{ "type": "bundle", "id": "bundle--5d498330-f574-4889-bcc9-c53c950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:35:08.000Z", "modified": "2019-08-23T09:35:08.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--5d498330-f574-4889-bcc9-c53c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:35:08.000Z", "modified": "2019-08-23T09:35:08.000Z", "name": "OSINT - Sharpening the Machete", "published": "2019-08-23T09:35:22Z", "object_refs": [ "observed-data--5d49833d-2ac8-489d-a0bb-4535950d210f", "url--5d49833d-2ac8-489d-a0bb-4535950d210f", "observed-data--5d4988ee-55fc-4a68-813f-44d4950d210f", "url--5d4988ee-55fc-4a68-813f-44d4950d210f", "indicator--5d517330-22ac-4be8-93c4-49c9950d210f", "indicator--5d517330-1658-4540-a753-46e0950d210f", "indicator--5d517330-bd80-44e7-91bc-438c950d210f", "indicator--5d517330-9d60-41b3-8436-4e39950d210f", "indicator--5d517330-25f8-447c-93fc-4b86950d210f", "indicator--5d517330-59a8-4798-9b8f-419d950d210f", "indicator--5d517331-6070-446d-a363-4ddf950d210f", "indicator--5d517331-ae34-454b-b2fe-4dec950d210f", "indicator--5d517331-4b84-4341-afd9-41a6950d210f", "indicator--5d517331-4108-4e33-a7ac-42d2950d210f", "indicator--5d517331-c47c-413c-8047-497e950d210f", "indicator--5d517331-e328-4744-8529-4088950d210f", "indicator--5d517331-d6dc-4648-9b62-4404950d210f", "indicator--5d51737a-b680-46c6-9b58-4ff0950d210f", "indicator--5d51737b-39c8-46cc-87bb-4342950d210f", "indicator--5d51737b-c5d4-42e3-9991-43ca950d210f", "indicator--5d51737b-d2ec-4a93-9e4a-4623950d210f", "indicator--5d51737b-cb90-492c-bc50-49da950d210f", "indicator--5d51737b-e68c-4cf8-8484-4c8f950d210f", "x-misp-attribute--5d52631c-1110-4600-a024-d9c8950d210f", "indicator--8a692de1-9181-4a14-b03b-33eff84dd2dd", "indicator--33584ba5-ffb6-4b6d-a583-2ed8be8b13a8", "indicator--b1fe24c7-e0d6-4ad6-bded-71e94646e1de", "indicator--a438f26a-8ac2-48fa-92db-eeabe8bf2ea1", "indicator--0c8e9a07-b77f-4d99-88bc-90e01491881d", "indicator--ea7d0d1f-8fa6-4e26-9d70-ff1ad56265af", "indicator--04a81d9f-75c8-44eb-8775-7938c5303ab2", "indicator--dba87e0c-17e3-43c0-af22-6f6a55bda3e0", "indicator--dd47f065-a663-4fbb-ad78-66fb372704ca", "indicator--6c19c316-14d6-469a-a122-f2b13c21cc8e", "indicator--4f751950-e0d0-400a-90e0-bbab853a48dd", "indicator--191b4c43-86e6-402b-a206-44cbc16f8ffa", "indicator--7acd2cf2-c80b-4dbf-850d-7168fe00298c", "indicator--957251b4-6f97-4058-97b4-a70ed80ac6e6", "indicator--3c0badfe-f235-436e-aad3-c91be69b2ec5", "indicator--fe11a26b-5e51-4278-8527-77a9757e2c8d", "indicator--c7c69120-a89c-4b14-8a38-36acd6488961", "indicator--f708b2e6-8236-4b45-8180-28f20c5cb105", "indicator--45b5ad6f-62d6-43e1-865e-f815a37fa34f", "indicator--a9f76724-fbcc-43a9-aad4-6737bb8a9ece", "indicator--0754c7c6-7a21-4a8a-be8d-32fa887c756b", "indicator--c51b58e9-416e-43d5-9ef0-651536573149", "indicator--a4be316a-1342-490b-935d-3cb667a02ad6", "indicator--588bbb6f-9390-42d4-9839-3b595d31de69", "indicator--962c51b9-615d-454d-8977-a22a1f583868", "indicator--87939249-448c-4cb5-bf42-596cb88cb9ee", "indicator--aee6c86f-91c9-4ed9-8a11-841fa8d848d3", "indicator--ddb03882-2048-41c3-bb11-8dff8b9aa4ac", "indicator--b7167cb2-4240-43fe-8821-80897f4087b3", "indicator--05e6b2ff-953c-4841-bd39-8ad0c2e69e65", "indicator--d04d25ce-44a8-45dc-b7ed-a0d85596a811", "indicator--aee23dbf-5457-415c-9594-4133bf65ea0c", "indicator--4bee8233-b6ac-45c5-881d-10c15a37a780", "indicator--579ad8ab-1805-4eee-aa81-d0ad072ec3a8", "indicator--68862694-1745-4e74-b07d-61b8137c6bbf", "indicator--0f47af76-83e0-4020-b5a3-68754f9ef4af", "indicator--39e99e19-f532-45f5-8224-c934bde72c32", "indicator--6a2f26f5-deda-419e-bbfe-a330c3758928", "indicator--cc82fda6-bc09-40fd-848a-45d0db504746", "indicator--9830f7a9-07cc-49f8-8d97-dd0c94ba75d3", "indicator--cba4d0e1-654f-4a15-81a0-e2c9945e97bb", "indicator--a62cf322-51d8-4052-a4d6-9ce43578c2f5", "indicator--8836295d-7d9e-4d50-a08b-b95b25c8b3c5", "indicator--bc5d7cb4-8876-4e95-9dcd-e3a71c95396d", "indicator--b7706f37-e171-41a3-bc49-3fde53dc498f", "indicator--a8fe9e04-bb0d-4131-9ad6-018ec7a0ca99", "indicator--434f775b-b36c-4fb2-8007-4e7b2e7aff88", "indicator--dfa37ef0-abf3-46cd-88c0-a071db75f2c8", "indicator--e03bb791-42ae-4009-83a4-15fdb9e4a56a", "indicator--68b09380-602b-460c-b512-affb7278bf17", "indicator--003e685d-79fb-4e9d-aa32-aae946e9c2f2", "indicator--8a3219fe-e008-4649-9f69-ec729c23436d", "indicator--12aea0bf-6d93-421b-a3bb-66bf707580e4", "indicator--1970c2a4-9c10-4a8e-8d37-2e7df057cba7", "indicator--244d330e-4a9a-42a4-a98b-c324916fc138", "indicator--e9d12a70-06f1-46d0-b97c-3e2f8b93a3bc", "indicator--5a90220f-2373-49bc-be7c-5b5d4734e51a", "indicator--b3b62b88-c1f6-4f7d-9a09-1df9e947bc61", "indicator--05981ed3-609f-46bb-b71a-df778d89535d", "indicator--cceb870e-4117-48e0-8ce1-e1c440250917", "indicator--93e52ad7-7f4c-47a5-99ae-8a4e6e567ec3", "indicator--638b2381-d20d-42a0-a652-375b1fa87686", "indicator--708dab6c-4d36-43f7-aeca-4e26adb0bb16", "indicator--d6490a36-18cb-460b-b2b5-9a7619606148", "indicator--b3e77c71-4406-4b96-b6e0-13ed5e4e30f4", "indicator--90b99f0c-945a-46c6-9b0c-039cdab1dbed", "indicator--13f08889-deee-4943-b161-0187ef57d7e1", "indicator--c366394b-76d5-4c9b-a560-081a5370446b", "indicator--1a9b7f44-10e5-471c-8489-09d7096dc753", "indicator--6f54982a-7a31-4544-a758-9693169e1abf", "indicator--4fe3a100-4b92-4752-8e50-c5c19ee6a301", "indicator--13128f4c-5532-4b72-8d01-57a76a4d07c3", "indicator--f63769dd-f98c-497e-a91f-99d8674be835", "indicator--981f4ee3-dfc4-42ba-927f-6117c0001c8c", "indicator--c58c0483-3472-4669-9d00-cae7a8fff636", "indicator--111cb2a8-af64-43a1-8afc-ec6a7c6a5c74", "indicator--b875174e-4422-4899-83c8-98d0b805da24", "indicator--661c06e3-3f9d-4142-a37c-b516ec9721e6", "indicator--d2030374-8a32-48dd-b565-da4f7e9de8eb", "indicator--6dab62aa-030a-4e3b-a926-9820679ff41a", "indicator--f0543d5a-af97-4bc8-8d0b-9101a0c05f34", "indicator--dec8fd50-628a-4eb2-ba23-557d57eb9535", "indicator--6929d2e4-27f5-464a-8b4b-2ae80e9ea564", "indicator--1edaf6f6-1670-4f0b-aa3c-72c7a51e211b", "indicator--1a037ed0-53ea-42a7-8694-62f4a728a7cd", "indicator--7ac1b131-48fc-41b2-894c-c4c3c0852a4b", "indicator--14924a9c-5c0f-425d-9531-fa15c3f1c817", "indicator--8e9c45d9-800f-45f9-b6bf-bbde6f3649e4", "indicator--55835c18-a3c4-456a-be2e-fafce0254df0", "indicator--3e0f2078-e764-413e-98ff-5113ef415da8", "indicator--31fe0063-09d0-4b0a-8188-d46e5bb46307", "indicator--1b8256fb-12f9-4029-9e33-68d895c4e754", "indicator--1c6174ac-7253-4918-9932-4c25d16b7fa9", "indicator--94508ba6-a7b7-45a8-a02f-18b59d6f1774", "indicator--8ee128fd-b41e-4e8b-a333-0597b474be67", "indicator--7935732e-59a4-4383-9fc9-546da0ea26f9", "indicator--52156c2a-4c6a-450f-981c-433a42dfb7aa", "indicator--19082ad9-3e50-49f4-9018-78ff4f222c7f", "indicator--683c399f-d3c8-4f32-8c8c-c3df2989c515", "indicator--7647bee2-58a4-4293-94f5-1540cbe51994", "indicator--a42282ff-d32e-48d7-afda-ca8056c40b2c", "indicator--70f89732-c74b-4b50-860e-4fdcfbcab28b", "indicator--cc71714f-98d6-4d0e-9047-fb16480a3d65", "indicator--5755a9b4-0b6d-4edb-b41d-1fa6eebf677b", "x-misp-object--57e72629-e86a-4591-b071-dc72988a11dd", "indicator--90ba774e-2d3c-4681-aa3c-2f72306df89e", "x-misp-object--46245f77-2cae-4804-a5d1-c6c09bb69ef8", "indicator--f23f0b2b-985e-4e21-80dc-e59c3c28c45f", "x-misp-object--0da0d94b-fd1a-48df-a95f-33f250100eb4", "indicator--b05ef68e-17cd-4a85-af71-414145036bba", "x-misp-object--6847ec0c-770d-4bb0-b6b5-64286a072bb9", "indicator--531a0491-51fb-4487-8d23-083a61d6749c", "x-misp-object--b5567de3-b632-4c8e-a2b2-843367a3b89c", "indicator--6bed7582-d749-4f0e-972a-704520e046dc", "x-misp-object--fdd40616-8544-40b7-8f04-79ab0dd41097", "indicator--fe215d82-4e07-46c1-8545-1d395fa890ce", "x-misp-object--f4cd93cd-e5cd-42b3-8fe9-28685d552703", "indicator--7047fe89-3ddd-4bff-aa2a-11d986cde08b", "x-misp-object--4cbc7e29-5a6c-4775-8002-cdba10392a10", "indicator--50fedb9b-0e14-43fb-8512-8f989ac34305", "x-misp-object--5028f0e4-43d2-4832-a500-813be2f633b3", "indicator--51d2647f-b8ad-4664-a17d-7ae19f413a11", "x-misp-object--24acd52e-a969-4d69-bb88-e57c51a43e42", "indicator--b6decb0d-6c64-4c13-a035-00e4867fb2dd", "x-misp-object--7f0397a0-ca35-463e-ba29-48807fde401b", "indicator--68f1d019-274d-43e4-b014-ce9b23560d4e", "x-misp-object--d006038d-e562-4505-aa6a-26272c6906c5", "indicator--a5b82f72-0f15-4329-a3ae-a1443c7c20f9", "x-misp-object--ef7058b0-ee9a-42e7-84e4-571560201656", "indicator--a7f25b8a-bc21-44ec-88e6-fe0d358f36b5", "x-misp-object--a15e1912-b799-484e-8596-3a929eb5b849", "indicator--fbbe7063-4dc9-40d9-8a70-5e10d25ae1be", "x-misp-object--3dccc6fd-ccf2-4995-8770-41075c7981c0", "indicator--4671a7c1-3b72-427b-b486-a9076c743c39", "x-misp-object--601cbe62-0b1b-4765-9a08-23a989a76447", "indicator--b8629f7c-4f7b-403e-9b5e-8343238e99cf", "x-misp-object--e400655d-93d4-46a7-9116-738530e06ea7", "indicator--e8a2c8f3-145e-47a6-83fe-139a0629e77c", "x-misp-object--3cf7cf8e-f19a-4306-bd46-e65583216baa", "indicator--cd784941-a6e5-4ff2-b4d2-8e0201d5fabd", "x-misp-object--116175d9-f786-4417-91c1-e787621fc175", "indicator--583f80b7-150f-43b8-984c-507183734547", "x-misp-object--7c9894ca-7a08-4157-a60a-2dbfdead61bb", "indicator--7e7268fb-a0fc-4c93-bc16-ba606b5e988b", "x-misp-object--8e631b4f-7877-4d15-8bae-4026529a128a", "indicator--2b52403a-fe7b-4b5e-9b93-ca6d6eed3654", "x-misp-object--73744f82-718a-484b-8057-e78bf0d1f92d", "indicator--c7f78389-8821-43ca-8d46-687afc70fa6a", "x-misp-object--b97cd856-8dae-4602-aa2f-db8daf1f1129", "indicator--477d1696-bc96-462f-afed-7aac5dac22e3", "x-misp-object--2d8d71da-d2e0-4004-9cc1-fc2b68fca4e3", "indicator--2c001844-70ba-431f-b9e2-c81f88058ed8", "x-misp-object--8aa45243-df40-4d10-bf17-d3e2599fed0a", "indicator--58281799-2547-4047-98cd-60e10f04c1bd", "x-misp-object--87010e33-7b38-419d-8421-5eaa07cb8c4b", "indicator--ac105d47-7fab-4260-ad19-e2827a659096", "x-misp-object--63dce8e1-33e9-48be-8523-b5db67038282", "indicator--206578ce-144d-4490-b193-f64ae055a583", "x-misp-object--0dc7048e-96ee-4e68-a2eb-403dd3883ae3", "indicator--928ffbe0-4d94-455a-97cf-8202e79d6626", "x-misp-object--0a71b5ae-12ea-4aa3-bb82-6f031ff3765b", "indicator--b2e3f716-6a47-4f4c-8d2d-f329559a4cad", "x-misp-object--56045c01-e584-420e-97ad-340f8364c026", "indicator--2d52e790-2148-4c46-af5a-3a9cca5167c2", "x-misp-object--924cdf00-0662-44d7-9abe-db984b87a890", "indicator--780ea6a4-143e-435e-80ce-a9d640727387", "x-misp-object--171b844c-e483-40b1-9be6-3a72552cad24", "indicator--e85ade4d-1b48-4843-919b-fbb40e56ea8e", "x-misp-object--6d64d31b-f6d3-4aab-8422-536fb14900a9", "indicator--0435b47e-3fda-4c7f-8c7d-300f6c81e5cc", "x-misp-object--ef0ac1b1-06ab-4882-a73a-963968e5d9d5", "indicator--fa6162c5-05ef-48dc-9617-96c574f6f8ee", "x-misp-object--30af6744-2ff9-4462-a0fa-be7dfcd5e537", "indicator--41e8c744-0833-4720-abf8-e40fd4b0a6ec", "x-misp-object--debdafab-84f5-4c5f-8f4a-3d873d95895c", "indicator--6a1850ce-88ff-4602-b863-1c5a8eb3e7d5", "x-misp-object--e39a8261-d7fc-4e65-a763-eb2d49bdcf6b", "relationship--3b1d47e5-d5aa-4d56-8011-0e6c271d8a8c", "relationship--2dd0755c-1e57-428e-b822-5d780ad8bd74", "relationship--1368a551-9200-4cf2-a6a7-73232f7c33a6", "relationship--2d2f908e-d8fb-4183-95be-64e0b04f38e2", "relationship--921c9004-1f62-4bf9-af7c-256ad152096f", "relationship--a3918add-b66a-459b-8dd3-1475ace6d904", "relationship--8475c5f0-b345-4f62-b8dc-c268d225cecb", "relationship--7ed98fd5-bc69-41b0-81d9-df855488b55b", "relationship--62f9bea8-4b11-4770-b06e-b95fe80915ae", "relationship--a405d7ec-5247-4318-b625-2bd405058ce5", "relationship--5c8255de-7df1-4f2c-bdf4-eee4cc424853", "relationship--c40cc3a0-a670-4276-8549-6ebb290fb264", "relationship--64280654-6da2-4333-9ccf-a15939fa57a3", "relationship--65413621-277f-4651-93df-cc6acf602d1a", "relationship--47fa697e-d234-4bbd-b24d-436168dca93d", "relationship--d6727a26-4386-4b2f-8485-71b67d3690a0", "relationship--41eb47dc-7358-4ce2-874a-b0fcfca06efe", "relationship--6398f885-0d4f-4866-b62a-72c8c6e41a5f", "relationship--83ed3d30-46de-4a25-8654-edc0a6d8eba5", "relationship--0f6a478e-2856-410a-b53d-304269243d4e", "relationship--aed1230c-a59c-4848-9439-325a445e0a33", "relationship--fae845fc-22fa-46ea-86f1-8389b40c9c2f", "relationship--908b38af-12b9-4267-92ab-55d9b7db8a06", "relationship--9f5bb937-2ae7-4717-a152-f6dbcb8cc66c", "relationship--cda5e29a-74ca-47dc-bdb7-9647807e97a6", "relationship--ac7c1671-8444-4244-84cd-ba5ef2a2753f", "relationship--88133e2f-00b8-48e6-a7a4-091126048cbc", "relationship--baaded4e-c172-44dc-9802-1f28aa3abba7", "relationship--4c45bf8f-de89-4c61-90da-1627c63b2db1", "relationship--ef237c26-64bf-40d8-ba0d-86dc9ab5df35", "relationship--7ee97a0a-c471-4a63-86ad-d7d02022066e", "relationship--fb78981e-524f-49cd-968f-42c64ae2d818", "relationship--b2546ed6-15c1-4924-9770-00cb8f85f3c7", "relationship--3fa8b609-56c7-42e5-bb99-fac1a8c83c55", "relationship--7e14d0e9-289f-4451-b0fb-2f32830c4f4f", "relationship--18d0a123-955b-4d55-b5c0-9a92952986bd", "relationship--bbad76f5-5ce2-420c-be44-9336af03fac3", "relationship--2ec52d43-6a0d-4aef-9580-fc683a281f52" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "misp-galaxy:malpedia=\"Machete\"", "misp-galaxy:threat-actor=\"El Machete\"", "misp-galaxy:mitre-attack-pattern=\"Spearphishing Attachment - T1193\"", "misp-galaxy:mitre-attack-pattern=\"Spearphishing Link - T1192\"", "misp-galaxy:mitre-attack-pattern=\"User Execution - T1204\"", "misp-galaxy:mitre-attack-pattern=\"Scheduled Task - T1053\"", "misp-galaxy:mitre-attack-pattern=\"Hidden Files and Directories - T1158\"", "misp-galaxy:mitre-attack-pattern=\"Obfuscated Files or Information - T1027\"", "misp-galaxy:mitre-attack-pattern=\"Software Packing - T1045\"", "misp-galaxy:mitre-attack-pattern=\"Masquerading - T1036\"", "misp-galaxy:mitre-attack-pattern=\"Private Keys - T1145\"", "misp-galaxy:mitre-attack-pattern=\"Credentials in Files - T1081\"", "misp-galaxy:mitre-attack-pattern=\"System Network Connections Discovery - T1049\"", "misp-galaxy:mitre-attack-pattern=\"Peripheral Device Discovery - T1120\"", "misp-galaxy:mitre-attack-pattern=\"File and Directory Discovery - T1083\"", "misp-galaxy:mitre-attack-pattern=\"Browser Bookmark Discovery - T1217\"", "misp-galaxy:mitre-attack-pattern=\"Process Discovery - T1057\"", "misp-galaxy:mitre-attack-pattern=\"Application Window Discovery - T1010\"", "misp-galaxy:mitre-attack-pattern=\"Clipboard Data - T1115\"", "misp-galaxy:mitre-attack-pattern=\"Data from Local System - T1005\"", "misp-galaxy:mitre-attack-pattern=\"Data from Removable Media - T1025\"", "misp-galaxy:mitre-attack-pattern=\"Data Staged - T1074\"", "misp-galaxy:mitre-attack-pattern=\"Input Capture - T1056\"", "misp-galaxy:mitre-attack-pattern=\"Screen Capture - T1113\"", "misp-galaxy:mitre-attack-pattern=\"Commonly Used Port - T1043\"", "misp-galaxy:mitre-attack-pattern=\"Fallback Channels - T1008\"", "misp-galaxy:mitre-attack-pattern=\"Standard Application Layer Protocol - T1071\"", "misp-galaxy:mitre-attack-pattern=\"Remote File Copy - T1105\"", "misp-galaxy:mitre-attack-pattern=\"Automated Exfiltration - T1020\"", "misp-galaxy:mitre-attack-pattern=\"Data Compressed - T1002\"", "misp-galaxy:mitre-attack-pattern=\"Data Encrypted - T1022\"", "misp-galaxy:mitre-attack-pattern=\"Exfiltration Over Command and Control Channel - T1041\"", "misp-galaxy:mitre-attack-pattern=\"Exfiltration Over Physical Medium - T1052\"", "misp-galaxy:mitre-attack-pattern=\"Scheduled Transfer - T1029\"", "type:OSINT", "osint:lifetime=\"perpetual\"", "osint:certainty=\"50\"", "enisa:nefarious-activity-abuse=\"spear-phishing-attacks\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--5d49833d-2ac8-489d-a0bb-4535950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-06T13:40:13.000Z", "modified": "2019-08-06T13:40:13.000Z", "first_observed": "2019-08-06T13:40:13Z", "last_observed": "2019-08-06T13:40:13Z", "number_observed": 1, "object_refs": [ "url--5d49833d-2ac8-489d-a0bb-4535950d210f" ], "labels": [ "misp:type=\"link\"", "misp:category=\"External analysis\"" ] }, { "type": "url", "spec_version": "2.1", "id": "url--5d49833d-2ac8-489d-a0bb-4535950d210f", "value": "https://www.welivesecurity.com/2019/08/05/sharpening-machete-cyberespionage/" }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--5d4988ee-55fc-4a68-813f-44d4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-06T14:04:30.000Z", "modified": "2019-08-06T14:04:30.000Z", "first_observed": "2019-08-06T14:04:30Z", "last_observed": "2019-08-06T14:04:30Z", "number_observed": 1, "object_refs": [ "url--5d4988ee-55fc-4a68-813f-44d4950d210f" ], "labels": [ "misp:type=\"link\"", "misp:category=\"External analysis\"" ] }, { "type": "url", "spec_version": "2.1", "id": "url--5d4988ee-55fc-4a68-813f-44d4950d210f", "value": "https://www.welivesecurity.com/wp-content/uploads/2019/08/ESET_Machete.pdf" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d517330-22ac-4be8-93c4-49c9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:09:52.000Z", "modified": "2019-08-12T14:09:52.000Z", "pattern": "[domain-name:value = 'tobabean.expert']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:09:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d517330-1658-4540-a753-46e0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:09:52.000Z", "modified": "2019-08-12T14:09:52.000Z", "pattern": "[domain-name:value = 'koliast.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:09:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d517330-bd80-44e7-91bc-438c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:09:52.000Z", "modified": "2019-08-12T14:09:52.000Z", "pattern": "[domain-name:value = 'u929489355.hostingerapp.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:09:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d517330-9d60-41b3-8436-4e39950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:09:52.000Z", "modified": "2019-08-12T14:09:52.000Z", "pattern": "[domain-name:value = 'u154611594.hostingerapp.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:09:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d517330-25f8-447c-93fc-4b86950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:09:52.000Z", "modified": "2019-08-12T14:09:52.000Z", "pattern": "[domain-name:value = '6e24a5fb.ngrok.io']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:09:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d517330-59a8-4798-9b8f-419d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:09:52.000Z", "modified": "2019-08-12T14:09:52.000Z", "pattern": "[domain-name:value = 'f9527d03.ngrok.io']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:09:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d517331-6070-446d-a363-4ddf950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:09:53.000Z", "modified": "2019-08-12T14:09:53.000Z", "pattern": "[domain-name:value = 'adtiomtardecessd.zapto.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:09:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d517331-ae34-454b-b2fe-4dec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:09:53.000Z", "modified": "2019-08-12T14:09:53.000Z", "pattern": "[domain-name:value = 'mcsi.gotdns.ch']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:09:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d517331-4b84-4341-afd9-41a6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:09:53.000Z", "modified": "2019-08-12T14:09:53.000Z", "pattern": "[domain-name:value = 'djcaps.gotdns.ch']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:09:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d517331-4108-4e33-a7ac-42d2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:09:53.000Z", "modified": "2019-08-12T14:09:53.000Z", "pattern": "[domain-name:value = 'tokeiss.ddns.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:09:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d517331-c47c-413c-8047-497e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:09:53.000Z", "modified": "2019-08-12T14:09:53.000Z", "pattern": "[domain-name:value = 'artyomt.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:09:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d517331-e328-4744-8529-4088950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:09:53.000Z", "modified": "2019-08-12T14:09:53.000Z", "pattern": "[domain-name:value = 'lawyersofficial.mipropia.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:09:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d517331-d6dc-4648-9b62-4404950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:09:53.000Z", "modified": "2019-08-12T14:09:53.000Z", "pattern": "[domain-name:value = 'ceofanb18.mipropia.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:09:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d51737a-b680-46c6-9b58-4ff0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:11:06.000Z", "modified": "2019-08-12T14:11:06.000Z", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.224.137.63']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:11:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d51737b-39c8-46cc-87bb-4342950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:11:07.000Z", "modified": "2019-08-12T14:11:07.000Z", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '156.67.222.88']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:11:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d51737b-c5d4-42e3-9991-43ca950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:11:07.000Z", "modified": "2019-08-12T14:11:07.000Z", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '158.69.9.209']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:11:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d51737b-d2ec-4a93-9e4a-4623950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:11:07.000Z", "modified": "2019-08-12T14:11:07.000Z", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '142.44.236.215']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:11:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d51737b-cb90-492c-bc50-49da950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:11:07.000Z", "modified": "2019-08-12T14:11:07.000Z", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '199.79.63.188']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:11:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d51737b-e68c-4cf8-8484-4c8f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:11:07.000Z", "modified": "2019-08-12T14:11:07.000Z", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.61.164.33']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:11:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-attribute", "spec_version": "2.1", "id": "x-misp-attribute--5d52631c-1110-4600-a024-d9c8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-13T07:13:32.000Z", "modified": "2019-08-13T07:13:32.000Z", "labels": [ "misp:type=\"text\"", "misp:category=\"External analysis\"" ], "x_misp_category": "External analysis", "x_misp_type": "text", "x_misp_value": "Latin America is often overlooked when it comes to persistent threats and groups with politically motivated targets. There is, however, an ongoing case of cyberespionage against high-profile organizations that has managed to stay under the radar. The group behind these attacks has stolen gigabytes of confidential documents, mostly from Venezuelan government organizations. It is still very active at the time of this publication, regularly introducing changes to its malware, infrastructure and spearphishing campaigns.\r\n\r\nESET has been tracking a new version of Machete (the group\u00e2\u20ac\u2122s Python-based toolset) that was first seen in April 2018. While the main functionality of the backdoor remains the same as in previous versions, it has been extended with new features over the course of a year." }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--8a692de1-9181-4a14-b03b-33eff84dd2dd", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-08T09:14:25.000Z", "modified": "2019-08-08T09:14:25.000Z", "pattern": "[file:hashes.SHA1 = '048c40eb606da3def08c9f6997c1948afbbc959b' AND file:name = 'GoogleUpdate.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-08T09:14:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--33584ba5-ffb6-4b6d-a583-2ed8be8b13a8", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-08T09:14:26.000Z", "modified": "2019-08-08T09:14:26.000Z", "pattern": "[file:hashes.SHA1 = '2e8d8508096caa38493414f6ba788d0041ea9e15' AND file:name = 'GoogleUpdate.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-08T09:14:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b1fe24c7-e0d6-4ad6-bded-71e94646e1de", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-08T09:19:49.000Z", "modified": "2019-08-08T09:19:49.000Z", "pattern": "[file:hashes.SHA1 = '85bdd7d871108c737701ac30c14a2d343cbdef94' AND file:name = 'GoogleUpdate.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-08T09:19:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--a438f26a-8ac2-48fa-92db-eeabe8bf2ea1", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-08T09:14:27.000Z", "modified": "2019-08-08T09:14:27.000Z", "pattern": "[file:hashes.SHA1 = '8ed8cb784512f7dadd147347fc94e945faf16338' AND file:name = 'GoogleUpdate.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-08T09:14:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--0c8e9a07-b77f-4d99-88bc-90e01491881d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-08T09:14:27.000Z", "modified": "2019-08-08T09:14:27.000Z", "pattern": "[file:hashes.SHA1 = '9c413075aab7ef7876b8dc8d7b7c1b9b96842c6e' AND file:name = 'GoogleUpdate.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-08T09:14:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--ea7d0d1f-8fa6-4e26-9d70-ff1ad56265af", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-08T09:14:28.000Z", "modified": "2019-08-08T09:14:28.000Z", "pattern": "[file:hashes.SHA1 = 'ab8dd6b0cc950618589603012863b57f7adb9d9b' AND file:name = 'GoogleUpdate.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-08T09:14:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--04a81d9f-75c8-44eb-8775-7938c5303ab2", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T10:53:46.000Z", "modified": "2019-08-12T10:53:46.000Z", "pattern": "[file:hashes.SHA1 = '318496b58cf5052efd49a95c721d9165278e9fce' AND file:name = 'Chrome.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T10:53:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--dba87e0c-17e3-43c0-af22-6f6a55bda3e0", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T10:53:47.000Z", "modified": "2019-08-12T10:53:47.000Z", "pattern": "[file:hashes.SHA1 = '3bb345032b6d0226d6771ba65fe4da0faf628631' AND file:name = 'Chrome.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T10:53:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--dd47f065-a663-4fbb-ad78-66fb372704ca", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T10:53:47.000Z", "modified": "2019-08-12T10:53:47.000Z", "pattern": "[file:hashes.SHA1 = '946a24dfbd0ae94209ef7c284d3f462548566a3c' AND file:name = 'Chrome.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T10:53:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6c19c316-14d6-469a-a122-f2b13c21cc8e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T10:53:48.000Z", "modified": "2019-08-12T10:53:48.000Z", "pattern": "[file:hashes.SHA1 = '984b9202a6dbd7d3dd696cae1220338a68092dc9' AND file:name = 'Chrome.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T10:53:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--4f751950-e0d0-400a-90e0-bbab853a48dd", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T10:53:49.000Z", "modified": "2019-08-12T10:53:49.000Z", "pattern": "[file:hashes.SHA1 = 'eabd45d0a86113f5ccff9fd292c1e482a5727815' AND file:name = 'Chrome.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T10:53:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--191b4c43-86e6-402b-a206-44cbc16f8ffa", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T10:53:49.000Z", "modified": "2019-08-12T10:53:49.000Z", "pattern": "[file:hashes.SHA1 = 'f05bc018c90b560dc4932758956adffbc10588ce' AND file:name = 'Chrome.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T10:53:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--7acd2cf2-c80b-4dbf-850d-7168fe00298c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T10:53:50.000Z", "modified": "2019-08-12T10:53:50.000Z", "pattern": "[file:hashes.SHA1 = '204a2850548e5994d4696e9002f90dfccbe2093a' AND file:name = 'GoogleCrash.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T10:53:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--957251b4-6f97-4058-97b4-a70ed80ac6e6", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T10:59:38.000Z", "modified": "2019-08-12T10:59:38.000Z", "pattern": "[file:hashes.SHA1 = '3792588edc809270e6666a4677ec85a3400ba4cf' AND file:name = 'GoogleCrash.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T10:59:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--3c0badfe-f235-436e-aad3-c91be69b2ec5", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:17.000Z", "modified": "2019-08-12T11:00:17.000Z", "pattern": "[file:hashes.SHA1 = '4899a2c2ceceb92d2cc4ed17d092d1d599379284' AND file:name = 'GoogleCrash.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--fe11a26b-5e51-4278-8527-77a9757e2c8d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:19.000Z", "modified": "2019-08-12T11:00:19.000Z", "pattern": "[file:hashes.SHA1 = 'a42756280aa352f4612bed85aabf7f3267e676c2' AND file:name = 'GoogleCrash.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--c7c69120-a89c-4b14-8a38-36acd6488961", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:20.000Z", "modified": "2019-08-12T11:00:20.000Z", "pattern": "[file:hashes.SHA1 = 'a97cf05ad7f3102bde45e4b4947ed435efea1968' AND file:name = 'GoogleCrash.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--f708b2e6-8236-4b45-8180-28f20c5cb105", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:20.000Z", "modified": "2019-08-12T11:00:20.000Z", "pattern": "[file:hashes.SHA1 = '00397da69b8e748720aedfd80d78166573c33ec8' AND file:name = 'ders.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--45b5ad6f-62d6-43e1-865e-f815a37fa34f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:21.000Z", "modified": "2019-08-12T11:00:21.000Z", "pattern": "[file:hashes.SHA1 = '03929a5530639c1d9dbd395a298c59fd7eff1dec' AND file:name = 'chrome.sfx.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--a9f76724-fbcc-43a9-aad4-6737bb8a9ece", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:21.000Z", "modified": "2019-08-12T11:00:21.000Z", "pattern": "[file:hashes.SHA1 = '0922defb82ff1140bbe3481bab27564bb966d50b' AND file:name = 'ChrOme_UpdAte.sfx.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--0754c7c6-7a21-4a8a-be8d-32fa887c756b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:22.000Z", "modified": "2019-08-12T11:00:22.000Z", "pattern": "[file:hashes.SHA1 = '0ac64e08e63601ad9d6a4ef019e5b374784af80a' AND file:name = 'chrome.sfx.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--c51b58e9-416e-43d5-9ef0-651536573149", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:22.000Z", "modified": "2019-08-12T11:00:22.000Z", "pattern": "[file:hashes.SHA1 = '0ba5bce133b50ef80fd9241c3ea5cb9135ca4eb1' AND file:name = 'ders.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--a4be316a-1342-490b-935d-3cb667a02ad6", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:23.000Z", "modified": "2019-08-12T11:00:23.000Z", "pattern": "[file:hashes.SHA1 = '161629f63422ab34108854662313f87a278dd7f5' AND file:name = 'chrome.sfx.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--588bbb6f-9390-42d4-9839-3b595d31de69", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:24.000Z", "modified": "2019-08-12T11:00:24.000Z", "pattern": "[file:hashes.SHA1 = '24752dab28c3add4c31591f2ec480ce3ca83e0aa' AND file:name = 'python27.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--962c51b9-615d-454d-8977-a22a1f583868", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:24.000Z", "modified": "2019-08-12T11:00:24.000Z", "pattern": "[file:hashes.SHA1 = '341f2efa0fd11b4480d8503bfb81c62af667d72d' AND file:name = 'chrome_Up.sfx.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--87939249-448c-4cb5-bf42-596cb88cb9ee", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:25.000Z", "modified": "2019-08-12T11:00:25.000Z", "pattern": "[file:hashes.SHA1 = '4c130aa110b290a0cf4ff1c099ea2a705081a9cb' AND file:name = 'Chrome_Update.sfx.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--aee6c86f-91c9-4ed9-8a11-841fa8d848d3", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:25.000Z", "modified": "2019-08-12T11:00:25.000Z", "pattern": "[file:hashes.SHA1 = '50c23690c23ee070ad3a20fced7311bfdf098833' AND file:name = 'ders.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--ddb03882-2048-41c3-bb11-8dff8b9aa4ac", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:26.000Z", "modified": "2019-08-12T11:00:26.000Z", "pattern": "[file:hashes.SHA1 = '67ecbc1e9a66719c599e6dded33a85f70daca13e' AND file:name = 'chrome.sfx.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b7167cb2-4240-43fe-8821-80897f4087b3", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:26.000Z", "modified": "2019-08-12T11:00:26.000Z", "pattern": "[file:hashes.SHA1 = '6a69a2a2d4a2f8690b71386f0f092b04ea5a647d' AND file:name = 'ders.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--05e6b2ff-953c-4841-bd39-8ad0c2e69e65", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:27.000Z", "modified": "2019-08-12T11:00:27.000Z", "pattern": "[file:hashes.SHA1 = '92c56af6815597c0135c21ef5a35d41b0e2a460f' AND file:name = 'Python_27.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--d04d25ce-44a8-45dc-b7ed-a0d85596a811", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:27.000Z", "modified": "2019-08-12T11:00:27.000Z", "pattern": "[file:hashes.SHA1 = '9e52e1c015b97d4fb2cac888f8fc69d729af78f5' AND file:name = 'finaser.aes']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--aee23dbf-5457-415c-9594-4133bf65ea0c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:28.000Z", "modified": "2019-08-12T11:00:28.000Z", "pattern": "[file:hashes.SHA1 = 'a48a71b9d1c00a683397f97c02e0dbb3f4606863' AND file:name = 'ders.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--4bee8233-b6ac-45c5-881d-10c15a37a780", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:29.000Z", "modified": "2019-08-12T11:00:29.000Z", "pattern": "[file:hashes.SHA1 = 'b6e436a0fff117a1c3d3d70947f62d4cac66c95e' AND file:name = 'ders.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--579ad8ab-1805-4eee-aa81-d0ad072ec3a8", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:29.000Z", "modified": "2019-08-12T11:00:29.000Z", "pattern": "[file:hashes.SHA1 = 'c4accf6071f51ade102190c6fa350435fc202654' AND file:name = 'Python.27.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--68862694-1745-4e74-b07d-61b8137c6bbf", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:30.000Z", "modified": "2019-08-12T11:00:30.000Z", "pattern": "[file:hashes.SHA1 = 'd5238cde036eefcc6d8d686b3a00247f27da894c' AND file:name = 'Python.27.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--0f47af76-83e0-4020-b5a3-68754f9ef4af", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:30.000Z", "modified": "2019-08-12T11:00:30.000Z", "pattern": "[file:hashes.SHA1 = 'dda105d8d894f73b16518d546270e4f783cb5178' AND file:name = 'python27.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--39e99e19-f532-45f5-8224-c934bde72c32", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:31.000Z", "modified": "2019-08-12T11:00:31.000Z", "pattern": "[file:hashes.SHA1 = 'e85c1ef38c39b6087ea9ac8171ddd1416b9a5306' AND file:name = 'python27.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6a2f26f5-deda-419e-bbfe-a330c3758928", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:31.000Z", "modified": "2019-08-12T11:00:31.000Z", "pattern": "[file:hashes.SHA1 = 'fd52b10e9d4e5d343e589627444a6766357d5e47' AND file:name = 'Security.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--cc82fda6-bc09-40fd-848a-45d0db504746", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:33.000Z", "modified": "2019-08-12T11:00:33.000Z", "pattern": "[file:hashes.SHA1 = '69109287d41c002fa70bb3d6238c4056b2b24b2f' AND file:name = 'Mapa_monitoreo_WRF_ind02052018.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--9830f7a9-07cc-49f8-8d97-dd0c94ba75d3", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:34.000Z", "modified": "2019-08-12T11:00:34.000Z", "pattern": "[file:hashes.SHA1 = '89c0fdeed36a69099e935a590a103339b0cbe525' AND file:name = 'Mapa_monitoreo_WRF_ind02052018.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--cba4d0e1-654f-4a15-81a0-e2c9945e97bb", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:34.000Z", "modified": "2019-08-12T11:00:34.000Z", "pattern": "[file:hashes.SHA1 = '9ea7832d83c74c839a49580b4211e627a24571be' AND file:name = 'Programa Formacion en Contratacion Publica.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--a62cf322-51d8-4052-a4d6-9ce43578c2f5", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:35.000Z", "modified": "2019-08-12T11:00:35.000Z", "pattern": "[file:hashes.SHA1 = 'bfd0cbef5b9c329792b38274474f04bd8109df66' AND file:name = 'RGMA0_1_629.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--8836295d-7d9e-4d50-a08b-b95b25c8b3c5", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:36.000Z", "modified": "2019-08-12T11:00:36.000Z", "pattern": "[file:hashes.SHA1 = 'fde89fcec30fcaabb3d42ed87180843f3e760cd8' AND file:name = 'Mapa_monitoreo_WRF_ind02052018.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--bc5d7cb4-8876-4e95-9dcd-e3a71c95396d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:36.000Z", "modified": "2019-08-12T11:00:36.000Z", "pattern": "[file:hashes.SHA1 = '52b680f472ae463436979da325db7ad64d5af1ef' AND file:name = 'Mapa_monitoreo_WRF_ind02052018.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b7706f37-e171-41a3-bc49-3fde53dc498f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:40.000Z", "modified": "2019-08-12T11:00:40.000Z", "pattern": "[file:hashes.SHA1 = 'fb871aaca0ddcf2f009a2d11ecf672cfb61b7357' AND file:name = 'CALENDARIO_ACTIVIDADES_COLCO_EC.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--a8fe9e04-bb0d-4131-9ad6-018ec7a0ca99", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:41.000Z", "modified": "2019-08-12T11:00:41.000Z", "pattern": "[file:hashes.SHA1 = '9912bdbe08179122dc3797a2585d463573d1b5a5' AND file:name = '04Down.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--434f775b-b36c-4fb2-8007-4e7b2e7aff88", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:42.000Z", "modified": "2019-08-12T11:00:42.000Z", "pattern": "[file:hashes.SHA1 = 'ab16808b5b4706b6265c5ff5fef8b8460c8a51f8' AND file:name = '4Down.sfx.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--dfa37ef0-abf3-46cd-88c0-a071db75f2c8", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:42.000Z", "modified": "2019-08-12T11:00:42.000Z", "pattern": "[file:hashes.SHA1 = 'bdaab0b356ec9fe61fee1723e1dd52e39ddc6699' AND file:name = '04Down.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--e03bb791-42ae-4009-83a4-15fdb9e4a56a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:43.000Z", "modified": "2019-08-12T11:00:43.000Z", "pattern": "[file:hashes.SHA1 = 'ded6509458df62d3ce60c68f3a2a87e59f1f96be' AND file:name = 'Down.sfx.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--68b09380-602b-460c-b512-affb7278bf17", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:43.000Z", "modified": "2019-08-12T11:00:43.000Z", "pattern": "[file:hashes.SHA1 = '2b7404f6b0075bc1192d61d4af135d521d5f08a3' AND file:name = 'RdrCEF.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--003e685d-79fb-4e9d-aa32-aae946e9c2f2", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:44.000Z", "modified": "2019-08-12T11:00:44.000Z", "pattern": "[file:hashes.SHA1 = '53102e57b40feacb64566c26d101d9242dece77c' AND file:name = 'Down.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--8a3219fe-e008-4649-9f69-ec729c23436d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:45.000Z", "modified": "2019-08-12T11:00:45.000Z", "pattern": "[file:hashes.SHA1 = '56e8743e0773286a4b9e055147d96d53a43beca1' AND file:name = 'Down.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--12aea0bf-6d93-421b-a3bb-66bf707580e4", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:45.000Z", "modified": "2019-08-12T11:00:45.000Z", "pattern": "[file:hashes.SHA1 = '71f69f04307c8f5675dcadeaa80b8c2b95691b01' AND file:name = 'Down.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--1970c2a4-9c10-4a8e-8d37-2e7df057cba7", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:46.000Z", "modified": "2019-08-12T11:00:46.000Z", "pattern": "[file:hashes.SHA1 = '904137b61f1ded66c8ca76ebf198dec1b638b5d4' AND file:name = 'Down.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--244d330e-4a9a-42a4-a98b-c324916fc138", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:46.000Z", "modified": "2019-08-12T11:00:46.000Z", "pattern": "[file:hashes.SHA1 = 'fbb485b40477f5a014e7096747b1b4a494ce50ef' AND file:name = 'Down.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--e9d12a70-06f1-46d0-b97c-3e2f8b93a3bc", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:47.000Z", "modified": "2019-08-12T11:00:47.000Z", "pattern": "[file:hashes.SHA1 = '0468d3776435e527dba52b9da61d38c076dda09a' AND file:name = 'FORMATO UNICO DE RENDIMIENTO OPERATIVO GNB 11JUNIO2019 CZGNB-13 xlsx.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a90220f-2373-49bc-be7c-5b5d4734e51a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:47.000Z", "modified": "2019-08-12T11:00:47.000Z", "pattern": "[file:hashes.SHA1 = '10eb152039cb0a379daab272151bc1baa8c6d4db' AND file:name = 'Radiograma 004026_pdf.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b3b62b88-c1f6-4f7d-9a09-1df9e947bc61", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T11:00:47.000Z", "modified": "2019-08-12T11:00:47.000Z", "pattern": "[file:hashes.SHA1 = '173664de0a9a08218098abfb86d2c64f25b5ee37' AND file:name = 'Dise\u00c3\u00b1o_pptx.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T11:00:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--05981ed3-609f-46bb-b71a-df778d89535d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:38.000Z", "modified": "2019-08-12T13:50:38.000Z", "pattern": "[file:hashes.SHA1 = '29ea8a983e56229ac69fff9958319b66c006020b' AND file:name = 'RDGMA 1101 001 jpg.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--cceb870e-4117-48e0-8ce1-e1c440250917", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:38.000Z", "modified": "2019-08-12T13:50:38.000Z", "pattern": "[file:hashes.SHA1 = '3562cb8d37e68025787c31a0b4654a1ce209e62f' AND file:name = '20190611101428 pdf.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--93e52ad7-7f4c-47a5-99ae-8a4e6e567ec3", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:39.000Z", "modified": "2019-08-12T13:50:39.000Z", "pattern": "[file:hashes.SHA1 = '35e4ecb61f1fa09bec8a4528c592d982d33b6c6b' AND file:name = 'INVITADOS_MEXICANOS.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--638b2381-d20d-42a0-a652-375b1fa87686", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:40.000Z", "modified": "2019-08-12T13:50:40.000Z", "pattern": "[file:hashes.SHA1 = '5c56ac14ca7159804a9d53fe037cfd0d99d45ab1' AND file:name = 'JUNIO_19_PROPUESTA_CLARO_RENOVACION.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--708dab6c-4d36-43f7-aeca-4e26adb0bb16", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:40.000Z", "modified": "2019-08-12T13:50:40.000Z", "pattern": "[file:hashes.SHA1 = '61de62436b3806a3a645c96677d7ad9d802e30a8' AND file:name = 'FORMATO DE NOVEDADES PARA DC PERSONAL xls.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--d6490a36-18cb-460b-b2b5-9a7619606148", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:41.000Z", "modified": "2019-08-12T13:50:41.000Z", "pattern": "[file:hashes.SHA1 = '62800d245a3726ca390d08b7bf17fe2c37f2b3cf' AND file:name = '20190611101331.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b3e77c71-4406-4b96-b6e0-13ed5e4e30f4", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:41.000Z", "modified": "2019-08-12T13:50:41.000Z", "pattern": "[file:hashes.SHA1 = '64f1322bf2a898278aa1e73803fdd500b6e5e7c7' AND file:name = 'RAD_N_0961_21MAY19.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--90b99f0c-945a-46c6-9b0c-039cdab1dbed", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:42.000Z", "modified": "2019-08-12T13:50:42.000Z", "pattern": "[file:hashes.SHA1 = '79ac512389ef9e27a3598ca2968573db4f5fd58f' AND file:name = 'RAD OFL0120_jpg.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--13f08889-deee-4943-b161-0187ef57d7e1", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:42.000Z", "modified": "2019-08-12T13:50:42.000Z", "pattern": "[file:hashes.SHA1 = '7a1ad75a1aa73ec72ee21b213fcca55d57a0cd58' AND file:name = 'S_E_ARLETTE_MARENCO_NOTA_INFORMANDO_TER-MINO_DE_MISION_001.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--c366394b-76d5-4c9b-a560-081a5370446b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:43.000Z", "modified": "2019-08-12T13:50:43.000Z", "pattern": "[file:hashes.SHA1 = '8e0ac29b8bd0c086b20c23b254cf047aa30a0529' AND file:name = '07_1379.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--1a9b7f44-10e5-471c-8489-09d7096dc753", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:43.000Z", "modified": "2019-08-12T13:50:43.000Z", "pattern": "[file:hashes.SHA1 = '91f2c7eed2ee92d11bc6b8fd8d3cba0b02c8d074' AND file:name = 'Blason.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6f54982a-7a31-4544-a758-9693169e1abf", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:44.000Z", "modified": "2019-08-12T13:50:44.000Z", "pattern": "[file:hashes.SHA1 = '97edcdfd6e674591c1e809381c7e68f11dfa81fc' AND file:name = '08_1159.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--4fe3a100-4b92-4752-8e50-c5c19ee6a301", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:45.000Z", "modified": "2019-08-12T13:50:45.000Z", "pattern": "[file:hashes.SHA1 = '9d65b55168526161a79f4743a37b1a7358c67037' AND file:name = 'INSTRUCCIONES DEL JSO 08JUN19 docx.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--13128f4c-5532-4b72-8d01-57a76a4d07c3", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:46.000Z", "modified": "2019-08-12T13:50:46.000Z", "pattern": "[file:hashes.SHA1 = 'a94916f9696d861fe040891634b3f2da09557f13' AND file:name = 'REPORTE OPERACIONAL 10JUN19 pdf.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--f63769dd-f98c-497e-a91f-99d8674be835", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:46.000Z", "modified": "2019-08-12T13:50:46.000Z", "pattern": "[file:hashes.SHA1 = 'b451f623fe9f315eb886b83f27139fc236a07ec9' AND file:name = '20190611101428.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--981f4ee3-dfc4-42ba-927f-6117c0001c8c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:47.000Z", "modified": "2019-08-12T13:50:47.000Z", "pattern": "[file:hashes.SHA1 = 'c39b9d966aed0372619b3989995ab9ad12f94d38' AND file:name = 'NOTA_CICR_00079.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--c58c0483-3472-4669-9d00-cae7a8fff636", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:47.000Z", "modified": "2019-08-12T13:50:47.000Z", "pattern": "[file:hashes.SHA1 = 'cf10e0313177ff4c9c588232218078eb870c0079' AND file:name = 'BOLETA DE PERMISO NELSON GUERERE docx.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--111cb2a8-af64-43a1-8afc-ec6a7c6a5c74", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:48.000Z", "modified": "2019-08-12T13:50:48.000Z", "pattern": "[file:hashes.SHA1 = 'e8bbcb0f6538d1543bfa3f7a66f20155ebc2bcc8' AND file:name = 'JUNIO_27_PROPUESTA_CLARO_RENOVACION.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b875174e-4422-4899-83c8-98d0b805da24", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:49.000Z", "modified": "2019-08-12T13:50:49.000Z", "pattern": "[file:hashes.SHA1 = 'ea3d823df9f0e41ad1da2fd3492b418693bed8bd' AND file:name = '20190611101331 pdf.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--661c06e3-3f9d-4142-a37c-b516ec9721e6", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:49.000Z", "modified": "2019-08-12T13:50:49.000Z", "pattern": "[file:hashes.SHA1 = 'eb82401ce6b2497aeb1fc666697d7d9ce66e4d5b' AND file:name = 'Asimilacion.scr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--d2030374-8a32-48dd-b565-da4f7e9de8eb", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:50.000Z", "modified": "2019-08-12T13:50:50.000Z", "pattern": "[file:hashes.SHA1 = '1b3723651e1d321d4f34f2a243d7751d17288257' AND file:name = '_hashlbi.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6dab62aa-030a-4e3b-a926-9820679ff41a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:50.000Z", "modified": "2019-08-12T13:50:50.000Z", "pattern": "[file:hashes.SHA1 = '7ffb9c7da20c536b694e78538b65726eacb1b055' AND file:name = '_hashlbi.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--f0543d5a-af97-4bc8-8d0b-9101a0c05f34", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:51.000Z", "modified": "2019-08-12T13:50:51.000Z", "pattern": "[file:hashes.SHA1 = 'b1adf4b46350fb801ce54da9c93a4ef79674f3f5' AND file:name = '_hashlbi.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--dec8fd50-628a-4eb2-ba23-557d57eb9535", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:51.000Z", "modified": "2019-08-12T13:50:51.000Z", "pattern": "[file:hashes.SHA1 = '0c33b75f6c4fc0413abdbcda1c5e18c907f13dc3' AND file:name = '_bsdbd.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6929d2e4-27f5-464a-8b4b-2ae80e9ea564", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:52.000Z", "modified": "2019-08-12T13:50:52.000Z", "pattern": "[file:hashes.SHA1 = '314d9b4c25dd69453d86e4c7062dce6dedda0533' AND file:name = '_bsdbd.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--1edaf6f6-1670-4f0b-aa3c-72c7a51e211b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:53.000Z", "modified": "2019-08-12T13:50:53.000Z", "pattern": "[file:hashes.SHA1 = 'd4cf22f3db78bdc1ceb55431857d88166ce677d4' AND file:name = '_bsdbd.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--1a037ed0-53ea-42a7-8694-62f4a728a7cd", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:53.000Z", "modified": "2019-08-12T13:50:53.000Z", "pattern": "[file:hashes.SHA1 = '26fb301af7393b5e564b8c802f5795edebd7cecf' AND file:name = '_clypes.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--7ac1b131-48fc-41b2-894c-c4c3c0852a4b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:53.000Z", "modified": "2019-08-12T13:50:53.000Z", "pattern": "[file:hashes.SHA1 = '979859b5a177650ef0549c81fd66d36e9dea8078' AND file:name = '_clypes.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--14924a9c-5c0f-425d-9531-fa15c3f1c817", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:54.000Z", "modified": "2019-08-12T13:50:54.000Z", "pattern": "[file:hashes.SHA1 = 'a07e38df9887ea7811369cd72c57fd6d44523cd6' AND file:name = '_clypes.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--8e9c45d9-800f-45f9-b6bf-bbde6f3649e4", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:55.000Z", "modified": "2019-08-12T13:50:55.000Z", "pattern": "[file:hashes.SHA1 = '07e383e9ff04f587769845306dc4bfe75630baaa' AND file:name = '_elementree.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--55835c18-a3c4-456a-be2e-fafce0254df0", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:56.000Z", "modified": "2019-08-12T13:50:56.000Z", "pattern": "[file:hashes.SHA1 = '3b6f5cb20ff3ac0ee3813a68a937aae92ebc46d3' AND file:name = '_elementree.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--3e0f2078-e764-413e-98ff-5113ef415da8", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:56.000Z", "modified": "2019-08-12T13:50:56.000Z", "pattern": "[file:hashes.SHA1 = '56765b7511372a8e9be017f48a764d141f485474' AND file:name = '_elementree.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--31fe0063-09d0-4b0a-8188-d46e5bb46307", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:57.000Z", "modified": "2019-08-12T13:50:57.000Z", "pattern": "[file:hashes.SHA1 = 'cf2dc40926d8747aec572dfd711bbfd766aadb10' AND file:name = '_elementree.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--1b8256fb-12f9-4029-9e33-68d895c4e754", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:57.000Z", "modified": "2019-08-12T13:50:57.000Z", "pattern": "[file:hashes.SHA1 = '6b42091ca2f89a59f4e27e30acdacf32eb83f824' AND file:name = '_mssi.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--1c6174ac-7253-4918-9932-4c25d16b7fa9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:58.000Z", "modified": "2019-08-12T13:50:58.000Z", "pattern": "[file:hashes.SHA1 = '708f159f2cfe22ff0c4464f2fedaa0501868bdd8' AND file:name = '_mssi.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--94508ba6-a7b7-45a8-a02f-18b59d6f1774", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:58.000Z", "modified": "2019-08-12T13:50:58.000Z", "pattern": "[file:hashes.SHA1 = 'de639618b550dbe9071e999aaa5b4fc81f63a5a6' AND file:name = '_mssi.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--8ee128fd-b41e-4e8b-a333-0597b474be67", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:50:59.000Z", "modified": "2019-08-12T13:50:59.000Z", "pattern": "[file:hashes.SHA1 = '0b6f61af3e2c6551f15e0f888177eec91f20ba99' AND file:name = '_multiproccessing.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:50:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--7935732e-59a4-4383-9fc9-546da0ea26f9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:51:00.000Z", "modified": "2019-08-12T13:51:00.000Z", "pattern": "[file:hashes.SHA1 = '76aabc0af5d487a80bcba19555191b46766139fa' AND file:name = '_multiproccessing.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:51:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--52156c2a-4c6a-450f-981c-433a42dfb7aa", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:51:00.000Z", "modified": "2019-08-12T13:51:00.000Z", "pattern": "[file:hashes.SHA1 = '7ff87649ca1d9178a02cd9942856d1b590652c6e' AND file:name = '_multiproccessing.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:51:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--19082ad9-3e50-49f4-9018-78ff4f222c7f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:51:01.000Z", "modified": "2019-08-12T13:51:01.000Z", "pattern": "[file:hashes.SHA1 = '8692eb1e620f2bcddaf28f0cb726cec2aa1c230d' AND file:name = '_multiproccessing.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:51:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--683c399f-d3c8-4f32-8c8c-c3df2989c515", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:51:01.000Z", "modified": "2019-08-12T13:51:01.000Z", "pattern": "[file:hashes.SHA1 = '8af19aa3f18cb35f12ee3966931e11799c3ac5a4' AND file:name = '_multiproccessing.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:51:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--7647bee2-58a4-4293-94f5-1540cbe51994", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T13:51:01.000Z", "modified": "2019-08-12T13:51:01.000Z", "pattern": "[file:hashes.SHA1 = 'e1bc4ec7f82fa06924dc4b43fbbb485d8c86d9cd' AND file:name = '_multiproccessing.pyw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T13:51:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--a42282ff-d32e-48d7-afda-ca8056c40b2c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:10:37.000Z", "modified": "2019-08-12T14:10:37.000Z", "pattern": "[file:hashes.SHA1 = 'a19648a5576e0b9fc449d89addc569ba1350ecff']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:10:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--70f89732-c74b-4b50-860e-4fdcfbcab28b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:10:38.000Z", "modified": "2019-08-12T14:10:38.000Z", "pattern": "[file:hashes.SHA1 = '442e6cc28d118cfaf1a5482e2000c7dc00d9a7b9']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:10:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--cc71714f-98d6-4d0e-9047-fb16480a3d65", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-12T14:10:38.000Z", "modified": "2019-08-12T14:10:38.000Z", "pattern": "[file:hashes.SHA1 = '212f3697117d17ec3f299d037845cf3db20ce88a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-12T14:10:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5755a9b4-0b6d-4edb-b41d-1fa6eebf677b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:39.000Z", "modified": "2019-08-23T09:33:39.000Z", "pattern": "[file:hashes.MD5 = 'c8ca25bd428818277968ac3239cfc573' AND file:hashes.SHA1 = 'a42756280aa352f4612bed85aabf7f3267e676c2' AND file:hashes.SHA256 = '3cf929b0a52e297d8d24af326f94f7114913a285f2f859ba7d4be38bd425fedd']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--57e72629-e86a-4591-b071-dc72988a11dd", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:40.000Z", "modified": "2019-08-23T09:33:40.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-07T06:30:18", "category": "Other", "uuid": "16e71265-a838-4f9e-99b4-48db8a7350d1" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/3cf929b0a52e297d8d24af326f94f7114913a285f2f859ba7d4be38bd425fedd/analysis/1565159418/", "category": "Payload delivery", "uuid": "170d2949-1c3d-48ac-a9cc-77caa6912374" }, { "type": "text", "object_relation": "detection-ratio", "value": "8/67", "category": "Payload delivery", "uuid": "8e373bd7-6180-42ba-b287-0f4813c31d2d" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--90ba774e-2d3c-4681-aa3c-2f72306df89e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:41.000Z", "modified": "2019-08-23T09:33:41.000Z", "pattern": "[file:hashes.MD5 = '3239f2d8acee4742f9b4d919e61b8983' AND file:hashes.SHA1 = '4899a2c2ceceb92d2cc4ed17d092d1d599379284' AND file:hashes.SHA256 = '2e3dc1c6b6c5d9015a18d6ee3578381eeefffd5126abf87635f448006c63f58c']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--46245f77-2cae-4804-a5d1-c6c09bb69ef8", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:41.000Z", "modified": "2019-08-23T09:33:41.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-09T16:22:18", "category": "Other", "uuid": "8ac9b96c-780d-43c5-ab9a-e5d07d149620" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/2e3dc1c6b6c5d9015a18d6ee3578381eeefffd5126abf87635f448006c63f58c/analysis/1565367738/", "category": "Payload delivery", "uuid": "a788f6e0-08f3-4844-aab6-a9b7c5e02386" }, { "type": "text", "object_relation": "detection-ratio", "value": "14/66", "category": "Payload delivery", "uuid": "1e920924-74ad-4ecd-9964-8b93c3869666" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--f23f0b2b-985e-4e21-80dc-e59c3c28c45f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:41.000Z", "modified": "2019-08-23T09:33:41.000Z", "pattern": "[file:hashes.MD5 = '4bfd79b34234060f9d4dc26bd23c67c9' AND file:hashes.SHA1 = 'a97cf05ad7f3102bde45e4b4947ed435efea1968' AND file:hashes.SHA256 = '1b6926c9fcea7681c6ed4f62b404e8a1c332fbbc26e872ddb53afc6e818f1cd4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--0da0d94b-fd1a-48df-a95f-33f250100eb4", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:41.000Z", "modified": "2019-08-23T09:33:41.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-06T00:39:40", "category": "Other", "uuid": "a54da0c4-02da-4ca0-8f17-bdb8ee6eea1d" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/1b6926c9fcea7681c6ed4f62b404e8a1c332fbbc26e872ddb53afc6e818f1cd4/analysis/1565051980/", "category": "Payload delivery", "uuid": "889c7867-90a4-453f-9697-08f66acc5729" }, { "type": "text", "object_relation": "detection-ratio", "value": "5/73", "category": "Payload delivery", "uuid": "255635cd-f3b4-4d57-a4df-462db4c66801" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b05ef68e-17cd-4a85-af71-414145036bba", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:41.000Z", "modified": "2019-08-23T09:33:41.000Z", "pattern": "[file:hashes.MD5 = 'ca0bdef2b365c70733aa61ad2224475b' AND file:hashes.SHA1 = 'e8bbcb0f6538d1543bfa3f7a66f20155ebc2bcc8' AND file:hashes.SHA256 = 'a2c938629dd6a1b3061603e212fbec11cd5a499b52acff25d93448c326d314f0']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--6847ec0c-770d-4bb0-b6b5-64286a072bb9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:41.000Z", "modified": "2019-08-23T09:33:41.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-06T12:02:11", "category": "Other", "uuid": "78b95690-31cf-46e3-a7b1-09f0245658aa" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/a2c938629dd6a1b3061603e212fbec11cd5a499b52acff25d93448c326d314f0/analysis/1565092931/", "category": "Payload delivery", "uuid": "f9d4f0e9-6bb1-49b3-b819-968be3b0ef79" }, { "type": "text", "object_relation": "detection-ratio", "value": "23/62", "category": "Payload delivery", "uuid": "bf93c74b-63c5-4894-a6a4-b8e08f530058" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--531a0491-51fb-4487-8d23-083a61d6749c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:42.000Z", "modified": "2019-08-23T09:33:42.000Z", "pattern": "[file:hashes.MD5 = '69e8e8258fbda29a140fb820c93afbcc' AND file:hashes.SHA1 = '67ecbc1e9a66719c599e6dded33a85f70daca13e' AND file:hashes.SHA256 = 'e52516e6881c7b073d68903099db0c85ddf465c71054e9da639f66a62d0cc528']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--b5567de3-b632-4c8e-a2b2-843367a3b89c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:42.000Z", "modified": "2019-08-23T09:33:42.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-16T10:42:18", "category": "Other", "uuid": "294a9cbf-196c-4886-a723-d133defb95cf" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/e52516e6881c7b073d68903099db0c85ddf465c71054e9da639f66a62d0cc528/analysis/1565952138/", "category": "Payload delivery", "uuid": "0c69ff89-5fc6-4a8a-83ff-2d9fe5f88468" }, { "type": "text", "object_relation": "detection-ratio", "value": "41/70", "category": "Payload delivery", "uuid": "19dc37b7-9d14-442e-8537-21aff19abb8f" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6bed7582-d749-4f0e-972a-704520e046dc", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:42.000Z", "modified": "2019-08-23T09:33:42.000Z", "pattern": "[file:hashes.MD5 = '19b049ab19fd3e8c6f5b36c6a41024fe' AND file:hashes.SHA1 = '97edcdfd6e674591c1e809381c7e68f11dfa81fc' AND file:hashes.SHA256 = '217c351a6b80b94b933c6429b27c205466381f72485398f452b18cdd6bb97cc7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--fdd40616-8544-40b7-8f04-79ab0dd41097", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:42.000Z", "modified": "2019-08-23T09:33:42.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-20T15:42:21", "category": "Other", "uuid": "4a3be05f-8620-40c3-bfb1-be0cd9a14c99" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/217c351a6b80b94b933c6429b27c205466381f72485398f452b18cdd6bb97cc7/analysis/1566315741/", "category": "Payload delivery", "uuid": "da9d743d-d207-439e-9fef-2b9812a1f478" }, { "type": "text", "object_relation": "detection-ratio", "value": "33/69", "category": "Payload delivery", "uuid": "527111d0-8515-4364-9465-1cc4e24e2822" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--fe215d82-4e07-46c1-8545-1d395fa890ce", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:43.000Z", "modified": "2019-08-23T09:33:43.000Z", "pattern": "[file:hashes.MD5 = 'f84f600384a857b583fa5d24de290de4' AND file:hashes.SHA1 = 'a19648a5576e0b9fc449d89addc569ba1350ecff' AND file:hashes.SHA256 = '9445e4f838103f8032646a37074cf8900c0165088d9f88438c8ea93f21576811']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--f4cd93cd-e5cd-42b3-8fe9-28685d552703", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:43.000Z", "modified": "2019-08-23T09:33:43.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-20T15:42:17", "category": "Other", "uuid": "ba5bab65-12eb-47dc-ad32-5435d5704253" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/9445e4f838103f8032646a37074cf8900c0165088d9f88438c8ea93f21576811/analysis/1566315737/", "category": "Payload delivery", "uuid": "877c5e64-aafb-4795-b634-911d36bbd8c5" }, { "type": "text", "object_relation": "detection-ratio", "value": "39/69", "category": "Payload delivery", "uuid": "bdaa0ade-94b4-42fa-aab5-a94291a17081" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--7047fe89-3ddd-4bff-aa2a-11d986cde08b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:43.000Z", "modified": "2019-08-23T09:33:43.000Z", "pattern": "[file:hashes.MD5 = '04fa52b44178bec611232d260ec18c03' AND file:hashes.SHA1 = 'dda105d8d894f73b16518d546270e4f783cb5178' AND file:hashes.SHA256 = '2674fc7ac47f8a0b5ff07335a18fb9168c532ea3690d2ddacb0f9486711eeeb1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--4cbc7e29-5a6c-4775-8002-cdba10392a10", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:43.000Z", "modified": "2019-08-23T09:33:43.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-20T15:42:17", "category": "Other", "uuid": "3a0c915a-3958-4817-824e-21c93a3e03af" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/2674fc7ac47f8a0b5ff07335a18fb9168c532ea3690d2ddacb0f9486711eeeb1/analysis/1566315737/", "category": "Payload delivery", "uuid": "5b1a2506-a2cb-4b11-ad1d-cb0a5bb8184b" }, { "type": "text", "object_relation": "detection-ratio", "value": "37/67", "category": "Payload delivery", "uuid": "c0c12f49-c195-43c7-83a6-9d0aa86e7201" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--50fedb9b-0e14-43fb-8512-8f989ac34305", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:44.000Z", "modified": "2019-08-23T09:33:44.000Z", "pattern": "[file:hashes.MD5 = '7163167a07b2ba31d6064297167cc19f' AND file:hashes.SHA1 = 'bfd0cbef5b9c329792b38274474f04bd8109df66' AND file:hashes.SHA256 = 'b4919db508e9d54c77ff101c0e1155a6ab4e12e61a16708810fdc5c2d23f3e43']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--5028f0e4-43d2-4832-a500-813be2f633b3", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:44.000Z", "modified": "2019-08-23T09:33:44.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-14T15:50:08", "category": "Other", "uuid": "a90202a3-93b9-4d67-9b6c-e06361e1d187" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/b4919db508e9d54c77ff101c0e1155a6ab4e12e61a16708810fdc5c2d23f3e43/analysis/1565797808/", "category": "Payload delivery", "uuid": "3b7e9886-4153-4c8a-adeb-f7ed1c68e48f" }, { "type": "text", "object_relation": "detection-ratio", "value": "38/66", "category": "Payload delivery", "uuid": "ee1a20eb-cc0b-4983-a26a-49b7379fd6a0" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--51d2647f-b8ad-4664-a17d-7ae19f413a11", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:44.000Z", "modified": "2019-08-23T09:33:44.000Z", "pattern": "[file:hashes.MD5 = '33aac948ba9f11ff8e8fba02127e2c34' AND file:hashes.SHA1 = '85bdd7d871108c737701ac30c14a2d343cbdef94' AND file:hashes.SHA256 = '60c1c4fbeeb9629a0867e091c6012765507797e5f7f9eb42701bc41dcc2f811d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--24acd52e-a969-4d69-bb88-e57c51a43e42", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:44.000Z", "modified": "2019-08-23T09:33:44.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-07T04:53:37", "category": "Other", "uuid": "219060ce-47cc-4ca5-9c7a-16d761b1299f" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/60c1c4fbeeb9629a0867e091c6012765507797e5f7f9eb42701bc41dcc2f811d/analysis/1565153617/", "category": "Payload delivery", "uuid": "fe7003d9-62e1-4819-90d4-b4945ccdf90e" }, { "type": "text", "object_relation": "detection-ratio", "value": "14/73", "category": "Payload delivery", "uuid": "7c17bc6d-f8dd-4585-b5fe-c90096f32550" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b6decb0d-6c64-4c13-a035-00e4867fb2dd", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:44.000Z", "modified": "2019-08-23T09:33:44.000Z", "pattern": "[file:hashes.MD5 = '8d92e51008d4ec7530bb16b3caa63fbb' AND file:hashes.SHA1 = '341f2efa0fd11b4480d8503bfb81c62af667d72d' AND file:hashes.SHA256 = '8bd1d2d8b037df18c1f0345b092434e2055f2ac01c7a86decc2c0f35685227ef']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--7f0397a0-ca35-463e-ba29-48807fde401b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:45.000Z", "modified": "2019-08-23T09:33:45.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-06T00:39:47", "category": "Other", "uuid": "83ebad06-2bae-4a9b-96d5-2bd4e40dd638" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/8bd1d2d8b037df18c1f0345b092434e2055f2ac01c7a86decc2c0f35685227ef/analysis/1565051987/", "category": "Payload delivery", "uuid": "5bb822f7-3f6b-4881-a172-057784d4c6eb" }, { "type": "text", "object_relation": "detection-ratio", "value": "28/71", "category": "Payload delivery", "uuid": "dbd8d2f0-9510-45c1-ab41-c62dbf5800ed" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--68f1d019-274d-43e4-b014-ce9b23560d4e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:45.000Z", "modified": "2019-08-23T09:33:45.000Z", "pattern": "[file:hashes.MD5 = 'c312d1a4ac706d910c611ad8f600fe68' AND file:hashes.SHA1 = '984b9202a6dbd7d3dd696cae1220338a68092dc9' AND file:hashes.SHA256 = 'da31a5bfc103a47899171289ead4b53735b736766cb8501f5a5164097889a518']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--d006038d-e562-4505-aa6a-26272c6906c5", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:45.000Z", "modified": "2019-08-23T09:33:45.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-08T01:57:24", "category": "Other", "uuid": "53d53b85-9e84-44e4-969d-9e29438cf291" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/da31a5bfc103a47899171289ead4b53735b736766cb8501f5a5164097889a518/analysis/1565229444/", "category": "Payload delivery", "uuid": "2bec80c0-cea9-452e-9617-0a94082f4eb8" }, { "type": "text", "object_relation": "detection-ratio", "value": "18/71", "category": "Payload delivery", "uuid": "2774491e-f14f-4e59-b8d1-9768d3d9056a" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--a5b82f72-0f15-4329-a3ae-a1443c7c20f9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:45.000Z", "modified": "2019-08-23T09:33:45.000Z", "pattern": "[file:hashes.MD5 = 'ec9e0092505743e000bd95c3e4677aff' AND file:hashes.SHA1 = '62800d245a3726ca390d08b7bf17fe2c37f2b3cf' AND file:hashes.SHA256 = 'fdc8f48fcf98ce9eb4d9bc4633dec64a26019a6e3738641eefbbc087e32f4bd1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--ef7058b0-ee9a-42e7-84e4-571560201656", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:46.000Z", "modified": "2019-08-23T09:33:46.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-06T00:39:54", "category": "Other", "uuid": "c6b26a28-5edd-40de-ad18-bb0c215ac34d" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/fdc8f48fcf98ce9eb4d9bc4633dec64a26019a6e3738641eefbbc087e32f4bd1/analysis/1565051994/", "category": "Payload delivery", "uuid": "ed4fab8d-0c41-4b01-a8e7-2bf647460b0f" }, { "type": "text", "object_relation": "detection-ratio", "value": "24/69", "category": "Payload delivery", "uuid": "30d2cff9-88a6-4ed3-abf4-96ab979282a8" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--a7f25b8a-bc21-44ec-88e6-fe0d358f36b5", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:46.000Z", "modified": "2019-08-23T09:33:46.000Z", "pattern": "[file:hashes.MD5 = '624a23ea378b4422beb4189ac75a478d' AND file:hashes.SHA1 = '904137b61f1ded66c8ca76ebf198dec1b638b5d4' AND file:hashes.SHA256 = 'fdb55a207260a62b190f307fe6021158f45fd8342718e60018467129424b10d4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--a15e1912-b799-484e-8596-3a929eb5b849", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:46.000Z", "modified": "2019-08-23T09:33:46.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-07T02:34:38", "category": "Other", "uuid": "fa27b39d-1e85-43ec-88d6-52a8038374f2" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/fdb55a207260a62b190f307fe6021158f45fd8342718e60018467129424b10d4/analysis/1565145278/", "category": "Payload delivery", "uuid": "57752b95-4183-4d8c-bf10-6aab97c03a48" }, { "type": "text", "object_relation": "detection-ratio", "value": "35/66", "category": "Payload delivery", "uuid": "a70a2829-6306-4be7-ad16-76e4b3ae29ca" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--fbbe7063-4dc9-40d9-8a70-5e10d25ae1be", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:46.000Z", "modified": "2019-08-23T09:33:46.000Z", "pattern": "[file:hashes.MD5 = 'f76ee4d0e496fd22bc87e685653a296b' AND file:hashes.SHA1 = '204a2850548e5994d4696e9002f90dfccbe2093a' AND file:hashes.SHA256 = '83a40a07de648eaeaac0d3675a692def343a32dbf03655befe2a91a7bf221257']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--3dccc6fd-ccf2-4995-8770-41075c7981c0", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:47.000Z", "modified": "2019-08-23T09:33:47.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-16T11:50:35", "category": "Other", "uuid": "70af704c-fbf7-47e7-b4a4-be254b7b4c8a" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/83a40a07de648eaeaac0d3675a692def343a32dbf03655befe2a91a7bf221257/analysis/1565956235/", "category": "Payload delivery", "uuid": "e10eaccb-73be-4264-a23f-724c4bea7914" }, { "type": "text", "object_relation": "detection-ratio", "value": "32/68", "category": "Payload delivery", "uuid": "ff2dac80-68f8-450a-bf65-3757bd5e77c0" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--4671a7c1-3b72-427b-b486-a9076c743c39", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:47.000Z", "modified": "2019-08-23T09:33:47.000Z", "pattern": "[file:hashes.MD5 = 'a3f35e1ec2a70df31296deef93129904' AND file:hashes.SHA1 = 'eabd45d0a86113f5ccff9fd292c1e482a5727815' AND file:hashes.SHA256 = '470aaf51761c15d9942aa156a9a6cc07fde5b1be54e73692ec71567df8a387b6']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--601cbe62-0b1b-4765-9a08-23a989a76447", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:47.000Z", "modified": "2019-08-23T09:33:47.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-06T00:39:44", "category": "Other", "uuid": "0a76d50d-7732-4ca0-85ee-d66016d2fddd" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/470aaf51761c15d9942aa156a9a6cc07fde5b1be54e73692ec71567df8a387b6/analysis/1565051984/", "category": "Payload delivery", "uuid": "130e74c3-5eb2-4057-826a-e755c8190225" }, { "type": "text", "object_relation": "detection-ratio", "value": "7/71", "category": "Payload delivery", "uuid": "0bd98a79-8f30-4041-bc0d-dc6e6bc2beae" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b8629f7c-4f7b-403e-9b5e-8343238e99cf", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:47.000Z", "modified": "2019-08-23T09:33:47.000Z", "pattern": "[file:hashes.MD5 = '95a9f742768e75c5ac4614ed0645c510' AND file:hashes.SHA1 = '212f3697117d17ec3f299d037845cf3db20ce88a' AND file:hashes.SHA256 = 'ce2eee86b841a8db264b93cd2e7a791102b05f7d6e2a0a2850cd02be86e7bb3c']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--e400655d-93d4-46a7-9116-738530e06ea7", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:47.000Z", "modified": "2019-08-23T09:33:47.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-22T18:46:16", "category": "Other", "uuid": "2c293c03-35c5-46fb-82c3-94527dc522bc" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/ce2eee86b841a8db264b93cd2e7a791102b05f7d6e2a0a2850cd02be86e7bb3c/analysis/1566499576/", "category": "Payload delivery", "uuid": "aa385878-0160-488b-b432-3611843e48db" }, { "type": "text", "object_relation": "detection-ratio", "value": "31/69", "category": "Payload delivery", "uuid": "dd913565-aaec-4b25-83fd-7ff0a49706bf" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--e8a2c8f3-145e-47a6-83fe-139a0629e77c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:48.000Z", "modified": "2019-08-23T09:33:48.000Z", "pattern": "[file:hashes.MD5 = 'dd4389198abe57219d74928d6e775f6b' AND file:hashes.SHA1 = 'ded6509458df62d3ce60c68f3a2a87e59f1f96be' AND file:hashes.SHA256 = '82535c7c8c1d8d49ffefe1731c7a57b9e78fd96a864c39cdc4296b5d3afb5503']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--3cf7cf8e-f19a-4306-bd46-e65583216baa", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:48.000Z", "modified": "2019-08-23T09:33:48.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-22T08:12:24", "category": "Other", "uuid": "2e203312-afc1-41aa-8d9c-307a0bdfe179" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/82535c7c8c1d8d49ffefe1731c7a57b9e78fd96a864c39cdc4296b5d3afb5503/analysis/1566461544/", "category": "Payload delivery", "uuid": "d3b34e11-ebaa-4824-a540-bbf287bc401f" }, { "type": "text", "object_relation": "detection-ratio", "value": "38/67", "category": "Payload delivery", "uuid": "c02cb983-e0e4-4d5c-9938-aeb916fbd602" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--cd784941-a6e5-4ff2-b4d2-8e0201d5fabd", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:48.000Z", "modified": "2019-08-23T09:33:48.000Z", "pattern": "[file:hashes.MD5 = 'b9806b73c97d1eab5c4dde19fb20a403' AND file:hashes.SHA1 = '03929a5530639c1d9dbd395a298c59fd7eff1dec' AND file:hashes.SHA256 = '14996a7f925bb15609d7d10a15813054ffbff083291925417ecaf257e38e5fa9']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--116175d9-f786-4417-91c1-e787621fc175", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:48.000Z", "modified": "2019-08-23T09:33:48.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-22T14:12:20", "category": "Other", "uuid": "b0318569-a903-42a8-93de-dca09af7e090" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/14996a7f925bb15609d7d10a15813054ffbff083291925417ecaf257e38e5fa9/analysis/1566483140/", "category": "Payload delivery", "uuid": "b799a68a-ee70-474a-a245-da4ede841dbf" }, { "type": "text", "object_relation": "detection-ratio", "value": "42/69", "category": "Payload delivery", "uuid": "e74ef843-3680-41d3-b7db-1b0b83d01166" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--583f80b7-150f-43b8-984c-507183734547", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:49.000Z", "modified": "2019-08-23T09:33:49.000Z", "pattern": "[file:hashes.MD5 = 'fd301450a00094407729b9139c6c544a' AND file:hashes.SHA1 = 'b6e436a0fff117a1c3d3d70947f62d4cac66c95e' AND file:hashes.SHA256 = '242a1b8f9253b678c03507f137ade7a369c43964a9e2ee21b88289feeb61d208']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--7c9894ca-7a08-4157-a60a-2dbfdead61bb", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:51.000Z", "modified": "2019-08-23T09:33:51.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-14T06:12:12", "category": "Other", "uuid": "97cc9c37-8a59-4b7b-a326-5bd60584ea2b" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/242a1b8f9253b678c03507f137ade7a369c43964a9e2ee21b88289feeb61d208/analysis/1565763132/", "category": "Payload delivery", "uuid": "6cb2c50f-c405-48f2-a762-d671baef749a" }, { "type": "text", "object_relation": "detection-ratio", "value": "31/70", "category": "Payload delivery", "uuid": "0bc7ec5f-3179-44d6-bdf4-725b3ff81715" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--7e7268fb-a0fc-4c93-bc16-ba606b5e988b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:52.000Z", "modified": "2019-08-23T09:33:52.000Z", "pattern": "[file:hashes.MD5 = '4da12f54f0b7413d04f6832d26ee4633' AND file:hashes.SHA1 = '0ac64e08e63601ad9d6a4ef019e5b374784af80a' AND file:hashes.SHA256 = '86fca593acbcac34c59797cb38d5ca32986f66555875c79648cc57d3a443a46d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--8e631b4f-7877-4d15-8bae-4026529a128a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:52.000Z", "modified": "2019-08-23T09:33:52.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-14T06:10:43", "category": "Other", "uuid": "45d6a88e-cb2a-4a2a-bc10-acfdc2242299" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/86fca593acbcac34c59797cb38d5ca32986f66555875c79648cc57d3a443a46d/analysis/1565763043/", "category": "Payload delivery", "uuid": "33a390cf-e3e9-4759-9fbe-070928b8502e" }, { "type": "text", "object_relation": "detection-ratio", "value": "34/67", "category": "Payload delivery", "uuid": "634fb5ab-2337-4cf5-a1b8-0a94da62accc" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--2b52403a-fe7b-4b5e-9b93-ca6d6eed3654", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:52.000Z", "modified": "2019-08-23T09:33:52.000Z", "pattern": "[file:hashes.MD5 = '9bc58a40aa36674fe4a44abfd938a8db' AND file:hashes.SHA1 = '2b7404f6b0075bc1192d61d4af135d521d5f08a3' AND file:hashes.SHA256 = '446b37b0b0ffcb59ae0df18cf9125f62e128d475eb8f5a9a2caa7a3c3448565d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--73744f82-718a-484b-8057-e78bf0d1f92d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:52.000Z", "modified": "2019-08-23T09:33:52.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-06T00:39:44", "category": "Other", "uuid": "0a3f9499-cb4c-4465-8a81-cf1449a787d2" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/446b37b0b0ffcb59ae0df18cf9125f62e128d475eb8f5a9a2caa7a3c3448565d/analysis/1565051984/", "category": "Payload delivery", "uuid": "2138e29b-82c9-416c-88bd-1a2e06ddf352" }, { "type": "text", "object_relation": "detection-ratio", "value": "33/71", "category": "Payload delivery", "uuid": "f87df041-8e64-402b-9fd2-90d3a7441ed9" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--c7f78389-8821-43ca-8d46-687afc70fa6a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:53.000Z", "modified": "2019-08-23T09:33:53.000Z", "pattern": "[file:hashes.MD5 = '33edc43992137c0d4b07a4c1ed389e1e' AND file:hashes.SHA1 = '4c130aa110b290a0cf4ff1c099ea2a705081a9cb' AND file:hashes.SHA256 = '590bfc6b7fbd89e629e551fa9d70f1cdc0773d73dfea503d204a05014a8f0191']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--b97cd856-8dae-4602-aa2f-db8daf1f1129", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:53.000Z", "modified": "2019-08-23T09:33:53.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-06T00:39:45", "category": "Other", "uuid": "c6f36377-9234-426a-8fca-68c4bcc1eb56" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/590bfc6b7fbd89e629e551fa9d70f1cdc0773d73dfea503d204a05014a8f0191/analysis/1565051985/", "category": "Payload delivery", "uuid": "8c941c57-845a-4350-9a91-f53cc2b55ac4" }, { "type": "text", "object_relation": "detection-ratio", "value": "25/69", "category": "Payload delivery", "uuid": "fa07a4cc-cc41-4975-bf41-8004cf0077c0" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--477d1696-bc96-462f-afed-7aac5dac22e3", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:53.000Z", "modified": "2019-08-23T09:33:53.000Z", "pattern": "[file:hashes.MD5 = '22b2718408aa6dbbfb05066325838468' AND file:hashes.SHA1 = '442e6cc28d118cfaf1a5482e2000c7dc00d9a7b9' AND file:hashes.SHA256 = '1c0a896f8627e0974e113143fe0d9d7991ca170d250eec92359ec00b3296db82']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--2d8d71da-d2e0-4004-9cc1-fc2b68fca4e3", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:53.000Z", "modified": "2019-08-23T09:33:53.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-06T00:39:40", "category": "Other", "uuid": "ad9aed51-be2a-46dd-a742-c6a015593afe" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/1c0a896f8627e0974e113143fe0d9d7991ca170d250eec92359ec00b3296db82/analysis/1565051980/", "category": "Payload delivery", "uuid": "463bca38-c5db-45cf-b071-3a5f94bfe081" }, { "type": "text", "object_relation": "detection-ratio", "value": "16/72", "category": "Payload delivery", "uuid": "7c62ad0a-b7ac-422c-abce-155d4a93cfb2" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--2c001844-70ba-431f-b9e2-c81f88058ed8", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:53.000Z", "modified": "2019-08-23T09:33:53.000Z", "pattern": "[file:hashes.MD5 = '6370323a5960f06b77a61487b75aabe3' AND file:hashes.SHA1 = '3bb345032b6d0226d6771ba65fe4da0faf628631' AND file:hashes.SHA256 = 'cd43a176d2476cd717395a5d106cc4bc48aa4ca9b3a4e2047426c6f9aa045ea0']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--8aa45243-df40-4d10-bf17-d3e2599fed0a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:54.000Z", "modified": "2019-08-23T09:33:54.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-22T14:12:48", "category": "Other", "uuid": "7c423234-eff8-4a80-837c-88b7c3d8e4b0" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/cd43a176d2476cd717395a5d106cc4bc48aa4ca9b3a4e2047426c6f9aa045ea0/analysis/1566483168/", "category": "Payload delivery", "uuid": "55977d96-b891-4b8c-a209-037aaf4a20d0" }, { "type": "text", "object_relation": "detection-ratio", "value": "32/69", "category": "Payload delivery", "uuid": "88b8201a-6590-44c4-8415-e0ed322698bc" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--58281799-2547-4047-98cd-60e10f04c1bd", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:54.000Z", "modified": "2019-08-23T09:33:54.000Z", "pattern": "[file:hashes.MD5 = '15e50c8efe8f72064d51fc04437bed26' AND file:hashes.SHA1 = '8ed8cb784512f7dadd147347fc94e945faf16338' AND file:hashes.SHA256 = '337016b4f74c35030c825bffb7e5bfb56e61c8522183ce14a995ea9e032e7505']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--87010e33-7b38-419d-8421-5eaa07cb8c4b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:54.000Z", "modified": "2019-08-23T09:33:54.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-06T00:39:42", "category": "Other", "uuid": "8e530b7b-d673-41d1-8fc0-31c2d6b98b6e" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/337016b4f74c35030c825bffb7e5bfb56e61c8522183ce14a995ea9e032e7505/analysis/1565051982/", "category": "Payload delivery", "uuid": "7cb2e7db-f8be-4f73-84bb-d4b9479ccede" }, { "type": "text", "object_relation": "detection-ratio", "value": "4/72", "category": "Payload delivery", "uuid": "7d9d1334-1e67-4587-89e4-fefc1747c19f" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--ac105d47-7fab-4260-ad19-e2827a659096", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:54.000Z", "modified": "2019-08-23T09:33:54.000Z", "pattern": "[file:hashes.MD5 = '48e6c558a87577281a6b1f37e426f8ed' AND file:hashes.SHA1 = '946a24dfbd0ae94209ef7c284d3f462548566a3c' AND file:hashes.SHA256 = '3a4d8962e6deb2c0bf79b039695d25db85ac91f5b46e86397190b8c4a0ad95ef']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--63dce8e1-33e9-48be-8523-b5db67038282", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:55.000Z", "modified": "2019-08-23T09:33:55.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-06T00:39:42", "category": "Other", "uuid": "f153494c-3b6b-4b22-b71a-34646d965d1e" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/3a4d8962e6deb2c0bf79b039695d25db85ac91f5b46e86397190b8c4a0ad95ef/analysis/1565051982/", "category": "Payload delivery", "uuid": "3ced7f8f-fcf5-4de2-96ed-d9edf0311de3" }, { "type": "text", "object_relation": "detection-ratio", "value": "8/71", "category": "Payload delivery", "uuid": "d7483c8e-d038-4ba3-9e98-9cf015824ac9" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--206578ce-144d-4490-b193-f64ae055a583", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:55.000Z", "modified": "2019-08-23T09:33:55.000Z", "pattern": "[file:hashes.MD5 = '396b6502c46b45d9f5efff728fa27055' AND file:hashes.SHA1 = 'f05bc018c90b560dc4932758956adffbc10588ce' AND file:hashes.SHA256 = '7980a1af165c711aaafcd1e60151cb66a58f4ccd3a0394fbecf2ba903ad50b55']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--0dc7048e-96ee-4e68-a2eb-403dd3883ae3", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:55.000Z", "modified": "2019-08-23T09:33:55.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-06T00:39:45", "category": "Other", "uuid": "4dd18883-857f-44f7-8f46-86510c0528ec" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/7980a1af165c711aaafcd1e60151cb66a58f4ccd3a0394fbecf2ba903ad50b55/analysis/1565051985/", "category": "Payload delivery", "uuid": "883d7cd4-16f2-4eb4-98a1-6ee7fdf566a3" }, { "type": "text", "object_relation": "detection-ratio", "value": "4/71", "category": "Payload delivery", "uuid": "35c1a363-34b0-4f3d-9e48-fb1e4be6a548" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--928ffbe0-4d94-455a-97cf-8202e79d6626", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:56.000Z", "modified": "2019-08-23T09:33:56.000Z", "pattern": "[file:hashes.MD5 = '1acc3b68da6b0a800cd58af30d47b01e' AND file:hashes.SHA1 = '9c413075aab7ef7876b8dc8d7b7c1b9b96842c6e' AND file:hashes.SHA256 = 'f1d4cc1e08d99497e19a29f9f915b813611b1f569a961bb7bd1ebc41a0b5af08']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--0a71b5ae-12ea-4aa3-bb82-6f031ff3765b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:57.000Z", "modified": "2019-08-23T09:33:57.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-06T00:39:52", "category": "Other", "uuid": "197c6b8b-8408-4769-acbb-f4dfdcc9dac0" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/f1d4cc1e08d99497e19a29f9f915b813611b1f569a961bb7bd1ebc41a0b5af08/analysis/1565051992/", "category": "Payload delivery", "uuid": "10aa9680-4f6f-4568-a5fc-274bf7e91101" }, { "type": "text", "object_relation": "detection-ratio", "value": "9/71", "category": "Payload delivery", "uuid": "0c650060-f835-4d2f-a161-2836b9f2d7a0" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b2e3f716-6a47-4f4c-8d2d-f329559a4cad", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:57.000Z", "modified": "2019-08-23T09:33:57.000Z", "pattern": "[file:hashes.MD5 = 'b2975864ad694469b04165bd09277421' AND file:hashes.SHA1 = '0922defb82ff1140bbe3481bab27564bb966d50b' AND file:hashes.SHA256 = '0e0181499e50fb9ce8029767afdcf60ce21eea2819ce7ada1a3def4d8899c7dc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--56045c01-e584-420e-97ad-340f8364c026", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:57.000Z", "modified": "2019-08-23T09:33:57.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-06T00:39:41", "category": "Other", "uuid": "962d2dae-deae-49fe-9bc2-23c4a3f46cad" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/0e0181499e50fb9ce8029767afdcf60ce21eea2819ce7ada1a3def4d8899c7dc/analysis/1565051981/", "category": "Payload delivery", "uuid": "6666edb2-556e-4e0c-aced-1f03fb89648f" }, { "type": "text", "object_relation": "detection-ratio", "value": "21/71", "category": "Payload delivery", "uuid": "78f14ca4-ded4-4fa4-afa8-a4ca6ea0fa4c" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--2d52e790-2148-4c46-af5a-3a9cca5167c2", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:58.000Z", "modified": "2019-08-23T09:33:58.000Z", "pattern": "[file:hashes.MD5 = '5a46d793cf82822cb334b70609a9acd7' AND file:hashes.SHA1 = '56e8743e0773286a4b9e055147d96d53a43beca1' AND file:hashes.SHA256 = 'cde4b654e9bb29d3ace2b3dcd3520039bf8b42f905ac8d9e77845d8b911846e8']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--924cdf00-0662-44d7-9abe-db984b87a890", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:58.000Z", "modified": "2019-08-23T09:33:58.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-06T00:39:50", "category": "Other", "uuid": "17dadadd-111e-46a8-92b3-1fe16369945a" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/cde4b654e9bb29d3ace2b3dcd3520039bf8b42f905ac8d9e77845d8b911846e8/analysis/1565051990/", "category": "Payload delivery", "uuid": "baef6a31-bc30-4c2a-a6d8-e0539ef8dc11" }, { "type": "text", "object_relation": "detection-ratio", "value": "37/70", "category": "Payload delivery", "uuid": "026e02d8-4c19-4f54-969d-6572c629dcff" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--780ea6a4-143e-435e-80ce-a9d640727387", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:58.000Z", "modified": "2019-08-23T09:33:58.000Z", "pattern": "[file:hashes.MD5 = '2adb5b013ba4de9a20c7c9e185930675' AND file:hashes.SHA1 = '173664de0a9a08218098abfb86d2c64f25b5ee37' AND file:hashes.SHA256 = 'eecb72fdd8f19a6ec78b27f47aa978eefbaf0c80c85481292b91e8010da95bd0']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--171b844c-e483-40b1-9be6-3a72552cad24", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:59.000Z", "modified": "2019-08-23T09:33:59.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-06T00:39:52", "category": "Other", "uuid": "69c83f72-bdb7-4652-b926-6a2e851907a5" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/eecb72fdd8f19a6ec78b27f47aa978eefbaf0c80c85481292b91e8010da95bd0/analysis/1565051992/", "category": "Payload delivery", "uuid": "702ec67b-808d-45e2-aa3d-96bc5dc257fb" }, { "type": "text", "object_relation": "detection-ratio", "value": "17/71", "category": "Payload delivery", "uuid": "29ca6fa8-ca51-42c3-b074-5072810b5798" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--e85ade4d-1b48-4843-919b-fbb40e56ea8e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:59.000Z", "modified": "2019-08-23T09:33:59.000Z", "pattern": "[file:hashes.MD5 = 'de8b61ae73f510eba526684f85b7cacb' AND file:hashes.SHA1 = '71f69f04307c8f5675dcadeaa80b8c2b95691b01' AND file:hashes.SHA256 = '433d0ca49bf2d80f3d61dcf97cd5af0ee52be83d5f8a070560cbf26ff840a676']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:33:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--6d64d31b-f6d3-4aab-8422-536fb14900a9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:33:59.000Z", "modified": "2019-08-23T09:33:59.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-20T16:43:56", "category": "Other", "uuid": "a749b13e-1cfc-4d34-8a55-fbe15a6a1b0f" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/433d0ca49bf2d80f3d61dcf97cd5af0ee52be83d5f8a070560cbf26ff840a676/analysis/1566319436/", "category": "Payload delivery", "uuid": "51849d9a-e13d-43e3-a26d-f0d4393471d5" }, { "type": "text", "object_relation": "detection-ratio", "value": "37/69", "category": "Payload delivery", "uuid": "409c26da-bc69-40f8-adab-b2533fb55f6a" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--0435b47e-3fda-4c7f-8c7d-300f6c81e5cc", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:34:00.000Z", "modified": "2019-08-23T09:34:00.000Z", "pattern": "[file:hashes.MD5 = 'bdede8c167b85250401c7605d81d05f2' AND file:hashes.SHA1 = 'fbb485b40477f5a014e7096747b1b4a494ce50ef' AND file:hashes.SHA256 = '57566f1261b6b05e14aa9b579a7f5cbc2feb361baf897600eaa07da863532eb6']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:34:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--ef0ac1b1-06ab-4882-a73a-963968e5d9d5", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:34:00.000Z", "modified": "2019-08-23T09:34:00.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-06T00:39:45", "category": "Other", "uuid": "94762121-aaee-40e3-9e1c-53a94ef7f108" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/57566f1261b6b05e14aa9b579a7f5cbc2feb361baf897600eaa07da863532eb6/analysis/1565051985/", "category": "Payload delivery", "uuid": "baf99690-03f5-49a4-8f2b-6448cd8e0c31" }, { "type": "text", "object_relation": "detection-ratio", "value": "32/71", "category": "Payload delivery", "uuid": "b6cfd9ef-a7c3-4d1f-9ce0-c8a4de6257d1" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--fa6162c5-05ef-48dc-9617-96c574f6f8ee", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:34:00.000Z", "modified": "2019-08-23T09:34:00.000Z", "pattern": "[file:hashes.MD5 = 'a23d27688c57fb8d1b4979c4643c7dbc' AND file:hashes.SHA1 = '53102e57b40feacb64566c26d101d9242dece77c' AND file:hashes.SHA256 = 'd945cca810a8eb7c3e778515c28ceabae296378e5558bc40b125a8df3d4d6fa5']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:34:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--30af6744-2ff9-4462-a0fa-be7dfcd5e537", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:34:00.000Z", "modified": "2019-08-23T09:34:00.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-06T12:02:06", "category": "Other", "uuid": "356119c2-4238-44fd-85a9-44e7a88bf048" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/d945cca810a8eb7c3e778515c28ceabae296378e5558bc40b125a8df3d4d6fa5/analysis/1565092926/", "category": "Payload delivery", "uuid": "5ee8ca89-dbc7-425e-968e-7f9a4073d9ba" }, { "type": "text", "object_relation": "detection-ratio", "value": "37/66", "category": "Payload delivery", "uuid": "784cb14b-2405-4a42-90cd-513689cb429b" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--41e8c744-0833-4720-abf8-e40fd4b0a6ec", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:34:00.000Z", "modified": "2019-08-23T09:34:00.000Z", "pattern": "[file:hashes.MD5 = '84d0eb92a62f095271fd7a22352144d4' AND file:hashes.SHA1 = '048c40eb606da3def08c9f6997c1948afbbc959b' AND file:hashes.SHA256 = '5aa84aa5c90ec34b7f7d75eb350349ae3aa5060f3ad6dd0520e851626e9f8354']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:34:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--debdafab-84f5-4c5f-8f4a-3d873d95895c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:34:01.000Z", "modified": "2019-08-23T09:34:01.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-13T12:22:09", "category": "Other", "uuid": "4dcdd982-7bae-4fa3-aab4-a7bba1a08e35" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/5aa84aa5c90ec34b7f7d75eb350349ae3aa5060f3ad6dd0520e851626e9f8354/analysis/1565698929/", "category": "Payload delivery", "uuid": "e3705fc2-0b09-44d9-aae2-674202792f4a" }, { "type": "text", "object_relation": "detection-ratio", "value": "37/70", "category": "Payload delivery", "uuid": "1f05cf26-dc13-4a0f-ac1e-8b8e7bd557fc" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6a1850ce-88ff-4602-b863-1c5a8eb3e7d5", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:34:01.000Z", "modified": "2019-08-23T09:34:01.000Z", "pattern": "[file:hashes.MD5 = '9eb9af0f63644fee49d083c1c330226b' AND file:hashes.SHA1 = '79ac512389ef9e27a3598ca2968573db4f5fd58f' AND file:hashes.SHA256 = 'defebfcc7affc31a00400e387b1994baf1d75704aa682803584e2c87ad154ec1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-08-23T09:34:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--e39a8261-d7fc-4e65-a763-eb2d49bdcf6b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-08-23T09:34:01.000Z", "modified": "2019-08-23T09:34:01.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-08-06T00:39:51", "category": "Other", "uuid": "7fd29b15-6b70-40b6-8308-816eee3a7113" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/defebfcc7affc31a00400e387b1994baf1d75704aa682803584e2c87ad154ec1/analysis/1565051991/", "category": "Payload delivery", "uuid": "86fb6e82-743e-41fa-8f4b-b06cc7c61b88" }, { "type": "text", "object_relation": "detection-ratio", "value": "31/69", "category": "Payload delivery", "uuid": "4e46ad7a-a5d9-46fc-bf0d-7efc850aa1dc" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--3b1d47e5-d5aa-4d56-8011-0e6c271d8a8c", "created": "2019-08-08T09:19:49.000Z", "modified": "2019-08-08T09:19:49.000Z", "relationship_type": "drops", "source_ref": "indicator--b1fe24c7-e0d6-4ad6-bded-71e94646e1de", "target_ref": "indicator--33584ba5-ffb6-4b6d-a583-2ed8be8b13a8" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--2dd0755c-1e57-428e-b822-5d780ad8bd74", "created": "2019-08-23T09:34:01.000Z", "modified": "2019-08-23T09:34:01.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--5755a9b4-0b6d-4edb-b41d-1fa6eebf677b", "target_ref": "x-misp-object--57e72629-e86a-4591-b071-dc72988a11dd" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--1368a551-9200-4cf2-a6a7-73232f7c33a6", "created": "2019-08-23T09:34:01.000Z", "modified": "2019-08-23T09:34:01.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--90ba774e-2d3c-4681-aa3c-2f72306df89e", "target_ref": "x-misp-object--46245f77-2cae-4804-a5d1-c6c09bb69ef8" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--2d2f908e-d8fb-4183-95be-64e0b04f38e2", "created": "2019-08-23T09:34:01.000Z", "modified": "2019-08-23T09:34:01.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--f23f0b2b-985e-4e21-80dc-e59c3c28c45f", "target_ref": "x-misp-object--0da0d94b-fd1a-48df-a95f-33f250100eb4" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--921c9004-1f62-4bf9-af7c-256ad152096f", "created": "2019-08-23T09:34:01.000Z", "modified": "2019-08-23T09:34:01.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--b05ef68e-17cd-4a85-af71-414145036bba", "target_ref": "x-misp-object--6847ec0c-770d-4bb0-b6b5-64286a072bb9" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--a3918add-b66a-459b-8dd3-1475ace6d904", "created": "2019-08-23T09:34:02.000Z", "modified": "2019-08-23T09:34:02.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--531a0491-51fb-4487-8d23-083a61d6749c", "target_ref": "x-misp-object--b5567de3-b632-4c8e-a2b2-843367a3b89c" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--8475c5f0-b345-4f62-b8dc-c268d225cecb", "created": "2019-08-23T09:34:02.000Z", "modified": "2019-08-23T09:34:02.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--6bed7582-d749-4f0e-972a-704520e046dc", "target_ref": "x-misp-object--fdd40616-8544-40b7-8f04-79ab0dd41097" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--7ed98fd5-bc69-41b0-81d9-df855488b55b", "created": "2019-08-23T09:34:02.000Z", "modified": "2019-08-23T09:34:02.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--fe215d82-4e07-46c1-8545-1d395fa890ce", "target_ref": "x-misp-object--f4cd93cd-e5cd-42b3-8fe9-28685d552703" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--62f9bea8-4b11-4770-b06e-b95fe80915ae", "created": "2019-08-23T09:34:02.000Z", "modified": "2019-08-23T09:34:02.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--7047fe89-3ddd-4bff-aa2a-11d986cde08b", "target_ref": "x-misp-object--4cbc7e29-5a6c-4775-8002-cdba10392a10" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--a405d7ec-5247-4318-b625-2bd405058ce5", "created": "2019-08-23T09:34:02.000Z", "modified": "2019-08-23T09:34:02.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--50fedb9b-0e14-43fb-8512-8f989ac34305", "target_ref": "x-misp-object--5028f0e4-43d2-4832-a500-813be2f633b3" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--5c8255de-7df1-4f2c-bdf4-eee4cc424853", "created": "2019-08-23T09:34:02.000Z", "modified": "2019-08-23T09:34:02.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--51d2647f-b8ad-4664-a17d-7ae19f413a11", "target_ref": "x-misp-object--24acd52e-a969-4d69-bb88-e57c51a43e42" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--c40cc3a0-a670-4276-8549-6ebb290fb264", "created": "2019-08-23T09:34:02.000Z", "modified": "2019-08-23T09:34:02.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--b6decb0d-6c64-4c13-a035-00e4867fb2dd", "target_ref": "x-misp-object--7f0397a0-ca35-463e-ba29-48807fde401b" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--64280654-6da2-4333-9ccf-a15939fa57a3", "created": "2019-08-23T09:34:02.000Z", "modified": "2019-08-23T09:34:02.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--68f1d019-274d-43e4-b014-ce9b23560d4e", "target_ref": "x-misp-object--d006038d-e562-4505-aa6a-26272c6906c5" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--65413621-277f-4651-93df-cc6acf602d1a", "created": "2019-08-23T09:34:02.000Z", "modified": "2019-08-23T09:34:02.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--a5b82f72-0f15-4329-a3ae-a1443c7c20f9", "target_ref": "x-misp-object--ef7058b0-ee9a-42e7-84e4-571560201656" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--47fa697e-d234-4bbd-b24d-436168dca93d", "created": "2019-08-23T09:34:02.000Z", "modified": "2019-08-23T09:34:02.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--a7f25b8a-bc21-44ec-88e6-fe0d358f36b5", "target_ref": "x-misp-object--a15e1912-b799-484e-8596-3a929eb5b849" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--d6727a26-4386-4b2f-8485-71b67d3690a0", "created": "2019-08-23T09:34:02.000Z", "modified": "2019-08-23T09:34:02.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--fbbe7063-4dc9-40d9-8a70-5e10d25ae1be", "target_ref": "x-misp-object--3dccc6fd-ccf2-4995-8770-41075c7981c0" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--41eb47dc-7358-4ce2-874a-b0fcfca06efe", "created": "2019-08-23T09:34:02.000Z", "modified": "2019-08-23T09:34:02.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--4671a7c1-3b72-427b-b486-a9076c743c39", "target_ref": "x-misp-object--601cbe62-0b1b-4765-9a08-23a989a76447" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--6398f885-0d4f-4866-b62a-72c8c6e41a5f", "created": "2019-08-23T09:34:02.000Z", "modified": "2019-08-23T09:34:02.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--b8629f7c-4f7b-403e-9b5e-8343238e99cf", "target_ref": "x-misp-object--e400655d-93d4-46a7-9116-738530e06ea7" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--83ed3d30-46de-4a25-8654-edc0a6d8eba5", "created": "2019-08-23T09:34:03.000Z", "modified": "2019-08-23T09:34:03.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--e8a2c8f3-145e-47a6-83fe-139a0629e77c", "target_ref": "x-misp-object--3cf7cf8e-f19a-4306-bd46-e65583216baa" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--0f6a478e-2856-410a-b53d-304269243d4e", "created": "2019-08-23T09:34:03.000Z", "modified": "2019-08-23T09:34:03.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--cd784941-a6e5-4ff2-b4d2-8e0201d5fabd", "target_ref": "x-misp-object--116175d9-f786-4417-91c1-e787621fc175" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--aed1230c-a59c-4848-9439-325a445e0a33", "created": "2019-08-23T09:34:03.000Z", "modified": "2019-08-23T09:34:03.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--583f80b7-150f-43b8-984c-507183734547", "target_ref": "x-misp-object--7c9894ca-7a08-4157-a60a-2dbfdead61bb" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--fae845fc-22fa-46ea-86f1-8389b40c9c2f", "created": "2019-08-23T09:34:03.000Z", "modified": "2019-08-23T09:34:03.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--7e7268fb-a0fc-4c93-bc16-ba606b5e988b", "target_ref": "x-misp-object--8e631b4f-7877-4d15-8bae-4026529a128a" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--908b38af-12b9-4267-92ab-55d9b7db8a06", "created": "2019-08-23T09:34:03.000Z", "modified": "2019-08-23T09:34:03.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--2b52403a-fe7b-4b5e-9b93-ca6d6eed3654", "target_ref": "x-misp-object--73744f82-718a-484b-8057-e78bf0d1f92d" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--9f5bb937-2ae7-4717-a152-f6dbcb8cc66c", "created": "2019-08-23T09:34:03.000Z", "modified": "2019-08-23T09:34:03.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--c7f78389-8821-43ca-8d46-687afc70fa6a", "target_ref": "x-misp-object--b97cd856-8dae-4602-aa2f-db8daf1f1129" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--cda5e29a-74ca-47dc-bdb7-9647807e97a6", "created": "2019-08-23T09:34:03.000Z", "modified": "2019-08-23T09:34:03.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--477d1696-bc96-462f-afed-7aac5dac22e3", "target_ref": "x-misp-object--2d8d71da-d2e0-4004-9cc1-fc2b68fca4e3" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--ac7c1671-8444-4244-84cd-ba5ef2a2753f", "created": "2019-08-23T09:34:03.000Z", "modified": "2019-08-23T09:34:03.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--2c001844-70ba-431f-b9e2-c81f88058ed8", "target_ref": "x-misp-object--8aa45243-df40-4d10-bf17-d3e2599fed0a" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--88133e2f-00b8-48e6-a7a4-091126048cbc", "created": "2019-08-23T09:34:03.000Z", "modified": "2019-08-23T09:34:03.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--58281799-2547-4047-98cd-60e10f04c1bd", "target_ref": "x-misp-object--87010e33-7b38-419d-8421-5eaa07cb8c4b" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--baaded4e-c172-44dc-9802-1f28aa3abba7", "created": "2019-08-23T09:34:03.000Z", "modified": "2019-08-23T09:34:03.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--ac105d47-7fab-4260-ad19-e2827a659096", "target_ref": "x-misp-object--63dce8e1-33e9-48be-8523-b5db67038282" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--4c45bf8f-de89-4c61-90da-1627c63b2db1", "created": "2019-08-23T09:34:03.000Z", "modified": "2019-08-23T09:34:03.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--206578ce-144d-4490-b193-f64ae055a583", "target_ref": "x-misp-object--0dc7048e-96ee-4e68-a2eb-403dd3883ae3" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--ef237c26-64bf-40d8-ba0d-86dc9ab5df35", "created": "2019-08-23T09:34:04.000Z", "modified": "2019-08-23T09:34:04.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--928ffbe0-4d94-455a-97cf-8202e79d6626", "target_ref": "x-misp-object--0a71b5ae-12ea-4aa3-bb82-6f031ff3765b" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--7ee97a0a-c471-4a63-86ad-d7d02022066e", "created": "2019-08-23T09:34:04.000Z", "modified": "2019-08-23T09:34:04.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--b2e3f716-6a47-4f4c-8d2d-f329559a4cad", "target_ref": "x-misp-object--56045c01-e584-420e-97ad-340f8364c026" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--fb78981e-524f-49cd-968f-42c64ae2d818", "created": "2019-08-23T09:34:04.000Z", "modified": "2019-08-23T09:34:04.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--2d52e790-2148-4c46-af5a-3a9cca5167c2", "target_ref": "x-misp-object--924cdf00-0662-44d7-9abe-db984b87a890" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--b2546ed6-15c1-4924-9770-00cb8f85f3c7", "created": "2019-08-23T09:34:04.000Z", "modified": "2019-08-23T09:34:04.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--780ea6a4-143e-435e-80ce-a9d640727387", "target_ref": "x-misp-object--171b844c-e483-40b1-9be6-3a72552cad24" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--3fa8b609-56c7-42e5-bb99-fac1a8c83c55", "created": "2019-08-23T09:34:04.000Z", "modified": "2019-08-23T09:34:04.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--e85ade4d-1b48-4843-919b-fbb40e56ea8e", "target_ref": "x-misp-object--6d64d31b-f6d3-4aab-8422-536fb14900a9" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--7e14d0e9-289f-4451-b0fb-2f32830c4f4f", "created": "2019-08-23T09:34:04.000Z", "modified": "2019-08-23T09:34:04.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--0435b47e-3fda-4c7f-8c7d-300f6c81e5cc", "target_ref": "x-misp-object--ef0ac1b1-06ab-4882-a73a-963968e5d9d5" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--18d0a123-955b-4d55-b5c0-9a92952986bd", "created": "2019-08-23T09:34:04.000Z", "modified": "2019-08-23T09:34:04.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--fa6162c5-05ef-48dc-9617-96c574f6f8ee", "target_ref": "x-misp-object--30af6744-2ff9-4462-a0fa-be7dfcd5e537" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--bbad76f5-5ce2-420c-be44-9336af03fac3", "created": "2019-08-23T09:34:04.000Z", "modified": "2019-08-23T09:34:04.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--41e8c744-0833-4720-abf8-e40fd4b0a6ec", "target_ref": "x-misp-object--debdafab-84f5-4c5f-8f4a-3d873d95895c" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--2ec52d43-6a0d-4aef-9580-fc683a281f52", "created": "2019-08-23T09:34:04.000Z", "modified": "2019-08-23T09:34:04.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--6a1850ce-88ff-4602-b863-1c5a8eb3e7d5", "target_ref": "x-misp-object--e39a8261-d7fc-4e65-a763-eb2d49bdcf6b" }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }