misp-circl-feed/feeds/circl/stix-2.1/5e263cf3-b1f8-4393-ad21-42a3950d210f.json

{
    "type": "bundle",
    "id": "bundle--5e263cf3-b1f8-4393-ad21-42a3950d210f",
    "objects": [
        {
            "type": "identity",
            "spec_version": "2.1",
            "id": "identity--5e16d2bc-5c68-4ef1-bc80-47f5950d210f",
            "created": "2020-01-31T07:36:44.000Z",
            "modified": "2020-01-31T07:36:44.000Z",
            "name": "wilbursecurity.com",
            "identity_class": "organization"
        },
        {
            "type": "report",
            "spec_version": "2.1",
            "id": "report--5e263cf3-b1f8-4393-ad21-42a3950d210f",
            "created_by_ref": "identity--5e16d2bc-5c68-4ef1-bc80-47f5950d210f",
            "created": "2020-01-31T07:36:44.000Z",
            "modified": "2020-01-31T07:36:44.000Z",
            "name": "XMRig and OPSEC Fail",
            "published": "2020-01-31T07:37:29Z",
            "object_refs": [
                "indicator--5e263d86-9a94-4774-a2a8-e44d950d210f",
                "indicator--5e263d86-e684-4c9b-8423-e44d950d210f",
                "indicator--5e263d86-2834-4ae7-8a02-e44d950d210f",
                "indicator--5e263d86-9ad4-4ef9-bd3e-e44d950d210f",
                "observed-data--5e263e8f-d970-4643-9162-42e9950d210f",
                "url--5e263e8f-d970-4643-9162-42e9950d210f",
                "indicator--5e263e7a-6a24-47ca-b012-44ea950d210f",
                "indicator--5e263efa-11e4-4f2b-911d-4ea6950d210f",
                "indicator--5e263f54-c52c-4000-92c7-4270950d210f"
            ],
            "labels": [
                "Threat-Report",
                "misp:tool=\"MISP-STIX-Converter\"",
                "dnc:malware-type=\"CoinMiner\""
            ],
            "object_marking_refs": [
                "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--5e263d86-9a94-4774-a2a8-e44d950d210f",
            "created_by_ref": "identity--5e16d2bc-5c68-4ef1-bc80-47f5950d210f",
            "created": "2020-01-20T23:53:42.000Z",
            "modified": "2020-01-20T23:53:42.000Z",
            "pattern": "[network-traffic:src_ref.type = 'ipv4-addr' AND network-traffic:src_ref.value = '178.131.149.179']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2020-01-20T23:53:42Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"ip-src\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--5e263d86-e684-4c9b-8423-e44d950d210f",
            "created_by_ref": "identity--5e16d2bc-5c68-4ef1-bc80-47f5950d210f",
            "created": "2020-01-20T23:53:42.000Z",
            "modified": "2020-01-20T23:53:42.000Z",
            "description": "mimikatz",
            "pattern": "[file:hashes.MD5 = '53a0a94fcd38c422caf334b44638c03d']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2020-01-20T23:53:42Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--5e263d86-2834-4ae7-8a02-e44d950d210f",
            "created_by_ref": "identity--5e16d2bc-5c68-4ef1-bc80-47f5950d210f",
            "created": "2020-01-20T23:53:42.000Z",
            "modified": "2020-01-20T23:53:42.000Z",
            "description": "mimikatz",
            "pattern": "[file:hashes.SHA1 = 'edfc0f18255a9a1974e9a720861d5e99d169bd9f']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2020-01-20T23:53:42Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--5e263d86-9ad4-4ef9-bd3e-e44d950d210f",
            "created_by_ref": "identity--5e16d2bc-5c68-4ef1-bc80-47f5950d210f",
            "created": "2020-01-20T23:53:42.000Z",
            "modified": "2020-01-20T23:53:42.000Z",
            "description": "mimikatz",
            "pattern": "[file:hashes.SHA256 = '4585b220fd13925aff301e9ac234ea6edbd25848d437d2a107bc0173e6f9a0b9']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2020-01-20T23:53:42Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha256\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--5e263e8f-d970-4643-9162-42e9950d210f",
            "created_by_ref": "identity--5e16d2bc-5c68-4ef1-bc80-47f5950d210f",
            "created": "2020-01-20T23:58:07.000Z",
            "modified": "2020-01-20T23:58:07.000Z",
            "first_observed": "2020-01-20T23:58:07Z",
            "last_observed": "2020-01-20T23:58:07Z",
            "number_observed": 1,
            "object_refs": [
                "url--5e263e8f-d970-4643-9162-42e9950d210f"
            ],
            "labels": [
                "misp:type=\"link\"",
                "misp:category=\"External analysis\""
            ]
        },
        {
            "type": "url",
            "spec_version": "2.1",
            "id": "url--5e263e8f-d970-4643-9162-42e9950d210f",
            "value": "https://www.wilbursecurity.com/2020/01/xmrig-and-opsec-fail/"
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--5e263e7a-6a24-47ca-b012-44ea950d210f",
            "created_by_ref": "identity--5e16d2bc-5c68-4ef1-bc80-47f5950d210f",
            "created": "2020-01-20T23:57:46.000Z",
            "modified": "2020-01-20T23:57:46.000Z",
            "pattern": "[windows-registry-key:key = 'HKCR\\\\exefile\\\\shell\\\\open\\\\command' AND windows-registry-key:values[0].data = '\\\\%WINDIR\\\\%\\\\svchost.com \"\\\\%\\\\%1\" \\\\%\\\\%*' AND windows-registry-key:values[0].name = '(Default)']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2020-01-20T23:57:46Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "file"
                }
            ],
            "labels": [
                "misp:name=\"registry-key\"",
                "misp:meta-category=\"file\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--5e263efa-11e4-4f2b-911d-4ea6950d210f",
            "created_by_ref": "identity--5e16d2bc-5c68-4ef1-bc80-47f5950d210f",
            "created": "2020-01-20T23:59:54.000Z",
            "modified": "2020-01-20T23:59:54.000Z",
            "description": "Netshta",
            "pattern": "[file:hashes.MD5 = '8307778ea1683bbb00eecb6f761314e2' AND file:hashes.SHA1 = '108fca5ebe2d0d5adeba289ca83ded2d04b331de' AND file:hashes.SHA256 = '04fe59457894f9154e79eed78f3eefb076e6c6c06a21c25e831cd383b915d5e0' AND file:name = 'svchost.com' AND file:size = '41472' AND (file:content_ref.payload_bin = 'UEsDBBQACQAIAHu/NFBLJFOGOVkAAACiAAAgABwAODMwNzc3OGVhMTY4M2JiYjAwZWVjYjZmNzYxMzE0ZTJVVAkAA/o+Jl76PiZedXgLAAEEIQAAAAQhAAAA2vNE0c/9NeDqARzntwuR1RcXfd0BtP/YjMyBz89YBJ/OwXtQz9oQ5ZqMK6icVZ/WmfKsFIUQVvtFsmp+l1UzdDe/aGSNEHW8zxhcPS4MKjS+ue/sQrzx802fPzE5pKV38KqOTox39kGCkgBOFTMGjqr9t1WbzXY7umFR1IkQ/5Dvz1J//neKjSTem0wNoCl41ksuq3O/ovDoq/KOD4/hAJ8SsNae9eDYI4nyIPlaaS9Vkx8EyRWwt44BwkLiYa4nhnyOudLi66uCQmzP3eV/P7I0Jrh530dIsigO8KekgBBISpqzGL2SahQNa7nPtFQ+b3kDW4vcoPXMaPy0P7M5IXdnqkYU4sM+70ijWJAPMngvNL2KIz7KpgzarF2jJFzueBfb3VUFmYx9hUBZjN9T8F+diZD5qyiovTtHtXnbHVAPowTqdHvIO/WveNLgQi6AukPXx6ZKwSUFu4lDtuq+cXG7UUFzq3f489BqrO5HUXxvSdeLnQdEvOvpwNk0KCFXllF7wem/55RIFIBsKOECS1rAhib+vopXJNfq19EoKtal7nKUhueW7Jmj9PFpXZoB8ceI26SqWDTedbAEyi4uiv14s9oe7I6kG06n06vWu7HD2MAqf8hdnp3t7mmoaZTxQ9jl7nYpdSWulsDbg8n3EQW098DCRrKSFz/USNTWZ6CsdGD+21/JOoJysEnKiiNk89uwskjDjnZHvj+4uqr8I7FdZtWPd/CtVGC5Xsbt5IUf8cywbEqiAgS0606NYMuZcSRU56sLPWzW2uPoeUBVWwXgNM3BJlXwRB9ZdixRMp8VqFvvyGYnq7onL3jiepcsARiSGydQVTZk5N/7z3Bqiju7gMsWEnylraA3VvzKzFF5YEZT9YgqZwtZZEBPlqKmkxMuhQLrJw18LCLuKCuqpOts2czxGp+ZAb0Grn+edRIOEuY+vfrqM8knI9vf+hNI4rRYMyPtjL56cLCSck4g17d2GJ0a+AM8mD8r7jAMM9e3dIHBcWBdmk7WVLSCNuF9Mm5Spzs+f56YPuHOuLJXmzSImqkErBfA1DtkkZhBh+35lHsuwLaHexJP2LMNyPeDIYuxods+X7Aq4gLMU7h6Aiva8vHeWZI+0YtZ6/1lHkjpGQ6e80P0b3aFLQdFXjt/OKiUywcoqDRSj8rHCb+1AZEJTw3+7scnnFaCfo/nEnUQxBdXvyM7bgZHK8fxyty2S+a/IA+hu/IsMLU5k3H9seRPf2CdJhYJ4BB6aFcEE0QiaDrc+PryjMoLzdb8s35SDmt0LBrbJApuUrLpXdlc5HIfHDkTdJBO+yPsVb5kgM29SrlAuyJrqR6taAQLZQ5pcg94ECQnYa2bgSTlwgtSlE49pltlINV0RasZgJRGQk+Y/fXt2lOKp2XfLkgw5nIeYdouQHq+LBl4fDTMi7Or3YLRM+PMoscnc4w7GZsmkFr2i29+nhx7rv/KuelMfqiITgk8jey2d5DH9/T5+lxJZjibTUp0UNEPUQkI+yuULQ+WSMI78QsMhNjRm4QeEV5WeCS+Qmv0I9pA3p7CGmtvJ+JL804TR/AJXY3cU5Nof0XrxHQA1H135nrvC8YrrSZHKZLYrxhIEUv1At8bPCKnG2yXLAFaUhbxfsfIrUNcefoXZk0vaqGz5WMbMtmGLBJ4VJLViATlWcR5izWtwjE9moVmODahySPuHm3EPfA1I1M7691e607vLuWf3JWDf9P0jSuiZJ/wc2f8ryKd/pHOBrOqkXtF5aQrLzzCkqb9/0iznZe/mQdgP1C9UOu3UPX69vqrfy1MNbqjdP5ECUH21flp3NSJY+1uomVozeRdTQ/qiY20hc5AkOuwvrO9VvSPJ9oxnocpPCHVM07kEzjmTNp5iIWvzeZS3QjsRNqtpDBG7ITAxtO0EwSiFGKjiqQPuldidIQIMyw4lesn99dnZ5vNHnaPV1p5O0mGE3ecspG1ketjZvTnQQjHu/qyJgZsEryGYFbiWyfPWyIDaPfNpGRpPPtx9dC+39A1VwCf1PZ050OHU2XYtN/SY/pnbMQ0t2vSNxF8cpbPNmapmikATxV/vgABEX8mpYmx71MdMYxDP7bMFn4FpKJWa8JX0ElLM7RZT/SQbIzho0A2Oz6dpy7eRDauu0MYe2zdoo8yGCcFrIyLaxsG6rtS2UgLhpxa59m1DEPckVbxiX5IRPH2mYkBUoyyzH7/eeya9VJJ1SP2EpX1kOCjObewDfMqe7cCbCRmA13qjY/pIEN+8M61byVaS7eZ5R56KmgZTh0SX+duw+xrpm5NrqHrnUvDHtY75Ap5cLSRyZU6HHC5hZGvAL2depz/Nh6UyjUgNcmhbr3NN4Jx4afmoMxSHrrssKz9x0kPILXNE5nvbFP4hOHJpm8fe1ZtbvQB99LNXTXXbUB5Thwpcka9TRnxm0Gnn7Nrm7z/ptUWWzyh1Lo6+L00A8g4F4U7sJOrkCmd3D6shovHXZvUMelmniGy/rOJrDjCYs1NoxuIbcPXAkL/9/rsVD/RxR9IGcM1E2WGHdHgxvKPERwePE6TnzLQdY3V+FzPXfx+HRZP1FT4c7No9Aye75s13/IwPIyi3YTCfnQeuiDbdYXvzBQadaep4kmZMWYxG8HAkb7JwE8MPzHSVD20Fr3ZFYsLqyt1Q1kfPm75nmf2Uhz9B9YsVRnrFNi5rrMlojfXXZqBhfhbSyiZxa2PPgkR8plZA3YjKIRKLUvI52OT84eEvAyvjAZ9cvFnWg2nl5u6/fHg/gIQwyOO2jvMptXUkWIWjRfDIcDKwa4kBmjqlAJS14CP9tWwC0v4/LCh89wvuwZb23yJT9A4M2Fb1GApGq03HTQFP0zr0oN4LDa7Hc5hPQ9W6LIAKimCiu2O6rHnJt8YE3GdmU6dpjIaepuZHuCcXB6QNznTvTv0Z/3g+76cHsJuaOuxoZ5d+jD6dpVZYnNSQ7vMGfX1QCLLY9JgqQun+lc+xUrKf/p70tOku8dLbGwPXgToxG+Jjnr0q9szYQYpgD7yo/tulIzopQKuqxET07LvaZUBIuyFQhjWUv9k9DZ6MGVxq1cSSCqHS/bGfrjicA5X0sTrkChm5qpdW9rZ/x3nlV/s+W5SLnk6O0sCSLb9EpnteS3josAt64P0l6KfOJHj80P52oIMXQJLLpe4Za24Q+G4AUkgFy3hfYT9RQk3KALBsIwAkxU8lqjzlkZieylubqpJWF4TTv9yyMYY++7+P8swJpr8wL26FZhHVL0QQLArGcfj+vMTEcfOUB3DK1ZEI0eZiteGmgap/wgwnShmNEGOjhnxfqxzDAayLU+tCnbmhuWCpiXkuMhx+gk82gX47LLHOVuCh4x/QYI9/Rw5OjjOLq6ue3lk/PVnn1JDkYgnd6DEllm+oPUev7yglEyC3HjKmhSk8NAEY+tDj0iTMi6JfLMowGboM62ZHZvYlf6lj8hy0ocr1Ge4LDPpQPHhOIEhe29I2MemMGcluI+lAo9FJR661LztDPLMKRRBaYVxJey2utdWwxbdUO7K6eDKDKQyjFS+mBbhAJNfamZmq4Hwaz3GBNQx8cSMQ9joYjSWbnHWtc+szCejCd70AbC18uI7RBVuWKbFA+QM8JzVT/fHDE81Y01RlGESD/CxFqA/CVWYFevV
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2020-01-20T23:59:54Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "file"
                }
            ],
            "labels": [
                "misp:name=\"file\"",
                "misp:meta-category=\"file\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--5e263f54-c52c-4000-92c7-4270950d210f",
            "created_by_ref": "identity--5e16d2bc-5c68-4ef1-bc80-47f5950d210f",
            "created": "2020-01-21T00:01:24.000Z",
            "modified": "2020-01-21T00:01:24.000Z",
            "description": "XMRig",
            "pattern": "[file:hashes.MD5 = '109a4ed5ee00374f64644344011b5157' AND file:hashes.SHA1 = '9998376fb8d72284fe7337ce31589fdc0cf6f38b' AND file:hashes.SHA256 = 'b4c7a760698a1f4abe9265caddc621feeb4515bbc9faa314ef2e5c0d1e1c504b' AND file:name = 'xmrig.exe' AND file:size = '4552704' AND (file:content_ref.payload_bin = 'UEsDBBQACQAIACwANVDBQKYNTb4dAAB4RQAgABwAMTA5YTRlZDVlZTAwMzc0ZjY0NjQ0MzQ0MDExYjUxNTdVVAkAA1Q/Jl5UPyZedXgLAAEEIQAAAAQhAAAAZfy1/Al7Fi+KUVHqy5CfHq4cjizVXTUptnAImXzdYpaYBOyK71BEBzW8ryRPv4df6njFNGUJf4rt+vdzW/HyRFwUmwgIbNIMJ+tTQpmZfBN3tF9h0rE1goeqVweXToCc1DN3pQ1Vh2FgINIOTKgHHjWqICka0CK8TCmFd93zru5cYQ0eievvH5CBScbM9YHurhUCSsdgVJMByWrZxr0cAZZRWBD8PNK1Ylih+SXThppgmsyZlSG7tkQTD/Z4riekh+yix76RBM3s5YkJ9TEu8l4eT1vIn60DgpoG2u3t/AtHPijykeAPiIF8q8chEmIEqmkqbyqeo2r3BYHCMNbJIO0tSUWdUvQndkY7fYqhaq3da2d2jR7euuIhsDs8aRD6jjrEXe9j5OFO7+d42WrssY6eEpAZnPX/mX4emc2S2KFH78O6m7yUkb6poL9AqKSJ9HAWmt/frfMnZlPjQNJt66HE6mN1s98B4WbQkLKIzAXQ3pMcPxlX/l1ra9ySfiDSeg2vSgn4J+NtWi5zIp4N841wgkfXWDf9ZdL/vtHbhk6mOVAQKONl7twC+U2aFMS63DBd/Ml2PaeaJTCgM9itukZfgaQaRLcQdt7C4iRbmm1bUCi8q5ZuNPCo50t47H0wG7TpWegMzrpSGoPsJzKzuh4erPDZqEzOpMgVHFsWIh46iUwD0SdvdrK+b8JWyye/cnA/HZLt+emhFhiLE050Y3FGitdQt8woJXPH181L1t7oUA202JlO9w12upy+l8mu7j0BnMYZX2QLgN77CtIDcaJx4tZLsVnLdoysmo3YZrCQWa5fpniiukISFPzBX/pvpYA4l0AQB7h+5ooxJRbI4VcPwSIw7yPoVtZ3SUoOYlmSv6aV4nTKlz01lNTl0PP+WcePEWI5xHA4a8t5Fmk+AJYB9vrKYdbKnTh4ZvAu4CXs7SeJ24Pa6VRIcHDXmkN94Kom4FisDKrpopn0F8Xazw7AwULqcK3bHMz8y6CCV8nXU6pTvFD8wMDjiinOQGcPmiVpSpd9OfnhHPCWnh/ehkn7CTx3iafdslknX+yktzkl5nT8xoD/TSPFbLq/g+l/S8A/sMZGNSZBu+UAbwjN1tG6a3zk7gknuDNQSly8YbIwSg5EVSvXcFSbdP/A/gCsCPPZjOIjIoRqTFmnpgyQjWcirmOT+2C2oQ49RfXaAQJC7X5sHGjIlMBhD3ROaxlwFVfAeVCZEUiI880nL9fCdey4KGsBEuvvsTHnxpjzkPRlFqkiDdjwMr0u/7HQzDa/dXrcKRqlxOYDP9zmV9SmEo78mwuZlHszwI176gwFQUpaXZefPBUmF5nO4usvGdi19C1YsX92QRCIeVJPoeJC04/dPVGqnbShfcS2AxjUKpvQZY5OHGZ+ZrI9kk85S1PO5QXqmItYyQ+6GpmPjliPorKHqn+/TnmjXxZd62BU/SuUOrvwoVosEgsxZBY+BULemN0Pn1HIJT+7FzTIKVwZ7eKW3CVwsOLjQY0f7QaJVlTyJFVIQvRfNAGxpMXlYdfVrhpSi2B0sQ4lzRypXEfq18YsfAVU1TrKYH8Za9CbVTVaHwRjiLMJSt9l9wsibu12spvukZDS4dHph/NqcOpdvl6BYnAVdjsvlv5sR8jcIGLGj8KASxSJvxZO23v5AZjt/zpNxh+R2Id6juX1CVOj2HbrpTx3iAOEr9aHuh7AcXWUZjc1J1jH4jDR2kd8rYjIIR1/KRISPnzonKcywl6DBAMRsY5DdHaI9NdcSpdvvPIGdCQOBnugSGO28Fhe3VZnpnmwD7ukQw6OlLY2iKf16UVkWLtXZNUAqA+YQEd4RtIFFv6wvKrMs2tciuBXd/TlKLuUo5jBW3gALfgdBZHkNPh7bqLSjkCqetdYZEnom/SrXo3dNyML1nAOixrLQ0/1NUbR7QY1UYM6WuG2ST2e5sZbcQTAJJ9ct6gm0asFxTIZEVlqtBtBq30KdPPzjNwOp+/3Pg5Fd0604zbsKFeZ81EPCYHbvINvbEmlypGzXp2hC8EqDLSYEJhqb+gTrAnNYZEXL4pQt9oH1P39CVN6SgmSrJt2IoFbOhhV8JddlSqks3e0/Cjl6u01kKYnZ3KfQ+ZBhYLKHFGOLz6bwk42DL2wyXQcKvZhcWOxZr75Z9LUvnUWNoLNLcotJqTR+5Tw2ve4ED1tlHgVl1n/5rTH9+piqM7fX4lHGuG0Pm1Gt9DcBePO4Z9HRBluh4ptUcKGhR/ApPOjD3fuUHL3eZwLrg3kIspiXuVWge/rJr8KNEyLVFm45fnUODrwkLZA3X5BQ4n6PRsAXYDxsGSDug6RtAEkEDumkkXC9dkNMqVcn+6EWJRi/+QczNfzHeKOKO2KFVVW3x9K+mhzNlv+ejTL5vtQvhkoue2ppMf80UotEsX6sJUPSRGbbgZNCgWK+Tj2ROv1kmeHN6RebF44B3HOYhNls4rAsBQseTtveMZL8QcwHw2VS0vyYXwee5kBMOT7F3eGa4ziLXI63QzcT9R8eo6mLZFe+vb1jv2Yn2H0eIOwXxkkvE2N9y5Wqr5ouMDrVREzoTYXGFP1SXtHDZiRbgqXavCupvR5BIYP5AHcs3lW70Xu9tyTyaX9xPGT997/OyUJ+iXZcMD/Od0uDUFPksmVWxQmOJ8JVAd0S6DEuNoFapkem6L0Nc8JqhKbCQtCStA+4PSqwA2bBuV7sijk8yMyYlJaiZVzxGTWP5+kaue07drX/7l2n1kBKNP/qrmB15Qn+7rbu8l9TATHvyCkLr25X3wb8RujbauaWnHMCjh3KClnrWILeJBwJ4W1GnE/HmGwReWmHky2b9LTKcuH7U3XKuJSqYfxVA6Gl55GJNMMQAEQVueZgEjTa9wIqQrIzS9RsaHoBGV9w7jLZUhamIvYdQdJDdcLHdV2pSDrrX2RAkzgeJ8NRCnkStM60WlrX/STRO09/c/gxY7toH3FBDhVDyX6sy7QDPMW3YmWcQX9nDO/Fxha28GYqHXnvv9Nngw0bbI0ESnCFAjp1FB9UlggasSQMs9yFYcy3jpJN+NJ0/SfG/dm9ofM/OFD/jDKqO1oSgoKHuRJOoUTgiV2HQOUIbdX336dqHCgstsHY+9mcx6MXbpGrs+bp59gStFkSN1bZK7l3loK2hph5C5lBQv6A1LJ2gHUUEfM/pg/bn4TyDHQLLcExSPhJ4vAYF2R27KpbJodyIgDdZrJWzEXEUheHwc2zljZHCv7DW/88lw63jEiQX3lnBxm6y0/iNaxJNkoozHTMcKy1YImVgb96IJsOpYokVa9s4OLUK6Mavoj56AoaD5zBjIvpGGmjkNnqrFK8d8yL4EeN+B3++Yb5ljQn8pNfOqQyvRK/5WXDiY3IOzhPjCw6aM1NgjYe9jrqHAc8l0/deCjmwrEWsW2CwiP1BKWMWgAe3TD55fzwdF6++3hfh+9eVQQPRhGyweRVr3bHZcQrQZ7ObXgCMts2if5AXxcKySA/7TxDM4IPXXh3GNeIBgqio8Ybn/F7WlYk9OsERddfJzjhhrN4HAjumXpoS/diMsCuatoRb8+pB1vZ4ujDt5sT0Onldez4/PErwsbLfhD2BMM8CBtgFqHyBQIs5POL9emOwGbeD+4pyQH83ifRdxH0OkURBKZ5V2s
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2020-01-21T00:01:24Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "file"
                }
            ],
            "labels": [
                "misp:name=\"file\"",
                "misp:meta-category=\"file\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "marking-definition",
            "spec_version": "2.1",
            "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
            "created": "2017-01-20T00:00:00.000Z",
            "definition_type": "tlp",
            "name": "TLP:WHITE",
            "definition": {
                "tlp": "white"
            }
        }
    ]
}
chg: [misp-stix] STIX 2.1 export added 2023-04-21 14:44:17 +00:00			`{`
			`"type": "bundle",`
			`"id": "bundle--5e263cf3-b1f8-4393-ad21-42a3950d210f",`
			`"objects": [`
			`{`
			`"type": "identity",`
			`"spec_version": "2.1",`
			`"id": "identity--5e16d2bc-5c68-4ef1-bc80-47f5950d210f",`
			`"created": "2020-01-31T07:36:44.000Z",`
			`"modified": "2020-01-31T07:36:44.000Z",`
			`"name": "wilbursecurity.com",`
			`"identity_class": "organization"`
			`},`
			`{`
			`"type": "report",`
			`"spec_version": "2.1",`
			`"id": "report--5e263cf3-b1f8-4393-ad21-42a3950d210f",`
			`"created_by_ref": "identity--5e16d2bc-5c68-4ef1-bc80-47f5950d210f",`
			`"created": "2020-01-31T07:36:44.000Z",`
			`"modified": "2020-01-31T07:36:44.000Z",`
			`"name": "XMRig and OPSEC Fail",`
			`"published": "2020-01-31T07:37:29Z",`
			`"object_refs": [`
			`"indicator--5e263d86-9a94-4774-a2a8-e44d950d210f",`
			`"indicator--5e263d86-e684-4c9b-8423-e44d950d210f",`
			`"indicator--5e263d86-2834-4ae7-8a02-e44d950d210f",`
			`"indicator--5e263d86-9ad4-4ef9-bd3e-e44d950d210f",`
			`"observed-data--5e263e8f-d970-4643-9162-42e9950d210f",`
			`"url--5e263e8f-d970-4643-9162-42e9950d210f",`
			`"indicator--5e263e7a-6a24-47ca-b012-44ea950d210f",`
			`"indicator--5e263efa-11e4-4f2b-911d-4ea6950d210f",`
			`"indicator--5e263f54-c52c-4000-92c7-4270950d210f"`
			`],`
			`"labels": [`
			`"Threat-Report",`
			`"misp:tool=\"MISP-STIX-Converter\"",`
			`"dnc:malware-type=\"CoinMiner\""`
			`],`
			`"object_marking_refs": [`
			`"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--5e263d86-9a94-4774-a2a8-e44d950d210f",`
			`"created_by_ref": "identity--5e16d2bc-5c68-4ef1-bc80-47f5950d210f",`
			`"created": "2020-01-20T23:53:42.000Z",`
			`"modified": "2020-01-20T23:53:42.000Z",`
			`"pattern": "[network-traffic:src_ref.type = 'ipv4-addr' AND network-traffic:src_ref.value = '178.131.149.179']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2020-01-20T23:53:42Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload delivery"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"ip-src\"",`
			`"misp:category=\"Payload delivery\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--5e263d86-e684-4c9b-8423-e44d950d210f",`
			`"created_by_ref": "identity--5e16d2bc-5c68-4ef1-bc80-47f5950d210f",`
			`"created": "2020-01-20T23:53:42.000Z",`
			`"modified": "2020-01-20T23:53:42.000Z",`
			`"description": "mimikatz",`
			`"pattern": "[file:hashes.MD5 = '53a0a94fcd38c422caf334b44638c03d']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2020-01-20T23:53:42Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload delivery"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"md5\"",`
			`"misp:category=\"Payload delivery\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--5e263d86-2834-4ae7-8a02-e44d950d210f",`
			`"created_by_ref": "identity--5e16d2bc-5c68-4ef1-bc80-47f5950d210f",`
			`"created": "2020-01-20T23:53:42.000Z",`
			`"modified": "2020-01-20T23:53:42.000Z",`
			`"description": "mimikatz",`
			`"pattern": "[file:hashes.SHA1 = 'edfc0f18255a9a1974e9a720861d5e99d169bd9f']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2020-01-20T23:53:42Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload delivery"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"sha1\"",`
			`"misp:category=\"Payload delivery\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--5e263d86-9ad4-4ef9-bd3e-e44d950d210f",`
			`"created_by_ref": "identity--5e16d2bc-5c68-4ef1-bc80-47f5950d210f",`
			`"created": "2020-01-20T23:53:42.000Z",`
			`"modified": "2020-01-20T23:53:42.000Z",`
			`"description": "mimikatz",`
			`"pattern": "[file:hashes.SHA256 = '4585b220fd13925aff301e9ac234ea6edbd25848d437d2a107bc0173e6f9a0b9']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2020-01-20T23:53:42Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload delivery"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"sha256\"",`
			`"misp:category=\"Payload delivery\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "observed-data",`
			`"spec_version": "2.1",`
			`"id": "observed-data--5e263e8f-d970-4643-9162-42e9950d210f",`
			`"created_by_ref": "identity--5e16d2bc-5c68-4ef1-bc80-47f5950d210f",`
			`"created": "2020-01-20T23:58:07.000Z",`
			`"modified": "2020-01-20T23:58:07.000Z",`
			`"first_observed": "2020-01-20T23:58:07Z",`
			`"last_observed": "2020-01-20T23:58:07Z",`
			`"number_observed": 1,`
			`"object_refs": [`
			`"url--5e263e8f-d970-4643-9162-42e9950d210f"`
			`],`
			`"labels": [`
			`"misp:type=\"link\"",`
			`"misp:category=\"External analysis\""`
			`]`
			`},`
			`{`
			`"type": "url",`
			`"spec_version": "2.1",`
			`"id": "url--5e263e8f-d970-4643-9162-42e9950d210f",`
			`"value": "https://www.wilbursecurity.com/2020/01/xmrig-and-opsec-fail/"`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--5e263e7a-6a24-47ca-b012-44ea950d210f",`
			`"created_by_ref": "identity--5e16d2bc-5c68-4ef1-bc80-47f5950d210f",`
			`"created": "2020-01-20T23:57:46.000Z",`
			`"modified": "2020-01-20T23:57:46.000Z",`
			`"pattern": "[windows-registry-key:key = 'HKCR\\\\exefile\\\\shell\\\\open\\\\command' AND windows-registry-key:values[0].data = '\\\\%WINDIR\\\\%\\\\svchost.com \"\\\\%\\\\%1\" \\\\%\\\\%*' AND windows-registry-key:values[0].name = '(Default)']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2020-01-20T23:57:46Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "file"`
			`}`
			`],`
			`"labels": [`
			`"misp:name=\"registry-key\"",`
			`"misp:meta-category=\"file\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--5e263efa-11e4-4f2b-911d-4ea6950d210f",`
			`"created_by_ref": "identity--5e16d2bc-5c68-4ef1-bc80-47f5950d210f",`
			`"created": "2020-01-20T23:59:54.000Z",`
			`"modified": "2020-01-20T23:59:54.000Z",`
			`"description": "Netshta",`
			"pattern": "[file:hashes.MD5 = '8307778ea1683bbb00eecb6f761314e2' AND file:hashes.SHA1 = '108fca5ebe2d0d5adeba289ca83ded2d04b331de' AND file:hashes.SHA256 = '04fe59457894f9154e79eed78f3eefb076e6c6c06a21c25e831cd383b915d5e0' AND file:name = 'svchost.com' AND file:size = '41472' AND (file:content_ref.payload_bin = 'UEsDBBQACQAIAHu/NFBLJFOGOVkAAACiAAAgABwAODMwNzc3OGVhMTY4M2JiYjAwZWVjYjZmNzYxMzE0ZTJVVAkAA/o+Jl76PiZedXgLAAEEIQAAAAQhAAAA2vNE0c/9NeDqARzntwuR1RcXfd0BtP/YjMyBz89YBJ/OwXtQz9oQ5ZqMK6icVZ/WmfKsFIUQVvtFsmp+l1UzdDe/aGSNEHW8zxhcPS4MKjS+ue/sQrzx802fPzE5pKV38KqOTox39kGCkgBOFTMGjqr9t1WbzXY7umFR1IkQ/5Dvz1J//neKjSTem0wNoCl41ksuq3O/ovDoq/KOD4/hAJ8SsNae9eDYI4nyIPlaaS9Vkx8EyRWwt44BwkLiYa4nhnyOudLi66uCQmzP3eV/P7I0Jrh530dIsigO8KekgBBISpqzGL2SahQNa7nPtFQ+b3kDW4vcoPXMaPy0P7M5IXdnqkYU4sM+70ijWJAPMngvNL2KIz7KpgzarF2jJFzueBfb3VUFmYx9hUBZjN9T8F+diZD5qyiovTtHtXnbHVAPowTqdHvIO/WveNLgQi6AukPXx6ZKwSUFu4lDtuq+cXG7UUFzq3f489BqrO5HUXxvSdeLnQdEvOvpwNk0KCFXllF7wem/55RIFIBsKOECS1rAhib+vopXJNfq19EoKtal7nKUhueW7Jmj9PFpXZoB8ceI26SqWDTedbAEyi4uiv14s9oe7I6kG06n06vWu7HD2MAqf8hdnp3t7mmoaZTxQ9jl7nYpdSWulsDbg8n3EQW098DCRrKSFz/USNTWZ6CsdGD+21/JOoJysEnKiiNk89uwskjDjnZHvj+4uqr8I7FdZtWPd/CtVGC5Xsbt5IUf8cywbEqiAgS0606NYMuZcSRU56sLPWzW2uPoeUBVWwXgNM3BJlXwRB9ZdixRMp8VqFvvyGYnq7onL3jiepcsARiSGydQVTZk5N/7z3Bqiju7gMsWEnylraA3VvzKzFF5YEZT9YgqZwtZZEBPlqKmkxMuhQLrJw18LCLuKCuqpOts2czxGp+ZAb0Grn+edRIOEuY+vfrqM8knI9vf+hNI4rRYMyPtjL56cLCSck4g17d2GJ0a+AM8mD8r7jAMM9e3dIHBcWBdmk7WVLSCNuF9Mm5Spzs+f56YPuHOuLJXmzSImqkErBfA1DtkkZhBh+35lHsuwLaHexJP2LMNyPeDIYuxods+X7Aq4gLMU7h6Aiva8vHeWZI+0YtZ6/1lHkjpGQ6e80P0b3aFLQdFXjt/OKiUywcoqDRSj8rHCb+1AZEJTw3+7scnnFaCfo/nEnUQxBdXvyM7bgZHK8fxyty2S+a/IA+hu/IsMLU5k3H9seRPf2CdJhYJ4BB6aFcEE0QiaDrc+PryjMoLzdb8s35SDmt0LBrbJApuUrLpXdlc5HIfHDkTdJBO+yPsVb5kgM29SrlAuyJrqR6taAQLZQ5pcg94ECQnYa2bgSTlwgtSlE49pltlINV0RasZgJRGQk+Y/fXt2lOKp2XfLkgw5nIeYdouQHq+LBl4fDTMi7Or3YLRM+PMoscnc4w7GZsmkFr2i29+nhx7rv/KuelMfqiITgk8jey2d5DH9/T5+lxJZjibTUp0UNEPUQkI+yuULQ+WSMI78QsMhNjRm4QeEV5WeCS+Qmv0I9pA3p7CGmtvJ+JL804TR/AJXY3cU5Nof0XrxHQA1H135nrvC8YrrSZHKZLYrxhIEUv1At8bPCKnG2yXLAFaUhbxfsfIrUNcefoXZk0vaqGz5WMbMtmGLBJ4VJLViATlWcR5izWtwjE9moVmODahySPuHm3EPfA1I1M7691e607vLuWf3JWDf9P0jSuiZJ/wc2f8ryKd/pHOBrOqkXtF5aQrLzzCkqb9/0iznZe/mQdgP1C9UOu3UPX69vqrfy1MNbqjdP5ECUH21flp3NSJY+1uomVozeRdTQ/qiY20hc5AkOuwvrO9VvSPJ9oxnocpPCHVM07kEzjmTNp5iIWvzeZS3QjsRNqtpDBG7ITAxtO0EwSiFGKjiqQPuldidIQIMyw4lesn99dnZ5vNHnaPV1p5O0mGE3ecspG1ketjZvTnQQjHu/qyJgZsEryGYFbiWyfPWyIDaPfNpGRpPPtx9dC+39A1VwCf1PZ050OHU2XYtN/SY/pnbMQ0t2vSNxF8cpbPNmapmikATxV/vgABEX8mpYmx71MdMYxDP7bMFn4FpKJWa8JX0ElLM7RZT/SQbIzho0A2Oz6dpy7eRDauu0MYe2zdoo8yGCcFrIyLaxsG6rtS2UgLhpxa59m1DEPckVbxiX5IRPH2mYkBUoyyzH7/eeya9VJJ1SP2EpX1kOCjObewDfMqe7cCbCRmA13qjY/pIEN+8M61byVaS7eZ5R56KmgZTh0SX+duw+xrpm5NrqHrnUvDHtY75Ap5cLSRyZU6HHC5hZGvAL2depz/Nh6UyjUgNcmhbr3NN4Jx4afmoMxSHrrssKz9x0kPILXNE5nvbFP4hOHJpm8fe1ZtbvQB99LNXTXXbUB5Thwpcka9TRnxm0Gnn7Nrm7z/ptUWWzyh1Lo6+L00A8g4F4U7sJOrkCmd3D6shovHXZvUMelmniGy/rOJrDjCYs1NoxuIbcPXAkL/9/rsVD/RxR9IGcM1E2WGHdHgxvKPERwePE6TnzLQdY3V+FzPXfx+HRZP1FT4c7No9Aye75s13/IwPIyi3YTCfnQeuiDbdYXvzBQadaep4kmZMWYxG8HAkb7JwE8MPzHSVD20Fr3ZFYsLqyt1Q1kfPm75nmf2Uhz9B9YsVRnrFNi5rrMlojfXXZqBhfhbSyiZxa2PPgkR8plZA3YjKIRKLUvI52OT84eEvAyvjAZ9cvFnWg2nl5u6/fHg/gIQwyOO2jvMptXUkWIWjRfDIcDKwa4kBmjqlAJS14CP9tWwC0v4/LCh89wvuwZb23yJT9A4M2Fb1GApGq03HTQFP0zr0oN4LDa7Hc5hPQ9W6LIAKimCiu2O6rHnJt8YE3GdmU6dpjIaepuZHuCcXB6QNznTvTv0Z/3g+76cHsJuaOuxoZ5d+jD6dpVZYnNSQ7vMGfX1QCLLY9JgqQun+lc+xUrKf/p70tOku8dLbGwPXgToxG+Jjnr0q9szYQYpgD7yo/tulIzopQKuqxET07LvaZUBIuyFQhjWUv9k9DZ6MGVxq1cSSCqHS/bGfrjicA5X0sTrkChm5qpdW9rZ/x3nlV/s+W5SLnk6O0sCSLb9EpnteS3josAt64P0l6KfOJHj80P52oIMXQJLLpe4Za24Q+G4AUkgFy3hfYT9RQk3KALBsIwAkxU8lqjzlkZieylubqpJWF4TTv9yyMYY++7+P8swJpr8wL26FZhHVL0QQLArGcfj+vMTEcfOUB3DK1ZEI0eZiteGmgap/wgwnShmNEGOjhnxfqxzDAayLU+tCnbmhuWCpiXkuMhx+gk82gX47LLHOVuCh4x/QYI9/Rw5OjjOLq6ue3lk/PVnn1JDkYgnd6DEllm+oPUev7yglEyC3HjKmhSk8NAEY+tDj0iTMi6JfLMowGboM62ZHZvYlf6lj8hy0ocr1Ge4LDPpQPHhOIEhe29I2MemMGcluI+lAo9FJR661LztDPLMKRRBaYVxJey2utdWwxbdUO7K6eDKDKQyjFS+mBbhAJNfamZmq4Hwaz3GBNQx8cSMQ9joYjSWbnHWtc+szCejCd70AbC18uI7RBVuWKbFA+QM8JzVT/fHDE81Y01RlGESD/CxFqA/CVWYFevV
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2020-01-20T23:59:54Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "file"`
			`}`
			`],`
			`"labels": [`
			`"misp:name=\"file\"",`
			`"misp:meta-category=\"file\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--5e263f54-c52c-4000-92c7-4270950d210f",`
			`"created_by_ref": "identity--5e16d2bc-5c68-4ef1-bc80-47f5950d210f",`
			`"created": "2020-01-21T00:01:24.000Z",`
			`"modified": "2020-01-21T00:01:24.000Z",`
			`"description": "XMRig",`
			"pattern": "[file:hashes.MD5 = '109a4ed5ee00374f64644344011b5157' AND file:hashes.SHA1 = '9998376fb8d72284fe7337ce31589fdc0cf6f38b' AND file:hashes.SHA256 = 'b4c7a760698a1f4abe9265caddc621feeb4515bbc9faa314ef2e5c0d1e1c504b' AND file:name = 'xmrig.exe' AND file:size = '4552704' AND (file:content_ref.payload_bin = 'UEsDBBQACQAIACwANVDBQKYNTb4dAAB4RQAgABwAMTA5YTRlZDVlZTAwMzc0ZjY0NjQ0MzQ0MDExYjUxNTdVVAkAA1Q/Jl5UPyZedXgLAAEEIQAAAAQhAAAAZfy1/Al7Fi+KUVHqy5CfHq4cjizVXTUptnAImXzdYpaYBOyK71BEBzW8ryRPv4df6njFNGUJf4rt+vdzW/HyRFwUmwgIbNIMJ+tTQpmZfBN3tF9h0rE1goeqVweXToCc1DN3pQ1Vh2FgINIOTKgHHjWqICka0CK8TCmFd93zru5cYQ0eievvH5CBScbM9YHurhUCSsdgVJMByWrZxr0cAZZRWBD8PNK1Ylih+SXThppgmsyZlSG7tkQTD/Z4riekh+yix76RBM3s5YkJ9TEu8l4eT1vIn60DgpoG2u3t/AtHPijykeAPiIF8q8chEmIEqmkqbyqeo2r3BYHCMNbJIO0tSUWdUvQndkY7fYqhaq3da2d2jR7euuIhsDs8aRD6jjrEXe9j5OFO7+d42WrssY6eEpAZnPX/mX4emc2S2KFH78O6m7yUkb6poL9AqKSJ9HAWmt/frfMnZlPjQNJt66HE6mN1s98B4WbQkLKIzAXQ3pMcPxlX/l1ra9ySfiDSeg2vSgn4J+NtWi5zIp4N841wgkfXWDf9ZdL/vtHbhk6mOVAQKONl7twC+U2aFMS63DBd/Ml2PaeaJTCgM9itukZfgaQaRLcQdt7C4iRbmm1bUCi8q5ZuNPCo50t47H0wG7TpWegMzrpSGoPsJzKzuh4erPDZqEzOpMgVHFsWIh46iUwD0SdvdrK+b8JWyye/cnA/HZLt+emhFhiLE050Y3FGitdQt8woJXPH181L1t7oUA202JlO9w12upy+l8mu7j0BnMYZX2QLgN77CtIDcaJx4tZLsVnLdoysmo3YZrCQWa5fpniiukISFPzBX/pvpYA4l0AQB7h+5ooxJRbI4VcPwSIw7yPoVtZ3SUoOYlmSv6aV4nTKlz01lNTl0PP+WcePEWI5xHA4a8t5Fmk+AJYB9vrKYdbKnTh4ZvAu4CXs7SeJ24Pa6VRIcHDXmkN94Kom4FisDKrpopn0F8Xazw7AwULqcK3bHMz8y6CCV8nXU6pTvFD8wMDjiinOQGcPmiVpSpd9OfnhHPCWnh/ehkn7CTx3iafdslknX+yktzkl5nT8xoD/TSPFbLq/g+l/S8A/sMZGNSZBu+UAbwjN1tG6a3zk7gknuDNQSly8YbIwSg5EVSvXcFSbdP/A/gCsCPPZjOIjIoRqTFmnpgyQjWcirmOT+2C2oQ49RfXaAQJC7X5sHGjIlMBhD3ROaxlwFVfAeVCZEUiI880nL9fCdey4KGsBEuvvsTHnxpjzkPRlFqkiDdjwMr0u/7HQzDa/dXrcKRqlxOYDP9zmV9SmEo78mwuZlHszwI176gwFQUpaXZefPBUmF5nO4usvGdi19C1YsX92QRCIeVJPoeJC04/dPVGqnbShfcS2AxjUKpvQZY5OHGZ+ZrI9kk85S1PO5QXqmItYyQ+6GpmPjliPorKHqn+/TnmjXxZd62BU/SuUOrvwoVosEgsxZBY+BULemN0Pn1HIJT+7FzTIKVwZ7eKW3CVwsOLjQY0f7QaJVlTyJFVIQvRfNAGxpMXlYdfVrhpSi2B0sQ4lzRypXEfq18YsfAVU1TrKYH8Za9CbVTVaHwRjiLMJSt9l9wsibu12spvukZDS4dHph/NqcOpdvl6BYnAVdjsvlv5sR8jcIGLGj8KASxSJvxZO23v5AZjt/zpNxh+R2Id6juX1CVOj2HbrpTx3iAOEr9aHuh7AcXWUZjc1J1jH4jDR2kd8rYjIIR1/KRISPnzonKcywl6DBAMRsY5DdHaI9NdcSpdvvPIGdCQOBnugSGO28Fhe3VZnpnmwD7ukQw6OlLY2iKf16UVkWLtXZNUAqA+YQEd4RtIFFv6wvKrMs2tciuBXd/TlKLuUo5jBW3gALfgdBZHkNPh7bqLSjkCqetdYZEnom/SrXo3dNyML1nAOixrLQ0/1NUbR7QY1UYM6WuG2ST2e5sZbcQTAJJ9ct6gm0asFxTIZEVlqtBtBq30KdPPzjNwOp+/3Pg5Fd0604zbsKFeZ81EPCYHbvINvbEmlypGzXp2hC8EqDLSYEJhqb+gTrAnNYZEXL4pQt9oH1P39CVN6SgmSrJt2IoFbOhhV8JddlSqks3e0/Cjl6u01kKYnZ3KfQ+ZBhYLKHFGOLz6bwk42DL2wyXQcKvZhcWOxZr75Z9LUvnUWNoLNLcotJqTR+5Tw2ve4ED1tlHgVl1n/5rTH9+piqM7fX4lHGuG0Pm1Gt9DcBePO4Z9HRBluh4ptUcKGhR/ApPOjD3fuUHL3eZwLrg3kIspiXuVWge/rJr8KNEyLVFm45fnUODrwkLZA3X5BQ4n6PRsAXYDxsGSDug6RtAEkEDumkkXC9dkNMqVcn+6EWJRi/+QczNfzHeKOKO2KFVVW3x9K+mhzNlv+ejTL5vtQvhkoue2ppMf80UotEsX6sJUPSRGbbgZNCgWK+Tj2ROv1kmeHN6RebF44B3HOYhNls4rAsBQseTtveMZL8QcwHw2VS0vyYXwee5kBMOT7F3eGa4ziLXI63QzcT9R8eo6mLZFe+vb1jv2Yn2H0eIOwXxkkvE2N9y5Wqr5ouMDrVREzoTYXGFP1SXtHDZiRbgqXavCupvR5BIYP5AHcs3lW70Xu9tyTyaX9xPGT997/OyUJ+iXZcMD/Od0uDUFPksmVWxQmOJ8JVAd0S6DEuNoFapkem6L0Nc8JqhKbCQtCStA+4PSqwA2bBuV7sijk8yMyYlJaiZVzxGTWP5+kaue07drX/7l2n1kBKNP/qrmB15Qn+7rbu8l9TATHvyCkLr25X3wb8RujbauaWnHMCjh3KClnrWILeJBwJ4W1GnE/HmGwReWmHky2b9LTKcuH7U3XKuJSqYfxVA6Gl55GJNMMQAEQVueZgEjTa9wIqQrIzS9RsaHoBGV9w7jLZUhamIvYdQdJDdcLHdV2pSDrrX2RAkzgeJ8NRCnkStM60WlrX/STRO09/c/gxY7toH3FBDhVDyX6sy7QDPMW3YmWcQX9nDO/Fxha28GYqHXnvv9Nngw0bbI0ESnCFAjp1FB9UlggasSQMs9yFYcy3jpJN+NJ0/SfG/dm9ofM/OFD/jDKqO1oSgoKHuRJOoUTgiV2HQOUIbdX336dqHCgstsHY+9mcx6MXbpGrs+bp59gStFkSN1bZK7l3loK2hph5C5lBQv6A1LJ2gHUUEfM/pg/bn4TyDHQLLcExSPhJ4vAYF2R27KpbJodyIgDdZrJWzEXEUheHwc2zljZHCv7DW/88lw63jEiQX3lnBxm6y0/iNaxJNkoozHTMcKy1YImVgb96IJsOpYokVa9s4OLUK6Mavoj56AoaD5zBjIvpGGmjkNnqrFK8d8yL4EeN+B3++Yb5ljQn8pNfOqQyvRK/5WXDiY3IOzhPjCw6aM1NgjYe9jrqHAc8l0/deCjmwrEWsW2CwiP1BKWMWgAe3TD55fzwdF6++3hfh+9eVQQPRhGyweRVr3bHZcQrQZ7ObXgCMts2if5AXxcKySA/7TxDM4IPXXh3GNeIBgqio8Ybn/F7WlYk9OsERddfJzjhhrN4HAjumXpoS/diMsCuatoRb8+pB1vZ4ujDt5sT0Onldez4/PErwsbLfhD2BMM8CBtgFqHyBQIs5POL9emOwGbeD+4pyQH83ifRdxH0OkURBKZ5V2s
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2020-01-21T00:01:24Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "file"`
			`}`
			`],`
			`"labels": [`
			`"misp:name=\"file\"",`
			`"misp:meta-category=\"file\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "marking-definition",`
			`"spec_version": "2.1",`
			`"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",`
			`"created": "2017-01-20T00:00:00.000Z",`
			`"definition_type": "tlp",`
			`"name": "TLP:WHITE",`
			`"definition": {`
			`"tlp": "white"`
			`}`
			`}`
			`]`
			`}`