{ "type": "bundle", "id": "bundle--5b1e79b9-cf9c-4072-b420-4be0950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T12:10:13.000Z", "modified": "2018-06-13T12:10:13.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--5b1e79b9-cf9c-4072-b420-4be0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T12:10:13.000Z", "modified": "2018-06-13T12:10:13.000Z", "name": "OSINT - Roaming Mantis uses DNS hijacking to infect Android smartphones", "published": "2018-06-13T15:37:17Z", "object_refs": [ "observed-data--5b1e79cc-e98c-46ed-93cb-4c23950d210f", "url--5b1e79cc-e98c-46ed-93cb-4c23950d210f", "x-misp-attribute--5b1e79f5-aff8-412a-a634-453e950d210f", "indicator--5b1e7a39-c0d0-416b-a377-495e950d210f", "indicator--5b1e7a39-eafc-442e-8e89-4925950d210f", "indicator--5b1e7a3a-4acc-4136-9640-48b9950d210f", "indicator--5b1e7a3b-ddc4-4396-8481-46a6950d210f", "indicator--5b1e7a3b-73cc-4c50-bfb7-4cbf950d210f", "indicator--5b1e7a3b-0948-4c99-8daf-4115950d210f", "indicator--5b1e7a3c-b3bc-489d-bd9f-436c950d210f", "indicator--5b1e7a3d-59a8-4d91-8cf3-4159950d210f", "indicator--5b1e7a3d-a4cc-46b1-b27a-4b57950d210f", "indicator--5b1e7a3e-caa8-486d-b084-420d950d210f", "indicator--5b1e7a3f-d154-48fe-b4b0-4add950d210f", "indicator--5b1e7b08-e348-4cc8-a3de-ef08950d210f", "indicator--5b1e7b09-e690-4abf-a0be-ef08950d210f", "indicator--5b1e7b09-8488-4e07-ac20-ef08950d210f", "indicator--5b1e7b0b-c3d0-44da-bf91-ef08950d210f", "indicator--5b1e7b0b-8c9c-400e-99cb-ef08950d210f", "indicator--5b1e7b0c-8b64-4d60-acfd-ef08950d210f", "indicator--5b1e7b0c-b198-4ba7-a0f3-ef08950d210f", "indicator--5b1e7b0d-91c8-46e7-8595-ef08950d210f", "indicator--5b1e7b0d-126c-4f8e-82c0-ef08950d210f", "indicator--5b1e7b0e-7b30-4993-9ae7-ef08950d210f", "indicator--5b1e7b0e-06a4-466d-a5ac-ef08950d210f", "indicator--5b1e7b0f-b210-471d-b5da-ef08950d210f", "indicator--5b1e7d4d-f590-41cc-a20e-4a8c950d210f", "indicator--5b1e7d4e-0dbc-4091-be32-465a950d210f", "indicator--5b1e7d4f-c838-4b57-b76f-4017950d210f", "indicator--5b1e7d50-3de4-44b8-acca-4886950d210f", "indicator--5b1e7d51-61c4-47c2-9e1e-4695950d210f", "indicator--5b1e7d51-8dd8-481b-aa0b-4ef6950d210f", "indicator--5b1e7d52-1c88-4857-bd0e-4c9e950d210f", "indicator--5b1e7d53-d158-407d-a141-46ab950d210f", "indicator--5b1e7f57-9470-4e10-b576-47cb950d210f", "indicator--5b1e7f58-fe1c-4183-89d3-4c7a950d210f", "indicator--5b1e7f58-5938-41ef-9274-4767950d210f", "indicator--5b1e7f58-0268-40b9-bcc1-417a950d210f", "indicator--5b1e7f59-772c-4467-8c2e-42ef950d210f", "indicator--5b1e7f5a-d1a8-405b-8bd0-40e4950d210f", "indicator--5b1e7f5b-2e0c-4982-b9d3-4b88950d210f", "indicator--5b1e7f5c-4e44-4842-b85a-4f14950d210f", "indicator--5b1e81ca-59cc-4694-a29e-49c6950d210f", "x-misp-object--7895e457-0624-4c5c-8088-f94060e0ed2a", "x-misp-object--5d5975f7-733d-4fcf-8bab-79244beb3c16", "x-misp-object--c5db4c67-486b-4072-b0a8-9ea072601c69", "x-misp-object--482ef333-17f7-4369-9af1-4536fae21f48", "x-misp-object--8b23deac-1eff-4145-9654-6efc48bc6a97", "x-misp-object--5cd53d38-3a6e-4eaa-8487-77d44ccc6f81", "x-misp-object--b57d5a1e-1383-49f6-b9b3-37428f881e5a", "x-misp-object--e55d60e9-260d-4a88-bb1e-5684e543500f", "x-misp-object--30574377-3a6c-4e77-bdb4-61579753e382", "x-misp-object--e181ed3a-699b-4b04-b58c-278508c22b08", "x-misp-object--e7bb4bfe-107d-40cf-b825-3e4c9381089a", "x-misp-object--7d628547-f5fe-492c-a7be-f8e6b7a3c126", "x-misp-object--f00d242d-95f7-4953-a20c-86d3d0ac0876", "x-misp-object--a0309f0e-4ab2-414b-94e6-4c3d42e69d63", "x-misp-object--1e6d34b0-4124-44b9-825c-a43babb1fdd7", "x-misp-object--1451c9ad-c553-4684-9f21-0ca69508b635", "x-misp-object--387bc28f-7365-4468-b905-aa97603e6716", "x-misp-object--94181920-5615-453e-b15e-3d00e486ba33", "x-misp-object--716a2596-713d-4a82-9f0f-caa5e7f30083", "x-misp-object--8347b39e-3e12-4464-93a3-d8537266d53e", "x-misp-object--2a5b4e41-d9a5-485a-8fbf-985c28e79496", "x-misp-object--db97fe12-c0c4-4642-9676-4a41b873011c", "x-misp-object--57d626b8-a358-44c7-a05f-a4cd3317c728", "x-misp-object--95ada4d5-b381-45a1-849d-a4f63c529ff9", "x-misp-object--98056eaf-23b8-4e84-b835-4107362aae17", "x-misp-object--c5f108b7-9885-4360-b659-64e5a4615790", "x-misp-object--72d92fc7-ab0f-4d77-b79b-bd7ceb901a5b", "x-misp-object--b01ac61c-5dd4-45d8-b413-b93ce0d4b225", "x-misp-object--89f1910f-40e3-456d-9d55-611ac7b06f6f", "x-misp-object--1683e823-d894-473f-8672-92a02b0c15ad", "x-misp-object--758eea54-b3b9-44a5-b21d-6ab24868087f", "x-misp-object--36c393b6-08ec-47e2-9801-1afeaa353e53", "x-misp-object--5801ede4-b4a9-48c7-8431-a185df616fef", "x-misp-object--cf9c0b8f-5b53-496c-afff-a98242ce0e8c", "x-misp-object--a08a8414-3d11-44c2-9477-af49dc306da9", "x-misp-object--91ab5779-0629-4b3b-9647-35eca7084ea5", "x-misp-object--9dc5223e-3a11-4fb9-bb5e-3dc048def096", "x-misp-object--5b9d8777-dffd-4b06-9ac3-29c61edbca1d", "x-misp-object--e8ce9f63-d621-42b1-a3fb-0012c7ff6ec4", "x-misp-object--02127bbe-1c57-4f73-bea8-3c478482304f", "x-misp-object--fce42428-c55d-460f-ac00-77ec2c153a7a", "x-misp-object--e7967874-9983-4ffe-88e9-ff04a191f4f7", "x-misp-object--143b8d09-b19c-433d-b23c-c950160d1aa0", "x-misp-object--c85ff102-0020-4710-9921-e99dcb5ca588", "x-misp-object--efb63dbe-b6ef-41c9-b491-c3fc374121b0", "x-misp-object--c6e0b765-789b-4e5a-b239-e708f068662e", "x-misp-object--b84b8a41-7607-44f9-929f-84af754f63a2", "x-misp-object--8b706858-0316-41da-be85-d5ed4c9cdbba", "x-misp-object--bfa0503f-b4cd-4957-a0b2-e298e4ca94bb", "x-misp-object--42851761-8f1f-489b-b602-be5584e8236f", "x-misp-object--e141c73c-c72c-432f-ba63-cc0d885b7ffc", "x-misp-object--335fa9a0-2553-41db-8574-23ef5764e8b3", "x-misp-object--d04fe5a4-45fc-48b1-8e34-c459f4286e2d", "x-misp-object--e73f228a-4dc0-4ea7-8d9c-8d1ea347c077", "x-misp-object--20b0f636-5acb-4d7a-97a5-301603dc165c", "x-misp-object--52e2d3a7-3f65-48c5-a51a-367f0278f35d", "x-misp-object--e6c069c8-7e93-4aa9-9c13-f5b1c5c21cbb", "x-misp-object--36fbb8b3-2919-49f9-aea1-a5b762650f67", "relationship--68a09441-9952-4251-9740-940071dca8f6", "relationship--d1372ce6-393e-4a8f-b9b2-c85f0ba8452d", "relationship--97de3861-4ea6-4bbf-b59b-7d3ec199dfd1", "relationship--e883ef88-2670-483f-b459-3ad65f84e45a", "relationship--093e5da9-9630-488a-a3b6-310be8b7a2da", "relationship--83143300-30d1-4bcc-af1c-2ee0b22d8117", "relationship--277d965a-29fb-4369-9130-50f36aa1cdda", "relationship--1cd3f68e-4a13-4c07-99b8-ffa11159b393", "relationship--dffc870a-e327-4bcc-9700-8a40ec30b2fd", "relationship--cf6365fd-d97b-48b2-9be8-43c5f31b6dd4", "relationship--1077c957-118c-4bea-9c31-77d75fbe9e82", "relationship--d4804536-366c-4e57-9709-c8efc76bbe35", "relationship--f49d2e0d-195b-46db-8445-3fef5ac9dccc", "relationship--6b5bf3dd-6c03-45f2-b9b0-386abdb5284e", "relationship--11feef3e-fe5e-4195-9945-539f7ba40969", "relationship--20d26df3-f9e1-4cdf-a62f-518bbc489431", "relationship--6dce1925-f7ee-44d9-bb11-704a7c1370c2", "relationship--2531cd0e-7a27-4ac5-bb30-313131add2f3", "relationship--59ae9c49-76e5-4cff-afec-17a3cc007748", "relationship--2bf67750-1283-47ef-a7a5-f847b53dae0e", "relationship--63db081f-92f7-4165-84c4-5a5f7898f1fc", "relationship--8581afb4-84a3-420e-8008-cab964d8d2f2", "relationship--3e57ec3f-47f3-47b0-8050-f3a215fb2247", "relationship--ffcbbc25-d06e-4a18-be57-19e25610a9cd", "relationship--d24560c2-6eb8-428a-a947-7b03ae359565", "relationship--18f4f29c-db97-4bc8-814e-6ee35c2cc969", "relationship--cd38bd64-19ed-47e8-9f1c-40a4882d4064", "relationship--90064d0e-b8ce-4fa4-803e-5fffaa53e98b", "relationship--cea8967b-2cfa-4d9f-b80f-ae4097c5fb21" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "circl:incident-classification=\"malware\"", "osint:source-type=\"blog-post\"", "Android Malware", "ms-caro-malware:malware-platform=\"AndroidOS\"", "ms-caro-malware-full:malware-platform=\"AndroidOS\"", "misp-galaxy:tool=\"Roaming Mantis\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--5b1e79cc-e98c-46ed-93cb-4c23950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:32:19.000Z", "modified": "2018-06-11T13:32:19.000Z", "first_observed": "2018-06-11T13:32:19Z", "last_observed": "2018-06-11T13:32:19Z", "number_observed": 1, "object_refs": [ "url--5b1e79cc-e98c-46ed-93cb-4c23950d210f" ], "labels": [ "misp:type=\"link\"", "misp:category=\"External analysis\"", "osint:source-type=\"blog-post\"" ] }, { "type": "url", "spec_version": "2.1", "id": "url--5b1e79cc-e98c-46ed-93cb-4c23950d210f", "value": "https://securelist.com/roaming-mantis-uses-dns-hijacking-to-infect-android-smartphones/85178/" }, { "type": "x-misp-attribute", "spec_version": "2.1", "id": "x-misp-attribute--5b1e79f5-aff8-412a-a634-453e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:32:50.000Z", "modified": "2018-06-11T13:32:50.000Z", "labels": [ "misp:type=\"comment\"", "misp:category=\"External analysis\"", "osint:source-type=\"blog-post\"" ], "x_misp_category": "External analysis", "x_misp_type": "comment", "x_misp_value": "n March 2018, Japanese media reported the hijacking of DNS settings on routers located in Japan, redirecting users to malicious IP addresses. The redirection led to the installation of Trojanized applications named facebook.apk and chrome.apk that contained Android Trojan-Banker. According to our telemetry data, this malware was detected more than 6,000 times, though the reports came from just 150 unique users (from February 9 to April 9, 2018). Of course, this is down to the nature of the malware distribution, but it also suggests a very painful experience for some users, who saw the same malware appear again and again in their network. More than half of the detections were observed targeting the Asian region.\r\n\r\nDuring our research we received some invaluable information about the true scale of this attack. There were thousands of daily connections to the command and control (C2) infrastructure, with the device locale for the majority of victims set to Korean. Since we didn\u00e2\u20ac\u2122t find a pre-existing name for this malware operation, we decided to assign a new one for future reference. Based on its propagation via smartphones roaming between Wi-Fi networks, potentially carrying and spreading the infection, we decided to call it \u00e2\u20ac\u02dcRoaming Mantis\u00e2\u20ac\u2122." }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7a39-c0d0-416b-a377-495e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:33:45.000Z", "modified": "2018-06-11T13:33:45.000Z", "description": "Malicious hosts", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '114.44.37.112']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:33:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7a39-eafc-442e-8e89-4925950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:33:45.000Z", "modified": "2018-06-11T13:33:45.000Z", "description": "Malicious hosts", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '118.166.1.124']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:33:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7a3a-4acc-4136-9640-48b9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:33:46.000Z", "modified": "2018-06-11T13:33:46.000Z", "description": "Malicious hosts", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '118.168.193.123']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:33:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7a3b-ddc4-4396-8481-46a6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:33:47.000Z", "modified": "2018-06-11T13:33:47.000Z", "description": "Malicious hosts", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '128.14.50.146']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:33:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7a3b-73cc-4c50-bfb7-4cbf950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:33:47.000Z", "modified": "2018-06-11T13:33:47.000Z", "description": "Malicious hosts", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '128.14.50.147']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:33:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7a3b-0948-4c99-8daf-4115950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:33:47.000Z", "modified": "2018-06-11T13:33:47.000Z", "description": "Malicious hosts", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '220.136.111.66']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:33:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7a3c-b3bc-489d-bd9f-436c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:33:48.000Z", "modified": "2018-06-11T13:33:48.000Z", "description": "Malicious hosts", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '220.136.179.5']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:33:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7a3d-59a8-4d91-8cf3-4159950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:33:49.000Z", "modified": "2018-06-11T13:33:49.000Z", "description": "Malicious hosts", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '220.136.76.200']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:33:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7a3d-a4cc-46b1-b27a-4b57950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:33:49.000Z", "modified": "2018-06-11T13:33:49.000Z", "description": "Malicious hosts", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '43.240.14.44']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:33:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7a3e-caa8-486d-b084-420d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:33:50.000Z", "modified": "2018-06-11T13:33:50.000Z", "description": "Malicious hosts", "pattern": "[domain-name:value = 'haoxingfu01.ddns.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:33:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7a3f-d154-48fe-b4b0-4add950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:33:51.000Z", "modified": "2018-06-11T13:33:51.000Z", "description": "Malicious hosts", "pattern": "[domain-name:value = 'shaoye11.hopto.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:33:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7b08-e348-4cc8-a3de-ef08950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:37:12.000Z", "modified": "2018-06-11T13:37:12.000Z", "description": "Malicious apks", "pattern": "[file:hashes.MD5 = '03108e7f426416b0eaca9132f082d568']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:37:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7b09-e690-4abf-a0be-ef08950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:37:13.000Z", "modified": "2018-06-11T13:37:13.000Z", "description": "Malicious apks", "pattern": "[file:hashes.MD5 = '1cc88a79424091121a83d58b6886ea7a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:37:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7b09-8488-4e07-ac20-ef08950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:37:13.000Z", "modified": "2018-06-11T13:37:13.000Z", "description": "Malicious apks", "pattern": "[file:hashes.MD5 = '2a1da7e17edaefc0468dbf25a0f60390']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:37:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7b0b-c3d0-44da-bf91-ef08950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:37:15.000Z", "modified": "2018-06-11T13:37:15.000Z", "description": "Malicious apks", "pattern": "[file:hashes.MD5 = '31e61e52d38f19cf3958df2239fba1a7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:37:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7b0b-8c9c-400e-99cb-ef08950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:37:15.000Z", "modified": "2018-06-11T13:37:15.000Z", "description": "Malicious apks", "pattern": "[file:hashes.MD5 = '34efc3ebf51a6511c0d12cce7592db73']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:37:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7b0c-8b64-4d60-acfd-ef08950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:37:16.000Z", "modified": "2018-06-11T13:37:16.000Z", "description": "Malicious apks", "pattern": "[file:hashes.MD5 = '4d9a7e425f8c8b02d598ef0a0a776a58']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:37:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7b0c-b198-4ba7-a0f3-ef08950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:37:16.000Z", "modified": "2018-06-11T13:37:16.000Z", "description": "Malicious apks", "pattern": "[file:hashes.MD5 = '808b186ddfa5e62ee882d5bdb94cc6e2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:37:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7b0d-91c8-46e7-8595-ef08950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:37:17.000Z", "modified": "2018-06-11T13:37:17.000Z", "description": "Malicious apks", "pattern": "[file:hashes.MD5 = '904b4d615c05952bcf58f35acadee5c1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:37:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7b0d-126c-4f8e-82c0-ef08950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:37:17.000Z", "modified": "2018-06-11T13:37:17.000Z", "description": "Malicious apks", "pattern": "[file:hashes.MD5 = 'a21322b2416fce17a1877542d16929d5']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:37:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7b0e-7b30-4993-9ae7-ef08950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:37:18.000Z", "modified": "2018-06-11T13:37:18.000Z", "description": "Malicious apks", "pattern": "[file:hashes.MD5 = 'b84b0d5f128a8e0621733a6f3b412e19']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:37:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7b0e-06a4-466d-a5ac-ef08950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:37:18.000Z", "modified": "2018-06-11T13:37:18.000Z", "description": "Malicious apks", "pattern": "[file:hashes.MD5 = 'bd90279ad5c5a813bc34c06093665e55']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:37:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7b0f-b210-471d-b5da-ef08950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:37:19.000Z", "modified": "2018-06-11T13:37:19.000Z", "description": "Malicious apks", "pattern": "[file:hashes.MD5 = 'ff163a92f2622f2b8330a5730d3d636c']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:37:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7d4d-f590-41cc-a20e-4a8c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:46:53.000Z", "modified": "2018-06-11T13:46:53.000Z", "description": "class.dex", "pattern": "[file:hashes.MD5 = '19e3daf40460aea22962d98de4bc32d2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:46:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7d4e-0dbc-4091-be32-465a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:46:54.000Z", "modified": "2018-06-11T13:46:54.000Z", "description": "class.dex", "pattern": "[file:hashes.MD5 = '36b2609a98aa39c730c2f5b49097d0ad']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:46:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7d4f-c838-4b57-b76f-4017950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:46:55.000Z", "modified": "2018-06-11T13:46:55.000Z", "description": "class.dex", "pattern": "[file:hashes.MD5 = '3ba4882dbf2dd6bd4fc0f54ec1373f4c']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:46:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7d50-3de4-44b8-acca-4886950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:46:56.000Z", "modified": "2018-06-11T13:46:56.000Z", "description": "class.dex", "pattern": "[file:hashes.MD5 = '6cac4c9eda750a69e435c801a7ca7b8d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:46:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7d51-61c4-47c2-9e1e-4695950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:46:57.000Z", "modified": "2018-06-11T13:46:57.000Z", "description": "class.dex", "pattern": "[file:hashes.MD5 = '8a4ed9c4a66d7ccb3d155f85383ea3b3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:46:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7d51-8dd8-481b-aa0b-4ef6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:46:57.000Z", "modified": "2018-06-11T13:46:57.000Z", "description": "class.dex", "pattern": "[file:hashes.MD5 = 'b43335b043212355619fd827b01be9a0']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:46:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7d52-1c88-4857-bd0e-4c9e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:46:58.000Z", "modified": "2018-06-11T13:46:58.000Z", "description": "class.dex", "pattern": "[file:hashes.MD5 = 'b7afa4b2dafb57886fc47a1355824199']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:46:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7d53-d158-407d-a141-46ab950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:46:59.000Z", "modified": "2018-06-11T13:46:59.000Z", "description": "class.dex", "pattern": "[file:hashes.MD5 = 'f89214bfa4b4ac9000087e4253e7f754']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:46:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7f57-9470-4e10-b576-47cb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:55:35.000Z", "modified": "2018-06-11T13:55:35.000Z", "description": "test.dex", "pattern": "[file:hashes.MD5 = '1bd7815bece1b54b7728b8dd16f1d3a9']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:55:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7f58-fe1c-4183-89d3-4c7a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:55:36.000Z", "modified": "2018-06-11T13:55:36.000Z", "description": "test.dex", "pattern": "[file:hashes.MD5 = '307d2780185ba2b8c5ad4c9256407504']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:55:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7f58-5938-41ef-9274-4767950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:55:36.000Z", "modified": "2018-06-11T13:55:36.000Z", "description": "test.dex", "pattern": "[file:hashes.MD5 = '3e4bff0e8ed962f3c420692a35d2e503']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:55:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7f58-0268-40b9-bcc1-417a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:55:36.000Z", "modified": "2018-06-11T13:55:36.000Z", "description": "test.dex", "pattern": "[file:hashes.MD5 = '57abbe642b85fa00b1f76f62acad4d3b']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:55:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7f59-772c-4467-8c2e-42ef950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:55:37.000Z", "modified": "2018-06-11T13:55:37.000Z", "description": "test.dex", "pattern": "[file:hashes.MD5 = '6e1926d548ffac0f6cedfb4a4f49196e']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:55:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7f5a-d1a8-405b-8bd0-40e4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:55:38.000Z", "modified": "2018-06-11T13:55:38.000Z", "description": "test.dex", "pattern": "[file:hashes.MD5 = '7714321baf6a54b09baa6a777b9742ef']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:55:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7f5b-2e0c-4982-b9d3-4b88950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:55:39.000Z", "modified": "2018-06-11T13:55:39.000Z", "description": "test.dex", "pattern": "[file:hashes.MD5 = '7aa46b4d67c3ab07caa53e8d8df3005c']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:55:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e7f5c-4e44-4842-b85a-4f14950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T13:55:40.000Z", "modified": "2018-06-11T13:55:40.000Z", "description": "test.dex", "pattern": "[file:hashes.MD5 = 'a0f88c77b183da227b9902968862c2b9']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T13:55:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e81ca-59cc-4694-a29e-49c6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T14:06:02.000Z", "modified": "2018-06-11T14:06:02.000Z", "pattern": "[file:hashes.MD5 = 'f3ca571b2d1f0ecff371fb82119d1afe' AND file:name = 'chrome.apk' AND file:x_misp_state = 'Malicious']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T14:06:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--7895e457-0624-4c5c-8088-f94060e0ed2a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:46.000Z", "modified": "2018-06-13T07:24:46.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--5d5975f7-733d-4fcf-8bab-79244beb3c16", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:45.000Z", "modified": "2018-06-13T07:24:45.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--c5db4c67-486b-4072-b0a8-9ea072601c69", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:48.000Z", "modified": "2018-06-13T07:24:48.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--482ef333-17f7-4369-9af1-4536fae21f48", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:47.000Z", "modified": "2018-06-13T07:24:47.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--8b23deac-1eff-4145-9654-6efc48bc6a97", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:51.000Z", "modified": "2018-06-13T07:24:51.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--5cd53d38-3a6e-4eaa-8487-77d44ccc6f81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:50.000Z", "modified": "2018-06-13T07:24:50.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--b57d5a1e-1383-49f6-b9b3-37428f881e5a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:54.000Z", "modified": "2018-06-13T07:24:54.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--e55d60e9-260d-4a88-bb1e-5684e543500f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:52.000Z", "modified": "2018-06-13T07:24:52.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--30574377-3a6c-4e77-bdb4-61579753e382", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:56.000Z", "modified": "2018-06-13T07:24:56.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--e181ed3a-699b-4b04-b58c-278508c22b08", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:54.000Z", "modified": "2018-06-13T07:24:54.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--e7bb4bfe-107d-40cf-b825-3e4c9381089a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:58.000Z", "modified": "2018-06-13T07:24:58.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--7d628547-f5fe-492c-a7be-f8e6b7a3c126", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:56.000Z", "modified": "2018-06-13T07:24:56.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--f00d242d-95f7-4953-a20c-86d3d0ac0876", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:01.000Z", "modified": "2018-06-13T07:25:01.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--a0309f0e-4ab2-414b-94e6-4c3d42e69d63", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:59.000Z", "modified": "2018-06-13T07:24:59.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--1e6d34b0-4124-44b9-825c-a43babb1fdd7", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:03.000Z", "modified": "2018-06-13T07:25:03.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--1451c9ad-c553-4684-9f21-0ca69508b635", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:01.000Z", "modified": "2018-06-13T07:25:01.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--387bc28f-7365-4468-b905-aa97603e6716", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:05.000Z", "modified": "2018-06-13T07:25:05.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--94181920-5615-453e-b15e-3d00e486ba33", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:04.000Z", "modified": "2018-06-13T07:25:04.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--716a2596-713d-4a82-9f0f-caa5e7f30083", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:08.000Z", "modified": "2018-06-13T07:25:08.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--8347b39e-3e12-4464-93a3-d8537266d53e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:06.000Z", "modified": "2018-06-13T07:25:06.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--2a5b4e41-d9a5-485a-8fbf-985c28e79496", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:10.000Z", "modified": "2018-06-13T07:25:10.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--db97fe12-c0c4-4642-9676-4a41b873011c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:08.000Z", "modified": "2018-06-13T07:25:08.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--57d626b8-a358-44c7-a05f-a4cd3317c728", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:12.000Z", "modified": "2018-06-13T07:25:12.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--95ada4d5-b381-45a1-849d-a4f63c529ff9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:10.000Z", "modified": "2018-06-13T07:25:10.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--98056eaf-23b8-4e84-b835-4107362aae17", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:14.000Z", "modified": "2018-06-13T07:25:14.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--c5f108b7-9885-4360-b659-64e5a4615790", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:13.000Z", "modified": "2018-06-13T07:25:13.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--72d92fc7-ab0f-4d77-b79b-bd7ceb901a5b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:17.000Z", "modified": "2018-06-13T07:25:17.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--b01ac61c-5dd4-45d8-b413-b93ce0d4b225", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:15.000Z", "modified": "2018-06-13T07:25:15.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--89f1910f-40e3-456d-9d55-611ac7b06f6f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:19.000Z", "modified": "2018-06-13T07:25:19.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--1683e823-d894-473f-8672-92a02b0c15ad", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:17.000Z", "modified": "2018-06-13T07:25:17.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--758eea54-b3b9-44a5-b21d-6ab24868087f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:21.000Z", "modified": "2018-06-13T07:25:21.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--36c393b6-08ec-47e2-9801-1afeaa353e53", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:20.000Z", "modified": "2018-06-13T07:25:20.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--5801ede4-b4a9-48c7-8431-a185df616fef", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:24.000Z", "modified": "2018-06-13T07:25:24.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--cf9c0b8f-5b53-496c-afff-a98242ce0e8c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:22.000Z", "modified": "2018-06-13T07:25:22.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--a08a8414-3d11-44c2-9477-af49dc306da9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:26.000Z", "modified": "2018-06-13T07:25:26.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--91ab5779-0629-4b3b-9647-35eca7084ea5", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:24.000Z", "modified": "2018-06-13T07:25:24.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--9dc5223e-3a11-4fb9-bb5e-3dc048def096", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:28.000Z", "modified": "2018-06-13T07:25:28.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--5b9d8777-dffd-4b06-9ac3-29c61edbca1d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:26.000Z", "modified": "2018-06-13T07:25:26.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--e8ce9f63-d621-42b1-a3fb-0012c7ff6ec4", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:30.000Z", "modified": "2018-06-13T07:25:30.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--02127bbe-1c57-4f73-bea8-3c478482304f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:29.000Z", "modified": "2018-06-13T07:25:29.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--fce42428-c55d-460f-ac00-77ec2c153a7a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:32.000Z", "modified": "2018-06-13T07:25:32.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--e7967874-9983-4ffe-88e9-ff04a191f4f7", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:31.000Z", "modified": "2018-06-13T07:25:31.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--143b8d09-b19c-433d-b23c-c950160d1aa0", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:35.000Z", "modified": "2018-06-13T07:25:35.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--c85ff102-0020-4710-9921-e99dcb5ca588", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:33.000Z", "modified": "2018-06-13T07:25:33.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--efb63dbe-b6ef-41c9-b491-c3fc374121b0", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:37.000Z", "modified": "2018-06-13T07:25:37.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--c6e0b765-789b-4e5a-b239-e708f068662e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:36.000Z", "modified": "2018-06-13T07:25:36.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--b84b8a41-7607-44f9-929f-84af754f63a2", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:40.000Z", "modified": "2018-06-13T07:25:40.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--8b706858-0316-41da-be85-d5ed4c9cdbba", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:38.000Z", "modified": "2018-06-13T07:25:38.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--bfa0503f-b4cd-4957-a0b2-e298e4ca94bb", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:42.000Z", "modified": "2018-06-13T07:25:42.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--42851761-8f1f-489b-b602-be5584e8236f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:41.000Z", "modified": "2018-06-13T07:25:41.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--e141c73c-c72c-432f-ba63-cc0d885b7ffc", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:45.000Z", "modified": "2018-06-13T07:25:45.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--335fa9a0-2553-41db-8574-23ef5764e8b3", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:43.000Z", "modified": "2018-06-13T07:25:43.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--d04fe5a4-45fc-48b1-8e34-c459f4286e2d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:47.000Z", "modified": "2018-06-13T07:25:47.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--e73f228a-4dc0-4ea7-8d9c-8d1ea347c077", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:45.000Z", "modified": "2018-06-13T07:25:45.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--20b0f636-5acb-4d7a-97a5-301603dc165c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:49.000Z", "modified": "2018-06-13T07:25:49.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--52e2d3a7-3f65-48c5-a51a-367f0278f35d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:47.000Z", "modified": "2018-06-13T07:25:47.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--e6c069c8-7e93-4aa9-9c13-f5b1c5c21cbb", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:51.000Z", "modified": "2018-06-13T07:25:51.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--36fbb8b3-2919-49f9-aea1-a5b762650f67", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:25:50.000Z", "modified": "2018-06-13T07:25:50.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--68a09441-9952-4251-9740-940071dca8f6", "created": "2018-06-13T07:25:51.000Z", "modified": "2018-06-13T07:25:51.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--7895e457-0624-4c5c-8088-f94060e0ed2a", "target_ref": "x-misp-object--5d5975f7-733d-4fcf-8bab-79244beb3c16" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--d1372ce6-393e-4a8f-b9b2-c85f0ba8452d", "created": "2018-06-13T07:25:51.000Z", "modified": "2018-06-13T07:25:51.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--c5db4c67-486b-4072-b0a8-9ea072601c69", "target_ref": "x-misp-object--482ef333-17f7-4369-9af1-4536fae21f48" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--97de3861-4ea6-4bbf-b59b-7d3ec199dfd1", "created": "2018-06-13T07:25:51.000Z", "modified": "2018-06-13T07:25:51.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--8b23deac-1eff-4145-9654-6efc48bc6a97", "target_ref": "x-misp-object--5cd53d38-3a6e-4eaa-8487-77d44ccc6f81" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--e883ef88-2670-483f-b459-3ad65f84e45a", "created": "2018-06-13T07:25:52.000Z", "modified": "2018-06-13T07:25:52.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--b57d5a1e-1383-49f6-b9b3-37428f881e5a", "target_ref": "x-misp-object--e55d60e9-260d-4a88-bb1e-5684e543500f" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--093e5da9-9630-488a-a3b6-310be8b7a2da", "created": "2018-06-13T07:25:52.000Z", "modified": "2018-06-13T07:25:52.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--30574377-3a6c-4e77-bdb4-61579753e382", "target_ref": "x-misp-object--e181ed3a-699b-4b04-b58c-278508c22b08" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--83143300-30d1-4bcc-af1c-2ee0b22d8117", "created": "2018-06-13T07:25:52.000Z", "modified": "2018-06-13T07:25:52.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--e7bb4bfe-107d-40cf-b825-3e4c9381089a", "target_ref": "x-misp-object--7d628547-f5fe-492c-a7be-f8e6b7a3c126" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--277d965a-29fb-4369-9130-50f36aa1cdda", "created": "2018-06-13T07:25:52.000Z", "modified": "2018-06-13T07:25:52.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--f00d242d-95f7-4953-a20c-86d3d0ac0876", "target_ref": "x-misp-object--a0309f0e-4ab2-414b-94e6-4c3d42e69d63" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--1cd3f68e-4a13-4c07-99b8-ffa11159b393", "created": "2018-06-13T07:25:52.000Z", "modified": "2018-06-13T07:25:52.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--1e6d34b0-4124-44b9-825c-a43babb1fdd7", "target_ref": "x-misp-object--1451c9ad-c553-4684-9f21-0ca69508b635" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--dffc870a-e327-4bcc-9700-8a40ec30b2fd", "created": "2018-06-13T07:25:52.000Z", "modified": "2018-06-13T07:25:52.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--387bc28f-7365-4468-b905-aa97603e6716", "target_ref": "x-misp-object--94181920-5615-453e-b15e-3d00e486ba33" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--cf6365fd-d97b-48b2-9be8-43c5f31b6dd4", "created": "2018-06-13T07:25:53.000Z", "modified": "2018-06-13T07:25:53.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--716a2596-713d-4a82-9f0f-caa5e7f30083", "target_ref": "x-misp-object--8347b39e-3e12-4464-93a3-d8537266d53e" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--1077c957-118c-4bea-9c31-77d75fbe9e82", "created": "2018-06-13T07:25:53.000Z", "modified": "2018-06-13T07:25:53.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--2a5b4e41-d9a5-485a-8fbf-985c28e79496", "target_ref": "x-misp-object--db97fe12-c0c4-4642-9676-4a41b873011c" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--d4804536-366c-4e57-9709-c8efc76bbe35", "created": "2018-06-13T07:25:53.000Z", "modified": "2018-06-13T07:25:53.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--57d626b8-a358-44c7-a05f-a4cd3317c728", "target_ref": "x-misp-object--95ada4d5-b381-45a1-849d-a4f63c529ff9" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--f49d2e0d-195b-46db-8445-3fef5ac9dccc", "created": "2018-06-13T07:25:53.000Z", "modified": "2018-06-13T07:25:53.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--98056eaf-23b8-4e84-b835-4107362aae17", "target_ref": "x-misp-object--c5f108b7-9885-4360-b659-64e5a4615790" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--6b5bf3dd-6c03-45f2-b9b0-386abdb5284e", "created": "2018-06-13T07:25:53.000Z", "modified": "2018-06-13T07:25:53.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--72d92fc7-ab0f-4d77-b79b-bd7ceb901a5b", "target_ref": "x-misp-object--b01ac61c-5dd4-45d8-b413-b93ce0d4b225" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--11feef3e-fe5e-4195-9945-539f7ba40969", "created": "2018-06-13T07:25:53.000Z", "modified": "2018-06-13T07:25:53.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--89f1910f-40e3-456d-9d55-611ac7b06f6f", "target_ref": "x-misp-object--1683e823-d894-473f-8672-92a02b0c15ad" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--20d26df3-f9e1-4cdf-a62f-518bbc489431", "created": "2018-06-13T07:25:53.000Z", "modified": "2018-06-13T07:25:53.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--758eea54-b3b9-44a5-b21d-6ab24868087f", "target_ref": "x-misp-object--36c393b6-08ec-47e2-9801-1afeaa353e53" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--6dce1925-f7ee-44d9-bb11-704a7c1370c2", "created": "2018-06-13T07:25:53.000Z", "modified": "2018-06-13T07:25:53.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--5801ede4-b4a9-48c7-8431-a185df616fef", "target_ref": "x-misp-object--cf9c0b8f-5b53-496c-afff-a98242ce0e8c" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--2531cd0e-7a27-4ac5-bb30-313131add2f3", "created": "2018-06-13T07:25:53.000Z", "modified": "2018-06-13T07:25:53.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--a08a8414-3d11-44c2-9477-af49dc306da9", "target_ref": "x-misp-object--91ab5779-0629-4b3b-9647-35eca7084ea5" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--59ae9c49-76e5-4cff-afec-17a3cc007748", "created": "2018-06-13T07:25:53.000Z", "modified": "2018-06-13T07:25:53.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--9dc5223e-3a11-4fb9-bb5e-3dc048def096", "target_ref": "x-misp-object--5b9d8777-dffd-4b06-9ac3-29c61edbca1d" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--2bf67750-1283-47ef-a7a5-f847b53dae0e", "created": "2018-06-13T07:25:53.000Z", "modified": "2018-06-13T07:25:53.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--e8ce9f63-d621-42b1-a3fb-0012c7ff6ec4", "target_ref": "x-misp-object--02127bbe-1c57-4f73-bea8-3c478482304f" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--63db081f-92f7-4165-84c4-5a5f7898f1fc", "created": "2018-06-13T07:25:53.000Z", "modified": "2018-06-13T07:25:53.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--fce42428-c55d-460f-ac00-77ec2c153a7a", "target_ref": "x-misp-object--e7967874-9983-4ffe-88e9-ff04a191f4f7" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--8581afb4-84a3-420e-8008-cab964d8d2f2", "created": "2018-06-13T07:25:53.000Z", "modified": "2018-06-13T07:25:53.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--143b8d09-b19c-433d-b23c-c950160d1aa0", "target_ref": "x-misp-object--c85ff102-0020-4710-9921-e99dcb5ca588" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--3e57ec3f-47f3-47b0-8050-f3a215fb2247", "created": "2018-06-13T07:25:53.000Z", "modified": "2018-06-13T07:25:53.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--efb63dbe-b6ef-41c9-b491-c3fc374121b0", "target_ref": "x-misp-object--c6e0b765-789b-4e5a-b239-e708f068662e" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--ffcbbc25-d06e-4a18-be57-19e25610a9cd", "created": "2018-06-13T07:25:53.000Z", "modified": "2018-06-13T07:25:53.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--b84b8a41-7607-44f9-929f-84af754f63a2", "target_ref": "x-misp-object--8b706858-0316-41da-be85-d5ed4c9cdbba" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--d24560c2-6eb8-428a-a947-7b03ae359565", "created": "2018-06-13T07:25:53.000Z", "modified": "2018-06-13T07:25:53.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--bfa0503f-b4cd-4957-a0b2-e298e4ca94bb", "target_ref": "x-misp-object--42851761-8f1f-489b-b602-be5584e8236f" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--18f4f29c-db97-4bc8-814e-6ee35c2cc969", "created": "2018-06-13T07:25:53.000Z", "modified": "2018-06-13T07:25:53.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--e141c73c-c72c-432f-ba63-cc0d885b7ffc", "target_ref": "x-misp-object--335fa9a0-2553-41db-8574-23ef5764e8b3" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--cd38bd64-19ed-47e8-9f1c-40a4882d4064", "created": "2018-06-13T07:25:54.000Z", "modified": "2018-06-13T07:25:54.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--d04fe5a4-45fc-48b1-8e34-c459f4286e2d", "target_ref": "x-misp-object--e73f228a-4dc0-4ea7-8d9c-8d1ea347c077" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--90064d0e-b8ce-4fa4-803e-5fffaa53e98b", "created": "2018-06-13T07:25:54.000Z", "modified": "2018-06-13T07:25:54.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--20b0f636-5acb-4d7a-97a5-301603dc165c", "target_ref": "x-misp-object--52e2d3a7-3f65-48c5-a51a-367f0278f35d" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--cea8967b-2cfa-4d9f-b80f-ae4097c5fb21", "created": "2018-06-13T07:25:54.000Z", "modified": "2018-06-13T07:25:54.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--e6c069c8-7e93-4aa9-9c13-f5b1c5c21cbb", "target_ref": "x-misp-object--36fbb8b3-2919-49f9-aea1-a5b762650f67" }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }