adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/5d160718-2d14-417a-b73d-4790950d210f.json

757 lines
404 KiB
JSON
Raw Normal View History

chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--5d160718-2d14-417a-b73d-4790950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-18T07:48:14.000Z",
"modified": "2019-07-18T07:48:14.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "grouping",
"spec_version": "2.1",
"id": "grouping--5d160718-2d14-417a-b73d-4790950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-18T07:48:14.000Z",
"modified": "2019-07-18T07:48:14.000Z",
"name": "OSINT - Very nasty Linux backdoor with multiple components",
"context": "suspicious-activity",
"object_refs": [
"observed-data--5d162440-dd38-482b-9b3f-4526950d210f",
"file--5d162440-dd38-482b-9b3f-4526950d210f",
"artifact--5d162440-dd38-482b-9b3f-4526950d210f",
"observed-data--5d16244a-c204-489c-af1b-9e7b950d210f",
"file--5d16244a-c204-489c-af1b-9e7b950d210f",
"artifact--5d16244a-c204-489c-af1b-9e7b950d210f",
"observed-data--5d162456-1928-4d99-bdbd-4d1f950d210f",
"file--5d162456-1928-4d99-bdbd-4d1f950d210f",
"artifact--5d162456-1928-4d99-bdbd-4d1f950d210f",
"observed-data--5d162462-55a0-4486-9309-4dd1950d210f",
"file--5d162462-55a0-4486-9309-4dd1950d210f",
"artifact--5d162462-55a0-4486-9309-4dd1950d210f",
"indicator--5d2dbaf0-b47c-4ab9-b9bc-42a5950d210f",
"observed-data--5d2dbb91-1700-4767-9fbc-6552950d210f",
"file--5d2dbb91-1700-4767-9fbc-6552950d210f",
"artifact--5d2dbb91-1700-4767-9fbc-6552950d210f",
"observed-data--5d2dbbaf-1984-477b-b19b-48a7950d210f",
"file--5d2dbbaf-1984-477b-b19b-48a7950d210f",
"artifact--5d2dbbaf-1984-477b-b19b-48a7950d210f",
"observed-data--5d2dbbca-5730-47f3-a275-49d6950d210f",
"file--5d2dbbca-5730-47f3-a275-49d6950d210f",
"artifact--5d2dbbca-5730-47f3-a275-49d6950d210f",
"observed-data--5d2f2963-b3a8-45e4-9106-0732950d210f",
"file--5d2f2963-b3a8-45e4-9106-0732950d210f",
"artifact--5d2f2963-b3a8-45e4-9106-0732950d210f",
"observed-data--5d2f2979-7440-468f-9433-4003950d210f",
"file--5d2f2979-7440-468f-9433-4003950d210f",
"artifact--5d2f2979-7440-468f-9433-4003950d210f",
"x-misp-object--5d1619e6-1cb0-4052-ad83-9e52950d210f",
"indicator--5d162587-51e8-4414-8863-4192950d210f",
"x-misp-object--5d2dba27-3ecc-4f52-aff4-f71a950d210f",
"indicator--5d2dce6e-3030-447f-b917-4f82950d210f",
"indicator--5d2dceaa-69ac-4ae6-b87a-4f7e950d210f",
"indicator--5d2f24d8-bf18-4298-8ef2-49c8950d210f",
"x-misp-object--5d2f295b-c798-45fd-8434-4942950d210f",
chg: [feeds] updated
2024-08-07 08:13:15 +00:00
"relationship--193a4001-b630-4674-9731-471719d2fdaa",
"relationship--757a37cb-ba63-48e3-b04d-815d6f39d172",
"relationship--cc675dc7-dab2-4d8b-bdfd-71f0b3d845c3",
"relationship--594cab65-8213-4d9d-9837-a2b96dcd5aa6",
"relationship--e18a504d-6e8d-4f50-8da0-6a7adb18d48c",
"relationship--68ce45c4-f8cd-4e0a-b523-37e9244f30c8",
"relationship--aeedac96-62ee-4e9d-811e-e243bdc243de",
"relationship--db10dd0f-670c-41c3-bf08-d20c14b46d5f",
"relationship--fe2a91ac-6d6b-45d9-a86e-2efe7216cb9c"
chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\"",
"ecsirt:intrusions=\"backdoor\"",
"veris:action:malware:variety=\"Backdoor\"",
"ms-caro-malware:malware-type=\"Backdoor\"",
"ms-caro-malware-full:malware-type=\"Backdoor\"",
"ms-caro-malware-full:malware-platform=\"Linux\"",
"ms-caro-malware:malware-platform=\"Linux\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5d162440-dd38-482b-9b3f-4526950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-28T14:29:20.000Z",
"modified": "2019-06-28T14:29:20.000Z",
"first_observed": "2019-06-28T14:29:20Z",
"last_observed": "2019-06-28T14:29:20Z",
"number_observed": 1,
"object_refs": [
"file--5d162440-dd38-482b-9b3f-4526950d210f",
"artifact--5d162440-dd38-482b-9b3f-4526950d210f"
],
"labels": [
"misp:type=\"attachment\"",
"misp:category=\"External analysis\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--5d162440-dd38-482b-9b3f-4526950d210f",
"name": "D9_fhl-XoAA2lqo.jpeg",
"content_ref": "artifact--5d162440-dd38-482b-9b3f-4526950d210f"
},
{
"type": "artifact",
"spec_version": "2.1",
"id": "artifact--5d162440-dd38-482b-9b3f-4526950d210f",
"payload_bin": "/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wgARCAHGBRQDASIAAhEBAxEB/8QAGgABAAMBAQEAAAAAAAAAAAAAAAIDBAEFBv/EABgBAQEBAQEAAAAAAAAAAAAAAAABAgME/9oADAMBAAIQAxAAAAH5hfzr5aIaaSCyXTGNt5Lj7q6ZoaemV6GYqXTMjdJMUPSrrNDRXLVzXaefZbwrWDOM6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1L+RRGyqoRlAnyIndm04Z5ap5Ye38quN0NztWqzpnE3cszU6eZ1R3XKzI2U1XHbljOas6ohss1nBZLssKtGeUJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANS/kZ46aiiE4UAtq9DWcXNk0xNeeWNe6GpmnosMPdU7MHL82Nzm03ONp6UziqFkqOep16Z3OPl2hcHNueI8uVHld3PpXDbVOmdtLi7tgZGzNrCGmzOsTXCyi6ednsNFvTlmr2Wpgn2a1ylRmxGqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABqX8imu7hnhOFALK/Rwwyullk56Gcqsos6TnLtFzijrxLbJOyqOi6PPsu6Z4X0tRbYpTXsikYaOJmjrslwvQjZ511embzR9CKZeXTXNLRQQ7p7GTmuVY+X51lC3QmXtcqlyckpntkz5nNGduxDQmZvimTmixcXdQySjbOjmiGdVctp3x5xOag0Z7JxvtTE9DqedPTnVXqEKJRzo15BbO63C3bDxbNEDNZH1TyL9VZibNB570qDALAAAAAAAAAAAAAAAAAAAAAAAAAAAANS+uIV6IGeE4UAsr9Hmwyuli5Y+hnqiddnScW6NYxV7cSz7OZm7puTDK7pRC6lqTTFmnmmJXVs4ZO6rIw89GNmOVWmazd2xsxzsmufuiglVq6mO26RijpzNLI2FNm2LOav0vNO9jqWiqfFjoz9NWa+TOXu7IvObaUzd1Y5q2cLcehTfV081ckJeJX1Svyk742M5o7+mCV0Fonz0TJnlHOpxv7lVZCva+q69cPfWhHnctorTn1XmCxeefZtujzK/X8muCwAAAAAAAAAAAAAAAAAAAAAAAAADUvriFWnMRhOFALK/R5sMrpYuWPoZ6onXZ0nFujWMVe3Es+zmZu6bkwyu6UQupak0xZp5piV1bOGTuqyMPPRjZjlVpms3dsbMc7Jrn7ooJVaupjtukYo6czVnYWEebos5a/T81Yz5qXO5wjZX1b+Skxmj6GRVe+lKa9mNqdkbefpj2VXTy197CVyV9Z+aspZ2diZ5aus4uXwaqsr9Ex0SjnXV/cs05V7T7ZeuK30YS+dy2iyyGq8wW8vMk9N0uDP6/k2cFgAAAAAAAAAAAAAAAAAAAAAAAAAGpfXEIW1lUJwoBZX6PNhldLFyx9DPVE67Ok4t0axir24ln2czN3TcmGV3SiF1LVsNkWMV1/Vw2WQWE74SUNXKo5fcYO3xWEb7Eyx1WmarZjXltd5njpzLf2i9FW7GnU5maNnM9U+TM1sNOudVlXc9oQs4nLadmuVWfbnjstOVYyhKdOQX3GeyGm5zdlLHeEZw1i2ce3lGnTWrt9CVdlLHo5Voz649up0Ga6Mp2jOFbN8Zd1ypldAdlWc7GWPR3Ppo3wlyVkufvbJ0hHluuVLbYz53dUlxJGotXGczulcrVlFk7UxtmlPKnfFc9kfRMdPY50XTjMupqyN99vnvYrPLs0Zjtey88227hks9LseV3dlqgWAAAal9cQhZwohOFALK/R5sMrpYuWPoZ6onXZ0nFujWMVe3Es7FqZO7umFvrM3LCw5ZSXU6bEyWX8TJHZim747s1xTy+a5o6ZmS7sozpbKyUa5mHu6laI9vXPbpwyXcrvrkbJJRKU5YR7GdJd5Iz30zsiupmpd7GahOu/XHkdmO55Z2a1Vy5npZzk0oup02ZrOdz25HvNc+WVbLzpjozx2WnKvEZTr2Eb7zoup0lHUs9lcoa5ylLt518urErqJSMs9u59OffGyVWiay3clOiNduuFXdcDPz0KEz9nVNc7PZZg41LRHRQStpsSNfoxTDPblM9kdS5+zoxrku3FErc1XWcutx89Hp5s9FB2u68zz05ooh6MaxvSzGIWAAal9cVw15iqE4UAsr9Hmwyuli5Y+hnqiddnScW6NYxV7cSzsWpl7t6YJbqzNC4taylbIaLGcndXEyyvxTV0d+aymOiZm5omY52yly6cl1VS1dSinZIwNNLSGuSZp7MSQhruMcfRwkZU9m74WaWcMrVmWd1rWNOmaloqvx2qhdzp5Y8qtWtdfGTtti5W7zU7Zy5rLPtZZ2EklXy2oS20M5J6+y5OXZ1nydtmaynRN0WVXJHlttzkjupK+34yXZaZrK5YlfL4WV2U6Jujuu+8/P5uoKXL1qWUZsbK9a5O6sh2yd1uSG7YeTK6CRVeqeVdprMfNmhcD0aIwDUmgiyzOLagnyIthEaKoCyMQFAAal9cVRvqKoThQCyv0ebDK6WLlj6GeqJ12dJxbo1jFXtxLOxamXu3pglurM0Li1rKVshosZyd1cTLK/FNXR35rKY6JmbmiZjnbKXHbVdbKrV1nHbdIxc0UtO3yZo5uxEGi4yV+lhKbK+t6Iy0ufnTvNZe6LUyQtpm52Rvx6YJR6eOpC1YWdvTDO6xaKPS82EpXW5ezrWcJSkdrtqef0aGc9l/TDzTna5Ky1MltWhc9tVxDl1qZY7aSuvZjVOWlMSVktPNMKrlXoK+ar2MVe6haexvWiVlGbHvNcuXmvITnK7Vy2XbDyl8Ci2r1TzLdFZTXp0GLu6iMA1AAAAAAAAAANS+uK4aqCmE4UAsr9Hmwyuli5Y+hnqiddnScW6NYxV7cSz7OZn7ouTBO7pRVopasr3RZyT0dMnbILG2yEmdr5WeGq4xcvitNtFy0y9ClmurZEyWi1d0TTLK+iWtvjZmh6PmnZVSalXtM5rpRM3d0TFLnJ0n1dnrV2TXCKm2ymWi9MNlthgndlavot0JitrLzsuHec0mWWyMkM/oRucdlabjzTCqbK9BT2d6Ypa+pljryL2K9aobMcJ3rMxYvIaZpk56dCUQtpXRDVhk7BZN1808yz2V6dqI+hNfPj6dJTZReUQ2yM9OjWec2SM+fTjJ9rIFAAAAAAAAAAal9cVxtpIQnCgFlfo82GV0sXLH0M9UTrs6Ti3RrGKvbiWfZzM3dNyYZXdKIXUtW17YsZmnq5LOwWHdMIpaeWZ46bjFHRFc9tVyzz+jSzms0RMfbTVcrps5JaKJY83Rsy1+n5q8lCS6s+kxjnoi1n7timM5OkrI2478Sj08lXa7WnLb2fPutsMUNWVpKehMVkDXOy4nZV6U5n2xkzz1RswJp0i0QsrlXoIclemWOzqY+6sixdvWqGzHHWlZlnGxedtmzn56FCZ4XUtzbMMiKyar5p5lnvo07Vx2zXLV6FJlnG8yz1SMyes87uuRip2Y0CgAAAAAAAAAANS+uKo6qSiE4UAsr9Hmwyuli5Y+hnqiddnScW6NYxV7cSzlK0yd1aU82dkVqlD0TFCdhVDfUmfuukz85a1yOvGl9dtZOE6iF64rhXvTDozXrSnIqbKkztlhh5CxqPNNJGVfoJmhqqTPdqzlcN9Rl5vrM0uym6pXXXHnWaC08rksbp8SmEr1zWV6Cjmyxnz3o0rnkmSq0XTOeuqM2aO5udZXtZG68wy9WEvmraLJx1Xr5tk7zF3bdHm1+t5NnJwUsrFvKyT5EsucDvEd4CcBZyA01VjsoCU6hK7OLFYlEoAAAAAAAAAAA
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5d16244a-c204-489c-af1b-9e7b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-28T14:29:30.000Z",
"modified": "2019-06-28T14:29:30.000Z",
"first_observed": "2019-06-28T14:29:30Z",
"last_observed": "2019-06-28T14:29:30Z",
"number_observed": 1,
"object_refs": [
"file--5d16244a-c204-489c-af1b-9e7b950d210f",
"artifact--5d16244a-c204-489c-af1b-9e7b950d210f"
],
"labels": [
"misp:type=\"attachment\"",
"misp:category=\"External analysis\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--5d16244a-c204-489c-af1b-9e7b950d210f",
"name": "D9_f5EBXUAA3WPB.jpeg",
"content_ref": "artifact--5d16244a-c204-489c-af1b-9e7b950d210f"
},
{
"type": "artifact",
"spec_version": "2.1",
"id": "artifact--5d16244a-c204-489c-af1b-9e7b950d210f",
"payload_bin": "/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wgARCABpBZADASIAAhEBAxEB/8QAGgABAAMBAQEAAAAAAAAAAAAAAAIDBAUBBv/EABgBAQEBAQEAAAAAAAAAAAAAAAABAgME/9oADAMBAAIQAxAAAAH5da7eXOnO5zQ136nNbYy5vddaZW9WCVvmdQhursyujWmJ04Vz2605joZJXk/SFWjPKEoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGlb5GeFldkQoE52z4XFZVo6SmKWkbbbeVwaczpLK9GrWMde3ww2WQX2vdFM9emwwLNLVdduXKU6r5aJ2ac3JV1YYc1vp2zDrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANK3yKK7K6iAABOCLPLNG84G+kzT0eGeO6VmLzZIwx6ftnLns8lwtiXG6NVmNsjz6R9pYvkd1++WCrZbXNt1WnLn0KIppJvTmdRnlulDUxeb4GWcs+dtOYG+esc1vsOY3zObpsxZ005ir769Yyteo5VvRzyVZidNOZ0mea2+6YXTzJnvsxZ005inSq1jE32mLy7HnTTmKb56xzbd3qct0oLlstw5005im63WOZbuknKdapcdmnm5rRnNe2aL9Y5bdcc7zowOet1LgdD1MXnQwkYdD0x2aebmtGc17Zov1jlt1xzvOjA563YvOn0Kkw23ajlOhnXPY3HNdepnm6dFE1VGCaupnvuea6FlnNjtkZUYZ3OdMiLp2a58uGv1rG2emJ086U2W4c6srvodA1gADSt8KK7KyIAAALI6vNYyT0erjlqkZqts7Oe2wlyztvMDVcZIa/bMNl7OqbKq+dvoLQ1AAJSrICgLKxKJAUBbUAAAAAAAAAAAAAAE0CAoAAAAAAAHtlRAUAAAAAAD2yogKAAAABZWAAAAAAAAAAAAAAAAE4EoWAAafLvYywsrsiFAAAs80e8bjdHNWd70uk5jsZVwy2eJkj0C8916TnOzI4jscsit0c2Bqy7l0dVHP0Rq1zMLZDWM0rblxNN0ZK+h7nfOb5WYPNdhz1/u+ed0IY6Z7I7t8sEL6ZqHlle+YWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaVvkZ4WV2RCgAALbtXC8psx9IGwAAAAAAAHsoJQsAAAAAAAWVpbKws8gj3wsCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANKcSqE4JEKAAAAAl59J05/NOpZXHdvkYsJQY3dTq6PC8QeiW1X0Z6Jw0maXSny9fIn0cOuVcemnTnOjBOe34d+eToYs9VOvXlyXRrucTpeS4I6tlcl0py8p1oRzPelh3ivw6cAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/xAAtEAACAQMCBAUEAwEBAAAAAAABAhIAAxEQEwQgITMiMDEyNBQjQHBCQ2AkUP/aAAgBAQABBQILmgudAs3OOTBAwI6hSxKlfKKhaZY1HwfpcKVXElc5eySLlss9KInMku7lMbjWgSbCygzRS93klkKouHcJfO23oOiqxFDMP7ATvzJN3unst2v0uFzQUkUeXAiEEKRZUcZ0j9utroiyakomRorhSehJY5+3gx0NrDOsGGMuoXSJAdY/o4KVW2pxR5SxbhpuOGq1oMZtwN55/T6e21b6WrbNJJVF2uM5LnrfYlrZYtw6tcNgKSEls3+9pc9HngtcayCdy30tFitm/wB/9FBc0FzofIVipwXJBXkwIkk6RMSMEEjUqQOYLi5cBwSToEENHWD0okzJFa2umo9T6qJMyRWtrpzvaiKFrIq2gdtY/be1EULWRykFS9qIoWsjkFumSK1tdNXWD6R+29qIoWsjVljqFym10pLcxTrB9FEnIweRFmxjTABqC5Ta6UluYp1g+iiTkYOqgE0yx5HWD6m1hnWDKJMyRXXBxSrKnWDKJMyRXQAR5Y/be1EFenOFKqinFHyUlhVVbuSbhuNN8ICSeHM4p0ty8ODuN0PTcaTUxW4lx2FF2W3Z6ALOpKzZUXW6OvvuyKkGE3+nQ4tCUGzP+d2W3qg8KeG2JQJI4pci9dBDajBCgvRYra6i6AZgYLy2dRLZs/Isg03Q+tx57GtnoAsgviY5F65JH4iZfWz0AWQUyrrO7La1M45ItNKiDvN3l6XHnsaiWyhMOpBJA9bnig04apLZJxetk3KEZZaTy2/BgzisoM0bYJXi9x8nH1nig04apLZJxetk3KEZZaTy2/BjxG2s4Wm/6LWYf2ZJuu7EmFXvWRyJY/jf72i4ndzG5IoDhbbPtW54bo2gzl/QkyVibAYrw6MdpCzKO9bYvdeexQ7XOFzSrLQ+SqFgRg0QBpggbbHlbAOm21YMaDYVVlW19x8x5wcFmlzK2KYljyl8r+aDimaR/CHqz5H4A9WfI8wtlf8AwSxPkBSq2wcn1Pk2hm0gK3bvQvncu5ixuNaClqTpbBIRSblMxDHH1ZnK6TEqWANw2AxWwpUh8S/SYXNKpbQ+Sizcx8gep9ecep9dGtxEfAEY8pwDoUYHUDJIweQKIJZZ6VQWUAkjB/24UqtsrofJ4ckXbTFm65uOxarsmtqcIGKcKmbyrcP1CfJSW9lpMxa2VMJHK+FH99piLinF24c26cZtHsqC1J0tg4CsXLGJOPqWnm5nBMjbHQZFuv5DreDFndiXbMK/pXxKMfUp73xP/bhc0F6UfKZY/jSOPwWbNBiBSsVoMVP+4ClVt5Oh8m1mPWV3O3+owuaC9KPnYIHL0k6R5FUNqRjQjBpRmumKGMgZOkfABkbeE5TgHmHr/uLXvPbo+dc7Vr4lvt2ve/v0u1xnZ0t+7Ru+/wArie03xV7Z+HZ9vC+nC+vFe+uI9n9Nztp8Thas1eqx7r/f4ns3fi3OynxE7Vv5Vzuf7j//xAAsEQACAgEDAgQEBwAAAAAAAAAAARESAgMQIRMxBBRBYCAwMmEjUFFigaHw/9oACAEDAQE/ATLgtBYksTxJYsXLE7L2q8iSRMkbF29oPIkksWLliSxipMuGy5ZluRZbZZQWLCe1yxcTnZvhjy5gttk4RYWUmLlbWLGL42sXLGL2sXLmLna3JYsSWE2yxi52tyWLDZYeXImTyXFlL2eXJctvckksYsyXb5ViSxYkksWFzs3PsVufnwQQRvngk/4OkmdNcKTp+h0u50E3CZ0PuLRT9SqiR6EepklwQuDJQ/Zsv5Mkss/YuWdWh6gspfwZJUTMcZQ/BRhm5+kz0Onkk+eJPKTljjPdSafhVl0+fqk1tPp6jwNXRWnnX7C0FnlVfoLQlYue8/0eX/EpP+mDoTf9o/Dd+fSTy3bnupM9KmNvv+e//8QAJxEAAgIBAgUFAAMAAAAAAAAAAAECERITIQMQIDAxMkFRYGEiUKH/2gAIAQIBAT8BI7mNjiUYFbmI4mAoFHyP6g5S/wBJ7LlKe6Q0/brp2P1Ic3sarSIzt19LasUSkUYbmJgYlGBJ0KO6fQxfok/fnTsaft0NOxpvx0RTXkSfNpjTfjnTsaft0NOxpvx0NN+CSb8dhpvwSTfjtMp0JfPOndlO+lp2R7WJRiYGJRiYj2KfyJV9PlJqTIzyfYlNpkXaIybRqUZmRmau25qmoZOxcSxFvcX0KXFqVEZZK+1XZoopfRYwyTZpko1y1acYv35LyNmrul8inaNTax8Sr/CMrVkZWrNRpWx8Wr/DV/jkanp/Rcbxsa34Rnk6/vf/xAA5EAABAwICBwYDBwQ
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5d162456-1928-4d99-bdbd-4d1f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-28T14:29:42.000Z",
"modified": "2019-06-28T14:29:42.000Z",
"first_observed": "2019-06-28T14:29:42Z",
"last_observed": "2019-06-28T14:29:42Z",
"number_observed": 1,
"object_refs": [
"file--5d162456-1928-4d99-bdbd-4d1f950d210f",
"artifact--5d162456-1928-4d99-bdbd-4d1f950d210f"
],
"labels": [
"misp:type=\"attachment\"",
"misp:category=\"External analysis\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--5d162456-1928-4d99-bdbd-4d1f950d210f",
"name": "D9_gbcAXsAArCk_.png",
"content_ref": "artifact--5d162456-1928-4d99-bdbd-4d1f950d210f"
},
{
"type": "artifact",
"spec_version": "2.1",
"id": "artifact--5d162456-1928-4d99-bdbd-4d1f950d210f",
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAAAsUAAAGHCAYAAABYsy/iAAAgAElEQVR4Xuy9fWwUZ5b/+yUEt3mx06YxiV+ytHFsSJgRZkIQgexdB6LVMoSXRPe3M38hRGZGyUozV1F0R7Orm/yRSL8ZjTSKbqL7S2YzEyH+mt17lfCyTEarIfFqQkAJGYxmSIwJ0Gz8EjANHTuA27zd5zxV1V1dXd1dVV222/b3IzWmq049derF7m+fOs85s+4oQAghhBBCyAzmLucCQgghhBBCZhqzvv+T/9MRKY7jB//SicY/7cXLf0rlrqpY/Pps2H/nUjde+dduDDpXTwh+fXbn3aOfOhcRQgghhBCfMFJMCCGEEEJmPFNIFEtkdSde+tuoc0UAEvjN/9yNfyoYJQ5zX4QQQgghpNKZQqKYEEIIIYSQ8aFoTvFb6MAP/zaO+9TSr3q68NY7CVtk1d0Ojjzdhr/tzK5DCn/+UzcO/sk+TikbM//XZp9FIr5d+LNbfm69WvaUWvZ5dtl3nt6JHyzPbg11TP+kjimLl315xNz/dxZZC1LqHHbj5cz+3M+fnOesTWmYU0wIIYQQUj4FRfF3RJy+24XffK4EZX0HXvphB5AzKSxrJ2JPC2axewp4yxTFhghN4aAa56BtnPtsYtSLjX1/7hPTHOu0IBV/Tf/ziGLzj7Zj8yXnPiyK7csL2fFfyXyRiKKhHhgccjl/6kvAW/Il4MFOdf7iGHh3t/I7O1oxKIoJIYQQQsqnYPrEV3ZBOdSN/+gB7nswjoZcM8CMfmrhp+xezkSJ4/jOcmMcLXbN9W+JyFweN6OxXmx8YorqwXf3FhDEE4ESwIvUceUsS9kEsQ05f1ZU/PMEBtSPxkVRhxEhhBBCCBlPCopiV5RYc4rir9yEnlAfRaP6MXApd/2gfq8E74MebfygBXEcn761FweHnCsnkoRO/8DyTrz4L9vxgwfzz5tFwfNHCCGEEEImDH+iuNJRAnNAUhf+1iWiPcEM/qkLL//PvXjl3QTwt6Y4ZjULQgghhJCKxKMoNtIB0JPwPtFMC9T8VIAG/V6NIzmzXmx8kcBv3urCnyVC+/TkC2OdMvF5N37zr3vxT++m8B0ljjfXO20IIYQQQshkU1AU3/e3HfiOKeAaHuzAZiWK//x5IsemOErUSh6yCMEHTdFbL1UWojZx7cXGQgnMS8q2voTYHRJh3I2vTGEcDC/7kolyO/G//mV7vtBV2+VGq6P4zoNxGHnFmYWEEEIIIaRCKCiK//xuAt95SkTfTrz4VFS9l4lrTqvi/Pmd3XjlTyk8/NR2Pc7/+mEcA38yKjL4sTGQChXd+POiDryoxWgBQSrIhD9JW1DC+KVAwtjHvgqhvkj80Lbtk4vMKLbTjhBCCCGETDouJdnIVIIl2QghhBBCyqdgpJgQQgghhJCZAkUxIYQQQgiZ8cy6/NVJpk9MYf6f/++/nIsIIYQQQohPZkXWbJg0Ufx/7fjfnYvyePGN3c5FwZm/BJvWLsaXRz/BXyH/j+Prv/wXPrroNHRBbxvHPRc/w+/+ElIJiXL8KQfzWCZkX4QQQgghU4Ay0yeqUbOwAWtWrsDG5mrnyjJI4f3f7cX7l9V/1/xv+P7Gv8P/cJooalseUesewv3OFa7UY50WgkqAXlXbLl6MezCELz2KQsMe+O8LIQniMv0ph4ncFyGEEELIVCCgKK5GU9vDeGrtCqy5fyFq5oYpiIGLn3Thg4Ud2LAQ+B81s4A7I/h/nUaYh7+5d54yVuLOucqF+78dxz1nPzEjo/62FYbPfYLfHQovslquP8GZyH0RQgghhEwNAoriUfSf/lSXAzt0YgAjztXlcLkbvzsWxff+Pg6c6cJs3EHyfZfqvvPrcf98b5FbiSh/Cwm8d+6ascDHtuPBpPozkfsihBBCCJkihJBTXIc1a5eipu8kDvWNOlcWJSenWAngF/8zkX1vIqkTwp2R/8K/fZxdLsLyu0uv4vChz4pHPBc/hE1id/Q8hs1FmW2PDumI7d/Mn6eWXsNfJbf3qmlk5RCbb/PWw+M4ToL6g3m4vyWOb91bj3vmm4uuDuGvf/ks32Zpfdbvq2ocM0VD8LYvQgghhJCZRcBI8TjQ2olXJDpc14EfP7cTP14d1cskZUFedkEs3LNgHr4+myguiEXYLoUSfFkBmkkfuDof9+t1khbxGf5bLRcxmeHqebxn7vuwpDhcvYj/zhGN2XG+tXQevvxLdpz7F4vQdKEcf6CU8NWEErOGTzLZ7+v59ai1BDIkJeMRrL/3qhrDtFGv3//lpM3vAD4TQgghhMwAKkcUy+S6TxJY8UgHFiOB948Bj6+OO41M6pWIu4YvL5rpB67IRLbFSvg5IslW+sDZk/hICUtDnF7FcMEoqewL+PqCZWtijvO1Eqrv/eU8vpTt58/TEdqvr7r5Va4/MjHuWo4P9+Ba1k4J7m+ZfmpfTIav2rbx7TMhhBBCyMygckTxmW58gA5saJWJdt042WpMtHNlcT3+Ji9ya2cevrX2IdyjhKYzJSBbecEuAufriOvX37gMKPtCvgC3xvmrrTxb4aoOIfijBO23vv0INm38O51S8v1v1+dGr68aYviepY/g+2pfIn6d+POZEEIIIWTmMPmiWHKJ39ht5BNf6cbr6v+vH0uZy/fie2ucGwD331ufH7m1IWkE37r6WXYiWwb3ygu1LXFX4SvIvgqmTuSM47bMoFx/dOm5tXHUXjiJwzotQlIenNFryQv+L/z+qOQYz8f6tX+HTUo412bWu+3LbRkhhBBCyMxj8kVxa6fOH66XnOLnduJ7rUD96u36/688tz0vl1j48i//5SIwDURArp+fwO/dGmy4Vl6o1/m1X7tEcUulTuSM47YMIfgzfwnWq/f//Rcp32amQhSIXgvDevLdJ/j92Wu4Z7Ftwp3bvtyWEUIIIYTMQCZfFJsl2DaYJdj+7XIHvv9I1GmV4f5vS/rAI/iWS3qAVHYwKivYJ7JlsRpw3CMT1GSBpCSsfQh/IxPY3ER2AfHplnLgtiwUf+bPt1XAkG2WYJ1MwLNFr+9vWaLEbXainNiIkLZPRHTzz20ZIYQQQshMJKAorsbyldK8Q15L0aSW1DavMN8/jDWFcoFd+OuxbmB1B76lJ9ql8Pjfy0S7QhiR2/x0BuiI6qZvz8dfjxYq0WakCnx9Vq1fEMd3JS9XpyR8ht8XEK1lpU6E5Y8aUyLGf5P5MnANf5XI7ny1jeQVq3HuWbBYiWnp7mfkG69fOl9XlshG0138c11GCCGEEDIzCaFOcXBy6hQXQPKNSyMT2VagNtMhbrKpNH8IIYQQQkgxAkaKK4v7v70C9184WTECtNL8IYQQQgghxZkWojg3VWDyqTR/CCGEEEJIcaaFKCaEEEIIIaQcJjWnOH31G+ciQgghhBBCJpzAorhmYQPW3N+I2rnmgutX8HnvWfRczzErCkUxIYQQQgipBMoSxbVKCPdfH4WUaGtqW4E1sVF8fuKkZ2FMUUwIIYQQQiqBwDnFI5cHTUEsjKK/bwDDIo5j1Tl2hBBCCCGEVDqBRTEhhBBCCCHThdBEcU1sIWolYpy0oseEEEIIIYRMDcIRxXMbsKa5Gv293vOJCSGEEEIIqRTKF8VKEG9c2Qj0ncTHl50rCSGEEEIIqXzKFMV1WGMK4kN9TJsghBBCCCFTkzJEcTWWr1yKpuRZCmJCCCGEEDKlCSyKa5pb8eDcUXzed8W5ihBCCCGEkClFwOYdEiVeoUSxczkw7COVgs07CCGEEEJIJRBQFIcDRTEhhBBCCKkEAqdPEEIIIYQQMl2gKCaEEEIIITMeimJCCCGEEDLjoSgmhBBCCCEznjIm2tXpOsXZChSj6O89g48ve6s8IXCiHSGEEEIIqQTKiBRfx8iXJ/Hu0U/16499QFN7K5a7lGmbOFLY/MIJ7FjnXZgTQgghhBBShigeRb8tKjySvIxhVKN2UkUxIYQQQggh/ikjfcLB3AZsXLkQ/SdOoue6c6U7On0ilsLmLefRHrOWRpDsvQ97DkTtpsruK2V3IWOX7F2Cg8omqd9JhFiNYTPPcg/+41d
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5d162462-55a0-4486-9309-4dd1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-28T14:29:54.000Z",
"modified": "2019-06-28T14:29:54.000Z",
"first_observed": "2019-06-28T14:29:54Z",
"last_observed": "2019-06-28T14:29:54Z",
"number_observed": 1,
"object_refs": [
"file--5d162462-55a0-4486-9309-4dd1950d210f",
"artifact--5d162462-55a0-4486-9309-4dd1950d210f"
],
"labels": [
"misp:type=\"attachment\"",
"misp:category=\"External analysis\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--5d162462-55a0-4486-9309-4dd1950d210f",
"name": "D9_gkKyX4AAyIGB.jpeg",
"content_ref": "artifact--5d162462-55a0-4486-9309-4dd1950d210f"
},
{
"type": "artifact",
"spec_version": "2.1",
"id": "artifact--5d162462-55a0-4486-9309-4dd1950d210f",
"payload_bin": "/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAUDBAQEAwUEBAQFBQUGBwwIBwcHBw8LCwkMEQ8SEhEPERETFhwXExQaFRERGCEYGh0dHx8fExciJCIeJBweHx7/2wBDAQUFBQcGBw4ICA4eFBEUHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh7/wgARCAEGCEMDASIAAhEBAxEB/8QAGwABAAMBAQEBAAAAAAAAAAAAAAIDBAEFBgf/xAAZAQEBAQEBAQAAAAAAAAAAAAAAAQIDBAX/2gAMAwEAAhADEAAAAfzmUZev5l+XTmXRXLPLzfjlKtz2iuVaehklNqq2utlRZXQWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaJRnZox30S+lmzaO3Azs701dq5dt+eWLye/Yrp3z34rK7hpqd/NozW9KrM0o2xy6lq53tSp7OL68W2u8hTlsw6stNNSzRmt6VWZpRtjl1LVzvalT2ceh5sJFtmPQZbK7E7pzzWurVlrVXTem/JLJm6sl1dUehn5Zdnvis+Uyj0skshbGFtYvVyUxt7yBOePQZSxPQwxiu7JbnTMNQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADR3krNOPRnloAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABonCSacejOvpVcp+duOjPDtOaqLiqzN3Si2p6GvJtx8/RtjVP1eG/tGvWMWbXXy6XXY7N5sQnZZn7yVHk5Z9puSE4V1ycHH0Wcpnzmqi1188tGGaYd+WbpPRnsYWY5L3Lrpzu/vO6xdVLLm9hWnXXZh2XEnOa54vRydb9HF2DFG7JoatuxTYw+litdLqo1ZXxpny9VI78AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANE4ds0ZdGeX0quU/O3HRnh2nNVFxVZm7pRbU9DXk24+fo08730+Gd9LeJedsq57vlmu1LqKplcb+51Km7JZqq53NslVm8vq9Pz7Jejy6c9WpmOnP1NOK/MWU3WryjkiUqpnd2Ktmfct7UeysOwz6U5KuJZsxSSqys1qt8ySbYU0no5qtCXY5QXnq+XYTuw2pXZGTSyriXcpqNjLcSyWcaunUZtVQL8l5ZTydlllM9d8/NvmJXUy6Z5bCaaK4RZjKjW1dmnJnH2VTptq7nY0IiVmG5b6OVm7ma1mVcq10W4rkurxzW7NZ1e7M5mmyMmtNdUWdVOeNu9jsko0Vzar1ZZF1mbjOnLZFc2rLra72jqaK65JOCm2+FUOHe7NdTrQdOYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGi+iaX5NGdfSq5T87cdGeHac1UXFVmbulFtT0NeTbj5+jbCvnp8O3HZWaayycJ54o3USzrt+WzedGaFuWPdTpWrlYTr7z72Rqr5z0K4w68dUa6021KUlZXYvKrcy37PO1Mw5TcvbqeJdjtqW+Wawybc+lrT59vGY3U9XRymbOjLOBolmklmfpqvZjgu67DxndTyuSOrKt10B2eK4juw3l1eOZp0eZNO7fJ1r2eaS6O5pJqyOl1Xc5tZRajnXVgOfbRfgnc23RyazuV13O2EapJ952u5dNLV1nnazqE8yyFdu5ZmUTVse8mtJU51aqNVsb89bN/cnWtGrzSa6o2kOcoXTPJ09KeCTFerNJrTmnUk7KKVvuyTPR86yCau5uGmvHNdNEunbMw0wo6aMN0Gr6+1Wba4Rksqy959tWTRnnYOvEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADRKM7Lssox6VXKfndI6M8O05qouKrM3dKLanoa8m3Hz9GqfYevwShOnKjZSmtN2anWLsumOdQvjPUqU8xqy2qXH0XT829w5ppu6Y4dRCEWvRo7nYtw66nSUJxI+jikzorhRHrRzRuIen502naektPlWtbGczqjjF7laztwaF024rmL8V9Bov8AM6u27F1O6cY146rVlLJct1MonabeS36/OXGi7H1K64Q5+m+WYehXGHTlqhpzzEs8l1Zq8+aX5pQlzbKL7qjXnuZ1z82yZ0qFVTrpb36PPtY7Guu6308rkt5XYaqaYp6OWjhbZjuauuy9Z000DZVjsXdngSVmWhr0+UcZtux2kcuipuejFYndGfMvo10Z+em/Ab9LH2XTldzvGXVKz2edrTkapFXe1t7rPLuYslCawBrhkkmyunqW5pRa0dzk9COaLMdeatqWvPmPQro4WwovatjXXZ6HM1MmquBbbKYptxygX5LC0asuhrRyqLGyquKMfHP0X2ZBv7CPThKRLbksrqfoedNntXa2+aabCW3DBi+uvrU+w6aOVRZ2cyShXfRbpz11rsnX1mfKC2bfIuLK+1W6arM8a+VSTXljalufPFrfVXNLaoiWa6DV+nKY010dJcoY6Slmt5+qgd+Gi2qxNOHRnW67HZ15WITssz95Kjycs+03JCcK6TjTw7aJ5NLnNFrOL3PIuXRjtqLEJG3OpZzenhub0UxyYd4XoGoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABovo6mzDfQvoZzvwhZyqasVSyT7zS63JQzf3tDWrPCzFVR7w66qYaOnGPeUkteSJPX52ghOWRYLTdW3PVzveGqGoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABr2Y9BzJfQa7ccu3Cc89c1PV518t9NHS/neJo5Q3JzrsiPOVZ0vz0efr7GaeTp57rqSyjIWZ7qSzvNaU5+0tWa8leaoHUNQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADXfRady6cxZZCfXi7BW/LXRZZ2m7G4assk15u93nkuRlRhzh22Z6bpiyF1OsTnLKZdMLm51yizbyus9DFDYlNFLn2DoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA130aBjvoLNmTvbjOeeuWcK7ca5O/PuTlQysnXCtNMOl/OXaxXTzvHtdg3YWQbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA13U2k60l+1+F+/+AWdMNXXhw5Ypd49bsG3EyDYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGvRnuJY9Gcs0Zu9eSzN3N0conqQ5b3Op2Z2sWXZO6Jwni255U8+mnme3OdlXKNc5U3Ra01WY8lA7BqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d2dbaf0-b47c-4ab9-b9bc-42a5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-16T11:54:24.000Z",
"modified": "2019-07-16T11:54:24.000Z",
"description": "remote host",
"pattern": "[domain-name:value = 'auth.to0ls.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-16T11:54:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5d2dbb91-1700-4767-9fbc-6552950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-16T11:57:05.000Z",
"modified": "2019-07-16T11:57:05.000Z",
"first_observed": "2019-07-16T11:57:05Z",
"last_observed": "2019-07-16T11:57:05Z",
"number_observed": 1,
"object_refs": [
"file--5d2dbb91-1700-4767-9fbc-6552950d210f",
"artifact--5d2dbb91-1700-4767-9fbc-6552950d210f"
],
"labels": [
"misp:type=\"attachment\"",
"misp:category=\"External analysis\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--5d2dbb91-1700-4767-9fbc-6552950d210f",
"name": "D9_jn9BXkAATcRM.png",
"content_ref": "artifact--5d2dbb91-1700-4767-9fbc-6552950d210f"
},
{
"type": "artifact",
"spec_version": "2.1",
"id": "artifact--5d2dbb91-1700-4767-9fbc-6552950d210f",
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAAAbwAAADFCAYAAAAv6kdiAAAgAElEQVR4Xu2df2wU17n3v5RiY7CdtRc79dqUxQ4E4lRsEmPR0L7XQJRemhac6NVN/qpQm0RwpV6pqt6qvXrhD5Duvap0daVG74U2eSvUv5LqVWLoTW5vFIKrNGkEzs2i4AAmhqWxvQmweGNjwCYJ73nOzO7Ozs7MnpmdXY/t5yMtZuecPefMmZnznef8ehbdEYBhGIZh5jmLnvqH/2UjeFE8/Y89ePBqHAd+E0fSHBwgHnxiF55eZzhgUWaVOP6g1VvkrT7sfyttDlTmlXffMx9iGIZhSuAr5gNzkf9++TD+/p+0zwtnzaEaKnEYhmGY+YuD4CXwAglEWawgI2QR7cK+b4fMAQzDMAzjGw6CxzAMwzDzh4IxvIKxrrP9+PuXE4YDuTGq5xHDM9+O4mvi6Cci3n5jvCYR7/EePLgicyAt4sQNcfQxwkxwHmRd9uO/6b9NMZFOVKSTswA/cRgfk+Vf4Tw+pxLHFsXzKlo/ReAxPIZhGH8pELwcITz2bC8eu2oteA9SQ/9WHM+/lUByfQ/2CVEae+UwXjiT/9sD4reaqITQ0gQkr5iFqsgkDyEwj61I49UzWliLyGvv4yG8+nwfXr1iigs1MVOJY43KeanUT3FY8BiGYfzFe5cmWTXUmNP/zyQwJv5EslaYEAFhAX2Siw2yhArFToEriazYEcmrQkj09CuPi/NyrB+GYRim0ngWvE+sGvksQqREY491whr7x148vV4IhTmKMiE8+G1hIT27C//+j+LzTEx2Ec4O6uflXD8MwzBMpfEseMVIvtWP/f/UhwOvJIBv6wLhYSbmg09ov3vvrT5tWcHzcZOFVVn8Oi+GYRimspRN8DTSSJ6J44XfCLF6JS0ttceazHGciOLBdTRJpT+vW3P2KfW8GIZhmEpTHsGjiSbfjhq6+0J4cH0U2nhX9qCOOHYV+FqTMb4pbH0mjLo3tVmP5UNbF/jvwnIrEDFX58UwDMMEifIIHrE+hmekcGji8b0VCbzwvL7UII80Xn0ljv9eEcNeQ3xNbPQw6GHP9qDlTD9eeEtYVY/P0mJ15fNiGIZhgoTDsgRmNuFlCQzDMP5SPguPYRiGYQIECx7DMAyzIFh07ZNB7tIMIP/n//3JfIhhGIYpgUXV3VtnRfD+9w/+p/lQAXsPHjYf8s7yVdi+qRkfv3sSp0H/j+KzD/6Edy6bI1ogfxvFXZc/xIsf+DQds5TylIJ+LhXJi2EYJkCU0KW5FHWNLeje0IltbUvNgSWQxpsv9uHNa+K/9/8PPLXtb9BrjiKoX71RhN2HleYAS5rwsGzkhbhMid82N+MuXMHHig2+Fh/466c+iV2J5SmFSubFMAwTJDwI3lK0rnkIj2/qRPfKRtTV+Cl2wOWT/TjeGMPWRqD37kXAl5fRZ46EZfj63ctEZNFwm4MsWPkNYZ1dOKlbNO5+S0xcPIkXj/lnEZVaHu9UMi+GYZhg4UHwbmH0/Hty2vyxU2OYNAeXwrU4XhwI4clHo8Bwv5DWO7h03MK9wPImrFyuZnGRJXg/EvjPize0Ay5+Ww5mtTyVzIthGCZglDiG14DuTe2oGxnEsZFb5kBH8sbwhLjtfT2R+65D3ZnEl5/+Cb8/nTtOovHd9im8fexDZ0ul+T5sp3jvXsKEfij723evSEvr68uFxYMbOE1jaVN6pMyYnf61IByK6ZjxWh5hma1cHcX9dzfhruX6oakrOP3Bh4Vx2pty5Z4S6ejdpoRaXgzDMPMTDxZeGejowQGy6hpi+PGeXfhxV0geo25E+hjFjrirdhk+u5BwFjsSrXaIxjwnLtkuvanlWCnDqKvyQ/xVHCehyDJ1Cf+p5/02dTtOXcZf8wQhl8797cvw8Qe5dFY2k4hYUEp5IFRuKiGESisTTZz5TFhr9RnxA3WTbsTmu6dEGnoc8Xntg0FDuT2UmWEYZh4RDMGjiSonE+jcGEMzEnhzANjSFTVH0mkSDfQNfHxZ7xK0hCaFNItG3WQBZrr0LgziHSEamvBMYcLWuqG8gM8+zcTV0dP5TIjQf35wCR/T74W1RJbVZ1NW5Sq1PDTJ5EZeGe4Sllk2nhDT+/VyyrLoTEwZfuO6zAzDMPOLYAjecBzHEcPWDpq0EsdghzZpxZLmJny9wOIyIqyjTffhLiEi5m663AxFYwO/XFpKn123SJDyQqG4ZtI5bViiYD/70YfyCLG6X1hw27f9jezmfeobTflW55QmdHe1b8RTIi8SNjPuyswwDDP/mF3Bo7G7g4e18bvxOJ4T/39uIK0f78Pf3W/+AbDy7qZCi8sAde3dP/VhblJIFusZivWro5aiRlBett2ZeelYHdMotTxy+cWmKOo/HcTbsquSuiHNVieNw/0Jr71LY3rLsXnT32C7EMX6bLhVXlbHGIZh5i+zK3gdPXK8ronG8PbswpPCwmvq6pX/P7Cnt2Dsjvj4gz9ZiIcGicPm5Qm8ZrU43HKGYpMcz/rMwvoq1p2Zl47VMfhQnuWrsFl8/+sHtIRB7560sTqJCTmR5SReu3ADdzUbJq9Y5WV1jGEYZh4zu4KnL0PYqi9DeOlaDE9ttHf5s/Ib1KUnLCaLLjuaAanNQDROCsmRWTx+F032oAPUTbjpPnydJoNYCaiNsFh1A1od86U8y5cbZorSb1bhYZrMYrA6V65eJYQrN+mE4pBIGif1WJXP6hjDMMx8xoPgLcW6DbTwnD7taBVH6ts69e8Podtu7M2C0wNxoCuG++WklTS2PEqTVuzQLK7CLkZIS2j7N5bj9Lt2yxS07rvPLojw2ii+S+NgspvwQ7xmI0gldWf6VR6RJll6X88K/Q2cJotsufgNjeOJdO6qbRZCSbvOaON7m9uXyxmYOSvYonyWxxiGYeY3Ja7D845/e2nSpJBO1Gd3LpltglYehmEYhvBg4QWLld/oxMpPBwMjLkErD8MwDKMx5wUvv/tu9glaeRiGYRiNOS94DMMwDKPCrI3hTU9dNx9iGIZhmLLhSfCkH7yVEdTX6AdujuPM0AWcvZkXzREWPIZhGKaSeBa8eiFyozfJQwL5x+tEd/gWzpwaVBY9FjyGYRimkngaw5u8ltTFjriF0ZExTJDwhf11BsswDMMwfuFJ8BiGYRhmruGL4NWFG1FPll7KnRNYhmEYhqkUpQteTQu625ZidEh9/I5hGIZhKk1pgifEbtuGCDAyiBPXzIEMwzAMExxKELwGdOtid2yEuzIZhmGYYONR8MhjQjtaUxdY7BiGYZg5gSfBq2vrwPqaWzgzMm4OYhiGYZhA4mHhOVl3nULwzMeBCRfdm7zwnGEYhqkkHgTPH1jwGIZhmEriqUuTYRiGYeYaLHgMwzDMgoAFj2EYhlkQsOAxc5fwJ/jBT0/hBw9rE6XCD5/FT356FpvCpngFrEbbz55A0wrz8dnCrjx0/Ie470cPoNoc5BP1O0X6lEfm42NeMm1f0rOrnwrg+R5jgohHwWvAug0P4fFNmU8nuhvZUwJTYVJLkTIfU6B68wOoT13ExFVzyOwwm+WZOPJbfPhL7TNyzhwaDGazfrzeY0ww8ThLcylaG4HRa9pbT11bJx5pg0t/eOvQsms36vKOJjEZP4hkfEz/3lUYJ63HSWTiqKCYTqgL4dhO1GIUM2hFVWgUqf5DuJ7ORXGOE0G4dz/CIUN8M+mjSPSNISzKUxXfh0vZc9V/mz6Eof4BWJZZZ1r+Dop5HRXlLIZ1XtOJo0j2W/w+uhtre7r0cpjKX7Q8VucO1Pa8gEhItbwZ0njsp5eAP2zAq0Pi69oEfvJ94D/+NYrz5qhZyFrYAhwJSgMfnPKQRda24n0M/9/3MW0O9IA/6c12/Xi5x5ig4tHCu5UVO2IydU36w8t6QHcBNZpDh5+Wn4RoxOti+9EStYuzD2PpFtT17HFuWG1wTkc0+r2iIU7sxSUhYMl++isa594DLuKMIdWnnYv8iMZ7Woi4+ZhVg17bI8QCosGXYkcMIJmtl6T8PqZ/14TCe1525F0LIXSI7kBUCJuZ2qh2rFr8rcoe9b8
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5d2dbbaf-1984-477b-b19b-48a7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-16T11:57:35.000Z",
"modified": "2019-07-16T11:57:35.000Z",
"first_observed": "2019-07-16T11:57:35Z",
"last_observed": "2019-07-16T11:57:35Z",
"number_observed": 1,
"object_refs": [
"file--5d2dbbaf-1984-477b-b19b-48a7950d210f",
"artifact--5d2dbbaf-1984-477b-b19b-48a7950d210f"
],
"labels": [
"misp:type=\"attachment\"",
"misp:category=\"External analysis\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--5d2dbbaf-1984-477b-b19b-48a7950d210f",
"name": "D9_kDIyWsAY2tMM.png",
"content_ref": "artifact--5d2dbbaf-1984-477b-b19b-48a7950d210f"
},
{
"type": "artifact",
"spec_version": "2.1",
"id": "artifact--5d2dbbaf-1984-477b-b19b-48a7950d210f",
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAAA1sAAACVCAYAAACuNuBcAAAgAElEQVR4XuydT2wUV7b/v/4DtiPZ6XZjk4CjNNhuOzESoAHLhllgZ0RiCBqSTVghC1azgCiKfrOb1ewiRWjw4q1ehFjBJhPEH2dQglk8cBQYARJO7DYOjQYSYtN2x7wXbPCf3zn3VndXVVd3V7Xb7QbOR2rZXXXr1q17b3WdU+fPLalo715EETD7f/9r3yQIOTCDjt4IAldbcT5s3xfHTRlBEARBEARBWBolomwJgiAIgiAIgiDkn1L7BkEQBEEQBEEQBGHpiGVLeHEIPMTB3l+BwRacvFqJwI5hHOykryda8V3UXjg9NX8+hIYW04boDYz99w3MmjYtJ+r8a0znzMt1xbD303sIhNdi8OprGHV9nCAIgiAIgpArpUAlqmtfR/vmNrzTUGnfT/jR3vEHfGD5bMR6W5nWzeb9bWivdapLEJaRaCXyoUNMn/kCP3ymP/dH7HtXgLxclw/nP2/BYDSG93uHsTdk3y8IgiAIgiDkm1KlGL1Ri+qqTMrRDH689W/887v45yc8sOx/gsf/GUrs/+Y+sD7UiNYqSyFBKAjRR3ou67+kqCxdUykKln5dlRi92opjZysR2jeMjoB9vyAIgiAIgpBPSlk5+vbWz3hs3+OJGTyYnEl8exydxDQJdjWibAkFJRcF5Hkgz9cVDuJceBadO2L2PYIgCIIgCEIeMWK22FVwI6rvD+Hb+0mlScP71mH61hCGn9h2paPqdbyzuRYPPBwjMVtCwVizFQ1/3oqahGUnhtmRG7h/5m5KXFZK/FQcVccGqsOX2DR75UuMXTEUmJYuvP1nUJ1AHZXDyADt86Hx0FZURO/i/n8PYNo4rmJnFxp2bkAF10HtmMZW1DmdM5+EIvhk34zHuC9BEARBEATBCy6zEVbiLRWT1Yb2Bj+q7bvNVPnRGloHRH92rWgJQsFgJYgVnkek/BhxWT98dgn3h6fsJbNACtr/XErEdo2Rolaxs5uUJHOZDahrjeD+FzfovFvRuJOUr89IyQqQkhZPwEHtaSRFa/bMlzpGbBjJfctJ2IcwqXIBcSUUBEEQBEFYNlwoW1P4Ph6LFZ5EdcNG/KnZby8E1G7UyTE2b8RbdMzwfa/CqyAsNz7U/XGDyi5otWKxZSvmzYr06C4mRpJueLNRPt6HCovyQmVM55m+wpaqKSob32+0Z2QA94262LI1UcCkHIE1dku2IAiCIAiCkC9cKFtJHk/+gm/DpEQF1qUmv5j8yUiQMYTvf69S2Q1TygjCiuLXytAjj4qVIz7U7OxC4+FDePuvh7S1zF4kK7o9s4/kxYQgCIIgCMKLiCdlS/HkSZbkFzN4MDqGH59U4q0GBwuYILwA1Pz5QzTs9GP6f7T73w9fLGN81TISz3AoCIIgCIIg5B/vylZVFWpIoZqWeCzhucNw4Vvjy8EKZUbHXM1euWRxJcyVijUr8FIiFEOIeiGvWQ4FQRAEQRAECy6UrUpUx61YVX60h0gwfDKJB2Zli7avT6zTVYn1DY14i455EBX3KKGYiGHif+4Cga1o/LPO/qch5WtNMqtgdrTSVtEar4NdCs31ueUupjk+qyWIGpVYg+v5EA0FSJDR3PIbEH5NMhEKgiAIgiAsIyUHjv6/RftG5kH43/h+EiqNe/vmdVhvbJ+O/oTvR6es63LVbsQ7pITVxL8/mcKP//kZw6a1t7Ihqd+FguGUtp2TVHhO/W6kj4+yEncJs2u60bDTp1PAP9qqU79z9kEq23hoA6a/+BITj3yoO/whKv7nC9xXiTDo+5+7UdfCbYlh+solKv+h8znzhaR9FwRBEARBKAjGOlsrjyhbgrDczKB5RwTvdwLhs604H7bvFwRBEARBEPKJCzdCQRCef2LY++kIOgM+nDshipYgCIIgCEIhEMuWIAiCIAiCIAjCMiCWLUEQBEEQBEEQhGVALFuCsOwE8dFfdmHT1E30nbqJcfvuIqJtdy8ONJo2FLjN6vy1hT3n8wXPpS2YOPUVLqVJ9lrYPszenlxwMw/dlBEEQRCElaZUpXav5YyDbXinwWmBUz/aO/6ADyyfjYnshCnUblRl2mvtOwRBKHaGLp7A3/5Lf06N2fcKK0399i2ktEdwO4+KzVJYrva4mYduyrihomUrGg8fwtt/NT6Hu1CnlmLIgUAMe3tv4ZNP6dMbQTNnK01hBoHQQyo3jIM73GfsFQRBEJ5PSj/oaEP7G7WoTqyT5cQMfrz1b/zzu/jnJzywF1GQYvbGCizQKghFTQSnWSiUt+4rDCcJufUcC7hBdG3z4fa1YplHxdae3Jk48yV++OwL+nyJ+482oO7QhzkoXDPo2HcPoeibOPn5ZpyL/ob3d5gXPZ9B8z5WxEawl7YHAsuysIMgCIJQZJSy8vTtrZ+t62blyPrmdcB/0iligiAIQq5oK9JNDCzBipNPiq09uTI7cgPTj+JKEa91x+vb+VCj1r7zTjRaCV6+bjJaAQRmkDRuVWL07GYcI0Xs5InXVBlBEAThxceI2WJXwY2ovj+Eb+/b3/ryvnWYvjWE4Se2XWZ4YeM3nuD7WzN4i+pCfFFkl0jMlrBk/EF89O4ubEoYV2MYH7uJvosRUyHCv4XKbUmUGx+7jNNUJvl2XsdY1V//CqdBZbcFUc+b4zEhjbvw990+DKTEqfjQfWA/6q6dwOkxh5gSOs/f7G1hbO2Jt9vSpqxtdombcxmkjf1RdQSpjqQwOk591XfNEFhV/wCnLgLdu4Pquvuu+XDkwBbUT0Vw6tRlDBnH1W/flehfbscQ9XeX0zkzwa5bbFFISLUViIZfw8mz8faxRYv2x3dbeBXnPg9i1PgW2BHB3s7fDAG5AuHB1/DdVZ8hGOt6AoMtGEQEnZ2zqlw0/CbOn42XcUHoIQ62VHo7xpiTuKjnlhlXfZhp/ricz1ac2uN83/C5kvdgskxivjhuS5J2HppwU8Y1ahHyrQAvTn4l5mm82HL1fmAtzT1gb++viJJy5bzMQnIunbyayatEEARBeN5xmY2wEm9t5litNrQ3+FFt380KWagKD8K/5MVCJgjeIcGQFa1JEuyMOI6//RcJlHbhjYROFvpx7StdhgR/Vp6OsFJgo34bCbF+BxfAsQhu0/nammxvvknZa6Pytw3hMxlT8hUG0sW0sKDLSoi93WOmdntoc0bcnMsVMUxcu5yIl2FBmvuq2+JBHER3I/Ud9Rsaqf3bQf14GbepjzbFFVC+BhLIxy/q61IKqlk5dYXVdYutBsdIeTpvEWB9OK+2vwmWe6Mk4Opyumxc0WJB+WDnDMJnjf0nfAh03sPBfdb+CXRGEHoU1Oc7sZaE8XvY68U1MezDYJSF7WHtTmbf70Rj0NmK5KYPs80fl/PZQrr2wLhv4q6zrGTRuT6yt6mIqWjZQGp2DNMjxrh7GC9tzfoVB3tjCJ9Ip2gJgiAILxMulK0pfG/Ean0TnkR1w0b8qdkal7W+eSPWR3/ObPkShGXFhzqalta32jGMT5kFZVbISNngt/pxBYOD+1lgrPVp65UZwyqm6rRkOotg4HoM9Y2GxcugbTsJtNfZsuAWas/2oKrballia1PM+O6xzWlxcy6X0PkvmRS08Uk+nvq/1lSG+uiS6TxDKq6HlLSE0mm0x3RdbJW55CC8Z2YGAZJ+rRaHSuXK5Y0YQiFWxIL4LmwcG30N5wdJeA7F0GwqyWXOm8oMkkAdCGUWwq1UYvQqK2tBhAMPcTCrEK/7KjU2yk0fupk/XudzuvYY8H1zzRj7Mf23vtamyBUra7aiYacP02e+xMSj+EY340VKfy8p6zyHeDJGfRiNT8pQBJ98GjGVFQRBEF4mXChbSR5P/oJvwyQtBdahtcrYWLsR7QFSyEbTvboXhELAAmNEv+n/y3581OikiGiFTFl4/tKb+ChXPz/ts5W2KmpWxu+QEOnfgq7EG3u22MQwdCf9MakY7VHKSjq8tTk9bs7lFh8J4tTPB4z2sLXMXiQrhnKcoY/d4cN3g68q65ISgkPmGBkPGLE10UdWJU1//00pYhmh4y26pis
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5d2dbbca-5730-47f3-a275-49d6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-16T11:58:02.000Z",
"modified": "2019-07-16T11:58:02.000Z",
"first_observed": "2019-07-16T11:58:02Z",
"last_observed": "2019-07-16T11:58:02Z",
"number_observed": 1,
"object_refs": [
"file--5d2dbbca-5730-47f3-a275-49d6950d210f",
"artifact--5d2dbbca-5730-47f3-a275-49d6950d210f"
],
"labels": [
"misp:type=\"attachment\"",
"misp:category=\"External analysis\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--5d2dbbca-5730-47f3-a275-49d6950d210f",
"name": "D9_kITnWsAAx7t1.png",
"content_ref": "artifact--5d2dbbca-5730-47f3-a275-49d6950d210f"
},
{
"type": "artifact",
"spec_version": "2.1",
"id": "artifact--5d2dbbca-5730-47f3-a275-49d6950d210f",
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAAAxoAAAD3CAYAAACaciKTAAAgAElEQVR4Xuy9X2wUR7bH/7XNYhvFZsYDJtiOmGA8mGskjBYsTPYBOxEJl7DL3RcsXQmhZB82D+SnKNJ92324ebtSFP3CQ/bh3gjxRF6yZAk3CUrALwGEiWIkfIExTiZamz8mYw/2/rDN4vCrU9U9/Wf6T81Mz7g9ro804Omu6T5dp7r7nKpTdapqe/qfIQQs/H//ML5EfotNh3+LJ4N/wL2UsVmhUCgUCoVCoVAsD6rC5Gis7n4P8e6N7Ns9LKQ+w73Ba3hiL6hQKBQKhUKhUChCT6gcDYVCoVAoFAqFQlEZVNs3KBQKhUKhUCgUCkWxhHREYxdih3+HWITCqASzw3/GveG7pjJhYxc2HvsjGjJ/Q+rM30Id8vXcvv9GS9y0YRnIvLxxbxtLqosIu8+62X0Wn8Ddk3/BPzQ5V6f+hvTw3/CPjP0Huazu/iM2du9CLft7gd2jP4X6HlUoFAqFQlFOqta99odnPYkoGvnXeUyMj+Hq+Ly1VP1G9CRa0FrP/p6bxs3kD7g1Zy0iVcYDs6PBja+I2eBqwerIXTyRMHyWDndjMszk1rUieOTaRll1Ef8jNu3bBaT+YpsL1YLnut9CSzdz7gf/5L0YAztGYl8r0mf+hHSo702FQqFQKBRLQdXA28ef3bw+wp2ChqbNeIU5HRPJ73B1SivBHIiXd7RgNjnCts1rZeqh/0a6jA+Go6H1qoamdzRs8vizOq71Mkf0LfewMPyRo/xlNW69yPauG6NYC5lrSA/+Rapn3aAc+tIcB/tmghnuSWa4F0LZdCGzqpuME8HLQBsNUSgUCoVCobBSjbkpTGjOwOzUXdy0OQatbS1onGPbp8Qox+zUD7iarsO2tmheZRTlgYzVODMQ/8EM7eTJP/BP6sxneRrrZYYbvn9EDJ8hpcmcPBn2UDkRKqTXcfZToJNRTp7r/i1qaSQjZdthhu2/m9rInL9d9j0KhUKhUCgUUlhGNMTIRBMmsiMRUfTs2YyG8RF8Ywqnamjrwittc7h65QdMSJXxZ+FX/byXlWK9c7mn9aw69Vbbtxnf7+G3Rvw4M5x+shuBzMDduO+3aDD3/GeX1fXotca1bC9uToy9S4+2OZadzjM7/BnSw3rISh4yeyCWB4Z3L7QNz150W/2QPJYwG75/N9tvGoXIGUlwvjZjLkILYof/kzkZLjLo+J5LTl8c3+tix9r3x5x2YejC3uackW0bOsXpwk9mDZnRDB2/UQ1+rN34h9t+hUKhUCgUK5rqq2lg244udLYxJyPRxMOfjJCoOm64zT62ztmYfcy9EjTQfAyZMjIww/Mn3iv8F8zC3lucvyFT2/0WNjID857ey0zhRHFTATKimMG1OvMXUy/6R8z40g1H7beO8hhG6z8GjR54Nxn5KEN3KyurHePMEHc84hQjb8JXZk9a0EBhR5khzLrIkReaQQr9us/8BU/idpnv4snwR9l6STGZ6RpiWWPXgF9bRLs2Zkgv6Dviv+XlZ4cdjGsLfueS05f/dTHHhwx2e7vwcCjckGkbUgQpc6SFOXr35OY7pa6xutyI1Q76VCgUCoVCofBDLG87p4U/sT9mJOdUhB7qzdVHDFLi/9XMyBK0iJAQ5txYJ8IyY5Y5Gt4Gb77sYg4AGb4fIa07MXTe4XvMyN6F58xFPWX2gybMU093EEkOyXDVw2t0mZnRmQI3VFfrxWgORdYxAzNe7zIHwsUw1XrXuWzkVFp67SUM33zO5YrMdWn1qP+EQwsROBjtZSFYmVdHWtm/E1jwq28Tbm2QttfmeSyFQqFQKBQrh+qeNVP4+voIvrkygpuIYtuOX6OnyV5s+bHgYGQZCMMMmaCdCgc0Y9Bu9D3JUECZcEJ0vGWWo9bFKMwPrX5o1OfYf2c/PAzI7GiAVij6IzYd1socdgt9c782YfiaobAk/ZzvmUYs5M/ljsx1XeMhbVQmzs6/MW6+Xiu13f9pOU7i2B+tjmMgBCtzIGiy0Fyg9Bk1EVyhUCgUCoUz1TPpaR5qQkvb3mIOB00Gb31ho4h1n5vn+xrW1Jl/w77zNWwxS6MfMmUUZUBb/tfiCBQJzSnIhuLkhiE9t+8/0UIhYdmQHlNIlCTC4TKPTDiEVyGYc2Xxua4nw3/BTyf/jNTgEND9ljDeu3MduNzJ4CU0ugOSWdR3K4wVyfyxO8m6LKnBCcQOl8K5UigUCoVCUQnYMoMzp+Gx+fs0JtJAYyxqmWTbWM+cCuagiEneMmVKSHyXywRgL0pglLuhjZrYw09ET74WAhMId9mx7vF4/ljcvi9fZOrHISSsECg5HDtXQ/dvS38uqevSoTC6v+HemT8hyQzqBpe5J6UnYJnzCTnj95Z7WJsIX8vPaVEoFAqFQrFyqG5s05LsEfUb0RkDjFEOYGL8LmbqW7CtSYxYUI6Mntg8bo5PayXkygSDMLooPIiMrtXx32JTd2sBPdt3RagJM8ppQq05FMjuEBjnNJfLB+FM8InLce3YtIJQ90Y+DyPIHnCaLM2N9n2iN9tyXXmF0xj1s9FeP3H9u1Yv2e8U2rS7gHAmdq7Bv2GBdEG9445Gaz7n8tKXxHXxfB7Wfc/FadL1Us1FCFjmDHPsUqyN8P3e8GOkPituIrtCoVAoFIoVS9Xmfz/+rCemhz3NYyI5xpPuWZDJ+i1TxgPphH1xkdFYLJF6DXfPXEODpbzT7522QTPebEum0qRbywRxaOWsy+DmLvmpLdOacV7CVHZ5W1+ZJXBM2JddtteK15Kq5MjFum3L/2aGcE8va66XDKsT5ugsRCir9EbT0rOS18GNZY+EfVLn0vDRl+d1kRz7fsccno1ZRyY3caDkNWXxbhs6BetCSmYTEX2J2z+bVlmzQfMwvJa2JXgZqIR9CoVCoVAoHKmq7el/Zt+4FBiOhkKhKDmaw07zLawOKI0WkQMHzA7+yTvXhowzolAoFAqFYsWiHA2FYqWSHUWa0EYltJEamjcz/Dfn0RAb5pG6nJElhUKhUCgUKxrlaCgUCoVCoVAoFIrAsa06pVAoFAqFQqFQKBTFo0Y0XHjvrWO4cf4kPhkzbYx24/hAN5q1r3/66KRpZ+npOHQdrydMG9IbcOrk80ibNimIXYgd/h1ipkn+s8N/xr3hu2LCddwoSaswOU2+VpQTEbLVIKkLr0nzCoVCoVAowkM1LUX78p5f49/4pws9bdbEexxaUWqHVmbHZnTqy+FaqENDE5XrwstOx1iGbN9/jDsc9DnSbt9bfkbP7sAH74vP50n7XoXOc/v+iBiGkMomtvtzNv/GPwaNhHd3U9bfKRQKhUKhUCiCo/qVRD0mrn+Hv175Dl8n59DaxpyNJlMJ5mS8vKMF+PuIKPN3YBtzJgxnow6tHZqT8kITGihRn2IFQb3R/41NDlmolwYtuV/KvJKSlvSu4gmbLmQxssGrEQqFQqFQKCqHasxNYULLdzE7dRc3bbkvWtta0DjHtmu5NWanfsDVdB22tUW1EvOYGBWOyjfX72YT/SkUCoVCoVAoFIqVS9XA28ef3bw+IpLr8dGLJkzo3xFFz57NaBgfwTfjRhK/hrYuvNI2h6tXfsBEdivhXF6GMM7RMMPna0w5z9GI7U3hYO8jxPi3WiQvP48rlyLWuROx+zh46AESohAvl04+j3NntXJ8f4btN/Kcpy9vxalLziNEfL5GrPA5GjypnznxYQpoid814t6dkhk6JBRsyO41c82axM2WQC8nKWKEHWvfH63J6FKf4SeP5HY5aEnonLOFOyVY9Ij19712gW8dSuJ7HF95QqYLU0LDNN5CrFskErSfK2e+TMo5oaFlCd3U39i1/BYxJ70pFAqFQqEIFVpmcODm+BRaY02Y/fsIrk5pe7Wwqdnkd8Y2omkz/i1Rj6yDkmXlORpignYtLp+N40qyjjsMR489QCy5CR+c1ay1RArvHHrEHItNhmOBecRoYjf7jXA0MtgTqxPHoK/sN0cPzePyyU5ccfAkinI0eKK1XZjVMkNT1mkyPmvNk3Epx0LkbnZuAxnD8X1Oydl
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5d2f2963-b3a8-45e4-9106-0732950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-17T13:57:55.000Z",
"modified": "2019-07-17T13:57:55.000Z",
"first_observed": "2019-07-17T13:57:55Z",
"last_observed": "2019-07-17T13:57:55Z",
"number_observed": 1,
"object_refs": [
"file--5d2f2963-b3a8-45e4-9106-0732950d210f",
"artifact--5d2f2963-b3a8-45e4-9106-0732950d210f"
],
"labels": [
"misp:type=\"attachment\"",
"misp:category=\"External analysis\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--5d2f2963-b3a8-45e4-9106-0732950d210f",
"name": "D9_m9yWWkAM7omk.png",
"content_ref": "artifact--5d2f2963-b3a8-45e4-9106-0732950d210f"
},
{
"type": "artifact",
"spec_version": "2.1",
"id": "artifact--5d2f2963-b3a8-45e4-9106-0732950d210f",
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAABC4AAAA7CAYAAAC0e8udAAAd10lEQVR4Xu2dwYssyXGHc9YGCSzQHtSrNQikg0GP7rH1DgbvwTB9sA8+SYLXb3UwWLrOxRcf7NN0n+y/YOyDwToY5Df9sPdgsA8G9wODd2+7MN083Z5AhtW2DmvwQQuCcUZWZnVWVFZWZFVWT03P74NmpquiozIjMrMroqKqz9Rc3anNUgEAAAAAAABAHqZK3S2UWl0rtdzznd2YzZW61XrPtc4t3/nQIPvM6305qT6CR8VCz/cb/fdszfdYJnpsXyq10/uf7w6bl3rb1d5+zp8XVfm31PzwGQAAAAAAAMBjgAIEHRTM+PbMTCd8Sx0KXO6uDq+bKZeQwfUsBce+Lxba8NtdPTmx3RYB22LEbT8WFAjfzlUxVj2/LrjgkRhbe8bGQttlteFbPfZKUb5i+k51M60RW5fc1AJn4aTdW2rDNwEAAAAAAABOkjK4p2iLrmj2TBY0ogOQ1b4I9mIJEtqv1jpYWdnXutiWmnS4ubJXbZ0eHfw8uxygX5mY6f7tPrP2IRvYYHjhgrvE/p8qs4vCPs+tX2lM3dxjpmBs7RkN0yKBQ0k3P6ljEj0eq1eFDd12Wo9ozL+/8aWCoOICAAAAAACAx4K5sqlf5zbwOn9VbN+5K54ZWV5b/V6ChMd46zW7lWRn8hhJgTsF/xT8nNMHHfa92edtHgsp/XvsUJLAuXZNWZ1JcyLsGIytPWPiZlZNHqqLavJwuzlsp/XAJBvDFRYcVFwAAAAAAADwGKCrmxRErNaHQIECCbpqfHWZXuUgwQQqNoihY1JlBD8ObetTek/VC+tNIPixSRAqYR8bLlG029qEiy2RpzgYeFgfOlzgW/P1sRhbe0bGc5Y8XGl7LeaHxA49w4UqsF5eF+vC2lYa8TUhACouAAAAAAAAeAxQBQQlKULkfIhmkH1R5UFxzdX8sJmSFgsK2t1VWu9q9ilDlS90rz8FvFc2sXIzL0rt6a25kg/AA4OSiI3ofS8uqlVWrnrFXxMaQMUFAAAAAAAAjwUKiK8W1SugV7R9yKSFR+WWFHtf/Lrn5WpKAvhXdUuc/hEmAajPdK8/JW3Ws+KqMwV0ph/sqj4Ao2dfJOH4LVAmkWH3uVtq+G1p5r3dFwEVFwAAAAAAADwW6LYJCiLcMyduL6pX/XNBCRH+YEyTJJl4iQoX7LxzkDEVGIe3IijgX2u9t/4H7Xuzz9s8Gnb2wY6XyvzcoyubN7fybLgwACNnX78thBKHNN/L8Wzne6W6wsqEfmGHcabm6k5tlnw7AAAAAAAA4GShe8vnSp0PeH8+PRiTJy8okfDcq4CgZAYlTxx0ywplLqabg1xTMoPromd4UBDkGPz2lwxwG/kPfnzsGNvov/RLM2NgbO0ZI61zkBKKl9XqCj6PG+b7mVqqO7Vc8u0AAAAAAAAA0B8KZp7pwOR8w/cAAIAIPOMCAAAAAAAAMBATpZ7p18uhyjoAAI8BVFwAAAAAAAAAAABgtKDiAgAAAAAAAAAAAKMFvyoCAAAAAAAAAACA0YKKCwAAAAAAAAAAAIwWVFwAAAAAAAAAAAAgDv1U6d1V/WeOjwAqLgAAAAAAAAAAANDARKnbK6UWO6XOrpWaLvT7ORcaFFRcAAAAAAAAAAAAJ49NQCwn1fetFRR7pc5XSp2tD/+fb7jQoJypubpTm+Vhy/JSqSvdge2r5sY4mbVu+PMd36sKA2iZmXtPnbvWOn0ZFdezWIQN+FwbiezFKeUpC+QJ1PQ0tIXLrbTMcm/f6O13i8M+jt8mKp/xRXl7+XEc3N5crtIej5gNfZrsU9lnaToWEdPj2uLgfXfE2szb4gjJxvQ4uD7epq7+4sfkchUbTth8sHA7cx0Ov025ZHyafCrWw/u3r84xiZ5WmalgDkpklOBYqlnG93uTjERPqoyDy6bqaZLx158mmSF84dNnHDbJpPRrNtfj+ILtZGOZaNPD6dMvB5eV9J3ria51Cf7ix0tdx3LauUkmxe9ELhmCfw+2fbc7JMcq158j+suRo1+GSf/vCweXjfXbwfXwfvH9rXokvhDI7OaZ5gW3r4X7neC6QjK97WOJrj9KrsdRyndcV7lc13P+qJ7Afkeqv1r1qGaZXOctqeuqT2d/SXwhkbH/5xyHbfEy19UlLhgMe/yX7nj2/c4bKyG4/Rw8JhqQM7VUd2q5tG9dR7QTrqb1BdOdcKx0A58tGjpoB1DFkVrvjfbOc/teosc4XNWD4yD+AGCTgmMGmgp/UbqBWbavZQCZz00OusihpIAvELUFQcXbyD8Xao/EhiUR+0iOVRLRYwazt43bhpC0WWIfiR6Ct4lzNH9Zu/ntrMk4PUpwLNVfpiTiU5Geaft8l+iRyIQIjTMOl5Eca2wyRNt4lujJJROC2zlEo8yk3zjMIePmpD//3YlJ6jwt6dkvIoffJWtdCO4v/rku61hOO49NxvRj78lMi/WxFjiouB6JTIgh/EXk6leu7wsi17xoO2+R6AkR0sXxZaj8Ocu8mCScb7SMjVz2kaw/Ej0lto8z+p+NAYkefvxQ30Pw/kv0tLYnxV8qokeNT6akp79CcF+E4DJZx6HtU1O8zHXXfGo/3+b33LhjVNDHOtfteMHaE8PoCfT7CFSfcTHTo2qmO7DWrdhqoy4m3s6pbeQqbtCbBftSIvaHLyWpnhSW+piznczYy40yA2bqNkyKQUdfwG6cbjfF/89mTiiA+9zm4DQaoH4b3L5FeTABkvYk2rDRPpJjeTTq0Tr0LvXcKVG271a/k0lpcyNCPbRoxE5qiKP5K8B2WxxrOuF7jkujT4W0zvchcbbfRBZOicwDQDKe7xWJnSMyfcfhUCz1l/JKj+erOd8jo2+/cvm901rH/eXeJ651EvraeRRo+zzTLzp/KtkV/Vr0tI+IofyVsV+5vi+yzIup4LylK9wXIQQyueZF7XxDMjYy2qfT+hOh17oq6XsI7q+uegTU/PXA6eWvENwXIQIyOcdhNF7uODaO4Xdqx5m2w9l1cSxKkrj/HwjVZ1yQ87baqVvtjJd7ZmD6kmjrnF3oXsaEJHpS0Mc0GekN3xFm9g57T4NP/137E8r2YzYt9oVYzItBu8o1ES2i9qTYMGIf0bG87Y16yKZ706wDdgxNnb1T2hxDqIfGcqituUmy4diI+FSEZL4PiGQOSmQeAscaz12R2LlRpu84HBgzt+1YTyJDv+7T79xfQ691ne08Fux3YPmdZ6GTUDqnGprB/JWrXxm/L3LMC9F5S0e4L0JIZIgh5oVkbAxpn170XFclfQ/B/dVVz6Ojp79CcF+EkMj0IRYvj3VsUAUX/RKIeV02t8OXu53zvTIqx9Kv5YRLdMaruJgUWXX3pUIGTzWwSwokfZnFmFY7Hlq4XQY/dvXd5+qikF/b9yaztT8szlT+QqWMKy1DNpna7RUmRTbNDFq+z2dS2G8nbBvRqT0RYvZJOVZMj6GhbTM6xrGxCwRlQf3x0zoBj+ivxkVVMOZzybT6lIjoSZrvET0lEhnHRDAHYzIpx4oh0dNXJmU8x/SkkKInZmdHRKbvOEyih57KWibQ07tfQ/p90rLWBfyVtNaltscj1c4iJHoyyJAtZhcHH9HJ20Lb7P2NL6Va9SQzsL9y9Cvb98U047zgdrDUzlva9PgEfFFDIsPoMy/4+YZ4bAxhH2LSsP4I9PRdV8V995nU/ZWkJ9KeENxfJYl6Gjminr7+qhHwRQ2JDDHpOA4n8Xg5aWx4NPo9A+XtfqtqxQWHqtme7azMulj3/ed0SKBbcvixnl2m62ngUHFRlr1YB24/U8bAlfKXFoyzMkElNmWn9YvK5cgYS+8YNBhoQLVl8sgR5QDcB75sLeU9O6tDYiOEy6a1HZcmLA1eZ9MSNinoFXKotD1NSO1DxI7VpseVN/nljPQZ/4FOSQTs4/tdCt03608c1TIBU/wVak/MhoQ/Dqkdq3V14ZCM+VwybT4l2vRI53ubHqmMj2QONsmIj9Xid4meXDJE23iW6gn1q5MeS5OdfZpkcozDksz9cpjvQg+Jnpz9yuZ
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5d2f2979-7440-468f-9433-4003950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-17T13:58:17.000Z",
"modified": "2019-07-17T13:58:17.000Z",
"first_observed": "2019-07-17T13:58:17Z",
"last_observed": "2019-07-17T13:58:17Z",
"number_observed": 1,
"object_refs": [
"file--5d2f2979-7440-468f-9433-4003950d210f",
"artifact--5d2f2979-7440-468f-9433-4003950d210f"
],
"labels": [
"misp:type=\"attachment\"",
"misp:category=\"External analysis\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--5d2f2979-7440-468f-9433-4003950d210f",
"name": "D9_nE5vW4AALIhL.png",
"content_ref": "artifact--5d2f2979-7440-468f-9433-4003950d210f"
},
{
"type": "artifact",
"spec_version": "2.1",
"id": "artifact--5d2f2979-7440-468f-9433-4003950d210f",
"payload_bin": "iVBORw0KGgoAAAANSUhEUgAAAWoAAABMCAYAAABEWv18AAAI00lEQVR4Xu3di3niOBSGYWV7YIqA9BCKCLM9pAmgifQwYYogPQSKWIrI6ugShLDsY0yIjb/3WZ5ZQDHy7ccWtvRgzOrTAAB665/8BQBAvxDUANBzBDUA9BxBDQA9R1ADwLeZGPOxNObTPj7m+ZtqBDWAdhYLHzzxsZrkJUYuCedPu6z+XRvz8GrMPi+nR1AD0Fu9GPNm/32Q8JHHxpjlC2F9Zn9cPn8ksO0ymuZl9AhqAEo2aWzmmMdN8poNpMd3+7o9cpwlL4/elCNqAD9gYZN4Z9Nml72+sy/s7BH1gqPqo3hE/Xq+vC5AUAPQmdkg3v8X2qjtIx41Lg7+aHFKUH8XghqADkH8YwhqADr7Q/h3F9qp5fS+W9srdAhqADo7G9TTX77NdRkuYXib+/Zpebohsc98XcrIVR8AbmFjE3r2ZMPHBvJm5gNoY4+sF3P7uryW/8HIzObHUHZXwNhkfkvS+e/lvyoS1ACUbBiv7VH1mw2i/cZf1bAJYbTe5oVHxp5V/Hk6PpUvNXM4XvGxezdmFZqOLvBAf9QAWpHT+fRI8bcE9vHpaL3JFTDGh/LjNn+3E4IaAHqOpg8A6DmCGgB6jqAGgJ4jqAGg5whqAOg5ghoAeo6gBoCeI6gBmK/ho9IbWb6TjBTzMc9fRcFtg1pWjtwLX7cx1JXJx2qLD7kbqC25i6huGmefFe/fr1BXZ62m+kRNnxXfj48uO0O+DEp1+ipXKtBAU2fN8tGUEdr5atK0LrSuNZ1b67reoXaboI6dlZhtebQDTRknjpyQPNrevio7tPxR/Pvf++Ptn5F0NpN+hv3PfGRhra5zA019NJ8lO/zykNR74zvRuSQA5PPfjGI5T449qV1CU2fN8tGUieVU81VDsy40rjWdH9FxvaOVGwS1XZkf9vG4rumURFPmiqRvAtmRo83W7yiLmg1vtTVu4/wqcsU6N9ZH81m2bs+T0BlMFDrRkSGU2pAjJekhTUKzyWrhe05L66+mrHPj8jG6Mm3mq0izLjSuNZ0f0mm9o60bBLXsGK8NRwyaMj9s9it74ZZ11nzWIQyHlNVTRuWQfoTbkHBT9YZmyy0nzWXjqf3ZSNVXrLOGer5MTZ016yLx7dMJ8uacquYITRmRNkV9zPN3jXq9nzRFvZSbDsVZF6GBps6aMgN3g6C+tunpSrnKOpn4jSOOYFFl+WRcr1hdDsbUFPWpsn73zQZx55IdTsaz+3eblmow9ctUOoNPl3PVDvu28MukyxHhRXXWLJ+8TIv5GhoJOWkqkrOKtAmpbRkhofcsXyLhfVk3+ZdD43oP++j0/fSzSmesUrePp9DcmHx5aeqsKXMHhhXUZ+3GB/+tnW9IbcmGJ0d3m2zDS7+pG8Pjikr1abLb+g3dPPk6u7bfFkdtqbdZsqzDNNN2Y9lBpJpNR1Vi9eqnU7VjX1JnzfIplWmar6iuzm3cYjpuLMODPzsp0ZQRJ1107v2BSTpWoma9r+bG/e3XdIT97FXFh6chnTejaOqsKXMHhhXUudXG79DPs/wdvfiD0zpMK5V+MTzaLUEuX+r6pdCkrj5N3OmjPSL9G3Zq6dRdwu+SOv+WPTSyO8Lazr8byUOeT3wn6bJ80mKXaFtnzfKpK1M7XwPl2uMnfvvMmw4iTRkho4wXKde7hOfJ7w4F7kyqENJCU2dNmTsw7KDu+k3qTrPtv+vX6iOVlBz5ycbZ5UuhSZv6nEl2ovi3sUP35TwtqDMrBKVwwXbwIddJyzprlk9Tmbr5GqyD/1HSnYmUQktTpoFqvU9cy4eKHL1LQMuZa+UXs6bOmjLDN/CgnvqdsvYooEA2DvlBJA2Jn9S5PhO/cebttu55eE/l4I9C09Nd4QIuvOfaGuNOER6u+WAanstK0WhRZ83yqS2jmK/BO5yGVuXlc5oyBar1fvAHT9orjWRdSRPmMnzBVtLUWVNmuIYd1K4dcl992hR/ca5qf5QdWl4vnXJVcZd2mfq2uTrXrs+ZEDYnR6JTH1y7/XkQFetzqGgOCNOJ837yw014uHrvw/NN/EOveMWCss6a5dNYRjFfqWKdW/qR6UyqvwBPaMpktOtdfiCWZXuybdnPW+XbWiDt7/KnVde9n9DUWVNmeB7MLYbiKq4AuzAf5RvQ6Mq4myOSDbW4U9oy8eaUszLJe1XiqfdZfWRjDBtidFYmSursfEd9ovSzKqZ19nmirj5BvqxLTQmRC0pzvoxEnFblNJrqXPF+yi0fTZnw/9r5qquzal0Et5hOPk8iL9dYJixDGbQ23R6kjrLwqrYRUVzv0+zMKpsnqY9cXfK4DS8k6zCur8Y6G12ZO3CboAYAXGzYTR8AMAIENQD0HEENAD1HUANAzxHUANBzBPWtFK9bBoB6BPW3k+tD5XrZvXF3TU0X5i56bANwM1xHXfJ1Ib0EbH4xfyaWLd08AgAdENRN3N1jFXeKOfFuKgnzrf9/857cbWXKd58R6gCUCOpbcf3uTguBDwBltFEDQM8R1F3FXs1Oun28QD6dVdbRDIDRIqi7kJ7DpJuvr24fN/61tiEr7dhuCKo4nVdjnl8uD30Ad4Wg7uKsg/q9754x75y+juvnWn6sTK8sCc9jH9gARo2g7ireyBIfbYNVRhhx477lb4TQL43cDGA0COou3KV3cmlebLJIOqgHgCshqC829UfPmtGW6+wOpnoU7Dh9rrUGxo6gvtjBN1dMfx1fKt3cUkfaud1QUukfhufuveRlAKPEDS9duJtYno7PZaw2Serp9njXYSm88zsT87Hf7nDcNwCXIagBoOdo+gCAniOoAaDnCGoA6DmCGgB6jqAGgJ4jqAGMw4DHLSWoAdw5uYEsdvfwOshxS7mOGsDw3fm4pQQ1gAGTo+X7H7eUoAYwDgMet5Q2agDoOYIawLDl441eelVHPp22Q+p9I4IawHCNZNxSghrAcI1k3FKCGkBPheuf0+aIT7nCIys2gnFLCWoAPSVHtcl4pLFJIg3UkYxbSlADGKjxjFtKUAMYqMNoxi39H97k1TSChrNmAAAAAElFTkSuQmCC"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5d1619e6-1cb0-4052-ad83-9e52950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-16T11:41:31.000Z",
"modified": "2019-07-16T11:41:31.000Z",
"labels": [
"misp:name=\"microblog\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "post",
"value": "Very nasty Linux backdoor with multiple components (link: https://www.virustotal.com/gui/file/c69ee0f12a900adc654d93aef9ad23ea56bdfae8513e534e1a11dca6666d10aa/detection) virustotal.com/gui/file/c69ee\u2026\r\n\r\n- Kills & uninstalls AV: clamav, avast, avg, drweb, esets\r\n- Very persistent\r\n- Uses Gates malware\r\n- Uses Brootkit\r\n- Uses CVE-2016-5195 to get root\r\n- Infects other systems from known_hosts, .bash_history",
"category": "Other",
"uuid": "5d1619e6-11e4-4450-a888-9e52950d210f"
},
{
"type": "url",
"object_relation": "url",
"value": "https://mobile.twitter.com/michalmalik/status/1143879771878830080",
"category": "Network activity",
"to_ids": true,
"uuid": "5d1619ea-afb0-498f-88ce-9e52950d210f"
},
{
"type": "text",
"object_relation": "username",
"value": "michalmalik",
"category": "Other",
"uuid": "5d1619ec-4c38-40ac-8690-9e52950d210f"
},
{
"type": "datetime",
"object_relation": "creation-date",
"value": "Jun 26, 2019 3:52 PM",
"category": "Other",
"uuid": "5d1619ee-2ac8-46e6-bb0f-9e52950d210f"
},
{
"type": "url",
"object_relation": "link",
"value": "https://www.virustotal.com/gui/file/c69ee0f12a900adc654d93aef9ad23ea56bdfae8513e534e1a11dca6666d10aa/detection",
"category": "Network activity",
"to_ids": true,
"uuid": "5d161ff9-fdb8-40fe-a9ec-49f1950d210f"
},
{
"type": "url",
"object_relation": "link",
"value": "https://t.co/RmWa9pD5G4?amp=1",
"category": "Network activity",
"to_ids": true,
"uuid": "5d161ff9-58c4-46ea-af6d-4646950d210f"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "microblog"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d162587-51e8-4414-8863-4192950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-06-28T14:34:47.000Z",
"modified": "2019-06-28T14:34:47.000Z",
"pattern": "[file:hashes.MD5 = '1db902385b4480a76e4527605eb9f825' AND file:hashes.SHA1 = '5056b7dc21749daae9177cf7f8a02a44947a3115' AND file:hashes.SHA256 = 'c69ee0f12a900adc654d93aef9ad23ea56bdfae8513e534e1a11dca6666d10aa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-06-28T14:34:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5d2dba27-3ecc-4f52-aff4-f71a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-16T12:00:23.000Z",
"modified": "2019-07-16T12:00:23.000Z",
"labels": [
"misp:name=\"microblog\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "post",
"value": "Michal Mal\u00edk\r\n@michalmalik\r\n- It periodically tries to detect a running miner and kill it (it can also kill itself & Gates malware - to update)\r\n- Brootkit is \"installed\" to /etc/profile.d/emacs.sh - this confirms that EMACS is indeed a rootkit\r\n- The remote host is auth.to0ls[.]com",
"category": "Other",
"uuid": "5d2dba28-2058-4824-9e68-f71a950d210f"
},
{
"type": "text",
"object_relation": "type",
"value": "Twitter",
"category": "Other",
"uuid": "5d2dba31-56f0-4fa4-b51d-f71a950d210f"
},
{
"type": "url",
"object_relation": "url",
"value": "https://mobile.twitter.com/michalmalik/status/1143883668034871296",
"category": "Network activity",
"to_ids": true,
"uuid": "5d2dba3d-2468-4d69-b7af-f71a950d210f"
},
{
"type": "text",
"object_relation": "username",
"value": "michalmalik",
"category": "Other",
"uuid": "5d2dba49-c4a4-47b7-b660-f71a950d210f"
},
{
"type": "datetime",
"object_relation": "creation-date",
"value": "Jun 26, 2019 4:08 PM",
"category": "Other",
"uuid": "5d2dba55-8fb4-41ca-9234-f71a950d210f"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "microblog"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d2dce6e-3030-447f-b917-4f82950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-16T13:17:34.000Z",
"modified": "2019-07-16T13:17:34.000Z",
"pattern": "[(network-traffic:dst_ref.type = 'domain-name' AND network-traffic:dst_ref.value = 'vpn.to0ls.com') AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-16T13:17:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "network"
}
],
"labels": [
"misp:name=\"ip-port\"",
"misp:meta-category=\"network\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d2dceaa-69ac-4ae6-b87a-4f7e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-16T13:18:34.000Z",
"modified": "2019-07-16T13:18:34.000Z",
"pattern": "[(network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '115.231.218.64') AND network-traffic:dst_port = '8226']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-16T13:18:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "network"
}
],
"labels": [
"misp:name=\"ip-port\"",
"misp:meta-category=\"network\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d2f24d8-bf18-4298-8ef2-49c8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-17T13:38:32.000Z",
"modified": "2019-07-17T13:38:32.000Z",
"pattern": "[file:hashes.SHA1 = '2a9bf4ee7d437ae0bc67d2da1e711aaa0d1aa302']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-17T13:38:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5d2f295b-c798-45fd-8434-4942950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-17T13:59:42.000Z",
"modified": "2019-07-17T13:59:42.000Z",
"labels": [
"misp:name=\"microblog\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "post",
"value": "Artefacts from one of the Gates files (syn, 2a9bf4ee7d437ae0bc67d2da1e711aaa0d1aa302)\r\n- vpn.to0ls[.]com:443\r\n- 115.231.218[.]64:8226",
"category": "Other",
"uuid": "5d2f295b-51dc-4be8-bd90-49ae950d210f"
},
{
"type": "text",
"object_relation": "type",
"value": "Twitter",
"category": "Other",
"uuid": "5d2f295b-797c-4c7a-bb36-4a4e950d210f"
},
{
"type": "url",
"object_relation": "url",
"value": "https://mobile.twitter.com/michalmalik/status/1143887109599748097",
"category": "Network activity",
"to_ids": true,
"uuid": "5d2f295b-2b24-4772-a6b1-471c950d210f"
},
{
"type": "text",
"object_relation": "username",
"value": "michalmalik",
"category": "Other",
"uuid": "5d2f295b-2454-41db-a8fe-4d10950d210f"
},
{
"type": "datetime",
"object_relation": "creation-date",
"value": "Jun 26, 2019 4:21 PM",
"category": "Other",
"uuid": "5d2f295b-e34c-4fa9-a086-4160950d210f"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "microblog"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeds] updated
2024-08-07 08:13:15 +00:00
"id": "relationship--193a4001-b630-4674-9731-471719d2fdaa",
chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
"created": "2019-06-28T14:30:46.000Z",
"modified": "2019-06-28T14:30:46.000Z",
"relationship_type": "contains",
"source_ref": "x-misp-object--5d1619e6-1cb0-4052-ad83-9e52950d210f",
"target_ref": "observed-data--5d162440-dd38-482b-9b3f-4526950d210f"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeds] updated
2024-08-07 08:13:15 +00:00
"id": "relationship--757a37cb-ba63-48e3-b04d-815d6f39d172",
chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
"created": "2019-06-28T14:31:23.000Z",
"modified": "2019-06-28T14:31:23.000Z",
"relationship_type": "contains",
"source_ref": "x-misp-object--5d1619e6-1cb0-4052-ad83-9e52950d210f",
"target_ref": "observed-data--5d162462-55a0-4486-9309-4dd1950d210f"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeds] updated
2024-08-07 08:13:15 +00:00
"id": "relationship--cc675dc7-dab2-4d8b-bdfd-71f0b3d845c3",
chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
"created": "2019-06-28T14:32:00.000Z",
"modified": "2019-06-28T14:32:00.000Z",
"relationship_type": "contains",
"source_ref": "x-misp-object--5d1619e6-1cb0-4052-ad83-9e52950d210f",
"target_ref": "observed-data--5d16244a-c204-489c-af1b-9e7b950d210f"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeds] updated
2024-08-07 08:13:15 +00:00
"id": "relationship--594cab65-8213-4d9d-9837-a2b96dcd5aa6",
chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
"created": "2019-06-28T14:32:23.000Z",
"modified": "2019-06-28T14:32:23.000Z",
"relationship_type": "contains",
"source_ref": "x-misp-object--5d1619e6-1cb0-4052-ad83-9e52950d210f",
"target_ref": "observed-data--5d162456-1928-4d99-bdbd-4d1f950d210f"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeds] updated
2024-08-07 08:13:15 +00:00
"id": "relationship--e18a504d-6e8d-4f50-8da0-6a7adb18d48c",
chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
"created": "2019-07-16T11:59:02.000Z",
"modified": "2019-07-16T11:59:02.000Z",
"relationship_type": "contains",
"source_ref": "x-misp-object--5d2dba27-3ecc-4f52-aff4-f71a950d210f",
"target_ref": "observed-data--5d2dbb91-1700-4767-9fbc-6552950d210f"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeds] updated
2024-08-07 08:13:15 +00:00
"id": "relationship--68ce45c4-f8cd-4e0a-b523-37e9244f30c8",
chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
"created": "2019-07-16T11:59:50.000Z",
"modified": "2019-07-16T11:59:50.000Z",
"relationship_type": "contains",
"source_ref": "x-misp-object--5d2dba27-3ecc-4f52-aff4-f71a950d210f",
"target_ref": "observed-data--5d2dbbaf-1984-477b-b19b-48a7950d210f"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeds] updated
2024-08-07 08:13:15 +00:00
"id": "relationship--aeedac96-62ee-4e9d-811e-e243bdc243de",
chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
"created": "2019-07-16T12:00:23.000Z",
"modified": "2019-07-16T12:00:23.000Z",
"relationship_type": "contains",
"source_ref": "x-misp-object--5d2dba27-3ecc-4f52-aff4-f71a950d210f",
"target_ref": "observed-data--5d2dbbca-5730-47f3-a275-49d6950d210f"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeds] updated
2024-08-07 08:13:15 +00:00
"id": "relationship--db10dd0f-670c-41c3-bf08-d20c14b46d5f",
chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
"created": "2019-07-17T13:58:51.000Z",
"modified": "2019-07-17T13:58:51.000Z",
"relationship_type": "contains",
"source_ref": "x-misp-object--5d2f295b-c798-45fd-8434-4942950d210f",
"target_ref": "observed-data--5d2f2963-b3a8-45e4-9106-0732950d210f"
},
{
"type": "relationship",
"spec_version": "2.1",
chg: [feeds] updated
2024-08-07 08:13:15 +00:00
"id": "relationship--fe2a91ac-6d6b-45d9-a86e-2efe7216cb9c",
chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
"created": "2019-07-17T13:59:42.000Z",
"modified": "2019-07-17T13:59:42.000Z",
"relationship_type": "contains",
"source_ref": "x-misp-object--5d2f295b-c798-45fd-8434-4942950d210f",
"target_ref": "observed-data--5d2f2979-7440-468f-9433-4003950d210f"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue Copy permalink