{ "type": "bundle", "id": "bundle--5edf24d5-6b5c-4e65-bc89-426e950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T07:10:50.000Z", "modified": "2020-06-09T07:10:50.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--5edf24d5-6b5c-4e65-bc89-426e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T07:10:50.000Z", "modified": "2020-06-09T07:10:50.000Z", "name": "OSINT - IQ-FA006:Dridex XLS Documents with Fancy Lures", "published": "2020-06-09T07:15:14Z", "object_refs": [ "indicator--5edf2500-10c0-47f9-997b-42cde387cbd9", "indicator--5edf2500-0640-4269-aab0-422de387cbd9", "indicator--5edf2500-b470-4116-bf71-4674e387cbd9", "indicator--5edf2500-0ec0-454a-9e30-4199e387cbd9", "indicator--5edf2500-d0c0-44b9-9158-4431e387cbd9", "indicator--5edf2500-8708-4b17-bd49-4d8fe387cbd9", "indicator--5edf2500-0830-40b4-8218-414ce387cbd9", "indicator--5edf2500-d64c-486c-9936-481be387cbd9", "indicator--5edf2500-9314-4028-ae88-4406e387cbd9", "indicator--5edf2501-f220-43f9-a903-4a11e387cbd9", "indicator--5edf2501-0f04-4630-97cf-41f4e387cbd9", "indicator--5edf2501-afd0-426a-bdf8-4064e387cbd9", "indicator--5edf2503-6dc8-42c6-8f88-4ad4e387cbd9", "indicator--5edf2504-b140-4a1b-8ff1-4352e387cbd9", "indicator--5edf2506-3c30-4ed2-be34-4bf8e387cbd9", "indicator--5edf2508-bbd4-4654-a8ea-4630e387cbd9", "indicator--5edf250a-f204-4c88-8ea2-4abce387cbd9", "indicator--5edf250c-6f6c-4c1a-a98a-43cce387cbd9", "indicator--5edf250e-b454-4402-8603-44e2e387cbd9", "indicator--5edf2510-7718-4871-b9eb-4048e387cbd9", "indicator--5edf2511-6840-4bb6-b457-4674e387cbd9", "indicator--5edf2513-fa7c-4469-89d3-45d3e387cbd9", "indicator--5edf2515-0d10-4f7a-8ea6-49dfe387cbd9", "indicator--5edf2517-8d58-4199-93ee-4fd3e387cbd9", "indicator--5edf251a-9d40-4746-8ef4-40ace387cbd9", "indicator--5edf251b-50c4-43b1-a9bd-4d7fe387cbd9", "indicator--5edf251d-36e4-4966-91ce-4a6ce387cbd9", "indicator--5edf251f-21c8-479f-a382-49f4e387cbd9", "indicator--5edf251f-4f94-4e9b-a567-447ce387cbd9", "indicator--5edf251f-e698-4972-8261-43c3e387cbd9", "indicator--5edf251f-1bb0-494d-8309-44c9e387cbd9", "indicator--5edf251f-5980-4eb6-a63b-421be387cbd9", "indicator--5edf251f-adb8-42b9-b836-4149e387cbd9", "indicator--5edf2520-543c-48da-bff4-4928e387cbd9", "indicator--5edf2520-3df0-4a61-8147-4ac6e387cbd9", "indicator--5edf2520-13f8-458a-864e-4305e387cbd9", "indicator--5edf2520-3504-4caa-a806-4d02e387cbd9", "indicator--5edf2520-f210-42cd-ad56-4a1ee387cbd9", "indicator--5edf2522-976c-4c9a-91ff-42b8e387cbd9", "indicator--5edf2524-7be0-4c91-87c9-4b4ee387cbd9", "indicator--5edf2524-10f4-4d90-8ab0-4b24e387cbd9", "indicator--5edf2524-0620-4507-a5fd-4211e387cbd9", "indicator--5edf2524-17d0-4308-88a5-4e5ee387cbd9", "indicator--5edf2524-837c-460b-9f45-452ae387cbd9", "indicator--5edf2524-6cf0-44dd-b59b-401ee387cbd9", "indicator--5edf2524-1c30-4df2-88ba-49a4e387cbd9", "indicator--5edf2524-b590-472c-9058-4047e387cbd9", "indicator--5edf2524-9798-459e-a66e-43b6e387cbd9", "indicator--5edf2524-4c50-442c-8225-4575e387cbd9", "indicator--5edf2525-1acc-4b2d-aab4-41ace387cbd9", "indicator--5edf2525-cc20-4e5a-9ceb-4afae387cbd9", "indicator--5edf2525-7a10-45ca-8610-4ddae387cbd9", "indicator--5edf2525-7f00-41c2-bac3-41a9e387cbd9", "indicator--5edf2525-7170-4185-b0bd-47eae387cbd9", "indicator--5edf2527-ce78-4f96-b49a-4be7e387cbd9", "indicator--5edf2527-9374-402e-a14f-43fae387cbd9", "indicator--5edf2529-0bcc-4be8-9d7f-4b3ce387cbd9", "indicator--5edf2529-a678-4f43-b64e-44bde387cbd9", "indicator--5edf252a-f968-4efe-8840-4e89e387cbd9", "indicator--5edf252a-d8ac-4aa1-8610-41aee387cbd9", "indicator--5edf252a-cabc-4859-9266-47dfe387cbd9", "indicator--5edf252a-e820-4567-b27c-4c08e387cbd9", "indicator--5edf252a-0c70-4821-8224-4dc0e387cbd9", "indicator--5edf252a-c86c-4d90-b7f3-4651e387cbd9", "indicator--5edf252a-a2e8-46c7-a0d8-4e43e387cbd9", "indicator--5edf252a-4b5c-438f-9eb1-4563e387cbd9", "indicator--5edf252c-e1a4-4094-86bd-4fcde387cbd9", "indicator--5edf252c-a44c-4e8e-9baf-4c86e387cbd9", "indicator--5edf252c-1dc0-4276-9f1f-4695e387cbd9", "indicator--5edf252c-4ce0-41a8-b6e5-4bdde387cbd9", "indicator--5edf252c-7acc-4203-a250-49d6e387cbd9", "indicator--5edf252c-bb80-4bf2-a156-4247e387cbd9", "indicator--5edf252c-c5c4-4dfb-b485-40bee387cbd9", "indicator--5edf252f-b438-4e18-af8d-4d1ee387cbd9", "indicator--5edf252f-6f10-4099-8b31-4104e387cbd9", "indicator--5edf252f-9a60-4361-aa2a-4405e387cbd9", "indicator--5edf252f-02e4-4371-872b-49e2e387cbd9", "indicator--5edf252f-7104-4bc4-9340-4db2e387cbd9", "indicator--5edf252f-dc28-4ccf-993d-46d8e387cbd9", "indicator--5edf2531-61e0-43a5-a347-416be387cbd9", "indicator--5edf2531-5170-4cbb-81b5-4f6fe387cbd9", "indicator--5edf2531-422c-4791-8e2a-4548e387cbd9", "indicator--d89b10ca-d90c-47f7-ac81-b2829974d657", "x-misp-object--900ce041-dfaa-4cef-8cb6-4dc15ba9e7e3", "indicator--30e8dc43-5696-472a-ae62-7ff9009a4530", "x-misp-object--f78805f3-454e-4c28-8e9d-da08497493b0", "indicator--9b4eda44-e5cd-4d9a-9d51-b106876bcd8c", "x-misp-object--ab715d98-7e1c-46fa-a7e2-1b703574523c", "indicator--075611f6-615d-4e32-9a17-50f01363a0af", "x-misp-object--dec9f73c-7bb0-4e21-99d4-8f34b60dff09", "indicator--3be4313f-e1f6-48af-ace1-97ee4f1e9050", "x-misp-object--23e65c58-88c8-462d-b3c8-d73c950c5a14", "indicator--8034d958-60fa-41ba-acbf-5c360cdb4bf3", "x-misp-object--f95cfe04-18ba-4750-83f4-8f02a27ea64c", "indicator--0df9ef00-7657-4a0a-b741-7038330aad91", "x-misp-object--6ee5680e-3f35-4d36-aaa8-ffba22e4eef6", "indicator--46144bb3-b1b4-43ce-9214-bc02d9e6b532", "x-misp-object--c33a9c32-1993-482c-917d-f8c8b8dfce94", "indicator--72221436-c0a8-465e-b386-02ca0145c8a5", "x-misp-object--df0b6060-9424-44df-b24d-50010c1ddf9e", "indicator--44a0a2d0-b960-45e1-a717-f0c41f1a9c0b", "x-misp-object--836e0af6-4dbb-44a9-98df-8bc54dbde31e", "indicator--07cf1eb8-076e-442b-a9c4-3e0d311531b5", "x-misp-object--f5df88c1-fcfb-4b95-afe6-0f4c99138cfe", "indicator--4679265b-1231-4b99-bd2f-d20d0960d347", "x-misp-object--b0da3f28-76fe-400c-b083-82454e177213", "indicator--c6ec90b6-1e3a-4821-9adc-77b2e9eaacd3", "x-misp-object--d49fc5d1-2074-4238-a4b4-7372e389593d", "indicator--6093b577-0406-4b50-aeed-67f869b5102c", "x-misp-object--9ad70519-e27b-40ae-9ca7-5ea5a63fe322", "indicator--27fcfb5c-8569-4e24-b931-e8441ea89687", "x-misp-object--a28538ac-63fa-4abe-8bf8-8c623a5ecddd", "indicator--4a3ef6aa-b702-4321-9afa-6db30fb41ea4", "x-misp-object--de5fda18-6b74-4d3d-9271-8f706d6fa41a", "indicator--0dc86ee5-1e8b-4955-b6d4-cf2faf678ccc", "x-misp-object--23d55af4-2648-4249-b84c-f6fab5dfe5b9", "indicator--f09cdda4-d278-44db-acad-b2857a94251f", "x-misp-object--3ec4966c-7b38-4222-a56d-898f7ebfb9dc", "indicator--83d32ab3-447e-41ab-ba41-ee7f2b80606c", "x-misp-object--21417981-9841-4bea-b6cd-93199fca2d5e", "indicator--2e1ac848-36eb-4f1c-93ae-24e585b54433", "x-misp-object--16420e7f-7d0d-4ae9-a5bf-b801d1912119", "indicator--886acb36-b778-4ff4-9c0d-c4eaf7f6bfeb", "x-misp-object--77d3db3a-79f6-4a98-8548-2ec6ab80da2f", "indicator--cb0a9fc7-efe3-4f55-b5af-18b67b78ee6e", "x-misp-object--c68def7e-0e0a-47f7-ad7f-340d0fe2be6d", "indicator--88e5d29f-37c2-4ae3-b14e-b82c898781f8", "x-misp-object--7b519bdf-c502-4ca6-83c5-d7028c629db8", "indicator--f08817e6-be28-493f-96f4-7edcedc447b0", "x-misp-object--901357a4-20c3-455b-b0a3-19a0f7411b34", "indicator--607a4d64-896c-4b1e-832e-b27a1ba926e4", "x-misp-object--ca26c7e1-e5ca-415d-871d-2fea04786a4d", "indicator--417c7b12-f55c-408c-9d4b-d6c6298116b7", "x-misp-object--b36dc007-3b5c-4e99-b628-7e843becfbd1", "indicator--5ababfda-57fa-430f-8a8e-40490185b41e", "x-misp-object--2123bb62-8e34-43d9-8d93-832511e08d2c", "indicator--caa6bf35-269e-479c-9134-9f32d4995eef", "x-misp-object--aeb8868a-6ac0-4a86-9929-6e04ef0f578a", "indicator--70b0a245-cc60-4665-8345-75c3fa46380c", "x-misp-object--28ec2dc3-46f3-43bf-bd6f-daffc85e1ad7", "indicator--b87bb012-05e0-46ed-a509-52f57e8d47c2", "x-misp-object--72278eca-2c0a-4aaa-8d35-87551023b3ef", "indicator--755e5c5d-f8ee-4d53-8cfc-6c1bf7e9737e", "x-misp-object--3d19ecae-2b1f-4c06-9656-f596a40b380e", "indicator--8d0ffa81-f0c7-429d-8f43-7dcb4a65177c", "x-misp-object--d5208822-8e6a-4bd3-97c2-ba0200435469", "indicator--06a1d251-aceb-4e4d-ad48-1db678a12d0b", "x-misp-object--1f150a93-e848-469b-af16-76dd411457bd", "indicator--c498cc28-1920-4db5-8cb5-34f55eec93a4", "x-misp-object--aa407782-fcaa-4402-a73b-86e1bdf292ee", "indicator--f659716f-6ea7-475f-9d61-04e88c406f40", "x-misp-object--3e852049-d9d6-4eed-9885-2e63decce573", "indicator--c6494a3e-fa2c-4cac-a248-bbe0c1d56b53", "x-misp-object--3a5f0e90-c569-4f34-9c55-e975fbf20204", "indicator--2658dbdc-527e-44b4-b1d7-03339fbc8b11", "x-misp-object--42fdd7f5-2557-48b5-b48c-56238c6bf285", "indicator--3d1299d5-1344-4be5-aefa-3ffb35a40a93", "x-misp-object--92609381-e064-45ef-b40c-ad7407545efd", "indicator--fd8519ed-2362-40be-ab1b-4daf21d8628a", "x-misp-object--5c479fb7-7b27-4cac-b1cb-9e6b74bbf388", "indicator--6b733565-8f47-4de9-9bbc-810e295e5169", "x-misp-object--36a13ea7-530d-4744-a2ef-307970bc215e", "indicator--1e2e2fc2-2cd6-497d-807a-fc12e9eabce6", "x-misp-object--7683dbcd-1fff-4605-a06a-e6a48b91457c", "indicator--5dde504f-1091-4678-b154-190825774f03", "x-misp-object--c0a8b1cf-2879-4d58-9b31-d08f485461a3", "indicator--77d64976-aba3-40f9-b9d3-f835bf208170", "x-misp-object--8592cadd-a5ed-489a-bf33-8c54cbc2c808", "indicator--a5631381-183c-4b80-a250-adf9c9123c77", "x-misp-object--b774dd41-d3cd-4d50-9b07-2505de7e0e4b", "indicator--ded62a1c-8ccb-41af-9f06-f4be406dd46b", "x-misp-object--c3818fc0-9785-4c01-ac5a-08d8ac7754c2", "indicator--c9ad8598-5527-4f55-97ea-baada6e4f98c", "x-misp-object--c84d21bb-bb57-420e-b59f-ae03ed4f6e8a", "indicator--f21d7940-84a2-4d6f-acea-0a1ba19c21f7", "x-misp-object--90242e98-98ed-40e8-9354-ada828e137d2", "indicator--a307466f-d959-4593-8a29-4b0c830d5336", "x-misp-object--9be4f043-827a-403d-b10c-17d8337ffd5c", "indicator--d0e67cb3-b1e8-43e4-8c32-30ea97599b75", "x-misp-object--c79ef7b2-4efb-4db8-91c1-94370849b546", "indicator--21327aa5-00ae-4c4f-a5cb-5034b481dba1", "x-misp-object--0224c52a-1b8d-415b-bc81-fe6c122bb3cf", "indicator--7920ef25-680a-4be9-92ce-01802b3c9e6a", "x-misp-object--096fa49e-5aec-4bcb-bb03-6676e3cd09f7", "indicator--360da40a-d5bd-463b-a358-912d8b1cb32e", "x-misp-object--04f31345-2514-4ebc-810c-4fcf298a9dfc", "indicator--91caeb9c-8bcc-46c4-a2b1-967cb2ffc06b", "x-misp-object--16355c6c-5495-4128-b058-a75caffcc180", "indicator--7ebe7237-c0c2-4b5a-990f-d772e7380a4a", "x-misp-object--772cbd68-b23c-43b2-83f6-d2e04fa9fb7a", "indicator--d65d8426-637a-4461-aef9-3aeee89fdb68", "x-misp-object--321df88e-3d1f-4c02-b568-f4150e216f6d", "indicator--0cd3c477-a7f0-40d7-b4d3-1a66fcf454b6", "x-misp-object--43c340b7-1379-4812-a486-d88ce1f4a269", "indicator--02ffe887-b7e7-4f22-8916-d0d09f027627", "x-misp-object--afc704d0-bc2b-4bdb-af7e-386697650f60", "indicator--efec214e-341d-48b8-a691-eb5323c6a65e", "x-misp-object--88c76c85-0992-446d-823d-ad812fa0e834", "indicator--893e683a-d963-478a-81b8-515a607f26f9", "x-misp-object--cd256349-da15-4795-8859-39beae284bf5", "indicator--0fdf714c-00e3-4e05-be1d-8ea23d0ce8da", "x-misp-object--39d8757d-7d4f-4a82-b436-413099f5352c", "indicator--3c6835b0-9345-4fa9-9dcc-a34ba656f9cd", "x-misp-object--d536dabc-5b89-47cf-a262-8c3ac457a884", "indicator--a84b79e3-bc00-4922-bd77-6960e5fad744", "x-misp-object--f90e7bfd-931b-4b4a-8037-9fba919341e6", "indicator--7c7cd57a-b804-4dde-bded-f75c3e3cf6ae", "x-misp-object--11525246-c1d8-4d98-99ec-1951d92b8038", "indicator--073d8a2f-42d5-4382-b61c-5a758e00a5d6", "x-misp-object--66543bc6-fef9-4a42-9327-3ec832c746bc", "relationship--b2738bd1-8131-4765-bed6-d2cc5a7499d4", "relationship--e8f0cce1-7cec-4a63-9dc8-c1916ec80b5f", "relationship--8490e1d2-775d-45fe-a522-deb947597158", "relationship--b7c07f7f-66a9-4811-bf7c-2d7c337d1571", "relationship--8d0b86ec-28e7-423b-ad46-262f812345f8", "relationship--54dcf92a-255e-47a1-8ee4-ef0bc03e3e16", "relationship--7d55ed0f-1570-42a3-8764-8b9946e70acf", "relationship--7d2a88bf-3eec-4cba-b858-78c7541c0382", "relationship--370bbe5c-3067-4d9c-9335-c98e34fecc24", "relationship--299e4a0f-7ba2-4101-9ca8-902f52caa001", "relationship--80e65f75-5638-4433-ab87-d500467cc920", "relationship--af17e0ea-f9ad-4803-a2a2-85b88b27e655", "relationship--e2461d61-004e-4b32-8777-d5cf24a1dac5", "relationship--08e4df3e-c71a-4a0a-975f-2427397e9eac", "relationship--e0fde334-ea1e-453e-8220-80283f356d22", "relationship--562809cc-ded3-40fa-b920-0d50b0cb72d4", "relationship--fe12cb8c-d3ec-4016-a964-55c5002ccab8", "relationship--94ffb177-fb62-47e6-8f37-b09b1ee7a452", "relationship--7ce97cd6-5b6d-4102-b823-44e8da86d200", "relationship--f93fb35a-9d1e-4884-a471-e3895252cc80", "relationship--64f85b37-656b-429c-a38a-0fbd3eca0da6", "relationship--3b60e1a6-71ed-47ad-9737-c2495c84b9e3", "relationship--9e53f012-eb00-4687-8fd8-1e9769b75214", "relationship--f1e1d554-9ee1-4691-84f7-97f547cdabad", "relationship--6736cc07-3ab6-457c-b7d3-2bfc2f197e06", "relationship--32a69320-8731-4027-94d9-5edcb66c8350", "relationship--8f78b250-54ed-444a-b313-8fb4e5b22986", "relationship--797dea24-6b1b-461e-b421-27bd58a6db14", "relationship--f5b2e3fc-0521-48a0-bdf2-0c1c1b01a611", "relationship--7bc8bb8a-33a9-4642-a69c-f76058672c6f", "relationship--261a1352-3737-44ba-a9c5-e455e4da8b32", "relationship--eddecb9d-a645-4608-8abc-87b2d5f537bf", "relationship--4888227c-1046-4be2-ac23-40548dc23e6e", "relationship--aec13c14-7be7-425b-9b0b-a6de04224b64", "relationship--7a137a36-190a-40b0-bb2c-bc10767b3872", "relationship--20e072c8-d427-4b67-8edc-a45055bfe992", "relationship--e9c6d25e-6343-44e3-b1d0-5fe12c816547", "relationship--6efe71ae-928a-4d27-8a13-dd2ec07249e2", "relationship--73b91c3e-4c99-4b86-be70-3b46e2b8bdc9", "relationship--34aac2ab-ee2a-4091-b828-429708c8e09b", "relationship--e4c6e9bd-78ee-4b4b-9903-b326525431e7", "relationship--b74642ba-7371-485e-a7ff-2e47395f8720", "relationship--c569bab2-4c8c-4cb8-928e-e192a85f8345", "relationship--5b9a7060-ac06-4dc1-b2e5-10599957d53e", "relationship--16e56549-ce14-47ad-99f8-6eca92adfa97", "relationship--6e68938c-24c3-436c-bbd1-8cb72b8274b9", "relationship--742ca2b2-fcc5-434b-8f90-18c3a998ef8d", "relationship--4e09fb84-78ab-48fd-86e0-868ace4d277a", "relationship--66411370-1f92-41c8-b014-9bb7e3b64296", "relationship--80f0b85d-50e5-4322-9185-a65070b59cb4", "relationship--e04760c1-ba47-451c-b634-7360cf59bd08", "relationship--d962f432-152d-4cb5-827d-5626b22d17ad", "relationship--c96eb45a-71d3-4fe1-9406-e4cc2d1a9767", "relationship--4d9317fb-c6de-4be1-8278-548667c64a11", "relationship--313d025d-0355-4b69-bd32-16564e8a1300", "relationship--ccaa81cf-c490-4e45-b4a1-d2dfbcfc3402", "relationship--74565d0e-04f8-4f40-ae1b-7c1174cac870", "relationship--47467f69-844e-4b05-96f7-5dc1bec285d1", "relationship--a5d02338-bc3d-4dc5-a5fd-2570aa352c10", "relationship--2134f51b-2bce-4382-b9f9-2ff9386fac9e", "relationship--682c9bd1-bfda-4103-85b4-d63397b44cfe", "relationship--a257de5e-afa3-43dd-8772-420762c37d35", "relationship--ffa360fe-64ef-4948-bc51-3fe451158990", "relationship--e4cac030-f56e-477f-9f77-e6455ca9b3ff" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "type:OSINT", "osint:lifetime=\"perpetual\"", "osint:certainty=\"50\"", "misp-galaxy:malpedia=\"Dridex\"", "misp-galaxy:tool=\"Dridex\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2500-10c0-47f9-997b-42cde387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:24.000Z", "modified": "2020-06-09T05:58:24.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '191832476af317aabe90cff7b0f16241acd8df9ee44a476bd1d206a138de6777']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2500-0640-4269-aab0-422de387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:24.000Z", "modified": "2020-06-09T05:58:24.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '1b27af50c09daedcf39982a0673d8ad08261fd20c9a7d840814699a24d92a5cf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2500-b470-4116-bf71-4674e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:24.000Z", "modified": "2020-06-09T05:58:24.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '1c49a77f9b817c8b7670cb06d96c3ecee6f1c34e910533b1020bb4948bf1701d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2500-0ec0-454a-9e30-4199e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:24.000Z", "modified": "2020-06-09T05:58:24.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '1c8a36d488b50edb22ade0168e8eb4dc4615a44a08431541fd8b1a7114eb9b23']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2500-d0c0-44b9-9158-4431e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:24.000Z", "modified": "2020-06-09T05:58:24.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '20c6f5cfe318e013502aee7e52dca337264a2aab8da32b32347399b98e8922ff']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2500-8708-4b17-bd49-4d8fe387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:24.000Z", "modified": "2020-06-09T05:58:24.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '2bb379f1ee08c6c1aedf20cdb4feec2b5db08767c6d9ba6cad2d3dc13ade8609']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2500-0830-40b4-8218-414ce387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:24.000Z", "modified": "2020-06-09T05:58:24.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '328c729797fe2acbf06246dfca52c2f75c0713849fa588dd5c414e0e18244c54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2500-d64c-486c-9936-481be387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:24.000Z", "modified": "2020-06-09T05:58:24.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '3bbcf3542a72193b90de7c74203dc8b9c9c3896f4234f36ed36f6d082c13f310']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2500-9314-4028-ae88-4406e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:24.000Z", "modified": "2020-06-09T05:58:24.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '3fb1e4091ffbea04a93d5ef7ed5ef4bd8f4eaea58fb1763507df2ef8ccb73ae3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2501-f220-43f9-a903-4a11e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:25.000Z", "modified": "2020-06-09T05:58:25.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '4d55b07a3c375d8e63afbf93bce0f6a1f25327b8336659cfa0afa07be13296c1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2501-0f04-4630-97cf-41f4e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:25.000Z", "modified": "2020-06-09T05:58:25.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '4eece164c7d6273a0fd7f91df8ea2fc557da8e1225aac1890c1e490cd1fd4750']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2501-afd0-426a-bdf8-4064e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:25.000Z", "modified": "2020-06-09T05:58:25.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '505313dded044c950cf4c0e27ff188391867ec7dd20d28e1dece3732f9ee92be']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2503-6dc8-42c6-8f88-4ad4e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:27.000Z", "modified": "2020-06-09T05:58:27.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '60201e4cbce3b0a62e1a305716f17898d4ab6eb0e346adeb99aec56e632c9715']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2504-b140-4a1b-8ff1-4352e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:28.000Z", "modified": "2020-06-09T05:58:28.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '607ee35288b437cdf89cb147281ab959e4b42051a299401293b0b54baff52710']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2506-3c30-4ed2-be34-4bf8e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:30.000Z", "modified": "2020-06-09T05:58:30.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '63c396781b3e1a09f57da685dbb2fe1852e04c92b42d2dec08827861ce85f6ae']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2508-bbd4-4654-a8ea-4630e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:32.000Z", "modified": "2020-06-09T05:58:32.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '64c7eaf9ceb0d6fe5918d25953bfb86a3c7c2ba2fd4ae555495ec7cd9244d376']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf250a-f204-4c88-8ea2-4abce387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:34.000Z", "modified": "2020-06-09T05:58:34.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '69ba6673c4223bb1b6cbe342ba8988ce1b6574d21dce31a81288a8e83b9d71de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf250c-6f6c-4c1a-a98a-43cce387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:36.000Z", "modified": "2020-06-09T05:58:36.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '6a33c85cfc4d63e0f2ab9c7e9b11ef901fd9214ceed47a26b054d7ac668e5927']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf250e-b454-4402-8603-44e2e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:37.000Z", "modified": "2020-06-09T05:58:37.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '6c0ee9ad6608774ccc6f2d1b4fc10d25db600a1ab147c38b862f985325d00d69']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2510-7718-4871-b9eb-4048e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:40.000Z", "modified": "2020-06-09T05:58:40.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '6dd413cda5f640218e53068fcdeaa8095d43cfa08d7ae31bc1294b578eda3650']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2511-6840-4bb6-b457-4674e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:41.000Z", "modified": "2020-06-09T05:58:41.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '7294b0fcd60f333401410205724a6a7d4b1a1c166624a3a897eb74dd9e878f3d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2513-fa7c-4469-89d3-45d3e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:43.000Z", "modified": "2020-06-09T05:58:43.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '74af1f6462c201ea1dcc02c8be66fdadb6c6f7c739c1a9788fa721bd37dc9d44']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2515-0d10-4f7a-8ea6-49dfe387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:45.000Z", "modified": "2020-06-09T05:58:45.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '764e871c333d53cdf00e42bb5e415e09fa268566f405e1e3b95c70293faeae4f']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2517-8d58-4199-93ee-4fd3e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:47.000Z", "modified": "2020-06-09T05:58:47.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '7ae4e7e1241276b32acae1609fe081e95ee5104424502ff17619f36a2e489639']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf251a-9d40-4746-8ef4-40ace387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:50.000Z", "modified": "2020-06-09T05:58:50.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '7c77d76d04818ed18f27abfe40845e6d47d7cd2b5a6ca7405fa75d0bd4a84e6a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf251b-50c4-43b1-a9bd-4d7fe387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:51.000Z", "modified": "2020-06-09T05:58:51.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '7e7ba697ecdd7cb1d19c70b30c96575d256032854bd6bb8e4f5fb4d18f5a0152']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf251d-36e4-4966-91ce-4a6ce387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:53.000Z", "modified": "2020-06-09T05:58:53.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '7fba5767a9bc61981cf53383b2518a9c528ade03085865212d868da802e2ec41']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf251f-21c8-479f-a382-49f4e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:55.000Z", "modified": "2020-06-09T05:58:55.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '8624ed0e25319e3e6092df564b61fdd20620980b2eb424e7b77dd41fc3422f78']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf251f-4f94-4e9b-a567-447ce387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:55.000Z", "modified": "2020-06-09T05:58:55.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '8b98d4c61184c2f90585f84db9b94fa372e850c604dd51fd7d307b1a735c185d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf251f-e698-4972-8261-43c3e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:55.000Z", "modified": "2020-06-09T05:58:55.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '8bf46bbd626c107433372b39aba3719f1744244eb37b1aa7c72956bf9346ac15']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf251f-1bb0-494d-8309-44c9e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:55.000Z", "modified": "2020-06-09T05:58:55.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '921026611780fe1d168a559852a3b17b408c65d9dc7ffb4650537577d71fa67b']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf251f-5980-4eb6-a63b-421be387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:55.000Z", "modified": "2020-06-09T05:58:55.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = '9bd112a6b7bc00b0e83b81965e1a71f60f977d337aa37811d023d4adad541f81']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf251f-adb8-42b9-b836-4149e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:55.000Z", "modified": "2020-06-09T05:58:55.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'b5de9e7c9eac0d1253ee4a0e38081a22f6d0070025507378affea6f571cc1b15']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2520-543c-48da-bff4-4928e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:56.000Z", "modified": "2020-06-09T05:58:56.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'b8f4ab06d86cecdf78bde1ff0c415825ce2008b80f511bc715c96799e27ede54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2520-3df0-4a61-8147-4ac6e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:56.000Z", "modified": "2020-06-09T05:58:56.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'bbe972bd9a361d24d30b123b1fda8ece3fb4bc1cbc4a872c560c6a76c7fb6b33']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2520-13f8-458a-864e-4305e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:56.000Z", "modified": "2020-06-09T05:58:56.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'bdd2bce8bf6d86503a022ca77d7d10051e7d7e67fcfd39bdf7c64cd3e4b96f01']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2520-3504-4caa-a806-4d02e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:56.000Z", "modified": "2020-06-09T05:58:56.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'c18ed4f3ebbe80de53d9742ef9bca94c5cccb384db1e022d39d627da12501e81']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2520-f210-42cd-ad56-4a1ee387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:56.000Z", "modified": "2020-06-09T05:58:56.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'c3c5b54d4393654bbc34a98babd549ddc1a2fa7509217f53d84f2f81e8a85dea']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2522-976c-4c9a-91ff-42b8e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:58:58.000Z", "modified": "2020-06-09T05:58:58.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'c69e1a03f2d71653e33408cfbd16fbb2f7eec647b89e4dcfad6a52f647aa7ac2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:58:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2524-7be0-4c91-87c9-4b4ee387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:00.000Z", "modified": "2020-06-09T05:59:00.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'c70f06458faf1796a28c42f62647cac5948af982178cf1d5e61b70f3506a71c1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2524-10f4-4d90-8ab0-4b24e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:00.000Z", "modified": "2020-06-09T05:59:00.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'c735d45bbe1fa079409ae26d005a346f4698efb7e9f4db7bc2d0b247b57546f6']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2524-0620-4507-a5fd-4211e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:00.000Z", "modified": "2020-06-09T05:59:00.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'c896c5e5a5d0abd059e43dbc305f50be63ff74b88547d8f7ce75608d4c8dc2d4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2524-17d0-4308-88a5-4e5ee387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:00.000Z", "modified": "2020-06-09T05:59:00.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'c957de05aec8c4f295bec80711f2e934b837117094abcdd46098486c6f2934a9']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2524-837c-460b-9f45-452ae387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:00.000Z", "modified": "2020-06-09T05:59:00.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'cdc0ab79215e6c36de186ddfbed8e9b35c4c63161349c0935a90c69f553b318f']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2524-6cf0-44dd-b59b-401ee387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:00.000Z", "modified": "2020-06-09T05:59:00.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'd6e74f61b642eb614bcb745454fa23294f747603d64ec78d785acff8f8d16c28']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2524-1c30-4df2-88ba-49a4e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:00.000Z", "modified": "2020-06-09T05:59:00.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'd997c1521407c74bcd9a33960d3fcb75470b11261ca8fe809ab28e60a2f9fa55']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2524-b590-472c-9058-4047e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:00.000Z", "modified": "2020-06-09T05:59:00.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'defb31a9d386b63779fe2006c261fc7913d2229f953fdf6caecaab9d53dd8fa4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2524-9798-459e-a66e-43b6e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:00.000Z", "modified": "2020-06-09T05:59:00.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'e0c1189c63833e6dde70198558dc92b95ca0c8050e117dce432d2e9a838b7513']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2524-4c50-442c-8225-4575e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:00.000Z", "modified": "2020-06-09T05:59:00.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'e1613169e4cca79ce0b36dec67f986e346ff4f40728f8f1750656871131785eb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2525-1acc-4b2d-aab4-41ace387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:01.000Z", "modified": "2020-06-09T05:59:01.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'e38a95d1eb1b6f4c339954e2585549d336ea27b9fe76115abba8a1bfcfde8d79']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2525-cc20-4e5a-9ceb-4afae387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:01.000Z", "modified": "2020-06-09T05:59:01.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'e3a208481ae96872fcf001068171340b53536b9dd00c42e160a3b10ea499ff73']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2525-7a10-45ca-8610-4ddae387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:01.000Z", "modified": "2020-06-09T05:59:01.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'e4474de8aba502effb317894bdb9fa3337ab337584884ca67689718d74428049']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2525-7f00-41c2-bac3-41a9e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:01.000Z", "modified": "2020-06-09T05:59:01.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'eb34a5211e692ba3b703f23d943f1f4a71f82faa886fb44409b1d93340d68b3b']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2525-7170-4185-b0bd-47eae387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:01.000Z", "modified": "2020-06-09T05:59:01.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'eb999aa4f1e79ed883460285525c7116bb1d771462da92af870b61b9f5afc2d5']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2527-ce78-4f96-b49a-4be7e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:03.000Z", "modified": "2020-06-09T05:59:03.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'eca656418b0b1319fcd56156abf8970e903e042fb5ef56586c38394435989191']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2527-9374-402e-a14f-43fae387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:03.000Z", "modified": "2020-06-09T05:59:03.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'eccadcce17e5b016fbafa5858cb182e4b861d783590c5215ce0f0c8e9bfb4c4e']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2529-0bcc-4be8-9d7f-4b3ce387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:05.000Z", "modified": "2020-06-09T05:59:05.000Z", "description": "C2 and download URL", "pattern": "[domain-name:value = 'adrelatemedia.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2529-a678-4f43-b64e-44bde387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:05.000Z", "modified": "2020-06-09T05:59:05.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'ef9af8969dccabad32eea973e55ff9d7c8b55e68bc492f38b7289417dd04d991']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252a-f968-4efe-8840-4e89e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:06.000Z", "modified": "2020-06-09T05:59:06.000Z", "description": "C2 and download URL", "pattern": "[url:value = 'https://www.adrelatemedia.com/haidress/gmail.php']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252a-d8ac-4aa1-8610-41aee387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:06.000Z", "modified": "2020-06-09T05:59:06.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'f1669e315fa97d94329f6ff142dc844db1cd5cf98f0c3c908f11a28127a1e3a2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252a-cabc-4859-9266-47dfe387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:06.000Z", "modified": "2020-06-09T05:59:06.000Z", "description": "C2 and download URL", "pattern": "[url:value = 'http://adrelatemedia.com/haidress/835w55a4r.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252a-e820-4567-b27c-4c08e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:06.000Z", "modified": "2020-06-09T05:59:06.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'f3b298b3272983fd118f42817ead6259fb46a31b22ac8f68eed54c2f28288fbb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252a-0c70-4821-8224-4dc0e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:06.000Z", "modified": "2020-06-09T05:59:06.000Z", "description": "C2 and download URL", "pattern": "[url:value = 'http://adrelatemedia.com/haidress/925w55a4r.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252a-c86c-4d90-b7f3-4651e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:06.000Z", "modified": "2020-06-09T05:59:06.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'f50c3e60db8adf31187448082ff4a783feb495b9545280ed23a65f89184f9236']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252a-a2e8-46c7-a0d8-4e43e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:06.000Z", "modified": "2020-06-09T05:59:06.000Z", "description": "C2 and download URL", "pattern": "[url:value = 'http://adrelatemedia.com/haidress/61w55a4r.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252a-4b5c-438f-9eb1-4563e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:06.000Z", "modified": "2020-06-09T05:59:06.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'f67352ac345d03d511cb634d72798d06df3b74e4a8d34aa2c91692ad27adcfbf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252c-e1a4-4094-86bd-4fcde387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:08.000Z", "modified": "2020-06-09T05:59:08.000Z", "description": "C2 and download URL", "pattern": "[url:value = 'http://adrelatemedia.com/haidress/669w55a4r.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252c-a44c-4e8e-9baf-4c86e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:08.000Z", "modified": "2020-06-09T05:59:08.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'f92c361f4849bdb8296fe20c394b3875e648f7c3d18e581bb5907c70451913c8']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252c-1dc0-4276-9f1f-4695e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:08.000Z", "modified": "2020-06-09T05:59:08.000Z", "description": "C2 and download URL", "pattern": "[url:value = 'http://adrelatemedia.com/haidress/919w55a4r.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252c-4ce0-41a8-b6e5-4bdde387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:08.000Z", "modified": "2020-06-09T05:59:08.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'fa37860944ee07b416cf634c758d32660af30baca16148cb0c66ccbf8bcf6465']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252c-7acc-4203-a250-49d6e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:08.000Z", "modified": "2020-06-09T05:59:08.000Z", "description": "C2 and download URL", "pattern": "[url:value = 'http://adrelatemedia.com/haidress/938w55a4r.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252c-bb80-4bf2-a156-4247e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:08.000Z", "modified": "2020-06-09T05:59:08.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'ff03f367647fdc3e93f2f7e73c70ed381b71605443f2b051b901d1eb80493854']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252c-c5c4-4dfb-b485-40bee387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:08.000Z", "modified": "2020-06-09T05:59:08.000Z", "description": "C2 and download URL", "pattern": "[url:value = 'http://adrelatemedia.com/haidress/264w55a4r.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252f-b438-4e18-af8d-4d1ee387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:11.000Z", "modified": "2020-06-09T05:59:11.000Z", "description": "Associated Maldocs", "pattern": "[file:hashes.SHA256 = 'ff5516ee7e4f734c4ae70e8f6fbf3fad09bb0ba99e67916972fe308ba5c4acad']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252f-6f10-4099-8b31-4104e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:11.000Z", "modified": "2020-06-09T05:59:11.000Z", "description": "C2 and download URL", "pattern": "[url:value = 'http://adrelatemedia.com/haidress/899w55a4r.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252f-9a60-4361-aa2a-4405e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:11.000Z", "modified": "2020-06-09T05:59:11.000Z", "description": "C2 and download URL", "pattern": "[url:value = 'http://adrelatemedia.com/haidress/846w55a4r.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252f-02e4-4371-872b-49e2e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:11.000Z", "modified": "2020-06-09T05:59:11.000Z", "description": "C2 and download URL", "pattern": "[url:value = 'http://adrelatemedia.com/haidress/845w55a4r.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252f-7104-4bc4-9340-4db2e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:11.000Z", "modified": "2020-06-09T05:59:11.000Z", "description": "C2 and download URL", "pattern": "[url:value = 'http://adrelatemedia.com/haidress/69w55a4r.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf252f-dc28-4ccf-993d-46d8e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:11.000Z", "modified": "2020-06-09T05:59:11.000Z", "description": "C2 and download URL", "pattern": "[url:value = 'http://adrelatemedia.com/haidress/408w55a4r.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2531-61e0-43a5-a347-416be387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:13.000Z", "modified": "2020-06-09T05:59:13.000Z", "description": "C2 and download URL", "pattern": "[url:value = 'http://adrelatemedia.com/haidress/403w55a4r.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2531-5170-4cbb-81b5-4f6fe387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:13.000Z", "modified": "2020-06-09T05:59:13.000Z", "description": "C2 and download URL", "pattern": "[url:value = 'http://adrelatemedia.com/haidress/31dsdfsdfsdf.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5edf2531-422c-4791-8e2a-4548e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:13.000Z", "modified": "2020-06-09T05:59:13.000Z", "description": "C2 and download URL", "pattern": "[url:value = 'http://adrelatemedia.com/haidress/393w55a4r.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--d89b10ca-d90c-47f7-ac81-b2829974d657", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:50.000Z", "modified": "2020-06-09T05:59:50.000Z", "pattern": "[file:hashes.MD5 = '955fe08ef530ebae8f24b295e3bbdbd7' AND file:hashes.SHA1 = '64f5259582942cfccf0e68b5a0ca423d6ddcbf14' AND file:hashes.SHA256 = '7c77d76d04818ed18f27abfe40845e6d47d7cd2b5a6ca7405fa75d0bd4a84e6a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--900ce041-dfaa-4cef-8cb6-4dc15ba9e7e3", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:50.000Z", "modified": "2020-06-09T05:59:50.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T15:56:10+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "71347c13-2981-41a1-bdce-ec5448dc5676" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/7c77d76d04818ed18f27abfe40845e6d47d7cd2b5a6ca7405fa75d0bd4a84e6a/detection/f-7c77d76d04818ed18f27abfe40845e6d47d7cd2b5a6ca7405fa75d0bd4a84e6a-1591372570", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "e0b001f8-4242-4ff0-8dcd-4216c1edaf72" }, { "type": "text", "object_relation": "detection-ratio", "value": "6/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "15f781e2-0a0f-44dd-8951-e133f2bebd1e" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--30e8dc43-5696-472a-ae62-7ff9009a4530", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:50.000Z", "modified": "2020-06-09T05:59:50.000Z", "pattern": "[file:hashes.MD5 = 'a28bafa03fc00dd18dcb65751a4d1c98' AND file:hashes.SHA1 = 'f6884d65af38f8588f40935305aebb1b2fe24b72' AND file:hashes.SHA256 = 'e1613169e4cca79ce0b36dec67f986e346ff4f40728f8f1750656871131785eb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--f78805f3-454e-4c28-8e9d-da08497493b0", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:50.000Z", "modified": "2020-06-09T05:59:50.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T00:14:44+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "b8613bd6-bd0e-4828-b192-50d0c06d0293" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/e1613169e4cca79ce0b36dec67f986e346ff4f40728f8f1750656871131785eb/detection/f-e1613169e4cca79ce0b36dec67f986e346ff4f40728f8f1750656871131785eb-1591316084", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "87e4d9f7-b36b-4ca1-8adc-d093dcb04f44" }, { "type": "text", "object_relation": "detection-ratio", "value": "4/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "c91dcf71-0f1e-4d1c-aa09-317e0bb09627" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--9b4eda44-e5cd-4d9a-9d51-b106876bcd8c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:54.000Z", "modified": "2020-06-09T05:59:54.000Z", "pattern": "[file:hashes.MD5 = 'c97476157564f4c1436434ece7288dfa' AND file:hashes.SHA1 = '0e0f46956f0954870d233d9bd1483404548eafb9' AND file:hashes.SHA256 = 'c18ed4f3ebbe80de53d9742ef9bca94c5cccb384db1e022d39d627da12501e81']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--ab715d98-7e1c-46fa-a7e2-1b703574523c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:55.000Z", "modified": "2020-06-09T05:59:55.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-08T01:38:32+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "d0cffab5-68d2-4ef1-9628-a2a70d8d76d6" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/c18ed4f3ebbe80de53d9742ef9bca94c5cccb384db1e022d39d627da12501e81/detection/f-c18ed4f3ebbe80de53d9742ef9bca94c5cccb384db1e022d39d627da12501e81-1591580312", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "c386be42-ce65-45ea-a9ab-c5fe0d2b1b5a" }, { "type": "text", "object_relation": "detection-ratio", "value": "3/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "91c949ca-9dba-4656-8188-e487ef1ddb44" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--075611f6-615d-4e32-9a17-50f01363a0af", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:55.000Z", "modified": "2020-06-09T05:59:55.000Z", "pattern": "[file:hashes.MD5 = '4cab2361328eeb0736d4ebeb9b04f06b' AND file:hashes.SHA1 = '172c42f1192c5b7dff41b71f88115ef815c954c3' AND file:hashes.SHA256 = '764e871c333d53cdf00e42bb5e415e09fa268566f405e1e3b95c70293faeae4f']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--dec9f73c-7bb0-4e21-99d4-8f34b60dff09", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:55.000Z", "modified": "2020-06-09T05:59:55.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T04:39:54+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "c7e5888a-1e02-4765-ae7b-fe98a5f7d1de" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/764e871c333d53cdf00e42bb5e415e09fa268566f405e1e3b95c70293faeae4f/detection/f-764e871c333d53cdf00e42bb5e415e09fa268566f405e1e3b95c70293faeae4f-1591245594", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "07e2cc4f-4c93-4082-b26c-8df37d6c58a2" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "5c92a9a4-0472-4759-b092-1ab79543a17e" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--3be4313f-e1f6-48af-ace1-97ee4f1e9050", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:55.000Z", "modified": "2020-06-09T05:59:55.000Z", "pattern": "[file:hashes.MD5 = '6f50364718da775b241f703632aaa90d' AND file:hashes.SHA1 = 'acd58257053b73831d73c12dabf33ef4969e7c8f' AND file:hashes.SHA256 = 'eb34a5211e692ba3b703f23d943f1f4a71f82faa886fb44409b1d93340d68b3b']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T05:59:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--23e65c58-88c8-462d-b3c8-d73c950c5a14", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T05:59:55.000Z", "modified": "2020-06-09T05:59:55.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-03T00:45:08+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "6f50c741-8bcf-4610-9442-aa4e18bba3bf" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/eb34a5211e692ba3b703f23d943f1f4a71f82faa886fb44409b1d93340d68b3b/detection/f-eb34a5211e692ba3b703f23d943f1f4a71f82faa886fb44409b1d93340d68b3b-1591145108", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "1dcec2d1-3367-4833-ab43-f7176a64c1d0" }, { "type": "text", "object_relation": "detection-ratio", "value": "2/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "a84c7ea9-1ac0-4ec4-bbd3-ec60bc806f44" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--8034d958-60fa-41ba-acbf-5c360cdb4bf3", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:00.000Z", "modified": "2020-06-09T06:00:00.000Z", "pattern": "[file:hashes.MD5 = 'e691d34c2e55e0762cfb2fc4f140aa6c' AND file:hashes.SHA1 = 'd7daffc585151f8304c2f69924ae36800ae0dc04' AND file:hashes.SHA256 = 'd6e74f61b642eb614bcb745454fa23294f747603d64ec78d785acff8f8d16c28']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--f95cfe04-18ba-4750-83f4-8f02a27ea64c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:00.000Z", "modified": "2020-06-09T06:00:00.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-08T07:07:46+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "b9ad04ac-2511-4ce2-8999-76b659259813" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/d6e74f61b642eb614bcb745454fa23294f747603d64ec78d785acff8f8d16c28/detection/f-d6e74f61b642eb614bcb745454fa23294f747603d64ec78d785acff8f8d16c28-1591600066", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "2c5bd767-a340-43a5-b7f1-e6d0ab011451" }, { "type": "text", "object_relation": "detection-ratio", "value": "12/58", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "1d4af9d6-305e-4885-8a6e-fd3f42355ca7" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--0df9ef00-7657-4a0a-b741-7038330aad91", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:00.000Z", "modified": "2020-06-09T06:00:00.000Z", "pattern": "[file:hashes.MD5 = 'c1cf39026702e60374f33519b8bde06b' AND file:hashes.SHA1 = '53db20be969e690c156d18a401bfff10bda14e5c' AND file:hashes.SHA256 = '1b27af50c09daedcf39982a0673d8ad08261fd20c9a7d840814699a24d92a5cf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--6ee5680e-3f35-4d36-aaa8-ffba22e4eef6", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:00.000Z", "modified": "2020-06-09T06:00:00.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-06T13:43:20+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "d3b1cc7c-91b4-44c4-bd15-7b6d822215a5" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/1b27af50c09daedcf39982a0673d8ad08261fd20c9a7d840814699a24d92a5cf/detection/f-1b27af50c09daedcf39982a0673d8ad08261fd20c9a7d840814699a24d92a5cf-1591451000", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "cb66a717-15e2-4fbe-83c4-e5fb6ce5bb92" }, { "type": "text", "object_relation": "detection-ratio", "value": "12/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "3e91f92d-0549-4ec9-839f-468f5297a6b4" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--46144bb3-b1b4-43ce-9214-bc02d9e6b532", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:03.000Z", "modified": "2020-06-09T06:00:03.000Z", "pattern": "[file:hashes.MD5 = '89242b8bd403fa0a4d59ae73ec7ea74c' AND file:hashes.SHA1 = 'ef4ea4336f3d5495877c776ed3e05cfdd8a20963' AND file:hashes.SHA256 = '64c7eaf9ceb0d6fe5918d25953bfb86a3c7c2ba2fd4ae555495ec7cd9244d376']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--c33a9c32-1993-482c-917d-f8c8b8dfce94", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:03.000Z", "modified": "2020-06-09T06:00:03.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T01:04:51+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "a65e9076-9320-432a-957d-38f483dde25b" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/64c7eaf9ceb0d6fe5918d25953bfb86a3c7c2ba2fd4ae555495ec7cd9244d376/detection/f-64c7eaf9ceb0d6fe5918d25953bfb86a3c7c2ba2fd4ae555495ec7cd9244d376-1591319091", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "d288170a-0347-4310-80a8-b414fc9a65e1" }, { "type": "text", "object_relation": "detection-ratio", "value": "4/59", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "d2cbf4a6-c551-40a6-8380-4fc7cd2c13ee" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--72221436-c0a8-465e-b386-02ca0145c8a5", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:03.000Z", "modified": "2020-06-09T06:00:03.000Z", "pattern": "[file:hashes.MD5 = '58134e8628e61da721d09756435241b7' AND file:hashes.SHA1 = 'c040ad667bfac59b90c012087845176cab9e9b56' AND file:hashes.SHA256 = '1c49a77f9b817c8b7670cb06d96c3ecee6f1c34e910533b1020bb4948bf1701d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--df0b6060-9424-44df-b24d-50010c1ddf9e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:03.000Z", "modified": "2020-06-09T06:00:03.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T02:49:51+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "eeecc53c-5b49-49fa-9515-fb39cb2b8a39" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/1c49a77f9b817c8b7670cb06d96c3ecee6f1c34e910533b1020bb4948bf1701d/detection/f-1c49a77f9b817c8b7670cb06d96c3ecee6f1c34e910533b1020bb4948bf1701d-1591325391", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "5d23bec0-9123-4541-84aa-649dc647ed0d" }, { "type": "text", "object_relation": "detection-ratio", "value": "2/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "62eaf609-1e5a-449d-9678-21d9af50eb3d" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--44a0a2d0-b960-45e1-a717-f0c41f1a9c0b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:05.000Z", "modified": "2020-06-09T06:00:05.000Z", "pattern": "[file:hashes.MD5 = 'f1e29aa7707932397d39ebe8d0eeb00c' AND file:hashes.SHA1 = '72d33982226925a638248b29ffa1d9ae7a95e5e6' AND file:hashes.SHA256 = '60201e4cbce3b0a62e1a305716f17898d4ab6eb0e346adeb99aec56e632c9715']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--836e0af6-4dbb-44a9-98df-8bc54dbde31e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:07.000Z", "modified": "2020-06-09T06:00:07.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T23:09:58+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "4fb6b00e-3fed-4937-9440-a85c8c2e5a36" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/60201e4cbce3b0a62e1a305716f17898d4ab6eb0e346adeb99aec56e632c9715/detection/f-60201e4cbce3b0a62e1a305716f17898d4ab6eb0e346adeb99aec56e632c9715-1591312198", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "a9b6f761-dd52-4cd2-b590-e60649d1dd6a" }, { "type": "text", "object_relation": "detection-ratio", "value": "2/59", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "a6aa5838-e297-4b02-b1d7-6ca23b22d387" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--07cf1eb8-076e-442b-a9c4-3e0d311531b5", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:09.000Z", "modified": "2020-06-09T06:00:09.000Z", "pattern": "[file:hashes.MD5 = '8f109218fd54029d01e6e5ecf8f8715c' AND file:hashes.SHA1 = '6482a782bb307540e1187681d6cbe268d618e6d2' AND file:hashes.SHA256 = 'd997c1521407c74bcd9a33960d3fcb75470b11261ca8fe809ab28e60a2f9fa55']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--f5df88c1-fcfb-4b95-afe6-0f4c99138cfe", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:10.000Z", "modified": "2020-06-09T06:00:10.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-08T07:09:25+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "bebcf8de-4b66-4bb5-90ea-cb71701e8333" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/d997c1521407c74bcd9a33960d3fcb75470b11261ca8fe809ab28e60a2f9fa55/detection/f-d997c1521407c74bcd9a33960d3fcb75470b11261ca8fe809ab28e60a2f9fa55-1591600165", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "71dbb39b-103e-428f-8b00-e8c5e65d9ada" }, { "type": "text", "object_relation": "detection-ratio", "value": "14/59", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "82d6e6f5-2ab3-441b-b1e6-d649f34e25b3" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--4679265b-1231-4b99-bd2f-d20d0960d347", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:12.000Z", "modified": "2020-06-09T06:00:12.000Z", "pattern": "[file:hashes.MD5 = 'ddf4db06af9a7a574cf80518972b5f8d' AND file:hashes.SHA1 = '0777951a56eec8a738b6c55bb8c96db0db1c3ac8' AND file:hashes.SHA256 = '1c8a36d488b50edb22ade0168e8eb4dc4615a44a08431541fd8b1a7114eb9b23']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--b0da3f28-76fe-400c-b083-82454e177213", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:15.000Z", "modified": "2020-06-09T06:00:15.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T18:49:12+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "52eff36d-ed8c-49d6-8d3c-796363005bc3" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/1c8a36d488b50edb22ade0168e8eb4dc4615a44a08431541fd8b1a7114eb9b23/detection/f-1c8a36d488b50edb22ade0168e8eb4dc4615a44a08431541fd8b1a7114eb9b23-1591296552", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "ac1716d8-4f17-4b56-865d-89971f20a4a4" }, { "type": "text", "object_relation": "detection-ratio", "value": "6/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "c9b6eac5-fec6-4f9f-9128-2f1fc0e1ca9f" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--c6ec90b6-1e3a-4821-9adc-77b2e9eaacd3", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:15.000Z", "modified": "2020-06-09T06:00:15.000Z", "pattern": "[file:hashes.MD5 = 'b305fd4e9bc5e56fe4c6085b977a208b' AND file:hashes.SHA1 = '1d687c7452e2d1a477e3c17492807793748ebd24' AND file:hashes.SHA256 = '505313dded044c950cf4c0e27ff188391867ec7dd20d28e1dece3732f9ee92be']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--d49fc5d1-2074-4238-a4b4-7372e389593d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:18.000Z", "modified": "2020-06-09T06:00:18.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T02:36:24+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "ab211881-104a-4e02-89f4-d7f0f31e2ed3" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/505313dded044c950cf4c0e27ff188391867ec7dd20d28e1dece3732f9ee92be/detection/f-505313dded044c950cf4c0e27ff188391867ec7dd20d28e1dece3732f9ee92be-1591238184", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "c816c86e-c199-487d-92a1-8a20f8a7ceb8" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "67550d30-380a-4d73-8a5b-ad4428eb8700" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6093b577-0406-4b50-aeed-67f869b5102c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:18.000Z", "modified": "2020-06-09T06:00:18.000Z", "pattern": "[file:hashes.MD5 = 'b900bb4774fc4240d89c80ccb2eb8293' AND file:hashes.SHA1 = 'cb7e3147c2dda9d72a669fe4e3e0a7f04b210707' AND file:hashes.SHA256 = '8b98d4c61184c2f90585f84db9b94fa372e850c604dd51fd7d307b1a735c185d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--9ad70519-e27b-40ae-9ca7-5ea5a63fe322", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:18.000Z", "modified": "2020-06-09T06:00:18.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T07:42:58+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "3dcf2008-ad1c-4522-b87e-e8ebd4c90398" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/8b98d4c61184c2f90585f84db9b94fa372e850c604dd51fd7d307b1a735c185d/detection/f-8b98d4c61184c2f90585f84db9b94fa372e850c604dd51fd7d307b1a735c185d-1591256578", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "fcec2967-56fb-480b-b633-7aec1f3c9af0" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "9bf7bbd5-3b10-42ee-b1e4-8ad460e9be55" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--27fcfb5c-8569-4e24-b931-e8441ea89687", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:18.000Z", "modified": "2020-06-09T06:00:18.000Z", "pattern": "[file:hashes.MD5 = '8dc2b5da765c4af6f33aae9d83f16a8c' AND file:hashes.SHA1 = '8d7f766a0a398b4b650e8713806126d158bca92d' AND file:hashes.SHA256 = '69ba6673c4223bb1b6cbe342ba8988ce1b6574d21dce31a81288a8e83b9d71de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--a28538ac-63fa-4abe-8bf8-8c623a5ecddd", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:18.000Z", "modified": "2020-06-09T06:00:18.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T08:55:24+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "e8013cb7-4fdd-499b-a7a4-a21f1c83e5bd" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/69ba6673c4223bb1b6cbe342ba8988ce1b6574d21dce31a81288a8e83b9d71de/detection/f-69ba6673c4223bb1b6cbe342ba8988ce1b6574d21dce31a81288a8e83b9d71de-1591347324", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "72a1cbc0-e893-4a9d-91e9-7bd56519a667" }, { "type": "text", "object_relation": "detection-ratio", "value": "6/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "7f80b18b-cc8d-4e31-b193-0c2774a211c4" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--4a3ef6aa-b702-4321-9afa-6db30fb41ea4", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:23.000Z", "modified": "2020-06-09T06:00:23.000Z", "pattern": "[file:hashes.MD5 = '7b5f29334c2b3f2ee7e6105d40fa6373' AND file:hashes.SHA1 = '582daf0f5db81617e043962b4cac9b0011f2e91c' AND file:hashes.SHA256 = 'eca656418b0b1319fcd56156abf8970e903e042fb5ef56586c38394435989191']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--de5fda18-6b74-4d3d-9271-8f706d6fa41a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:23.000Z", "modified": "2020-06-09T06:00:23.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-08T05:59:50+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "8b893b00-8157-4ecf-ac2b-4daa655cf6da" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/eca656418b0b1319fcd56156abf8970e903e042fb5ef56586c38394435989191/detection/f-eca656418b0b1319fcd56156abf8970e903e042fb5ef56586c38394435989191-1591595990", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "616fad15-7974-4213-bca1-ad921c4e585d" }, { "type": "text", "object_relation": "detection-ratio", "value": "3/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "4218fd36-e580-4f9e-ab96-ab655553a66f" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--0dc86ee5-1e8b-4955-b6d4-cf2faf678ccc", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:23.000Z", "modified": "2020-06-09T06:00:23.000Z", "pattern": "[file:hashes.MD5 = '4a37085f174319f919003818243e39f2' AND file:hashes.SHA1 = '908d67e3a71eb59e83fb03258f15f4ae99fb9b1f' AND file:hashes.SHA256 = '328c729797fe2acbf06246dfca52c2f75c0713849fa588dd5c414e0e18244c54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--23d55af4-2648-4249-b84c-f6fab5dfe5b9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:28.000Z", "modified": "2020-06-09T06:00:28.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-08T05:21:03+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "b4f4df53-e18c-4a58-97e5-4182ecbfa459" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/328c729797fe2acbf06246dfca52c2f75c0713849fa588dd5c414e0e18244c54/detection/f-328c729797fe2acbf06246dfca52c2f75c0713849fa588dd5c414e0e18244c54-1591593663", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "00a7f4e7-7056-44e5-8bc9-823694407a3d" }, { "type": "text", "object_relation": "detection-ratio", "value": "6/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "1bf62fd9-fa50-4826-be84-6a683be022f1" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--f09cdda4-d278-44db-acad-b2857a94251f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:28.000Z", "modified": "2020-06-09T06:00:28.000Z", "pattern": "[file:hashes.MD5 = 'fdeec23ae4d451ab38794387924d8b6c' AND file:hashes.SHA1 = '0ba2beb425b1460969474dfab6604890122ca0db' AND file:hashes.SHA256 = '20c6f5cfe318e013502aee7e52dca337264a2aab8da32b32347399b98e8922ff']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--3ec4966c-7b38-4222-a56d-898f7ebfb9dc", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:28.000Z", "modified": "2020-06-09T06:00:28.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T01:22:03+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "22ddbe9c-b073-43db-811a-2508c79e77b5" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/20c6f5cfe318e013502aee7e52dca337264a2aab8da32b32347399b98e8922ff/detection/f-20c6f5cfe318e013502aee7e52dca337264a2aab8da32b32347399b98e8922ff-1591233723", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "46f5d77f-c7a9-4040-8172-aaaf3ef6897e" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "acb2e5e4-6622-4cb4-acae-a4fa9b3976b2" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--83d32ab3-447e-41ab-ba41-ee7f2b80606c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:28.000Z", "modified": "2020-06-09T06:00:28.000Z", "pattern": "[file:hashes.MD5 = '6aae8e87c115d559bf1bd5dd5d29244b' AND file:hashes.SHA1 = '63133a03747721ca00af575d74d4b343c8f40973' AND file:hashes.SHA256 = '6a33c85cfc4d63e0f2ab9c7e9b11ef901fd9214ceed47a26b054d7ac668e5927']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--21417981-9841-4bea-b6cd-93199fca2d5e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:29.000Z", "modified": "2020-06-09T06:00:29.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T01:34:46+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "b57e7e9c-68b6-40aa-bb29-80ad0da84fb0" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/6a33c85cfc4d63e0f2ab9c7e9b11ef901fd9214ceed47a26b054d7ac668e5927/detection/f-6a33c85cfc4d63e0f2ab9c7e9b11ef901fd9214ceed47a26b054d7ac668e5927-1591320886", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "47a418dd-12e5-4142-9370-ff795b450005" }, { "type": "text", "object_relation": "detection-ratio", "value": "4/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "69d1dfe0-59f3-4612-befa-ba6bafd9b3fc" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--2e1ac848-36eb-4f1c-93ae-24e585b54433", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:31.000Z", "modified": "2020-06-09T06:00:31.000Z", "pattern": "[file:hashes.MD5 = 'e4eb46539623c5be3ea481e27cb0f063' AND file:hashes.SHA1 = '596d01d7636891672dfea73975bc800be1d147c3' AND file:hashes.SHA256 = '74af1f6462c201ea1dcc02c8be66fdadb6c6f7c739c1a9788fa721bd37dc9d44']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--16420e7f-7d0d-4ae9-a5bf-b801d1912119", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:33.000Z", "modified": "2020-06-09T06:00:33.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T01:22:42+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "e9dd2ffc-3022-4f21-b8f4-e1454467cd27" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/74af1f6462c201ea1dcc02c8be66fdadb6c6f7c739c1a9788fa721bd37dc9d44/detection/f-74af1f6462c201ea1dcc02c8be66fdadb6c6f7c739c1a9788fa721bd37dc9d44-1591233762", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "38a9ff20-73ad-47da-bd67-26c6ef71c3bb" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/50", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "3f465259-c608-4199-b294-07d92b5e47ea" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--886acb36-b778-4ff4-9c0d-c4eaf7f6bfeb", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:33.000Z", "modified": "2020-06-09T06:00:33.000Z", "pattern": "[file:hashes.MD5 = '107e68a6cbeb39f7ff49654e358f1558' AND file:hashes.SHA1 = '0e28a7a17bc7ea30c9e68e81b4331edc7fa400b5' AND file:hashes.SHA256 = '4d55b07a3c375d8e63afbf93bce0f6a1f25327b8336659cfa0afa07be13296c1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--77d3db3a-79f6-4a98-8548-2ec6ab80da2f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:36.000Z", "modified": "2020-06-09T06:00:36.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T01:27:24+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "1f1812ad-9a64-4405-aab6-0cac3016a283" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/4d55b07a3c375d8e63afbf93bce0f6a1f25327b8336659cfa0afa07be13296c1/detection/f-4d55b07a3c375d8e63afbf93bce0f6a1f25327b8336659cfa0afa07be13296c1-1591234044", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "a4e86e98-c6bf-4b1b-ad08-b912985278f4" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "2f5fc4ae-45c7-4777-9dbe-6457edc53d84" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--cb0a9fc7-efe3-4f55-b5af-18b67b78ee6e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:38.000Z", "modified": "2020-06-09T06:00:38.000Z", "pattern": "[file:hashes.MD5 = 'd3a76d5d7873c5b78b21f46ce3d3cfc0' AND file:hashes.SHA1 = '154ddaf6f1102a8deab0445822d2ac041603dc93' AND file:hashes.SHA256 = 'ef9af8969dccabad32eea973e55ff9d7c8b55e68bc492f38b7289417dd04d991']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--c68def7e-0e0a-47f7-ad7f-340d0fe2be6d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:38.000Z", "modified": "2020-06-09T06:00:38.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T04:26:36+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "48468701-1ab3-49ed-b9f7-1c1579374e18" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/ef9af8969dccabad32eea973e55ff9d7c8b55e68bc492f38b7289417dd04d991/detection/f-ef9af8969dccabad32eea973e55ff9d7c8b55e68bc492f38b7289417dd04d991-1591244796", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "d119457a-78cb-4b94-a423-c00d39e402ec" }, { "type": "text", "object_relation": "detection-ratio", "value": "2/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "4f49a3d6-3e4f-47ad-9803-3771101fa6ae" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--88e5d29f-37c2-4ae3-b14e-b82c898781f8", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:38.000Z", "modified": "2020-06-09T06:00:38.000Z", "pattern": "[file:hashes.MD5 = '0ec2a7d6c07a9fd450730d405604a90c' AND file:hashes.SHA1 = '821d098cdcc1f42208aee72930a6a3eef30eb5b7' AND file:hashes.SHA256 = '3fb1e4091ffbea04a93d5ef7ed5ef4bd8f4eaea58fb1763507df2ef8ccb73ae3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--7b519bdf-c502-4ca6-83c5-d7028c629db8", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:41.000Z", "modified": "2020-06-09T06:00:41.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-08T07:07:20+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "d2991e5c-44b8-4df9-b4c4-6bb47f6b9914" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/3fb1e4091ffbea04a93d5ef7ed5ef4bd8f4eaea58fb1763507df2ef8ccb73ae3/detection/f-3fb1e4091ffbea04a93d5ef7ed5ef4bd8f4eaea58fb1763507df2ef8ccb73ae3-1591600040", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "e4b8e04d-c570-41e8-9ce6-6fe825879b7c" }, { "type": "text", "object_relation": "detection-ratio", "value": "15/59", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "a0245e92-6e13-428b-aec3-0e0b40649a69" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--f08817e6-be28-493f-96f4-7edcedc447b0", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:43.000Z", "modified": "2020-06-09T06:00:43.000Z", "pattern": "[file:hashes.MD5 = '68b0f87f11054de87866754cd005ce81' AND file:hashes.SHA1 = 'c3bb68dc2b4dd373d674318fba88425c53b13423' AND file:hashes.SHA256 = 'eccadcce17e5b016fbafa5858cb182e4b861d783590c5215ce0f0c8e9bfb4c4e']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--901357a4-20c3-455b-b0a3-19a0f7411b34", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:43.000Z", "modified": "2020-06-09T06:00:43.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T04:10:16+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "98ae4895-768c-490a-939a-3d8f638a595e" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/eccadcce17e5b016fbafa5858cb182e4b861d783590c5215ce0f0c8e9bfb4c4e/detection/f-eccadcce17e5b016fbafa5858cb182e4b861d783590c5215ce0f0c8e9bfb4c4e-1591243816", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "b61da289-909f-4ff6-b83a-473abf90ab7d" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "ad83cfc5-91ea-47c2-a579-c6ddd8c647df" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--607a4d64-896c-4b1e-832e-b27a1ba926e4", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:43.000Z", "modified": "2020-06-09T06:00:43.000Z", "pattern": "[file:hashes.MD5 = '693b0795fe68c9c21cc9c4b758b01db0' AND file:hashes.SHA1 = '7e01e9927bc4adbc8e8476d78d56a40a9c78a5d7' AND file:hashes.SHA256 = 'c70f06458faf1796a28c42f62647cac5948af982178cf1d5e61b70f3506a71c1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--ca26c7e1-e5ca-415d-871d-2fea04786a4d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:46.000Z", "modified": "2020-06-09T06:00:46.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T02:29:49+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "6d8dc03f-c506-4ee9-b9d8-8c2b7c9c3fe9" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/c70f06458faf1796a28c42f62647cac5948af982178cf1d5e61b70f3506a71c1/detection/f-c70f06458faf1796a28c42f62647cac5948af982178cf1d5e61b70f3506a71c1-1591237789", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "e05af7cb-cdbf-4d28-9bad-a0e83b24cb8c" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "2d6fb51b-ef32-4342-b8f3-5c1ca647048d" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--417c7b12-f55c-408c-9d4b-d6c6298116b7", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:46.000Z", "modified": "2020-06-09T06:00:46.000Z", "pattern": "[file:hashes.MD5 = '84c09f42f6dd03c5750ba3f08de72d86' AND file:hashes.SHA1 = 'a00e4d57e6589429ce6bb49a114a25390fddce94' AND file:hashes.SHA256 = '7e7ba697ecdd7cb1d19c70b30c96575d256032854bd6bb8e4f5fb4d18f5a0152']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--b36dc007-3b5c-4e99-b628-7e843becfbd1", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:48.000Z", "modified": "2020-06-09T06:00:48.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T05:55:43+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "2686d001-2dbf-4d52-b06a-4d781620d337" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/7e7ba697ecdd7cb1d19c70b30c96575d256032854bd6bb8e4f5fb4d18f5a0152/detection/f-7e7ba697ecdd7cb1d19c70b30c96575d256032854bd6bb8e4f5fb4d18f5a0152-1591250143", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "a45504a4-5f9e-486a-abd0-eee962b0a1e7" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/61", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "4fdf6cb7-5b4a-4b9e-9d6b-d38899b59cfe" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ababfda-57fa-430f-8a8e-40490185b41e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:48.000Z", "modified": "2020-06-09T06:00:48.000Z", "pattern": "[file:hashes.MD5 = '1ff54321cae5b80e77acd86e32a057f9' AND file:hashes.SHA1 = 'eac12119486771febd4f905b91e02d51cff7452a' AND file:hashes.SHA256 = '7fba5767a9bc61981cf53383b2518a9c528ade03085865212d868da802e2ec41']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--2123bb62-8e34-43d9-8d93-832511e08d2c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:50.000Z", "modified": "2020-06-09T06:00:50.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T23:52:58+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "fe5d4162-3441-4f59-9655-e3573d8bb028" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/7fba5767a9bc61981cf53383b2518a9c528ade03085865212d868da802e2ec41/detection/f-7fba5767a9bc61981cf53383b2518a9c528ade03085865212d868da802e2ec41-1591314778", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "866df720-6b5c-4a54-8ea1-c4506640de91" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/61", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "08fa7294-d20a-4dd8-8fa5-d134bfd48f31" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--caa6bf35-269e-479c-9134-9f32d4995eef", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:51.000Z", "modified": "2020-06-09T06:00:51.000Z", "pattern": "[file:hashes.MD5 = 'f014578ff2be67d5999595d49c11a868' AND file:hashes.SHA1 = 'c9f557712bdc91d3954d417edae661c356076e99' AND file:hashes.SHA256 = 'eb999aa4f1e79ed883460285525c7116bb1d771462da92af870b61b9f5afc2d5']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--aeb8868a-6ac0-4a86-9929-6e04ef0f578a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:51.000Z", "modified": "2020-06-09T06:00:51.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-09T01:23:38+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "f82385e6-cec6-4dd4-bf26-2c11d01d40f0" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/eb999aa4f1e79ed883460285525c7116bb1d771462da92af870b61b9f5afc2d5/detection/f-eb999aa4f1e79ed883460285525c7116bb1d771462da92af870b61b9f5afc2d5-1591665818", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "b8a22cec-8639-485c-bfe7-5d7b68131780" }, { "type": "text", "object_relation": "detection-ratio", "value": "12/58", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "4c614506-ce4a-4116-8eaa-01c848b69d32" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--70b0a245-cc60-4665-8345-75c3fa46380c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:53.000Z", "modified": "2020-06-09T06:00:53.000Z", "pattern": "[file:hashes.MD5 = '5effec2fd1367ac0932b0bc5a3790c71' AND file:hashes.SHA1 = '08ad377ecdd4680e877dd1c896476862937648f8' AND file:hashes.SHA256 = '3bbcf3542a72193b90de7c74203dc8b9c9c3896f4234f36ed36f6d082c13f310']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--28ec2dc3-46f3-43bf-bd6f-daffc85e1ad7", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:56.000Z", "modified": "2020-06-09T06:00:56.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T03:07:09+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "d7ddb9a1-e7ee-41a4-8940-664d970c0010" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/3bbcf3542a72193b90de7c74203dc8b9c9c3896f4234f36ed36f6d082c13f310/detection/f-3bbcf3542a72193b90de7c74203dc8b9c9c3896f4234f36ed36f6d082c13f310-1591326429", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "cce4ef06-138a-49db-9982-b872643d22e9" }, { "type": "text", "object_relation": "detection-ratio", "value": "4/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "0f2cc363-b029-4576-b8c2-35f6b180b367" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b87bb012-05e0-46ed-a509-52f57e8d47c2", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:56.000Z", "modified": "2020-06-09T06:00:56.000Z", "pattern": "[file:hashes.MD5 = '8733bcf50e7faf744c0a5f576a4f3695' AND file:hashes.SHA1 = '763987e6fdb1f1920f2118f3243ba45f67474f09' AND file:hashes.SHA256 = 'c735d45bbe1fa079409ae26d005a346f4698efb7e9f4db7bc2d0b247b57546f6']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:00:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--72278eca-2c0a-4aaa-8d35-87551023b3ef", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:00:58.000Z", "modified": "2020-06-09T06:00:58.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T01:21:16+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "710854b4-b56d-40e7-ad7e-1296fe44debf" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/c735d45bbe1fa079409ae26d005a346f4698efb7e9f4db7bc2d0b247b57546f6/detection/f-c735d45bbe1fa079409ae26d005a346f4698efb7e9f4db7bc2d0b247b57546f6-1591233676", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "cdb744dc-0b6b-4051-afb6-4279d519d6cd" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "99e68e0f-6f8d-4781-85a2-fb0441827045" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--755e5c5d-f8ee-4d53-8cfc-6c1bf7e9737e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:01.000Z", "modified": "2020-06-09T06:01:01.000Z", "pattern": "[file:hashes.MD5 = '174c6b43c9cf35d8f6485ded1a29ac7a' AND file:hashes.SHA1 = 'cbe93d2e0ffaaf65e6747d6506016504c7a6fb9e' AND file:hashes.SHA256 = 'cdc0ab79215e6c36de186ddfbed8e9b35c4c63161349c0935a90c69f553b318f']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--3d19ecae-2b1f-4c06-9656-f596a40b380e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:01.000Z", "modified": "2020-06-09T06:01:01.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-09T05:42:17+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "0facac3c-bbda-494a-9acd-d5df27ebed19" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/cdc0ab79215e6c36de186ddfbed8e9b35c4c63161349c0935a90c69f553b318f/detection/f-cdc0ab79215e6c36de186ddfbed8e9b35c4c63161349c0935a90c69f553b318f-1591681337", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "a6a15e80-51f6-4848-8a4a-b5620e901a68" }, { "type": "text", "object_relation": "detection-ratio", "value": "10/59", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "26eac9c8-bdee-427b-9634-f4366b7a347b" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--8d0ffa81-f0c7-429d-8f43-7dcb4a65177c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:01.000Z", "modified": "2020-06-09T06:01:01.000Z", "pattern": "[file:hashes.MD5 = 'cb61b901c14679944e8f65c16679be74' AND file:hashes.SHA1 = '09f9c69c0b46a910df86c78939486d203c5f0af1' AND file:hashes.SHA256 = 'c3c5b54d4393654bbc34a98babd549ddc1a2fa7509217f53d84f2f81e8a85dea']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--d5208822-8e6a-4bd3-97c2-ba0200435469", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:10.000Z", "modified": "2020-06-09T06:01:10.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-07T20:16:16+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "0b8dce57-3b85-4433-97b8-0e05c45246a2" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/c3c5b54d4393654bbc34a98babd549ddc1a2fa7509217f53d84f2f81e8a85dea/detection/f-c3c5b54d4393654bbc34a98babd549ddc1a2fa7509217f53d84f2f81e8a85dea-1591560976", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "892e395d-7c22-44f3-a5f2-e311f09abe0e" }, { "type": "text", "object_relation": "detection-ratio", "value": "5/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "d3149d72-df8e-4757-be0c-92588b4a75ed" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--06a1d251-aceb-4e4d-ad48-1db678a12d0b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:10.000Z", "modified": "2020-06-09T06:01:10.000Z", "pattern": "[file:hashes.MD5 = '80e967febcd3b824389848014a953b33' AND file:hashes.SHA1 = '68607c9fa232f38e6d07a4ce65d340283e8ef370' AND file:hashes.SHA256 = 'b5de9e7c9eac0d1253ee4a0e38081a22f6d0070025507378affea6f571cc1b15']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--1f150a93-e848-469b-af16-76dd411457bd", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:15.000Z", "modified": "2020-06-09T06:01:15.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T07:59:34+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "8591a653-79e9-4d69-8ec1-21f3a3b8abc1" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/b5de9e7c9eac0d1253ee4a0e38081a22f6d0070025507378affea6f571cc1b15/detection/f-b5de9e7c9eac0d1253ee4a0e38081a22f6d0070025507378affea6f571cc1b15-1591257574", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "b4136986-9e33-4805-891a-3a9677412422" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "7e9cd187-1c45-4494-82bc-7c68fa8148ef" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--c498cc28-1920-4db5-8cb5-34f55eec93a4", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:37.000Z", "modified": "2020-06-09T06:01:37.000Z", "pattern": "[file:hashes.MD5 = 'f60b66808f2d7c3a8bf6e6dba7c3cb06' AND file:hashes.SHA1 = '0cf6f806c60cc0dee654dfe40d46ce0f8e1adcc9' AND file:hashes.SHA256 = 'ff5516ee7e4f734c4ae70e8f6fbf3fad09bb0ba99e67916972fe308ba5c4acad']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--aa407782-fcaa-4402-a73b-86e1bdf292ee", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:37.000Z", "modified": "2020-06-09T06:01:37.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T03:03:51+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "c3852ab1-8bf1-45ae-a700-57c82474346f" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/ff5516ee7e4f734c4ae70e8f6fbf3fad09bb0ba99e67916972fe308ba5c4acad/detection/f-ff5516ee7e4f734c4ae70e8f6fbf3fad09bb0ba99e67916972fe308ba5c4acad-1591326231", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "c3f960d8-5720-48e8-a4f2-ed44c44b75ba" }, { "type": "text", "object_relation": "detection-ratio", "value": "6/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "304fcc03-05e1-4c5e-a719-5bc276df7117" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--f659716f-6ea7-475f-9d61-04e88c406f40", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:37.000Z", "modified": "2020-06-09T06:01:37.000Z", "pattern": "[file:hashes.MD5 = '8e2b53609f31d4c6fb2fd9ad2bcb138d' AND file:hashes.SHA1 = '3af8b2bfe4e4404dbb3a0814bcbbc0189e50957b' AND file:hashes.SHA256 = 'c896c5e5a5d0abd059e43dbc305f50be63ff74b88547d8f7ce75608d4c8dc2d4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--3e852049-d9d6-4eed-9885-2e63decce573", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:38.000Z", "modified": "2020-06-09T06:01:38.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T01:23:40+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "ffb9fd59-e21d-408d-8f64-178d3c65d810" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/c896c5e5a5d0abd059e43dbc305f50be63ff74b88547d8f7ce75608d4c8dc2d4/detection/f-c896c5e5a5d0abd059e43dbc305f50be63ff74b88547d8f7ce75608d4c8dc2d4-1591233820", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "b703a43d-ac5b-4402-ae3a-81fd754e236b" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "93769ff2-d854-4117-911c-7eb50f978214" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--c6494a3e-fa2c-4cac-a248-bbe0c1d56b53", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:38.000Z", "modified": "2020-06-09T06:01:38.000Z", "pattern": "[file:hashes.MD5 = '57885f5c1a38c44913e5f500c1ea4ea6' AND file:hashes.SHA1 = 'bd966e200eaf33408b21d3bbcc4f1eaaf24eed91' AND file:hashes.SHA256 = 'bdd2bce8bf6d86503a022ca77d7d10051e7d7e67fcfd39bdf7c64cd3e4b96f01']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--3a5f0e90-c569-4f34-9c55-e975fbf20204", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:38.000Z", "modified": "2020-06-09T06:01:38.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-06T13:37:24+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "f0a66cc0-2072-4813-971e-a9c7039b4c94" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/bdd2bce8bf6d86503a022ca77d7d10051e7d7e67fcfd39bdf7c64cd3e4b96f01/detection/f-bdd2bce8bf6d86503a022ca77d7d10051e7d7e67fcfd39bdf7c64cd3e4b96f01-1591450644", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "7603496f-e5fe-469c-bab1-3293baf573e6" }, { "type": "text", "object_relation": "detection-ratio", "value": "12/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "eceb5bbe-67dd-4b2b-b554-f141aa1a34bd" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--2658dbdc-527e-44b4-b1d7-03339fbc8b11", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:38.000Z", "modified": "2020-06-09T06:01:38.000Z", "pattern": "[file:hashes.MD5 = 'a233d3875310246b611dcad299c4e5ad' AND file:hashes.SHA1 = 'bf55936cbddcacadbd96855bea042c437c2e5cd5' AND file:hashes.SHA256 = 'f1669e315fa97d94329f6ff142dc844db1cd5cf98f0c3c908f11a28127a1e3a2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--42fdd7f5-2557-48b5-b48c-56238c6bf285", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:38.000Z", "modified": "2020-06-09T06:01:38.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T13:56:29+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "aa5a6840-d135-4048-83a8-b171e0aa72aa" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/f1669e315fa97d94329f6ff142dc844db1cd5cf98f0c3c908f11a28127a1e3a2/detection/f-f1669e315fa97d94329f6ff142dc844db1cd5cf98f0c3c908f11a28127a1e3a2-1591278989", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "6959ac5a-4629-460b-ad64-36f626da4ead" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/61", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "80394326-4ab4-4e1f-9615-b20c6cbfff0a" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--3d1299d5-1344-4be5-aefa-3ffb35a40a93", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:39.000Z", "modified": "2020-06-09T06:01:39.000Z", "pattern": "[file:hashes.MD5 = '224e03cbb9ef972648a7f73cb7af1ecd' AND file:hashes.SHA1 = 'ef3986c3be01331079a0cafd509da9899ab05c35' AND file:hashes.SHA256 = 'b8f4ab06d86cecdf78bde1ff0c415825ce2008b80f511bc715c96799e27ede54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--92609381-e064-45ef-b40c-ad7407545efd", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:39.000Z", "modified": "2020-06-09T06:01:39.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T18:48:22+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "2ffe0b8c-3042-448b-8307-0d03d801b623" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/b8f4ab06d86cecdf78bde1ff0c415825ce2008b80f511bc715c96799e27ede54/detection/f-b8f4ab06d86cecdf78bde1ff0c415825ce2008b80f511bc715c96799e27ede54-1591296502", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "f5486bb5-a361-48be-8338-2abdb861b956" }, { "type": "text", "object_relation": "detection-ratio", "value": "4/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "d9d70fd4-8f7d-4f4a-8b09-c5a24f06fbfb" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--fd8519ed-2362-40be-ab1b-4daf21d8628a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:40.000Z", "modified": "2020-06-09T06:01:40.000Z", "pattern": "[file:hashes.MD5 = 'f7be789d155f82cc2b9fffb160756f37' AND file:hashes.SHA1 = 'cb3bc1852effed55d7ba5f921dd5be766f35d43a' AND file:hashes.SHA256 = '6dd413cda5f640218e53068fcdeaa8095d43cfa08d7ae31bc1294b578eda3650']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--5c479fb7-7b27-4cac-b1cb-9e6b74bbf388", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:40.000Z", "modified": "2020-06-09T06:01:40.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T23:34:36+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "544bc4ff-8e9b-44c5-ba6d-d1b61225ac39" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/6dd413cda5f640218e53068fcdeaa8095d43cfa08d7ae31bc1294b578eda3650/detection/f-6dd413cda5f640218e53068fcdeaa8095d43cfa08d7ae31bc1294b578eda3650-1591313676", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "f50a97ae-8426-4e41-bd33-327c26508ada" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "9c8ab6e0-4d5d-4097-898a-128ff8d41256" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6b733565-8f47-4de9-9bbc-810e295e5169", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:40.000Z", "modified": "2020-06-09T06:01:40.000Z", "pattern": "[file:hashes.MD5 = 'cc4426d619a47d89a77d41bad5f9547d' AND file:hashes.SHA1 = 'cf94a7a8feb412cab891c72b2e63799800987f21' AND file:hashes.SHA256 = 'f3b298b3272983fd118f42817ead6259fb46a31b22ac8f68eed54c2f28288fbb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--36a13ea7-530d-4744-a2ef-307970bc215e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:43.000Z", "modified": "2020-06-09T06:01:43.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T02:48:56+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "809c16ba-84d6-4d6a-b16d-bf4e2696dc13" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/f3b298b3272983fd118f42817ead6259fb46a31b22ac8f68eed54c2f28288fbb/detection/f-f3b298b3272983fd118f42817ead6259fb46a31b22ac8f68eed54c2f28288fbb-1591325336", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "6af685d8-fc96-4696-ae5a-fcd91c40be14" }, { "type": "text", "object_relation": "detection-ratio", "value": "4/58", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "af1859c1-38ec-4477-b17b-ec24a3d7ab12" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--1e2e2fc2-2cd6-497d-807a-fc12e9eabce6", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:43.000Z", "modified": "2020-06-09T06:01:43.000Z", "pattern": "[file:hashes.MD5 = 'ba6ded9edb08a6b12d96b00c97dc30a2' AND file:hashes.SHA1 = 'e5e933ac2a3a69250940232d305e6e5a2c68c8fb' AND file:hashes.SHA256 = '607ee35288b437cdf89cb147281ab959e4b42051a299401293b0b54baff52710']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--7683dbcd-1fff-4605-a06a-e6a48b91457c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:43.000Z", "modified": "2020-06-09T06:01:43.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T06:19:58+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "1453d558-1161-4f93-9945-fd2bc9722e3c" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/607ee35288b437cdf89cb147281ab959e4b42051a299401293b0b54baff52710/detection/f-607ee35288b437cdf89cb147281ab959e4b42051a299401293b0b54baff52710-1591251598", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "6a46a992-8688-4552-8a0d-51576d818b00" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "4a62dce1-aa9a-4120-80c7-4ed7791216db" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5dde504f-1091-4678-b154-190825774f03", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:43.000Z", "modified": "2020-06-09T06:01:43.000Z", "pattern": "[file:hashes.MD5 = '20727d10e94f4ee25e6086f2835a9e27' AND file:hashes.SHA1 = '5d3bfcee3067651cbdadb26238d322152bea62ab' AND file:hashes.SHA256 = '63c396781b3e1a09f57da685dbb2fe1852e04c92b42d2dec08827861ce85f6ae']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--c0a8b1cf-2879-4d58-9b31-d08f485461a3", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:44.000Z", "modified": "2020-06-09T06:01:44.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-06T13:43:25+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "d3ea58ec-489c-443a-a2fe-883d8fa79d69" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/63c396781b3e1a09f57da685dbb2fe1852e04c92b42d2dec08827861ce85f6ae/detection/f-63c396781b3e1a09f57da685dbb2fe1852e04c92b42d2dec08827861ce85f6ae-1591451005", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "4feba9c2-6e7f-484f-bb08-9684da1390c1" }, { "type": "text", "object_relation": "detection-ratio", "value": "10/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "2a24934a-bc56-427b-b23c-8bc9dac13f6f" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--77d64976-aba3-40f9-b9d3-f835bf208170", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:44.000Z", "modified": "2020-06-09T06:01:44.000Z", "pattern": "[file:hashes.MD5 = 'a0292ff3404997eeedaa98430a3810a9' AND file:hashes.SHA1 = 'bd06daa513c2ff507663ba6721c597003538be14' AND file:hashes.SHA256 = '7294b0fcd60f333401410205724a6a7d4b1a1c166624a3a897eb74dd9e878f3d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--8592cadd-a5ed-489a-bf33-8c54cbc2c808", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:45.000Z", "modified": "2020-06-09T06:01:45.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T01:27:24+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "331cce22-33bf-4bf3-bc4a-2ae26bb19134" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/7294b0fcd60f333401410205724a6a7d4b1a1c166624a3a897eb74dd9e878f3d/detection/f-7294b0fcd60f333401410205724a6a7d4b1a1c166624a3a897eb74dd9e878f3d-1591234044", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "7a4a5052-c4d6-464b-856f-d201e3a17737" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "f517b2e8-5e93-40fc-a16f-4dbb738f5d35" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--a5631381-183c-4b80-a250-adf9c9123c77", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:45.000Z", "modified": "2020-06-09T06:01:45.000Z", "pattern": "[file:hashes.MD5 = '335408b886bf9bdfd5e2bd24e1fe9a36' AND file:hashes.SHA1 = 'c4826071e2b7ab987a392904c55089e82f06bbf9' AND file:hashes.SHA256 = 'f92c361f4849bdb8296fe20c394b3875e648f7c3d18e581bb5907c70451913c8']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--b774dd41-d3cd-4d50-9b07-2505de7e0e4b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:45.000Z", "modified": "2020-06-09T06:01:45.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T02:19:12+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "8cad3a5b-5565-485a-960d-a97f9d56e246" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/f92c361f4849bdb8296fe20c394b3875e648f7c3d18e581bb5907c70451913c8/detection/f-f92c361f4849bdb8296fe20c394b3875e648f7c3d18e581bb5907c70451913c8-1591237152", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "a68117c2-8634-4c34-a911-ac33cb7fbdd6" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "741a04ba-2241-4b05-a0fc-c83f487b2d43" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--ded62a1c-8ccb-41af-9f06-f4be406dd46b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:45.000Z", "modified": "2020-06-09T06:01:45.000Z", "pattern": "[file:hashes.MD5 = 'da08fae1018db44ce0f76f4f1259fe54' AND file:hashes.SHA1 = 'e5b2f82e0497c93c5244123f4a0e97b41173c00e' AND file:hashes.SHA256 = 'bbe972bd9a361d24d30b123b1fda8ece3fb4bc1cbc4a872c560c6a76c7fb6b33']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--c3818fc0-9785-4c01-ac5a-08d8ac7754c2", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:45.000Z", "modified": "2020-06-09T06:01:45.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T05:16:25+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "27121199-c864-41bd-b277-a4321745f140" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/bbe972bd9a361d24d30b123b1fda8ece3fb4bc1cbc4a872c560c6a76c7fb6b33/detection/f-bbe972bd9a361d24d30b123b1fda8ece3fb4bc1cbc4a872c560c6a76c7fb6b33-1591334185", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "8edb81a9-6520-4c65-877b-faf599681f1f" }, { "type": "text", "object_relation": "detection-ratio", "value": "5/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "70931b0c-f91f-496a-a159-74880c4f9718" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--c9ad8598-5527-4f55-97ea-baada6e4f98c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:46.000Z", "modified": "2020-06-09T06:01:46.000Z", "pattern": "[file:hashes.MD5 = '003b41485f43ba8ae3d04716e0ac04b2' AND file:hashes.SHA1 = 'c7af8420a738803e3c6965d440ec230aa70b9ff4' AND file:hashes.SHA256 = 'c69e1a03f2d71653e33408cfbd16fbb2f7eec647b89e4dcfad6a52f647aa7ac2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--c84d21bb-bb57-420e-b59f-ae03ed4f6e8a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:46.000Z", "modified": "2020-06-09T06:01:46.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T14:24:39+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "ff4ec341-b3ed-4b70-b90e-c4c9d2a45f43" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/c69e1a03f2d71653e33408cfbd16fbb2f7eec647b89e4dcfad6a52f647aa7ac2/detection/f-c69e1a03f2d71653e33408cfbd16fbb2f7eec647b89e4dcfad6a52f647aa7ac2-1591367079", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "a513f626-dcdf-4ef7-8839-020c8df1bd16" }, { "type": "text", "object_relation": "detection-ratio", "value": "3/59", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "9bf97184-3b9b-4dd0-a0fa-873061212027" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--f21d7940-84a2-4d6f-acea-0a1ba19c21f7", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:50.000Z", "modified": "2020-06-09T06:01:50.000Z", "pattern": "[file:hashes.MD5 = '56bffb2c1d498481f1c2e6066ac38050' AND file:hashes.SHA1 = '6a1762048ee45e4a52388f4914a60a3ee03d29d8' AND file:hashes.SHA256 = '921026611780fe1d168a559852a3b17b408c65d9dc7ffb4650537577d71fa67b']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--90242e98-98ed-40e8-9354-ada828e137d2", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:50.000Z", "modified": "2020-06-09T06:01:50.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T01:09:17+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "0be40de2-fa19-48ae-bf2f-a6147c7c6c28" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/921026611780fe1d168a559852a3b17b408c65d9dc7ffb4650537577d71fa67b/detection/f-921026611780fe1d168a559852a3b17b408c65d9dc7ffb4650537577d71fa67b-1591319357", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "e3c20367-31ec-44d6-ad6c-d7f284680148" }, { "type": "text", "object_relation": "detection-ratio", "value": "4/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "e8add3cd-cc4c-4083-a2ab-71db19d178e5" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--a307466f-d959-4593-8a29-4b0c830d5336", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:50.000Z", "modified": "2020-06-09T06:01:50.000Z", "pattern": "[file:hashes.MD5 = '0a1162e09d286a35bf0e3eaa3a9a5c00' AND file:hashes.SHA1 = '8cf666630d4e5850266d986a4668c6486a188185' AND file:hashes.SHA256 = 'fa37860944ee07b416cf634c758d32660af30baca16148cb0c66ccbf8bcf6465']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--9be4f043-827a-403d-b10c-17d8337ffd5c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:51.000Z", "modified": "2020-06-09T06:01:51.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T14:48:57+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "ea8247b2-155d-45b9-ae9b-425efc80d1b0" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/fa37860944ee07b416cf634c758d32660af30baca16148cb0c66ccbf8bcf6465/detection/f-fa37860944ee07b416cf634c758d32660af30baca16148cb0c66ccbf8bcf6465-1591368537", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "d0360e27-2af0-4390-ae09-55aa781a69fb" }, { "type": "text", "object_relation": "detection-ratio", "value": "7/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "509db5bc-c5ca-4bc2-a434-ee35f10fe485" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--d0e67cb3-b1e8-43e4-8c32-30ea97599b75", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:51.000Z", "modified": "2020-06-09T06:01:51.000Z", "pattern": "[file:hashes.MD5 = '1f1c25c4ea45f76f625e989598907987' AND file:hashes.SHA1 = '61dd74334eb2c1c14c1746fa2a76a63b800e2f00' AND file:hashes.SHA256 = '8bf46bbd626c107433372b39aba3719f1744244eb37b1aa7c72956bf9346ac15']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--c79ef7b2-4efb-4db8-91c1-94370849b546", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:55.000Z", "modified": "2020-06-09T06:01:55.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-08T01:11:49+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "18dad584-14d8-4495-b2e9-313d110d98be" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/8bf46bbd626c107433372b39aba3719f1744244eb37b1aa7c72956bf9346ac15/detection/f-8bf46bbd626c107433372b39aba3719f1744244eb37b1aa7c72956bf9346ac15-1591578709", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "12e3ab77-65f1-4402-b594-6ca85b77d7cb" }, { "type": "text", "object_relation": "detection-ratio", "value": "3/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "891f9dd6-0db7-4f39-b56b-9b6710342481" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--21327aa5-00ae-4c4f-a5cb-5034b481dba1", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:55.000Z", "modified": "2020-06-09T06:01:55.000Z", "pattern": "[file:hashes.MD5 = 'fb33c2acb7da7def8d113f5baaf3e29c' AND file:hashes.SHA1 = 'fc0217d8da1d61415023471fd5b9a340d59e89c4' AND file:hashes.SHA256 = 'f67352ac345d03d511cb634d72798d06df3b74e4a8d34aa2c91692ad27adcfbf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--0224c52a-1b8d-415b-bc81-fe6c122bb3cf", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:56.000Z", "modified": "2020-06-09T06:01:56.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-08T18:02:33+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "94472822-27f1-44a7-9c03-4e6c1c452b88" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/f67352ac345d03d511cb634d72798d06df3b74e4a8d34aa2c91692ad27adcfbf/detection/f-f67352ac345d03d511cb634d72798d06df3b74e4a8d34aa2c91692ad27adcfbf-1591639353", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "77826e3b-80ad-4a61-bf32-afcac8504886" }, { "type": "text", "object_relation": "detection-ratio", "value": "14/58", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "8ca5ce24-e2fb-4ccd-98b9-fd40485c0cfa" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--7920ef25-680a-4be9-92ce-01802b3c9e6a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:56.000Z", "modified": "2020-06-09T06:01:56.000Z", "pattern": "[file:hashes.MD5 = '3e35ebcc7387ef78363229487f2afb23' AND file:hashes.SHA1 = '60eeede481d501e3c58fe9e63c898edb4e514701' AND file:hashes.SHA256 = 'defb31a9d386b63779fe2006c261fc7913d2229f953fdf6caecaab9d53dd8fa4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:01:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--096fa49e-5aec-4bcb-bb03-6676e3cd09f7", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:01:56.000Z", "modified": "2020-06-09T06:01:56.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T02:21:05+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "0d67683a-2f69-4755-ba2c-00d093f4da64" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/defb31a9d386b63779fe2006c261fc7913d2229f953fdf6caecaab9d53dd8fa4/detection/f-defb31a9d386b63779fe2006c261fc7913d2229f953fdf6caecaab9d53dd8fa4-1591323665", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "055acff6-852c-412c-9310-b754822ed072" }, { "type": "text", "object_relation": "detection-ratio", "value": "2/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "1c0e0ff7-02c3-4285-b8b5-aea820224019" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--360da40a-d5bd-463b-a358-912d8b1cb32e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:00.000Z", "modified": "2020-06-09T06:02:00.000Z", "pattern": "[file:hashes.MD5 = '451938147bcda8155c1c05def074a381' AND file:hashes.SHA1 = '5a930165b0dcdb7934294f8f88cb520bab76909d' AND file:hashes.SHA256 = 'e38a95d1eb1b6f4c339954e2585549d336ea27b9fe76115abba8a1bfcfde8d79']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:02:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--04f31345-2514-4ebc-810c-4fcf298a9dfc", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:00.000Z", "modified": "2020-06-09T06:02:00.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T01:40:35+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "33cac6e7-7206-4114-9f8c-17f86d573f99" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/e38a95d1eb1b6f4c339954e2585549d336ea27b9fe76115abba8a1bfcfde8d79/detection/f-e38a95d1eb1b6f4c339954e2585549d336ea27b9fe76115abba8a1bfcfde8d79-1591234835", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "0b5bafa2-1469-43ad-8f29-4dd636060a0a" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "8d3dfa13-d155-478f-a1f9-35efbc4439b8" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--91caeb9c-8bcc-46c4-a2b1-967cb2ffc06b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:01.000Z", "modified": "2020-06-09T06:02:01.000Z", "pattern": "[file:hashes.MD5 = '6402c0725c77fdadd27cba028b346100' AND file:hashes.SHA1 = 'e7b675ea6b808a0135c4b9ca0dbafb9664001119' AND file:hashes.SHA256 = 'c957de05aec8c4f295bec80711f2e934b837117094abcdd46098486c6f2934a9']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:02:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--16355c6c-5495-4128-b058-a75caffcc180", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:01.000Z", "modified": "2020-06-09T06:02:01.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-03T06:32:33+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "2daa03ad-aebd-4283-a7e1-c5af0613d3fe" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/c957de05aec8c4f295bec80711f2e934b837117094abcdd46098486c6f2934a9/detection/f-c957de05aec8c4f295bec80711f2e934b837117094abcdd46098486c6f2934a9-1591165953", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "22d269b8-f734-4d8c-b499-98795efb3581" }, { "type": "text", "object_relation": "detection-ratio", "value": "3/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "e197e84d-f685-495f-8d4f-83c403ba9a62" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--7ebe7237-c0c2-4b5a-990f-d772e7380a4a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:03.000Z", "modified": "2020-06-09T06:02:03.000Z", "pattern": "[file:hashes.MD5 = '68ea9a44404538895d9989ffb700d6c2' AND file:hashes.SHA1 = '1ebfa9038414eb0162e115889dadb7fc34c61a17' AND file:hashes.SHA256 = '9bd112a6b7bc00b0e83b81965e1a71f60f977d337aa37811d023d4adad541f81']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:02:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--772cbd68-b23c-43b2-83f6-d2e04fa9fb7a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:05.000Z", "modified": "2020-06-09T06:02:05.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T04:10:17+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "20e28165-919f-4558-ad2f-0b86d94f57a0" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/9bd112a6b7bc00b0e83b81965e1a71f60f977d337aa37811d023d4adad541f81/detection/f-9bd112a6b7bc00b0e83b81965e1a71f60f977d337aa37811d023d4adad541f81-1591243817", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "ed14d64f-a6be-4a1f-965e-c988e2153269" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/61", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "b13b8810-f0cf-432a-8643-50e8114b555b" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--d65d8426-637a-4461-aef9-3aeee89fdb68", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:06.000Z", "modified": "2020-06-09T06:02:06.000Z", "pattern": "[file:hashes.MD5 = '9f07d953e88681e6343ffdec24f3d589' AND file:hashes.SHA1 = '0c2985e8d97e402b99023753a99160cd1e1f2a9b' AND file:hashes.SHA256 = 'ff03f367647fdc3e93f2f7e73c70ed381b71605443f2b051b901d1eb80493854']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:02:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--321df88e-3d1f-4c02-b568-f4150e216f6d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:06.000Z", "modified": "2020-06-09T06:02:06.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-06T17:42:16+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "fcc487f7-0bf6-4e4a-87a6-7176d6566e01" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/ff03f367647fdc3e93f2f7e73c70ed381b71605443f2b051b901d1eb80493854/detection/f-ff03f367647fdc3e93f2f7e73c70ed381b71605443f2b051b901d1eb80493854-1591465336", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "f731c621-44bf-4c86-885b-3c2495410436" }, { "type": "text", "object_relation": "detection-ratio", "value": "8/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "3ec85e3a-4536-4f59-977e-cc8fe5e5629f" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--0cd3c477-a7f0-40d7-b4d3-1a66fcf454b6", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:06.000Z", "modified": "2020-06-09T06:02:06.000Z", "pattern": "[file:hashes.MD5 = 'b495eeacdc3197eb47c8218aae74c86d' AND file:hashes.SHA1 = 'd83ddae2e9373624c7d010c305370a7313bbbc1a' AND file:hashes.SHA256 = '8624ed0e25319e3e6092df564b61fdd20620980b2eb424e7b77dd41fc3422f78']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:02:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--43c340b7-1379-4812-a486-d88ce1f4a269", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:06.000Z", "modified": "2020-06-09T06:02:06.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T01:25:36+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "235c6e26-15be-4172-8a86-8b93bd9f3988" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/8624ed0e25319e3e6092df564b61fdd20620980b2eb424e7b77dd41fc3422f78/detection/f-8624ed0e25319e3e6092df564b61fdd20620980b2eb424e7b77dd41fc3422f78-1591233936", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "a86ac40e-705b-4b2a-86f8-eb59ab5188df" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/61", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "557495bb-d138-41d5-be4c-3aacf38b8f92" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--02ffe887-b7e7-4f22-8916-d0d09f027627", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:06.000Z", "modified": "2020-06-09T06:02:06.000Z", "pattern": "[file:hashes.MD5 = 'f1e9ce0eb05059f1c3f8896f4981f41b' AND file:hashes.SHA1 = '62731746fdacf02067e9c7a1d9e3a7c2c027bcf2' AND file:hashes.SHA256 = '7ae4e7e1241276b32acae1609fe081e95ee5104424502ff17619f36a2e489639']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:02:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--afc704d0-bc2b-4bdb-af7e-386697650f60", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:11.000Z", "modified": "2020-06-09T06:02:11.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-04T13:32:15+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "7c928391-c6f1-43fe-9581-a98ca56ee71f" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/7ae4e7e1241276b32acae1609fe081e95ee5104424502ff17619f36a2e489639/detection/f-7ae4e7e1241276b32acae1609fe081e95ee5104424502ff17619f36a2e489639-1591277535", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "a7194995-a3e7-4a50-9562-a7f99072b92a" }, { "type": "text", "object_relation": "detection-ratio", "value": "2/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "4a9f6a60-9993-4af4-8e16-3eb10950a1da" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--efec214e-341d-48b8-a691-eb5323c6a65e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:11.000Z", "modified": "2020-06-09T06:02:11.000Z", "pattern": "[file:hashes.MD5 = '555943c45e284802825d60f11902f032' AND file:hashes.SHA1 = 'c2835fbd3c41ece3d6f1f6384203ab85767388ba' AND file:hashes.SHA256 = '4eece164c7d6273a0fd7f91df8ea2fc557da8e1225aac1890c1e490cd1fd4750']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:02:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--88c76c85-0992-446d-823d-ad812fa0e834", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:11.000Z", "modified": "2020-06-09T06:02:11.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T11:19:47+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "248bd84b-215f-458b-a2ab-cca73a0df52d" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/4eece164c7d6273a0fd7f91df8ea2fc557da8e1225aac1890c1e490cd1fd4750/detection/f-4eece164c7d6273a0fd7f91df8ea2fc557da8e1225aac1890c1e490cd1fd4750-1591355987", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "d69e1fbb-0898-48e8-9019-f45f33645739" }, { "type": "text", "object_relation": "detection-ratio", "value": "7/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "58d407ca-ac66-4bd5-90e2-87215b3923dd" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--893e683a-d963-478a-81b8-515a607f26f9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:11.000Z", "modified": "2020-06-09T06:02:11.000Z", "pattern": "[file:hashes.MD5 = 'ada44b65ce28309b2d8da9233a8f2443' AND file:hashes.SHA1 = 'd70a974043372641baf570ab1ecc30806cc6e26f' AND file:hashes.SHA256 = '6c0ee9ad6608774ccc6f2d1b4fc10d25db600a1ab147c38b862f985325d00d69']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:02:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--cd256349-da15-4795-8859-39beae284bf5", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:16.000Z", "modified": "2020-06-09T06:02:16.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-08T23:54:53+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "caa7c656-1db1-4b5b-8dd7-72954ed99f75" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/6c0ee9ad6608774ccc6f2d1b4fc10d25db600a1ab147c38b862f985325d00d69/detection/f-6c0ee9ad6608774ccc6f2d1b4fc10d25db600a1ab147c38b862f985325d00d69-1591660493", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "312d96fe-5610-4bff-b093-4e99fba25af2" }, { "type": "text", "object_relation": "detection-ratio", "value": "15/58", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "7c18bf01-7a81-4f1b-b790-05cd819c84f2" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--0fdf714c-00e3-4e05-be1d-8ea23d0ce8da", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:16.000Z", "modified": "2020-06-09T06:02:16.000Z", "pattern": "[file:hashes.MD5 = 'de4d45b0b14700528dab525315758734' AND file:hashes.SHA1 = 'd00f79deee4824fd432cd810757376e2eb292893' AND file:hashes.SHA256 = '2bb379f1ee08c6c1aedf20cdb4feec2b5db08767c6d9ba6cad2d3dc13ade8609']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:02:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--39d8757d-7d4f-4a82-b436-413099f5352c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:16.000Z", "modified": "2020-06-09T06:02:16.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-08T18:02:56+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "4ff9b615-e58f-46ad-97a0-5a2611ef1aa5" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/2bb379f1ee08c6c1aedf20cdb4feec2b5db08767c6d9ba6cad2d3dc13ade8609/detection/f-2bb379f1ee08c6c1aedf20cdb4feec2b5db08767c6d9ba6cad2d3dc13ade8609-1591639376", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "cef87992-fc11-4a96-9ad0-fc291ec475c1" }, { "type": "text", "object_relation": "detection-ratio", "value": "4/59", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "62961a8e-4560-432e-a9ce-cbc36887ad5c" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--3c6835b0-9345-4fa9-9dcc-a34ba656f9cd", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:16.000Z", "modified": "2020-06-09T06:02:16.000Z", "pattern": "[file:hashes.MD5 = 'f9df74341bae4eaae2ad38524472614f' AND file:hashes.SHA1 = 'ae3d454aa5ab5f7aa65953a6877994b4ed792940' AND file:hashes.SHA256 = 'f50c3e60db8adf31187448082ff4a783feb495b9545280ed23a65f89184f9236']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:02:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--d536dabc-5b89-47cf-a262-8c3ac457a884", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:16.000Z", "modified": "2020-06-09T06:02:16.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-08T06:30:32+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "a3dd23e1-d4cf-4e02-b760-2539018946d9" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/f50c3e60db8adf31187448082ff4a783feb495b9545280ed23a65f89184f9236/detection/f-f50c3e60db8adf31187448082ff4a783feb495b9545280ed23a65f89184f9236-1591597832", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "dbc6cfc4-09f6-475e-a89a-b9c9f129ff99" }, { "type": "text", "object_relation": "detection-ratio", "value": "10/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "23484474-9f4a-455b-bd28-6ff12ca446f1" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--a84b79e3-bc00-4922-bd77-6960e5fad744", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:19.000Z", "modified": "2020-06-09T06:02:19.000Z", "pattern": "[file:hashes.MD5 = '8433ada2f215c6286f1526f21ab780b9' AND file:hashes.SHA1 = 'dc9e799736d24decb33b7436b629effb149d79dc' AND file:hashes.SHA256 = 'e0c1189c63833e6dde70198558dc92b95ca0c8050e117dce432d2e9a838b7513']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:02:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--f90e7bfd-931b-4b4a-8037-9fba919341e6", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:21.000Z", "modified": "2020-06-09T06:02:21.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T15:58:44+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "74cc1162-ccd2-4954-947c-d649d935183f" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/e0c1189c63833e6dde70198558dc92b95ca0c8050e117dce432d2e9a838b7513/detection/f-e0c1189c63833e6dde70198558dc92b95ca0c8050e117dce432d2e9a838b7513-1591372724", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "c7396f96-ba36-4fb1-b94d-c650d2cb674e" }, { "type": "text", "object_relation": "detection-ratio", "value": "5/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "8fdf84f4-a0aa-4b8b-bda3-0c0aba0fa844" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--7c7cd57a-b804-4dde-bded-f75c3e3cf6ae", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:21.000Z", "modified": "2020-06-09T06:02:21.000Z", "pattern": "[file:hashes.MD5 = '04edfbe9c3783bfe6b2c90f5ea731073' AND file:hashes.SHA1 = '2fdfa996afedbeed158cbb95fbc15a7f159328b6' AND file:hashes.SHA256 = '191832476af317aabe90cff7b0f16241acd8df9ee44a476bd1d206a138de6777']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:02:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--11525246-c1d8-4d98-99ec-1951d92b8038", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:21.000Z", "modified": "2020-06-09T06:02:21.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-07T04:45:27+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "6df539f5-5045-4df9-82ed-6ecd3f2a9e31" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/191832476af317aabe90cff7b0f16241acd8df9ee44a476bd1d206a138de6777/detection/f-191832476af317aabe90cff7b0f16241acd8df9ee44a476bd1d206a138de6777-1591505127", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "94316567-d859-4c24-bab6-810165e533c5" }, { "type": "text", "object_relation": "detection-ratio", "value": "17/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "5e1ccbbe-8cab-49c6-9206-8ceb49fc6cd1" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--073d8a2f-42d5-4382-b61c-5a758e00a5d6", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:22.000Z", "modified": "2020-06-09T06:02:22.000Z", "pattern": "[file:hashes.MD5 = '883a56dbe62c938cc12f7a07ffe37a03' AND file:hashes.SHA1 = 'cc657632fa93f86ab0d09ee2034c1a98df1793fe' AND file:hashes.SHA256 = 'e3a208481ae96872fcf001068171340b53536b9dd00c42e160a3b10ea499ff73']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2020-06-09T06:02:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--66543bc6-fef9-4a42-9327-3ec832c746bc", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2020-06-09T06:02:26.000Z", "modified": "2020-06-09T06:02:26.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2020-06-05T01:35:19+00:00", "category": "Other", "comment": "Associated Maldocs", "uuid": "6d2615c5-029f-473f-bd59-764af16b1d72" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/gui/file/e3a208481ae96872fcf001068171340b53536b9dd00c42e160a3b10ea499ff73/detection/f-e3a208481ae96872fcf001068171340b53536b9dd00c42e160a3b10ea499ff73-1591320919", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "86dd80d9-c638-4932-b579-98c5c375cb55" }, { "type": "text", "object_relation": "detection-ratio", "value": "2/60", "category": "Payload delivery", "comment": "Associated Maldocs", "uuid": "7d5ec6ed-b909-4f3e-a108-5bb8f3fca830" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--b2738bd1-8131-4765-bed6-d2cc5a7499d4", "created": "2020-06-09T06:02:26.000Z", "modified": "2020-06-09T06:02:26.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--d89b10ca-d90c-47f7-ac81-b2829974d657", "target_ref": "x-misp-object--900ce041-dfaa-4cef-8cb6-4dc15ba9e7e3" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--e8f0cce1-7cec-4a63-9dc8-c1916ec80b5f", "created": "2020-06-09T06:02:26.000Z", "modified": "2020-06-09T06:02:26.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--30e8dc43-5696-472a-ae62-7ff9009a4530", "target_ref": "x-misp-object--f78805f3-454e-4c28-8e9d-da08497493b0" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--8490e1d2-775d-45fe-a522-deb947597158", "created": "2020-06-09T06:02:26.000Z", "modified": "2020-06-09T06:02:26.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--9b4eda44-e5cd-4d9a-9d51-b106876bcd8c", "target_ref": "x-misp-object--ab715d98-7e1c-46fa-a7e2-1b703574523c" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--b7c07f7f-66a9-4811-bf7c-2d7c337d1571", "created": "2020-06-09T06:02:26.000Z", "modified": "2020-06-09T06:02:26.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--075611f6-615d-4e32-9a17-50f01363a0af", "target_ref": "x-misp-object--dec9f73c-7bb0-4e21-99d4-8f34b60dff09" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--8d0b86ec-28e7-423b-ad46-262f812345f8", "created": "2020-06-09T06:02:26.000Z", "modified": "2020-06-09T06:02:26.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--3be4313f-e1f6-48af-ace1-97ee4f1e9050", "target_ref": "x-misp-object--23e65c58-88c8-462d-b3c8-d73c950c5a14" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--54dcf92a-255e-47a1-8ee4-ef0bc03e3e16", "created": "2020-06-09T06:02:26.000Z", "modified": "2020-06-09T06:02:26.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--8034d958-60fa-41ba-acbf-5c360cdb4bf3", "target_ref": "x-misp-object--f95cfe04-18ba-4750-83f4-8f02a27ea64c" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--7d55ed0f-1570-42a3-8764-8b9946e70acf", "created": "2020-06-09T06:02:26.000Z", "modified": "2020-06-09T06:02:26.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--0df9ef00-7657-4a0a-b741-7038330aad91", "target_ref": "x-misp-object--6ee5680e-3f35-4d36-aaa8-ffba22e4eef6" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--7d2a88bf-3eec-4cba-b858-78c7541c0382", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--46144bb3-b1b4-43ce-9214-bc02d9e6b532", "target_ref": "x-misp-object--c33a9c32-1993-482c-917d-f8c8b8dfce94" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--370bbe5c-3067-4d9c-9335-c98e34fecc24", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--72221436-c0a8-465e-b386-02ca0145c8a5", "target_ref": "x-misp-object--df0b6060-9424-44df-b24d-50010c1ddf9e" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--299e4a0f-7ba2-4101-9ca8-902f52caa001", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--44a0a2d0-b960-45e1-a717-f0c41f1a9c0b", "target_ref": "x-misp-object--836e0af6-4dbb-44a9-98df-8bc54dbde31e" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--80e65f75-5638-4433-ab87-d500467cc920", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--07cf1eb8-076e-442b-a9c4-3e0d311531b5", "target_ref": "x-misp-object--f5df88c1-fcfb-4b95-afe6-0f4c99138cfe" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--af17e0ea-f9ad-4803-a2a2-85b88b27e655", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--4679265b-1231-4b99-bd2f-d20d0960d347", "target_ref": "x-misp-object--b0da3f28-76fe-400c-b083-82454e177213" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--e2461d61-004e-4b32-8777-d5cf24a1dac5", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--c6ec90b6-1e3a-4821-9adc-77b2e9eaacd3", "target_ref": "x-misp-object--d49fc5d1-2074-4238-a4b4-7372e389593d" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--08e4df3e-c71a-4a0a-975f-2427397e9eac", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--6093b577-0406-4b50-aeed-67f869b5102c", "target_ref": "x-misp-object--9ad70519-e27b-40ae-9ca7-5ea5a63fe322" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--e0fde334-ea1e-453e-8220-80283f356d22", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--27fcfb5c-8569-4e24-b931-e8441ea89687", "target_ref": "x-misp-object--a28538ac-63fa-4abe-8bf8-8c623a5ecddd" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--562809cc-ded3-40fa-b920-0d50b0cb72d4", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--4a3ef6aa-b702-4321-9afa-6db30fb41ea4", "target_ref": "x-misp-object--de5fda18-6b74-4d3d-9271-8f706d6fa41a" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--fe12cb8c-d3ec-4016-a964-55c5002ccab8", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--0dc86ee5-1e8b-4955-b6d4-cf2faf678ccc", "target_ref": "x-misp-object--23d55af4-2648-4249-b84c-f6fab5dfe5b9" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--94ffb177-fb62-47e6-8f37-b09b1ee7a452", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--f09cdda4-d278-44db-acad-b2857a94251f", "target_ref": "x-misp-object--3ec4966c-7b38-4222-a56d-898f7ebfb9dc" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--7ce97cd6-5b6d-4102-b823-44e8da86d200", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--83d32ab3-447e-41ab-ba41-ee7f2b80606c", "target_ref": "x-misp-object--21417981-9841-4bea-b6cd-93199fca2d5e" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--f93fb35a-9d1e-4884-a471-e3895252cc80", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--2e1ac848-36eb-4f1c-93ae-24e585b54433", "target_ref": "x-misp-object--16420e7f-7d0d-4ae9-a5bf-b801d1912119" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--64f85b37-656b-429c-a38a-0fbd3eca0da6", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--886acb36-b778-4ff4-9c0d-c4eaf7f6bfeb", "target_ref": "x-misp-object--77d3db3a-79f6-4a98-8548-2ec6ab80da2f" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--3b60e1a6-71ed-47ad-9737-c2495c84b9e3", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--cb0a9fc7-efe3-4f55-b5af-18b67b78ee6e", "target_ref": "x-misp-object--c68def7e-0e0a-47f7-ad7f-340d0fe2be6d" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--9e53f012-eb00-4687-8fd8-1e9769b75214", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--88e5d29f-37c2-4ae3-b14e-b82c898781f8", "target_ref": "x-misp-object--7b519bdf-c502-4ca6-83c5-d7028c629db8" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--f1e1d554-9ee1-4691-84f7-97f547cdabad", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--f08817e6-be28-493f-96f4-7edcedc447b0", "target_ref": "x-misp-object--901357a4-20c3-455b-b0a3-19a0f7411b34" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--6736cc07-3ab6-457c-b7d3-2bfc2f197e06", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--607a4d64-896c-4b1e-832e-b27a1ba926e4", "target_ref": "x-misp-object--ca26c7e1-e5ca-415d-871d-2fea04786a4d" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--32a69320-8731-4027-94d9-5edcb66c8350", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--417c7b12-f55c-408c-9d4b-d6c6298116b7", "target_ref": "x-misp-object--b36dc007-3b5c-4e99-b628-7e843becfbd1" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--8f78b250-54ed-444a-b313-8fb4e5b22986", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--5ababfda-57fa-430f-8a8e-40490185b41e", "target_ref": "x-misp-object--2123bb62-8e34-43d9-8d93-832511e08d2c" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--797dea24-6b1b-461e-b421-27bd58a6db14", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--caa6bf35-269e-479c-9134-9f32d4995eef", "target_ref": "x-misp-object--aeb8868a-6ac0-4a86-9929-6e04ef0f578a" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--f5b2e3fc-0521-48a0-bdf2-0c1c1b01a611", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--70b0a245-cc60-4665-8345-75c3fa46380c", "target_ref": "x-misp-object--28ec2dc3-46f3-43bf-bd6f-daffc85e1ad7" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--7bc8bb8a-33a9-4642-a69c-f76058672c6f", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--b87bb012-05e0-46ed-a509-52f57e8d47c2", "target_ref": "x-misp-object--72278eca-2c0a-4aaa-8d35-87551023b3ef" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--261a1352-3737-44ba-a9c5-e455e4da8b32", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--755e5c5d-f8ee-4d53-8cfc-6c1bf7e9737e", "target_ref": "x-misp-object--3d19ecae-2b1f-4c06-9656-f596a40b380e" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--eddecb9d-a645-4608-8abc-87b2d5f537bf", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--8d0ffa81-f0c7-429d-8f43-7dcb4a65177c", "target_ref": "x-misp-object--d5208822-8e6a-4bd3-97c2-ba0200435469" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--4888227c-1046-4be2-ac23-40548dc23e6e", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--06a1d251-aceb-4e4d-ad48-1db678a12d0b", "target_ref": "x-misp-object--1f150a93-e848-469b-af16-76dd411457bd" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--aec13c14-7be7-425b-9b0b-a6de04224b64", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--c498cc28-1920-4db5-8cb5-34f55eec93a4", "target_ref": "x-misp-object--aa407782-fcaa-4402-a73b-86e1bdf292ee" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--7a137a36-190a-40b0-bb2c-bc10767b3872", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--f659716f-6ea7-475f-9d61-04e88c406f40", "target_ref": "x-misp-object--3e852049-d9d6-4eed-9885-2e63decce573" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--20e072c8-d427-4b67-8edc-a45055bfe992", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--c6494a3e-fa2c-4cac-a248-bbe0c1d56b53", "target_ref": "x-misp-object--3a5f0e90-c569-4f34-9c55-e975fbf20204" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--e9c6d25e-6343-44e3-b1d0-5fe12c816547", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--2658dbdc-527e-44b4-b1d7-03339fbc8b11", "target_ref": "x-misp-object--42fdd7f5-2557-48b5-b48c-56238c6bf285" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--6efe71ae-928a-4d27-8a13-dd2ec07249e2", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--3d1299d5-1344-4be5-aefa-3ffb35a40a93", "target_ref": "x-misp-object--92609381-e064-45ef-b40c-ad7407545efd" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--73b91c3e-4c99-4b86-be70-3b46e2b8bdc9", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--fd8519ed-2362-40be-ab1b-4daf21d8628a", "target_ref": "x-misp-object--5c479fb7-7b27-4cac-b1cb-9e6b74bbf388" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--34aac2ab-ee2a-4091-b828-429708c8e09b", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--6b733565-8f47-4de9-9bbc-810e295e5169", "target_ref": "x-misp-object--36a13ea7-530d-4744-a2ef-307970bc215e" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--e4c6e9bd-78ee-4b4b-9903-b326525431e7", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--1e2e2fc2-2cd6-497d-807a-fc12e9eabce6", "target_ref": "x-misp-object--7683dbcd-1fff-4605-a06a-e6a48b91457c" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--b74642ba-7371-485e-a7ff-2e47395f8720", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--5dde504f-1091-4678-b154-190825774f03", "target_ref": "x-misp-object--c0a8b1cf-2879-4d58-9b31-d08f485461a3" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--c569bab2-4c8c-4cb8-928e-e192a85f8345", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--77d64976-aba3-40f9-b9d3-f835bf208170", "target_ref": "x-misp-object--8592cadd-a5ed-489a-bf33-8c54cbc2c808" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--5b9a7060-ac06-4dc1-b2e5-10599957d53e", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--a5631381-183c-4b80-a250-adf9c9123c77", "target_ref": "x-misp-object--b774dd41-d3cd-4d50-9b07-2505de7e0e4b" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--16e56549-ce14-47ad-99f8-6eca92adfa97", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--ded62a1c-8ccb-41af-9f06-f4be406dd46b", "target_ref": "x-misp-object--c3818fc0-9785-4c01-ac5a-08d8ac7754c2" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--6e68938c-24c3-436c-bbd1-8cb72b8274b9", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--c9ad8598-5527-4f55-97ea-baada6e4f98c", "target_ref": "x-misp-object--c84d21bb-bb57-420e-b59f-ae03ed4f6e8a" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--742ca2b2-fcc5-434b-8f90-18c3a998ef8d", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--f21d7940-84a2-4d6f-acea-0a1ba19c21f7", "target_ref": "x-misp-object--90242e98-98ed-40e8-9354-ada828e137d2" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--4e09fb84-78ab-48fd-86e0-868ace4d277a", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--a307466f-d959-4593-8a29-4b0c830d5336", "target_ref": "x-misp-object--9be4f043-827a-403d-b10c-17d8337ffd5c" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--66411370-1f92-41c8-b014-9bb7e3b64296", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--d0e67cb3-b1e8-43e4-8c32-30ea97599b75", "target_ref": "x-misp-object--c79ef7b2-4efb-4db8-91c1-94370849b546" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--80f0b85d-50e5-4322-9185-a65070b59cb4", "created": "2020-06-09T06:02:27.000Z", "modified": "2020-06-09T06:02:27.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--21327aa5-00ae-4c4f-a5cb-5034b481dba1", "target_ref": "x-misp-object--0224c52a-1b8d-415b-bc81-fe6c122bb3cf" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--e04760c1-ba47-451c-b634-7360cf59bd08", "created": "2020-06-09T06:02:28.000Z", "modified": "2020-06-09T06:02:28.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--7920ef25-680a-4be9-92ce-01802b3c9e6a", "target_ref": "x-misp-object--096fa49e-5aec-4bcb-bb03-6676e3cd09f7" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--d962f432-152d-4cb5-827d-5626b22d17ad", "created": "2020-06-09T06:02:28.000Z", "modified": "2020-06-09T06:02:28.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--360da40a-d5bd-463b-a358-912d8b1cb32e", "target_ref": "x-misp-object--04f31345-2514-4ebc-810c-4fcf298a9dfc" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--c96eb45a-71d3-4fe1-9406-e4cc2d1a9767", "created": "2020-06-09T06:02:28.000Z", "modified": "2020-06-09T06:02:28.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--91caeb9c-8bcc-46c4-a2b1-967cb2ffc06b", "target_ref": "x-misp-object--16355c6c-5495-4128-b058-a75caffcc180" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--4d9317fb-c6de-4be1-8278-548667c64a11", "created": "2020-06-09T06:02:28.000Z", "modified": "2020-06-09T06:02:28.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--7ebe7237-c0c2-4b5a-990f-d772e7380a4a", "target_ref": "x-misp-object--772cbd68-b23c-43b2-83f6-d2e04fa9fb7a" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--313d025d-0355-4b69-bd32-16564e8a1300", "created": "2020-06-09T06:02:28.000Z", "modified": "2020-06-09T06:02:28.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--d65d8426-637a-4461-aef9-3aeee89fdb68", "target_ref": "x-misp-object--321df88e-3d1f-4c02-b568-f4150e216f6d" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--ccaa81cf-c490-4e45-b4a1-d2dfbcfc3402", "created": "2020-06-09T06:02:28.000Z", "modified": "2020-06-09T06:02:28.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--0cd3c477-a7f0-40d7-b4d3-1a66fcf454b6", "target_ref": "x-misp-object--43c340b7-1379-4812-a486-d88ce1f4a269" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--74565d0e-04f8-4f40-ae1b-7c1174cac870", "created": "2020-06-09T06:02:28.000Z", "modified": "2020-06-09T06:02:28.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--02ffe887-b7e7-4f22-8916-d0d09f027627", "target_ref": "x-misp-object--afc704d0-bc2b-4bdb-af7e-386697650f60" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--47467f69-844e-4b05-96f7-5dc1bec285d1", "created": "2020-06-09T06:02:28.000Z", "modified": "2020-06-09T06:02:28.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--efec214e-341d-48b8-a691-eb5323c6a65e", "target_ref": "x-misp-object--88c76c85-0992-446d-823d-ad812fa0e834" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--a5d02338-bc3d-4dc5-a5fd-2570aa352c10", "created": "2020-06-09T06:02:28.000Z", "modified": "2020-06-09T06:02:28.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--893e683a-d963-478a-81b8-515a607f26f9", "target_ref": "x-misp-object--cd256349-da15-4795-8859-39beae284bf5" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--2134f51b-2bce-4382-b9f9-2ff9386fac9e", "created": "2020-06-09T06:02:28.000Z", "modified": "2020-06-09T06:02:28.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--0fdf714c-00e3-4e05-be1d-8ea23d0ce8da", "target_ref": "x-misp-object--39d8757d-7d4f-4a82-b436-413099f5352c" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--682c9bd1-bfda-4103-85b4-d63397b44cfe", "created": "2020-06-09T06:02:28.000Z", "modified": "2020-06-09T06:02:28.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--3c6835b0-9345-4fa9-9dcc-a34ba656f9cd", "target_ref": "x-misp-object--d536dabc-5b89-47cf-a262-8c3ac457a884" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--a257de5e-afa3-43dd-8772-420762c37d35", "created": "2020-06-09T06:02:28.000Z", "modified": "2020-06-09T06:02:28.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--a84b79e3-bc00-4922-bd77-6960e5fad744", "target_ref": "x-misp-object--f90e7bfd-931b-4b4a-8037-9fba919341e6" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--ffa360fe-64ef-4948-bc51-3fe451158990", "created": "2020-06-09T06:02:28.000Z", "modified": "2020-06-09T06:02:28.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--7c7cd57a-b804-4dde-bded-f75c3e3cf6ae", "target_ref": "x-misp-object--11525246-c1d8-4d98-99ec-1951d92b8038" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--e4cac030-f56e-477f-9f77-e6455ca9b3ff", "created": "2020-06-09T06:02:28.000Z", "modified": "2020-06-09T06:02:28.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--073d8a2f-42d5-4382-b61c-5a758e00a5d6", "target_ref": "x-misp-object--66543bc6-fef9-4a42-9327-3ec832c746bc" }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }