2023-04-21 14:44:17 +00:00
|
|
|
{
|
|
|
|
"type": "bundle",
|
|
|
|
"id": "bundle--5ce3fb8a-9504-42e8-b405-4a56950d210f",
|
|
|
|
"objects": [
|
|
|
|
{
|
|
|
|
"type": "identity",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-05-21T14:54:07.000Z",
|
|
|
|
"modified": "2019-05-21T14:54:07.000Z",
|
|
|
|
"name": "CIRCL",
|
|
|
|
"identity_class": "organization"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "report",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "report--5ce3fb8a-9504-42e8-b405-4a56950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-05-21T14:54:07.000Z",
|
|
|
|
"modified": "2019-05-21T14:54:07.000Z",
|
|
|
|
"name": "HIDDEN COBRA - North Korean Malicious Cyber Activity (MAR-10135536.r21.v2)",
|
|
|
|
"published": "2019-05-21T14:56:07Z",
|
|
|
|
"object_refs": [
|
|
|
|
"observed-data--8dd86898-64a4-464e-baaa-6f5ced020691",
|
|
|
|
"file--8dd86898-64a4-464e-baaa-6f5ced020691",
|
|
|
|
"artifact--8dd86898-64a4-464e-baaa-6f5ced020691",
|
|
|
|
"observed-data--b7deaf3f-ccbd-428b-8350-548ed5bc3f2d",
|
|
|
|
"file--b7deaf3f-ccbd-428b-8350-548ed5bc3f2d",
|
|
|
|
"artifact--b7deaf3f-ccbd-428b-8350-548ed5bc3f2d",
|
|
|
|
"observed-data--f4548dd8-1e15-4ccf-af15-c9582a555969",
|
|
|
|
"file--f4548dd8-1e15-4ccf-af15-c9582a555969",
|
|
|
|
"artifact--f4548dd8-1e15-4ccf-af15-c9582a555969",
|
|
|
|
"observed-data--d1ec976f-e9a9-4304-8cfd-a8606e1dbdc2",
|
|
|
|
"file--d1ec976f-e9a9-4304-8cfd-a8606e1dbdc2",
|
|
|
|
"artifact--d1ec976f-e9a9-4304-8cfd-a8606e1dbdc2",
|
|
|
|
"observed-data--ece02b34-e7d3-4d3f-be65-363e08e9c6f7",
|
|
|
|
"file--ece02b34-e7d3-4d3f-be65-363e08e9c6f7",
|
|
|
|
"artifact--ece02b34-e7d3-4d3f-be65-363e08e9c6f7",
|
|
|
|
"observed-data--7f21a6bd-5d7f-41b4-8043-da12110434a0",
|
|
|
|
"file--7f21a6bd-5d7f-41b4-8043-da12110434a0",
|
|
|
|
"artifact--7f21a6bd-5d7f-41b4-8043-da12110434a0",
|
|
|
|
"observed-data--8c567803-b7f4-439a-bf73-2be164034048",
|
|
|
|
"file--8c567803-b7f4-439a-bf73-2be164034048",
|
|
|
|
"artifact--8c567803-b7f4-439a-bf73-2be164034048",
|
|
|
|
"indicator--ec67fa69-3a3e-4045-a4d8-d057f54456a4",
|
|
|
|
"observed-data--5703eedf-e90c-40d6-a309-b3985ed37411",
|
|
|
|
"file--5703eedf-e90c-40d6-a309-b3985ed37411",
|
|
|
|
"x-misp-object--5ce3fb8c-a700-4dd4-af12-4795950d210f",
|
|
|
|
"indicator--30f93155-bc08-442b-90a0-c0b04494ea79",
|
|
|
|
"x-misp-object--1f8e38a5-98a3-4092-9cc6-b9e6058bef43",
|
|
|
|
"x-misp-object--205f75b1-f23f-43ca-be60-2cdbda5377d5",
|
|
|
|
"x-misp-object--7e85c045-d13d-4dbe-bbe3-fca9bc75e3b2",
|
|
|
|
"x-misp-object--5f54f5a8-5f0a-4456-87f5-7612194633fa",
|
|
|
|
"x-misp-object--faacc77a-972e-4a96-81d3-7ac2a7139c61",
|
|
|
|
"x-misp-object--87fe0cc7-eff4-47e5-85b3-53947d58e6eb",
|
2024-08-07 08:13:15 +00:00
|
|
|
"relationship--71919d98-b62d-4b01-8985-8024cd43e28f",
|
|
|
|
"relationship--6e8bae97-b16e-48db-b6bd-41b96d29521e",
|
|
|
|
"relationship--d97b6528-32c1-4962-be90-0729924882e1",
|
|
|
|
"relationship--bb64a1d0-84c9-486f-aa26-1ed600307d30",
|
|
|
|
"relationship--91be0cfa-77f2-4472-8807-3b339b9ed8d7",
|
|
|
|
"relationship--67b54add-9575-4195-a7ee-fbe67a072725",
|
|
|
|
"relationship--297418e4-8e90-4290-9536-47e32eafac7a"
|
2023-04-21 14:44:17 +00:00
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"Threat-Report",
|
|
|
|
"misp:tool=\"MISP-STIX-Converter\"",
|
|
|
|
"type:OSINT",
|
|
|
|
"osint:lifetime=\"perpetual\"",
|
|
|
|
"osint:certainty=\"50\"",
|
|
|
|
"misp-galaxy:threat-actor=\"Lazarus Group\""
|
|
|
|
],
|
|
|
|
"object_marking_refs": [
|
|
|
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--8dd86898-64a4-464e-baaa-6f5ced020691",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-05-21T13:22:18.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:18.000Z",
|
|
|
|
"first_observed": "2019-05-21T13:22:18Z",
|
|
|
|
"last_observed": "2019-05-21T13:22:18Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"file--8dd86898-64a4-464e-baaa-6f5ced020691",
|
|
|
|
"artifact--8dd86898-64a4-464e-baaa-6f5ced020691"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"attachment\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "file",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "file--8dd86898-64a4-464e-baaa-6f5ced020691",
|
|
|
|
"name": "Figure 1",
|
|
|
|
"content_ref": "artifact--8dd86898-64a4-464e-baaa-6f5ced020691"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "artifact",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "artifact--8dd86898-64a4-464e-baaa-6f5ced020691",
|
|
|
|
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAAAlgAAAINCAYAAADiJQGYAAAWcGlDQ1BJQ0MgUHJvZmlsZQAAeJyVmAdUE1+XwN+kkpDQQu+hhN577733IgIh9N6bBURFBaVJE1ABCyAKSBNBpVhApIoIiihFRAQVRQRBZaP/Fffb3e/s2XvOZH5zc+fOnbnvznt3AGDvI0dGhsIYAAgLj422N9Hnd3Vz50fPAwhgAS2gA3JkSkyknq2tJfi38vUp1ZoqY1K/fP17u/9VGH39YigAQLZU9vGNoYRRuZm6DVAio2MBgKdS9YIJsZG/+CKVmaOpAVK57RcH/MMDv9jnH575beNob0DlLwDQ4Mjk6AAAcL+uxR9PCaD6wfEDgGIK9w0KB4BJkcralECyLwDs1P+AZFhYxC8up7Koz3/xE/AvPn12fZLJAbv8z738FhrDoJjIUHLS//Nx/N8SFhr35xoC1A0XGG1qT90LUZ9ZdUiExS6H+1jb/OEg39/2vzkwztTpD1NiDNz/sC/Z0OIPx4U46f1hcvTfc4NizRz/cHSE/a5/vxgjh13/fmaWuzGEWu+yf5Cx2R9ODnR0+cPxQc7WfzgmxMHir43Brj46zn43Zv9o4917DIv5GxuF/DeG2EBH07+xue7G4OtnaLSrD3fatY+M1d/1GRlqu2vvF2qyq4+Jd9g9N5Y6wP5wMNnc9q8f293nAyyBETAE/MAABIFw4AfCAJl6ZEg9igGRIJR6lBTrl/hrzAGDiMik6KCAwFh+PWoF+fGbhVOkJfnlZeXUAPhVj/+ke83+d51BrMN/dVHU89WpVrCzf3VkCQDaJallcPWvTkgZANpSADrmKXHR8f/oEL9+kNQ6pwfMgAPwAkEgCqSAPFAGGkCXGr05sAGOwA14AgoIpMYfDRLAfnAIpINMkAMKQAk4Dy6AanANNIIb4BboBg/AIzACxsEUmAELYBmsgq9gG4IgNISHCBAHxAcJQxKQPKQKaUNGkCVkD7lB3lAAFA7FQfuhw1AmlAeVQBVQDXQdugl1Qw+hUegZNAstQZ+hLRgchoMxw3hgJJgMTBWmB7OAOcL2wgJgUbBk2BFYFqwYVgm7CmuFdcMewcZhM7Bl2DocwGnhrHAiXAquCjeA28Dd4f7waPhBeAa8EF4Jr4O3w3vhY/AZ+Ar8GwKFICD4EVIIDYQpwglBQUQhDiJOIkoQ1YhWxD3EGGIWsYr4icQjuZESSHWkGdIVGYBMQKYjC5GXkS3I+8hx5ALyKwqFYkWJoFRQpig3VDBqH+ok6iyqHtWFGkXNo9bRaDQHWgKthbZBk9Gx6HT0GfRVdCf6MXoBvUlDS8NHI09jTONOE06TRlNIc4XmDs1jmkWabQwDRhijjrHB+GKSMNmYi5h2zDBmAbONZcSKYLWwjthg7CFsMbYOex/7ArtGS0srQKtGa0cbRJtKW0zbQNtHO0v7DceEE8cZ4DxwcbgsXBWuC/cMt4bH40l4Xbw7Phafha/B38W/xG/SEeik6czofOlS6ErpWuke032gx9AL0+vRe9In0xfSN9EP068wYBhIDAYMZIaDDKUMNxkmGNYZCYxyjDaMYYwnGa8wPmR8y4RmIjEZMfkyHWG6wHSXaZ4AJwgSDAgUwmHCRcJ9wgIzilmE2Yw5mDmT+RrzEPMqCxOLIoszSyJLKcttlhlWOCuJ1Yw1lDWbtZH1KesWGw+bHpsf2wm2OrbHbBvsXOy67H7sGez17OPsWxz8HEYcIRy5HDc4pjkRnOKcdpwJnOc473OucDFzaXBRuDK4Grmec8O4xbntufdxX+Ae4F7n4eUx4YnkOcNzl2eFl5VXlzeYN5/3Du8SH4FPmy+IL5+vk+8dPwu/Hn8ofzH/Pf5VIjfRlBhHrCAOEbcFRAScBNIE6gWmBbGCqoL+gvmCPYKrQnxCVkL7hWqFngtjhFWFA4WLhHuFN0giJBfSMdIN0lsRdhEzkWSRWpEXonhRHdEo0UrRJ2IoMVWxELGzYiPiMHEl8UDxUvFhCZiEskSQxFmJUUmkpJpkuGSl5IQUTkpPKl6qVmpWmlXaUjpN+ob0BxkhGXeZXJlemZ+ySrKhshdlp+SY5Mzl0uTa5T7Li8tT5EvlnyjgFYwVUhTaFD4pSij6KZ5TnFQiKFkpHVPqUfqhrKIcrVynvKQipOKtUqYyocqsaqt6UrVPDammr5aidkvtm7qyeqx6o/pHDSmNEI0rGm81RTT9NC9qzmsJaJG1KrRmtPm1vbXLtWd0iDpknUqdOV1BXV/dy7qLemJ6wXpX9T7oy+pH67fobxioGxww6DKEG5oYZhgOGTEZORmVGL00FjAOMK41XjVRMtln0mWKNLUwzTWdMOMxo5jVmK2aq5gfML9ngbNwsCixmLMUt4y2bLeCWZlbnbZ6YS1sHW59wwbYmNmctpm2FbGNsu2wQ9nZ2pXavbGXs99v3+tAcPByuOLw1VHfMdtxyknUKc6px5ne2cO5xnnDxdAlz2XGVcb1gOsjN063ILc2d7S7s/tl9/U9RnsK9ix4KHmkezzdK7I3ce9DT07PUM/bXvReZK8mb6S3i/cV7+9kG3Iled3HzKfMZ5ViQCmiLPvq+ub7Lvlp+eX5Lfpr+ef5vw3QCjgdsBSoE1gYuBJkEFQS9CnYNPh88EaITUhVyE6oS2h9GE2Yd9jNcKbwkPB7EbwRiRGjkRKR6ZEzUepRBVGr0RbRl2OgmL0xbbHM1IXPQJxo3NG42Xjt+NL4zQTnhKZExsTwxIEk8aQTSYvJxsmX9iH2Ufb17CfuP7R/9oDegYqD0EGfgz0pgilHUhZSTVKrD2EPhRwaTJNNy0v7ctjlcPsRniOpR+aPmhytTadLj06fOKZx7PxxxPGg40MnFE6cOfEzwzejP1M2szDz+0nKyf5TcqeKT+1k+WcNZStnn8tB5YTnPM3Vya3OY8xLzps/bXW6NZ8/PyP/S4FXwcNCxcLzRdiiuKKZYsvitjNCZ3LOfC8JLBkv1S+tL+MuO1G2cdb37ONzuufqzvOczzy/VR5UPllhUtFaSaosvIC6EH/hzUXni72XVC/VXOa8nHn5R1V41Uy1ffW9GpWamivcV7JrYbVxtUtXPa6OXDO81lYnVVdRz1qf2QAa4hreXfe+/rTRorGnSbWprlm4uayF0JLRCrUmta7eCLwx0+bWNnrT/GZPu0Z7S4d0R9Ut4q3S2yy3s+9g7xy5s9OZ3LneFdm10h3QPd/j1TN11/Xuk3t294buW9zve2D84G6vXm9nn1bfrYfqD2/2q/bfeKT8qHVAaaBlUGmwZUh5qHVYZbhtRG2kfVRz9M5jncfdY4ZjD56YPXk0bj0++tTp6eSEx8TMpO/k22ehzz49j3++PZX6AvkiY5phuvAl98vKV2Kv6meUZ27PGs4OzDnMTc1T5pdfx7z+vnDkDf5N4SLfYs1b+be3loyXRt7tebewHLm8vZL+nvF92QfRD80fdT8OrLquLnyK/rTz+eQax1rVF8UvPeu26y+/hn3d3sjY5Nis/qb6rXfLZWtxO+E7+nvxD7Ef7T8tfr7YCdvZiSRHk38vBeDUDebvD8DnKgDwbgAQRgDA0v2zXv5PgVMXHzDq3hmShpZhZ+GeCDEkGvkJtYSeoHmFmcVu4JB4Ep0FfSxDOeMEgZZZmyWZtZ5tkUOck8xVxD3Mi+RT4vcjZgk0Cj4W+kCCidCJ0ovRUt983yTeS85KjUnflWmRvSiXI39AIVjRWUlXWVyFoPJddUFtQL1Zo0zzsFawtr2Otq6kHp8+qwGDIcYIYfTDeMNk1fSt2Yz5pMWQ5X2rW9ZNNtdsr9jV2F9xuOZY73TducmlybXZrdm9aU+jx/W99Z71Xo3ebeRunwHKM983fl/8dwJpg1iDBUIkQpXCdMLNIpwi/aISok/FXI7tjJuM/5SISeJPVtlnvZ9yIPFgRkpRavmhirTzh4uPZB9NT993LOq4/wn3DOtMvZNKp0SzuLOZcmhzMXm0pxny2QuIhRJFisVaZ4xKrEqdyvacpZwLOR9bnlqRU1lxoeVi/6VXl79U09RwX5Gp1b/qdC2gLrH+eEPh9cr
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--b7deaf3f-ccbd-428b-8350-548ed5bc3f2d",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-05-21T13:22:18.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:18.000Z",
|
|
|
|
"first_observed": "2019-05-21T13:22:18Z",
|
|
|
|
"last_observed": "2019-05-21T13:22:18Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"file--b7deaf3f-ccbd-428b-8350-548ed5bc3f2d",
|
|
|
|
"artifact--b7deaf3f-ccbd-428b-8350-548ed5bc3f2d"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"attachment\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "file",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "file--b7deaf3f-ccbd-428b-8350-548ed5bc3f2d",
|
|
|
|
"name": "Figure 2",
|
|
|
|
"content_ref": "artifact--b7deaf3f-ccbd-428b-8350-548ed5bc3f2d"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "artifact",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "artifact--b7deaf3f-ccbd-428b-8350-548ed5bc3f2d",
|
|
|
|
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAAAlgAAAIbCAYAAAA3quAeAAAWcGlDQ1BJQ0MgUHJvZmlsZQAAeJyVmAdUE1+XwN+kkpDQQu+hhN577733IgIh9N6bBURFBaVJE1ABCyAKSBNBpVhApIoIiihFRAQVRQRBZaP/Fffb3e/s2XvOZH5zc+fOnbnvznt3AGDvI0dGhsIYAAgLj422N9Hnd3Vz50fPAwhgAS2gA3JkSkyknq2tJfi38vUp1ZoqY1K/fP17u/9VGH39YigAQLZU9vGNoYRRuZm6DVAio2MBgKdS9YIJsZG/+CKVmaOpAVK57RcH/MMDv9jnH575beNob0DlLwDQ4Mjk6AAAcL+uxR9PCaD6wfEDgGIK9w0KB4BJkcralECyLwDs1P+AZFhYxC8up7Koz3/xE/AvPn12fZLJAbv8z738FhrDoJjIUHLS//Nx/N8SFhr35xoC1A0XGG1qT90LUZ9ZdUiExS6H+1jb/OEg39/2vzkwztTpD1NiDNz/sC/Z0OIPx4U46f1hcvTfc4NizRz/cHSE/a5/vxgjh13/fmaWuzGEWu+yf5Cx2R9ODnR0+cPxQc7WfzgmxMHir43Brj46zn43Zv9o4917DIv5GxuF/DeG2EBH07+xue7G4OtnaLSrD3fatY+M1d/1GRlqu2vvF2qyq4+Jd9g9N5Y6wP5wMNnc9q8f293nAyyBETAE/MAABIFw4AfCAJl6ZEg9igGRIJR6lBTrl/hrzAGDiMik6KCAwFh+PWoF+fGbhVOkJfnlZeXUAPhVj/+ke83+d51BrMN/dVHU89WpVrCzf3VkCQDaJallcPWvTkgZANpSADrmKXHR8f/oEL9+kNQ6pwfMgAPwAkEgCqSAPFAGGkCXGr05sAGOwA14AgoIpMYfDRLAfnAIpINMkAMKQAk4Dy6AanANNIIb4BboBg/AIzACxsEUmAELYBmsgq9gG4IgNISHCBAHxAcJQxKQPKQKaUNGkCVkD7lB3lAAFA7FQfuhw1AmlAeVQBVQDXQdugl1Qw+hUegZNAstQZ+hLRgchoMxw3hgJJgMTBWmB7OAOcL2wgJgUbBk2BFYFqwYVgm7CmuFdcMewcZhM7Bl2DocwGnhrHAiXAquCjeA28Dd4f7waPhBeAa8EF4Jr4O3w3vhY/AZ+Ar8GwKFICD4EVIIDYQpwglBQUQhDiJOIkoQ1YhWxD3EGGIWsYr4icQjuZESSHWkGdIVGYBMQKYjC5GXkS3I+8hx5ALyKwqFYkWJoFRQpig3VDBqH+ok6iyqHtWFGkXNo9bRaDQHWgKthbZBk9Gx6HT0GfRVdCf6MXoBvUlDS8NHI09jTONOE06TRlNIc4XmDs1jmkWabQwDRhijjrHB+GKSMNmYi5h2zDBmAbONZcSKYLWwjthg7CFsMbYOex/7ArtGS0srQKtGa0cbRJtKW0zbQNtHO0v7DceEE8cZ4DxwcbgsXBWuC/cMt4bH40l4Xbw7Phafha/B38W/xG/SEeik6czofOlS6ErpWuke032gx9AL0+vRe9In0xfSN9EP068wYBhIDAYMZIaDDKUMNxkmGNYZCYxyjDaMYYwnGa8wPmR8y4RmIjEZMfkyHWG6wHSXaZ4AJwgSDAgUwmHCRcJ9wgIzilmE2Yw5mDmT+RrzEPMqCxOLIoszSyJLKcttlhlWOCuJ1Yw1lDWbtZH1KesWGw+bHpsf2wm2OrbHbBvsXOy67H7sGez17OPsWxz8HEYcIRy5HDc4pjkRnOKcdpwJnOc473OucDFzaXBRuDK4Grmec8O4xbntufdxX+Ae4F7n4eUx4YnkOcNzl2eFl5VXlzeYN5/3Du8SH4FPmy+IL5+vk+8dPwu/Hn8ofzH/Pf5VIjfRlBhHrCAOEbcFRAScBNIE6gWmBbGCqoL+gvmCPYKrQnxCVkL7hWqFngtjhFWFA4WLhHuFN0giJBfSMdIN0lsRdhEzkWSRWpEXonhRHdEo0UrRJ2IoMVWxELGzYiPiMHEl8UDxUvFhCZiEskSQxFmJUUmkpJpkuGSl5IQUTkpPKl6qVmpWmlXaUjpN+ob0BxkhGXeZXJlemZ+ySrKhshdlp+SY5Mzl0uTa5T7Li8tT5EvlnyjgFYwVUhTaFD4pSij6KZ5TnFQiKFkpHVPqUfqhrKIcrVynvKQipOKtUqYyocqsaqt6UrVPDammr5aidkvtm7qyeqx6o/pHDSmNEI0rGm81RTT9NC9qzmsJaJG1KrRmtPm1vbXLtWd0iDpknUqdOV1BXV/dy7qLemJ6wXpX9T7oy+pH67fobxioGxww6DKEG5oYZhgOGTEZORmVGL00FjAOMK41XjVRMtln0mWKNLUwzTWdMOMxo5jVmK2aq5gfML9ngbNwsCixmLMUt4y2bLeCWZlbnbZ6YS1sHW59wwbYmNmctpm2FbGNsu2wQ9nZ2pXavbGXs99v3+tAcPByuOLw1VHfMdtxyknUKc6px5ne2cO5xnnDxdAlz2XGVcb1gOsjN063ILc2d7S7s/tl9/U9RnsK9ix4KHmkezzdK7I3ce9DT07PUM/bXvReZK8mb6S3i/cV7+9kG3Iled3HzKfMZ5ViQCmiLPvq+ub7Lvlp+eX5Lfpr+ef5vw3QCjgdsBSoE1gYuBJkEFQS9CnYNPh88EaITUhVyE6oS2h9GE2Yd9jNcKbwkPB7EbwRiRGjkRKR6ZEzUepRBVGr0RbRl2OgmL0xbbHM1IXPQJxo3NG42Xjt+NL4zQTnhKZExsTwxIEk8aQTSYvJxsmX9iH2Ufb17CfuP7R/9oDegYqD0EGfgz0pgilHUhZSTVKrD2EPhRwaTJNNy0v7ctjlcPsRniOpR+aPmhytTadLj06fOKZx7PxxxPGg40MnFE6cOfEzwzejP1M2szDz+0nKyf5TcqeKT+1k+WcNZStnn8tB5YTnPM3Vya3OY8xLzps/bXW6NZ8/PyP/S4FXwcNCxcLzRdiiuKKZYsvitjNCZ3LOfC8JLBkv1S+tL+MuO1G2cdb37ONzuufqzvOczzy/VR5UPllhUtFaSaosvIC6EH/hzUXni72XVC/VXOa8nHn5R1V41Uy1ffW9GpWamivcV7JrYbVxtUtXPa6OXDO81lYnVVdRz1qf2QAa4hreXfe+/rTRorGnSbWprlm4uayF0JLRCrUmta7eCLwx0+bWNnrT/GZPu0Z7S4d0R9Ut4q3S2yy3s+9g7xy5s9OZ3LneFdm10h3QPd/j1TN11/Xuk3t294buW9zve2D84G6vXm9nn1bfrYfqD2/2q/bfeKT8qHVAaaBlUGmwZUh5qHVYZbhtRG2kfVRz9M5jncfdY4ZjD56YPXk0bj0++tTp6eSEx8TMpO/k22ehzz49j3++PZX6AvkiY5phuvAl98vKV2Kv6meUZ27PGs4OzDnMTc1T5pdfx7z+vnDkDf5N4SLfYs1b+be3loyXRt7tebewHLm8vZL+nvF92QfRD80fdT8OrLquLnyK/rTz+eQax1rVF8UvPeu26y+/hn3d3sjY5Nis/qb6rXfLZWtxO+E7+nvxD7Ef7T8tfr7YCdvZiSRHk38vBeDUDebvD8DnKgDwbgAQRgDA0v2zXv5PgVMXHzDq3hmShpZhZ+GeCDEkGvkJtYSeoHmFmcVu4JB4Ep0FfSxDOeMEgZZZmyWZtZ5tkUOck8xVxD3Mi+RT4vcjZgk0Cj4W+kCCidCJ0ovRUt983yTeS85KjUnflWmRvSiXI39AIVjRWUlXWVyFoPJddUFtQL1Zo0zzsFawtr2Otq6kHp8+qwGDIcYIYfTDeMNk1fSt2Yz5pMWQ5X2rW9ZNNtdsr9jV2F9xuOZY73TducmlybXZrdm9aU+jx/W99Z71Xo3ebeRunwHKM983fl/8dwJpg1iDBUIkQpXCdMLNIpwi/aISok/FXI7tjJuM/5SISeJPVtlnvZ9yIPFgRkpRavmhirTzh4uPZB9NT993LOq4/wn3DOtMvZNKp0SzuLOZcmhzMXm0pxny2QuIhRJFisVaZ4xKrEqdyvacpZwLOR9bnlqRU1lxoeVi/6VXl79U09RwX5Gp1b/qdC2gLrH+eEPh9cr
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--f4548dd8-1e15-4ccf-af15-c9582a555969",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-05-21T13:22:18.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:18.000Z",
|
|
|
|
"first_observed": "2019-05-21T13:22:18Z",
|
|
|
|
"last_observed": "2019-05-21T13:22:18Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"file--f4548dd8-1e15-4ccf-af15-c9582a555969",
|
|
|
|
"artifact--f4548dd8-1e15-4ccf-af15-c9582a555969"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"attachment\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "file",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "file--f4548dd8-1e15-4ccf-af15-c9582a555969",
|
|
|
|
"name": "Figure 3",
|
|
|
|
"content_ref": "artifact--f4548dd8-1e15-4ccf-af15-c9582a555969"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "artifact",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "artifact--f4548dd8-1e15-4ccf-af15-c9582a555969",
|
|
|
|
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAAAlgAAAHxCAYAAACxncJnAAAWcGlDQ1BJQ0MgUHJvZmlsZQAAeJyVmAdUE1+XwN+kkpDQQu+hhN577733IgIh9N6bBURFBaVJE1ABCyAKSBNBpVhApIoIiihFRAQVRQRBZaP/Fffb3e/s2XvOZH5zc+fOnbnvznt3AGDvI0dGhsIYAAgLj422N9Hnd3Vz50fPAwhgAS2gA3JkSkyknq2tJfi38vUp1ZoqY1K/fP17u/9VGH39YigAQLZU9vGNoYRRuZm6DVAio2MBgKdS9YIJsZG/+CKVmaOpAVK57RcH/MMDv9jnH575beNob0DlLwDQ4Mjk6AAAcL+uxR9PCaD6wfEDgGIK9w0KB4BJkcralECyLwDs1P+AZFhYxC8up7Koz3/xE/AvPn12fZLJAbv8z738FhrDoJjIUHLS//Nx/N8SFhr35xoC1A0XGG1qT90LUZ9ZdUiExS6H+1jb/OEg39/2vzkwztTpD1NiDNz/sC/Z0OIPx4U46f1hcvTfc4NizRz/cHSE/a5/vxgjh13/fmaWuzGEWu+yf5Cx2R9ODnR0+cPxQc7WfzgmxMHir43Brj46zn43Zv9o4917DIv5GxuF/DeG2EBH07+xue7G4OtnaLSrD3fatY+M1d/1GRlqu2vvF2qyq4+Jd9g9N5Y6wP5wMNnc9q8f293nAyyBETAE/MAABIFw4AfCAJl6ZEg9igGRIJR6lBTrl/hrzAGDiMik6KCAwFh+PWoF+fGbhVOkJfnlZeXUAPhVj/+ke83+d51BrMN/dVHU89WpVrCzf3VkCQDaJallcPWvTkgZANpSADrmKXHR8f/oEL9+kNQ6pwfMgAPwAkEgCqSAPFAGGkCXGr05sAGOwA14AgoIpMYfDRLAfnAIpINMkAMKQAk4Dy6AanANNIIb4BboBg/AIzACxsEUmAELYBmsgq9gG4IgNISHCBAHxAcJQxKQPKQKaUNGkCVkD7lB3lAAFA7FQfuhw1AmlAeVQBVQDXQdugl1Qw+hUegZNAstQZ+hLRgchoMxw3hgJJgMTBWmB7OAOcL2wgJgUbBk2BFYFqwYVgm7CmuFdcMewcZhM7Bl2DocwGnhrHAiXAquCjeA28Dd4f7waPhBeAa8EF4Jr4O3w3vhY/AZ+Ar8GwKFICD4EVIIDYQpwglBQUQhDiJOIkoQ1YhWxD3EGGIWsYr4icQjuZESSHWkGdIVGYBMQKYjC5GXkS3I+8hx5ALyKwqFYkWJoFRQpig3VDBqH+ok6iyqHtWFGkXNo9bRaDQHWgKthbZBk9Gx6HT0GfRVdCf6MXoBvUlDS8NHI09jTONOE06TRlNIc4XmDs1jmkWabQwDRhijjrHB+GKSMNmYi5h2zDBmAbONZcSKYLWwjthg7CFsMbYOex/7ArtGS0srQKtGa0cbRJtKW0zbQNtHO0v7DceEE8cZ4DxwcbgsXBWuC/cMt4bH40l4Xbw7Phafha/B38W/xG/SEeik6czofOlS6ErpWuke032gx9AL0+vRe9In0xfSN9EP068wYBhIDAYMZIaDDKUMNxkmGNYZCYxyjDaMYYwnGa8wPmR8y4RmIjEZMfkyHWG6wHSXaZ4AJwgSDAgUwmHCRcJ9wgIzilmE2Yw5mDmT+RrzEPMqCxOLIoszSyJLKcttlhlWOCuJ1Yw1lDWbtZH1KesWGw+bHpsf2wm2OrbHbBvsXOy67H7sGez17OPsWxz8HEYcIRy5HDc4pjkRnOKcdpwJnOc473OucDFzaXBRuDK4Grmec8O4xbntufdxX+Ae4F7n4eUx4YnkOcNzl2eFl5VXlzeYN5/3Du8SH4FPmy+IL5+vk+8dPwu/Hn8ofzH/Pf5VIjfRlBhHrCAOEbcFRAScBNIE6gWmBbGCqoL+gvmCPYKrQnxCVkL7hWqFngtjhFWFA4WLhHuFN0giJBfSMdIN0lsRdhEzkWSRWpEXonhRHdEo0UrRJ2IoMVWxELGzYiPiMHEl8UDxUvFhCZiEskSQxFmJUUmkpJpkuGSl5IQUTkpPKl6qVmpWmlXaUjpN+ob0BxkhGXeZXJlemZ+ySrKhshdlp+SY5Mzl0uTa5T7Li8tT5EvlnyjgFYwVUhTaFD4pSij6KZ5TnFQiKFkpHVPqUfqhrKIcrVynvKQipOKtUqYyocqsaqt6UrVPDammr5aidkvtm7qyeqx6o/pHDSmNEI0rGm81RTT9NC9qzmsJaJG1KrRmtPm1vbXLtWd0iDpknUqdOV1BXV/dy7qLemJ6wXpX9T7oy+pH67fobxioGxww6DKEG5oYZhgOGTEZORmVGL00FjAOMK41XjVRMtln0mWKNLUwzTWdMOMxo5jVmK2aq5gfML9ngbNwsCixmLMUt4y2bLeCWZlbnbZ6YS1sHW59wwbYmNmctpm2FbGNsu2wQ9nZ2pXavbGXs99v3+tAcPByuOLw1VHfMdtxyknUKc6px5ne2cO5xnnDxdAlz2XGVcb1gOsjN063ILc2d7S7s/tl9/U9RnsK9ix4KHmkezzdK7I3ce9DT07PUM/bXvReZK8mb6S3i/cV7+9kG3Iled3HzKfMZ5ViQCmiLPvq+ub7Lvlp+eX5Lfpr+ef5vw3QCjgdsBSoE1gYuBJkEFQS9CnYNPh88EaITUhVyE6oS2h9GE2Yd9jNcKbwkPB7EbwRiRGjkRKR6ZEzUepRBVGr0RbRl2OgmL0xbbHM1IXPQJxo3NG42Xjt+NL4zQTnhKZExsTwxIEk8aQTSYvJxsmX9iH2Ufb17CfuP7R/9oDegYqD0EGfgz0pgilHUhZSTVKrD2EPhRwaTJNNy0v7ctjlcPsRniOpR+aPmhytTadLj06fOKZx7PxxxPGg40MnFE6cOfEzwzejP1M2szDz+0nKyf5TcqeKT+1k+WcNZStnn8tB5YTnPM3Vya3OY8xLzps/bXW6NZ8/PyP/S4FXwcNCxcLzRdiiuKKZYsvitjNCZ3LOfC8JLBkv1S+tL+MuO1G2cdb37ONzuufqzvOczzy/VR5UPllhUtFaSaosvIC6EH/hzUXni72XVC/VXOa8nHn5R1V41Uy1ffW9GpWamivcV7JrYbVxtUtXPa6OXDO81lYnVVdRz1qf2QAa4hreXfe+/rTRorGnSbWprlm4uayF0JLRCrUmta7eCLwx0+bWNnrT/GZPu0Z7S4d0R9Ut4q3S2yy3s+9g7xy5s9OZ3LneFdm10h3QPd/j1TN11/Xuk3t294buW9zve2D84G6vXm9nn1bfrYfqD2/2q/bfeKT8qHVAaaBlUGmwZUh5qHVYZbhtRG2kfVRz9M5jncfdY4ZjD56YPXk0bj0++tTp6eSEx8TMpO/k22ehzz49j3++PZX6AvkiY5phuvAl98vKV2Kv6meUZ27PGs4OzDnMTc1T5pdfx7z+vnDkDf5N4SLfYs1b+be3loyXRt7tebewHLm8vZL+nvF92QfRD80fdT8OrLquLnyK/rTz+eQax1rVF8UvPeu26y+/hn3d3sjY5Nis/qb6rXfLZWtxO+E7+nvxD7Ef7T8tfr7YCdvZiSRHk38vBeDUDebvD8DnKgDwbgAQRgDA0v2zXv5PgVMXHzDq3hmShpZhZ+GeCDEkGvkJtYSeoHmFmcVu4JB4Ep0FfSxDOeMEgZZZmyWZtZ5tkUOck8xVxD3Mi+RT4vcjZgk0Cj4W+kCCidCJ0ovRUt983yTeS85KjUnflWmRvSiXI39AIVjRWUlXWVyFoPJddUFtQL1Zo0zzsFawtr2Otq6kHp8+qwGDIcYIYfTDeMNk1fSt2Yz5pMWQ5X2rW9ZNNtdsr9jV2F9xuOZY73TducmlybXZrdm9aU+jx/W99Z71Xo3ebeRunwHKM983fl/8dwJpg1iDBUIkQpXCdMLNIpwi/aISok/FXI7tjJuM/5SISeJPVtlnvZ9yIPFgRkpRavmhirTzh4uPZB9NT993LOq4/wn3DOtMvZNKp0SzuLOZcmhzMXm0pxny2QuIhRJFisVaZ4xKrEqdyvacpZwLOR9bnlqRU1lxoeVi/6VXl79U09RwX5Gp1b/qdC2gLrH+eEPh9cr
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--d1ec976f-e9a9-4304-8cfd-a8606e1dbdc2",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-05-21T13:22:18.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:18.000Z",
|
|
|
|
"first_observed": "2019-05-21T13:22:18Z",
|
|
|
|
"last_observed": "2019-05-21T13:22:18Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"file--d1ec976f-e9a9-4304-8cfd-a8606e1dbdc2",
|
|
|
|
"artifact--d1ec976f-e9a9-4304-8cfd-a8606e1dbdc2"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"attachment\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "file",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "file--d1ec976f-e9a9-4304-8cfd-a8606e1dbdc2",
|
|
|
|
"name": "Figure 4",
|
|
|
|
"content_ref": "artifact--d1ec976f-e9a9-4304-8cfd-a8606e1dbdc2"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "artifact",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "artifact--d1ec976f-e9a9-4304-8cfd-a8606e1dbdc2",
|
|
|
|
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAAAlgAAADKCAYAAAB5Vz69AAAWcGlDQ1BJQ0MgUHJvZmlsZQAAeJyVmAdUE1+XwN+kkpDQQu+hhN577733IgIh9N6bBURFBaVJE1ABCyAKSBNBpVhApIoIiihFRAQVRQRBZaP/Fffb3e/s2XvOZH5zc+fOnbnvznt3AGDvI0dGhsIYAAgLj422N9Hnd3Vz50fPAwhgAS2gA3JkSkyknq2tJfi38vUp1ZoqY1K/fP17u/9VGH39YigAQLZU9vGNoYRRuZm6DVAio2MBgKdS9YIJsZG/+CKVmaOpAVK57RcH/MMDv9jnH575beNob0DlLwDQ4Mjk6AAAcL+uxR9PCaD6wfEDgGIK9w0KB4BJkcralECyLwDs1P+AZFhYxC8up7Koz3/xE/AvPn12fZLJAbv8z738FhrDoJjIUHLS//Nx/N8SFhr35xoC1A0XGG1qT90LUZ9ZdUiExS6H+1jb/OEg39/2vzkwztTpD1NiDNz/sC/Z0OIPx4U46f1hcvTfc4NizRz/cHSE/a5/vxgjh13/fmaWuzGEWu+yf5Cx2R9ODnR0+cPxQc7WfzgmxMHir43Brj46zn43Zv9o4917DIv5GxuF/DeG2EBH07+xue7G4OtnaLSrD3fatY+M1d/1GRlqu2vvF2qyq4+Jd9g9N5Y6wP5wMNnc9q8f293nAyyBETAE/MAABIFw4AfCAJl6ZEg9igGRIJR6lBTrl/hrzAGDiMik6KCAwFh+PWoF+fGbhVOkJfnlZeXUAPhVj/+ke83+d51BrMN/dVHU89WpVrCzf3VkCQDaJallcPWvTkgZANpSADrmKXHR8f/oEL9+kNQ6pwfMgAPwAkEgCqSAPFAGGkCXGr05sAGOwA14AgoIpMYfDRLAfnAIpINMkAMKQAk4Dy6AanANNIIb4BboBg/AIzACxsEUmAELYBmsgq9gG4IgNISHCBAHxAcJQxKQPKQKaUNGkCVkD7lB3lAAFA7FQfuhw1AmlAeVQBVQDXQdugl1Qw+hUegZNAstQZ+hLRgchoMxw3hgJJgMTBWmB7OAOcL2wgJgUbBk2BFYFqwYVgm7CmuFdcMewcZhM7Bl2DocwGnhrHAiXAquCjeA28Dd4f7waPhBeAa8EF4Jr4O3w3vhY/AZ+Ar8GwKFICD4EVIIDYQpwglBQUQhDiJOIkoQ1YhWxD3EGGIWsYr4icQjuZESSHWkGdIVGYBMQKYjC5GXkS3I+8hx5ALyKwqFYkWJoFRQpig3VDBqH+ok6iyqHtWFGkXNo9bRaDQHWgKthbZBk9Gx6HT0GfRVdCf6MXoBvUlDS8NHI09jTONOE06TRlNIc4XmDs1jmkWabQwDRhijjrHB+GKSMNmYi5h2zDBmAbONZcSKYLWwjthg7CFsMbYOex/7ArtGS0srQKtGa0cbRJtKW0zbQNtHO0v7DceEE8cZ4DxwcbgsXBWuC/cMt4bH40l4Xbw7Phafha/B38W/xG/SEeik6czofOlS6ErpWuke032gx9AL0+vRe9In0xfSN9EP068wYBhIDAYMZIaDDKUMNxkmGNYZCYxyjDaMYYwnGa8wPmR8y4RmIjEZMfkyHWG6wHSXaZ4AJwgSDAgUwmHCRcJ9wgIzilmE2Yw5mDmT+RrzEPMqCxOLIoszSyJLKcttlhlWOCuJ1Yw1lDWbtZH1KesWGw+bHpsf2wm2OrbHbBvsXOy67H7sGez17OPsWxz8HEYcIRy5HDc4pjkRnOKcdpwJnOc473OucDFzaXBRuDK4Grmec8O4xbntufdxX+Ae4F7n4eUx4YnkOcNzl2eFl5VXlzeYN5/3Du8SH4FPmy+IL5+vk+8dPwu/Hn8ofzH/Pf5VIjfRlBhHrCAOEbcFRAScBNIE6gWmBbGCqoL+gvmCPYKrQnxCVkL7hWqFngtjhFWFA4WLhHuFN0giJBfSMdIN0lsRdhEzkWSRWpEXonhRHdEo0UrRJ2IoMVWxELGzYiPiMHEl8UDxUvFhCZiEskSQxFmJUUmkpJpkuGSl5IQUTkpPKl6qVmpWmlXaUjpN+ob0BxkhGXeZXJlemZ+ySrKhshdlp+SY5Mzl0uTa5T7Li8tT5EvlnyjgFYwVUhTaFD4pSij6KZ5TnFQiKFkpHVPqUfqhrKIcrVynvKQipOKtUqYyocqsaqt6UrVPDammr5aidkvtm7qyeqx6o/pHDSmNEI0rGm81RTT9NC9qzmsJaJG1KrRmtPm1vbXLtWd0iDpknUqdOV1BXV/dy7qLemJ6wXpX9T7oy+pH67fobxioGxww6DKEG5oYZhgOGTEZORmVGL00FjAOMK41XjVRMtln0mWKNLUwzTWdMOMxo5jVmK2aq5gfML9ngbNwsCixmLMUt4y2bLeCWZlbnbZ6YS1sHW59wwbYmNmctpm2FbGNsu2wQ9nZ2pXavbGXs99v3+tAcPByuOLw1VHfMdtxyknUKc6px5ne2cO5xnnDxdAlz2XGVcb1gOsjN063ILc2d7S7s/tl9/U9RnsK9ix4KHmkezzdK7I3ce9DT07PUM/bXvReZK8mb6S3i/cV7+9kG3Iled3HzKfMZ5ViQCmiLPvq+ub7Lvlp+eX5Lfpr+ef5vw3QCjgdsBSoE1gYuBJkEFQS9CnYNPh88EaITUhVyE6oS2h9GE2Yd9jNcKbwkPB7EbwRiRGjkRKR6ZEzUepRBVGr0RbRl2OgmL0xbbHM1IXPQJxo3NG42Xjt+NL4zQTnhKZExsTwxIEk8aQTSYvJxsmX9iH2Ufb17CfuP7R/9oDegYqD0EGfgz0pgilHUhZSTVKrD2EPhRwaTJNNy0v7ctjlcPsRniOpR+aPmhytTadLj06fOKZx7PxxxPGg40MnFE6cOfEzwzejP1M2szDz+0nKyf5TcqeKT+1k+WcNZStnn8tB5YTnPM3Vya3OY8xLzps/bXW6NZ8/PyP/S4FXwcNCxcLzRdiiuKKZYsvitjNCZ3LOfC8JLBkv1S+tL+MuO1G2cdb37ONzuufqzvOczzy/VR5UPllhUtFaSaosvIC6EH/hzUXni72XVC/VXOa8nHn5R1V41Uy1ffW9GpWamivcV7JrYbVxtUtXPa6OXDO81lYnVVdRz1qf2QAa4hreXfe+/rTRorGnSbWprlm4uayF0JLRCrUmta7eCLwx0+bWNnrT/GZPu0Z7S4d0R9Ut4q3S2yy3s+9g7xy5s9OZ3LneFdm10h3QPd/j1TN11/Xuk3t294buW9zve2D84G6vXm9nn1bfrYfqD2/2q/bfeKT8qHVAaaBlUGmwZUh5qHVYZbhtRG2kfVRz9M5jncfdY4ZjD56YPXk0bj0++tTp6eSEx8TMpO/k22ehzz49j3++PZX6AvkiY5phuvAl98vKV2Kv6meUZ27PGs4OzDnMTc1T5pdfx7z+vnDkDf5N4SLfYs1b+be3loyXRt7tebewHLm8vZL+nvF92QfRD80fdT8OrLquLnyK/rTz+eQax1rVF8UvPeu26y+/hn3d3sjY5Nis/qb6rXfLZWtxO+E7+nvxD7Ef7T8tfr7YCdvZiSRHk38vBeDUDebvD8DnKgDwbgAQRgDA0v2zXv5PgVMXHzDq3hmShpZhZ+GeCDEkGvkJtYSeoHmFmcVu4JB4Ep0FfSxDOeMEgZZZmyWZtZ5tkUOck8xVxD3Mi+RT4vcjZgk0Cj4W+kCCidCJ0ovRUt983yTeS85KjUnflWmRvSiXI39AIVjRWUlXWVyFoPJddUFtQL1Zo0zzsFawtr2Otq6kHp8+qwGDIcYIYfTDeMNk1fSt2Yz5pMWQ5X2rW9ZNNtdsr9jV2F9xuOZY73TducmlybXZrdm9aU+jx/W99Z71Xo3ebeRunwHKM983fl/8dwJpg1iDBUIkQpXCdMLNIpwi/aISok/FXI7tjJuM/5SISeJPVtlnvZ9yIPFgRkpRavmhirTzh4uPZB9NT993LOq4/wn3DOtMvZNKp0SzuLOZcmhzMXm0pxny2QuIhRJFisVaZ4xKrEqdyvacpZwLOR9bnlqRU1lxoeVi/6VXl79U09RwX5Gp1b/qdC2gLrH+eEPh9cr
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--ece02b34-e7d3-4d3f-be65-363e08e9c6f7",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-05-21T13:22:18.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:18.000Z",
|
|
|
|
"first_observed": "2019-05-21T13:22:18Z",
|
|
|
|
"last_observed": "2019-05-21T13:22:18Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"file--ece02b34-e7d3-4d3f-be65-363e08e9c6f7",
|
|
|
|
"artifact--ece02b34-e7d3-4d3f-be65-363e08e9c6f7"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"attachment\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "file",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "file--ece02b34-e7d3-4d3f-be65-363e08e9c6f7",
|
|
|
|
"name": "Figure 5",
|
|
|
|
"content_ref": "artifact--ece02b34-e7d3-4d3f-be65-363e08e9c6f7"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "artifact",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "artifact--ece02b34-e7d3-4d3f-be65-363e08e9c6f7",
|
|
|
|
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAAAlgAAADGCAYAAAAOlf7GAAAWcGlDQ1BJQ0MgUHJvZmlsZQAAeJyVmAdUE1+XwN+kkpDQQu+hhN577733IgIh9N6bBURFBaVJE1ABCyAKSBNBpVhApIoIiihFRAQVRQRBZaP/Fffb3e/s2XvOZH5zc+fOnbnvznt3AGDvI0dGhsIYAAgLj422N9Hnd3Vz50fPAwhgAS2gA3JkSkyknq2tJfi38vUp1ZoqY1K/fP17u/9VGH39YigAQLZU9vGNoYRRuZm6DVAio2MBgKdS9YIJsZG/+CKVmaOpAVK57RcH/MMDv9jnH575beNob0DlLwDQ4Mjk6AAAcL+uxR9PCaD6wfEDgGIK9w0KB4BJkcralECyLwDs1P+AZFhYxC8up7Koz3/xE/AvPn12fZLJAbv8z738FhrDoJjIUHLS//Nx/N8SFhr35xoC1A0XGG1qT90LUZ9ZdUiExS6H+1jb/OEg39/2vzkwztTpD1NiDNz/sC/Z0OIPx4U46f1hcvTfc4NizRz/cHSE/a5/vxgjh13/fmaWuzGEWu+yf5Cx2R9ODnR0+cPxQc7WfzgmxMHir43Brj46zn43Zv9o4917DIv5GxuF/DeG2EBH07+xue7G4OtnaLSrD3fatY+M1d/1GRlqu2vvF2qyq4+Jd9g9N5Y6wP5wMNnc9q8f293nAyyBETAE/MAABIFw4AfCAJl6ZEg9igGRIJR6lBTrl/hrzAGDiMik6KCAwFh+PWoF+fGbhVOkJfnlZeXUAPhVj/+ke83+d51BrMN/dVHU89WpVrCzf3VkCQDaJallcPWvTkgZANpSADrmKXHR8f/oEL9+kNQ6pwfMgAPwAkEgCqSAPFAGGkCXGr05sAGOwA14AgoIpMYfDRLAfnAIpINMkAMKQAk4Dy6AanANNIIb4BboBg/AIzACxsEUmAELYBmsgq9gG4IgNISHCBAHxAcJQxKQPKQKaUNGkCVkD7lB3lAAFA7FQfuhw1AmlAeVQBVQDXQdugl1Qw+hUegZNAstQZ+hLRgchoMxw3hgJJgMTBWmB7OAOcL2wgJgUbBk2BFYFqwYVgm7CmuFdcMewcZhM7Bl2DocwGnhrHAiXAquCjeA28Dd4f7waPhBeAa8EF4Jr4O3w3vhY/AZ+Ar8GwKFICD4EVIIDYQpwglBQUQhDiJOIkoQ1YhWxD3EGGIWsYr4icQjuZESSHWkGdIVGYBMQKYjC5GXkS3I+8hx5ALyKwqFYkWJoFRQpig3VDBqH+ok6iyqHtWFGkXNo9bRaDQHWgKthbZBk9Gx6HT0GfRVdCf6MXoBvUlDS8NHI09jTONOE06TRlNIc4XmDs1jmkWabQwDRhijjrHB+GKSMNmYi5h2zDBmAbONZcSKYLWwjthg7CFsMbYOex/7ArtGS0srQKtGa0cbRJtKW0zbQNtHO0v7DceEE8cZ4DxwcbgsXBWuC/cMt4bH40l4Xbw7Phafha/B38W/xG/SEeik6czofOlS6ErpWuke032gx9AL0+vRe9In0xfSN9EP068wYBhIDAYMZIaDDKUMNxkmGNYZCYxyjDaMYYwnGa8wPmR8y4RmIjEZMfkyHWG6wHSXaZ4AJwgSDAgUwmHCRcJ9wgIzilmE2Yw5mDmT+RrzEPMqCxOLIoszSyJLKcttlhlWOCuJ1Yw1lDWbtZH1KesWGw+bHpsf2wm2OrbHbBvsXOy67H7sGez17OPsWxz8HEYcIRy5HDc4pjkRnOKcdpwJnOc473OucDFzaXBRuDK4Grmec8O4xbntufdxX+Ae4F7n4eUx4YnkOcNzl2eFl5VXlzeYN5/3Du8SH4FPmy+IL5+vk+8dPwu/Hn8ofzH/Pf5VIjfRlBhHrCAOEbcFRAScBNIE6gWmBbGCqoL+gvmCPYKrQnxCVkL7hWqFngtjhFWFA4WLhHuFN0giJBfSMdIN0lsRdhEzkWSRWpEXonhRHdEo0UrRJ2IoMVWxELGzYiPiMHEl8UDxUvFhCZiEskSQxFmJUUmkpJpkuGSl5IQUTkpPKl6qVmpWmlXaUjpN+ob0BxkhGXeZXJlemZ+ySrKhshdlp+SY5Mzl0uTa5T7Li8tT5EvlnyjgFYwVUhTaFD4pSij6KZ5TnFQiKFkpHVPqUfqhrKIcrVynvKQipOKtUqYyocqsaqt6UrVPDammr5aidkvtm7qyeqx6o/pHDSmNEI0rGm81RTT9NC9qzmsJaJG1KrRmtPm1vbXLtWd0iDpknUqdOV1BXV/dy7qLemJ6wXpX9T7oy+pH67fobxioGxww6DKEG5oYZhgOGTEZORmVGL00FjAOMK41XjVRMtln0mWKNLUwzTWdMOMxo5jVmK2aq5gfML9ngbNwsCixmLMUt4y2bLeCWZlbnbZ6YS1sHW59wwbYmNmctpm2FbGNsu2wQ9nZ2pXavbGXs99v3+tAcPByuOLw1VHfMdtxyknUKc6px5ne2cO5xnnDxdAlz2XGVcb1gOsjN063ILc2d7S7s/tl9/U9RnsK9ix4KHmkezzdK7I3ce9DT07PUM/bXvReZK8mb6S3i/cV7+9kG3Iled3HzKfMZ5ViQCmiLPvq+ub7Lvlp+eX5Lfpr+ef5vw3QCjgdsBSoE1gYuBJkEFQS9CnYNPh88EaITUhVyE6oS2h9GE2Yd9jNcKbwkPB7EbwRiRGjkRKR6ZEzUepRBVGr0RbRl2OgmL0xbbHM1IXPQJxo3NG42Xjt+NL4zQTnhKZExsTwxIEk8aQTSYvJxsmX9iH2Ufb17CfuP7R/9oDegYqD0EGfgz0pgilHUhZSTVKrD2EPhRwaTJNNy0v7ctjlcPsRniOpR+aPmhytTadLj06fOKZx7PxxxPGg40MnFE6cOfEzwzejP1M2szDz+0nKyf5TcqeKT+1k+WcNZStnn8tB5YTnPM3Vya3OY8xLzps/bXW6NZ8/PyP/S4FXwcNCxcLzRdiiuKKZYsvitjNCZ3LOfC8JLBkv1S+tL+MuO1G2cdb37ONzuufqzvOczzy/VR5UPllhUtFaSaosvIC6EH/hzUXni72XVC/VXOa8nHn5R1V41Uy1ffW9GpWamivcV7JrYbVxtUtXPa6OXDO81lYnVVdRz1qf2QAa4hreXfe+/rTRorGnSbWprlm4uayF0JLRCrUmta7eCLwx0+bWNnrT/GZPu0Z7S4d0R9Ut4q3S2yy3s+9g7xy5s9OZ3LneFdm10h3QPd/j1TN11/Xuk3t294buW9zve2D84G6vXm9nn1bfrYfqD2/2q/bfeKT8qHVAaaBlUGmwZUh5qHVYZbhtRG2kfVRz9M5jncfdY4ZjD56YPXk0bj0++tTp6eSEx8TMpO/k22ehzz49j3++PZX6AvkiY5phuvAl98vKV2Kv6meUZ27PGs4OzDnMTc1T5pdfx7z+vnDkDf5N4SLfYs1b+be3loyXRt7tebewHLm8vZL+nvF92QfRD80fdT8OrLquLnyK/rTz+eQax1rVF8UvPeu26y+/hn3d3sjY5Nis/qb6rXfLZWtxO+E7+nvxD7Ef7T8tfr7YCdvZiSRHk38vBeDUDebvD8DnKgDwbgAQRgDA0v2zXv5PgVMXHzDq3hmShpZhZ+GeCDEkGvkJtYSeoHmFmcVu4JB4Ep0FfSxDOeMEgZZZmyWZtZ5tkUOck8xVxD3Mi+RT4vcjZgk0Cj4W+kCCidCJ0ovRUt983yTeS85KjUnflWmRvSiXI39AIVjRWUlXWVyFoPJddUFtQL1Zo0zzsFawtr2Otq6kHp8+qwGDIcYIYfTDeMNk1fSt2Yz5pMWQ5X2rW9ZNNtdsr9jV2F9xuOZY73TducmlybXZrdm9aU+jx/W99Z71Xo3ebeRunwHKM983fl/8dwJpg1iDBUIkQpXCdMLNIpwi/aISok/FXI7tjJuM/5SISeJPVtlnvZ9yIPFgRkpRavmhirTzh4uPZB9NT993LOq4/wn3DOtMvZNKp0SzuLOZcmhzMXm0pxny2QuIhRJFisVaZ4xKrEqdyvacpZwLOR9bnlqRU1lxoeVi/6VXl79U09RwX5Gp1b/qdC2gLrH+eEPh9cr
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--7f21a6bd-5d7f-41b4-8043-da12110434a0",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-05-21T13:22:18.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:18.000Z",
|
|
|
|
"first_observed": "2019-05-21T13:22:18Z",
|
|
|
|
"last_observed": "2019-05-21T13:22:18Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"file--7f21a6bd-5d7f-41b4-8043-da12110434a0",
|
|
|
|
"artifact--7f21a6bd-5d7f-41b4-8043-da12110434a0"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"attachment\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "file",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "file--7f21a6bd-5d7f-41b4-8043-da12110434a0",
|
|
|
|
"name": "Figure 6",
|
|
|
|
"content_ref": "artifact--7f21a6bd-5d7f-41b4-8043-da12110434a0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "artifact",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "artifact--7f21a6bd-5d7f-41b4-8043-da12110434a0",
|
|
|
|
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAAAeoAAAJYCAYAAACth6XZAAAWcGlDQ1BJQ0MgUHJvZmlsZQAAeJyVmAdUE1+XwN+kkpDQQu+hhN577733IgIh9N6bBURFBaVJE1ABCyAKSBNBpVhApIoIiihFRAQVRQRBZaP/Fffb3e/s2XvOZH5zc+fOnbnvznt3AGDvI0dGhsIYAAgLj422N9Hnd3Vz50fPAwhgAS2gA3JkSkyknq2tJfi38vUp1ZoqY1K/fP17u/9VGH39YigAQLZU9vGNoYRRuZm6DVAio2MBgKdS9YIJsZG/+CKVmaOpAVK57RcH/MMDv9jnH575beNob0DlLwDQ4Mjk6AAAcL+uxR9PCaD6wfEDgGIK9w0KB4BJkcralECyLwDs1P+AZFhYxC8up7Koz3/xE/AvPn12fZLJAbv8z738FhrDoJjIUHLS//Nx/N8SFhr35xoC1A0XGG1qT90LUZ9ZdUiExS6H+1jb/OEg39/2vzkwztTpD1NiDNz/sC/Z0OIPx4U46f1hcvTfc4NizRz/cHSE/a5/vxgjh13/fmaWuzGEWu+yf5Cx2R9ODnR0+cPxQc7WfzgmxMHir43Brj46zn43Zv9o4917DIv5GxuF/DeG2EBH07+xue7G4OtnaLSrD3fatY+M1d/1GRlqu2vvF2qyq4+Jd9g9N5Y6wP5wMNnc9q8f293nAyyBETAE/MAABIFw4AfCAJl6ZEg9igGRIJR6lBTrl/hrzAGDiMik6KCAwFh+PWoF+fGbhVOkJfnlZeXUAPhVj/+ke83+d51BrMN/dVHU89WpVrCzf3VkCQDaJallcPWvTkgZANpSADrmKXHR8f/oEL9+kNQ6pwfMgAPwAkEgCqSAPFAGGkCXGr05sAGOwA14AgoIpMYfDRLAfnAIpINMkAMKQAk4Dy6AanANNIIb4BboBg/AIzACxsEUmAELYBmsgq9gG4IgNISHCBAHxAcJQxKQPKQKaUNGkCVkD7lB3lAAFA7FQfuhw1AmlAeVQBVQDXQdugl1Qw+hUegZNAstQZ+hLRgchoMxw3hgJJgMTBWmB7OAOcL2wgJgUbBk2BFYFqwYVgm7CmuFdcMewcZhM7Bl2DocwGnhrHAiXAquCjeA28Dd4f7waPhBeAa8EF4Jr4O3w3vhY/AZ+Ar8GwKFICD4EVIIDYQpwglBQUQhDiJOIkoQ1YhWxD3EGGIWsYr4icQjuZESSHWkGdIVGYBMQKYjC5GXkS3I+8hx5ALyKwqFYkWJoFRQpig3VDBqH+ok6iyqHtWFGkXNo9bRaDQHWgKthbZBk9Gx6HT0GfRVdCf6MXoBvUlDS8NHI09jTONOE06TRlNIc4XmDs1jmkWabQwDRhijjrHB+GKSMNmYi5h2zDBmAbONZcSKYLWwjthg7CFsMbYOex/7ArtGS0srQKtGa0cbRJtKW0zbQNtHO0v7DceEE8cZ4DxwcbgsXBWuC/cMt4bH40l4Xbw7Phafha/B38W/xG/SEeik6czofOlS6ErpWuke032gx9AL0+vRe9In0xfSN9EP068wYBhIDAYMZIaDDKUMNxkmGNYZCYxyjDaMYYwnGa8wPmR8y4RmIjEZMfkyHWG6wHSXaZ4AJwgSDAgUwmHCRcJ9wgIzilmE2Yw5mDmT+RrzEPMqCxOLIoszSyJLKcttlhlWOCuJ1Yw1lDWbtZH1KesWGw+bHpsf2wm2OrbHbBvsXOy67H7sGez17OPsWxz8HEYcIRy5HDc4pjkRnOKcdpwJnOc473OucDFzaXBRuDK4Grmec8O4xbntufdxX+Ae4F7n4eUx4YnkOcNzl2eFl5VXlzeYN5/3Du8SH4FPmy+IL5+vk+8dPwu/Hn8ofzH/Pf5VIjfRlBhHrCAOEbcFRAScBNIE6gWmBbGCqoL+gvmCPYKrQnxCVkL7hWqFngtjhFWFA4WLhHuFN0giJBfSMdIN0lsRdhEzkWSRWpEXonhRHdEo0UrRJ2IoMVWxELGzYiPiMHEl8UDxUvFhCZiEskSQxFmJUUmkpJpkuGSl5IQUTkpPKl6qVmpWmlXaUjpN+ob0BxkhGXeZXJlemZ+ySrKhshdlp+SY5Mzl0uTa5T7Li8tT5EvlnyjgFYwVUhTaFD4pSij6KZ5TnFQiKFkpHVPqUfqhrKIcrVynvKQipOKtUqYyocqsaqt6UrVPDammr5aidkvtm7qyeqx6o/pHDSmNEI0rGm81RTT9NC9qzmsJaJG1KrRmtPm1vbXLtWd0iDpknUqdOV1BXV/dy7qLemJ6wXpX9T7oy+pH67fobxioGxww6DKEG5oYZhgOGTEZORmVGL00FjAOMK41XjVRMtln0mWKNLUwzTWdMOMxo5jVmK2aq5gfML9ngbNwsCixmLMUt4y2bLeCWZlbnbZ6YS1sHW59wwbYmNmctpm2FbGNsu2wQ9nZ2pXavbGXs99v3+tAcPByuOLw1VHfMdtxyknUKc6px5ne2cO5xnnDxdAlz2XGVcb1gOsjN063ILc2d7S7s/tl9/U9RnsK9ix4KHmkezzdK7I3ce9DT07PUM/bXvReZK8mb6S3i/cV7+9kG3Iled3HzKfMZ5ViQCmiLPvq+ub7Lvlp+eX5Lfpr+ef5vw3QCjgdsBSoE1gYuBJkEFQS9CnYNPh88EaITUhVyE6oS2h9GE2Yd9jNcKbwkPB7EbwRiRGjkRKR6ZEzUepRBVGr0RbRl2OgmL0xbbHM1IXPQJxo3NG42Xjt+NL4zQTnhKZExsTwxIEk8aQTSYvJxsmX9iH2Ufb17CfuP7R/9oDegYqD0EGfgz0pgilHUhZSTVKrD2EPhRwaTJNNy0v7ctjlcPsRniOpR+aPmhytTadLj06fOKZx7PxxxPGg40MnFE6cOfEzwzejP1M2szDz+0nKyf5TcqeKT+1k+WcNZStnn8tB5YTnPM3Vya3OY8xLzps/bXW6NZ8/PyP/S4FXwcNCxcLzRdiiuKKZYsvitjNCZ3LOfC8JLBkv1S+tL+MuO1G2cdb37ONzuufqzvOczzy/VR5UPllhUtFaSaosvIC6EH/hzUXni72XVC/VXOa8nHn5R1V41Uy1ffW9GpWamivcV7JrYbVxtUtXPa6OXDO81lYnVVdRz1qf2QAa4hreXfe+/rTRorGnSbWprlm4uayF0JLRCrUmta7eCLwx0+bWNnrT/GZPu0Z7S4d0R9Ut4q3S2yy3s+9g7xy5s9OZ3LneFdm10h3QPd/j1TN11/Xuk3t294buW9zve2D84G6vXm9nn1bfrYfqD2/2q/bfeKT8qHVAaaBlUGmwZUh5qHVYZbhtRG2kfVRz9M5jncfdY4ZjD56YPXk0bj0++tTp6eSEx8TMpO/k22ehzz49j3++PZX6AvkiY5phuvAl98vKV2Kv6meUZ27PGs4OzDnMTc1T5pdfx7z+vnDkDf5N4SLfYs1b+be3loyXRt7tebewHLm8vZL+nvF92QfRD80fdT8OrLquLnyK/rTz+eQax1rVF8UvPeu26y+/hn3d3sjY5Nis/qb6rXfLZWtxO+E7+nvxD7Ef7T8tfr7YCdvZiSRHk38vBeDUDebvD8DnKgDwbgAQRgDA0v2zXv5PgVMXHzDq3hmShpZhZ+GeCDEkGvkJtYSeoHmFmcVu4JB4Ep0FfSxDOeMEgZZZmyWZtZ5tkUOck8xVxD3Mi+RT4vcjZgk0Cj4W+kCCidCJ0ovRUt983yTeS85KjUnflWmRvSiXI39AIVjRWUlXWVyFoPJddUFtQL1Zo0zzsFawtr2Otq6kHp8+qwGDIcYIYfTDeMNk1fSt2Yz5pMWQ5X2rW9ZNNtdsr9jV2F9xuOZY73TducmlybXZrdm9aU+jx/W99Z71Xo3ebeRunwHKM983fl/8dwJpg1iDBUIkQpXCdMLNIpwi/aISok/FXI7tjJuM/5SISeJPVtlnvZ9yIPFgRkpRavmhirTzh4uPZB9NT993LOq4/wn3DOtMvZNKp0SzuLOZcmhzMXm0pxny2QuIhRJFisVaZ4xKrEqdyvacpZwLOR9bnlqRU1lxoeVi/6VXl79U09RwX5Gp1b/qdC2gLrH+eEPh9cr
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--8c567803-b7f4-439a-bf73-2be164034048",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-05-21T13:22:18.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:18.000Z",
|
|
|
|
"first_observed": "2019-05-21T13:22:18Z",
|
|
|
|
"last_observed": "2019-05-21T13:22:18Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"file--8c567803-b7f4-439a-bf73-2be164034048",
|
|
|
|
"artifact--8c567803-b7f4-439a-bf73-2be164034048"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"attachment\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "file",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "file--8c567803-b7f4-439a-bf73-2be164034048",
|
|
|
|
"name": "Figure 7",
|
|
|
|
"content_ref": "artifact--8c567803-b7f4-439a-bf73-2be164034048"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "artifact",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "artifact--8c567803-b7f4-439a-bf73-2be164034048",
|
|
|
|
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAAAlgAAAB2CAYAAAAUX+2zAAAWcGlDQ1BJQ0MgUHJvZmlsZQAAeJyVmAdUE1+XwN+kkpDQQu+hhN577733IgIh9N6bBURFBaVJE1ABCyAKSBNBpVhApIoIiihFRAQVRQRBZaP/Fffb3e/s2XvOZH5zc+fOnbnvznt3AGDvI0dGhsIYAAgLj422N9Hnd3Vz50fPAwhgAS2gA3JkSkyknq2tJfi38vUp1ZoqY1K/fP17u/9VGH39YigAQLZU9vGNoYRRuZm6DVAio2MBgKdS9YIJsZG/+CKVmaOpAVK57RcH/MMDv9jnH575beNob0DlLwDQ4Mjk6AAAcL+uxR9PCaD6wfEDgGIK9w0KB4BJkcralECyLwDs1P+AZFhYxC8up7Koz3/xE/AvPn12fZLJAbv8z738FhrDoJjIUHLS//Nx/N8SFhr35xoC1A0XGG1qT90LUZ9ZdUiExS6H+1jb/OEg39/2vzkwztTpD1NiDNz/sC/Z0OIPx4U46f1hcvTfc4NizRz/cHSE/a5/vxgjh13/fmaWuzGEWu+yf5Cx2R9ODnR0+cPxQc7WfzgmxMHir43Brj46zn43Zv9o4917DIv5GxuF/DeG2EBH07+xue7G4OtnaLSrD3fatY+M1d/1GRlqu2vvF2qyq4+Jd9g9N5Y6wP5wMNnc9q8f293nAyyBETAE/MAABIFw4AfCAJl6ZEg9igGRIJR6lBTrl/hrzAGDiMik6KCAwFh+PWoF+fGbhVOkJfnlZeXUAPhVj/+ke83+d51BrMN/dVHU89WpVrCzf3VkCQDaJallcPWvTkgZANpSADrmKXHR8f/oEL9+kNQ6pwfMgAPwAkEgCqSAPFAGGkCXGr05sAGOwA14AgoIpMYfDRLAfnAIpINMkAMKQAk4Dy6AanANNIIb4BboBg/AIzACxsEUmAELYBmsgq9gG4IgNISHCBAHxAcJQxKQPKQKaUNGkCVkD7lB3lAAFA7FQfuhw1AmlAeVQBVQDXQdugl1Qw+hUegZNAstQZ+hLRgchoMxw3hgJJgMTBWmB7OAOcL2wgJgUbBk2BFYFqwYVgm7CmuFdcMewcZhM7Bl2DocwGnhrHAiXAquCjeA28Dd4f7waPhBeAa8EF4Jr4O3w3vhY/AZ+Ar8GwKFICD4EVIIDYQpwglBQUQhDiJOIkoQ1YhWxD3EGGIWsYr4icQjuZESSHWkGdIVGYBMQKYjC5GXkS3I+8hx5ALyKwqFYkWJoFRQpig3VDBqH+ok6iyqHtWFGkXNo9bRaDQHWgKthbZBk9Gx6HT0GfRVdCf6MXoBvUlDS8NHI09jTONOE06TRlNIc4XmDs1jmkWabQwDRhijjrHB+GKSMNmYi5h2zDBmAbONZcSKYLWwjthg7CFsMbYOex/7ArtGS0srQKtGa0cbRJtKW0zbQNtHO0v7DceEE8cZ4DxwcbgsXBWuC/cMt4bH40l4Xbw7Phafha/B38W/xG/SEeik6czofOlS6ErpWuke032gx9AL0+vRe9In0xfSN9EP068wYBhIDAYMZIaDDKUMNxkmGNYZCYxyjDaMYYwnGa8wPmR8y4RmIjEZMfkyHWG6wHSXaZ4AJwgSDAgUwmHCRcJ9wgIzilmE2Yw5mDmT+RrzEPMqCxOLIoszSyJLKcttlhlWOCuJ1Yw1lDWbtZH1KesWGw+bHpsf2wm2OrbHbBvsXOy67H7sGez17OPsWxz8HEYcIRy5HDc4pjkRnOKcdpwJnOc473OucDFzaXBRuDK4Grmec8O4xbntufdxX+Ae4F7n4eUx4YnkOcNzl2eFl5VXlzeYN5/3Du8SH4FPmy+IL5+vk+8dPwu/Hn8ofzH/Pf5VIjfRlBhHrCAOEbcFRAScBNIE6gWmBbGCqoL+gvmCPYKrQnxCVkL7hWqFngtjhFWFA4WLhHuFN0giJBfSMdIN0lsRdhEzkWSRWpEXonhRHdEo0UrRJ2IoMVWxELGzYiPiMHEl8UDxUvFhCZiEskSQxFmJUUmkpJpkuGSl5IQUTkpPKl6qVmpWmlXaUjpN+ob0BxkhGXeZXJlemZ+ySrKhshdlp+SY5Mzl0uTa5T7Li8tT5EvlnyjgFYwVUhTaFD4pSij6KZ5TnFQiKFkpHVPqUfqhrKIcrVynvKQipOKtUqYyocqsaqt6UrVPDammr5aidkvtm7qyeqx6o/pHDSmNEI0rGm81RTT9NC9qzmsJaJG1KrRmtPm1vbXLtWd0iDpknUqdOV1BXV/dy7qLemJ6wXpX9T7oy+pH67fobxioGxww6DKEG5oYZhgOGTEZORmVGL00FjAOMK41XjVRMtln0mWKNLUwzTWdMOMxo5jVmK2aq5gfML9ngbNwsCixmLMUt4y2bLeCWZlbnbZ6YS1sHW59wwbYmNmctpm2FbGNsu2wQ9nZ2pXavbGXs99v3+tAcPByuOLw1VHfMdtxyknUKc6px5ne2cO5xnnDxdAlz2XGVcb1gOsjN063ILc2d7S7s/tl9/U9RnsK9ix4KHmkezzdK7I3ce9DT07PUM/bXvReZK8mb6S3i/cV7+9kG3Iled3HzKfMZ5ViQCmiLPvq+ub7Lvlp+eX5Lfpr+ef5vw3QCjgdsBSoE1gYuBJkEFQS9CnYNPh88EaITUhVyE6oS2h9GE2Yd9jNcKbwkPB7EbwRiRGjkRKR6ZEzUepRBVGr0RbRl2OgmL0xbbHM1IXPQJxo3NG42Xjt+NL4zQTnhKZExsTwxIEk8aQTSYvJxsmX9iH2Ufb17CfuP7R/9oDegYqD0EGfgz0pgilHUhZSTVKrD2EPhRwaTJNNy0v7ctjlcPsRniOpR+aPmhytTadLj06fOKZx7PxxxPGg40MnFE6cOfEzwzejP1M2szDz+0nKyf5TcqeKT+1k+WcNZStnn8tB5YTnPM3Vya3OY8xLzps/bXW6NZ8/PyP/S4FXwcNCxcLzRdiiuKKZYsvitjNCZ3LOfC8JLBkv1S+tL+MuO1G2cdb37ONzuufqzvOczzy/VR5UPllhUtFaSaosvIC6EH/hzUXni72XVC/VXOa8nHn5R1V41Uy1ffW9GpWamivcV7JrYbVxtUtXPa6OXDO81lYnVVdRz1qf2QAa4hreXfe+/rTRorGnSbWprlm4uayF0JLRCrUmta7eCLwx0+bWNnrT/GZPu0Z7S4d0R9Ut4q3S2yy3s+9g7xy5s9OZ3LneFdm10h3QPd/j1TN11/Xuk3t294buW9zve2D84G6vXm9nn1bfrYfqD2/2q/bfeKT8qHVAaaBlUGmwZUh5qHVYZbhtRG2kfVRz9M5jncfdY4ZjD56YPXk0bj0++tTp6eSEx8TMpO/k22ehzz49j3++PZX6AvkiY5phuvAl98vKV2Kv6meUZ27PGs4OzDnMTc1T5pdfx7z+vnDkDf5N4SLfYs1b+be3loyXRt7tebewHLm8vZL+nvF92QfRD80fdT8OrLquLnyK/rTz+eQax1rVF8UvPeu26y+/hn3d3sjY5Nis/qb6rXfLZWtxO+E7+nvxD7Ef7T8tfr7YCdvZiSRHk38vBeDUDebvD8DnKgDwbgAQRgDA0v2zXv5PgVMXHzDq3hmShpZhZ+GeCDEkGvkJtYSeoHmFmcVu4JB4Ep0FfSxDOeMEgZZZmyWZtZ5tkUOck8xVxD3Mi+RT4vcjZgk0Cj4W+kCCidCJ0ovRUt983yTeS85KjUnflWmRvSiXI39AIVjRWUlXWVyFoPJddUFtQL1Zo0zzsFawtr2Otq6kHp8+qwGDIcYIYfTDeMNk1fSt2Yz5pMWQ5X2rW9ZNNtdsr9jV2F9xuOZY73TducmlybXZrdm9aU+jx/W99Z71Xo3ebeRunwHKM983fl/8dwJpg1iDBUIkQpXCdMLNIpwi/aISok/FXI7tjJuM/5SISeJPVtlnvZ9yIPFgRkpRavmhirTzh4uPZB9NT993LOq4/wn3DOtMvZNKp0SzuLOZcmhzMXm0pxny2QuIhRJFisVaZ4xKrEqdyvacpZwLOR9bnlqRU1lxoeVi/6VXl79U09RwX5Gp1b/qdC2gLrH+eEPh9cr
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--ec67fa69-3a3e-4045-a4d8-d057f54456a4",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-05-21T13:22:18.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:18.000Z",
|
|
|
|
"pattern": "[file:hashes.MD5 = '8d9123cd2648020292b5c35edc9ae22e' AND file:hashes.SHA1 = '0939363ff55d914e92635e5f693099fb28047602' AND file:hashes.SHA256 = 'a1260fd3e9221d1bc5b9ece6e7a5a98669c79e124453f2ac58625085759ed3bb']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2019-05-21T13:22:18Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "file"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:name=\"file\"",
|
|
|
|
"misp:meta-category=\"file\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--5703eedf-e90c-40d6-a309-b3985ed37411",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-05-21T13:22:19.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:19.000Z",
|
|
|
|
"first_observed": "2019-05-21T13:22:19Z",
|
|
|
|
"last_observed": "2019-05-21T13:22:19Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"file--5703eedf-e90c-40d6-a309-b3985ed37411"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:name=\"file\"",
|
|
|
|
"misp:meta-category=\"file\"",
|
|
|
|
"misp:to_ids=\"False\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "file",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "file--5703eedf-e90c-40d6-a309-b3985ed37411",
|
|
|
|
"hashes": {
|
|
|
|
"MD5": "8d9123cd2648020292b5c35edc9ae22e",
|
|
|
|
"SHA-1": "0939363ff55d914e92635e5f693099fb28047602",
|
|
|
|
"SHA-256": "a1260fd3e9221d1bc5b9ece6e7a5a98669c79e124453f2ac58625085759ed3bb",
|
|
|
|
"SHA-512": "646697e3d5146e05a221183f6c9f00f5eb38400ef9a2f83bfd0fcf2f8af1a7efff99c0a3486740c745ce6cf0939c4f0678cb818cbbff8ed2b28a703fe8d823bb",
|
|
|
|
"SSDEEP": "24576:HsO8RKL6OLnWZGFbHq0aMow5Q3gkD/74tU3hYPgP5IyrMsEOhVRpxHkADUHEPbzJ:0KjKHMbO3pkoBIyIstVRpxHL1bF"
|
|
|
|
},
|
|
|
|
"size": 1422336,
|
|
|
|
"name": "a1260fd3e9221d1bc5b9ece6e7a5a98669c79e124453f2ac58625085759ed3bb",
|
|
|
|
"x_misp_entropy": "6.703195",
|
|
|
|
"x_misp_mimetype": "PE32 executable (GUI) Intel 80386, for MS Windows"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "x-misp-object",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "x-misp-object--5ce3fb8c-a700-4dd4-af12-4795950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-05-21T13:22:20.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:20.000Z",
|
|
|
|
"labels": [
|
|
|
|
"misp:name=\"original-imported-file\"",
|
|
|
|
"misp:meta-category=\"file\""
|
|
|
|
],
|
|
|
|
"x_misp_attributes": [
|
|
|
|
{
|
|
|
|
"type": "attachment",
|
|
|
|
"object_relation": "imported-sample",
|
|
|
|
"value": "MAR-10135536-21.stix.xml",
|
|
|
|
"category": "External analysis",
|
|
|
|
"uuid": "5ce3fb8c-840c-49e0-9d30-4f16950d210f",
|
|
|
|
"data": "PHN0aXg6U1RJWF9QYWNrYWdlIHhtbG5zOmN5Ym94Q29tbW9uPSJodHRwOi8vY3lib3gubWl0cmUub3JnL2NvbW1vbi0yIiB4bWxuczpjeWJveD0iaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9jeWJveC0yIiB4bWxuczpjeWJveFZvY2Ficz0iaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9kZWZhdWx0X3ZvY2FidWxhcmllcy0yIiB4bWxuczpBcnRpZmFjdE9iaj0iaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9vYmplY3RzI0FydGlmYWN0T2JqZWN0LTIiIHhtbG5zOkZpbGVPYmo9Imh0dHA6Ly9jeWJveC5taXRyZS5vcmcvb2JqZWN0cyNGaWxlT2JqZWN0LTIiIHhtbG5zOldpbkV4ZWN1dGFibGVGaWxlT2JqPSJodHRwOi8vY3lib3gubWl0cmUub3JnL29iamVjdHMjV2luRXhlY3V0YWJsZUZpbGVPYmplY3QtMiIgeG1sbnM6V2luRmlsZU9iaj0iaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9vYmplY3RzI1dpbkZpbGVPYmplY3QtMiIgeG1sbnM6bWFya2luZz0iaHR0cDovL2RhdGEtbWFya2luZy5taXRyZS5vcmcvTWFya2luZy0xIiB4bWxuczp0bHBNYXJraW5nPSJodHRwOi8vZGF0YS1tYXJraW5nLm1pdHJlLm9yZy9leHRlbnNpb25zL01hcmtpbmdTdHJ1Y3R1cmUjVExQLTEiIHhtbG5zOlRPVU1hcmtpbmc9Imh0dHA6Ly9kYXRhLW1hcmtpbmcubWl0cmUub3JnL2V4dGVuc2lvbnMvTWFya2luZ1N0cnVjdHVyZSNUZXJtc19PZl9Vc2UtMSIgeG1sbnM6bWFlY0J1bmRsZT0iaHR0cDovL21hZWMubWl0cmUub3JnL1hNTFNjaGVtYS9tYWVjLWJ1bmRsZS00IiB4bWxuczptYWVjUGFja2FnZT0iaHR0cDovL21hZWMubWl0cmUub3JnL1hNTFNjaGVtYS9tYWVjLXBhY2thZ2UtMiIgeG1sbnM6bWFlY1ZvY2Ficz0iaHR0cDovL21hZWMubWl0cmUub3JnL2RlZmF1bHRfdm9jYWJ1bGFyaWVzLTEiIHhtbG5zOmluY2lkZW50PSJodHRwOi8vc3RpeC5taXRyZS5vcmcvSW5jaWRlbnQtMSIgeG1sbnM6aW5kaWNhdG9yPSJodHRwOi8vc3RpeC5taXRyZS5vcmcvSW5kaWNhdG9yLTIiIHhtbG5zOnR0cD0iaHR0cDovL3N0aXgubWl0cmUub3JnL1RUUC0xIiB4bWxuczpzdGl4Q29tbW9uPSJodHRwOi8vc3RpeC5taXRyZS5vcmcvY29tbW9uLTEiIHhtbG5zOnN0aXhWb2NhYnM9Imh0dHA6Ly9zdGl4Lm1pdHJlLm9yZy9kZWZhdWx0X3ZvY2FidWxhcmllcy0xIiB4bWxuczpzdGl4LW1hZWM9Imh0dHA6Ly9zdGl4Lm1pdHJlLm9yZy9leHRlbnNpb25zL01hbHdhcmUjTUFFQzQuMS0xIiB4bWxuczpzdGl4PSJodHRwOi8vc3RpeC5taXRyZS5vcmcvc3RpeC0xIiB4bWxuczpOQ0NJQz0iaHR0cDovL3d3dy51cy1jZXJ0Lmdvdi8iIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTpzY2hlbWFMb2NhdGlvbj0iICBodHRwOi8vY3lib3gubWl0cmUub3JnL2NvbW1vbi0yIGh0dHA6Ly9jeWJveC5taXRyZS5vcmcvWE1MU2NoZW1hL2NvbW1vbi8yLjEvY3lib3hfY29tbW9uLnhzZCAgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9jeWJveC0yIGh0dHA6Ly9jeWJveC5taXRyZS5vcmcvWE1MU2NoZW1hL2NvcmUvMi4xL2N5Ym94X2NvcmUueHNkICBodHRwOi8vY3lib3gubWl0cmUub3JnL2RlZmF1bHRfdm9jYWJ1bGFyaWVzLTIgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9YTUxTY2hlbWEvZGVmYXVsdF92b2NhYnVsYXJpZXMvMi4xL2N5Ym94X2RlZmF1bHRfdm9jYWJ1bGFyaWVzLnhzZCAgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9vYmplY3RzI0FydGlmYWN0T2JqZWN0LTIgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9YTUxTY2hlbWEvb2JqZWN0cy9BcnRpZmFjdC8yLjEvQXJ0aWZhY3RfT2JqZWN0LnhzZCAgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9vYmplY3RzI0ZpbGVPYmplY3QtMiBodHRwOi8vY3lib3gubWl0cmUub3JnL1hNTFNjaGVtYS9vYmplY3RzL0ZpbGUvMi4xL0ZpbGVfT2JqZWN0LnhzZCAgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9vYmplY3RzI1dpbkV4ZWN1dGFibGVGaWxlT2JqZWN0LTIgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9YTUxTY2hlbWEvb2JqZWN0cy9XaW5fRXhlY3V0YWJsZV9GaWxlLzIuMS9XaW5fRXhlY3V0YWJsZV9GaWxlX09iamVjdC54c2QgIGh0dHA6Ly9jeWJveC5taXRyZS5vcmcvb2JqZWN0cyNXaW5GaWxlT2JqZWN0LTIgaHR0cDovL2N5Ym94Lm1pdHJlLm9yZy9YTUxTY2hlbWEvb2JqZWN0cy9XaW5fRmlsZS8yLjEvV2luX0ZpbGVfT2JqZWN0LnhzZCAgaHR0cDovL2RhdGEtbWFya2luZy5taXRyZS5vcmcvTWFya2luZy0xIGh0dHA6Ly9zdGl4Lm1pdHJlLm9yZy9YTUxTY2hlbWEvZGF0YV9tYXJraW5nLzEuMS4xL2RhdGFfbWFya2luZy54c2QgIGh0dHA6Ly9kYXRhLW1hcmtpbmcubWl0cmUub3JnL2V4dGVuc2lvbnMvTWFya2luZ1N0cnVjdHVyZSNUTFAtMSBodHRwOi8vc3RpeC5taXRyZS5vcmcvWE1MU2NoZW1hL2V4dGVuc2lvbnMvbWFya2luZy90bHAvMS4xLjEvdGxwX21hcmtpbmcueHNkICBodHRwOi8vZGF0YS1tYXJraW5nLm1pdHJlLm9yZy9leHRlbnNpb25zL01hcmtpbmdTdHJ1Y3R1cmUjVGVybXNfT2ZfVXNlLTEgaHR0cDovL3N0aXgubWl0cmUub3JnL1hNTFNjaGVtYS9leHRlbnNpb25zL21hcmtpbmcvdGVybXNfb2ZfdXNlLzEuMC4xL3Rlcm1zX29mX3VzZV9tYXJraW5nLnhzZCAgaHR0cDovL21hZWMubWl0cmUub3JnL1hNTFNjaGVtYS9tYWVjLWJ1bmRsZS00IGh0dHA6Ly9tYWVjLm1pdHJlLm9yZy9sYW5ndWFnZS92ZXJzaW9uNC4xL21hZWNfYnVuZGxlX3NjaGVtYS54c2QgIGh0dHA6Ly9tYWVjLm1pdHJlLm9yZy9YTUxTY2hlbWEvbWFlYy1wYWNrYWdlLTIgaHR0cDovL21hZWMubWl0cmUub3JnL2xhbmd1YWdlL3ZlcnNpb240LjEvbWFlY19wYWNrYWdlX3NjaGVtYS54c2QgIGh0dHA6Ly9tYWVjLm1pdHJlLm9yZy9kZWZhdWx0X3ZvY2FidWxhcmllcy0xIGh0dHA6Ly9tYWVjLm1pdHJlLm9yZy9sYW5ndWFnZS92ZXJzaW9uNC4xL21hZWNfZGVmYXVsdF92b2NhYnVsYXJpZXMueHNkICBodHRwOi8vc3RpeC5taXRyZS5vcmcvSW5jaWRlbnQtMSBodHRwOi8vc3RpeC5taXRyZS5vcmcvWE1MU2NoZW1hL2luY2lkZW50LzEuMS4xL2luY2lkZW
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "text",
|
|
|
|
"object_relation": "format",
|
|
|
|
"value": "STIX 1.1",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5ce3fb8c-4980-4d2b-8a33-4343950d210f"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"x_misp_meta_category": "file",
|
|
|
|
"x_misp_name": "original-imported-file"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--30f93155-bc08-442b-90a0-c0b04494ea79",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-05-21T13:22:19.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:19.000Z",
|
|
|
|
"pattern": "[file:extensions.'windows-pebinary-ext'.number_of_sections = '6' AND file:extensions.'windows-pebinary-ext'.x_misp_internal_filename = 'a1260fd3e9221d1bc5b9ece6e7a5a98669c79e124453f2ac58625085759ed3bb' AND file:extensions.'windows-pebinary-ext'.x_misp_original_filename = 'a1260fd3e9221d1bc5b9ece6e7a5a98669c79e124453f2ac58625085759ed3bb']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2019-05-21T13:22:19Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "file"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:name=\"pe\"",
|
|
|
|
"misp:meta-category=\"file\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "x-misp-object",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "x-misp-object--1f8e38a5-98a3-4092-9cc6-b9e6058bef43",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-05-21T13:22:18.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:18.000Z",
|
|
|
|
"labels": [
|
|
|
|
"misp:name=\"pe-section\"",
|
|
|
|
"misp:meta-category=\"file\""
|
|
|
|
],
|
|
|
|
"x_misp_attributes": [
|
|
|
|
{
|
|
|
|
"type": "float",
|
|
|
|
"object_relation": "entropy",
|
|
|
|
"value": "2.590786",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "adf1e3f1-9b4d-4ba4-8a23-0e258d8f9645"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "md5",
|
|
|
|
"object_relation": "md5",
|
|
|
|
"value": "08bb17d8e839e7fc92426e813a696e73",
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"to_ids": true,
|
|
|
|
"uuid": "a27af665-9d81-4367-896f-206b42f173bc"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "size-in-bytes",
|
|
|
|
"object_relation": "size-in-bytes",
|
|
|
|
"value": "1024",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "b7479781-bfc4-42d1-b910-2bec68613565"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"x_misp_meta_category": "file",
|
|
|
|
"x_misp_name": "pe-section"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "x-misp-object",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "x-misp-object--205f75b1-f23f-43ca-be60-2cdbda5377d5",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-05-21T13:22:19.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:19.000Z",
|
|
|
|
"labels": [
|
|
|
|
"misp:name=\"pe-section\"",
|
|
|
|
"misp:meta-category=\"file\""
|
|
|
|
],
|
|
|
|
"x_misp_attributes": [
|
|
|
|
{
|
|
|
|
"type": "md5",
|
|
|
|
"object_relation": "md5",
|
|
|
|
"value": "6c3daca3c522ab98a8ac12a45087297c",
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"to_ids": true,
|
|
|
|
"uuid": "4e29d7c0-54ed-4586-80a7-5550e1144dd4"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "float",
|
|
|
|
"object_relation": "entropy",
|
|
|
|
"value": "6.595856",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "e8e9e713-2a87-433a-9685-751a898e3537"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "text",
|
|
|
|
"object_relation": "name",
|
|
|
|
"value": ".text",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "bf635704-4b0c-4e99-a044-69e21dc16ecb"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "size-in-bytes",
|
|
|
|
"object_relation": "size-in-bytes",
|
|
|
|
"value": "983040",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "5df1fe22-e9e1-41ce-9e93-932916a37dd0"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"x_misp_meta_category": "file",
|
|
|
|
"x_misp_name": "pe-section"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "x-misp-object",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "x-misp-object--7e85c045-d13d-4dbe-bbe3-fca9bc75e3b2",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-05-21T13:22:19.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:19.000Z",
|
|
|
|
"labels": [
|
|
|
|
"misp:name=\"pe-section\"",
|
|
|
|
"misp:meta-category=\"file\""
|
|
|
|
],
|
|
|
|
"x_misp_attributes": [
|
|
|
|
{
|
|
|
|
"type": "md5",
|
|
|
|
"object_relation": "md5",
|
|
|
|
"value": "3d3d7962d16652002018640a3fa27d44",
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"to_ids": true,
|
|
|
|
"uuid": "3b358c60-479b-4671-8312-ab5bbfe39335"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "float",
|
|
|
|
"object_relation": "entropy",
|
|
|
|
"value": "6.187858",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "eab5a393-a3f5-4371-b3f7-b0d961c3f1f7"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "text",
|
|
|
|
"object_relation": "name",
|
|
|
|
"value": ".rdata",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "844cd84f-d65f-4189-b9ee-f40941f27361"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "size-in-bytes",
|
|
|
|
"object_relation": "size-in-bytes",
|
|
|
|
"value": "340480",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "dbaa5177-f79f-460d-b7bb-d2c4daa9d46a"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"x_misp_meta_category": "file",
|
|
|
|
"x_misp_name": "pe-section"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "x-misp-object",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "x-misp-object--5f54f5a8-5f0a-4456-87f5-7612194633fa",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-05-21T13:22:19.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:19.000Z",
|
|
|
|
"labels": [
|
|
|
|
"misp:name=\"pe-section\"",
|
|
|
|
"misp:meta-category=\"file\""
|
|
|
|
],
|
|
|
|
"x_misp_attributes": [
|
|
|
|
{
|
|
|
|
"type": "md5",
|
|
|
|
"object_relation": "md5",
|
|
|
|
"value": "b7f382ea7e6c9c8e737cb92551341e64",
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"to_ids": true,
|
|
|
|
"uuid": "44bc9350-6c4d-4e75-9641-c973c162048a"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "float",
|
|
|
|
"object_relation": "entropy",
|
|
|
|
"value": "4.714377",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "d25f577f-2d79-4164-b5cc-f8f14a4509d2"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "text",
|
|
|
|
"object_relation": "name",
|
|
|
|
"value": ".data",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "d7134a90-a488-47f0-a43c-75062804029d"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "size-in-bytes",
|
|
|
|
"object_relation": "size-in-bytes",
|
|
|
|
"value": "37888",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "bf89c29c-c717-49b5-85ca-bbc4b1d0f142"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"x_misp_meta_category": "file",
|
|
|
|
"x_misp_name": "pe-section"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "x-misp-object",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "x-misp-object--faacc77a-972e-4a96-81d3-7ac2a7139c61",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-05-21T13:22:19.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:19.000Z",
|
|
|
|
"labels": [
|
|
|
|
"misp:name=\"pe-section\"",
|
|
|
|
"misp:meta-category=\"file\""
|
|
|
|
],
|
|
|
|
"x_misp_attributes": [
|
|
|
|
{
|
|
|
|
"type": "md5",
|
|
|
|
"object_relation": "md5",
|
|
|
|
"value": "871fb8486e5ea3307ff7b65ddf46518a",
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"to_ids": true,
|
|
|
|
"uuid": "17147494-fdb6-4a54-85ad-4b836fdc761b"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "float",
|
|
|
|
"object_relation": "entropy",
|
|
|
|
"value": "5.112624",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "e9a95141-ae6b-4c3b-b9c3-e271352dcaf4"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "text",
|
|
|
|
"object_relation": "name",
|
|
|
|
"value": ".rsrc",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "da656a41-56f8-4a9c-ba9e-474a45191f51"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "size-in-bytes",
|
|
|
|
"object_relation": "size-in-bytes",
|
|
|
|
"value": "512",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "962335e6-7d82-4809-a8d0-9950a9ed217e"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"x_misp_meta_category": "file",
|
|
|
|
"x_misp_name": "pe-section"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "x-misp-object",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "x-misp-object--87fe0cc7-eff4-47e5-85b3-53947d58e6eb",
|
|
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
|
|
"created": "2019-05-21T13:22:19.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:19.000Z",
|
|
|
|
"labels": [
|
|
|
|
"misp:name=\"pe-section\"",
|
|
|
|
"misp:meta-category=\"file\""
|
|
|
|
],
|
|
|
|
"x_misp_attributes": [
|
|
|
|
{
|
|
|
|
"type": "md5",
|
|
|
|
"object_relation": "md5",
|
|
|
|
"value": "382715f8e776a544bf70f843a52e3ff2",
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"to_ids": true,
|
|
|
|
"uuid": "accf3814-4202-4f0a-8661-c198dc74b843"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "float",
|
|
|
|
"object_relation": "entropy",
|
|
|
|
"value": "6.015022",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "77b796d4-cc40-488d-b9e9-5e4578de6334"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "text",
|
|
|
|
"object_relation": "name",
|
|
|
|
"value": ".reloc",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "ce976d9d-2471-4ac6-8756-88a550433f43"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "size-in-bytes",
|
|
|
|
"object_relation": "size-in-bytes",
|
|
|
|
"value": "59392",
|
|
|
|
"category": "Other",
|
|
|
|
"uuid": "929e087b-7e10-4849-864b-ce5ae6f5ead3"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"x_misp_meta_category": "file",
|
|
|
|
"x_misp_name": "pe-section"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "relationship",
|
|
|
|
"spec_version": "2.1",
|
2024-08-07 08:13:15 +00:00
|
|
|
"id": "relationship--71919d98-b62d-4b01-8985-8024cd43e28f",
|
2023-04-21 14:44:17 +00:00
|
|
|
"created": "2019-05-21T13:22:20.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:20.000Z",
|
|
|
|
"relationship_type": "characterized-by",
|
|
|
|
"source_ref": "observed-data--5703eedf-e90c-40d6-a309-b3985ed37411",
|
|
|
|
"target_ref": "observed-data--8dd86898-64a4-464e-baaa-6f5ced020691"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "relationship",
|
|
|
|
"spec_version": "2.1",
|
2024-08-07 08:13:15 +00:00
|
|
|
"id": "relationship--6e8bae97-b16e-48db-b6bd-41b96d29521e",
|
2023-04-21 14:44:17 +00:00
|
|
|
"created": "2019-05-21T13:22:20.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:20.000Z",
|
|
|
|
"relationship_type": "characterized-by",
|
|
|
|
"source_ref": "observed-data--5703eedf-e90c-40d6-a309-b3985ed37411",
|
|
|
|
"target_ref": "observed-data--b7deaf3f-ccbd-428b-8350-548ed5bc3f2d"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "relationship",
|
|
|
|
"spec_version": "2.1",
|
2024-08-07 08:13:15 +00:00
|
|
|
"id": "relationship--d97b6528-32c1-4962-be90-0729924882e1",
|
2023-04-21 14:44:17 +00:00
|
|
|
"created": "2019-05-21T13:22:20.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:20.000Z",
|
|
|
|
"relationship_type": "characterized-by",
|
|
|
|
"source_ref": "observed-data--5703eedf-e90c-40d6-a309-b3985ed37411",
|
|
|
|
"target_ref": "observed-data--f4548dd8-1e15-4ccf-af15-c9582a555969"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "relationship",
|
|
|
|
"spec_version": "2.1",
|
2024-08-07 08:13:15 +00:00
|
|
|
"id": "relationship--bb64a1d0-84c9-486f-aa26-1ed600307d30",
|
2023-04-21 14:44:17 +00:00
|
|
|
"created": "2019-05-21T13:22:20.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:20.000Z",
|
|
|
|
"relationship_type": "characterized-by",
|
|
|
|
"source_ref": "observed-data--5703eedf-e90c-40d6-a309-b3985ed37411",
|
|
|
|
"target_ref": "observed-data--d1ec976f-e9a9-4304-8cfd-a8606e1dbdc2"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "relationship",
|
|
|
|
"spec_version": "2.1",
|
2024-08-07 08:13:15 +00:00
|
|
|
"id": "relationship--91be0cfa-77f2-4472-8807-3b339b9ed8d7",
|
2023-04-21 14:44:17 +00:00
|
|
|
"created": "2019-05-21T13:22:20.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:20.000Z",
|
|
|
|
"relationship_type": "characterized-by",
|
|
|
|
"source_ref": "observed-data--5703eedf-e90c-40d6-a309-b3985ed37411",
|
|
|
|
"target_ref": "observed-data--ece02b34-e7d3-4d3f-be65-363e08e9c6f7"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "relationship",
|
|
|
|
"spec_version": "2.1",
|
2024-08-07 08:13:15 +00:00
|
|
|
"id": "relationship--67b54add-9575-4195-a7ee-fbe67a072725",
|
2023-04-21 14:44:17 +00:00
|
|
|
"created": "2019-05-21T13:22:20.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:20.000Z",
|
|
|
|
"relationship_type": "characterized-by",
|
|
|
|
"source_ref": "observed-data--5703eedf-e90c-40d6-a309-b3985ed37411",
|
|
|
|
"target_ref": "observed-data--7f21a6bd-5d7f-41b4-8043-da12110434a0"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "relationship",
|
|
|
|
"spec_version": "2.1",
|
2024-08-07 08:13:15 +00:00
|
|
|
"id": "relationship--297418e4-8e90-4290-9536-47e32eafac7a",
|
2023-04-21 14:44:17 +00:00
|
|
|
"created": "2019-05-21T13:22:20.000Z",
|
|
|
|
"modified": "2019-05-21T13:22:20.000Z",
|
|
|
|
"relationship_type": "characterized-by",
|
|
|
|
"source_ref": "observed-data--5703eedf-e90c-40d6-a309-b3985ed37411",
|
|
|
|
"target_ref": "observed-data--8c567803-b7f4-439a-bf73-2be164034048"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "marking-definition",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
|
|
|
"created": "2017-01-20T00:00:00.000Z",
|
|
|
|
"definition_type": "tlp",
|
|
|
|
"name": "TLP:WHITE",
|
|
|
|
"definition": {
|
|
|
|
"tlp": "white"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|