misp-circl-feed/feeds/circl/stix-2.1/c98a638f-29c5-4233-a283-34ddbcc40be4.json

{
    "type": "bundle",
    "id": "bundle--c98a638f-29c5-4233-a283-34ddbcc40be4",
    "objects": [
        {
            "type": "identity",
            "spec_version": "2.1",
            "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2023-12-06T14:16:37.000Z",
            "modified": "2023-12-06T14:16:37.000Z",
            "name": "CIRCL",
            "identity_class": "organization"
        },
        {
            "type": "report",
            "spec_version": "2.1",
            "id": "report--c98a638f-29c5-4233-a283-34ddbcc40be4",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2023-12-06T14:16:37.000Z",
            "modified": "2023-12-06T14:16:37.000Z",
            "name": "AA23-339A Threat Actors Exploit Adobe ColdFusion CVE- 2023-26360 for Initial Access to Government Servers",
            "published": "2023-12-06T14:16:50Z",
            "object_refs": [
                "indicator--e10f5ebe-8c4d-4ec9-8a17-63e07348efa5",
                "indicator--d267f6c6-a29b-47f6-8646-84496be09fa6",
                "indicator--2c455592-2569-4ca6-b6e1-a7ac9dd2745e",
                "x-misp-object--c09384c7-640e-4779-910e-9de0fe0fa00b"
            ],
            "labels": [
                "Threat-Report",
                "misp:tool=\"MISP-STIX-Converter\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"f0a904f4-b3f5-4e42-b565-418dc6932d44\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"e8b9ef62-f34a-4d8c-8095-196c7e6f607d\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"84783d50-c513-428f-b288-17b4bd24821b\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"2d41cc0d-be1b-47e5-8491-ada86f624ec4\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"a1fe1a1c-ae50-4812-a064-dbec116d1fc3\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"4ff7e674-9bdb-43bf-bce4-406351ac1188\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"4c312255-f721-4a07-b49a-006387d79a2d\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"7a388102-a1e3-4f69-99a0-23d4d2344312\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"23a9ad16-95c1-4b7d-98b8-049fdd9ef8b2\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"75868d94-271e-4dac-8885-b51843a4c9d4\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"2fd37eac-035a-48f7-83da-cefa8937d859\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"be2cdeb0-048c-4aa2-8cee-0dba9687e975\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"d6d7c433-a139-43b7-9f6c-8cc6e97b8a72\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"c31d692e-0be1-4678-abf0-2e64dfb24890\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"a6c90d18-9b9d-4bdf-9cfa-b0abb5889f86\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"f8695dd5-3fa7-40c8-941f-ee8f7d8d0080\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"9a9fd346-3ca7-42ee-874b-ba706dbdcb03\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"22b606d1-33c8-4182-9ad1-9d5c7fbd7daf\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"96115b0f-f094-4ae6-bad4-e5a6715f48e0\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"9c44b26b-ebfa-402b-bf16-10fe3551bbc7\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"11d0fed1-9205-4d0f-85e5-d8b76cc3b3c1\"",
                "misp-galaxy:stix-2.1-attack-pattern=\"351cb297-4ddc-4ee1-8e65-40b054834106\"",
                "type:OSINT",
                "osint:lifetime=\"perpetual\"",
                "tlp:clear"
            ],
            "object_marking_refs": [
                "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--e10f5ebe-8c4d-4ec9-8a17-63e07348efa5",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2023-12-04T21:01:50.000Z",
            "modified": "2023-12-04T21:01:50.000Z",
            "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '125.227.50.97']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2023-06-02T00:00:00Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Network activity"
                }
            ],
            "labels": [
                "misp:type=\"ip-dst\"",
                "misp:category=\"Network activity\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--d267f6c6-a29b-47f6-8646-84496be09fa6",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2023-12-04T21:01:50.000Z",
            "modified": "2023-12-04T21:01:50.000Z",
            "pattern": "[file:hashes.SHA1 = 'be332b6e2e2ed9e1e57d8aafa0c00aa77d4b8656' AND file:name = 'fscan.exe']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2023-06-02T00:00:00Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "file"
                }
            ],
            "labels": [
                "misp:name=\"file\"",
                "misp:meta-category=\"file\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--2c455592-2569-4ca6-b6e1-a7ac9dd2745e",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2023-12-04T21:01:50.000Z",
            "modified": "2023-12-04T21:01:50.000Z",
            "pattern": "[file:hashes.MD5 = 'ba69669818ef9ccec174d647a8021a7b' AND file:hashes.SHA1 = 'b6818d2d5cbd902ce23461f24fc47e24937250e6' AND file:hashes.SHA256 = 'a3acb9f79647f813671c1a21097a51836b0b95397ebc9cd178bc806e1773c864' AND file:name = 'eee.exe']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2023-06-02T00:00:00Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "file"
                }
            ],
            "labels": [
                "misp:name=\"file\"",
                "misp:meta-category=\"file\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "x-misp-object",
            "spec_version": "2.1",
            "id": "x-misp-object--c09384c7-640e-4779-910e-9de0fe0fa00b",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2023-12-06T11:03:50.000Z",
            "modified": "2023-12-06T11:03:50.000Z",
            "labels": [
                "misp:name=\"original-imported-file\"",
                "misp:meta-category=\"file\""
            ],
            "x_misp_attributes": [
                {
                    "type": "attachment",
                    "object_relation": "imported-sample",
                    "value": "AA23-339A-Threat-Actors-Exploit-Adobe-ColdFusion-CVE-2023-26360-for-Initial-Access-to-Government-Servers.stix_.json",
                    "category": "External analysis",
                    "uuid": "a7af729f-85da-48ee-8848-0f18febd2ddc",
                    "data": "ewogICAgInR5cGUiOiAiYnVuZGxlIiwKICAgICJpZCI6ICJidW5kbGUtLTZiMjc5M2FjLTA4MTItNDhhZC1hOGQ1LWYyNzA4ODE5ZTIzYSIsCiAgICAib2JqZWN0cyI6IFsKICAgICAgICB7CiAgICAgICAgICAgICJpZCI6ICJsb2NhdGlvbi0tYTdhODg5ZTctOTc3YS00NDAwLWE1YzQtOTUxN2FlZmNjNmY5IiwKICAgICAgICAgICAgInNwZWNfdmVyc2lvbiI6ICIyLjEiLAogICAgICAgICAgICAidHlwZSI6ICJsb2NhdGlvbiIsCiAgICAgICAgICAgICJjb3VudHJ5IjogIlVTIiwKICAgICAgICAgICAgImFkbWluaXN0cmF0aXZlX2FyZWEiOiAiVVMtREMiLAogICAgICAgICAgICAiY3JlYXRlZCI6ICIyMDIzLTEyLTA0VDIxOjAxOjUwLjAwMFoiLAogICAgICAgICAgICAibW9kaWZpZWQiOiAiMjAyMy0xMi0wNFQyMTowMTo1MC4wMDBaIiwKICAgICAgICAgICAgImNyZWF0ZWRfYnlfcmVmIjogImlkZW50aXR5LS1iM2JjYTNjMi0xZjNkLTRiNTQtYjQ0Zi1kYWM0MmMzYThmMDEiLAogICAgICAgICAgICAib2JqZWN0X21hcmtpbmdfcmVmcyI6IFsKICAgICAgICAgICAgICAgICJtYXJraW5nLWRlZmluaXRpb24tLTQ3OTA4MWM4LTNhNjAtNGViOC1iNDEwLTk2YTMwZjM5NWRlZiIsCiAgICAgICAgICAgICAgICAibWFya2luZy1kZWZpbml0aW9uLS02MTNmMmUyNi00MDdkLTQ4YzctOWVjYS1iOGU5MWRmOTlkYzkiCiAgICAgICAgICAgIF0KICAgICAgICB9LAogICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAibWFya2luZy1kZWZpbml0aW9uIiwKICAgICAgICAgICAgInNwZWNfdmVyc2lvbiI6ICIyLjEiLAogICAgICAgICAgICAiaWQiOiAibWFya2luZy1kZWZpbml0aW9uLS00NzkwODFjOC0zYTYwLTRlYjgtYjQxMC05NmEzMGYzOTVkZWYiLAogICAgICAgICAgICAiY3JlYXRlZCI6ICIyMDIzLTAzLTAyVDE2OjQ4OjU3Ljk1OVoiLAogICAgICAgICAgICAiZXh0ZW5zaW9ucyI6IHsKICAgICAgICAgICAgICAgICJleHRlbnNpb24tZGVmaW5pdGlvbi0tM2E2NTg4NGQtMDA1YS00MjkwLTgzMzUtY2IyZDc3OGE4M2NlIjogewogICAgICAgICAgICAgICAgICAgICJleHRlbnNpb25fdHlwZSI6ICJwcm9wZXJ0eS1leHRlbnNpb24iLAogICAgICAgICAgICAgICAgICAgICJpZGVudGlmaWVyIjogImlzYTpndWlkZS4xOTAwMS5BQ1MzLTllMGNkNTBlLTZlZmMtNDViMy04YTNkLWI2Mzc2NTQxYzljNSIsCiAgICAgICAgICAgICAgICAgICAgImNyZWF0ZV9kYXRlX3RpbWUiOiAiMjAyMy0wMy0wMlQxNjo0ODo1Ny45NTlaIiwKICAgICAgICAgICAgICAgICAgICAicmVzcG9uc2libGVfZW50aXR5X2N1c3RvZGlhbiI6ICJVU0EuREhTLk5DQ0lDIiwKICAgICAgICAgICAgICAgICAgICAicmVzcG9uc2libGVfZW50aXR5X29yaWdpbmF0b3IiOiAiVVNBLkRIUy5OQ0NJQyIsCiAgICAgICAgICAgICAgICAgICAgInBvbGljeV9yZWZlcmVuY2UiOiAidXJuOmlzYTpwb2xpY3k6YWNzOm5zOnYzLjA/cHJpdmRlZmF1bHQ9ZGVueSZzaGFyZWRlZmF1bHQ9cGVybWl0IiwKICAgICAgICAgICAgICAgICAgICAiY29udHJvbF9zZXQiOiB7CiAgICAgICAgICAgICAgICAgICAgICAgICJjbGFzc2lmaWNhdGlvbiI6ICJVIiwKICAgICAgICAgICAgICAgICAgICAgICAgImZvcm1hbF9kZXRlcm1pbmF0aW9uIjogWwogICAgICAgICAgICAgICAgICAgICAgICAgICAgIklORk9STUFUSU9OLURJUkVDVExZLVJFTEFURUQtVE8tQ1lCRVJTRUNVUklUWS1USFJFQVQiLAogICAgICAgICAgICAgICAgICAgICAgICAgICAgIlBVQlJFTCIKICAgICAgICAgICAgICAgICAgICAgICAgXQogICAgICAgICAgICAgICAgICAgIH0sCiAgICAgICAgICAgICAgICAgICAgImF1dGhvcml0eV9yZWZlcmVuY2UiOiBbCiAgICAgICAgICAgICAgICAgICAgICAgICJ1cm46aXNhOmF1dGhvcml0eTphaXMiCiAgICAgICAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAgICAgICAiYWNjZXNzX3ByaXZpbGVnZSI6IFsKICAgICAgICAgICAgICAgICAgICAgICAgewogICAgICAgICAgICAgICAgICAgICAgICAgICAgInByaXZpbGVnZV9hY3Rpb24iOiAiQ0lTQVVTRVMiLAogICAgICAgICAgICAgICAgICAgICAgICAgICAgInJ1bGVfZWZmZWN0IjogInBlcm1pdCIsCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAicHJpdmlsZWdlX3Njb3BlIjogewogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJlbnRpdHkiOiBbCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJBTEwiCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAicGVybWl0dGVkX25hdGlvbmFsaXRpZXMiOiBbCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJBTEwiCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAicGVybWl0dGVkX29yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJBTEwiCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAic2hhcmVhYmlsaXR5IjogWwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAiQUxMIgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIF0KICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgICAgIF0KICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgIH0sCiAgICAgICAgewogICAgICAgICAgICAiaWQiOiAiYXR0YWNrLXBhdHRlcm4tLWYwYTkwNGY0LWIzZjUtNGU0Mi1iNTY1LTQxOGRjNjkzMmQ0NCIsCiAgICAgICAgICAgICJ0eXBlIjogImF0dGFjay1wYXR0ZXJuIiwKICAgICAgICAgICAgImNyZWF0ZWQiOiAiMjAyMy0xMi0wNFQyMTowMTo1MC4wMDBaIiwKICAgICAgICAgICAgIm1vZGlmaWVkIjogIjIwMjMtMTItMDRUMjE6MDE6NTAuMDAwWiIsCiAgICAgICAgICAgICJzcGVjX3ZlcnNpb2
                },
                {
                    "type": "text",
                    "object_relation": "format",
                    "value": "STIX 2.1",
                    "category": "Other",
                    "uuid": "ef359ef2-81cf-46da-94b5-43f804854632"
                }
            ],
            "x_misp_meta_category": "file",
            "x_misp_name": "original-imported-file"
        },
        {
            "type": "marking-definition",
            "spec_version": "2.1",
            "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
            "created": "2017-01-20T00:00:00.000Z",
            "definition_type": "tlp",
            "name": "TLP:WHITE",
            "definition": {
                "tlp": "white"
            }
        }
    ]
}
chg: [gen] updated 2023-12-14 14:30:15 +00:00			`{`
			`"type": "bundle",`
			`"id": "bundle--c98a638f-29c5-4233-a283-34ddbcc40be4",`
			`"objects": [`
			`{`
			`"type": "identity",`
			`"spec_version": "2.1",`
			`"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2023-12-06T14:16:37.000Z",`
			`"modified": "2023-12-06T14:16:37.000Z",`
			`"name": "CIRCL",`
			`"identity_class": "organization"`
			`},`
			`{`
			`"type": "report",`
			`"spec_version": "2.1",`
			`"id": "report--c98a638f-29c5-4233-a283-34ddbcc40be4",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2023-12-06T14:16:37.000Z",`
			`"modified": "2023-12-06T14:16:37.000Z",`
			`"name": "AA23-339A Threat Actors Exploit Adobe ColdFusion CVE- 2023-26360 for Initial Access to Government Servers",`
			`"published": "2023-12-06T14:16:50Z",`
			`"object_refs": [`
			`"indicator--e10f5ebe-8c4d-4ec9-8a17-63e07348efa5",`
			`"indicator--d267f6c6-a29b-47f6-8646-84496be09fa6",`
			`"indicator--2c455592-2569-4ca6-b6e1-a7ac9dd2745e",`
			`"x-misp-object--c09384c7-640e-4779-910e-9de0fe0fa00b"`
			`],`
			`"labels": [`
			`"Threat-Report",`
			`"misp:tool=\"MISP-STIX-Converter\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"f0a904f4-b3f5-4e42-b565-418dc6932d44\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"e8b9ef62-f34a-4d8c-8095-196c7e6f607d\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"84783d50-c513-428f-b288-17b4bd24821b\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"2d41cc0d-be1b-47e5-8491-ada86f624ec4\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"a1fe1a1c-ae50-4812-a064-dbec116d1fc3\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"4ff7e674-9bdb-43bf-bce4-406351ac1188\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"4c312255-f721-4a07-b49a-006387d79a2d\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"7a388102-a1e3-4f69-99a0-23d4d2344312\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"23a9ad16-95c1-4b7d-98b8-049fdd9ef8b2\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"75868d94-271e-4dac-8885-b51843a4c9d4\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"2fd37eac-035a-48f7-83da-cefa8937d859\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"be2cdeb0-048c-4aa2-8cee-0dba9687e975\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"d6d7c433-a139-43b7-9f6c-8cc6e97b8a72\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"c31d692e-0be1-4678-abf0-2e64dfb24890\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"a6c90d18-9b9d-4bdf-9cfa-b0abb5889f86\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"f8695dd5-3fa7-40c8-941f-ee8f7d8d0080\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"9a9fd346-3ca7-42ee-874b-ba706dbdcb03\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"22b606d1-33c8-4182-9ad1-9d5c7fbd7daf\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"96115b0f-f094-4ae6-bad4-e5a6715f48e0\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"9c44b26b-ebfa-402b-bf16-10fe3551bbc7\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"11d0fed1-9205-4d0f-85e5-d8b76cc3b3c1\"",`
			`"misp-galaxy:stix-2.1-attack-pattern=\"351cb297-4ddc-4ee1-8e65-40b054834106\"",`
			`"type:OSINT",`
			`"osint:lifetime=\"perpetual\"",`
			`"tlp:clear"`
			`],`
			`"object_marking_refs": [`
			`"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--e10f5ebe-8c4d-4ec9-8a17-63e07348efa5",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2023-12-04T21:01:50.000Z",`
			`"modified": "2023-12-04T21:01:50.000Z",`
			`"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '125.227.50.97']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2023-06-02T00:00:00Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Network activity"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"ip-dst\"",`
			`"misp:category=\"Network activity\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--d267f6c6-a29b-47f6-8646-84496be09fa6",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2023-12-04T21:01:50.000Z",`
			`"modified": "2023-12-04T21:01:50.000Z",`
			`"pattern": "[file:hashes.SHA1 = 'be332b6e2e2ed9e1e57d8aafa0c00aa77d4b8656' AND file:name = 'fscan.exe']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2023-06-02T00:00:00Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "file"`
			`}`
			`],`
			`"labels": [`
			`"misp:name=\"file\"",`
			`"misp:meta-category=\"file\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--2c455592-2569-4ca6-b6e1-a7ac9dd2745e",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2023-12-04T21:01:50.000Z",`
			`"modified": "2023-12-04T21:01:50.000Z",`
			`"pattern": "[file:hashes.MD5 = 'ba69669818ef9ccec174d647a8021a7b' AND file:hashes.SHA1 = 'b6818d2d5cbd902ce23461f24fc47e24937250e6' AND file:hashes.SHA256 = 'a3acb9f79647f813671c1a21097a51836b0b95397ebc9cd178bc806e1773c864' AND file:name = 'eee.exe']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2023-06-02T00:00:00Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "file"`
			`}`
			`],`
			`"labels": [`
			`"misp:name=\"file\"",`
			`"misp:meta-category=\"file\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "x-misp-object",`
			`"spec_version": "2.1",`
			`"id": "x-misp-object--c09384c7-640e-4779-910e-9de0fe0fa00b",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2023-12-06T11:03:50.000Z",`
			`"modified": "2023-12-06T11:03:50.000Z",`
			`"labels": [`
			`"misp:name=\"original-imported-file\"",`
			`"misp:meta-category=\"file\""`
			`],`
			`"x_misp_attributes": [`
			`{`
			`"type": "attachment",`
			`"object_relation": "imported-sample",`
			`"value": "AA23-339A-Threat-Actors-Exploit-Adobe-ColdFusion-CVE-2023-26360-for-Initial-Access-to-Government-Servers.stix_.json",`
			`"category": "External analysis",`
			`"uuid": "a7af729f-85da-48ee-8848-0f18febd2ddc",`
			"data": "ewogICAgInR5cGUiOiAiYnVuZGxlIiwKICAgICJpZCI6ICJidW5kbGUtLTZiMjc5M2FjLTA4MTItNDhhZC1hOGQ1LWYyNzA4ODE5ZTIzYSIsCiAgICAib2JqZWN0cyI6IFsKICAgICAgICB7CiAgICAgICAgICAgICJpZCI6ICJsb2NhdGlvbi0tYTdhODg5ZTctOTc3YS00NDAwLWE1YzQtOTUxN2FlZmNjNmY5IiwKICAgICAgICAgICAgInNwZWNfdmVyc2lvbiI6ICIyLjEiLAogICAgICAgICAgICAidHlwZSI6ICJsb2NhdGlvbiIsCiAgICAgICAgICAgICJjb3VudHJ5IjogIlVTIiwKICAgICAgICAgICAgImFkbWluaXN0cmF0aXZlX2FyZWEiOiAiVVMtREMiLAogICAgICAgICAgICAiY3JlYXRlZCI6ICIyMDIzLTEyLTA0VDIxOjAxOjUwLjAwMFoiLAogICAgICAgICAgICAibW9kaWZpZWQiOiAiMjAyMy0xMi0wNFQyMTowMTo1MC4wMDBaIiwKICAgICAgICAgICAgImNyZWF0ZWRfYnlfcmVmIjogImlkZW50aXR5LS1iM2JjYTNjMi0xZjNkLTRiNTQtYjQ0Zi1kYWM0MmMzYThmMDEiLAogICAgICAgICAgICAib2JqZWN0X21hcmtpbmdfcmVmcyI6IFsKICAgICAgICAgICAgICAgICJtYXJraW5nLWRlZmluaXRpb24tLTQ3OTA4MWM4LTNhNjAtNGViOC1iNDEwLTk2YTMwZjM5NWRlZiIsCiAgICAgICAgICAgICAgICAibWFya2luZy1kZWZpbml0aW9uLS02MTNmMmUyNi00MDdkLTQ4YzctOWVjYS1iOGU5MWRmOTlkYzkiCiAgICAgICAgICAgIF0KICAgICAgICB9LAogICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAibWFya2luZy1kZWZpbml0aW9uIiwKICAgICAgICAgICAgInNwZWNfdmVyc2lvbiI6ICIyLjEiLAogICAgICAgICAgICAiaWQiOiAibWFya2luZy1kZWZpbml0aW9uLS00NzkwODFjOC0zYTYwLTRlYjgtYjQxMC05NmEzMGYzOTVkZWYiLAogICAgICAgICAgICAiY3JlYXRlZCI6ICIyMDIzLTAzLTAyVDE2OjQ4OjU3Ljk1OVoiLAogICAgICAgICAgICAiZXh0ZW5zaW9ucyI6IHsKICAgICAgICAgICAgICAgICJleHRlbnNpb24tZGVmaW5pdGlvbi0tM2E2NTg4NGQtMDA1YS00MjkwLTgzMzUtY2IyZDc3OGE4M2NlIjogewogICAgICAgICAgICAgICAgICAgICJleHRlbnNpb25fdHlwZSI6ICJwcm9wZXJ0eS1leHRlbnNpb24iLAogICAgICAgICAgICAgICAgICAgICJpZGVudGlmaWVyIjogImlzYTpndWlkZS4xOTAwMS5BQ1MzLTllMGNkNTBlLTZlZmMtNDViMy04YTNkLWI2Mzc2NTQxYzljNSIsCiAgICAgICAgICAgICAgICAgICAgImNyZWF0ZV9kYXRlX3RpbWUiOiAiMjAyMy0wMy0wMlQxNjo0ODo1Ny45NTlaIiwKICAgICAgICAgICAgICAgICAgICAicmVzcG9uc2libGVfZW50aXR5X2N1c3RvZGlhbiI6ICJVU0EuREhTLk5DQ0lDIiwKICAgICAgICAgICAgICAgICAgICAicmVzcG9uc2libGVfZW50aXR5X29yaWdpbmF0b3IiOiAiVVNBLkRIUy5OQ0NJQyIsCiAgICAgICAgICAgICAgICAgICAgInBvbGljeV9yZWZlcmVuY2UiOiAidXJuOmlzYTpwb2xpY3k6YWNzOm5zOnYzLjA/cHJpdmRlZmF1bHQ9ZGVueSZzaGFyZWRlZmF1bHQ9cGVybWl0IiwKICAgICAgICAgICAgICAgICAgICAiY29udHJvbF9zZXQiOiB7CiAgICAgICAgICAgICAgICAgICAgICAgICJjbGFzc2lmaWNhdGlvbiI6ICJVIiwKICAgICAgICAgICAgICAgICAgICAgICAgImZvcm1hbF9kZXRlcm1pbmF0aW9uIjogWwogICAgICAgICAgICAgICAgICAgICAgICAgICAgIklORk9STUFUSU9OLURJUkVDVExZLVJFTEFURUQtVE8tQ1lCRVJTRUNVUklUWS1USFJFQVQiLAogICAgICAgICAgICAgICAgICAgICAgICAgICAgIlBVQlJFTCIKICAgICAgICAgICAgICAgICAgICAgICAgXQogICAgICAgICAgICAgICAgICAgIH0sCiAgICAgICAgICAgICAgICAgICAgImF1dGhvcml0eV9yZWZlcmVuY2UiOiBbCiAgICAgICAgICAgICAgICAgICAgICAgICJ1cm46aXNhOmF1dGhvcml0eTphaXMiCiAgICAgICAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAgICAgICAiYWNjZXNzX3ByaXZpbGVnZSI6IFsKICAgICAgICAgICAgICAgICAgICAgICAgewogICAgICAgICAgICAgICAgICAgICAgICAgICAgInByaXZpbGVnZV9hY3Rpb24iOiAiQ0lTQVVTRVMiLAogICAgICAgICAgICAgICAgICAgICAgICAgICAgInJ1bGVfZWZmZWN0IjogInBlcm1pdCIsCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAicHJpdmlsZWdlX3Njb3BlIjogewogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJlbnRpdHkiOiBbCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJBTEwiCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAicGVybWl0dGVkX25hdGlvbmFsaXRpZXMiOiBbCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJBTEwiCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAicGVybWl0dGVkX29yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJBTEwiCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAic2hhcmVhYmlsaXR5IjogWwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAiQUxMIgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIF0KICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgICAgIF0KICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgIH0sCiAgICAgICAgewogICAgICAgICAgICAiaWQiOiAiYXR0YWNrLXBhdHRlcm4tLWYwYTkwNGY0LWIzZjUtNGU0Mi1iNTY1LTQxOGRjNjkzMmQ0NCIsCiAgICAgICAgICAgICJ0eXBlIjogImF0dGFjay1wYXR0ZXJuIiwKICAgICAgICAgICAgImNyZWF0ZWQiOiAiMjAyMy0xMi0wNFQyMTowMTo1MC4wMDBaIiwKICAgICAgICAgICAgIm1vZGlmaWVkIjogIjIwMjMtMTItMDRUMjE6MDE6NTAuMDAwWiIsCiAgICAgICAgICAgICJzcGVjX3ZlcnNpb2
			`},`
			`{`
			`"type": "text",`
			`"object_relation": "format",`
			`"value": "STIX 2.1",`
			`"category": "Other",`
			`"uuid": "ef359ef2-81cf-46da-94b5-43f804854632"`
			`}`
			`],`
			`"x_misp_meta_category": "file",`
			`"x_misp_name": "original-imported-file"`
			`},`
			`{`
			`"type": "marking-definition",`
			`"spec_version": "2.1",`
			`"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",`
			`"created": "2017-01-20T00:00:00.000Z",`
			`"definition_type": "tlp",`
			`"name": "TLP:WHITE",`
			`"definition": {`
			`"tlp": "white"`
			`}`
			`}`
			`]`
			`}`