-6c1f-41db-8591-6be6c853af15\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#5d9458",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"3456fa61-e230-42b8-b100-d1cf560ba095\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#9f4fe6",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"2c373316-6ce5-4f43-9daf-02c94cb0c0a5\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#28f071",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"0eea33ef-23b6-413e-9e29-3f06b0fe9c9e\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#fd2a40",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"edc3317c-b298-4364-8977-486afac37cb5\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#2f25f9",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"69d1635c-cd2b-4331-8a2c-8b66e98f45d8\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#d06241",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"343f4ca7-4745-4f12-ad76-25538936deea\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#f4da83",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"a860bd61-390f-4a33-976e-9d421c245615\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#6c9f1e",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"ce5ab594-3c59-45af-8338-65901d1d027c\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#e66c1b",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"8ef65734-9d51-48d4-aea6-fc775f92f4fa\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#b14e06",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"5b330985-0104-4097-a7b7-eac5fd65322f\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#45eb95",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"fc5b8a15-c3de-4c93-803a-ce92b76e54e7\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#858835",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"c57876e5-099a-4b04-8f09-6ff9cf266048\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#2d0219",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"fd846751-22ce-46b4-a232-cc4f8797596c\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#05e7b7",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"691e655e-5f24-4a03-9742-10c04e70e81c\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#5485e2",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"7b8278a3-fae9-455a-aad6-475a51d8ec78\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#0a49bb",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"6fde81c5-4e69-4e50-b065-d1f40160d688\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#020323",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"fc682b58-a253-40a6-b734-214d976b1209\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#12646a",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"3cbb3d7b-4cae-4c7e-a682-e8b70e3f1ee4\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#1ae406",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"d574506b-78ac-4061-b01f-096e192435b9\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#1fdf99",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"f01496d3-6783-4574-b690-55d1c058658b\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#d08ba3",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"49168b08-e6dd-40a0-acbf-c3ad19629c10\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#d47714",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"f73cb603-750c-4b48-b539-2981bd11f4f8\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#a222c6",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"75ebee53-fa0b-40a5-a03b-086b1ad78ae6\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#45564f",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"cdba188f-b6e9-4d05-8c71-55c2635f18ee\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#d2d35b",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"2d3008ec-0ef3-4040-ad90-02bfffcbcb4f\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#b1333c",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"b657c846-82a5-49d4-a21a-c03333b3e084\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#4fe6b8",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"66ab02e2-e21d-411d-95aa-c10d2b6af7bc\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#db020e",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"e5d5721d-7dac-4c8f-ad36-40d68e7b2cf1\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#a98cd9",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"ad406ffd-dc56-467f-a3d1-d5766a19088d\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#7d3ac0",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"126cf03a-a600-4214-b0c1-ff3a96da40d3\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#0eadd1",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"d300ed74-db05-4581-9313-2d6c3c49bb40\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#f47d4e",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"af1564b9-286f-4fd9-a083-eaa0c45e7ea4\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#204d26",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"7c4ba5a6-711b-4cd1-be8a-e2f08bfbc184\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#19e2d2",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"031d44b0-5163-4433-8d8f-f5e2c170746a\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#b0e911",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"bd7ea606-6be2-4e66-8e25-0aa73bbfaf53\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#8530a4",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"a4c8d6ab-0459-4347-a05a-280aa81d8edd\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#73eade",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"296cae9a-96c9-412c-8e4e-c7be9405208c\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#b83e56",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"200007b9-4c5a-4604-8f10-46ec46853048\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#398689",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"c566cd7d-819f-4e39-b93a-80c0e5bfcafc\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#b0248a",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"f4702807-c428-41f7-8097-6f19070186e6\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#89aee9",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"b73d96e3-ae7f-4095-83de-fa2523d887d7\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#330d27",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"0a35d2c4-896f-410f-a410-5a156d1aeb68\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#fa56f5",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"b0bd15d0-884d-4df2-ac3a-3256f3e18917\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#158c80",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"cf4144e8-d431-4618-a4cc-809ee0c82d0d\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#0a18c4",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"8a841dab-f386-454d-8112-6bab03a8b650\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#56b70b",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"2f48791f-e918-422f-b154-8cf13b2c470d\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#9aabf7",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"c2685af8-747a-45d3-956a-819124642abf\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#67b470",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"24a836a9-ec21-420b-b459-23cdc1ce47b8\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#6c4795",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"dfe708b2-695a-4243-950d-bec6b39c222e\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#1b3ac1",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:stix-2.1-attack-pattern=\"1655f4f3-154f-4242-b716-1cd743998f42\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#004646",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "type:OSINT",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#0071c3",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "osint:lifetime=\"perpetual\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#0087e8",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "osint:certainty=\"50\"",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#ffffff",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "tlp:white",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"colour": "#ffffff",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "tlp:clear",
|
|
|
|
|
"relationship_type": ""
|
|
|
|
|
}
|
|
|
|
|
],
|
|
|
|
|
"Attribute": [
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "29a23e64-3f04-4059-b5dc-3c107cfaa2ee",
|
|
|
|
|
"value": "102.129.145.232"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "d58c69ca-37bb-4365-9c39-06866104c51a",
|
|
|
|
|
"value": "191.96.106.40"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "af055e61-18a6-4f48-b8d2-70a618d8d963",
|
|
|
|
|
"value": "184.170.241.27"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "69a47521-51ec-43b5-b017-2336e4095dd0",
|
|
|
|
|
"value": "154.6.93.24"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "f7125e4d-5901-4030-b65b-60652e11b9ed",
|
|
|
|
|
"value": "154.6.93.32"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "a129705a-4f65-4be6-b642-9c6447e79f5b",
|
|
|
|
|
"value": "154.6.93.12"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "756adba7-c4fb-42e8-97e3-261b920a5a9c",
|
|
|
|
|
"value": "154.6.93.5"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "38a421c9-f604-476d-8b68-f3e0495deedd",
|
|
|
|
|
"value": "154.6.93.22"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "2c644d8f-00bd-4495-ae61-eea1f88178be",
|
|
|
|
|
"value": "154.6.91.26"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "549618d5-01ba-4827-a42e-5b76f458fb07",
|
|
|
|
|
"value": "103.105.49.108"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "e56bf5af-2fbf-4d76-b6ea-1680e37da537",
|
|
|
|
|
"value": "80.85.241.15"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "7b3994a9-fc1d-4f5c-b3fc-338bf868dd7d",
|
|
|
|
|
"value": "92.118.39.82"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "acf17c01-604f-4389-b045-cbf91f19872c",
|
|
|
|
|
"value": "192.142.226.153"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2022-03-29T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "b0185157-6c58-45f2-bc6e-d20bba8c704e",
|
|
|
|
|
"value": "xpack.disqus.com"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "42e8bb8d-fd22-4e9e-8007-68cb2c414c76",
|
|
|
|
|
"value": "207.246.105.240"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "3d465228-0d62-45af-bc6d-d3937f0fe010",
|
|
|
|
|
"value": "193.142.146.226"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "a7384582-e1bb-4517-97d8-a155ce331e36",
|
|
|
|
|
"value": "104.238.234.145"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "687da116-4e80-41c7-a9dc-651251cd4119",
|
|
|
|
|
"value": "68.177.56.38"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "fe5a6cfa-e45f-4d6d-bd1f-3181f13bf5c3",
|
|
|
|
|
"value": "108.62.118.160"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "0f5b5908-314b-4e1d-a2ef-815431f2aeae",
|
|
|
|
|
"value": "144.202.2.71"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "171a8786-25e7-4990-8481-2d544656eea5",
|
|
|
|
|
"value": "179.60.147.4"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "c877ade3-6962-446e-a18e-5afe577af079",
|
|
|
|
|
"value": "45.90.123.194"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "bc20b137-373e-40ba-90c0-988b89eaddc1",
|
|
|
|
|
"value": "main.cloudfronts.net"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "domain",
|
|
|
|
|
"uuid": "a2388459-6096-47ce-85f4-32d97326c0ce",
|
|
|
|
|
"value": "cloudfronts.net"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "5bd757b4-c470-4ce4-9d37-c8766e6a289b",
|
|
|
|
|
"value": "47.90.240.218"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Network activity",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"first_seen": "2019-07-15T00:00:00+00:00",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "ip-dst",
|
|
|
|
|
"uuid": "e9ff170a-f28d-4a0d-8e32-2beeaaf94360",
|
|
|
|
|
"value": "45.77.121.232"
|
|
|
|
|
}
|
|
|
|
|
],
|
|
|
|
|
"Object": [
|
|
|
|
|
{
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"meta-category": "file",
|
|
|
|
|
"name": "file",
|
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
|
"template_version": "24",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"uuid": "900caf89-3409-4f27-8f95-92c188df2a93",
|
|
|
|
|
"Attribute": [
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "md5",
|
|
|
|
|
"timestamp": "1696961286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "99d21d69-850c-4d44-b1a7-490c7bad0574",
|
|
|
|
|
"value": "a33354d598b58f2e55eb3619c3465f24"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "sha256",
|
|
|
|
|
"timestamp": "1696961286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "94be963b-86e7-430a-9b2c-cbb1a7d06ea3",
|
|
|
|
|
"value": "6dcc7b5e913154abac69687fcfb6a58ac66ec9b8cc7de7afd8832a9066b7bdde"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"meta-category": "file",
|
|
|
|
|
"name": "file",
|
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
|
"template_version": "24",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"uuid": "f4e8bd8c-7cbc-4630-8610-861e3d684d57",
|
|
|
|
|
"Attribute": [
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "md5",
|
|
|
|
|
"timestamp": "1696961286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "b558c488-ab52-4c35-8ba4-ac85851046af",
|
|
|
|
|
"value": "1a0e111e60e543810423ef073b545c77"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "sha256",
|
|
|
|
|
"timestamp": "1696961286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "860d88f7-c68d-4138-be45-3e5b96e0931d",
|
|
|
|
|
"value": "47dacb8f0b157355a4fd59ccbac1c59b8268fe84f3b8a462378b064333920622"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"meta-category": "file",
|
|
|
|
|
"name": "file",
|
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
|
"template_version": "24",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"uuid": "b2b8b925-8ec5-435f-b4e5-874a1e4dc598",
|
|
|
|
|
"Attribute": [
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "md5",
|
|
|
|
|
"timestamp": "1696961286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "8e6c6067-2f98-4a11-b9fc-23d3a7baff4e",
|
|
|
|
|
"value": "76adb0e36aac40cae0ebeb9f4bd38b52"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "sha256",
|
|
|
|
|
"timestamp": "1696961286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "45cde164-cac7-4964-bfe1-edd46ceed882",
|
|
|
|
|
"value": "79a9136eedbf8288ad7357ddaea3a3cd1a57b7c6f82adffd5a9540e1623bfb63"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"description": "File object describing a file with meta-information",
|
|
|
|
|
"first_seen": "2023-01-01T00:00:00+00:00",
|
|
|
|
|
"meta-category": "file",
|
|
|
|
|
"name": "file",
|
|
|
|
|
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
|
|
|
|
|
"template_version": "24",
|
|
|
|
|
"timestamp": "1694013286",
|
|
|
|
|
"uuid": "2ecb5c9c-f6b7-4b49-affd-5de8c9c8862b",
|
|
|
|
|
"Attribute": [
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "md5",
|
|
|
|
|
"timestamp": "1696961286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "md5",
|
|
|
|
|
"uuid": "5f645ced-d221-44a7-9663-a6b8e7417389",
|
|
|
|
|
"value": "b8967a33e6c1aee7682810b6b994b991"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Payload delivery",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": false,
|
|
|
|
|
"object_relation": "sha256",
|
|
|
|
|
"timestamp": "1696961286",
|
|
|
|
|
"to_ids": true,
|
|
|
|
|
"type": "sha256",
|
|
|
|
|
"uuid": "e98b2250-bdf3-4f94-b982-10b828d29f2f",
|
|
|
|
|
"value": "334c2d0af191ed96b15095a4a098c400f2c0ce6b9c66d1800f6b74554d59ff4b"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"description": "Object describing the original file used to import data in MISP.",
|
|
|
|
|
"meta-category": "file",
|
|
|
|
|
"name": "original-imported-file",
|
|
|
|
|
"template_uuid": "4cd560e9-2cfe-40a1-9964-7b2e797ecac5",
|
|
|
|
|
"template_version": "2",
|
|
|
|
|
"timestamp": "1696961326",
|
|
|
|
|
"uuid": "a7c6ce3c-81e2-4e9a-a964-cea196615b3e",
|
|
|
|
|
"Attribute": [
|
|
|
|
|
{
|
|
|
|
|
"category": "External analysis",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"data": "ewogICAgInR5cGUiOiAiYnVuZGxlIiwKICAgICJpZCI6ICJidW5kbGUtLTU1MWJmOWFjLTc2MjUtNDY0OS1hN2RmLWNiM2U5YTEyZGIzMSIsCiAgICAib2JqZWN0cyI6IFsKICAgICAgICB7CiAgICAgICAgICAgICJpZCI6ICJsb2NhdGlvbi0tNTkwMzBhZTAtZDI2My00M2M1LWE4ZjAtOTkxMWMzMzgyZTM0IiwKICAgICAgICAgICAgInNwZWNfdmVyc2lvbiI6ICIyLjEiLAogICAgICAgICAgICAidHlwZSI6ICJsb2NhdGlvbiIsCiAgICAgICAgICAgICJjb3VudHJ5IjogIlVTIiwKICAgICAgICAgICAgImFkbWluaXN0cmF0aXZlX2FyZWEiOiAiVVMtREMiLAogICAgICAgICAgICAiY3JlYXRlZCI6ICIyMDIzLTA5LTA2VDE1OjE0OjQ2LjAwMFoiLAogICAgICAgICAgICAibW9kaWZpZWQiOiAiMjAyMy0wOS0wNlQxNToxNDo0Ni4wMDBaIiwKICAgICAgICAgICAgImNyZWF0ZWRfYnlfcmVmIjogImlkZW50aXR5LS1iM2JjYTNjMi0xZjNkLTRiNTQtYjQ0Zi1kYWM0MmMzYThmMDEiLAogICAgICAgICAgICAib2JqZWN0X21hcmtpbmdfcmVmcyI6IFsKICAgICAgICAgICAgICAgICJtYXJraW5nLWRlZmluaXRpb24tLWY3ZTRmNTA0LWMyNDctNDVkZi05NTliLWY0NGViYmE4YTk5MCIsCiAgICAgICAgICAgICAgICAibWFya2luZy1kZWZpbml0aW9uLS1mODhkMzFmNi00ODZmLTQ0ZGEtYjMxNy0wMTMzM2JkZTBiODIiCiAgICAgICAgICAgIF0KICAgICAgICB9LAogICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAibWFya2luZy1kZWZpbml0aW9uIiwKICAgICAgICAgICAgInNwZWNfdmVyc2lvbiI6ICIyLjEiLAogICAgICAgICAgICAiaWQiOiAibWFya2luZy1kZWZpbml0aW9uLS1mN2U0ZjUwNC1jMjQ3LTQ1ZGYtOTU5Yi1mNDRlYmJhOGE5OTAiLAogICAgICAgICAgICAiY3JlYXRlZCI6ICIyMDIzLTAzLTAyVDE2OjEyOjQ1LjA2NVoiLAogICAgICAgICAgICAiZXh0ZW5zaW9ucyI6IHsKICAgICAgICAgICAgICAgICJleHRlbnNpb24tZGVmaW5pdGlvbi0tM2E2NTg4NGQtMDA1YS00MjkwLTgzMzUtY2IyZDc3OGE4M2NlIjogewogICAgICAgICAgICAgICAgICAgICJleHRlbnNpb25fdHlwZSI6ICJwcm9wZXJ0eS1leHRlbnNpb24iLAogICAgICAgICAgICAgICAgICAgICJpZGVudGlmaWVyIjogImlzYTpndWlkZS4xOTAwMS5BQ1MzLTlkNDg1ZDUyLTIyZjktNGM5Yy04OGUzLWYwNjJjNmFmNjY0YSIsCiAgICAgICAgICAgICAgICAgICAgImNyZWF0ZV9kYXRlX3RpbWUiOiAiMjAyMy0wMy0wMlQxNjoxMjo0NS4wNjVaIiwKICAgICAgICAgICAgICAgICAgICAicmVzcG9uc2libGVfZW50aXR5X2N1c3RvZGlhbiI6ICJVU0EuREhTLk5DQ0lDIiwKICAgICAgICAgICAgICAgICAgICAicmVzcG9uc2libGVfZW50aXR5X29yaWdpbmF0b3IiOiAiVVNBLkRIUy5OQ0NJQyIsCiAgICAgICAgICAgICAgICAgICAgInBvbGljeV9yZWZlcmVuY2UiOiAidXJuOmlzYTpwb2xpY3k6YWNzOm5zOnYzLjA/cHJpdmRlZmF1bHQ9ZGVueSZzaGFyZWRlZmF1bHQ9ZGVueSIsCiAgICAgICAgICAgICAgICAgICAgImNvbnRyb2xfc2V0IjogewogICAgICAgICAgICAgICAgICAgICAgICAiY2xhc3NpZmljYXRpb24iOiAiVSIsCiAgICAgICAgICAgICAgICAgICAgICAgICJmb3JtYWxfZGV0ZXJtaW5hdGlvbiI6IFsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICJJTkZPUk1BVElPTi1ESVJFQ1RMWS1SRUxBVEVELVRPLUNZQkVSU0VDVVJJVFktVEhSRUFUIgogICAgICAgICAgICAgICAgICAgICAgICBdCiAgICAgICAgICAgICAgICAgICAgfSwKICAgICAgICAgICAgICAgICAgICAiYXV0aG9yaXR5X3JlZmVyZW5jZSI6IFsKICAgICAgICAgICAgICAgICAgICAgICAgInVybjppc2E6YXV0aG9yaXR5OmFpcyIKICAgICAgICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICAgICAgICJhY2Nlc3NfcHJpdmlsZWdlIjogWwogICAgICAgICAgICAgICAgICAgICAgICB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAicHJpdmlsZWdlX2FjdGlvbiI6ICJDSVNBVVNFUyIsCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAicnVsZV9lZmZlY3QiOiAicGVybWl0IiwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICJwcml2aWxlZ2Vfc2NvcGUiOiB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgImVudGl0eSI6IFsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIkFMTCIKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJwZXJtaXR0ZWRfbmF0aW9uYWxpdGllcyI6IFsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIkFMTCIKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJwZXJtaXR0ZWRfb3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIkFMTCIKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJzaGFyZWFiaWxpdHkiOiBbCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJBTEwiCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgXQogICAgICAgICAgICAgICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAgICAgICAiZnVydGhlcl9zaGFyaW5nIjogWwogICAgICAgICAgICAgICAgICAgICAgICB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAic2hhcmluZ19zY29wZSI6IFsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAiVVNBLlVTRyIKICAgICAgICAgICAgICAgICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAicnVsZV9lZmZlY3QiOiAicGVybWl0IgogICAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAgICAgXQogICAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgfSwKICAgICAgIC
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": true,
|
|
|
|
|
"object_relation": "imported-sample",
|
|
|
|
|
"timestamp": "1696961326",
|
|
|
|
|
"to_ids": false,
|
|
|
|
|
"type": "attachment",
|
|
|
|
|
"uuid": "00f57868-167d-42ce-a3e1-1ea2e3d28da7",
|
|
|
|
|
"value": "AA23-250A Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475.stix_.json"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"category": "Other",
|
|
|
|
|
"comment": "",
|
|
|
|
|
"deleted": false,
|
|
|
|
|
"disable_correlation": true,
|
|
|
|
|
"object_relation": "format",
|
|
|
|
|
"timestamp": "1696961326",
|
|
|
|
|
"to_ids": false,
|
|
|
|
|
"type": "text",
|
|
|
|
|
"uuid": "6d5ba7da-c007-4d52-8e64-44bcd468a5fe",
|
|
|
|
|
"value": "STIX 2.1"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
2023-12-14 13:47:04 +00:00
|
|
|
]
|
2023-12-14 14:30:15 +00:00
|
|
|
}
|
2023-12-14 13:47:04 +00:00
|
|
|
}
|
