misp-circl-feed/feeds/circl/stix-2.1/578cd192-e448-45a8-abca-497a950d210f.json

{
    "type": "bundle",
    "id": "bundle--578cd192-e448-45a8-abca-497a950d210f",
    "objects": [
        {
            "type": "identity",
            "spec_version": "2.1",
            "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-18T13:34:46.000Z",
            "modified": "2016-07-18T13:34:46.000Z",
            "name": "CIRCL",
            "identity_class": "organization"
        },
        {
            "type": "report",
            "spec_version": "2.1",
            "id": "report--578cd192-e448-45a8-abca-497a950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-18T13:34:46.000Z",
            "modified": "2016-07-18T13:34:46.000Z",
            "name": "Malspam 2016-07-18 .wsf->.gif (campaign: \"RE: firstname.lastname\")",
            "published": "2016-07-18T13:35:29Z",
            "object_refs": [
                "indicator--578cd1e6-e39c-4f9f-89ad-44cd950d210f",
                "indicator--578cd1e6-462c-4373-9a98-470c950d210f",
                "indicator--578cd1e7-89f0-401a-a679-4be5950d210f",
                "indicator--578cdab9-78c4-489f-8a5f-4586950d210f",
                "indicator--578cdaba-3008-431f-b7d2-44a4950d210f",
                "indicator--578cdabb-00c8-43d6-a797-4b97950d210f",
                "observed-data--578cdaf6-8720-469c-a1d7-42ea02de0b81",
                "url--578cdaf6-8720-469c-a1d7-42ea02de0b81"
            ],
            "labels": [
                "Threat-Report",
                "misp:tool=\"MISP-STIX-Converter\"",
                "circl:incident-classification=\"malware\""
            ],
            "object_marking_refs": [
                "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--578cd1e6-e39c-4f9f-89ad-44cd950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-18T12:56:06.000Z",
            "modified": "2016-07-18T12:56:06.000Z",
            "description": "download location",
            "pattern": "[url:value = 'http://hotgoolrw.top/admin.php?f=1.gif']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-07-18T12:56:06Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Network activity"
                }
            ],
            "labels": [
                "misp:type=\"url\"",
                "misp:category=\"Network activity\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--578cd1e6-462c-4373-9a98-470c950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-18T12:56:06.000Z",
            "modified": "2016-07-18T12:56:06.000Z",
            "description": "download location",
            "pattern": "[file:name = 'hotgoolrw.top']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-07-18T12:56:06Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"filename\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--578cd1e7-89f0-401a-a679-4be5950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-18T12:56:07.000Z",
            "modified": "2016-07-18T12:56:07.000Z",
            "description": "download location",
            "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.95.114.10']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-07-18T12:56:07Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Network activity"
                }
            ],
            "labels": [
                "misp:type=\"ip-dst\"",
                "misp:category=\"Network activity\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--578cdab9-78c4-489f-8a5f-4586950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-18T13:33:59.000Z",
            "modified": "2016-07-18T13:33:59.000Z",
            "description": "actual malware",
            "pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIADds8khwG1/LAGkDAIa4AwAgABwANzdjYTZkMDY1NDRmN2EwNmFiYzY4ZDQ3M2YwZDhmYjhVVAkAA7najFe52oxXdXgLAAEEIQAAAAQhAAAA276ZOMkxln65VJFrX6m4oRC7tYKOrhkR8ezx6N7c47ryjZD4XCc0WYVQHnCWowTpuruLdmAkU7XfyXJjKmyLRwBQDcGaL8H7e8qsEZBbId0gjhvH8uMcoIE99tDqqd6Dki3Xk6FVh4drpyIWBm4q+aYdJWF5M863XMlcXeDLhhQe8pcDVIC0BzC8n4sf85sS98tFOuG7eSET00L+QOlwqAGY2bZXqeUp796BLveWVsX7Z8/5lkxzfcrw0luoVgYXMaS+NxeNDAvuJa2wfAD0w5m2cM8jtGW7Vlgxa5yUkKECki6C+z6rQ4VhmjSC6lFf5/4zsPmMsNWibtp/pJxrF20cTEaoD6AN2PHm2OCdGNy8eMRsMepDkKli1AnJPbaJrPEbu+VK2npKI5KPRgl4ZxnJiqxkfkgqybFgzRBB+MJBJfcxsL4tefsyJd6wjdqZ6Or/ZhmJ8kKeFsxAebA+OycyvURwUj8paVynmPrlMFdeSirukxiZVop0AWFE41O0k7dkq/jW9zcYbFr5HF3GNBtBQbsJLvBqswDS8xILpm2FL936g1Izl4sS5S3p2CZswVbag9Jk1FMpLXJuts4Pug8JB8AqEY5WuajcNNHZYbj1Bg6oO8i87CdvQBewXBSROc43GdgyWeg3AYF6+NImOmI0SnsV6JZ/5b6kSERKDezG0Xicb6sb1a1PKhQ3U1i+tVSPzH6pAAGvEWF4zsYSiDjLSHcCXaVEKimeywSUQxwSDzJgyDnqURRkCsRLlcq1G4XhpJzs20vwhsfP7WV1E/04tbJrPlfPS09FazOV7VTALlHoZlPXIMemAp7yrEudtRXFd0BJNNBv+LvRveSsvPDl+gKRtAGzSl0w9wTMVldOA+F6cktTmC1M1wTJ/0n2E6T0y7u1Ebx/J+kG3+4aAjzcTpRnQ569ABM28IaFgVuPPYLOVdB/eqed/OULFNaGFcIf2glv2OgzOr0VpXMbndaoh+uo1PB2+jkuH/WzuZ9SYRiYUPigT1ezNgmL7yQhAFOjHJnt7ULZStTtRsxCXCzImrpQr9vMvGH75LwC4NjwLBOo7ywSZL8T9Tqep6h0+Nrlr2UzRYDtSbkmdJ8PoC2Iq0NQzUmE3X/Y/IHZUk1m7SqecYuZSd5eaA7excd6MmoFNPWbF2j4lhKg2HcTCLvjPZ3IdphQ0yo0EGNMjVEVMdDaHGH2cJZjXec8COylR0T8y91WRlT5WEpFUNdEAO3fFiaJh3cjl+9oFO7AVci+QqiAmTsymBoOP9UjIeWllDGTHSV5ki8UOC/HQqVHEZN9KmaOTMDePVjbFByuk3sLAYwZ8w7qcL92qsWDwMKwqXXzzMQBebGEtAsuutFDGKzgly+4sbZ+002Q9TSVKbNtPEf1YlIV479peCleiGlz3wDTEXdvJwCa/+b0RluhkSgOO6p0qBoXbhVOeMIskg3VUIoW+gyIeCqKMs7vG7s5aCI60VrAG0Ol1PIp1NBGsmQH7MoEX8L5JN73nnHjnoAFW6MVfurNpHJsJq4At5pWMjeJS/FD5hg3e49wPs/kjkKUqUzSS32f8tzoKUHAbwwMjrHZCkVHp3RuBXamGE1KpZRIOrhazdtUCqoUUmNn2HIIMNaY9Y3zylC4aO9HXq186EMWfi61neluT9RjIMWv0c1JQF/7uPYNqOPrMgh/fL3WVoTVglr0lwlfXaQceRf9bb499PuNucBZ/hPnAIzBEghwhmQNlLxdCM6KbQisESYbdC9kRlqoiAhoovETgt0dsqvMqyav43NWQ4JV6MikIC4un8zdanMhOCnZkyVzOGE1uKihS0wyZBBvwqpGu6CDVus9ZaSp3oD4e7QQA1oFo6Jd0lPM16FyvVvNzYqVzJUq+ws+rsvCB2ctuuQGawvgY7O0+cmjazmFVogm1sISguZaIv5jqno5MSTEquIW6pmIxgCymkBy4jy9b83/Cv148fooc5quMxd1Qlj+b8yKwb8Yi9N3Nqq5/qfkO9oYb0zb/FUekHQiP/kpA4v6wlODn2ISglHMZOnVmviDRB82cS4C2q+zKzOCT6xh13olOzqpIH/MCU/CDjNJTGTrHr2K9KTF8tfXX4qO6pXYqfnoE413MyJTfw4PGVBO5d24uhO/loUlQLQAwG6ZpyhEKQ7OwXh59LJ6qIJu0GPN0neIn+8H0i9pEJxqtBf2aqEZhlGJsw7VQImcBdb14CKIjWmfzXedl5GwX05UWUzAiWtudaLjAE6MOzReP99H5BzarmLrG2kmphX4TjWM4muv1lLYxrpURdvKyztNjT7CSZzBiHCoNlh2V5FA3j4PpxV8zazM5WiirzO+z+CGAoRHpBYfdP9BemxBG0yOAvPS4aMmrStcbxt1kfv7icIotR2WRBoU2tY4gEuhCCOvOou/qNuuhXcAkYiqL0J6km7a/myFcdJKP8pfsdp/7wU2dTVYxqFzh12PoUd+TLbOD2HkQ/RpWmMyS/yuZFHPHTgf/PZBUNokC7SYWHLuYZI1lxp82eK0lD6vIWacDAinA5st6gVwKZfaX/oTgQWiD7U2vFuGhnL/pGQx9WsuktbGoNT0yojBj1ZaTXEdIgk9GeqQny0+RSyoqImbA7EUYao33CKcKi9fWalH8hcv1YGMn/OecWjoOMCbLVcyj3VcXrJ19WTx3UnOoXD5dmnPPBB0Q52XWiY5aNNcJH7xlZMgxZ8dBgbWGBJQGY2Zgf+ssLjxSjv7PLkg0RuzHqugXwzdJZY30n7k4q+h6n9UlgYk9Ji7FCDSfq1uKIMKey7eXSNuu6PXQB3iXyypbyhCK244+xsBMT5iqnhPIx4YK6dXgsHDyTJ7LQkpsEjLtbOpQRVCwd9te2Zqtm3YqwE8ZXiUe8dmNvdcHT+/TGla8wZlb38Ukacc7By1ICGgvrxtwaMbQ+eU5XUMaCaQ0kFtP0DIJ5zCYzDI7iV5ojkSHJkaaFk6ohVJ3GFQw6h2+0has6kgMRtL63xpyRNJ+t/1PikYgURhcHWi94+5NBBC02gtnO/LiJ+h/eukwnAp3zh9u8AJ7EitSIaXR/vr+0OcBbyzkLYL0R8J6CuEiQD5mLZXuB4AiXB/9kafpU8EXRXjh9w9AygCuJBfqMLvOwW03w01gK5iwj/nLWmignx0vkWL48y6k+gbzF8HamS2xA+Em2VDaAcPVy9AUEgVTQSdvbD1JOCF1PbYxPq4xDrGeuoQ4qwbfSTFlqF5wK6eU5uCiJq32v3FnB2iaAQinLDaagkyLoSegbAqGYf46k2MQck8Vm3q076HjxiC9RpRvdLIiiS/bQhA0/t1R9jHvq/Dx7G8DUBNOUaN4PH6widW7LDAuxHzLFiEl6ERse4O4of7l10HKSXkPLeaRYAF4YwkTqSAQ9yBeiY0nn6CPxYLlujZLCBTwBg/Myvkur5JWESFCASYT5ejzt3lO1pbzTXW3g2X4crp52Ce6rcvKG9RWGYqx/ICFbmv2yTPelOSa+T5D1PP6/MLm448XdNsnaoPX+zL/uSVVwnAtN/Tk27FKVMe0rWRJ7BwT4AZuWAyKhFp3H1fVQm1AcpABFCl4ZTB4nMplxUjb8c7lepYLr1B61h+G0zABWdFux7nW/3MwIw/wzxd4H4OLlQ1QFTUoXf11pnLQbOUxR0UkQEkvIDy/B54imtSHcJQKU0hGceRlWk9GFRddZrtVPvGSvxRVPyfqFGG4gsw3FI6xjIiJAv/aad++O3o6yhD6NvN9GLk97HgaASYswS/pbxS7bIogXA+VHIZqS0u0qHa1p2O82sJ7G2/MZzP5EVD1+wvawhyJx+BCGftYTbOybN7pMGHr0Qqys0RVbELE3jxM7MSohYCryyiVhu7bTQ5sc21G7RqimmEJzLa2NT7WEUjrwh1tXsvCXVo6skKZ4fLdDj25q3gu8
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-07-18T13:33:59Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"malware-sample\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--578cdaba-3008-431f-b7d2-44a4950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-18T13:33:46.000Z",
            "modified": "2016-07-18T13:33:46.000Z",
            "pattern": "[file:name = '1.gif' AND file:hashes.SHA1 = 'bc4bde1cee2e29324f967f7966c38e174a41a992']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-07-18T13:33:46Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"filename|sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--578cdabb-00c8-43d6-a797-4b97950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-18T13:33:47.000Z",
            "modified": "2016-07-18T13:33:47.000Z",
            "pattern": "[file:name = '1.gif' AND file:hashes.SHA256 = '49a7b3f92077a131aaac8a3ce2cb335542d137296f6ddc820495b7b4feac495c']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-07-18T13:33:47Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"filename|sha256\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--578cdaf6-8720-469c-a1d7-42ea02de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-18T13:34:46.000Z",
            "modified": "2016-07-18T13:34:46.000Z",
            "first_observed": "2016-07-18T13:34:46Z",
            "last_observed": "2016-07-18T13:34:46Z",
            "number_observed": 1,
            "object_refs": [
                "url--578cdaf6-8720-469c-a1d7-42ea02de0b81"
            ],
            "labels": [
                "misp:type=\"link\"",
                "misp:category=\"External analysis\""
            ]
        },
        {
            "type": "url",
            "spec_version": "2.1",
            "id": "url--578cdaf6-8720-469c-a1d7-42ea02de0b81",
            "value": "https://www.virustotal.com/file/49a7b3f92077a131aaac8a3ce2cb335542d137296f6ddc820495b7b4feac495c/analysis/1468848626/"
        },
        {
            "type": "marking-definition",
            "spec_version": "2.1",
            "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
            "created": "2017-01-20T00:00:00.000Z",
            "definition_type": "tlp",
            "name": "TLP:WHITE",
            "definition": {
                "tlp": "white"
            }
        }
    ]
}
chg: [misp-stix] STIX 2.1 export added 2023-04-21 14:44:17 +00:00			`{`
			`"type": "bundle",`
			`"id": "bundle--578cd192-e448-45a8-abca-497a950d210f",`
			`"objects": [`
			`{`
			`"type": "identity",`
			`"spec_version": "2.1",`
			`"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-18T13:34:46.000Z",`
			`"modified": "2016-07-18T13:34:46.000Z",`
			`"name": "CIRCL",`
			`"identity_class": "organization"`
			`},`
			`{`
			`"type": "report",`
			`"spec_version": "2.1",`
			`"id": "report--578cd192-e448-45a8-abca-497a950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-18T13:34:46.000Z",`
			`"modified": "2016-07-18T13:34:46.000Z",`
			`"name": "Malspam 2016-07-18 .wsf->.gif (campaign: \"RE: firstname.lastname\")",`
			`"published": "2016-07-18T13:35:29Z",`
			`"object_refs": [`
			`"indicator--578cd1e6-e39c-4f9f-89ad-44cd950d210f",`
			`"indicator--578cd1e6-462c-4373-9a98-470c950d210f",`
			`"indicator--578cd1e7-89f0-401a-a679-4be5950d210f",`
			`"indicator--578cdab9-78c4-489f-8a5f-4586950d210f",`
			`"indicator--578cdaba-3008-431f-b7d2-44a4950d210f",`
			`"indicator--578cdabb-00c8-43d6-a797-4b97950d210f",`
			`"observed-data--578cdaf6-8720-469c-a1d7-42ea02de0b81",`
			`"url--578cdaf6-8720-469c-a1d7-42ea02de0b81"`
			`],`
			`"labels": [`
			`"Threat-Report",`
			`"misp:tool=\"MISP-STIX-Converter\"",`
			`"circl:incident-classification=\"malware\""`
			`],`
			`"object_marking_refs": [`
			`"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--578cd1e6-e39c-4f9f-89ad-44cd950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-18T12:56:06.000Z",`
			`"modified": "2016-07-18T12:56:06.000Z",`
			`"description": "download location",`
			`"pattern": "[url:value = 'http://hotgoolrw.top/admin.php?f=1.gif']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-07-18T12:56:06Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Network activity"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"url\"",`
			`"misp:category=\"Network activity\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--578cd1e6-462c-4373-9a98-470c950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-18T12:56:06.000Z",`
			`"modified": "2016-07-18T12:56:06.000Z",`
			`"description": "download location",`
			`"pattern": "[file:name = 'hotgoolrw.top']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-07-18T12:56:06Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload delivery"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"filename\"",`
			`"misp:category=\"Payload delivery\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--578cd1e7-89f0-401a-a679-4be5950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-18T12:56:07.000Z",`
			`"modified": "2016-07-18T12:56:07.000Z",`
			`"description": "download location",`
			`"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.95.114.10']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-07-18T12:56:07Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Network activity"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"ip-dst\"",`
			`"misp:category=\"Network activity\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--578cdab9-78c4-489f-8a5f-4586950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-18T13:33:59.000Z",`
			`"modified": "2016-07-18T13:33:59.000Z",`
			`"description": "actual malware",`
			"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIADds8khwG1/LAGkDAIa4AwAgABwANzdjYTZkMDY1NDRmN2EwNmFiYzY4ZDQ3M2YwZDhmYjhVVAkAA7najFe52oxXdXgLAAEEIQAAAAQhAAAA276ZOMkxln65VJFrX6m4oRC7tYKOrhkR8ezx6N7c47ryjZD4XCc0WYVQHnCWowTpuruLdmAkU7XfyXJjKmyLRwBQDcGaL8H7e8qsEZBbId0gjhvH8uMcoIE99tDqqd6Dki3Xk6FVh4drpyIWBm4q+aYdJWF5M863XMlcXeDLhhQe8pcDVIC0BzC8n4sf85sS98tFOuG7eSET00L+QOlwqAGY2bZXqeUp796BLveWVsX7Z8/5lkxzfcrw0luoVgYXMaS+NxeNDAvuJa2wfAD0w5m2cM8jtGW7Vlgxa5yUkKECki6C+z6rQ4VhmjSC6lFf5/4zsPmMsNWibtp/pJxrF20cTEaoD6AN2PHm2OCdGNy8eMRsMepDkKli1AnJPbaJrPEbu+VK2npKI5KPRgl4ZxnJiqxkfkgqybFgzRBB+MJBJfcxsL4tefsyJd6wjdqZ6Or/ZhmJ8kKeFsxAebA+OycyvURwUj8paVynmPrlMFdeSirukxiZVop0AWFE41O0k7dkq/jW9zcYbFr5HF3GNBtBQbsJLvBqswDS8xILpm2FL936g1Izl4sS5S3p2CZswVbag9Jk1FMpLXJuts4Pug8JB8AqEY5WuajcNNHZYbj1Bg6oO8i87CdvQBewXBSROc43GdgyWeg3AYF6+NImOmI0SnsV6JZ/5b6kSERKDezG0Xicb6sb1a1PKhQ3U1i+tVSPzH6pAAGvEWF4zsYSiDjLSHcCXaVEKimeywSUQxwSDzJgyDnqURRkCsRLlcq1G4XhpJzs20vwhsfP7WV1E/04tbJrPlfPS09FazOV7VTALlHoZlPXIMemAp7yrEudtRXFd0BJNNBv+LvRveSsvPDl+gKRtAGzSl0w9wTMVldOA+F6cktTmC1M1wTJ/0n2E6T0y7u1Ebx/J+kG3+4aAjzcTpRnQ569ABM28IaFgVuPPYLOVdB/eqed/OULFNaGFcIf2glv2OgzOr0VpXMbndaoh+uo1PB2+jkuH/WzuZ9SYRiYUPigT1ezNgmL7yQhAFOjHJnt7ULZStTtRsxCXCzImrpQr9vMvGH75LwC4NjwLBOo7ywSZL8T9Tqep6h0+Nrlr2UzRYDtSbkmdJ8PoC2Iq0NQzUmE3X/Y/IHZUk1m7SqecYuZSd5eaA7excd6MmoFNPWbF2j4lhKg2HcTCLvjPZ3IdphQ0yo0EGNMjVEVMdDaHGH2cJZjXec8COylR0T8y91WRlT5WEpFUNdEAO3fFiaJh3cjl+9oFO7AVci+QqiAmTsymBoOP9UjIeWllDGTHSV5ki8UOC/HQqVHEZN9KmaOTMDePVjbFByuk3sLAYwZ8w7qcL92qsWDwMKwqXXzzMQBebGEtAsuutFDGKzgly+4sbZ+002Q9TSVKbNtPEf1YlIV479peCleiGlz3wDTEXdvJwCa/+b0RluhkSgOO6p0qBoXbhVOeMIskg3VUIoW+gyIeCqKMs7vG7s5aCI60VrAG0Ol1PIp1NBGsmQH7MoEX8L5JN73nnHjnoAFW6MVfurNpHJsJq4At5pWMjeJS/FD5hg3e49wPs/kjkKUqUzSS32f8tzoKUHAbwwMjrHZCkVHp3RuBXamGE1KpZRIOrhazdtUCqoUUmNn2HIIMNaY9Y3zylC4aO9HXq186EMWfi61neluT9RjIMWv0c1JQF/7uPYNqOPrMgh/fL3WVoTVglr0lwlfXaQceRf9bb499PuNucBZ/hPnAIzBEghwhmQNlLxdCM6KbQisESYbdC9kRlqoiAhoovETgt0dsqvMqyav43NWQ4JV6MikIC4un8zdanMhOCnZkyVzOGE1uKihS0wyZBBvwqpGu6CDVus9ZaSp3oD4e7QQA1oFo6Jd0lPM16FyvVvNzYqVzJUq+ws+rsvCB2ctuuQGawvgY7O0+cmjazmFVogm1sISguZaIv5jqno5MSTEquIW6pmIxgCymkBy4jy9b83/Cv148fooc5quMxd1Qlj+b8yKwb8Yi9N3Nqq5/qfkO9oYb0zb/FUekHQiP/kpA4v6wlODn2ISglHMZOnVmviDRB82cS4C2q+zKzOCT6xh13olOzqpIH/MCU/CDjNJTGTrHr2K9KTF8tfXX4qO6pXYqfnoE413MyJTfw4PGVBO5d24uhO/loUlQLQAwG6ZpyhEKQ7OwXh59LJ6qIJu0GPN0neIn+8H0i9pEJxqtBf2aqEZhlGJsw7VQImcBdb14CKIjWmfzXedl5GwX05UWUzAiWtudaLjAE6MOzReP99H5BzarmLrG2kmphX4TjWM4muv1lLYxrpURdvKyztNjT7CSZzBiHCoNlh2V5FA3j4PpxV8zazM5WiirzO+z+CGAoRHpBYfdP9BemxBG0yOAvPS4aMmrStcbxt1kfv7icIotR2WRBoU2tY4gEuhCCOvOou/qNuuhXcAkYiqL0J6km7a/myFcdJKP8pfsdp/7wU2dTVYxqFzh12PoUd+TLbOD2HkQ/RpWmMyS/yuZFHPHTgf/PZBUNokC7SYWHLuYZI1lxp82eK0lD6vIWacDAinA5st6gVwKZfaX/oTgQWiD7U2vFuGhnL/pGQx9WsuktbGoNT0yojBj1ZaTXEdIgk9GeqQny0+RSyoqImbA7EUYao33CKcKi9fWalH8hcv1YGMn/OecWjoOMCbLVcyj3VcXrJ19WTx3UnOoXD5dmnPPBB0Q52XWiY5aNNcJH7xlZMgxZ8dBgbWGBJQGY2Zgf+ssLjxSjv7PLkg0RuzHqugXwzdJZY30n7k4q+h6n9UlgYk9Ji7FCDSfq1uKIMKey7eXSNuu6PXQB3iXyypbyhCK244+xsBMT5iqnhPIx4YK6dXgsHDyTJ7LQkpsEjLtbOpQRVCwd9te2Zqtm3YqwE8ZXiUe8dmNvdcHT+/TGla8wZlb38Ukacc7By1ICGgvrxtwaMbQ+eU5XUMaCaQ0kFtP0DIJ5zCYzDI7iV5ojkSHJkaaFk6ohVJ3GFQw6h2+0has6kgMRtL63xpyRNJ+t/1PikYgURhcHWi94+5NBBC02gtnO/LiJ+h/eukwnAp3zh9u8AJ7EitSIaXR/vr+0OcBbyzkLYL0R8J6CuEiQD5mLZXuB4AiXB/9kafpU8EXRXjh9w9AygCuJBfqMLvOwW03w01gK5iwj/nLWmignx0vkWL48y6k+gbzF8HamS2xA+Em2VDaAcPVy9AUEgVTQSdvbD1JOCF1PbYxPq4xDrGeuoQ4qwbfSTFlqF5wK6eU5uCiJq32v3FnB2iaAQinLDaagkyLoSegbAqGYf46k2MQck8Vm3q076HjxiC9RpRvdLIiiS/bQhA0/t1R9jHvq/Dx7G8DUBNOUaN4PH6widW7LDAuxHzLFiEl6ERse4O4of7l10HKSXkPLeaRYAF4YwkTqSAQ9yBeiY0nn6CPxYLlujZLCBTwBg/Myvkur5JWESFCASYT5ejzt3lO1pbzTXW3g2X4crp52Ce6rcvKG9RWGYqx/ICFbmv2yTPelOSa+T5D1PP6/MLm448XdNsnaoPX+zL/uSVVwnAtN/Tk27FKVMe0rWRJ7BwT4AZuWAyKhFp3H1fVQm1AcpABFCl4ZTB4nMplxUjb8c7lepYLr1B61h+G0zABWdFux7nW/3MwIw/wzxd4H4OLlQ1QFTUoXf11pnLQbOUxR0UkQEkvIDy/B54imtSHcJQKU0hGceRlWk9GFRddZrtVPvGSvxRVPyfqFGG4gsw3FI6xjIiJAv/aad++O3o6yhD6NvN9GLk97HgaASYswS/pbxS7bIogXA+VHIZqS0u0qHa1p2O82sJ7G2/MZzP5EVD1+wvawhyJx+BCGftYTbOybN7pMGHr0Qqys0RVbELE3jxM7MSohYCryyiVhu7bTQ5sc21G7RqimmEJzLa2NT7WEUjrwh1tXsvCXVo6skKZ4fLdDj25q3gu8
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-07-18T13:33:59Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload delivery"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"malware-sample\"",`
			`"misp:category=\"Payload delivery\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--578cdaba-3008-431f-b7d2-44a4950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-18T13:33:46.000Z",`
			`"modified": "2016-07-18T13:33:46.000Z",`
			`"pattern": "[file:name = '1.gif' AND file:hashes.SHA1 = 'bc4bde1cee2e29324f967f7966c38e174a41a992']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-07-18T13:33:46Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload delivery"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"filename\|sha1\"",`
			`"misp:category=\"Payload delivery\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--578cdabb-00c8-43d6-a797-4b97950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-18T13:33:47.000Z",`
			`"modified": "2016-07-18T13:33:47.000Z",`
			`"pattern": "[file:name = '1.gif' AND file:hashes.SHA256 = '49a7b3f92077a131aaac8a3ce2cb335542d137296f6ddc820495b7b4feac495c']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-07-18T13:33:47Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload delivery"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"filename\|sha256\"",`
			`"misp:category=\"Payload delivery\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "observed-data",`
			`"spec_version": "2.1",`
			`"id": "observed-data--578cdaf6-8720-469c-a1d7-42ea02de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-18T13:34:46.000Z",`
			`"modified": "2016-07-18T13:34:46.000Z",`
			`"first_observed": "2016-07-18T13:34:46Z",`
			`"last_observed": "2016-07-18T13:34:46Z",`
			`"number_observed": 1,`
			`"object_refs": [`
			`"url--578cdaf6-8720-469c-a1d7-42ea02de0b81"`
			`],`
			`"labels": [`
			`"misp:type=\"link\"",`
			`"misp:category=\"External analysis\""`
			`]`
			`},`
			`{`
			`"type": "url",`
			`"spec_version": "2.1",`
			`"id": "url--578cdaf6-8720-469c-a1d7-42ea02de0b81",`
			`"value": "https://www.virustotal.com/file/49a7b3f92077a131aaac8a3ce2cb335542d137296f6ddc820495b7b4feac495c/analysis/1468848626/"`
			`},`
			`{`
			`"type": "marking-definition",`
			`"spec_version": "2.1",`
			`"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",`
			`"created": "2017-01-20T00:00:00.000Z",`
			`"definition_type": "tlp",`
			`"name": "TLP:WHITE",`
			`"definition": {`
			`"tlp": "white"`
			`}`
			`}`
			`]`
			`}`