misp-circl-feed/feeds/circl/stix-2.1/10a54888-bba3-4af5-bc5b-fcda933ac0e2.json

111 lines
19 KiB
JSON
Raw Normal View History

2024-08-07 08:13:15 +00:00
{
"type": "bundle",
"id": "bundle--10a54888-bba3-4af5-bc5b-fcda933ac0e2",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-07-19T09:09:47.000Z",
"modified": "2024-07-19T09:09:47.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--10a54888-bba3-4af5-bc5b-fcda933ac0e2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-07-19T09:09:47.000Z",
"modified": "2024-07-19T09:09:47.000Z",
"name": "TR-87 - CrowdStrike Agent causing BSOD loop on Windows - Faulty Update on Falcon Sensor",
"published": "2024-07-19T09:10:01Z",
"object_refs": [
"indicator--2c00fe95-1d42-49c8-adee-3fb09588be59",
"x-misp-object--10555906-70b1-43f3-944b-fa15f6436ea9"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"tlp:clear",
"smart-airports-threats:system-failures=\"software-bugs\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2c00fe95-1d42-49c8-adee-3fb09588be59",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-07-19T09:06:00.000Z",
"modified": "2024-07-19T09:06:00.000Z",
"pattern": "[file:hashes.MD5 = '1618cd13c5263720ec958c3b24b9d1c8' AND file:hashes.SHA1 = 'cb8a27c7347d19bc0b23093a99816dfd8240dbc5' AND file:hashes.SHA256 = 'ad492bc8b884f9c9a5ce0c96087e722a2732cdb31612e092cdbf4a9555b44362' AND file:hashes.SHA512 = '2702ddd24a4160ba8f65287f71876afed1999f074d1885284ccc610bf412d99d00ae1bbe67bf1789a24a88e798d05c1e91090ae8d9d8c3df4d88cb2e7aa40cd6' AND file:hashes.SSDEEP = '384:bIy44Wo45c59r/qQqu1QhSn88MyU64guxkP5O84VLv8xB0+Cn:9495c59rSQBG8CJxfexBl0' AND file:name = 'ad492bc8b884f9c9a5ce0c96087e722a2732cdb31612e092cdbf4a9555b44362' AND file:size = '41004' AND (file:content_ref.payload_bin = 'UEsDBBQACQAIAKJI81g5t0D04SUAACygAAAgABwAMTYxOGNkMTNjNTI2MzcyMGVjOTU4YzNiMjRiOWQxYzhVVAkAA0AsmmZALJpmdXgLAAEEIQAAAAQhAAAA8FQnXr0Sf8CbzqVZJSB16ZM23QC7FgltmMPZ7SxwUfzUw3yMJFOW8gFnzCpqS2/ASBR37sGfLRQW+w+sEUmD4DvI/IHH+CIGsqIRUw8Gtp56AcwmGr67MCyi63O9JPmbNsQ5DgaE22GwKUcbk0Y4UQwDVZs7WmgBcUUsKw0zVP00jZkCMjvKO7oWRoYV21+NwLcK1fLhQBSg7OZtnPzq3ktdhKmTlVhS4XhiKAth7GHexq/v9VMpYSD2/YAM1ZibO3oZDsAUePjZywxl0O2LP5pJEpsNgIxvEaW5/Y7d01e6czeIkoiLNEiLo2LZF2pevv7MfP9JEeVjBICYpxqWw89KKVKH2EF1QxmuOh9CV2tYIwsoylTPj62mUWkvvOGo+rL4bIJ7inr3XRgUrAYfEiYtFMvFntmfCQEgk55RlZ0hqeA6IKkZGyiFPoe9o013xerOsS1wXzmL+vUDG2K2OgVDDtNeqIyIKxWLPFCNL6kx7jdij4yv1BiURqHvk76C0xOlIUdpCDEJXN683mfXOTLfobKRk440yg0utr+ntKbTgoH8YTF3Gy600UfwrZArhGP4zdOOm/xr902qp2Pbjhr8P86ClozOAinbyk/AWSSzllgkQhfNs78q+5RLU3RSAk4AIR2iCgAlFslv6wup/UzwsnRGMTFB+Z2Raq83wwIDeznccieSNQDPueFufJn6+xfGF/Xxbrq1S5CHeUmVJgPQuyEC01OhFBY4L5KiZ31sAwoNah7EzdCrrF8KE4Y8O7e07ZOikjb0txEQ/uixq98n0GvCmzx/6NucaSD4/TM0DJvVq6Gb4ORKW8na9EBeNyDnNXTqXbg1WE+ZFL19zzjTJsnfXX6pLg8hROAgVeB7IoZFCOD6Vdfs+QmN3GFU6LUWZ/74Cjts1tohT6H41P5oka2Klitch7QhHJ7U/eG+iTZKKuOtcSjqrIsYSI/tOGbVHrr8S0hMW7lf3Lj4K6Qhu7uYJCZO2C3Z8B0nFFPM0DKd/U1388HEfu4hWEc7OTGjV/M87h4rBKQM9k/v2VI1TgcgCxR4UG1g/Vs9quAwn6IPbosv6/wqpeOv9bBxms0GWJNYpj1eSIF4JDPKd2x8s19Qe/y9tT2hb2/Wsn5UaNQ8uCiTLDKvo7Y7KNR0vAhzkJdFcc3rnVuM41VU+ODaG6qqANynqDqXgt0tC5x7VNz3lhOwb0tCtIO68zXORp6jaQnj3Vhaoyo4I1UcQICD8ge1WeXamTuqHnWXtj/uiOHljZo5NWOKMEyNvPCvftxYj7gzZ6JYT4jIHnpdVN9mc2lRitpuiyNbCqh6Z8vPm/hGo4xwoXSqMrzgCZB+vF0rSULuUi95RY1JbR6IJVLI8ksPMC41wVzNBf3wfn/q4CBP1HTnwkYV8t9b7lxiozlP/GcjR8LRzSp0AsJ2hZ8XaeAYm/K0vztsJaXzbyAHsbZ4FawVajudOW/ZAxU8abZSJiZIddckHn6PLcBwJzdSAGxBP01DO90mTrv4wu9kRFrJXh2AOCE6PWa8sRZuZExjOzj43TjYgxnpNRkmO/kN+VmWyqkenKiyfxaCIARNMznevwZwTkWPccqq7YCYuLhr9hnJb0s9Q/dqst2zIFb4J0x8J9CpB7jpLCrklaK47KKkxspLpjlPBFNm+B2ngk/237J7BgME8CBUpCdEJufwUDVxUeTIbynPs5xTnhhU2APjfkDq+zImcjW/RaTpvI44KwF3ecCXx1N3IZSnsLA/+Jkkig4wrZTu3RlUGr60KKOMuih/4r/vLadsj/WqUVtcZVZpGLQvmwFg9nmzjPEkBOTKftQlK9MSf/fmtN0rMzLerXsl4LiwTWhsBNolAl/ev6P9Iw/0U56hkqIiysZAi0GX9ywLjKbBt78pAqC8vsBVr+ZqcXRLEt9/ukilvrFzXZ/LUVnw001yloKowAoblysfQxnko2WNtGuGKqKjGBsWXLOpezn9hZAYvihco+bND+I2wqtMQTVNytj2l6HL6sMAfvAGMnNALYbn0VNC+MTW9ib/ceXlBzp2Y8sQH1dJ3X+VLOfPNu+00PL7GO4ytgbFOyph9xn3EPEmJY++5YsrZD8LBZrXc0S5oNlm9dHr5VyUKjJK0d7w+y2vElYKlMNCmtRI3OGyoXkrrvaA3OeICnwqA0otj649uVy9nJK32yqG861FGSBph3a8yaaHkxAHPicCKT2R8DQagCzqCqVD8082pqdzUYnFSWHa6gvACG/AIVCNKo1rWjpuhVGfgHSuV24zRzCtLFmP0hks38bs8ypc/axHeir8We/EUlsfj6Vz/1vbkonaQ9NsJNS88tXlArX4RRWGXoef+zKJIj1I8KHjKJ5TbXx5AVUfsV/qdFsoj1EN1tHXBrla9/pmAY5hQbZ6+4+BoS4D0y3LYZxkH26NdLblunCkiDc2Ac9/PyA1IrwcuUnC0VB/USHbpyqhpO4F8bQ0WxO8eWrv/HinLwpxwqOqcMljlCkd59GbuKaivAYbBCE+xDEMlyfyRcgTjBmOlcjpiRbG38glGjTJj22CwqDuSulioHuPFCusZPpEnaTkBick0K68NPYP3gbKRPENbFQ3FokJt4y4q7xAABy6Zkwx5HacXNlM+Wc1ZFTjZ48vosjZycBSOUwknKknVts/z9Z8fL/jaKfOA9OuxdAI3h/kUlHUprMTgzyPqHhpqkaSXhgVh2JOxkROetuHv1/tU37JcFxgElytIaf39fAR2wL3xvQdVNRtbMzTTVKb+Za3tsKz0B6dcnVJvfnAytjHKc8yEwTSY+OEdBetF1x9wYbnfF42VoJ4Cd6uD7/Njd19RMHOytNMGrtHRRxDlLo92NvK7k2ohA4g6fSXgp7ZA8ucjjr7aZIJepBNJZA2BkBxpkZ8GbbOv8zekO07VGiIoLEFnsgOn68Mx71tLHRIPj0OVRCCAy7/C3ohpkWcgYZ8TgHu8tJutUeQWm8aMJJECDaVZYNnr4YX7hsRlVdByoa/u/L4mLwKQAI1drVGMUmLvUvdoXleci70iOQjZN1+BR9M3fT748MzxlJJ6flQxEfFGzRNeC1kNiamvbFRR2HqtwvG97QhNcbc/VwLGybZRQYwX/PLuvQ0mpmiDV6aERYgpkTaJX+hym7Tn0u41WaKOFwHDnOOEABStraFayCKX59kYdpILeSjysx7JQ+TDZsNHz7A0DUgk1jjcfVhDbGrrdSqebEB+eKkYD3uigQez0f95b84FTFcRtu3qPls3U2QEzPgTI4NKCAAl29PVCunem5BURaoHAuxNRMkRWEf6krfkPS6acObgDj+rPpqEYTv7hhfEuweqdQh/js
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-07-19T09:06:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--10555906-70b1-43f3-944b-fa15f6436ea9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-07-19T09:09:47.000Z",
"modified": "2024-07-19T09:09:47.000Z",
"labels": [
"misp:name=\"report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "link",
"value": "https://www.circl.lu/pub/tr-87/",
"category": "External analysis",
"uuid": "6a620f18-bdee-409a-a412-b52a5c8c0494"
},
{
"type": "text",
"object_relation": "title",
"value": "TR-87 - CrowdStrike Agent causing BSOD loop on Windows - Faulty Update on Falcon Sensor",
"category": "Other",
"uuid": "1be6ed60-b90d-4329-a721-d3620891b736"
},
{
"type": "text",
"object_relation": "type",
"value": "Report",
"category": "Other",
"uuid": "5aabba67-281e-4001-9ba0-f78afa74dfd6"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "report"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}