{ "type": "bundle", "id": "bundle--ed46f822-41e6-4dca-a1c5-ad768306bfe9", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:57:05.000Z", "modified": "2022-01-13T13:57:05.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--ed46f822-41e6-4dca-a1c5-ad768306bfe9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:57:05.000Z", "modified": "2022-01-13T13:57:05.000Z", "name": "CYBERCOM_Malware_Alert - MuddyWater has been seen using a variety of techniques to maintain access to victim networks.", "published": "2022-01-13T13:57:12Z", "object_refs": [ "indicator--dc27e79d-43bc-42fd-986f-9b5420b73fc3", "indicator--7363ccc3-6a4e-44fc-a0f8-619fa264cb8a", "indicator--b37525af-c696-4d69-aead-e3be0aca9e2d", "indicator--076573dc-8454-478d-89b0-ca6cf97411b8", "indicator--0f9cfe78-1225-45c4-ba1a-e09f556f359f", "indicator--418272e0-5405-47a7-91d5-a059ea41fbec", "indicator--2315d783-9a27-439e-977d-30358f994275", "indicator--8250e2c6-7463-45a2-ba9f-77dc3eeadbf7", "indicator--b97f4525-148f-4c25-ad95-ab04ddd3638c", "indicator--074d4b72-f0f8-4787-9638-cf0028fe2b8f", "indicator--a759108a-98d2-45d0-8bb0-28825e63c671", "indicator--6f2a3e83-fd7f-46cc-8ac1-b160a301253f", "indicator--e9fc0696-04ae-406b-a0cb-dca1251d03b0", "indicator--8edb6149-7401-4088-86ed-29427a0a2956", "indicator--0501eade-9a37-4a03-8ce8-99bc7f201a22", "indicator--7fe60b0e-b337-4de4-8d83-5c5d9e6cabd7", "indicator--54e6d8c5-541d-4fd6-bb40-30eb257795d6", "indicator--bf4b82ac-341f-4ebc-af6d-134e6afde90b", "x-misp-object--cc2cfa1e-1b2a-4004-abb4-03c0f6bd9b9f", "indicator--845692ad-8bc9-4847-9863-7a4a7946d5c7", "x-misp-object--ff69de23-80e4-46dc-8144-f165d4d8ac5e", "indicator--6875f800-1889-47a9-a960-4a02c4626aa5", "x-misp-object--4e5e3c4a-0c56-4d0f-8c72-85464ef1ca7d", "indicator--54be5c62-37af-42f1-abed-845d03dc8b10", "x-misp-object--8bcc658f-253b-4933-bf35-231ae29169bd", "indicator--dabb966a-e286-4ffb-b646-62d19d1fd749", "x-misp-object--3fe360a9-06a8-4534-8551-8d79b4460ff3", "indicator--e4790ff8-5364-48dd-a3cf-34a6e33c35f7", "x-misp-object--eff0035c-1f5a-4dd6-aa69-fd602b4f7a0a", "indicator--cc1bd483-9916-4f34-85c8-f3203118e5ee", "x-misp-object--8f209c3f-5b2b-4f51-8dc9-17899c3c00e7", "indicator--f504a81b-6b1a-47f3-8e9e-b5bae30df31d", "x-misp-object--396e8dac-84ad-4c3c-bdd6-8a9a7bcb206e", "indicator--299673ae-0490-48be-a1cf-f6a0f3389d5f", "x-misp-object--72a0257a-ec8c-4950-83c6-0ecae8fe5933", "indicator--3e3a6056-fda9-44f1-bff0-b418d06c9849", "x-misp-object--89708647-d6e5-4c8c-8907-6eb59207df20", "indicator--b9c26a84-7625-44a9-b8ad-25ce88733b1a", "x-misp-object--79aa754b-5175-4116-b980-fdf39533c0c4", "indicator--77408d3b-8618-407a-ba96-b6769c8c402c", "x-misp-object--ea7079f4-838d-4b42-91ae-ca7e0555856c", "indicator--ecd22b18-d365-479b-be89-123c3c1091c2", "x-misp-object--2a6d9ffa-8336-4bd5-a3ca-a7ed0564170b", "indicator--a7233c05-4d98-4069-9286-52bd8cc11931", "x-misp-object--67975639-a318-4d96-b0e2-fdd8b5442a0a", "indicator--49b57792-93e9-4adc-bebd-911bfc742df8", "x-misp-object--681dc734-5d4c-41bf-b184-2da2932f6add", "indicator--d388643a-dac1-4aa6-901f-1cf15369d346", "x-misp-object--157baa15-cb30-4e83-aefd-fd79cedc4a98", "indicator--46e303de-38b8-47bc-aac2-0cb397cc0241", "x-misp-object--5c17d9f3-e780-4fc0-83be-1a9c2506859d", "relationship--f035f5de-7465-4253-883e-138a2a122a46", "relationship--35b82f8d-e558-489d-bd64-496c124eedaa", "relationship--93ff6bb7-d793-4676-b201-65963fabe9bd", "relationship--f802d7c9-2e30-4a47-8fdf-10b07d99c28a", "relationship--e4b41cff-f6a6-4811-8592-97b3fb5fb90d", "relationship--51b04608-2df3-423b-ac99-94ff6a9df3e7", "relationship--ad4e9d08-41c7-4364-bcd9-5b4421e4f62c", "relationship--439b219d-30e6-43fa-9b76-172765ed260a", "relationship--7de013b1-910f-4998-ae02-06d815c1a22f", "relationship--8d65cffc-c76a-45ca-8c2f-97bdcd091f78", "relationship--e95d241c-0468-4af1-b4cd-fa52db24d02e", "relationship--5c944117-466e-4a37-a0d9-0142dfeda5f0", "relationship--5f1f9ca2-6186-4be5-acd2-090ade0ceac4", "relationship--e1da77ae-d2ae-42fd-9495-8fa827c041dc", "relationship--d0a46aa1-2b24-4e12-98ec-3388f1902a9f", "relationship--2cb6e377-5422-43c2-87dd-d728e2ab7e71", "relationship--094706e3-aa12-4e82-bbf7-dad89fc5fece" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "type:OSINT", "osint:lifetime=\"perpetual\"", "osint:certainty=\"50\"", "misp-galaxy:mitre-enterprise-attack-intrusion-set=\"MuddyWater - G0069\"", "misp-galaxy:mitre-intrusion-set=\"MuddyWater - G0069\"", "misp-galaxy:threat-actor=\"MuddyWater\"", "misp-galaxy:country=\"iran\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--dc27e79d-43bc-42fd-986f-9b5420b73fc3", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:54:22.000Z", "modified": "2022-01-13T13:54:22.000Z", "pattern": "[file:hashes.SHA256 = '3098dd53da40947a82e59265a47059e69b2925bc49c679e6555d102d1c6cbbc8']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:54:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--7363ccc3-6a4e-44fc-a0f8-619fa264cb8a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:54:22.000Z", "modified": "2022-01-13T13:54:22.000Z", "pattern": "[file:hashes.SHA256 = '42ca7d3fcd6d220cd380f34f9aa728b3bb68908b49f04d04f685631ee1f78986']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:54:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b37525af-c696-4d69-aead-e3be0aca9e2d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:54:22.000Z", "modified": "2022-01-13T13:54:22.000Z", "pattern": "[file:hashes.SHA256 = 'b1e30cce6df16d83b82b751edca57aa17795d8d0cdd960ecee7d90832b0ee76c']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:54:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--076573dc-8454-478d-89b0-ca6cf97411b8", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:54:22.000Z", "modified": "2022-01-13T13:54:22.000Z", "pattern": "[file:hashes.SHA256 = '255e53af8b079c8319ce52583293723551da9affe547da45e2c1d4257cff625a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:54:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--0f9cfe78-1225-45c4-ba1a-e09f556f359f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:54:22.000Z", "modified": "2022-01-13T13:54:22.000Z", "pattern": "[file:hashes.SHA256 = 'e7f6c7b91c482c12fc905b84dbaa9001ef78dc6a771773e1de4b8eade5431eca']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:54:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--418272e0-5405-47a7-91d5-a059ea41fbec", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:54:22.000Z", "modified": "2022-01-13T13:54:22.000Z", "pattern": "[file:hashes.SHA256 = '5bcdd422089ed96d6711fa251544e2e863b113973db328590cfe0457bfeb564f']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:54:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--2315d783-9a27-439e-977d-30358f994275", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:54:22.000Z", "modified": "2022-01-13T13:54:22.000Z", "pattern": "[file:hashes.SHA256 = '9cb79736302999a7ec4151a43e93cd51c97ede879194cece5e46b4ff471a7af7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:54:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--8250e2c6-7463-45a2-ba9f-77dc3eeadbf7", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:54:22.000Z", "modified": "2022-01-13T13:54:22.000Z", "pattern": "[file:hashes.SHA256 = 'b6133e04a0a1deb8faf944dd79c46c62f725a72ea9f26dd911d6f6e1e4433f1a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:54:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b97f4525-148f-4c25-ad95-ab04ddd3638c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:54:22.000Z", "modified": "2022-01-13T13:54:22.000Z", "pattern": "[file:hashes.SHA256 = '9ec8319e278d1b3fa1ccf87b5ce7dd6802dac76881e4e4e16e240c5a98f107e2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:54:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--074d4b72-f0f8-4787-9638-cf0028fe2b8f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:54:22.000Z", "modified": "2022-01-13T13:54:22.000Z", "pattern": "[file:hashes.SHA256 = '7e7545d14df7b618b3b1bc24321780c164a0a14d3600dbac0f91afbce1a2f9f4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:54:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--a759108a-98d2-45d0-8bb0-28825e63c671", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:54:22.000Z", "modified": "2022-01-13T13:54:22.000Z", "pattern": "[file:hashes.SHA256 = 'e7baf353aa12ff2571fc5c45184631dc2692e2f0a61b799e29a1525969bf2d13']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:54:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6f2a3e83-fd7f-46cc-8ac1-b160a301253f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:54:22.000Z", "modified": "2022-01-13T13:54:22.000Z", "pattern": "[file:hashes.SHA256 = 'b5b1e26312e0574464ddef92c51d5f597e07dba90617c0528ec9f494af7e8504']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:54:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--e9fc0696-04ae-406b-a0cb-dca1251d03b0", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:54:22.000Z", "modified": "2022-01-13T13:54:22.000Z", "pattern": "[file:hashes.SHA256 = 'dd7ee54b12a55bcc67da4ceaed6e636b7bd30d4db6f6c594e9510e1e605ade92']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:54:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--8edb6149-7401-4088-86ed-29427a0a2956", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:54:22.000Z", "modified": "2022-01-13T13:54:22.000Z", "pattern": "[file:hashes.SHA256 = '9d50fcb2c4df4c502db0cac84bef96c2a36d33ef98c454165808ecace4dd2051']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:54:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--0501eade-9a37-4a03-8ce8-99bc7f201a22", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:54:22.000Z", "modified": "2022-01-13T13:54:22.000Z", "pattern": "[file:hashes.SHA256 = '12db8bcee090521ecf852bf215ce3878737517a22ef1f2ff9bdec7cba8d0d3aa']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:54:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--7fe60b0e-b337-4de4-8d83-5c5d9e6cabd7", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:54:22.000Z", "modified": "2022-01-13T13:54:22.000Z", "pattern": "[file:hashes.SHA256 = 'ce9bd1acf37119ff73b4dff989f2791eb24efc891a413df58856d848f0bcaee9']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:54:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--54e6d8c5-541d-4fd6-bb40-30eb257795d6", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:54:22.000Z", "modified": "2022-01-13T13:54:22.000Z", "pattern": "[file:hashes.SHA256 = '2471a039cb1ddeb826f3a11f89b193624d89052afcbee01205dc92610723eb82']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:54:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--bf4b82ac-341f-4ebc-af6d-134e6afde90b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:08.000Z", "modified": "2022-01-13T13:56:08.000Z", "pattern": "[file:hashes.MD5 = 'a0421312705e847a1c8073001fd8499c' AND file:hashes.SHA1 = '3204447f54adeffb339ed3e00649ae428544eca3' AND file:hashes.SHA256 = '9cb79736302999a7ec4151a43e93cd51c97ede879194cece5e46b4ff471a7af7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:56:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--cc2cfa1e-1b2a-4004-abb4-03c0f6bd9b9f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:08.000Z", "modified": "2022-01-13T13:56:08.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2022-01-13T12:41:30+00:00", "category": "Other", "uuid": "dbd79864-48d0-4f8c-9df6-b038db7d1925" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/9cb79736302999a7ec4151a43e93cd51c97ede879194cece5e46b4ff471a7af7/detection/f-9cb79736302999a7ec4151a43e93cd51c97ede879194cece5e46b4ff471a7af7-1642077690", "category": "Payload delivery", "uuid": "f54bb404-0b1a-4321-8cdd-55cc2f9c06c8" }, { "type": "text", "object_relation": "detection-ratio", "value": "8/57", "category": "Payload delivery", "uuid": "12587aeb-8930-45f3-8ac6-fec9c82a7285" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--845692ad-8bc9-4847-9863-7a4a7946d5c7", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:08.000Z", "modified": "2022-01-13T13:56:08.000Z", "pattern": "[file:hashes.MD5 = '4a022ea1fd2bf5e8c0d8b2343a230070' AND file:hashes.SHA1 = '89df0feca9a447465d41ac87cb45a6f3c02c574d' AND file:hashes.SHA256 = 'e7baf353aa12ff2571fc5c45184631dc2692e2f0a61b799e29a1525969bf2d13']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:56:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--ff69de23-80e4-46dc-8144-f165d4d8ac5e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:08.000Z", "modified": "2022-01-13T13:56:08.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2022-01-13T04:17:48+00:00", "category": "Other", "uuid": "532b79c0-ce85-4d35-ad3e-5c35f8dc2858" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/e7baf353aa12ff2571fc5c45184631dc2692e2f0a61b799e29a1525969bf2d13/detection/f-e7baf353aa12ff2571fc5c45184631dc2692e2f0a61b799e29a1525969bf2d13-1642047468", "category": "Payload delivery", "uuid": "755472d3-c174-450a-a5df-eece9c895c43" }, { "type": "text", "object_relation": "detection-ratio", "value": "12/56", "category": "Payload delivery", "uuid": "c9f6cd8b-ee18-4a3b-a6e3-f0bae3d0c164" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6875f800-1889-47a9-a960-4a02c4626aa5", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:08.000Z", "modified": "2022-01-13T13:56:08.000Z", "pattern": "[file:hashes.MD5 = '52299ffc8373f58b62543ec754732e55' AND file:hashes.SHA1 = 'ca97ac295b2cd57501517c0efd67b6f8a7d1fbdf' AND file:hashes.SHA256 = 'ce9bd1acf37119ff73b4dff989f2791eb24efc891a413df58856d848f0bcaee9']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:56:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--4e5e3c4a-0c56-4d0f-8c72-85464ef1ca7d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:08.000Z", "modified": "2022-01-13T13:56:08.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2022-01-13T09:17:23+00:00", "category": "Other", "uuid": "94932aa2-ffc3-4db4-af55-9d852bea217e" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/ce9bd1acf37119ff73b4dff989f2791eb24efc891a413df58856d848f0bcaee9/detection/f-ce9bd1acf37119ff73b4dff989f2791eb24efc891a413df58856d848f0bcaee9-1642065443", "category": "Payload delivery", "uuid": "51425635-b388-450d-a67c-10edc7050d85" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/57", "category": "Payload delivery", "uuid": "f9074c2e-e1d1-4aa9-832b-12e187c35214" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--54be5c62-37af-42f1-abed-845d03dc8b10", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:08.000Z", "modified": "2022-01-13T13:56:08.000Z", "pattern": "[file:hashes.MD5 = '37fa9e6b9be7242984a39a024cade2d5' AND file:hashes.SHA1 = '0211569091b96cffab6918e18ccc97f4b24d88d4' AND file:hashes.SHA256 = '42ca7d3fcd6d220cd380f34f9aa728b3bb68908b49f04d04f685631ee1f78986']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:56:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--8bcc658f-253b-4933-bf35-231ae29169bd", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:08.000Z", "modified": "2022-01-13T13:56:08.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2022-01-13T13:07:07+00:00", "category": "Other", "uuid": "810778a7-cc9b-4efd-93ff-ee182af8ebbf" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/42ca7d3fcd6d220cd380f34f9aa728b3bb68908b49f04d04f685631ee1f78986/detection/f-42ca7d3fcd6d220cd380f34f9aa728b3bb68908b49f04d04f685631ee1f78986-1642079227", "category": "Payload delivery", "uuid": "e9ebfae1-f588-447e-b5dd-6886db000324" }, { "type": "text", "object_relation": "detection-ratio", "value": "15/56", "category": "Payload delivery", "uuid": "301cefd5-18ac-4eaa-a28e-627561f9ba7a" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--dabb966a-e286-4ffb-b646-62d19d1fd749", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:08.000Z", "modified": "2022-01-13T13:56:08.000Z", "pattern": "[file:hashes.MD5 = 'c0c2cd5cc018e575816c08b36969c4a6' AND file:hashes.SHA1 = '47a4e0d466bb20cec5d354e56a9aa3f07cec816a' AND file:hashes.SHA256 = 'b1e30cce6df16d83b82b751edca57aa17795d8d0cdd960ecee7d90832b0ee76c']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:56:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--3fe360a9-06a8-4534-8551-8d79b4460ff3", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:08.000Z", "modified": "2022-01-13T13:56:08.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2022-01-13T09:15:56+00:00", "category": "Other", "uuid": "cb1d4788-dcd1-44f2-af2b-bfe789458d68" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/b1e30cce6df16d83b82b751edca57aa17795d8d0cdd960ecee7d90832b0ee76c/detection/f-b1e30cce6df16d83b82b751edca57aa17795d8d0cdd960ecee7d90832b0ee76c-1642065356", "category": "Payload delivery", "uuid": "e711af33-4db5-420c-bd67-a0c27e96d215" }, { "type": "text", "object_relation": "detection-ratio", "value": "7/56", "category": "Payload delivery", "uuid": "62533080-84ba-40ee-ac62-319ce7f9303a" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--e4790ff8-5364-48dd-a3cf-34a6e33c35f7", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:08.000Z", "modified": "2022-01-13T13:56:08.000Z", "pattern": "[file:hashes.MD5 = 'b6b0edf0b31bc95a042e13f3768a65c3' AND file:hashes.SHA1 = '5168a8880abe8eb2d28f10787820185fe318859e' AND file:hashes.SHA256 = 'b6133e04a0a1deb8faf944dd79c46c62f725a72ea9f26dd911d6f6e1e4433f1a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:56:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--eff0035c-1f5a-4dd6-aa69-fd602b4f7a0a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:08.000Z", "modified": "2022-01-13T13:56:08.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2022-01-13T07:08:21+00:00", "category": "Other", "uuid": "6dd52732-ac86-42c0-b1fa-62e204a3d045" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/b6133e04a0a1deb8faf944dd79c46c62f725a72ea9f26dd911d6f6e1e4433f1a/detection/f-b6133e04a0a1deb8faf944dd79c46c62f725a72ea9f26dd911d6f6e1e4433f1a-1642057701", "category": "Payload delivery", "uuid": "82a8f036-ba82-4b07-8732-d7d227168eba" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/56", "category": "Payload delivery", "uuid": "c06382b8-0ef0-4432-9b20-089b543365c4" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--cc1bd483-9916-4f34-85c8-f3203118e5ee", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:08.000Z", "modified": "2022-01-13T13:56:08.000Z", "pattern": "[file:hashes.MD5 = '0431445d6d6e5802c207c8bc6a6402ea' AND file:hashes.SHA1 = '3765c1ad8a1d936aad88255aef5d6d4ce24f94e8' AND file:hashes.SHA256 = '3098dd53da40947a82e59265a47059e69b2925bc49c679e6555d102d1c6cbbc8']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:56:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--8f209c3f-5b2b-4f51-8dc9-17899c3c00e7", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:08.000Z", "modified": "2022-01-13T13:56:08.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2022-01-13T13:04:20+00:00", "category": "Other", "uuid": "2267b90d-2227-4674-8493-eecf58c0b446" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/3098dd53da40947a82e59265a47059e69b2925bc49c679e6555d102d1c6cbbc8/detection/f-3098dd53da40947a82e59265a47059e69b2925bc49c679e6555d102d1c6cbbc8-1642079060", "category": "Payload delivery", "uuid": "827ccd61-11c9-411d-9c29-db03ecebcf2a" }, { "type": "text", "object_relation": "detection-ratio", "value": "26/63", "category": "Payload delivery", "uuid": "d7c0aa81-b795-4621-a148-f2cb42b62429" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--f504a81b-6b1a-47f3-8e9e-b5bae30df31d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:08.000Z", "modified": "2022-01-13T13:56:08.000Z", "pattern": "[file:hashes.MD5 = 'a65696d6b65f7159c9ffcd4119f60195' AND file:hashes.SHA1 = '570f7272412ff8257ed6868d90727a459e3b179e' AND file:hashes.SHA256 = 'b5b1e26312e0574464ddef92c51d5f597e07dba90617c0528ec9f494af7e8504']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:56:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--396e8dac-84ad-4c3c-bdd6-8a9a7bcb206e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:08.000Z", "modified": "2022-01-13T13:56:08.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2022-01-13T08:14:02+00:00", "category": "Other", "uuid": "1c8c0732-1e0a-43eb-8c3f-13ad55c90c53" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/b5b1e26312e0574464ddef92c51d5f597e07dba90617c0528ec9f494af7e8504/detection/f-b5b1e26312e0574464ddef92c51d5f597e07dba90617c0528ec9f494af7e8504-1642061642", "category": "Payload delivery", "uuid": "6d2fb689-54c3-4922-9ed5-5fa84b44f4e5" }, { "type": "text", "object_relation": "detection-ratio", "value": "12/57", "category": "Payload delivery", "uuid": "d868fce4-a491-4159-9707-cc2a430bb790" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--299673ae-0490-48be-a1cf-f6a0f3389d5f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:08.000Z", "modified": "2022-01-13T13:56:08.000Z", "pattern": "[file:hashes.MD5 = '51bc53a388fce06487743eadc64c4356' AND file:hashes.SHA1 = 'b9e6fc51fa3940fb632a68907b8513634d76e5a0' AND file:hashes.SHA256 = '9ec8319e278d1b3fa1ccf87b5ce7dd6802dac76881e4e4e16e240c5a98f107e2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:56:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--72a0257a-ec8c-4950-83c6-0ecae8fe5933", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:08.000Z", "modified": "2022-01-13T13:56:08.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2022-01-13T12:41:47+00:00", "category": "Other", "uuid": "1a8aeafa-553d-4d56-82e5-9a9215942b55" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/9ec8319e278d1b3fa1ccf87b5ce7dd6802dac76881e4e4e16e240c5a98f107e2/detection/f-9ec8319e278d1b3fa1ccf87b5ce7dd6802dac76881e4e4e16e240c5a98f107e2-1642077707", "category": "Payload delivery", "uuid": "5a802be0-a8ec-4a72-b333-ec7031a2f3a4" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/57", "category": "Payload delivery", "uuid": "d8736b39-7035-42aa-b738-0d9c40c17e18" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--3e3a6056-fda9-44f1-bff0-b418d06c9849", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "pattern": "[file:hashes.MD5 = '0ac499496fb48de0727bbef858dadbee' AND file:hashes.SHA1 = '483cd5c9dd887367793261730d59178c19fe13f3' AND file:hashes.SHA256 = '255e53af8b079c8319ce52583293723551da9affe547da45e2c1d4257cff625a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:56:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--89708647-d6e5-4c8c-8907-6eb59207df20", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2022-01-13T04:15:36+00:00", "category": "Other", "uuid": "58c55ff1-fde0-4fad-b294-327791aa1a48" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/255e53af8b079c8319ce52583293723551da9affe547da45e2c1d4257cff625a/detection/f-255e53af8b079c8319ce52583293723551da9affe547da45e2c1d4257cff625a-1642047336", "category": "Payload delivery", "uuid": "e41ba8f5-d5d4-48c6-994b-244d0e52bb64" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/56", "category": "Payload delivery", "uuid": "5d9e7bf3-c0c9-48f5-a1a2-1098fad5fde9" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b9c26a84-7625-44a9-b8ad-25ce88733b1a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "pattern": "[file:hashes.MD5 = '860f5c2345e8f5c268c9746337ade8b7' AND file:hashes.SHA1 = '6c55d3acdc2d8d331f0d13024f736bc28ef5a7e1' AND file:hashes.SHA256 = '9d50fcb2c4df4c502db0cac84bef96c2a36d33ef98c454165808ecace4dd2051']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:56:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--79aa754b-5175-4116-b980-fdf39533c0c4", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2022-01-13T06:21:14+00:00", "category": "Other", "uuid": "a42e8172-c533-45bb-9429-93480bd2b922" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/9d50fcb2c4df4c502db0cac84bef96c2a36d33ef98c454165808ecace4dd2051/detection/f-9d50fcb2c4df4c502db0cac84bef96c2a36d33ef98c454165808ecace4dd2051-1642054874", "category": "Payload delivery", "uuid": "68815cb5-f218-4794-96c6-725a62d24e3c" }, { "type": "text", "object_relation": "detection-ratio", "value": "20/66", "category": "Payload delivery", "uuid": "516d4060-0566-4321-89a1-83a0c48fe74b" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--77408d3b-8618-407a-ba96-b6769c8c402c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "pattern": "[file:hashes.MD5 = 'd68f5417f1d4fc022067bf0313a3867d' AND file:hashes.SHA1 = '2f6dd6d11e28bf8b4d7ceec8753d15c7568fb22e' AND file:hashes.SHA256 = 'e7f6c7b91c482c12fc905b84dbaa9001ef78dc6a771773e1de4b8eade5431eca']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:56:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--ea7079f4-838d-4b42-91ae-ca7e0555856c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2022-01-13T12:26:10+00:00", "category": "Other", "uuid": "9aa9cfc5-f9a9-485f-aa52-a0d4b8626af9" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/e7f6c7b91c482c12fc905b84dbaa9001ef78dc6a771773e1de4b8eade5431eca/detection/f-e7f6c7b91c482c12fc905b84dbaa9001ef78dc6a771773e1de4b8eade5431eca-1642076770", "category": "Payload delivery", "uuid": "6d97cb57-cd3b-4fa8-9d86-4d006b3b6f20" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/56", "category": "Payload delivery", "uuid": "0de63566-fb1f-4aab-952f-9df4ea53c476" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--ecd22b18-d365-479b-be89-123c3c1091c2", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "pattern": "[file:hashes.MD5 = '6c084c8f5a61c6bec5eb5573a2d51ffb' AND file:hashes.SHA1 = '61608ed1de56d0e4fe6af07ecba0bd0a69d825b8' AND file:hashes.SHA256 = '7e7545d14df7b618b3b1bc24321780c164a0a14d3600dbac0f91afbce1a2f9f4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:56:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--2a6d9ffa-8336-4bd5-a3ca-a7ed0564170b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2022-01-13T07:05:59+00:00", "category": "Other", "uuid": "f54e82ce-5c4d-4c33-8027-cde791a82c00" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/7e7545d14df7b618b3b1bc24321780c164a0a14d3600dbac0f91afbce1a2f9f4/detection/f-7e7545d14df7b618b3b1bc24321780c164a0a14d3600dbac0f91afbce1a2f9f4-1642057559", "category": "Payload delivery", "uuid": "859c1ba8-9e46-4c8a-97d0-e11d708a1351" }, { "type": "text", "object_relation": "detection-ratio", "value": "42/68", "category": "Payload delivery", "uuid": "50488f21-2ffe-41a8-8c02-4bb8e08a5745" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--a7233c05-4d98-4069-9286-52bd8cc11931", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "pattern": "[file:hashes.MD5 = '218d4151b39e4ece13d3bf5ff4d1121b' AND file:hashes.SHA1 = '28e799d9769bb7e936d1768d498a0d2c7a0d53fb' AND file:hashes.SHA256 = '2471a039cb1ddeb826f3a11f89b193624d89052afcbee01205dc92610723eb82']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:56:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--67975639-a318-4d96-b0e2-fdd8b5442a0a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2022-01-13T08:47:01+00:00", "category": "Other", "uuid": "4ad9540f-582a-4120-b243-44663cbadb03" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/2471a039cb1ddeb826f3a11f89b193624d89052afcbee01205dc92610723eb82/detection/f-2471a039cb1ddeb826f3a11f89b193624d89052afcbee01205dc92610723eb82-1642063621", "category": "Payload delivery", "uuid": "7cdf243d-12d4-40c3-bad7-aec0a4a7b606" }, { "type": "text", "object_relation": "detection-ratio", "value": "11/54", "category": "Payload delivery", "uuid": "753fbc92-eacd-4898-a037-6d398a0f5790" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--49b57792-93e9-4adc-bebd-911bfc742df8", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "pattern": "[file:hashes.MD5 = 'a27655d14b0aabec8db70ae08a623317' AND file:hashes.SHA1 = '8344f2c1096687ed83c2bbad0e6e549a71b0c0b1' AND file:hashes.SHA256 = '12db8bcee090521ecf852bf215ce3878737517a22ef1f2ff9bdec7cba8d0d3aa']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:56:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--681dc734-5d4c-41bf-b184-2da2932f6add", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2022-01-13T13:53:27+00:00", "category": "Other", "uuid": "bd9d83c2-0731-45cc-9b2a-3b85061dbf58" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/12db8bcee090521ecf852bf215ce3878737517a22ef1f2ff9bdec7cba8d0d3aa/detection/f-12db8bcee090521ecf852bf215ce3878737517a22ef1f2ff9bdec7cba8d0d3aa-1642082007", "category": "Payload delivery", "uuid": "f3d51526-d5c2-46e4-a6c5-d9b6b2e0e07d" }, { "type": "text", "object_relation": "detection-ratio", "value": "24/68", "category": "Payload delivery", "uuid": "c7e45954-c1b6-47a9-ac67-29fa8286be4e" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--d388643a-dac1-4aa6-901f-1cf15369d346", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "pattern": "[file:hashes.MD5 = 'cec48bcdedebc962ce45b63e201c0624' AND file:hashes.SHA1 = '81f46998c92427032378e5dead48bdfc9128b225' AND file:hashes.SHA256 = 'dd7ee54b12a55bcc67da4ceaed6e636b7bd30d4db6f6c594e9510e1e605ade92']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:56:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--157baa15-cb30-4e83-aefd-fd79cedc4a98", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2022-01-13T03:08:18+00:00", "category": "Other", "uuid": "f26d1632-f93f-4762-b5d1-f38792f256f2" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/dd7ee54b12a55bcc67da4ceaed6e636b7bd30d4db6f6c594e9510e1e605ade92/detection/f-dd7ee54b12a55bcc67da4ceaed6e636b7bd30d4db6f6c594e9510e1e605ade92-1642043298", "category": "Payload delivery", "uuid": "f49690f5-29d8-4559-8786-23f3d6785ecd" }, { "type": "text", "object_relation": "detection-ratio", "value": "35/66", "category": "Payload delivery", "uuid": "79bf7c86-d42c-4396-a719-302a7e70d8e3" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--46e303de-38b8-47bc-aac2-0cb397cc0241", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "pattern": "[file:hashes.MD5 = 'a16f4f0c00ca43d5b20f7bc30a3f3559' AND file:hashes.SHA1 = '94e26fb2738e49bb70b445315c0d63a5d364c71b' AND file:hashes.SHA256 = '5bcdd422089ed96d6711fa251544e2e863b113973db328590cfe0457bfeb564f']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2022-01-13T13:56:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--5c17d9f3-e780-4fc0-83be-1a9c2506859d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2022-01-13T02:57:46+00:00", "category": "Other", "uuid": "2567c638-6844-4459-a860-5f9db3171381" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/5bcdd422089ed96d6711fa251544e2e863b113973db328590cfe0457bfeb564f/detection/f-5bcdd422089ed96d6711fa251544e2e863b113973db328590cfe0457bfeb564f-1642042666", "category": "Payload delivery", "uuid": "6c3d7d26-b448-491b-926f-da6bc3b380b1" }, { "type": "text", "object_relation": "detection-ratio", "value": "3/56", "category": "Payload delivery", "uuid": "bf7889f9-c620-4a4a-a87a-86d3f1ebf06b" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--f035f5de-7465-4253-883e-138a2a122a46", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--bf4b82ac-341f-4ebc-af6d-134e6afde90b", "target_ref": "x-misp-object--cc2cfa1e-1b2a-4004-abb4-03c0f6bd9b9f" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--35b82f8d-e558-489d-bd64-496c124eedaa", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--845692ad-8bc9-4847-9863-7a4a7946d5c7", "target_ref": "x-misp-object--ff69de23-80e4-46dc-8144-f165d4d8ac5e" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--93ff6bb7-d793-4676-b201-65963fabe9bd", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--6875f800-1889-47a9-a960-4a02c4626aa5", "target_ref": "x-misp-object--4e5e3c4a-0c56-4d0f-8c72-85464ef1ca7d" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--f802d7c9-2e30-4a47-8fdf-10b07d99c28a", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--54be5c62-37af-42f1-abed-845d03dc8b10", "target_ref": "x-misp-object--8bcc658f-253b-4933-bf35-231ae29169bd" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--e4b41cff-f6a6-4811-8592-97b3fb5fb90d", "created": "2022-01-13T13:56:09.000Z", "modified": "2022-01-13T13:56:09.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--dabb966a-e286-4ffb-b646-62d19d1fd749", "target_ref": "x-misp-object--3fe360a9-06a8-4534-8551-8d79b4460ff3" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--51b04608-2df3-423b-ac99-94ff6a9df3e7", "created": "2022-01-13T13:56:10.000Z", "modified": "2022-01-13T13:56:10.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--e4790ff8-5364-48dd-a3cf-34a6e33c35f7", "target_ref": "x-misp-object--eff0035c-1f5a-4dd6-aa69-fd602b4f7a0a" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--ad4e9d08-41c7-4364-bcd9-5b4421e4f62c", "created": "2022-01-13T13:56:10.000Z", "modified": "2022-01-13T13:56:10.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--cc1bd483-9916-4f34-85c8-f3203118e5ee", "target_ref": "x-misp-object--8f209c3f-5b2b-4f51-8dc9-17899c3c00e7" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--439b219d-30e6-43fa-9b76-172765ed260a", "created": "2022-01-13T13:56:10.000Z", "modified": "2022-01-13T13:56:10.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--f504a81b-6b1a-47f3-8e9e-b5bae30df31d", "target_ref": "x-misp-object--396e8dac-84ad-4c3c-bdd6-8a9a7bcb206e" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--7de013b1-910f-4998-ae02-06d815c1a22f", "created": "2022-01-13T13:56:10.000Z", "modified": "2022-01-13T13:56:10.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--299673ae-0490-48be-a1cf-f6a0f3389d5f", "target_ref": "x-misp-object--72a0257a-ec8c-4950-83c6-0ecae8fe5933" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--8d65cffc-c76a-45ca-8c2f-97bdcd091f78", "created": "2022-01-13T13:56:10.000Z", "modified": "2022-01-13T13:56:10.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--3e3a6056-fda9-44f1-bff0-b418d06c9849", "target_ref": "x-misp-object--89708647-d6e5-4c8c-8907-6eb59207df20" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--e95d241c-0468-4af1-b4cd-fa52db24d02e", "created": "2022-01-13T13:56:10.000Z", "modified": "2022-01-13T13:56:10.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--b9c26a84-7625-44a9-b8ad-25ce88733b1a", "target_ref": "x-misp-object--79aa754b-5175-4116-b980-fdf39533c0c4" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--5c944117-466e-4a37-a0d9-0142dfeda5f0", "created": "2022-01-13T13:56:10.000Z", "modified": "2022-01-13T13:56:10.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--77408d3b-8618-407a-ba96-b6769c8c402c", "target_ref": "x-misp-object--ea7079f4-838d-4b42-91ae-ca7e0555856c" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--5f1f9ca2-6186-4be5-acd2-090ade0ceac4", "created": "2022-01-13T13:56:10.000Z", "modified": "2022-01-13T13:56:10.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--ecd22b18-d365-479b-be89-123c3c1091c2", "target_ref": "x-misp-object--2a6d9ffa-8336-4bd5-a3ca-a7ed0564170b" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--e1da77ae-d2ae-42fd-9495-8fa827c041dc", "created": "2022-01-13T13:56:10.000Z", "modified": "2022-01-13T13:56:10.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--a7233c05-4d98-4069-9286-52bd8cc11931", "target_ref": "x-misp-object--67975639-a318-4d96-b0e2-fdd8b5442a0a" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--d0a46aa1-2b24-4e12-98ec-3388f1902a9f", "created": "2022-01-13T13:56:10.000Z", "modified": "2022-01-13T13:56:10.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--49b57792-93e9-4adc-bebd-911bfc742df8", "target_ref": "x-misp-object--681dc734-5d4c-41bf-b184-2da2932f6add" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--2cb6e377-5422-43c2-87dd-d728e2ab7e71", "created": "2022-01-13T13:56:10.000Z", "modified": "2022-01-13T13:56:10.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--d388643a-dac1-4aa6-901f-1cf15369d346", "target_ref": "x-misp-object--157baa15-cb30-4e83-aefd-fd79cedc4a98" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--094706e3-aa12-4e82-bbf7-dad89fc5fece", "created": "2022-01-13T13:56:10.000Z", "modified": "2022-01-13T13:56:10.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--46e303de-38b8-47bc-aac2-0cb397cc0241", "target_ref": "x-misp-object--5c17d9f3-e780-4fc0-83be-1a9c2506859d" }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }