{ "type": "bundle", "id": "bundle--5eddeee6-22ec-419b-8634-429602de0b81", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:59:41.000Z", "modified": "2020-06-08T07:59:41.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--5eddeee6-22ec-419b-8634-429602de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:59:41.000Z", "modified": "2020-06-08T07:59:41.000Z", "name": "OSINT - TA505 IoC - 2020-06-06", "published": "2020-06-08T08:00:12Z", "object_refs": [ "indicator--5eddef05-7d64-4882-a6da-4ec9e387cbd9", "indicator--5eddef05-a724-4102-b43f-4bade387cbd9", "indicator--5eddef05-fa94-4b07-88f4-4bb2e387cbd9", "indicator--5eddef05-d594-4069-a104-4ca4e387cbd9", "indicator--5eddef05-f810-4a19-b4e2-4600e387cbd9", "indicator--5eddef05-7ac4-48d6-b5c7-47efe387cbd9", "indicator--5eddef05-09fc-4f16-ba36-4ee4e387cbd9", "indicator--5eddef06-8da0-4c5b-a82d-40d3e387cbd9", "indicator--5eddef06-9910-47b5-a9f0-43b3e387cbd9", "indicator--5eddef06-8c48-4fc7-a3d3-450ce387cbd9", "indicator--5eddef06-3930-4074-81ff-4306e387cbd9", "indicator--5eddef06-e588-4634-a9bb-42d7e387cbd9", "indicator--5eddef06-d5dc-4336-b683-403de387cbd9", "indicator--5eddef06-6d88-4106-b238-412be387cbd9", "indicator--5eddef06-3158-4a24-8839-41d5e387cbd9", "indicator--5eddef06-fc9c-4ee3-945c-42a3e387cbd9", "indicator--5eddef07-0af4-47d1-92b8-417ce387cbd9", "indicator--5eddef07-ae90-478a-a1fe-4107e387cbd9", "indicator--5eddef07-5ef8-42ee-872b-49b1e387cbd9", "indicator--5eddef07-dff8-43b1-8e0d-4c3ce387cbd9", "indicator--5eddef07-07c8-4e4b-8c1f-433be387cbd9", "indicator--5eddef07-26f0-49d5-b067-46e5e387cbd9", "indicator--5eddef08-7018-4d8f-b2ee-41eae387cbd9", "indicator--5eddef08-c1b4-432b-abee-4e8de387cbd9", "observed-data--5eddef19-98fc-41ba-8c4a-472a02de0b81", "url--5eddef19-98fc-41ba-8c4a-472a02de0b81", "indicator--5eddefd8-45c0-44f9-ada9-466802de0b81", "observed-data--5eddefec-d324-49f1-9b9d-4af302de0b81", "network-traffic--5eddefec-d324-49f1-9b9d-4af302de0b81", "ipv4-addr--5eddefec-d324-49f1-9b9d-4af302de0b81", "indicator--dee9331f-94e5-4b35-a3c8-c7f101c355ea", "x-misp-object--6ce562e6-9c27-4a76-8849-b8eb1aa8f3f8", "indicator--1fe2e4e7-fb84-4231-a075-bf404e6d7a17", "x-misp-object--65ff6606-102a-44c9-b8cc-5d8fb120c488", "indicator--2ea7eb0c-30dc-4563-988e-90411d1b2a9b", "x-misp-object--0f66e100-c09c-4169-9721-dea1e1b88985", "indicator--54543b80-50d7-43ec-8397-a10ac8511d08", "x-misp-object--0ce483d5-1756-4a8e-bcd4-a82ee44c7a9e", "indicator--6dc37399-d3d3-464f-a2c1-8ee320d37e6a", "x-misp-object--9e193b62-9c44-4e8b-9c97-9f408bfb6f0c", "indicator--862a3bc0-848b-45a2-ac9b-3e3e4e3b912b", "x-misp-object--ab56250c-f14d-4617-b00e-139aa46f76f0", "indicator--add66139-1066-43d1-9c3e-e3f604aee8ef", "x-misp-object--8531a9ba-484d-4a6b-acfe-908c8345e3ae", "indicator--13abf8d1-76f3-49cb-8f2f-60b0e36b15bb", "x-misp-object--44854537-aa4d-4f5e-8787-ddd17e735df1", "indicator--1c14d80d-eef5-4b0f-a9b7-c182f7f5efe7", "x-misp-object--d0c82af9-405c-4ee4-a72f-564fb3a00f0b", "indicator--491b64b2-a655-439b-9349-b7918038440c", "x-misp-object--c22bad23-ed8b-4d83-b725-3519dcee10e9", "indicator--9805faa4-9533-433c-a902-6ab3d94b0c61", "x-misp-object--7492e92b-1b44-4581-992f-1f8aae6a883c", "indicator--17527ddf-7bda-4305-9dc1-9a1d6014333c", "x-misp-object--b704d83d-20ec-4a74-ade0-6cb55496a9eb", "indicator--845d1e34-80da-4996-a2c2-53ab6156afeb", "x-misp-object--121e7969-0ade-4d2b-aa20-065e70cad490", "indicator--503b0035-f2c9-4c2e-a76c-99abe658009e", "x-misp-object--82718f7a-fb06-4364-8feb-aff1934fda91", "indicator--f28eb254-2198-44f2-a79b-472d19d978d8", "x-misp-object--3a4c2108-0a5f-4836-9f0d-bb44c228d818", "indicator--0b36973b-ccff-4649-ad19-058d5fd6c82d", "x-misp-object--dbff2910-5abc-4777-a810-a30526aa06d1", "indicator--f25ad18e-4427-4664-b4f4-7420739f3b01", "x-misp-object--a1a0d38e-fbd0-4fbd-9d72-8acb71be2318", "indicator--ff74d4fc-812b-4a6b-b37d-a1970f81236a", "x-misp-object--c4497b36-95d2-4c4c-aea5-8f5e21f9b9a9", "indicator--5c6d098d-9a42-456a-8a8c-3d26c85f6153", "x-misp-object--43c17ad3-51df-44b1-9716-ebeed4fdca80", "indicator--7926acdf-7590-476e-8b14-8ecd14feb445", "x-misp-object--0ec19e42-4e5a-4ca6-886d-dbb5ba8cc309", "indicator--24536190-0343-4ec2-9728-1ff56f1a2c9d", "x-misp-object--1c780620-104e-4a42-ac75-837f0b290646", "indicator--13e37bd1-ffe5-47a1-aa0b-132a24d9f2a2", "x-misp-object--41242f7f-0530-439c-9a3b-619ebf227d4b", "indicator--4da1b519-23b0-402a-8b34-d437762fad79", "x-misp-object--13c32f52-9300-41ee-a3a5-737aadb8b84c", "indicator--98449839-4254-41f0-ba02-1a917d2d76d0", "x-misp-object--f872ca96-df69-4655-8c09-8dd8cc8e0af8", "relationship--b433cf9a-9fa0-4b2a-92e3-45f9d5b567ed", "relationship--c5973eaa-ea90-424f-8b8b-cef46806303c", "relationship--02772b14-f607-4790-a1e4-7277ffb624e4", "relationship--028dbd77-2b7a-4986-97cd-290a4097b605", "relationship--acff653f-93a2-4032-af69-f795cf8282ad", "relationship--e0a3c221-d12e-43f3-bd37-8dbe85a45345", "relationship--1f84897e-d178-4af7-bef0-154a663a4b6a", "relationship--9c007256-61a1-45e6-bbbf-a7c388bc8ede", "relationship--407713fa-e713-4a11-a38a-72475b1ee97f", "relationship--b891ac40-72a9-43c7-add7-12edfb393994", "relationship--a77cad4a-dac2-4853-972e-decd0040ee55", "relationship--1237789c-b2f3-42fc-8aa4-888a72eafce1", "relationship--286e7cf6-bcfe-4d37-ad31-af338527524e", "relationship--d00b8b33-4b99-4f56-ad36-97f47d82861f", "relationship--56193185-a260-4836-b0ab-5a531398bfe9", "relationship--89cbaef7-cb2e-4019-9fe6-2dd240a5dc89", "relationship--90cb1917-2e36-45b1-8265-7ef7149c07ae", "relationship--662bbaff-fe71-44d5-86bf-913cb53e81e4", "relationship--f920392d-9aeb-4f3a-bf21-a1c24e9e7a98", "relationship--b0faa869-d4d1-4c48-9a6c-c54edb738269", "relationship--45ca3f2b-e9ad-4718-ac93-d3d59bbfcd99", "relationship--d5f75c71-a60c-4073-80cd-2317fcc4c116", "relationship--6afd080a-6abe-487b-9dca-f640ecacb0e4", "relationship--931a6b4d-0b1e-42ad-bd7f-0a8da3309f4b" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "misp-galaxy:threat-actor=\"TA505\"", "type:OSINT", "osint:lifetime=\"perpetual\"", "osint:certainty=\"50\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef05-7d64-4882-a6da-4ec9e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:49.000Z", "modified": "2020-06-08T07:55:49.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = 'da69f29433079fd3362a44205288037e92a51649aee0dbdb7a004af979c1a2c0']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef05-a724-4102-b43f-4bade387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:49.000Z", "modified": "2020-06-08T07:55:49.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = 'ffa5704e0d8f90d2ff614a13a8592cc9214dd43ee63bfe55130406f0fe3d99f1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef05-fa94-4b07-88f4-4bb2e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:49.000Z", "modified": "2020-06-08T07:55:49.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = '8d14795b20647bf8ff806f9c9ea796f22fb4bca206451a4e099fc91a3b4b51da']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef05-d594-4069-a104-4ca4e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:49.000Z", "modified": "2020-06-08T07:55:49.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = '99e358f5cb421f5b27d6e6a25fd0d02c68dc91d9f35545109499210d3ebc09af']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef05-f810-4a19-b4e2-4600e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:49.000Z", "modified": "2020-06-08T07:55:49.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = '729cac7c82d789304b4433aaf4954e5702ca51e4e33d1d7540bbd1d3db682aa1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef05-7ac4-48d6-b5c7-47efe387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:49.000Z", "modified": "2020-06-08T07:55:49.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = '11c4d7d1295a5dd6a2e75d5ca9e63d17b860d85a4b536bb3261ecc7971ef1160']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef05-09fc-4f16-ba36-4ee4e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:49.000Z", "modified": "2020-06-08T07:55:49.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = 'd83c4504b995d83d26e5d38154aadfd143e5c4f2ba4db74702ef1d9b23653a8a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef06-8da0-4c5b-a82d-40d3e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:49.000Z", "modified": "2020-06-08T07:55:49.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = 'c9852bc298d391e6e505c779f66f56ee2bc1c798a165c755400d7f53eef32af1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef06-9910-47b5-a9f0-43b3e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:50.000Z", "modified": "2020-06-08T07:55:50.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = 'fb7a62b777cc0e8ef85881def16d3fbbda37623550834a75fe18211114a58348']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef06-8c48-4fc7-a3d3-450ce387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:50.000Z", "modified": "2020-06-08T07:55:50.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = '1aa9ff62b7c1443151a9fa3222fa6dbcb80e03cf605c35b0e6b89bba64395f09']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef06-3930-4074-81ff-4306e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:50.000Z", "modified": "2020-06-08T07:55:50.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = '68297165307bba31cc24147b26619d464e9651ef9dc640e08017432fdc5d558c']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef06-e588-4634-a9bb-42d7e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:50.000Z", "modified": "2020-06-08T07:55:50.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = 'f5bd2dfa0d751b21727043afd1f0d264391d539e39e5859afc9f746b9d254815']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef06-d5dc-4336-b683-403de387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:50.000Z", "modified": "2020-06-08T07:55:50.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = '7e63e4191deaec39a8876a53afba51f7422ab46452916eab894f4884b70d82f6']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef06-6d88-4106-b238-412be387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:50.000Z", "modified": "2020-06-08T07:55:50.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = 'beabc893191a149e7a8977a494a07b6afba1e2427609e7b19ba5037d25b00f65']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef06-3158-4a24-8839-41d5e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:50.000Z", "modified": "2020-06-08T07:55:50.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = 'fff1078e1fd6595676a83b18639c6426daf5a78aab1295e185f5fa1d5b448106']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef06-fc9c-4ee3-945c-42a3e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:50.000Z", "modified": "2020-06-08T07:55:50.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = '57f40bc3fe0c0fe4bb253a802a23b56601ded98a432f865859cdb5027c88fc9c']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef07-0af4-47d1-92b8-417ce387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:51.000Z", "modified": "2020-06-08T07:55:51.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = '477dce007f475e7709fd1f57d0a839857f0f0bfe9efd539fec6aef873bcfffc0']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef07-ae90-478a-a1fe-4107e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:51.000Z", "modified": "2020-06-08T07:55:51.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = 'ba627162e299061e1ec7d15f06bb722d4c0dc7dfb52f503e46f45f401decf7e9']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef07-5ef8-42ee-872b-49b1e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:51.000Z", "modified": "2020-06-08T07:55:51.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = '74b502f9181fc1dcdcdf1751bd878a62752eff2069c258a422cfcbcd27ffc0db']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef07-dff8-43b1-8e0d-4c3ce387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:51.000Z", "modified": "2020-06-08T07:55:51.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = '976f3e9c2f7c8eaff5daf9214707eb06b2aee4e9a1c38c110d7680ec58303dec']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef07-07c8-4e4b-8c1f-433be387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:51.000Z", "modified": "2020-06-08T07:55:51.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = '3fb29a8d9260d17d55e68d7a94dce24195bf8659bd4ced4ee5a338208df162bb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef07-26f0-49d5-b067-46e5e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:51.000Z", "modified": "2020-06-08T07:55:51.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = 'b4deb3f933ef379e07a770692d228114f159a9e709b1a7ea1a03530d5931d621']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef08-7018-4d8f-b2ee-41eae387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:52.000Z", "modified": "2020-06-08T07:55:52.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = '4e06ffed085764b0356faed9c1337724bd7ac6520fd4f1f8c161b3fd99b9cbba']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddef08-c1b4-432b-abee-4e8de387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:55:52.000Z", "modified": "2020-06-08T07:55:52.000Z", "description": "# get2 c2: shr-links.com", "pattern": "[file:hashes.SHA256 = '3785d529e4658e035205791c2d2165ba9075d3e0da14ec214da53cbb0a686f27']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:55:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--5eddef19-98fc-41ba-8c4a-472a02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:56:09.000Z", "modified": "2020-06-08T07:56:09.000Z", "first_observed": "2020-06-08T07:56:09Z", "last_observed": "2020-06-08T07:56:09Z", "number_observed": 1, "object_refs": [ "url--5eddef19-98fc-41ba-8c4a-472a02de0b81" ], "labels": [ "misp:type=\"link\"", "misp:category=\"External analysis\"" ] }, { "type": "url", "spec_version": "2.1", "id": "url--5eddef19-98fc-41ba-8c4a-472a02de0b81", "value": "https://github.com/MalwareLab-pl/ioc/blob/master/ta505.txt" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5eddefd8-45c0-44f9-ada9-466802de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:59:20.000Z", "modified": "2020-06-08T07:59:20.000Z", "pattern": "[url:value = 'https://shr-links.com/syscap/upt64/']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:59:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--5eddefec-d324-49f1-9b9d-4af302de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:59:40.000Z", "modified": "2020-06-08T07:59:40.000Z", "first_observed": "2020-06-08T07:59:40Z", "last_observed": "2020-06-08T07:59:40Z", "number_observed": 1, "object_refs": [ "network-traffic--5eddefec-d324-49f1-9b9d-4af302de0b81", "ipv4-addr--5eddefec-d324-49f1-9b9d-4af302de0b81" ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"" ] }, { "type": "network-traffic", "spec_version": "2.1", "id": "network-traffic--5eddefec-d324-49f1-9b9d-4af302de0b81", "dst_ref": "ipv4-addr--5eddefec-d324-49f1-9b9d-4af302de0b81", "protocols": [ "tcp" ] }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--5eddefec-d324-49f1-9b9d-4af302de0b81", "value": "92.38.163.14" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--dee9331f-94e5-4b35-a3c8-c7f101c355ea", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:45.000Z", "modified": "2020-06-08T07:57:45.000Z", "pattern": "[file:hashes.MD5 = '76d4d9710105e77f11023127c4603202' AND file:hashes.SHA1 = '5c9a006de991acb9c1eaa25ccd690a5969103613' AND file:hashes.SHA256 = '11c4d7d1295a5dd6a2e75d5ca9e63d17b860d85a4b536bb3261ecc7971ef1160']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--6ce562e6-9c27-4a76-8849-b8eb1aa8f3f8", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:45.000Z", "modified": "2020-06-08T07:57:45.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T15:56:50+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "1fdd6331-ff4d-4297-941f-a64a53237e08" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/11c4d7d1295a5dd6a2e75d5ca9e63d17b860d85a4b536bb3261ecc7971ef1160/detection/f-11c4d7d1295a5dd6a2e75d5ca9e63d17b860d85a4b536bb3261ecc7971ef1160-1591372610", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "14cdf452-752e-4903-bd8f-801aba33518f" }, { "type": "text", "object_relation": "detection-ratio", "value": "23/59", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "2d1e2fc7-3336-44ab-afb0-25d26eaef621" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--1fe2e4e7-fb84-4231-a075-bf404e6d7a17", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:45.000Z", "modified": "2020-06-08T07:57:45.000Z", "pattern": "[file:hashes.MD5 = '7922dd7e868d11720447d92d055b5f41' AND file:hashes.SHA1 = '588fa2d1a8365c6730d5c38e60c031c22c9c7a6d' AND file:hashes.SHA256 = 'c9852bc298d391e6e505c779f66f56ee2bc1c798a165c755400d7f53eef32af1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--65ff6606-102a-44c9-b8cc-5d8fb120c488", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:45.000Z", "modified": "2020-06-08T07:57:45.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T15:41:00+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "3f2e29b5-230f-4147-bdb1-9061518a1870" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/c9852bc298d391e6e505c779f66f56ee2bc1c798a165c755400d7f53eef32af1/detection/f-c9852bc298d391e6e505c779f66f56ee2bc1c798a165c755400d7f53eef32af1-1591371660", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "a95580cc-f81c-47c6-af1f-88aa2cbcb411" }, { "type": "text", "object_relation": "detection-ratio", "value": "24/61", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "1e197331-39b3-4198-bcee-2305ce133286" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--2ea7eb0c-30dc-4563-988e-90411d1b2a9b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:45.000Z", "modified": "2020-06-08T07:57:45.000Z", "pattern": "[file:hashes.MD5 = 'be1c1c8e84f203611ff89262c516d3eb' AND file:hashes.SHA1 = 'b6ade2071fbf76d3813b203d1169298a2affeecc' AND file:hashes.SHA256 = 'ffa5704e0d8f90d2ff614a13a8592cc9214dd43ee63bfe55130406f0fe3d99f1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--0f66e100-c09c-4169-9721-dea1e1b88985", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:46.000Z", "modified": "2020-06-08T07:57:46.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-07T08:47:46+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "6833f344-e2a7-4280-b198-47a75d199857" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/ffa5704e0d8f90d2ff614a13a8592cc9214dd43ee63bfe55130406f0fe3d99f1/detection/f-ffa5704e0d8f90d2ff614a13a8592cc9214dd43ee63bfe55130406f0fe3d99f1-1591519666", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "45239fbd-1a86-43df-93a9-db84c1c5e9d0" }, { "type": "text", "object_relation": "detection-ratio", "value": "35/61", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "d8cf9e2f-4ca1-4f76-b51d-35fafc15fcfb" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--54543b80-50d7-43ec-8397-a10ac8511d08", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:46.000Z", "modified": "2020-06-08T07:57:46.000Z", "pattern": "[file:hashes.MD5 = '192850f198984a57f3379aca25071fe5' AND file:hashes.SHA1 = 'a43b96ec81b6f59be3c7ea84116150f22522b6a7' AND file:hashes.SHA256 = 'f5bd2dfa0d751b21727043afd1f0d264391d539e39e5859afc9f746b9d254815']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--0ce483d5-1756-4a8e-bcd4-a82ee44c7a9e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:46.000Z", "modified": "2020-06-08T07:57:46.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-07T08:47:19+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "1bfeae79-4f56-4d89-8527-17dd64c8b903" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/f5bd2dfa0d751b21727043afd1f0d264391d539e39e5859afc9f746b9d254815/detection/f-f5bd2dfa0d751b21727043afd1f0d264391d539e39e5859afc9f746b9d254815-1591519639", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "df0d70e7-7d26-481b-a6c4-6833698f22b7" }, { "type": "text", "object_relation": "detection-ratio", "value": "33/61", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "e7f7ce4a-6e98-41c0-b47f-8a4b3895d3ef" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6dc37399-d3d3-464f-a2c1-8ee320d37e6a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:46.000Z", "modified": "2020-06-08T07:57:46.000Z", "pattern": "[file:hashes.MD5 = '72734bd6dae49c29c75c3d620569b240' AND file:hashes.SHA1 = 'ced97bb4810cd20ee8c34d66eabe9ebe198a4fbd' AND file:hashes.SHA256 = '99e358f5cb421f5b27d6e6a25fd0d02c68dc91d9f35545109499210d3ebc09af']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--9e193b62-9c44-4e8b-9c97-9f408bfb6f0c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:47.000Z", "modified": "2020-06-08T07:57:47.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T16:18:04+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "40c8948d-6614-4976-aa32-a23371194de8" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/99e358f5cb421f5b27d6e6a25fd0d02c68dc91d9f35545109499210d3ebc09af/detection/f-99e358f5cb421f5b27d6e6a25fd0d02c68dc91d9f35545109499210d3ebc09af-1591373884", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "356d5fdf-d9fe-4686-8a3e-a50c7271b51e" }, { "type": "text", "object_relation": "detection-ratio", "value": "24/61", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "3771134e-7d5d-43c3-857c-86c5a66e4cc9" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--862a3bc0-848b-45a2-ac9b-3e3e4e3b912b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:47.000Z", "modified": "2020-06-08T07:57:47.000Z", "pattern": "[file:hashes.MD5 = '8ba0e2bfcf76a6e29451ef6246f88027' AND file:hashes.SHA1 = 'ca96f20bdfbb5966735b2b2919d05201d8171eff' AND file:hashes.SHA256 = '3fb29a8d9260d17d55e68d7a94dce24195bf8659bd4ced4ee5a338208df162bb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--ab56250c-f14d-4617-b00e-139aa46f76f0", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:48.000Z", "modified": "2020-06-08T07:57:48.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-07T08:47:36+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "7f2df9c6-80c7-4ff5-8dda-47a8818733d5" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/3fb29a8d9260d17d55e68d7a94dce24195bf8659bd4ced4ee5a338208df162bb/detection/f-3fb29a8d9260d17d55e68d7a94dce24195bf8659bd4ced4ee5a338208df162bb-1591519656", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "ca836505-845e-43d3-921b-c07749c2c3f7" }, { "type": "text", "object_relation": "detection-ratio", "value": "36/62", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "b278da30-02c7-4f3b-bc21-62d8e66dc3b2" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--add66139-1066-43d1-9c3e-e3f604aee8ef", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:48.000Z", "modified": "2020-06-08T07:57:48.000Z", "pattern": "[file:hashes.MD5 = '8e0362dc80fe13c0516269629917a5c6' AND file:hashes.SHA1 = '877efed5d8335226013748d5c2c4bbb1f54c3f4c' AND file:hashes.SHA256 = 'beabc893191a149e7a8977a494a07b6afba1e2427609e7b19ba5037d25b00f65']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--8531a9ba-484d-4a6b-acfe-908c8345e3ae", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:48.000Z", "modified": "2020-06-08T07:57:48.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-07T08:47:37+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "515a5a31-88b5-45ef-9a05-013d31b4ae1f" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/beabc893191a149e7a8977a494a07b6afba1e2427609e7b19ba5037d25b00f65/detection/f-beabc893191a149e7a8977a494a07b6afba1e2427609e7b19ba5037d25b00f65-1591519657", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "91601410-732c-47e2-9341-a36ae721a7ae" }, { "type": "text", "object_relation": "detection-ratio", "value": "36/62", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "b42b001b-2d9f-4762-b043-11202a366225" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--13abf8d1-76f3-49cb-8f2f-60b0e36b15bb", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:49.000Z", "modified": "2020-06-08T07:57:49.000Z", "pattern": "[file:hashes.MD5 = '0371319d18d95c62224f9f00f0c5f559' AND file:hashes.SHA1 = '61ad9193b0d4d16c819e0c3a910a31503003911b' AND file:hashes.SHA256 = '729cac7c82d789304b4433aaf4954e5702ca51e4e33d1d7540bbd1d3db682aa1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--44854537-aa4d-4f5e-8787-ddd17e735df1", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:49.000Z", "modified": "2020-06-08T07:57:49.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-07T14:33:48+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "99dd132e-72ae-4421-acaf-c0c75faa54f6" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/729cac7c82d789304b4433aaf4954e5702ca51e4e33d1d7540bbd1d3db682aa1/detection/f-729cac7c82d789304b4433aaf4954e5702ca51e4e33d1d7540bbd1d3db682aa1-1591540428", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "9e8e65fa-f34a-40df-a77f-65da0c6be470" }, { "type": "text", "object_relation": "detection-ratio", "value": "35/61", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "70b96532-6c53-44fc-8946-92662ccf3088" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--1c14d80d-eef5-4b0f-a9b7-c182f7f5efe7", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:49.000Z", "modified": "2020-06-08T07:57:49.000Z", "pattern": "[file:hashes.MD5 = 'a7befa28b5b2677ed603642e68e71f14' AND file:hashes.SHA1 = 'b0e7d5bddc5be96b5d19f37acd6d8b9c0bba98d4' AND file:hashes.SHA256 = '477dce007f475e7709fd1f57d0a839857f0f0bfe9efd539fec6aef873bcfffc0']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--d0c82af9-405c-4ee4-a72f-564fb3a00f0b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:50.000Z", "modified": "2020-06-08T07:57:50.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-07T08:47:43+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "9419db48-279d-47fd-975c-557af6be78d6" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/477dce007f475e7709fd1f57d0a839857f0f0bfe9efd539fec6aef873bcfffc0/detection/f-477dce007f475e7709fd1f57d0a839857f0f0bfe9efd539fec6aef873bcfffc0-1591519663", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "babbf339-5a98-413c-98d3-b6820d4fb03c" }, { "type": "text", "object_relation": "detection-ratio", "value": "35/62", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "45281b4e-bd25-42bc-8440-26c6161aece7" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--491b64b2-a655-439b-9349-b7918038440c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:50.000Z", "modified": "2020-06-08T07:57:50.000Z", "pattern": "[file:hashes.MD5 = '0b7efd2e4625db9aa96790b1b1ff0606' AND file:hashes.SHA1 = '665814a856d2cc5bb8c384abe6c8e3e86bbe457a' AND file:hashes.SHA256 = '4e06ffed085764b0356faed9c1337724bd7ac6520fd4f1f8c161b3fd99b9cbba']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--c22bad23-ed8b-4d83-b725-3519dcee10e9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:50.000Z", "modified": "2020-06-08T07:57:50.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-07T08:47:17+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "52ee6462-065b-447b-9108-d74c736d22e4" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/4e06ffed085764b0356faed9c1337724bd7ac6520fd4f1f8c161b3fd99b9cbba/detection/f-4e06ffed085764b0356faed9c1337724bd7ac6520fd4f1f8c161b3fd99b9cbba-1591519637", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "c7707771-aab7-4227-995d-5ffc4a7c1e26" }, { "type": "text", "object_relation": "detection-ratio", "value": "36/62", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "085fe616-54fb-456f-8dca-f4beb4209ed1" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--9805faa4-9533-433c-a902-6ab3d94b0c61", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:50.000Z", "modified": "2020-06-08T07:57:50.000Z", "pattern": "[file:hashes.MD5 = 'e42530cdf26863a64cf3e2a36ce453a0' AND file:hashes.SHA1 = '9ac036fce02324247d814248545698728c6801fa' AND file:hashes.SHA256 = '1aa9ff62b7c1443151a9fa3222fa6dbcb80e03cf605c35b0e6b89bba64395f09']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--7492e92b-1b44-4581-992f-1f8aae6a883c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:50.000Z", "modified": "2020-06-08T07:57:50.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-07T08:47:53+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "8f74f52a-bfbd-48d5-a552-7016c382f96e" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/1aa9ff62b7c1443151a9fa3222fa6dbcb80e03cf605c35b0e6b89bba64395f09/detection/f-1aa9ff62b7c1443151a9fa3222fa6dbcb80e03cf605c35b0e6b89bba64395f09-1591519673", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "ab991e99-4970-47bc-ab42-a0bdd5541c39" }, { "type": "text", "object_relation": "detection-ratio", "value": "36/62", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "854b42cd-7311-4dff-a3e6-75c82784757d" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--17527ddf-7bda-4305-9dc1-9a1d6014333c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:51.000Z", "modified": "2020-06-08T07:57:51.000Z", "pattern": "[file:hashes.MD5 = '5ef8996aa04140bdb8b2cc06dcf9295b' AND file:hashes.SHA1 = '7c96dd8b7c2db3d73a49cf2f89d2ac2039d4cc13' AND file:hashes.SHA256 = '74b502f9181fc1dcdcdf1751bd878a62752eff2069c258a422cfcbcd27ffc0db']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--b704d83d-20ec-4a74-ade0-6cb55496a9eb", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:51.000Z", "modified": "2020-06-08T07:57:51.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-07T08:47:31+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "a896a8ed-3a1c-45fa-808f-8406c7a21237" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/74b502f9181fc1dcdcdf1751bd878a62752eff2069c258a422cfcbcd27ffc0db/detection/f-74b502f9181fc1dcdcdf1751bd878a62752eff2069c258a422cfcbcd27ffc0db-1591519651", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "cfaba998-2eec-4a08-9e52-308dca8c1592" }, { "type": "text", "object_relation": "detection-ratio", "value": "35/62", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "d0145397-3745-4bda-ba5e-188a10a91ed0" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--845d1e34-80da-4996-a2c2-53ab6156afeb", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:51.000Z", "modified": "2020-06-08T07:57:51.000Z", "pattern": "[file:hashes.MD5 = '70bee4614d6feed54067b2326dac0d8c' AND file:hashes.SHA1 = '6226b2ef35896bbab2024a574efd0bbae60a2f95' AND file:hashes.SHA256 = '8d14795b20647bf8ff806f9c9ea796f22fb4bca206451a4e099fc91a3b4b51da']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--121e7969-0ade-4d2b-aa20-065e70cad490", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:52.000Z", "modified": "2020-06-08T07:57:52.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T17:25:24+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "ca9043e8-3334-4d51-8b43-01f35223d908" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/8d14795b20647bf8ff806f9c9ea796f22fb4bca206451a4e099fc91a3b4b51da/detection/f-8d14795b20647bf8ff806f9c9ea796f22fb4bca206451a4e099fc91a3b4b51da-1591377924", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "05daf9e6-e7ec-4f99-aa77-bc91adb2f0d3" }, { "type": "text", "object_relation": "detection-ratio", "value": "27/61", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "7d18973d-862f-42ca-b60f-f54a2711274d" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--503b0035-f2c9-4c2e-a76c-99abe658009e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:52.000Z", "modified": "2020-06-08T07:57:52.000Z", "pattern": "[file:hashes.MD5 = '3db430270c732bd63b2fdbe9f261418c' AND file:hashes.SHA1 = '018f669a416c7e70faf667bc00bdbd28589688c4' AND file:hashes.SHA256 = '68297165307bba31cc24147b26619d464e9651ef9dc640e08017432fdc5d558c']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--82718f7a-fb06-4364-8feb-aff1934fda91", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:52.000Z", "modified": "2020-06-08T07:57:52.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-07T08:47:26+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "0357388c-8398-4468-8afe-0e6b8ad4cef7" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/68297165307bba31cc24147b26619d464e9651ef9dc640e08017432fdc5d558c/detection/f-68297165307bba31cc24147b26619d464e9651ef9dc640e08017432fdc5d558c-1591519646", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "87c06057-44be-40a4-ad64-3a02a9f9aaf8" }, { "type": "text", "object_relation": "detection-ratio", "value": "35/62", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "d1d57e65-5449-489f-b35b-8939cbbfb5a8" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--f28eb254-2198-44f2-a79b-472d19d978d8", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:52.000Z", "modified": "2020-06-08T07:57:52.000Z", "pattern": "[file:hashes.MD5 = '2a00e6a23e50628c3a14bf899cd90fb3' AND file:hashes.SHA1 = '915e6c4ec3a8ba5c5840818c4dfd7264d223af0d' AND file:hashes.SHA256 = 'fb7a62b777cc0e8ef85881def16d3fbbda37623550834a75fe18211114a58348']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--3a4c2108-0a5f-4836-9f0d-bb44c228d818", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:52.000Z", "modified": "2020-06-08T07:57:52.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T15:22:51+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "b0e049e0-3fe2-48da-bbde-76fe8a49f113" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/fb7a62b777cc0e8ef85881def16d3fbbda37623550834a75fe18211114a58348/detection/f-fb7a62b777cc0e8ef85881def16d3fbbda37623550834a75fe18211114a58348-1591370571", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "1055b4f0-8f6e-4db8-a050-4806b3610663" }, { "type": "text", "object_relation": "detection-ratio", "value": "24/61", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "5d042d8b-6f50-4e39-9f4d-aab333ac0c02" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--0b36973b-ccff-4649-ad19-058d5fd6c82d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:53.000Z", "modified": "2020-06-08T07:57:53.000Z", "pattern": "[file:hashes.MD5 = '03d2595f08bf26294c85ef4a323cce6b' AND file:hashes.SHA1 = '58564d5b674408cd945101fc51016f34f5cdcf0b' AND file:hashes.SHA256 = 'ba627162e299061e1ec7d15f06bb722d4c0dc7dfb52f503e46f45f401decf7e9']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--dbff2910-5abc-4777-a810-a30526aa06d1", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:53.000Z", "modified": "2020-06-08T07:57:53.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-07T08:47:16+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "33a45a30-5d2f-48c1-9aa8-7cbe12c7e561" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/ba627162e299061e1ec7d15f06bb722d4c0dc7dfb52f503e46f45f401decf7e9/detection/f-ba627162e299061e1ec7d15f06bb722d4c0dc7dfb52f503e46f45f401decf7e9-1591519636", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "6252048c-cb84-4c47-bb5e-e17e3af8ebc9" }, { "type": "text", "object_relation": "detection-ratio", "value": "35/61", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "1091ec45-7e5b-4e6c-8352-a27e97d7ed41" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--f25ad18e-4427-4664-b4f4-7420739f3b01", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:53.000Z", "modified": "2020-06-08T07:57:53.000Z", "pattern": "[file:hashes.MD5 = '23d54d1cbcf95f8ced8e0bfc30d297f4' AND file:hashes.SHA1 = '29e23e8490b68c749c302650e9779e54d976ea15' AND file:hashes.SHA256 = '976f3e9c2f7c8eaff5daf9214707eb06b2aee4e9a1c38c110d7680ec58303dec']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--a1a0d38e-fbd0-4fbd-9d72-8acb71be2318", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:53.000Z", "modified": "2020-06-08T07:57:53.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T13:04:11+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "92458287-b089-4e52-b42e-5115cbfabb46" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/976f3e9c2f7c8eaff5daf9214707eb06b2aee4e9a1c38c110d7680ec58303dec/detection/f-976f3e9c2f7c8eaff5daf9214707eb06b2aee4e9a1c38c110d7680ec58303dec-1591362251", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "c6f39e52-05c1-412d-9f5d-23b6843329c0" }, { "type": "text", "object_relation": "detection-ratio", "value": "8/60", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "ad786d93-1948-4923-9370-2958f4846a13" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--ff74d4fc-812b-4a6b-b37d-a1970f81236a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:53.000Z", "modified": "2020-06-08T07:57:53.000Z", "pattern": "[file:hashes.MD5 = '095b95375b6710664b72eef48d7e3af1' AND file:hashes.SHA1 = '8c0479901702cbab4e90e3c974277a38621e9fe9' AND file:hashes.SHA256 = 'b4deb3f933ef379e07a770692d228114f159a9e709b1a7ea1a03530d5931d621']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--c4497b36-95d2-4c4c-aea5-8f5e21f9b9a9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:54.000Z", "modified": "2020-06-08T07:57:54.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-07T08:47:17+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "a535713e-a2d3-4441-be11-fef1b74c90c5" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/b4deb3f933ef379e07a770692d228114f159a9e709b1a7ea1a03530d5931d621/detection/f-b4deb3f933ef379e07a770692d228114f159a9e709b1a7ea1a03530d5931d621-1591519637", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "e8849eaa-290c-492d-a2a0-1ed7709b47b8" }, { "type": "text", "object_relation": "detection-ratio", "value": "35/62", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "56708db8-6296-4092-9485-636bceab85db" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c6d098d-9a42-456a-8a8c-3d26c85f6153", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:54.000Z", "modified": "2020-06-08T07:57:54.000Z", "pattern": "[file:hashes.MD5 = '176b9dcdae46842e45ec7d6498c1e632' AND file:hashes.SHA1 = '857a5b9974c0f14e9e6545fca74ce5752d81b8c5' AND file:hashes.SHA256 = 'd83c4504b995d83d26e5d38154aadfd143e5c4f2ba4db74702ef1d9b23653a8a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--43c17ad3-51df-44b1-9716-ebeed4fdca80", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:54.000Z", "modified": "2020-06-08T07:57:54.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-07T08:47:18+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "47458e2b-088c-480b-8f7b-63f9839ccc29" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/d83c4504b995d83d26e5d38154aadfd143e5c4f2ba4db74702ef1d9b23653a8a/detection/f-d83c4504b995d83d26e5d38154aadfd143e5c4f2ba4db74702ef1d9b23653a8a-1591519638", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "4b70e53f-ab09-40c9-93b2-115bc3ba2fd1" }, { "type": "text", "object_relation": "detection-ratio", "value": "35/62", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "fcf5c120-3a86-4919-90a4-48a0c7dedaa7" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--7926acdf-7590-476e-8b14-8ecd14feb445", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:54.000Z", "modified": "2020-06-08T07:57:54.000Z", "pattern": "[file:hashes.MD5 = '8e4c6545134b1f950f4994c3117e938a' AND file:hashes.SHA1 = '7d283592694c9cfdb8f4bdde6bfccda74cf576bf' AND file:hashes.SHA256 = '3785d529e4658e035205791c2d2165ba9075d3e0da14ec214da53cbb0a686f27']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--0ec19e42-4e5a-4ca6-886d-dbb5ba8cc309", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:54.000Z", "modified": "2020-06-08T07:57:54.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-07T08:47:37+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "598fe168-f012-4539-957d-5cae40b382d1" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/3785d529e4658e035205791c2d2165ba9075d3e0da14ec214da53cbb0a686f27/detection/f-3785d529e4658e035205791c2d2165ba9075d3e0da14ec214da53cbb0a686f27-1591519657", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "95c84958-d569-4e5d-8eb1-4582e919891c" }, { "type": "text", "object_relation": "detection-ratio", "value": "35/62", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "46335177-5271-4c06-8aa2-2cca56220291" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--24536190-0343-4ec2-9728-1ff56f1a2c9d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:55.000Z", "modified": "2020-06-08T07:57:55.000Z", "pattern": "[file:hashes.MD5 = '5f827d1c77e743a1afc97a5116f6dc8d' AND file:hashes.SHA1 = '472ab52d68e82d8a26ebf2692dd8939b29297097' AND file:hashes.SHA256 = 'da69f29433079fd3362a44205288037e92a51649aee0dbdb7a004af979c1a2c0']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--1c780620-104e-4a42-ac75-837f0b290646", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:55.000Z", "modified": "2020-06-08T07:57:55.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-07T08:47:31+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "c8cf2c1b-489d-459a-939f-826574315b65" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/da69f29433079fd3362a44205288037e92a51649aee0dbdb7a004af979c1a2c0/detection/f-da69f29433079fd3362a44205288037e92a51649aee0dbdb7a004af979c1a2c0-1591519651", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "0a09c9b9-7608-4d51-b6dd-5387eb5be2ad" }, { "type": "text", "object_relation": "detection-ratio", "value": "35/62", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "afe1d847-4704-48b7-83d5-672fe4fe8a7d" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--13e37bd1-ffe5-47a1-aa0b-132a24d9f2a2", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:55.000Z", "modified": "2020-06-08T07:57:55.000Z", "pattern": "[file:hashes.MD5 = '27d945c488031ba6b3fde4969ee497b7' AND file:hashes.SHA1 = 'e44ec2d2ecc92399644f8b2121b5ad0d477be989' AND file:hashes.SHA256 = '57f40bc3fe0c0fe4bb253a802a23b56601ded98a432f865859cdb5027c88fc9c']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--41242f7f-0530-439c-9a3b-619ebf227d4b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:55.000Z", "modified": "2020-06-08T07:57:55.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-07T08:47:22+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "08c8d0c5-a165-426e-9d47-115f7ecb509c" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/57f40bc3fe0c0fe4bb253a802a23b56601ded98a432f865859cdb5027c88fc9c/detection/f-57f40bc3fe0c0fe4bb253a802a23b56601ded98a432f865859cdb5027c88fc9c-1591519642", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "516ba4c2-9c7a-425d-b1ed-b5c1e93609f3" }, { "type": "text", "object_relation": "detection-ratio", "value": "35/62", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "0fb1ef36-db6b-4d1c-a020-72253c2aef7c" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--4da1b519-23b0-402a-8b34-d437762fad79", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:56.000Z", "modified": "2020-06-08T07:57:56.000Z", "pattern": "[file:hashes.MD5 = 'b8e872c70a524be967a7433da70cb290' AND file:hashes.SHA1 = '6fa99b401074456c2c2780031f0f468645049b0e' AND file:hashes.SHA256 = 'fff1078e1fd6595676a83b18639c6426daf5a78aab1295e185f5fa1d5b448106']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--13c32f52-9300-41ee-a3a5-737aadb8b84c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:56.000Z", "modified": "2020-06-08T07:57:56.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-07T08:47:46+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "70c5c217-da64-4d8b-ad32-ea765fff96e9" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/fff1078e1fd6595676a83b18639c6426daf5a78aab1295e185f5fa1d5b448106/detection/f-fff1078e1fd6595676a83b18639c6426daf5a78aab1295e185f5fa1d5b448106-1591519666", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "24c19c1f-0394-4edf-bc80-4f6b742913fd" }, { "type": "text", "object_relation": "detection-ratio", "value": "36/62", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "f2408b91-7234-424a-a2db-41446bc8b8bc" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--98449839-4254-41f0-ba02-1a917d2d76d0", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:56.000Z", "modified": "2020-06-08T07:57:56.000Z", "pattern": "[file:hashes.MD5 = 'e249d3d1c0832edf6420f57d74a22a6a' AND file:hashes.SHA1 = '46526876907d34bc399578045e1fbce8d4e90cc3' AND file:hashes.SHA256 = '7e63e4191deaec39a8876a53afba51f7422ab46452916eab894f4884b70d82f6']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-08T07:57:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--f872ca96-df69-4655-8c09-8dd8cc8e0af8", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-08T07:57:58.000Z", "modified": "2020-06-08T07:57:58.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-07T08:47:53+00:00", "category": "Other", "comment": "# get2 c2: shr-links.com", "uuid": "c24c82a6-0d66-4ac2-b0d5-fc0e8ad59b40" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/7e63e4191deaec39a8876a53afba51f7422ab46452916eab894f4884b70d82f6/detection/f-7e63e4191deaec39a8876a53afba51f7422ab46452916eab894f4884b70d82f6-1591519673", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "858539ae-143a-4f38-aba6-735c7e6ce953" }, { "type": "text", "object_relation": "detection-ratio", "value": "35/61", "category": "Payload delivery", "comment": "# get2 c2: shr-links.com", "uuid": "5870e31f-b2b0-49ac-913e-c1ad3bf4e5c2" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--b433cf9a-9fa0-4b2a-92e3-45f9d5b567ed", "created": "2020-06-08T07:57:58.000Z", "modified": "2020-06-08T07:57:58.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--dee9331f-94e5-4b35-a3c8-c7f101c355ea", "target_ref": "x-misp-object--6ce562e6-9c27-4a76-8849-b8eb1aa8f3f8" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--c5973eaa-ea90-424f-8b8b-cef46806303c", "created": "2020-06-08T07:57:58.000Z", "modified": "2020-06-08T07:57:58.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--1fe2e4e7-fb84-4231-a075-bf404e6d7a17", "target_ref": "x-misp-object--65ff6606-102a-44c9-b8cc-5d8fb120c488" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--02772b14-f607-4790-a1e4-7277ffb624e4", "created": "2020-06-08T07:57:58.000Z", "modified": "2020-06-08T07:57:58.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--2ea7eb0c-30dc-4563-988e-90411d1b2a9b", "target_ref": "x-misp-object--0f66e100-c09c-4169-9721-dea1e1b88985" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--028dbd77-2b7a-4986-97cd-290a4097b605", "created": "2020-06-08T07:57:58.000Z", "modified": "2020-06-08T07:57:58.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--54543b80-50d7-43ec-8397-a10ac8511d08", "target_ref": "x-misp-object--0ce483d5-1756-4a8e-bcd4-a82ee44c7a9e" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--acff653f-93a2-4032-af69-f795cf8282ad", "created": "2020-06-08T07:57:58.000Z", "modified": "2020-06-08T07:57:58.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--6dc37399-d3d3-464f-a2c1-8ee320d37e6a", "target_ref": "x-misp-object--9e193b62-9c44-4e8b-9c97-9f408bfb6f0c" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--e0a3c221-d12e-43f3-bd37-8dbe85a45345", "created": "2020-06-08T07:57:58.000Z", "modified": "2020-06-08T07:57:58.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--862a3bc0-848b-45a2-ac9b-3e3e4e3b912b", "target_ref": "x-misp-object--ab56250c-f14d-4617-b00e-139aa46f76f0" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--1f84897e-d178-4af7-bef0-154a663a4b6a", "created": "2020-06-08T07:57:59.000Z", "modified": "2020-06-08T07:57:59.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--add66139-1066-43d1-9c3e-e3f604aee8ef", "target_ref": "x-misp-object--8531a9ba-484d-4a6b-acfe-908c8345e3ae" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--9c007256-61a1-45e6-bbbf-a7c388bc8ede", "created": "2020-06-08T07:57:59.000Z", "modified": "2020-06-08T07:57:59.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--13abf8d1-76f3-49cb-8f2f-60b0e36b15bb", "target_ref": "x-misp-object--44854537-aa4d-4f5e-8787-ddd17e735df1" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--407713fa-e713-4a11-a38a-72475b1ee97f", "created": "2020-06-08T07:58:00.000Z", "modified": "2020-06-08T07:58:00.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--1c14d80d-eef5-4b0f-a9b7-c182f7f5efe7", "target_ref": "x-misp-object--d0c82af9-405c-4ee4-a72f-564fb3a00f0b" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--b891ac40-72a9-43c7-add7-12edfb393994", "created": "2020-06-08T07:58:00.000Z", "modified": "2020-06-08T07:58:00.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--491b64b2-a655-439b-9349-b7918038440c", "target_ref": "x-misp-object--c22bad23-ed8b-4d83-b725-3519dcee10e9" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--a77cad4a-dac2-4853-972e-decd0040ee55", "created": "2020-06-08T07:58:00.000Z", "modified": "2020-06-08T07:58:00.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--9805faa4-9533-433c-a902-6ab3d94b0c61", "target_ref": "x-misp-object--7492e92b-1b44-4581-992f-1f8aae6a883c" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--1237789c-b2f3-42fc-8aa4-888a72eafce1", "created": "2020-06-08T07:58:00.000Z", "modified": "2020-06-08T07:58:00.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--17527ddf-7bda-4305-9dc1-9a1d6014333c", "target_ref": "x-misp-object--b704d83d-20ec-4a74-ade0-6cb55496a9eb" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--286e7cf6-bcfe-4d37-ad31-af338527524e", "created": "2020-06-08T07:58:00.000Z", "modified": "2020-06-08T07:58:00.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--845d1e34-80da-4996-a2c2-53ab6156afeb", "target_ref": "x-misp-object--121e7969-0ade-4d2b-aa20-065e70cad490" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--d00b8b33-4b99-4f56-ad36-97f47d82861f", "created": "2020-06-08T07:58:00.000Z", "modified": "2020-06-08T07:58:00.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--503b0035-f2c9-4c2e-a76c-99abe658009e", "target_ref": "x-misp-object--82718f7a-fb06-4364-8feb-aff1934fda91" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--56193185-a260-4836-b0ab-5a531398bfe9", "created": "2020-06-08T07:58:00.000Z", "modified": "2020-06-08T07:58:00.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--f28eb254-2198-44f2-a79b-472d19d978d8", "target_ref": "x-misp-object--3a4c2108-0a5f-4836-9f0d-bb44c228d818" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--89cbaef7-cb2e-4019-9fe6-2dd240a5dc89", "created": "2020-06-08T07:58:00.000Z", "modified": "2020-06-08T07:58:00.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--0b36973b-ccff-4649-ad19-058d5fd6c82d", "target_ref": "x-misp-object--dbff2910-5abc-4777-a810-a30526aa06d1" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--90cb1917-2e36-45b1-8265-7ef7149c07ae", "created": "2020-06-08T07:58:00.000Z", "modified": "2020-06-08T07:58:00.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--f25ad18e-4427-4664-b4f4-7420739f3b01", "target_ref": "x-misp-object--a1a0d38e-fbd0-4fbd-9d72-8acb71be2318" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--662bbaff-fe71-44d5-86bf-913cb53e81e4", "created": "2020-06-08T07:58:00.000Z", "modified": "2020-06-08T07:58:00.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--ff74d4fc-812b-4a6b-b37d-a1970f81236a", "target_ref": "x-misp-object--c4497b36-95d2-4c4c-aea5-8f5e21f9b9a9" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--f920392d-9aeb-4f3a-bf21-a1c24e9e7a98", "created": "2020-06-08T07:58:00.000Z", "modified": "2020-06-08T07:58:00.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--5c6d098d-9a42-456a-8a8c-3d26c85f6153", "target_ref": "x-misp-object--43c17ad3-51df-44b1-9716-ebeed4fdca80" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--b0faa869-d4d1-4c48-9a6c-c54edb738269", "created": "2020-06-08T07:58:00.000Z", "modified": "2020-06-08T07:58:00.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--7926acdf-7590-476e-8b14-8ecd14feb445", "target_ref": "x-misp-object--0ec19e42-4e5a-4ca6-886d-dbb5ba8cc309" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--45ca3f2b-e9ad-4718-ac93-d3d59bbfcd99", "created": "2020-06-08T07:58:00.000Z", "modified": "2020-06-08T07:58:00.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--24536190-0343-4ec2-9728-1ff56f1a2c9d", "target_ref": "x-misp-object--1c780620-104e-4a42-ac75-837f0b290646" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--d5f75c71-a60c-4073-80cd-2317fcc4c116", "created": "2020-06-08T07:58:01.000Z", "modified": "2020-06-08T07:58:01.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--13e37bd1-ffe5-47a1-aa0b-132a24d9f2a2", "target_ref": "x-misp-object--41242f7f-0530-439c-9a3b-619ebf227d4b" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--6afd080a-6abe-487b-9dca-f640ecacb0e4", "created": "2020-06-08T07:58:01.000Z", "modified": "2020-06-08T07:58:01.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--4da1b519-23b0-402a-8b34-d437762fad79", "target_ref": "x-misp-object--13c32f52-9300-41ee-a3a5-737aadb8b84c" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--931a6b4d-0b1e-42ad-bd7f-0a8da3309f4b", "created": "2020-06-08T07:58:01.000Z", "modified": "2020-06-08T07:58:01.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--98449839-4254-41f0-ba02-1a917d2d76d0", "target_ref": "x-misp-object--f872ca96-df69-4655-8c09-8dd8cc8e0af8" }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }