adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/5cff9640-635c-4fac-b3f7-45ab950d210f.json

196 lines
7.7 KiB
JSON
Raw Normal View History

chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--5cff9640-635c-4fac-b3f7-45ab950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-11T12:51:13.000Z",
"modified": "2019-06-11T12:51:13.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "grouping",
"spec_version": "2.1",
"id": "grouping--5cff9640-635c-4fac-b3f7-45ab950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-11T12:51:13.000Z",
"modified": "2019-06-11T12:51:13.000Z",
"name": "OSINT - APT Kimsuky",
"context": "suspicious-activity",
"object_refs": [
"x-misp-object--5cffa078-0c70-4d25-bba5-4bea950d210f",
"indicator--5cffa1ba-f954-4bd6-8380-42b7950d210f",
"indicator--5cffa1e7-67f8-4cc2-9c8a-4bbc950d210f",
"indicator--5cffa1f8-a3cc-4485-9eba-44ca950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"misp-galaxy:threat-actor=\"Kimsuki\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\"",
"workflow:todo=\"expansion\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5cffa078-0c70-4d25-bba5-4bea950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-11T12:37:12.000Z",
"modified": "2019-06-11T12:37:12.000Z",
"labels": [
"misp:name=\"microblog\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "post",
"value": "#APT #Kimsuky\r\nITW: 6ead104743be6575e767986a71cf4bd9\r\nFileName: 1.doc\r\nITW: 03dbc1b3d79a4ff70f06fd6e67e00985\r\nFileName: The_Progress_and_Promise_of_the_Moon-Kim_Summit.doc\r\n@Arkbird_SOLG\r\n @blackorbird\r\n @cyberwar_15",
"category": "Other",
"uuid": "5cffa078-85b8-4682-a94c-47d0950d210f"
},
{
"type": "text",
"object_relation": "type",
"value": "Twitter",
"category": "Other",
"uuid": "5cffa078-f384-428f-99a1-462e950d210f"
},
{
"type": "url",
"object_relation": "url",
"value": "https://mobile.twitter.com/Timele9527/status/1137903328061296640",
"category": "Network activity",
"to_ids": true,
"uuid": "5cffa079-beb4-45c0-adb9-4ebf950d210f"
},
{
"type": "text",
"object_relation": "username-quoted",
"value": "@Arkbird_SOLG",
"category": "Other",
"uuid": "5cffa079-a744-4dde-a4a3-4efa950d210f"
},
{
"type": "text",
"object_relation": "username-quoted",
"value": "@blackorbird",
"category": "Other",
"uuid": "5cffa079-7ad8-4f5d-89b0-4f60950d210f"
},
{
"type": "text",
"object_relation": "username-quoted",
"value": "@cyberwar_15",
"category": "Other",
"uuid": "5cffa079-65a4-4424-924c-4358950d210f"
},
{
"type": "text",
"object_relation": "username",
"value": "Timele9527",
"category": "Other",
"uuid": "5cffa079-04d4-40ef-bf9b-48eb950d210f"
},
{
"type": "datetime",
"object_relation": "creation-date",
"value": "Jun 10, 2019 4:04 AM",
"category": "Other",
"uuid": "5cffa079-462c-4323-8b81-4519950d210f"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "microblog"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5cffa1ba-f954-4bd6-8380-42b7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-11T12:42:34.000Z",
"modified": "2019-06-11T12:42:34.000Z",
"pattern": "[file:hashes.MD5 = '6ead104743be6575e767986a71cf4bd9' AND file:name = '1.doc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-06-11T12:42:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5cffa1e7-67f8-4cc2-9c8a-4bbc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-11T12:43:19.000Z",
"modified": "2019-06-11T12:43:19.000Z",
"pattern": "[file:hashes.MD5 = '03dbc1b3d79a4ff70f06fd6e67e00985']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-06-11T12:43:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5cffa1f8-a3cc-4485-9eba-44ca950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-11T12:43:36.000Z",
"modified": "2019-06-11T12:43:36.000Z",
"pattern": "[file:name = 'The_Progress_and_Promise_of_the_Moon-Kim_Summit.doc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-06-11T12:43:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue Copy permalink