misp-circl-feed/feeds/circl/stix-2.1/5a69e332-f944-46f8-b172-637202de0b81.json

{
    "type": "bundle",
    "id": "bundle--5a69e332-f944-46f8-b172-637202de0b81",
    "objects": [
        {
            "type": "identity",
            "spec_version": "2.1",
            "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2018-01-26T03:00:57.000Z",
            "modified": "2018-01-26T03:00:57.000Z",
            "name": "CIRCL",
            "identity_class": "organization"
        },
        {
            "type": "report",
            "spec_version": "2.1",
            "id": "report--5a69e332-f944-46f8-b172-637202de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2018-01-26T03:00:57.000Z",
            "modified": "2018-01-26T03:00:57.000Z",
            "name": "OSINT - Masuta : Satori Creators\u00e2\u20ac\u2122 Second Botnet Weaponizes A New Router Exploit.",
            "published": "2018-02-16T08:52:08Z",
            "object_refs": [
                "observed-data--5a69e33e-c4d8-40e4-95d5-4ea302de0b81",
                "url--5a69e33e-c4d8-40e4-95d5-4ea302de0b81",
                "x-misp-attribute--5a69e357-429c-4316-8060-4ae502de0b81",
                "indicator--5a69e86e-d27c-403a-b897-4c5f02de0b81",
                "observed-data--5a69e899-1048-4d87-b715-47f002de0b81",
                "url--5a69e899-1048-4d87-b715-47f002de0b81",
                "observed-data--5a69e9d9-f204-4cfc-8b59-492e02de0b81",
                "url--5a69e9d9-f204-4cfc-8b59-492e02de0b81",
                "observed-data--5a69e9fa-c15c-4663-af99-4d0d02de0b81",
                "url--5a69e9fa-c15c-4663-af99-4d0d02de0b81",
                "x-misp-attribute--5a69eb37-ae04-447b-a4ef-401402de0b81",
                "x-misp-object--5a69e390-b5f0-42c1-a638-446502de0b81",
                "x-misp-object--5a69e3c4-c604-4e3a-b1ed-4b1a02de0b81"
            ],
            "labels": [
                "Threat-Report",
                "misp:tool=\"MISP-STIX-Converter\"",
                "ms-caro-malware:malware-platform=\"Linux\"",
                "misp-galaxy:threat-actor=\"Nexus Zeta\"",
                "misp-galaxy:tool=\"Masuta\""
            ],
            "object_marking_refs": [
                "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
            ]
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--5a69e33e-c4d8-40e4-95d5-4ea302de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2018-01-25T14:01:34.000Z",
            "modified": "2018-01-25T14:01:34.000Z",
            "first_observed": "2018-01-25T14:01:34Z",
            "last_observed": "2018-01-25T14:01:34Z",
            "number_observed": 1,
            "object_refs": [
                "url--5a69e33e-c4d8-40e4-95d5-4ea302de0b81"
            ],
            "labels": [
                "misp:type=\"link\"",
                "misp:category=\"External analysis\""
            ]
        },
        {
            "type": "url",
            "spec_version": "2.1",
            "id": "url--5a69e33e-c4d8-40e4-95d5-4ea302de0b81",
            "value": "https://blog.newskysecurity.com/masuta-satori-creators-second-botnet-weaponizes-a-new-router-exploit-2ddc51cc52a7"
        },
        {
            "type": "x-misp-attribute",
            "spec_version": "2.1",
            "id": "x-misp-attribute--5a69e357-429c-4316-8060-4ae502de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2018-01-25T14:01:59.000Z",
            "modified": "2018-01-25T14:01:59.000Z",
            "labels": [
                "misp:type=\"text\"",
                "misp:category=\"External analysis\""
            ],
            "x_misp_category": "External analysis",
            "x_misp_type": "text",
            "x_misp_value": "Since the inception of the Mirai code leak, many botnets have been seen in the IoT threat landscape. While some of them are clearly Mirai carbon copies, others have added new attack methods, often taking the route of exploits to perform an attack. We analyzed two variants of an IoT botnet named \u00e2\u20ac\u0153Masuta\u00e2\u20ac\u009d where we observed the involvement of a well-known IoT threat actor and discovered a router exploit being weaponized for the first time in a botnet campaign."
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--5a69e86e-d27c-403a-b897-4c5f02de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2018-01-25T14:23:42.000Z",
            "modified": "2018-01-25T14:23:42.000Z",
            "pattern": "[url:value = 'http://purenetworks.com/HNAP1/GetDeviceSettings']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2018-01-25T14:23:42Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Network activity"
                }
            ],
            "labels": [
                "misp:type=\"url\"",
                "misp:category=\"Network activity\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--5a69e899-1048-4d87-b715-47f002de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2018-01-25T14:24:25.000Z",
            "modified": "2018-01-25T14:24:25.000Z",
            "first_observed": "2018-01-25T14:24:25Z",
            "last_observed": "2018-01-25T14:24:25Z",
            "number_observed": 1,
            "object_refs": [
                "url--5a69e899-1048-4d87-b715-47f002de0b81"
            ],
            "labels": [
                "misp:type=\"link\"",
                "misp:category=\"External analysis\""
            ]
        },
        {
            "type": "url",
            "spec_version": "2.1",
            "id": "url--5a69e899-1048-4d87-b715-47f002de0b81",
            "value": "http://www.devttys0.com/2015/04/hacking-the-d-link-dir-890l/"
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--5a69e9d9-f204-4cfc-8b59-492e02de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2018-01-25T14:29:45.000Z",
            "modified": "2018-01-25T14:29:45.000Z",
            "first_observed": "2018-01-25T14:29:45Z",
            "last_observed": "2018-01-25T14:29:45Z",
            "number_observed": 1,
            "object_refs": [
                "url--5a69e9d9-f204-4cfc-8b59-492e02de0b81"
            ],
            "labels": [
                "misp:type=\"link\"",
                "misp:category=\"External analysis\""
            ]
        },
        {
            "type": "url",
            "spec_version": "2.1",
            "id": "url--5a69e9d9-f204-4cfc-8b59-492e02de0b81",
            "value": "https://www.exploit-db.com/exploits/38722/"
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--5a69e9fa-c15c-4663-af99-4d0d02de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2018-01-25T14:30:18.000Z",
            "modified": "2018-01-25T14:30:18.000Z",
            "first_observed": "2018-01-25T14:30:18Z",
            "last_observed": "2018-01-25T14:30:18Z",
            "number_observed": 1,
            "object_refs": [
                "url--5a69e9fa-c15c-4663-af99-4d0d02de0b81"
            ],
            "labels": [
                "misp:type=\"link\"",
                "misp:category=\"External analysis\""
            ]
        },
        {
            "type": "url",
            "spec_version": "2.1",
            "id": "url--5a69e9fa-c15c-4663-af99-4d0d02de0b81",
            "value": "https://pastebin.com/WhGBivrU"
        },
        {
            "type": "x-misp-attribute",
            "spec_version": "2.1",
            "id": "x-misp-attribute--5a69eb37-ae04-447b-a4ef-401402de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2018-01-25T14:35:35.000Z",
            "modified": "2018-01-25T14:35:35.000Z",
            "labels": [
                "misp:type=\"pattern-in-memory\"",
                "misp:category=\"Artifacts dropped\"",
                "misp:to_ids=\"True\""
            ],
            "x_misp_category": "Artifacts dropped",
            "x_misp_type": "pattern-in-memory",
            "x_misp_value": "/bin/busybox MASUTA"
        },
        {
            "type": "x-misp-object",
            "spec_version": "2.1",
            "id": "x-misp-object--5a69e390-b5f0-42c1-a638-446502de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2018-01-25T14:03:09.000Z",
            "modified": "2018-01-25T14:03:09.000Z",
            "labels": [
                "misp:name=\"whois\"",
                "misp:meta-category=\"network\""
            ],
            "x_misp_attributes": [
                {
                    "type": "domain",
                    "object_relation": "domain",
                    "value": "nexusiotsolutions.net",
                    "category": "Network activity",
                    "to_ids": true,
                    "uuid": "5a69e390-ee44-4042-a56d-4d4302de0b81"
                },
                {
                    "type": "whois-registrant-email",
                    "object_relation": "registrant-email",
                    "value": "nexuszeta1337@gmail.com",
                    "category": "Attribution",
                    "to_ids": true,
                    "uuid": "5a69e391-c430-4537-99fc-4f9e02de0b81"
                }
            ],
            "x_misp_meta_category": "network",
            "x_misp_name": "whois"
        },
        {
            "type": "x-misp-object",
            "spec_version": "2.1",
            "id": "x-misp-object--5a69e3c4-c604-4e3a-b1ed-4b1a02de0b81",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2018-01-25T14:03:48.000Z",
            "modified": "2018-01-25T14:03:48.000Z",
            "labels": [
                "misp:name=\"passive-dns\"",
                "misp:meta-category=\"network\""
            ],
            "x_misp_attributes": [
                {
                    "type": "text",
                    "object_relation": "rrtype",
                    "value": "A",
                    "category": "Network activity",
                    "uuid": "5a69e3c4-df00-4ebd-8214-4f0102de0b81"
                },
                {
                    "type": "text",
                    "object_relation": "rrname",
                    "value": "93.174.93.63",
                    "category": "Network activity",
                    "uuid": "5a69e3c5-6274-4308-99bf-488e02de0b81"
                },
                {
                    "type": "text",
                    "object_relation": "rdata",
                    "value": "n.cf0.pw",
                    "category": "Other",
                    "uuid": "5a69e3c6-1d74-4d92-b433-4a1e02de0b81"
                }
            ],
            "x_misp_meta_category": "network",
            "x_misp_name": "passive-dns"
        },
        {
            "type": "marking-definition",
            "spec_version": "2.1",
            "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
            "created": "2017-01-20T00:00:00.000Z",
            "definition_type": "tlp",
            "name": "TLP:WHITE",
            "definition": {
                "tlp": "white"
            }
        }
    ]
}
chg: [misp-stix] STIX 2.1 export added 2023-04-21 14:44:17 +00:00			`{`
			`"type": "bundle",`
			`"id": "bundle--5a69e332-f944-46f8-b172-637202de0b81",`
			`"objects": [`
			`{`
			`"type": "identity",`
			`"spec_version": "2.1",`
			`"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2018-01-26T03:00:57.000Z",`
			`"modified": "2018-01-26T03:00:57.000Z",`
			`"name": "CIRCL",`
			`"identity_class": "organization"`
			`},`
			`{`
			`"type": "report",`
			`"spec_version": "2.1",`
			`"id": "report--5a69e332-f944-46f8-b172-637202de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2018-01-26T03:00:57.000Z",`
			`"modified": "2018-01-26T03:00:57.000Z",`
			`"name": "OSINT - Masuta : Satori Creators\u00e2\u20ac\u2122 Second Botnet Weaponizes A New Router Exploit.",`
			`"published": "2018-02-16T08:52:08Z",`
			`"object_refs": [`
			`"observed-data--5a69e33e-c4d8-40e4-95d5-4ea302de0b81",`
			`"url--5a69e33e-c4d8-40e4-95d5-4ea302de0b81",`
			`"x-misp-attribute--5a69e357-429c-4316-8060-4ae502de0b81",`
			`"indicator--5a69e86e-d27c-403a-b897-4c5f02de0b81",`
			`"observed-data--5a69e899-1048-4d87-b715-47f002de0b81",`
			`"url--5a69e899-1048-4d87-b715-47f002de0b81",`
			`"observed-data--5a69e9d9-f204-4cfc-8b59-492e02de0b81",`
			`"url--5a69e9d9-f204-4cfc-8b59-492e02de0b81",`
			`"observed-data--5a69e9fa-c15c-4663-af99-4d0d02de0b81",`
			`"url--5a69e9fa-c15c-4663-af99-4d0d02de0b81",`
			`"x-misp-attribute--5a69eb37-ae04-447b-a4ef-401402de0b81",`
			`"x-misp-object--5a69e390-b5f0-42c1-a638-446502de0b81",`
			`"x-misp-object--5a69e3c4-c604-4e3a-b1ed-4b1a02de0b81"`
			`],`
			`"labels": [`
			`"Threat-Report",`
			`"misp:tool=\"MISP-STIX-Converter\"",`
			`"ms-caro-malware:malware-platform=\"Linux\"",`
			`"misp-galaxy:threat-actor=\"Nexus Zeta\"",`
			`"misp-galaxy:tool=\"Masuta\""`
			`],`
			`"object_marking_refs": [`
			`"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"`
			`]`
			`},`
			`{`
			`"type": "observed-data",`
			`"spec_version": "2.1",`
			`"id": "observed-data--5a69e33e-c4d8-40e4-95d5-4ea302de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2018-01-25T14:01:34.000Z",`
			`"modified": "2018-01-25T14:01:34.000Z",`
			`"first_observed": "2018-01-25T14:01:34Z",`
			`"last_observed": "2018-01-25T14:01:34Z",`
			`"number_observed": 1,`
			`"object_refs": [`
			`"url--5a69e33e-c4d8-40e4-95d5-4ea302de0b81"`
			`],`
			`"labels": [`
			`"misp:type=\"link\"",`
			`"misp:category=\"External analysis\""`
			`]`
			`},`
			`{`
			`"type": "url",`
			`"spec_version": "2.1",`
			`"id": "url--5a69e33e-c4d8-40e4-95d5-4ea302de0b81",`
			`"value": "https://blog.newskysecurity.com/masuta-satori-creators-second-botnet-weaponizes-a-new-router-exploit-2ddc51cc52a7"`
			`},`
			`{`
			`"type": "x-misp-attribute",`
			`"spec_version": "2.1",`
			`"id": "x-misp-attribute--5a69e357-429c-4316-8060-4ae502de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2018-01-25T14:01:59.000Z",`
			`"modified": "2018-01-25T14:01:59.000Z",`
			`"labels": [`
			`"misp:type=\"text\"",`
			`"misp:category=\"External analysis\""`
			`],`
			`"x_misp_category": "External analysis",`
			`"x_misp_type": "text",`
			"x_misp_value": "Since the inception of the Mirai code leak, many botnets have been seen in the IoT threat landscape. While some of them are clearly Mirai carbon copies, others have added new attack methods, often taking the route of exploits to perform an attack. We analyzed two variants of an IoT botnet named \u00e2\u20ac\u0153Masuta\u00e2\u20ac\u009d where we observed the involvement of a well-known IoT threat actor and discovered a router exploit being weaponized for the first time in a botnet campaign."
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--5a69e86e-d27c-403a-b897-4c5f02de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2018-01-25T14:23:42.000Z",`
			`"modified": "2018-01-25T14:23:42.000Z",`
			`"pattern": "[url:value = 'http://purenetworks.com/HNAP1/GetDeviceSettings']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2018-01-25T14:23:42Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Network activity"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"url\"",`
			`"misp:category=\"Network activity\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "observed-data",`
			`"spec_version": "2.1",`
			`"id": "observed-data--5a69e899-1048-4d87-b715-47f002de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2018-01-25T14:24:25.000Z",`
			`"modified": "2018-01-25T14:24:25.000Z",`
			`"first_observed": "2018-01-25T14:24:25Z",`
			`"last_observed": "2018-01-25T14:24:25Z",`
			`"number_observed": 1,`
			`"object_refs": [`
			`"url--5a69e899-1048-4d87-b715-47f002de0b81"`
			`],`
			`"labels": [`
			`"misp:type=\"link\"",`
			`"misp:category=\"External analysis\""`
			`]`
			`},`
			`{`
			`"type": "url",`
			`"spec_version": "2.1",`
			`"id": "url--5a69e899-1048-4d87-b715-47f002de0b81",`
			`"value": "http://www.devttys0.com/2015/04/hacking-the-d-link-dir-890l/"`
			`},`
			`{`
			`"type": "observed-data",`
			`"spec_version": "2.1",`
			`"id": "observed-data--5a69e9d9-f204-4cfc-8b59-492e02de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2018-01-25T14:29:45.000Z",`
			`"modified": "2018-01-25T14:29:45.000Z",`
			`"first_observed": "2018-01-25T14:29:45Z",`
			`"last_observed": "2018-01-25T14:29:45Z",`
			`"number_observed": 1,`
			`"object_refs": [`
			`"url--5a69e9d9-f204-4cfc-8b59-492e02de0b81"`
			`],`
			`"labels": [`
			`"misp:type=\"link\"",`
			`"misp:category=\"External analysis\""`
			`]`
			`},`
			`{`
			`"type": "url",`
			`"spec_version": "2.1",`
			`"id": "url--5a69e9d9-f204-4cfc-8b59-492e02de0b81",`
			`"value": "https://www.exploit-db.com/exploits/38722/"`
			`},`
			`{`
			`"type": "observed-data",`
			`"spec_version": "2.1",`
			`"id": "observed-data--5a69e9fa-c15c-4663-af99-4d0d02de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2018-01-25T14:30:18.000Z",`
			`"modified": "2018-01-25T14:30:18.000Z",`
			`"first_observed": "2018-01-25T14:30:18Z",`
			`"last_observed": "2018-01-25T14:30:18Z",`
			`"number_observed": 1,`
			`"object_refs": [`
			`"url--5a69e9fa-c15c-4663-af99-4d0d02de0b81"`
			`],`
			`"labels": [`
			`"misp:type=\"link\"",`
			`"misp:category=\"External analysis\""`
			`]`
			`},`
			`{`
			`"type": "url",`
			`"spec_version": "2.1",`
			`"id": "url--5a69e9fa-c15c-4663-af99-4d0d02de0b81",`
			`"value": "https://pastebin.com/WhGBivrU"`
			`},`
			`{`
			`"type": "x-misp-attribute",`
			`"spec_version": "2.1",`
			`"id": "x-misp-attribute--5a69eb37-ae04-447b-a4ef-401402de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2018-01-25T14:35:35.000Z",`
			`"modified": "2018-01-25T14:35:35.000Z",`
			`"labels": [`
			`"misp:type=\"pattern-in-memory\"",`
			`"misp:category=\"Artifacts dropped\"",`
			`"misp:to_ids=\"True\""`
			`],`
			`"x_misp_category": "Artifacts dropped",`
			`"x_misp_type": "pattern-in-memory",`
			`"x_misp_value": "/bin/busybox MASUTA"`
			`},`
			`{`
			`"type": "x-misp-object",`
			`"spec_version": "2.1",`
			`"id": "x-misp-object--5a69e390-b5f0-42c1-a638-446502de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2018-01-25T14:03:09.000Z",`
			`"modified": "2018-01-25T14:03:09.000Z",`
			`"labels": [`
			`"misp:name=\"whois\"",`
			`"misp:meta-category=\"network\""`
			`],`
			`"x_misp_attributes": [`
			`{`
			`"type": "domain",`
			`"object_relation": "domain",`
			`"value": "nexusiotsolutions.net",`
			`"category": "Network activity",`
			`"to_ids": true,`
			`"uuid": "5a69e390-ee44-4042-a56d-4d4302de0b81"`
			`},`
			`{`
			`"type": "whois-registrant-email",`
			`"object_relation": "registrant-email",`
			`"value": "nexuszeta1337@gmail.com",`
			`"category": "Attribution",`
			`"to_ids": true,`
			`"uuid": "5a69e391-c430-4537-99fc-4f9e02de0b81"`
			`}`
			`],`
			`"x_misp_meta_category": "network",`
			`"x_misp_name": "whois"`
			`},`
			`{`
			`"type": "x-misp-object",`
			`"spec_version": "2.1",`
			`"id": "x-misp-object--5a69e3c4-c604-4e3a-b1ed-4b1a02de0b81",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2018-01-25T14:03:48.000Z",`
			`"modified": "2018-01-25T14:03:48.000Z",`
			`"labels": [`
			`"misp:name=\"passive-dns\"",`
			`"misp:meta-category=\"network\""`
			`],`
			`"x_misp_attributes": [`
			`{`
			`"type": "text",`
			`"object_relation": "rrtype",`
			`"value": "A",`
			`"category": "Network activity",`
			`"uuid": "5a69e3c4-df00-4ebd-8214-4f0102de0b81"`
			`},`
			`{`
			`"type": "text",`
			`"object_relation": "rrname",`
			`"value": "93.174.93.63",`
			`"category": "Network activity",`
			`"uuid": "5a69e3c5-6274-4308-99bf-488e02de0b81"`
			`},`
			`{`
			`"type": "text",`
			`"object_relation": "rdata",`
			`"value": "n.cf0.pw",`
			`"category": "Other",`
			`"uuid": "5a69e3c6-1d74-4d92-b433-4a1e02de0b81"`
			`}`
			`],`
			`"x_misp_meta_category": "network",`
			`"x_misp_name": "passive-dns"`
			`},`
			`{`
			`"type": "marking-definition",`
			`"spec_version": "2.1",`
			`"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",`
			`"created": "2017-01-20T00:00:00.000Z",`
			`"definition_type": "tlp",`
			`"name": "TLP:WHITE",`
			`"definition": {`
			`"tlp": "white"`
			`}`
			`}`
			`]`
			`}`