{"Event":{"info":"OSINT - Felipe, a new infostealer Trojan","Tag":[{"colour":"#004646","exportable":true,"name":"type:OSINT"},{"colour":"#0071c3","exportable":true,"name":"osint:lifetime=\"perpetual\""},{"colour":"#0087e8","exportable":true,"name":"osint:certainty=\"50\""},{"colour":"#ffffff","exportable":true,"name":"tlp:white"},{"colour":"#284800","exportable":true,"name":"malware_classification:malware-category=\"Trojan\""},{"colour":"#500064","exportable":true,"name":"ms-caro-malware:malware-type=\"Trojan\""},{"colour":"#00183c","exportable":true,"name":"ms-caro-malware-full:malware-type=\"Trojan\""},{"colour":"#004f4f","exportable":true,"name":"ecsirt:malicious-code=\"trojan\""},{"colour":"#5a0041","exportable":true,"name":"CERT-XLM:malicious-code=\"trojan-malware\""},{"colour":"#bd472d","exportable":true,"name":"keylogger/infostealer"},{"colour":"#e7007d","exportable":true,"name":"workflow:state=\"incomplete\""},{"colour":"#72003d","exportable":true,"name":"workflow:todo=\"add-missing-misp-galaxy-cluster-values\""}],"publish_timestamp":"0","timestamp":"1563527786","Object":[{"comment":"","template_uuid":"688c46fb-5edb-40a3-8273-1af7923e2215","uuid":"5d109029-f448-4859-b7c3-acd8950d210f","sharing_group_id":"0","timestamp":"1563527779","description":"File object describing a file with meta-information","template_version":"17","ObjectReference":[{"comment":"","object_uuid":"5d109029-f448-4859-b7c3-acd8950d210f","uuid":"5d318a64-ab70-46b3-a836-478802de0b81","timestamp":"1563527780","referenced_uuid":"ecc0c45a-2208-4171-a606-ccacbe28b955","relationship_type":"analysed-with"}],"Attribute":[{"comment":"","category":"Payload delivery","uuid":"5d109029-0080-4cca-aa98-acd8950d210f","timestamp":"1561371771","to_ids":true,"value":"vshost.exe","disable_correlation":true,"object_relation":"filename","type":"filename"},{"comment":"Win XP","category":"Other","uuid":"5d109034-4474-44fc-8b1a-acd8950d210f","timestamp":"1561371771","to_ids":false,"value":"%UserProfile%\\Local Settings\\Temp\\vshost.exe","disable_correlation":false,"object_relation":"fullpath","type":"text"},{"comment":"Win7/Win10","category":"Other","uuid":"5d109036-d118-485b-b410-acd8950d210f","timestamp":"1561371771","to_ids":false,"value":"%UserProfile%\\AppData\\Local\\Temp\\vshost.exe","disable_correlation":false,"object_relation":"fullpath","type":"text"},{"comment":"Win XP","category":"Other","uuid":"5d109036-372c-462d-a643-acd8950d210f","timestamp":"1561371771","to_ids":false,"value":"%UserProfile%\\Local Settings\\Temp\\","disable_correlation":true,"object_relation":"path","type":"text"},{"comment":"Win7/Win10","category":"Other","uuid":"5d109037-0f64-4ced-80e0-acd8950d210f","timestamp":"1561371771","to_ids":false,"value":"%UserProfile%\\AppData\\Local\\Temp\\","disable_correlation":true,"object_relation":"path","type":"text"},{"comment":"","category":"Payload delivery","uuid":"5d10a47b-08ec-4f3f-8f7c-429e950d210f","timestamp":"1561371771","to_ids":true,"value":"15ce8f849fff4cc8675900ec838a93f9","disable_correlation":false,"object_relation":"md5","type":"md5"}],"distribution":"5","meta-category":"file","name":"file"},{"comment":"","template_uuid":"688c46fb-5edb-40a3-8273-1af7923e2215","uuid":"5d1092e1-eb28-463b-83ec-47da950d210f","sharing_group_id":"0","timestamp":"1563527780","description":"File object describing a file with meta-information","template_version":"17","ObjectReference":[{"comment":"","object_uuid":"5d1092e1-eb28-463b-83ec-47da950d210f","uuid":"5d318a64-760c-4068-8cd1-400e02de0b81","timestamp":"1563527780","referenced_uuid":"02aee86e-c588-4ea9-bd2e-aef1535846cd","relationship_type":"analysed-with"}],"Attribute":[{"comment":"","category":"Payload delivery","uuid":"5d1092e2-b6b4-47b7-856b-47b9950d210f","timestamp":"1561369949","to_ids":true,"value":"explorer32.exe","disable_correlation"
