{ "type": "bundle", "id": "bundle--5cacb081-1854-4035-acbc-4096950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:34.000Z", "modified": "2019-04-09T14:53:34.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--5cacb081-1854-4035-acbc-4096950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:34.000Z", "modified": "2019-04-09T14:53:34.000Z", "name": "OSINT - Mirai Compiled for New Processors Surfaces in the Wild", "published": "2019-04-09T14:54:04Z", "object_refs": [ "indicator--5cacb092-2ab0-4c03-9b7e-427d950d210f", "indicator--5cacb092-eae8-477b-8bfd-44eb950d210f", "indicator--5cacb092-8b44-4727-a24b-4f37950d210f", "indicator--5cacb092-dfd8-4b5d-a111-4cb6950d210f", "indicator--5cacb092-5308-44b2-b3d7-4fce950d210f", "indicator--5cacb092-e640-44c3-8a4c-4d74950d210f", "indicator--5cacb092-0e8c-47c6-9c76-43ae950d210f", "indicator--5cacb0a0-da90-4388-8e3a-4629950d210f", "indicator--5cacb0a0-55e4-459d-b37f-49d8950d210f", "indicator--5cacb0a0-0004-4e31-ad5f-4829950d210f", "indicator--5cacb0a0-d83c-414d-b500-4ccc950d210f", "indicator--5cacb0a0-0580-43b0-9646-4723950d210f", "indicator--5cacb0a0-5dbc-4d80-b9a3-48b5950d210f", "indicator--5cacb0a0-461c-4f4b-8908-4ec1950d210f", "indicator--5cacb0a0-00c8-43ec-af2e-4022950d210f", "indicator--5cacb0af-3dec-451d-a56a-4c90950d210f", "indicator--5cacb0af-f534-484b-b714-4072950d210f", "indicator--5cacb0af-3384-4735-beef-4d84950d210f", "indicator--5cacb0af-823c-4fa5-b5c3-4637950d210f", "indicator--5cacb0af-3518-4f11-b865-4fae950d210f", "indicator--5cacb0af-daec-4e16-b566-445c950d210f", "indicator--5cacb0af-fd54-474b-b2a5-486a950d210f", "indicator--5cacb0af-89b4-47cd-81b9-4180950d210f", "indicator--5cacb0af-7854-48cf-a3ce-4d00950d210f", "indicator--5cacb0af-233c-4797-b963-4c10950d210f", "indicator--5cacb0af-569c-4e62-8740-4833950d210f", "indicator--5cacb0af-a4f0-4040-ba9c-4816950d210f", "indicator--5cacb0af-729c-4027-818f-4c88950d210f", "indicator--5cacb0af-16a0-4006-bfac-4e6e950d210f", "indicator--5cacb0c0-cc98-4ca4-a94f-484a950d210f", "indicator--5cacb0c0-cbc0-473c-a8ba-4c37950d210f", "indicator--5cacb0c0-dc38-4436-9c13-42e7950d210f", "indicator--5cacb0c0-9148-4f8d-a324-4aae950d210f", "indicator--5cacb0c0-5274-4f59-86ea-4bba950d210f", "indicator--5cacb0c0-a2e0-4e05-9f43-46eb950d210f", "indicator--5cacb0c0-bed0-4c8e-a3b5-4fe7950d210f", "indicator--5cacb0c0-0dac-42be-bc13-410f950d210f", "indicator--5cacb0c0-7ee8-418b-92fb-4304950d210f", "indicator--5cacb0c0-1928-474d-ad59-40d2950d210f", "indicator--5cacb0c0-84ec-47d4-9eec-4c10950d210f", "indicator--5cacb0c0-c5b8-4b62-bd40-43de950d210f", "indicator--5cacb0c0-9e54-45a4-a8ce-49be950d210f", "indicator--5cacb0c0-3704-471e-99fe-43aa950d210f", "indicator--5cacb0c0-a3f4-4e70-bc39-4db1950d210f", "indicator--5cacb0c0-9b08-4cf0-ad80-4144950d210f", "indicator--5cacb0c0-63a8-4643-bbc1-4a91950d210f", "indicator--5cacb0c0-1af4-4984-aa83-4b10950d210f", "indicator--5cacb0c0-d36c-4c49-9f3b-4300950d210f", "indicator--5cacb0c0-2d9c-43cb-91cf-429b950d210f", "indicator--5cacb0e1-0414-411b-b1ac-4c92950d210f", "indicator--5cacb0e1-85bc-4131-95e0-4779950d210f", "indicator--5cacb0e1-786c-4147-b142-4bef950d210f", "indicator--5cacb0e1-6158-48f4-8fa7-4af9950d210f", "indicator--5cacb0e1-31a8-4b18-b798-489b950d210f", "observed-data--5cacb113-90c0-483e-ad66-449a950d210f", "url--5cacb113-90c0-483e-ad66-449a950d210f", "x-misp-attribute--5cacb123-ac18-4214-86b8-48ca950d210f", "vulnerability--5cacb17c-a0f0-4063-b721-1fd6950d210f", "vulnerability--5cacb17c-8378-43b1-a6dd-1fd6950d210f", "indicator--5cacb19b-aa84-4b1e-a70d-44a6950d210f", "indicator--4d6e3fee-7c21-49c4-ae5f-9cc8c2a51e0f", "x-misp-object--3c8f723c-33a7-49c2-93ba-1e85d049c50c", "indicator--f7d995da-6b74-46bd-a3bd-b216173f7ecd", "x-misp-object--08d445db-073c-4725-b822-4dc12152dc6d", "indicator--30d18426-8b6c-4bd7-9dbe-fe48578c0858", "x-misp-object--b65f158d-86b3-46ea-8e90-5aff73b83607", "indicator--b193159a-ffa2-487b-95c4-0d8243f8ad9c", "x-misp-object--032474ca-6510-4dde-8ed2-b9da5050112e", "indicator--71263d1f-4ce5-4dfd-8b98-22edc46918aa", "x-misp-object--5d7e98f1-3719-4c81-9fa8-0e8c5d58cc7a", "indicator--f520e3f7-1da0-4457-8f67-3515a31174bc", "x-misp-object--7fd6de13-43fb-46d7-a71c-3d7df2cb0667", "indicator--6a5f7378-218c-4ea3-a54d-c5767472ddb1", "x-misp-object--b8d2d6ad-e5e3-42a5-b950-1046b821f68f", "indicator--ccaa3b0c-b5e6-4536-9606-b56b08602015", "x-misp-object--298cf9d4-5927-4a83-abf4-b195c0b926a7", "indicator--e431dfa4-ace9-4c86-8348-47f0c41d5424", "x-misp-object--36cb190d-e9c4-4a68-a628-a79c96323f5a", "indicator--eaa5e596-0f6d-4ce1-aa4f-602720bd37ea", "x-misp-object--fe27f62d-2cb0-4d56-a1ea-30eebcf27b8a", "indicator--6d039067-955e-4e72-a631-e049cf35a77f", "x-misp-object--5349f3ce-b5d8-47d3-b28a-f01f5ca628d8", "indicator--906f4543-dd5e-40cb-83f5-6a30ad65a3bb", "x-misp-object--57817aa5-8715-40b2-9f08-795fff3f197c", "indicator--6e8a1137-4eeb-42f5-8b5b-30d6b8f325ef", "x-misp-object--b002923b-f027-4427-a79e-2802833d564d", "indicator--ba07517c-15ac-49e5-b2b6-c6bcc1573288", "x-misp-object--bd8d81c1-a0c1-46cc-b8e0-d6742f9b5bbb", "indicator--6360d4f6-e24c-4cce-869a-24ccd7f9c129", "x-misp-object--bc7587c2-e369-4c0c-b2d2-b05a4210bcf3", "indicator--4416ae3a-0659-4f4e-bc6e-5cff3da3130d", "x-misp-object--8bb6ab5a-d092-4bd3-8039-db1c1610653c", "indicator--382a6691-5e36-4d86-b0d8-5a04e43342fc", "x-misp-object--6ef3df89-54b3-4737-a303-bfd64e0ace0d", "indicator--6216369c-87cb-453b-931f-83a18954a135", "x-misp-object--4ec12cbe-898c-4ccc-8775-28e4e121d5db", "indicator--d8c1ba83-dbd0-4daa-9a16-4dc2465eab8a", "x-misp-object--92650226-7b52-4e62-be35-e3127a417cf0", "indicator--a4923d2f-c6ba-4228-883c-d93835435f9a", "x-misp-object--4ab686a6-fb66-492d-9bb1-487d10f99d09", "indicator--b7a2d065-ed7c-41c8-a2f9-e066c92afe89", "x-misp-object--ba0f4453-12d4-492f-90d2-b61e08f8e2d4", "indicator--b21504d6-8f09-420e-8dd4-4156c9fe6c4c", "x-misp-object--02c8cf93-3806-4e09-a801-830a0db3abf6", "indicator--37d88da7-8284-4bc6-9a6f-2cd49c1971cd", "x-misp-object--21b4521f-74e3-4b6d-90df-c30faad750de", "indicator--ceeb65b8-0b04-4166-b355-252b12391f98", "x-misp-object--657d45df-b4ba-4dd2-8762-43a8fd4487bf", "indicator--98ce3838-810e-49a0-a73c-2255aceb0b23", "x-misp-object--4304fa8d-bcc3-4596-b45b-92a1084f6e80", "indicator--8f46177b-5fad-4dff-bfe2-a64700c10f7a", "x-misp-object--6aa42e4d-4b31-4f21-a7c4-c7c2fb0a8c16", "indicator--0a1c567d-90f2-4bc1-b0b8-0f863fbd1a96", "x-misp-object--8d50aae1-1b2e-40ae-a3ca-c8f5280b0097", "indicator--9aa1e457-864e-45d3-8efb-3f767f69c7fe", "x-misp-object--676eeeaa-4548-47d8-9cb3-d5c7d0662245", "indicator--5ef45cc5-87ac-40c8-9769-90aeee950b48", "x-misp-object--3c601fd8-25f7-472c-aafb-61246bf050ab", "indicator--4bd0f4ab-1dd2-47c1-bc9e-cc984e224ed3", "x-misp-object--a14d1157-bb64-44aa-9a5d-4b078c397453", "indicator--7265f4d8-423f-4089-b8bf-61154434bbec", "x-misp-object--108baa35-aecc-436f-b100-d49c28ba513e", "indicator--48e16861-6796-4e02-88a7-79c2d7858609", "x-misp-object--0878ecdd-7b9e-44ad-b533-7a494082d77d", "indicator--2bc22de4-2a0d-4cb2-a9b3-eb4daec315b0", "x-misp-object--9c207223-e112-4cf8-8ee7-6a1d559a8423", "indicator--fa5e7f90-245b-4742-b7d0-2394fec51c85", "x-misp-object--73e039e4-7edb-4e20-a441-91746475ea90", "indicator--03c14a71-6d63-4b20-a22d-f00e5edce6c0", "x-misp-object--6cfcd770-a39a-4100-aa77-114a93d0d742", "indicator--b4ff969b-0790-4864-a6aa-4ee7b041f432", "x-misp-object--c98512db-97ea-4c11-ad77-ac0cda300412", "relationship--344c0d01-8e15-4f62-b061-c321a6643c2f", "relationship--770aa7de-c16d-4350-b38d-eb750bb721bc", "relationship--19812b4a-c0cb-4737-b7a7-c3c422dc8b3c", "relationship--2cb1dfac-87b2-4179-b724-c17ee162c367", "relationship--3b465958-8601-4d5b-9551-06bf3689b30a", "relationship--f7c8e864-fea4-437a-9948-ea6c5c29ca62", "relationship--24ca1957-1e5a-4f3b-93e3-38ddb2698290", "relationship--a7032277-eb6c-49cf-8f99-4fecb1bdc77a", "relationship--21cdc8ee-f1c6-4ef1-b1ca-47d45a1b60ee", "relationship--ee15e46d-227f-416f-94ca-129fa3ce595e", "relationship--62dc2765-fc24-46c3-b4b5-74f70100438d", "relationship--1e1ad1d0-701c-4d1a-a4fd-049d025d8778", "relationship--174bc9df-06a4-42fb-aab8-83bcfe0d83e9", "relationship--5db5813d-f4fa-47bc-bfd5-36cbd65ddd36", "relationship--6232ea45-43b3-4691-80b6-49ca4dfb98de", "relationship--c39679b6-3b58-4562-9710-e9175b9932b2", "relationship--437b3a7c-4e89-4ac9-9fa6-cbf35cc9f3e2", "relationship--a5863cbe-c745-4731-8cbd-1171628d1329", "relationship--6613de98-d4dd-4335-bc14-57fd6ffaa63a", "relationship--a70fb91f-8889-4dde-88a9-e3e29ab9c534", "relationship--48e54a93-e285-4cc8-8157-6a05d8271212", "relationship--7509efa6-741e-479b-b71d-6a3bb6a89a11", "relationship--394595d1-01a2-4eb0-8224-2d040123bca8", "relationship--b45ec65f-be58-40c2-ae08-5ddd29acb634", "relationship--95970c32-9c3b-4097-8b55-d22d94aedd0a", "relationship--c59c8d24-4c3d-4686-9588-3502f2e6245c", "relationship--1d1bf0a0-7a35-453c-9025-f10d31bc22d7", "relationship--0d3746cd-2253-4aaa-adf2-8ec13f7182d2", "relationship--61f76031-6702-4986-a51c-2f78ce2a1b58", "relationship--31da2c49-b5e2-4bf6-8db9-35303c48dcc5", "relationship--347236e2-6a71-4bf4-a075-bd1300db1745", "relationship--e9919b8a-0487-4ba6-8e2e-702e86201848", "relationship--d3fd3c0c-313c-472c-8133-ac16ee0557e5", "relationship--9f43bbc1-2455-4ff3-b919-99c30a803bb4", "relationship--caf77720-0753-4cf8-bbb5-da8ae9734d42", "relationship--803e75d6-456b-4a5f-b690-217bb34d662a" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "type:OSINT", "osint:lifetime=\"perpetual\"", "osint:certainty=\"50\"", "misp-galaxy:botnet=\"Mirai\"", "misp-galaxy:malpedia=\"Mirai\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb092-2ab0-4c03-9b7e-427d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:47:46.000Z", "modified": "2019-04-09T14:47:46.000Z", "description": "Altera Nios II Samples", "pattern": "[file:hashes.SHA256 = '0c35f2902d92ef4f46e4643d11c46bde57027bb14e2b75c027a50fe7efc4f358']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:47:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb092-eae8-477b-8bfd-44eb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:47:46.000Z", "modified": "2019-04-09T14:47:46.000Z", "description": "Altera Nios II Samples", "pattern": "[file:hashes.SHA256 = '3446c2ed11a6a5e02702afd5f7082eb435b2922096443cabd45d54b5b7582cc1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:47:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb092-8b44-4727-a24b-4f37950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:47:46.000Z", "modified": "2019-04-09T14:47:46.000Z", "description": "Altera Nios II Samples", "pattern": "[file:hashes.SHA256 = '48c760ba6b6a29e2a90bdb88bf96486c158f2b47ee9e1c560a47071e39bb5e87']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:47:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb092-dfd8-4b5d-a111-4cb6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:47:46.000Z", "modified": "2019-04-09T14:47:46.000Z", "description": "Altera Nios II Samples", "pattern": "[file:hashes.SHA256 = '5876c9ac609ece0e051c57b380489490bc78e40c796b637af1e80adbdb9f70dc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:47:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb092-5308-44b2-b3d7-4fce950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:47:46.000Z", "modified": "2019-04-09T14:47:46.000Z", "description": "Altera Nios II Samples", "pattern": "[file:hashes.SHA256 = 'a457090fb6df8cb93c91ec6b5d89927f7a6f9e247389d945d44731351a367b4e']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:47:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb092-e640-44c3-8a4c-4d74950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:47:46.000Z", "modified": "2019-04-09T14:47:46.000Z", "description": "Altera Nios II Samples", "pattern": "[file:hashes.SHA256 = 'ed5e313821bf3a20d226c1b5f2b0ba7f1897d0778c27620017b852579e3e1894']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:47:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb092-0e8c-47c6-9c76-43ae950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:47:46.000Z", "modified": "2019-04-09T14:47:46.000Z", "description": "Altera Nios II Samples", "pattern": "[file:hashes.SHA256 = 'fae498477388c53c8c623fd8ddb710cc286584200767907b104d55f916d37c05']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:47:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0a0-da90-4388-8e3a-4629950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:00.000Z", "modified": "2019-04-09T14:48:00.000Z", "description": "Tensilica Xtensa Samples", "pattern": "[file:hashes.SHA256 = '006436f282f46f49eb97c2e119622ac61086a908623ca741eb29caeca22c797a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0a0-55e4-459d-b37f-49d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:00.000Z", "modified": "2019-04-09T14:48:00.000Z", "description": "Tensilica Xtensa Samples", "pattern": "[file:hashes.SHA256 = '28bb80c687cb0aeea0b2d53dd5bf34f21f7292e5708b0aefeea25aebe2ff93af']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0a0-0004-4e31-ad5f-4829950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:00.000Z", "modified": "2019-04-09T14:48:00.000Z", "description": "Tensilica Xtensa Samples", "pattern": "[file:hashes.SHA256 = '5647168f9818dc40599d057c426424709bde5722c62088ecff64b97d3acfc4a7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0a0-d83c-414d-b500-4ccc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:00.000Z", "modified": "2019-04-09T14:48:00.000Z", "description": "Tensilica Xtensa Samples", "pattern": "[file:hashes.SHA256 = '57cc6875ae0c571ef1edaae72d82b0da6e60331ad4b3ad34c922b9e4612b8779']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0a0-0580-43b0-9646-4723950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:00.000Z", "modified": "2019-04-09T14:48:00.000Z", "description": "Tensilica Xtensa Samples", "pattern": "[file:hashes.SHA256 = '61893583675935ac7a4857542f13d513ffbb176b302a72d26d7ec39fd931decb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0a0-5dbc-4d80-b9a3-48b5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:00.000Z", "modified": "2019-04-09T14:48:00.000Z", "description": "Tensilica Xtensa Samples", "pattern": "[file:hashes.SHA256 = 'ac4a00bfe1031e19eb9a101d61ef5267627ebaeb2aca4b962c7bb1b5a59e337c']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0a0-461c-4f4b-8908-4ec1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:00.000Z", "modified": "2019-04-09T14:48:00.000Z", "description": "Tensilica Xtensa Samples", "pattern": "[file:hashes.SHA256 = 'b0cef399ea8ec2244aebb3506a2bb60c64c3921e816c0fc9752caf84c6cf196d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0a0-00c8-43ec-af2e-4022950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:00.000Z", "modified": "2019-04-09T14:48:00.000Z", "description": "Tensilica Xtensa Samples", "pattern": "[file:hashes.SHA256 = 'b5da0b6070d9cf3a3d628864e0f0860c8fc967ce692c0142f5a6dafee64079f6']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0af-3dec-451d-a56a-4c90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:15.000Z", "modified": "2019-04-09T14:48:15.000Z", "description": "OpenRISC Samples", "pattern": "[file:hashes.SHA256 = '09f8885872bc47e03608d6725f8735074c8b915ca08540e367921223058c108a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0af-f534-484b-b714-4072950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:15.000Z", "modified": "2019-04-09T14:48:15.000Z", "description": "OpenRISC Samples", "pattern": "[file:hashes.SHA256 = '199f1976cb5fb39a9c395a28e2178476b6eaec0f3499a5a11912f103dcd64d00']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0af-3384-4735-beef-4d84950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:15.000Z", "modified": "2019-04-09T14:48:15.000Z", "description": "OpenRISC Samples", "pattern": "[file:hashes.SHA256 = '1efdfc79d0c4b779966dfcae7d4f0a1f17f043e098ec0f90ff12a7ebc3c3f1f1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0af-823c-4fa5-b5c3-4637950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:15.000Z", "modified": "2019-04-09T14:48:15.000Z", "description": "OpenRISC Samples", "pattern": "[file:hashes.SHA256 = '24b4c838dd41c0d812f747e48cf24be4f2265bce8f1e4d0d8ca6a7fc5649019b']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0af-3518-4f11-b865-4fae950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:15.000Z", "modified": "2019-04-09T14:48:15.000Z", "description": "OpenRISC Samples", "pattern": "[file:hashes.SHA256 = '59b7a7baf4c239786fdf5ceca9084d829c6f6fc0603a524df313b2ef4958e4c2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0af-daec-4e16-b566-445c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:15.000Z", "modified": "2019-04-09T14:48:15.000Z", "description": "OpenRISC Samples", "pattern": "[file:hashes.SHA256 = '6183c7c87ff7cc3721c000af73714be27884a22057c4dc69bccd34571353f327']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0af-fd54-474b-b2a5-486a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:15.000Z", "modified": "2019-04-09T14:48:15.000Z", "description": "OpenRISC Samples", "pattern": "[file:hashes.SHA256 = '74a45ff17678e0bddf383b5229785dda04c515e778bc9421d9396168f1cf3c3d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0af-89b4-47cd-81b9-4180950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:15.000Z", "modified": "2019-04-09T14:48:15.000Z", "description": "OpenRISC Samples", "pattern": "[file:hashes.SHA256 = '76c9e543a0386994031b4905533eccd05400b3bb12fefc94f1eb65af5debe986']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0af-7854-48cf-a3ce-4d00950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:15.000Z", "modified": "2019-04-09T14:48:15.000Z", "description": "OpenRISC Samples", "pattern": "[file:hashes.SHA256 = 'b6359a84bd36a3ce8a13f1306ad74d757c384a772691c228c9a00a5246d828fa']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0af-233c-4797-b963-4c10950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:15.000Z", "modified": "2019-04-09T14:48:15.000Z", "description": "OpenRISC Samples", "pattern": "[file:hashes.SHA256 = 'b758405fd18c4518878868163472bcb4e988e4ecbc3312b9756d231b80646816']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0af-569c-4e62-8740-4833950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:15.000Z", "modified": "2019-04-09T14:48:15.000Z", "description": "OpenRISC Samples", "pattern": "[file:hashes.SHA256 = 'b89196b9773c6c809a2547434ce3e9de8a494ed7b338e013fd3f2818b4b54fd1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0af-a4f0-4040-ba9c-4816950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:15.000Z", "modified": "2019-04-09T14:48:15.000Z", "description": "OpenRISC Samples", "pattern": "[file:hashes.SHA256 = 'c33080bea85616fd1251f877cd9ff570dd6a2e2f24cc20254754cb2c74a2375e']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0af-729c-4027-818f-4c88950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:15.000Z", "modified": "2019-04-09T14:48:15.000Z", "description": "OpenRISC Samples", "pattern": "[file:hashes.SHA256 = 'd21880f4f919c410d0f2ee447716a2f7288dbaa21ec7de8601f0fc999b4d3d45']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0af-16a0-4006-bfac-4e6e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:15.000Z", "modified": "2019-04-09T14:48:15.000Z", "description": "OpenRISC Samples", "pattern": "[file:hashes.SHA256 = 'f646c45feb0ccab4caf61bdb4aa45b0295614b2e881ad9c594ccaec2ea886671']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0c0-cc98-4ca4-a94f-484a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:32.000Z", "modified": "2019-04-09T14:48:32.000Z", "description": "Xilinx MicroBlaze Samples", "pattern": "[file:hashes.SHA256 = '006b73c03760f168a5d71c0edd50e9a437aca7b3db1dbecac75ea2ef9e74f54f']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0c0-cbc0-473c-a8ba-4c37950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:32.000Z", "modified": "2019-04-09T14:48:32.000Z", "description": "Xilinx MicroBlaze Samples", "pattern": "[file:hashes.SHA256 = '233790b3a74245c4660cadec23145246484154abd01edd45836c31598f96b13d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0c0-dc38-4436-9c13-42e7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:32.000Z", "modified": "2019-04-09T14:48:32.000Z", "description": "Xilinx MicroBlaze Samples", "pattern": "[file:hashes.SHA256 = '26298ff73035ef2dc92cda118d476933d3014b39ac478865bd86d28aa5457459']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0c0-9148-4f8d-a324-4aae950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:32.000Z", "modified": "2019-04-09T14:48:32.000Z", "description": "Xilinx MicroBlaze Samples", "pattern": "[file:hashes.SHA256 = '2d7ed9ccd1b94f58aff30f7a7d798dd03b6a0f5bed2a529e1e13d8d78e9ae289']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0c0-5274-4f59-86ea-4bba950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:32.000Z", "modified": "2019-04-09T14:48:32.000Z", "description": "Xilinx MicroBlaze Samples", "pattern": "[file:hashes.SHA256 = '3891a82075bd173bb1e052c27f1be946559aaeb65e6a4c761ba8bbd2cbccd3fb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0c0-a2e0-4e05-9f43-46eb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:32.000Z", "modified": "2019-04-09T14:48:32.000Z", "description": "Xilinx MicroBlaze Samples", "pattern": "[file:hashes.SHA256 = '43c5efda1875fd809f97b49d296f34e1292ed86e5a4197460764fe67b98294ef']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0c0-bed0-4c8e-a3b5-4fe7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:32.000Z", "modified": "2019-04-09T14:48:32.000Z", "description": "Xilinx MicroBlaze Samples", "pattern": "[file:hashes.SHA256 = '44f1d6144df90adea1b7b482c84946257c9fb70a9c195a6846f416de80b5e6fd']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0c0-0dac-42be-bc13-410f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:32.000Z", "modified": "2019-04-09T14:48:32.000Z", "description": "Xilinx MicroBlaze Samples", "pattern": "[file:hashes.SHA256 = '4cb4c5cbf7eb646bdc08640f4f9e9a4383a9c7ac4e26be0caeb9dc904670c5bf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0c0-7ee8-418b-92fb-4304950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:32.000Z", "modified": "2019-04-09T14:48:32.000Z", "description": "Xilinx MicroBlaze Samples", "pattern": "[file:hashes.SHA256 = '4d8a4841a2f4a61ed6df2be79dd7ea1eb2052cee6eba4d8de30add7908ebb779']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0c0-1928-474d-ad59-40d2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:32.000Z", "modified": "2019-04-09T14:48:32.000Z", "description": "Xilinx MicroBlaze Samples", "pattern": "[file:hashes.SHA256 = '537c2d136a805fe1b703709b0794e25f91f2136027287fa4817080330c7989ce']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0c0-84ec-47d4-9eec-4c10950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:32.000Z", "modified": "2019-04-09T14:48:32.000Z", "description": "Xilinx MicroBlaze Samples", "pattern": "[file:hashes.SHA256 = '683b6f8209725ae0e715cda5a1cd35bcaacb5d45ae8e487c98dce2c01c91c887']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0c0-c5b8-4b62-bd40-43de950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:32.000Z", "modified": "2019-04-09T14:48:32.000Z", "description": "Xilinx MicroBlaze Samples", "pattern": "[file:hashes.SHA256 = '9b1eab0283fd6948a9a181abaa2f6b3c26f2b0077c8a8b32e763790dd64d2a22']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0c0-9e54-45a4-a8ce-49be950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:32.000Z", "modified": "2019-04-09T14:48:32.000Z", "description": "Xilinx MicroBlaze Samples", "pattern": "[file:hashes.SHA256 = 'a736d6ebf9596872f3c92ac486be2588ccf0c53cf15a3897a97c83ca1525ff8d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0c0-3704-471e-99fe-43aa950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:32.000Z", "modified": "2019-04-09T14:48:32.000Z", "description": "Xilinx MicroBlaze Samples", "pattern": "[file:hashes.SHA256 = 'a9dbcc2681d427f9820ca9c5ec120b9bf3e83c9856e89736884ee4dc26712e50']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0c0-a3f4-4e70-bc39-4db1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:32.000Z", "modified": "2019-04-09T14:48:32.000Z", "description": "Xilinx MicroBlaze Samples", "pattern": "[file:hashes.SHA256 = 'bdd19fa8a7c0e3a5ebbb14d5885cb09a863122ad2c78f53361db0c194045d491']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0c0-9b08-4cf0-ad80-4144950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:32.000Z", "modified": "2019-04-09T14:48:32.000Z", "description": "Xilinx MicroBlaze Samples", "pattern": "[file:hashes.SHA256 = 'c0f18a5113b341faacb9f647cee954a237925cc62d5daff559a8a880702273c1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0c0-63a8-4643-bbc1-4a91950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:32.000Z", "modified": "2019-04-09T14:48:32.000Z", "description": "Xilinx MicroBlaze Samples", "pattern": "[file:hashes.SHA256 = 'c75b3c52c0f5eebfd4c44c3069a393e824d455c7405d57ee99fd7613b8211b31']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0c0-1af4-4984-aa83-4b10950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:32.000Z", "modified": "2019-04-09T14:48:32.000Z", "description": "Xilinx MicroBlaze Samples", "pattern": "[file:hashes.SHA256 = 'd28d05477ddbb1e3de330e98a2cb199ed76df0d1c942c467c977c9b70771477a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0c0-d36c-4c49-9f3b-4300950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:32.000Z", "modified": "2019-04-09T14:48:32.000Z", "description": "Xilinx MicroBlaze Samples", "pattern": "[file:hashes.SHA256 = 'de6a0d2b8b4323bc06a6cd02b0042fc92c36319696dafafd057e905d359f60ea']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0c0-2d9c-43cb-91cf-429b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:48:32.000Z", "modified": "2019-04-09T14:48:32.000Z", "description": "Xilinx MicroBlaze Samples", "pattern": "[file:hashes.SHA256 = 'e740f780f2b91a41c5024115bbed607b0a75e52fcf4f96b86d0f8adda0c97ddf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0e1-0414-411b-b1ac-4c92950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:49:16.000Z", "modified": "2019-04-09T14:49:16.000Z", "pattern": "[url:value = '178.62.227.13/wrgjwrgjwrg246356356356/hmicroblazebe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:49:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0e1-85bc-4131-95e0-4779950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:49:28.000Z", "modified": "2019-04-09T14:49:28.000Z", "pattern": "[url:value = '178.62.227.13/wrgjwrgjwrg246356356356/hmicroblazeel']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:49:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0e1-786c-4147-b142-4bef950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:49:28.000Z", "modified": "2019-04-09T14:49:28.000Z", "pattern": "[url:value = '178.62.227.13/wrgjwrgjwrg246356356356/hnios2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:49:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0e1-6158-48f4-8fa7-4af9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:49:28.000Z", "modified": "2019-04-09T14:49:28.000Z", "pattern": "[url:value = '178.62.227.13/wrgjwrgjwrg246356356356/hopenrisc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:49:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb0e1-31a8-4b18-b798-489b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:49:28.000Z", "modified": "2019-04-09T14:49:28.000Z", "pattern": "[url:value = '178.62.227.13/wrgjwrgjwrg246356356356/hxtensa']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:49:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--5cacb113-90c0-483e-ad66-449a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:49:55.000Z", "modified": "2019-04-09T14:49:55.000Z", "first_observed": "2019-04-09T14:49:55Z", "last_observed": "2019-04-09T14:49:55Z", "number_observed": 1, "object_refs": [ "url--5cacb113-90c0-483e-ad66-449a950d210f" ], "labels": [ "misp:type=\"link\"", "misp:category=\"External analysis\"" ] }, { "type": "url", "spec_version": "2.1", "id": "url--5cacb113-90c0-483e-ad66-449a950d210f", "value": "https://unit42.paloaltonetworks.com/mirai-compiled-for-new-processor-surfaces/" }, { "type": "x-misp-attribute", "spec_version": "2.1", "id": "x-misp-attribute--5cacb123-ac18-4214-86b8-48ca950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:50:11.000Z", "modified": "2019-04-09T14:50:11.000Z", "labels": [ "misp:type=\"text\"", "misp:category=\"External analysis\"" ], "x_misp_category": "External analysis", "x_misp_type": "text", "x_misp_value": "In late February 2019, Unit 42 discovered Mirai samples compiled for new processors/architectures not previously seen before. Despite the source code being publicly released In October of 2016, the malware has, until now, only been found targeting a fixed set of processors/architectures.\r\n\r\nUnit 42 has found the newly discovered samples are compiled for Altera Nios II, OpenRISC, Tensilica Xtensa, and Xilinx MicroBlaze processors. This is not the first time Mirai has been expanded for new processor architectures, samples targeting ARC CPUs were discovered in January 2018. Yet this development shows that Mirai developers continue to actively innovate, targeting a growing array of IoT devices. The malware gained notoriety in 2016 for its use in massive denial of service attacks on Dyn and the website of security blogger Brian Krebs. If the latest innovations lead to an increase in the number of infected devices, that means that Mirai attackers would have access to additional firepower for use in denial of service attacks.\r\n\r\nIn this blog, we show the new features we\u00e2\u20ac\u2122ve found in these new samples, discuss the infrastructure we observed, show how other Mirai samples using known exploits were hosted on the same infrastructure as the new samples, and give indicators of compromise (IoCs) for these new samples.\r\n\r\nTo protect against Mirai and other threats, organizations should make securing their IoT devices with the latest updates and non-default passwords a priority." }, { "type": "vulnerability", "spec_version": "2.1", "id": "vulnerability--5cacb17c-a0f0-4063-b721-1fd6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:51:40.000Z", "modified": "2019-04-09T14:51:40.000Z", "name": "CVE-2014-8361", "labels": [ "misp:type=\"vulnerability\"", "misp:category=\"Payload delivery\"" ], "external_references": [ { "source_name": "cve", "external_id": "CVE-2014-8361" } ] }, { "type": "vulnerability", "spec_version": "2.1", "id": "vulnerability--5cacb17c-8378-43b1-a6dd-1fd6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:51:40.000Z", "modified": "2019-04-09T14:51:40.000Z", "name": "CVE-2017-17215", "labels": [ "misp:type=\"vulnerability\"", "misp:category=\"Payload delivery\"" ], "external_references": [ { "source_name": "cve", "external_id": "CVE-2017-17215" } ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5cacb19b-aa84-4b1e-a70d-44a6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:52:11.000Z", "modified": "2019-04-09T14:52:11.000Z", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.62.227.13']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:52:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--4d6e3fee-7c21-49c4-ae5f-9cc8c2a51e0f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:25.000Z", "modified": "2019-04-09T14:53:25.000Z", "pattern": "[file:hashes.MD5 = 'faa296969c2a02bcb4d810a13eb5c851' AND file:hashes.SHA1 = '0e19b991b88c8c53384fb3a0ac04653db8e6c29b' AND file:hashes.SHA256 = '44f1d6144df90adea1b7b482c84946257c9fb70a9c195a6846f416de80b5e6fd']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--3c8f723c-33a7-49c2-93ba-1e85d049c50c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:26.000Z", "modified": "2019-04-09T14:53:26.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:43", "category": "Other", "comment": "Xilinx MicroBlaze Samples", "uuid": "73fbcfe8-b315-424c-8f13-3ebebd0d29da" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/44f1d6144df90adea1b7b482c84946257c9fb70a9c195a6846f416de80b5e6fd/analysis/1554820723/", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "cef990fb-ed10-4ac1-8de5-f3dd99be4d7a" }, { "type": "text", "object_relation": "detection-ratio", "value": "27/57", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "06fc83ee-7be8-490d-9d49-79f16c3d18ba" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--f7d995da-6b74-46bd-a3bd-b216173f7ecd", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:26.000Z", "modified": "2019-04-09T14:53:26.000Z", "pattern": "[file:hashes.MD5 = 'db7d0b0918d8918a28ada67f2dc28d7e' AND file:hashes.SHA1 = 'a5583a253c1a2441439d93762563500e6a145e08' AND file:hashes.SHA256 = '537c2d136a805fe1b703709b0794e25f91f2136027287fa4817080330c7989ce']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--08d445db-073c-4725-b822-4dc12152dc6d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:26.000Z", "modified": "2019-04-09T14:53:26.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:43", "category": "Other", "comment": "Xilinx MicroBlaze Samples", "uuid": "11a6886f-371b-4c90-a19b-36ae205b473d" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/537c2d136a805fe1b703709b0794e25f91f2136027287fa4817080330c7989ce/analysis/1554820723/", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "968baca9-1027-4316-bb45-b9c041a78ada" }, { "type": "text", "object_relation": "detection-ratio", "value": "27/56", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "52b9e278-211e-4527-b57d-1c2df1246fa3" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--30d18426-8b6c-4bd7-9dbe-fe48578c0858", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:26.000Z", "modified": "2019-04-09T14:53:26.000Z", "pattern": "[file:hashes.MD5 = '28e21fc1cd115a22e461b66614e76726' AND file:hashes.SHA1 = '2db0b72452e9e676c03cb580c0bd8f128fa16349' AND file:hashes.SHA256 = 'e740f780f2b91a41c5024115bbed607b0a75e52fcf4f96b86d0f8adda0c97ddf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--b65f158d-86b3-46ea-8e90-5aff73b83607", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:26.000Z", "modified": "2019-04-09T14:53:26.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:48", "category": "Other", "comment": "Xilinx MicroBlaze Samples", "uuid": "2b7bdcc5-8354-4034-b97b-f609c0c8ec8d" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/e740f780f2b91a41c5024115bbed607b0a75e52fcf4f96b86d0f8adda0c97ddf/analysis/1554820728/", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "9d9ec46e-dfa0-4131-ac1c-e1a7ef6aab57" }, { "type": "text", "object_relation": "detection-ratio", "value": "26/55", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "f7f7b737-92a0-425a-8076-d821dae9fdf8" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b193159a-ffa2-487b-95c4-0d8243f8ad9c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:26.000Z", "modified": "2019-04-09T14:53:26.000Z", "pattern": "[file:hashes.MD5 = '5e687ed6f3887cabe76df9ff3bb55544' AND file:hashes.SHA1 = '3c8e5a63687573e83ef36ad36b1ed11ded782670' AND file:hashes.SHA256 = 'a736d6ebf9596872f3c92ac486be2588ccf0c53cf15a3897a97c83ca1525ff8d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--032474ca-6510-4dde-8ed2-b9da5050112e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:26.000Z", "modified": "2019-04-09T14:53:26.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:47", "category": "Other", "comment": "Xilinx MicroBlaze Samples", "uuid": "be28fdd4-91ce-4d89-86d8-41277d44fa1d" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/a736d6ebf9596872f3c92ac486be2588ccf0c53cf15a3897a97c83ca1525ff8d/analysis/1554820727/", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "b63dd06c-915d-45b5-8b8e-6c969f111e54" }, { "type": "text", "object_relation": "detection-ratio", "value": "26/55", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "921ca717-b58f-419d-bfc6-f502d1a089ef" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--71263d1f-4ce5-4dfd-8b98-22edc46918aa", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:26.000Z", "modified": "2019-04-09T14:53:26.000Z", "pattern": "[file:hashes.MD5 = 'd88dae330b75ea78e773e2467b07a449' AND file:hashes.SHA1 = '5a405e547f0070c65bec869f8e42c19277100c44' AND file:hashes.SHA256 = '28bb80c687cb0aeea0b2d53dd5bf34f21f7292e5708b0aefeea25aebe2ff93af']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--5d7e98f1-3719-4c81-9fa8-0e8c5d58cc7a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:27.000Z", "modified": "2019-04-09T14:53:27.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:44", "category": "Other", "comment": "Tensilica Xtensa Samples", "uuid": "ede52e54-04d2-4758-9540-c1f45d09b35e" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/28bb80c687cb0aeea0b2d53dd5bf34f21f7292e5708b0aefeea25aebe2ff93af/analysis/1554820724/", "category": "Payload delivery", "comment": "Tensilica Xtensa Samples", "uuid": "05ebcbf9-2914-40c1-b083-7b70f091e9a5" }, { "type": "text", "object_relation": "detection-ratio", "value": "26/55", "category": "Payload delivery", "comment": "Tensilica Xtensa Samples", "uuid": "d3b485ad-00f0-477d-a050-78707dc34a74" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--f520e3f7-1da0-4457-8f67-3515a31174bc", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:27.000Z", "modified": "2019-04-09T14:53:27.000Z", "pattern": "[file:hashes.MD5 = '68474973ee4e95a5316e2c038b4f1b76' AND file:hashes.SHA1 = '4f25dd20f320f4737369535e18a1ddd6b144f582' AND file:hashes.SHA256 = '5647168f9818dc40599d057c426424709bde5722c62088ecff64b97d3acfc4a7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--7fd6de13-43fb-46d7-a71c-3d7df2cb0667", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:27.000Z", "modified": "2019-04-09T14:53:27.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:44", "category": "Other", "comment": "Tensilica Xtensa Samples", "uuid": "ee7b9358-d974-438b-a2db-0aa98329a899" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/5647168f9818dc40599d057c426424709bde5722c62088ecff64b97d3acfc4a7/analysis/1554820724/", "category": "Payload delivery", "comment": "Tensilica Xtensa Samples", "uuid": "06e4ca20-4ec3-4452-a467-0beb1719f2c9" }, { "type": "text", "object_relation": "detection-ratio", "value": "25/56", "category": "Payload delivery", "comment": "Tensilica Xtensa Samples", "uuid": "7a607e73-86da-45da-8032-7f318678583b" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6a5f7378-218c-4ea3-a54d-c5767472ddb1", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:27.000Z", "modified": "2019-04-09T14:53:27.000Z", "pattern": "[file:hashes.MD5 = 'b93e64100d422a1e1bd2c857d04d16d9' AND file:hashes.SHA1 = '9f54db846bff49c5467ed03c583a851d882f930a' AND file:hashes.SHA256 = 'b5da0b6070d9cf3a3d628864e0f0860c8fc967ce692c0142f5a6dafee64079f6']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--b8d2d6ad-e5e3-42a5-b950-1046b821f68f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:27.000Z", "modified": "2019-04-09T14:53:27.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:45", "category": "Other", "comment": "Tensilica Xtensa Samples", "uuid": "7c7097dc-7c52-48be-8ef6-3e430f924a3a" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/b5da0b6070d9cf3a3d628864e0f0860c8fc967ce692c0142f5a6dafee64079f6/analysis/1554820725/", "category": "Payload delivery", "comment": "Tensilica Xtensa Samples", "uuid": "ef14212c-5ae7-4d28-8f08-7ad47b711b5d" }, { "type": "text", "object_relation": "detection-ratio", "value": "26/57", "category": "Payload delivery", "comment": "Tensilica Xtensa Samples", "uuid": "5acef96f-3e25-4bd6-a96f-f35eb4498f48" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--ccaa3b0c-b5e6-4536-9606-b56b08602015", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:27.000Z", "modified": "2019-04-09T14:53:27.000Z", "pattern": "[file:hashes.MD5 = '9c691e5f7d2a0f99b0e9bce04e9f89f9' AND file:hashes.SHA1 = '2f63f5e91a43b3377ec703ee71b686f738fd3075' AND file:hashes.SHA256 = 'f646c45feb0ccab4caf61bdb4aa45b0295614b2e881ad9c594ccaec2ea886671']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--298cf9d4-5927-4a83-abf4-b195c0b926a7", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:27.000Z", "modified": "2019-04-09T14:53:27.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:49", "category": "Other", "comment": "OpenRISC Samples", "uuid": "2269aa19-cffa-476b-9500-10099866f819" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/f646c45feb0ccab4caf61bdb4aa45b0295614b2e881ad9c594ccaec2ea886671/analysis/1554820729/", "category": "Payload delivery", "comment": "OpenRISC Samples", "uuid": "25cd2265-baed-432e-b1dc-9e388a86dc73" }, { "type": "text", "object_relation": "detection-ratio", "value": "26/57", "category": "Payload delivery", "comment": "OpenRISC Samples", "uuid": "d42b4f59-5a9e-413a-afdf-194dcc3b6d3a" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--e431dfa4-ace9-4c86-8348-47f0c41d5424", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:27.000Z", "modified": "2019-04-09T14:53:27.000Z", "pattern": "[file:hashes.MD5 = '96bcf6a954e4a09013aafcfd1613d3c1' AND file:hashes.SHA1 = 'f745cabbabe6bc0b94edb282f23ceae43687ac9d' AND file:hashes.SHA256 = '43c5efda1875fd809f97b49d296f34e1292ed86e5a4197460764fe67b98294ef']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--36cb190d-e9c4-4a68-a628-a79c96323f5a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:27.000Z", "modified": "2019-04-09T14:53:27.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:42", "category": "Other", "comment": "Xilinx MicroBlaze Samples", "uuid": "5f5f84bf-3939-4436-b488-895e354ed150" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/43c5efda1875fd809f97b49d296f34e1292ed86e5a4197460764fe67b98294ef/analysis/1554820722/", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "2143807d-9289-4f40-a9b7-eee165f261e9" }, { "type": "text", "object_relation": "detection-ratio", "value": "23/56", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "f3981f91-a741-4363-83f5-67372127ee89" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--eaa5e596-0f6d-4ce1-aa4f-602720bd37ea", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:27.000Z", "modified": "2019-04-09T14:53:27.000Z", "pattern": "[file:hashes.MD5 = '030d0ed66c1976cbfebe1f2f77e185b9' AND file:hashes.SHA1 = '62e043ab97411660ead3ab107d31cf36e7f7cc6a' AND file:hashes.SHA256 = '26298ff73035ef2dc92cda118d476933d3014b39ac478865bd86d28aa5457459']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--fe27f62d-2cb0-4d56-a1ea-30eebcf27b8a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:27.000Z", "modified": "2019-04-09T14:53:27.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:44", "category": "Other", "comment": "Xilinx MicroBlaze Samples", "uuid": "6a26bbe5-6e2a-4c57-9caf-1d9e2bcf49c7" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/26298ff73035ef2dc92cda118d476933d3014b39ac478865bd86d28aa5457459/analysis/1554820724/", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "8649496d-2958-4073-95d3-2c6775e46e3c" }, { "type": "text", "object_relation": "detection-ratio", "value": "28/58", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "393098d7-6be0-4396-b020-8c93d6484d00" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6d039067-955e-4e72-a631-e049cf35a77f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:28.000Z", "modified": "2019-04-09T14:53:28.000Z", "pattern": "[file:hashes.MD5 = '070923d033e0f0df5a346f95ef213603' AND file:hashes.SHA1 = 'dc1a187834113a8282bb508ecc491b3a5228df87' AND file:hashes.SHA256 = 'b6359a84bd36a3ce8a13f1306ad74d757c384a772691c228c9a00a5246d828fa']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--5349f3ce-b5d8-47d3-b28a-f01f5ca628d8", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:28.000Z", "modified": "2019-04-09T14:53:28.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:45", "category": "Other", "comment": "OpenRISC Samples", "uuid": "ca07c1a1-7a95-482b-ad31-1b9039796701" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/b6359a84bd36a3ce8a13f1306ad74d757c384a772691c228c9a00a5246d828fa/analysis/1554820725/", "category": "Payload delivery", "comment": "OpenRISC Samples", "uuid": "5b8cd520-b5c5-4a44-b5f2-92d4e7409f2e" }, { "type": "text", "object_relation": "detection-ratio", "value": "24/58", "category": "Payload delivery", "comment": "OpenRISC Samples", "uuid": "41d7af15-4288-4e2b-8b30-4c451551dd26" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--906f4543-dd5e-40cb-83f5-6a30ad65a3bb", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:28.000Z", "modified": "2019-04-09T14:53:28.000Z", "pattern": "[file:hashes.MD5 = '1b31128247d016ce5607b05c0f834d37' AND file:hashes.SHA1 = '7f39e85c750bc6a04295c8edec05d279ae7abf4a' AND file:hashes.SHA256 = 'd28d05477ddbb1e3de330e98a2cb199ed76df0d1c942c467c977c9b70771477a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--57817aa5-8715-40b2-9f08-795fff3f197c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:28.000Z", "modified": "2019-04-09T14:53:28.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:47", "category": "Other", "comment": "Xilinx MicroBlaze Samples", "uuid": "f3e27b5a-2196-4609-8ad4-a028d15ead31" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/d28d05477ddbb1e3de330e98a2cb199ed76df0d1c942c467c977c9b70771477a/analysis/1554820727/", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "086c032d-d09e-4d40-a384-da1bbb3b1d3f" }, { "type": "text", "object_relation": "detection-ratio", "value": "24/56", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "2215e1c4-0b33-4ed6-9dfb-1568fd71528a" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6e8a1137-4eeb-42f5-8b5b-30d6b8f325ef", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:28.000Z", "modified": "2019-04-09T14:53:28.000Z", "pattern": "[file:hashes.MD5 = 'c0736037b15f55e27bbdbd5ec15d1546' AND file:hashes.SHA1 = '541adaf3c110d45eb40c7856ed08c134eb22de38' AND file:hashes.SHA256 = '199f1976cb5fb39a9c395a28e2178476b6eaec0f3499a5a11912f103dcd64d00']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--b002923b-f027-4427-a79e-2802833d564d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:28.000Z", "modified": "2019-04-09T14:53:28.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:43", "category": "Other", "comment": "OpenRISC Samples", "uuid": "6c5d257d-be36-426d-9928-f6db85734d39" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/199f1976cb5fb39a9c395a28e2178476b6eaec0f3499a5a11912f103dcd64d00/analysis/1554820723/", "category": "Payload delivery", "comment": "OpenRISC Samples", "uuid": "387ad1df-153a-4def-a115-56aacc343a51" }, { "type": "text", "object_relation": "detection-ratio", "value": "22/57", "category": "Payload delivery", "comment": "OpenRISC Samples", "uuid": "2ebba7ee-205c-4153-8b88-b928f3803e5e" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--ba07517c-15ac-49e5-b2b6-c6bcc1573288", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:28.000Z", "modified": "2019-04-09T14:53:28.000Z", "pattern": "[file:hashes.MD5 = '19a44645ccdfefb3e0476209127e5df0' AND file:hashes.SHA1 = '7ad84ff53ad50d6c440c29f5fe0dc3cf68ac6fca' AND file:hashes.SHA256 = '4cb4c5cbf7eb646bdc08640f4f9e9a4383a9c7ac4e26be0caeb9dc904670c5bf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--bd8d81c1-a0c1-46cc-b8e0-d6742f9b5bbb", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:28.000Z", "modified": "2019-04-09T14:53:28.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:43", "category": "Other", "comment": "Xilinx MicroBlaze Samples", "uuid": "6524b670-33b8-45f4-9235-7a3f8d9db7b3" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/4cb4c5cbf7eb646bdc08640f4f9e9a4383a9c7ac4e26be0caeb9dc904670c5bf/analysis/1554820723/", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "b0b50ff4-fdd4-4a6a-b842-a9c6eb7e6fda" }, { "type": "text", "object_relation": "detection-ratio", "value": "28/58", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "7cd8cfea-f848-4995-85d5-f4124e53e7d5" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6360d4f6-e24c-4cce-869a-24ccd7f9c129", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:28.000Z", "modified": "2019-04-09T14:53:28.000Z", "pattern": "[file:hashes.MD5 = '8872577b174b01ddffa596506664b87d' AND file:hashes.SHA1 = '814df5ac6c3f29be1f969c9cb4009d6692ac1ee7' AND file:hashes.SHA256 = '1efdfc79d0c4b779966dfcae7d4f0a1f17f043e098ec0f90ff12a7ebc3c3f1f1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--bc7587c2-e369-4c0c-b2d2-b05a4210bcf3", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:28.000Z", "modified": "2019-04-09T14:53:28.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:43", "category": "Other", "comment": "OpenRISC Samples", "uuid": "e42d9432-f81f-47db-b20e-e9aead7b58f9" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/1efdfc79d0c4b779966dfcae7d4f0a1f17f043e098ec0f90ff12a7ebc3c3f1f1/analysis/1554820723/", "category": "Payload delivery", "comment": "OpenRISC Samples", "uuid": "615eace1-018e-46f6-9c7a-cb0eb59da72e" }, { "type": "text", "object_relation": "detection-ratio", "value": "23/56", "category": "Payload delivery", "comment": "OpenRISC Samples", "uuid": "d0fa0cd7-1e9c-4d9a-951f-4a58e20367e1" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--4416ae3a-0659-4f4e-bc6e-5cff3da3130d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:28.000Z", "modified": "2019-04-09T14:53:28.000Z", "pattern": "[file:hashes.MD5 = 'cf3c7438a29291d9f09d655037552558' AND file:hashes.SHA1 = 'fcf643feda4e1d14cffd25cde62dc83a613f67f3' AND file:hashes.SHA256 = '3446c2ed11a6a5e02702afd5f7082eb435b2922096443cabd45d54b5b7582cc1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--8bb6ab5a-d092-4bd3-8039-db1c1610653c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:29.000Z", "modified": "2019-04-09T14:53:29.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:41", "category": "Other", "comment": "Altera Nios II Samples", "uuid": "32190af8-f097-4a30-9b79-b674f20725ce" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/3446c2ed11a6a5e02702afd5f7082eb435b2922096443cabd45d54b5b7582cc1/analysis/1554820721/", "category": "Payload delivery", "comment": "Altera Nios II Samples", "uuid": "08bfb991-109b-4bee-8ceb-a3ae0e6115e9" }, { "type": "text", "object_relation": "detection-ratio", "value": "23/56", "category": "Payload delivery", "comment": "Altera Nios II Samples", "uuid": "bf6b88b8-4a51-4bda-a87c-55cced3494f2" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--382a6691-5e36-4d86-b0d8-5a04e43342fc", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:29.000Z", "modified": "2019-04-09T14:53:29.000Z", "pattern": "[file:hashes.MD5 = '527763edafc92a32f427a75885e8e093' AND file:hashes.SHA1 = '9eb84bfc2d7f690934db9927b9fffe08eddd61af' AND file:hashes.SHA256 = 'ed5e313821bf3a20d226c1b5f2b0ba7f1897d0778c27620017b852579e3e1894']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--6ef3df89-54b3-4737-a303-bfd64e0ace0d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:29.000Z", "modified": "2019-04-09T14:53:29.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:49", "category": "Other", "comment": "Altera Nios II Samples", "uuid": "8560e62f-373b-48e4-bfb7-01885093c8b8" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/ed5e313821bf3a20d226c1b5f2b0ba7f1897d0778c27620017b852579e3e1894/analysis/1554820729/", "category": "Payload delivery", "comment": "Altera Nios II Samples", "uuid": "3091c506-d4de-4985-b9a0-0c0146a064b8" }, { "type": "text", "object_relation": "detection-ratio", "value": "21/57", "category": "Payload delivery", "comment": "Altera Nios II Samples", "uuid": "d4641149-8302-4d2f-b1ab-1aca7286924b" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6216369c-87cb-453b-931f-83a18954a135", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:29.000Z", "modified": "2019-04-09T14:53:29.000Z", "pattern": "[file:hashes.MD5 = 'ea26a487f8fe99b4e4faecbc258ae98b' AND file:hashes.SHA1 = 'c6911cd070dc46098b9acffeb834e639ae54fb5f' AND file:hashes.SHA256 = 'ac4a00bfe1031e19eb9a101d61ef5267627ebaeb2aca4b962c7bb1b5a59e337c']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--4ec12cbe-898c-4ccc-8775-28e4e121d5db", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:29.000Z", "modified": "2019-04-09T14:53:29.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:47", "category": "Other", "comment": "Tensilica Xtensa Samples", "uuid": "6ffa46ce-4e75-438b-a2db-08aeed47304a" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/ac4a00bfe1031e19eb9a101d61ef5267627ebaeb2aca4b962c7bb1b5a59e337c/analysis/1554820727/", "category": "Payload delivery", "comment": "Tensilica Xtensa Samples", "uuid": "1f4bcd4d-b4ae-4c2a-aff6-91c4b5f0e1f4" }, { "type": "text", "object_relation": "detection-ratio", "value": "28/57", "category": "Payload delivery", "comment": "Tensilica Xtensa Samples", "uuid": "a1f2cf55-f43b-4ec1-803a-f34a4f4239cc" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--d8c1ba83-dbd0-4daa-9a16-4dc2465eab8a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:29.000Z", "modified": "2019-04-09T14:53:29.000Z", "pattern": "[file:hashes.MD5 = '9c6346e59864c0163d0baa262834e925' AND file:hashes.SHA1 = '13ea794313be45e63704c665e61a515c3f7651e3' AND file:hashes.SHA256 = '006b73c03760f168a5d71c0edd50e9a437aca7b3db1dbecac75ea2ef9e74f54f']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--92650226-7b52-4e62-be35-e3127a417cf0", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:29.000Z", "modified": "2019-04-09T14:53:29.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:42", "category": "Other", "comment": "Xilinx MicroBlaze Samples", "uuid": "13ad6dbb-a89b-4bf3-aa22-ecd56317f930" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/006b73c03760f168a5d71c0edd50e9a437aca7b3db1dbecac75ea2ef9e74f54f/analysis/1554820722/", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "53db994f-8d24-4a61-9780-cfc1b1aac376" }, { "type": "text", "object_relation": "detection-ratio", "value": "26/59", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "ba4b44ae-999b-44aa-ba37-dbdfd892b0a8" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--a4923d2f-c6ba-4228-883c-d93835435f9a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:29.000Z", "modified": "2019-04-09T14:53:29.000Z", "pattern": "[file:hashes.MD5 = 'cb015741bccea90fa250fed01f694c6e' AND file:hashes.SHA1 = '9b772e05b7e0a8314547530984a50b311e8b7693' AND file:hashes.SHA256 = 'c33080bea85616fd1251f877cd9ff570dd6a2e2f24cc20254754cb2c74a2375e']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--4ab686a6-fb66-492d-9bb1-487d10f99d09", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:29.000Z", "modified": "2019-04-09T14:53:29.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:46", "category": "Other", "comment": "OpenRISC Samples", "uuid": "14e96d42-09ba-4c7d-936d-5c17b1365f4f" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/c33080bea85616fd1251f877cd9ff570dd6a2e2f24cc20254754cb2c74a2375e/analysis/1554820726/", "category": "Payload delivery", "comment": "OpenRISC Samples", "uuid": "75228b11-c8f2-4ad7-b77b-5846519818f8" }, { "type": "text", "object_relation": "detection-ratio", "value": "26/58", "category": "Payload delivery", "comment": "OpenRISC Samples", "uuid": "ed573984-b2ed-4f13-ae2d-15c11c863f09" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b7a2d065-ed7c-41c8-a2f9-e066c92afe89", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:29.000Z", "modified": "2019-04-09T14:53:29.000Z", "pattern": "[file:hashes.MD5 = '573e72820acb518fe1b46b32a012f221' AND file:hashes.SHA1 = '2a9bc043794f45264f9f286f5f5bd5cc1aeffa5c' AND file:hashes.SHA256 = '76c9e543a0386994031b4905533eccd05400b3bb12fefc94f1eb65af5debe986']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--ba0f4453-12d4-492f-90d2-b61e08f8e2d4", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:30.000Z", "modified": "2019-04-09T14:53:30.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:44", "category": "Other", "comment": "OpenRISC Samples", "uuid": "70ad2cc3-a9d6-4f77-82fe-f528c3211f58" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/76c9e543a0386994031b4905533eccd05400b3bb12fefc94f1eb65af5debe986/analysis/1554820724/", "category": "Payload delivery", "comment": "OpenRISC Samples", "uuid": "3dccb504-908a-478c-af00-c40d4c69759d" }, { "type": "text", "object_relation": "detection-ratio", "value": "24/56", "category": "Payload delivery", "comment": "OpenRISC Samples", "uuid": "a3bb6ac8-c3b4-4f33-ac97-c846f0cfb115" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b21504d6-8f09-420e-8dd4-4156c9fe6c4c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:30.000Z", "modified": "2019-04-09T14:53:30.000Z", "pattern": "[file:hashes.MD5 = '28799a1fe00f26f9ae1a6392a2654996' AND file:hashes.SHA1 = 'e1cedd589eb9731d1494c12f90b8e98a352d6d96' AND file:hashes.SHA256 = '24b4c838dd41c0d812f747e48cf24be4f2265bce8f1e4d0d8ca6a7fc5649019b']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--02c8cf93-3806-4e09-a801-830a0db3abf6", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:30.000Z", "modified": "2019-04-09T14:53:30.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:44", "category": "Other", "comment": "OpenRISC Samples", "uuid": "1b14f5ce-e48d-411b-9cca-3b033b21a4b7" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/24b4c838dd41c0d812f747e48cf24be4f2265bce8f1e4d0d8ca6a7fc5649019b/analysis/1554820724/", "category": "Payload delivery", "comment": "OpenRISC Samples", "uuid": "225285c5-006e-4e54-8460-28f27b8bc971" }, { "type": "text", "object_relation": "detection-ratio", "value": "21/55", "category": "Payload delivery", "comment": "OpenRISC Samples", "uuid": "d275400b-f6ee-4ae6-906d-3fd2be62d323" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--37d88da7-8284-4bc6-9a6f-2cd49c1971cd", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:30.000Z", "modified": "2019-04-09T14:53:30.000Z", "pattern": "[file:hashes.MD5 = '77899a6d69e23c18af5fc14605721bc1' AND file:hashes.SHA1 = '0ca2571aba52784af096ee6e5eaeced29b4746de' AND file:hashes.SHA256 = 'b0cef399ea8ec2244aebb3506a2bb60c64c3921e816c0fc9752caf84c6cf196d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--21b4521f-74e3-4b6d-90df-c30faad750de", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:30.000Z", "modified": "2019-04-09T14:53:30.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:47", "category": "Other", "comment": "Tensilica Xtensa Samples", "uuid": "99d66389-79a1-47db-b88f-fd46b426e489" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/b0cef399ea8ec2244aebb3506a2bb60c64c3921e816c0fc9752caf84c6cf196d/analysis/1554820727/", "category": "Payload delivery", "comment": "Tensilica Xtensa Samples", "uuid": "87480978-ba55-46d2-9b34-25bdafcb1ecb" }, { "type": "text", "object_relation": "detection-ratio", "value": "26/55", "category": "Payload delivery", "comment": "Tensilica Xtensa Samples", "uuid": "60a3e7b9-df18-439e-be34-9a82f238e3fc" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--ceeb65b8-0b04-4166-b355-252b12391f98", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:30.000Z", "modified": "2019-04-09T14:53:30.000Z", "pattern": "[file:hashes.MD5 = '3f7ba91642d882085ff753ffc118681e' AND file:hashes.SHA1 = '542028b60e014d5ce4f20d63fa47690d2bad6d66' AND file:hashes.SHA256 = '5876c9ac609ece0e051c57b380489490bc78e40c796b637af1e80adbdb9f70dc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--657d45df-b4ba-4dd2-8762-43a8fd4487bf", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:30.000Z", "modified": "2019-04-09T14:53:30.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:41", "category": "Other", "comment": "Altera Nios II Samples", "uuid": "4a1f7a0a-34a5-4bc4-abeb-ea63d7569649" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/5876c9ac609ece0e051c57b380489490bc78e40c796b637af1e80adbdb9f70dc/analysis/1554820721/", "category": "Payload delivery", "comment": "Altera Nios II Samples", "uuid": "d1fa976e-5a91-4830-8a93-0eb11de57573" }, { "type": "text", "object_relation": "detection-ratio", "value": "27/59", "category": "Payload delivery", "comment": "Altera Nios II Samples", "uuid": "35cca4c8-11f1-4b9f-8e23-eb0abb77b398" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--98ce3838-810e-49a0-a73c-2255aceb0b23", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:30.000Z", "modified": "2019-04-09T14:53:30.000Z", "pattern": "[file:hashes.MD5 = '8ffd76166a1c5a3f2c5439716971e226' AND file:hashes.SHA1 = '7ea7c61fa70a0526e655ec9893e8df4889b981ee' AND file:hashes.SHA256 = '74a45ff17678e0bddf383b5229785dda04c515e778bc9421d9396168f1cf3c3d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--4304fa8d-bcc3-4596-b45b-92a1084f6e80", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:30.000Z", "modified": "2019-04-09T14:53:30.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:44", "category": "Other", "comment": "OpenRISC Samples", "uuid": "3620a9c2-7335-412c-ae00-6fcd135422a9" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/74a45ff17678e0bddf383b5229785dda04c515e778bc9421d9396168f1cf3c3d/analysis/1554820724/", "category": "Payload delivery", "comment": "OpenRISC Samples", "uuid": "32b8a7c6-0078-4014-81d1-7927b3625296" }, { "type": "text", "object_relation": "detection-ratio", "value": "21/57", "category": "Payload delivery", "comment": "OpenRISC Samples", "uuid": "62dc6312-cb75-47c1-8978-045a7e7342a9" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--8f46177b-5fad-4dff-bfe2-a64700c10f7a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:30.000Z", "modified": "2019-04-09T14:53:30.000Z", "pattern": "[file:hashes.MD5 = 'fadf704bcfc51bb5b124fe9ea46eec5c' AND file:hashes.SHA1 = '1ef3873cd6297568bc3670e86cc78c4ed877e4d9' AND file:hashes.SHA256 = '683b6f8209725ae0e715cda5a1cd35bcaacb5d45ae8e487c98dce2c01c91c887']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--6aa42e4d-4b31-4f21-a7c4-c7c2fb0a8c16", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:31.000Z", "modified": "2019-04-09T14:53:31.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:43", "category": "Other", "comment": "Xilinx MicroBlaze Samples", "uuid": "4bdc2e50-a2a8-4867-9d1a-c98f9b552d5f" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/683b6f8209725ae0e715cda5a1cd35bcaacb5d45ae8e487c98dce2c01c91c887/analysis/1554820723/", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "c82397ad-5b64-4c0f-946a-ffc2b414e736" }, { "type": "text", "object_relation": "detection-ratio", "value": "26/55", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "1435ff7f-0d6e-4e3a-a5a8-da17a7fb2a61" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--0a1c567d-90f2-4bc1-b0b8-0f863fbd1a96", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:31.000Z", "modified": "2019-04-09T14:53:31.000Z", "pattern": "[file:hashes.MD5 = 'ff4a49b6dce2d03f28fc8f7646139588' AND file:hashes.SHA1 = 'd3774ca0bf2817ffe1c3fb1781e7836e35488af2' AND file:hashes.SHA256 = 'a9dbcc2681d427f9820ca9c5ec120b9bf3e83c9856e89736884ee4dc26712e50']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--8d50aae1-1b2e-40ae-a3ca-c8f5280b0097", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:31.000Z", "modified": "2019-04-09T14:53:31.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:47", "category": "Other", "comment": "Xilinx MicroBlaze Samples", "uuid": "c6c7b55e-5ee7-4eed-91f0-8722fc996422" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/a9dbcc2681d427f9820ca9c5ec120b9bf3e83c9856e89736884ee4dc26712e50/analysis/1554820727/", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "96c1f0bb-004f-4929-b0fb-917be0e536ff" }, { "type": "text", "object_relation": "detection-ratio", "value": "22/57", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "02597b74-98de-4382-a76c-f40c701f0553" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--9aa1e457-864e-45d3-8efb-3f767f69c7fe", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:31.000Z", "modified": "2019-04-09T14:53:31.000Z", "pattern": "[file:hashes.MD5 = 'b34a5819d7f76c7c2b7402682be2afdf' AND file:hashes.SHA1 = '223f48a513ec2626941aa92c65f52083b088076c' AND file:hashes.SHA256 = '59b7a7baf4c239786fdf5ceca9084d829c6f6fc0603a524df313b2ef4958e4c2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--676eeeaa-4548-47d8-9cb3-d5c7d0662245", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:32.000Z", "modified": "2019-04-09T14:53:32.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:41", "category": "Other", "comment": "OpenRISC Samples", "uuid": "32e3a138-d2a5-4e4b-9b33-27b4226f4b33" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/59b7a7baf4c239786fdf5ceca9084d829c6f6fc0603a524df313b2ef4958e4c2/analysis/1554820721/", "category": "Payload delivery", "comment": "OpenRISC Samples", "uuid": "dafa897e-1b70-48f5-a296-d397eb16bf0e" }, { "type": "text", "object_relation": "detection-ratio", "value": "21/55", "category": "Payload delivery", "comment": "OpenRISC Samples", "uuid": "bdd373da-922c-4555-b705-13554128a922" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5ef45cc5-87ac-40c8-9769-90aeee950b48", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:32.000Z", "modified": "2019-04-09T14:53:32.000Z", "pattern": "[file:hashes.MD5 = 'fff9efec911c46b6622632a235e21558' AND file:hashes.SHA1 = 'be257333bab3a8184fe4493fadac018ef6b5cf90' AND file:hashes.SHA256 = '0c35f2902d92ef4f46e4643d11c46bde57027bb14e2b75c027a50fe7efc4f358']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--3c601fd8-25f7-472c-aafb-61246bf050ab", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:32.000Z", "modified": "2019-04-09T14:53:32.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:43", "category": "Other", "comment": "Altera Nios II Samples", "uuid": "74ce3e66-df6d-4cc8-b6b3-2e24778b01f7" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/0c35f2902d92ef4f46e4643d11c46bde57027bb14e2b75c027a50fe7efc4f358/analysis/1554820723/", "category": "Payload delivery", "comment": "Altera Nios II Samples", "uuid": "3a59df00-0a1f-4438-a214-c23a1b36d7a4" }, { "type": "text", "object_relation": "detection-ratio", "value": "24/55", "category": "Payload delivery", "comment": "Altera Nios II Samples", "uuid": "250bbb1e-1a82-4b4d-a38d-85bce8f41617" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--4bd0f4ab-1dd2-47c1-bc9e-cc984e224ed3", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:32.000Z", "modified": "2019-04-09T14:53:32.000Z", "pattern": "[file:hashes.MD5 = '7f706738b1442e0cb68b013f1fa173e4' AND file:hashes.SHA1 = 'dea50ca3b6ef8ac547c68f2e5ad973509cb915cc' AND file:hashes.SHA256 = '57cc6875ae0c571ef1edaae72d82b0da6e60331ad4b3ad34c922b9e4612b8779']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--a14d1157-bb64-44aa-9a5d-4b078c397453", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:32.000Z", "modified": "2019-04-09T14:53:32.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:44", "category": "Other", "comment": "Tensilica Xtensa Samples", "uuid": "582998a9-3667-487f-ad32-d55e79eca81c" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/57cc6875ae0c571ef1edaae72d82b0da6e60331ad4b3ad34c922b9e4612b8779/analysis/1554820724/", "category": "Payload delivery", "comment": "Tensilica Xtensa Samples", "uuid": "41f5eb00-5b69-4d90-ba46-4fb83f3528fd" }, { "type": "text", "object_relation": "detection-ratio", "value": "22/57", "category": "Payload delivery", "comment": "Tensilica Xtensa Samples", "uuid": "8bf83c58-3618-4778-aa56-15d9768b5b51" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--7265f4d8-423f-4089-b8bf-61154434bbec", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:32.000Z", "modified": "2019-04-09T14:53:32.000Z", "pattern": "[file:hashes.MD5 = '826969c4a4395e2ac077a47c0fad04bf' AND file:hashes.SHA1 = '00f9f12d5938af4274dc07a314d63bf079b0cf67' AND file:hashes.SHA256 = '4d8a4841a2f4a61ed6df2be79dd7ea1eb2052cee6eba4d8de30add7908ebb779']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--108baa35-aecc-436f-b100-d49c28ba513e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:32.000Z", "modified": "2019-04-09T14:53:32.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:43", "category": "Other", "comment": "Xilinx MicroBlaze Samples", "uuid": "7cad9684-a53e-4065-9a00-b3f4177f6b80" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/4d8a4841a2f4a61ed6df2be79dd7ea1eb2052cee6eba4d8de30add7908ebb779/analysis/1554820723/", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "814f5a53-613c-4790-89a3-c6e7ee40f2ad" }, { "type": "text", "object_relation": "detection-ratio", "value": "20/56", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "a57a7942-c31f-435c-819e-14bf4bacf46a" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--48e16861-6796-4e02-88a7-79c2d7858609", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:32.000Z", "modified": "2019-04-09T14:53:32.000Z", "pattern": "[file:hashes.MD5 = 'd6530989b7697fbfeb52c7da02606ee6' AND file:hashes.SHA1 = '8473e66bfdd122b60b61bd2edcd97742a10e0543' AND file:hashes.SHA256 = 'c75b3c52c0f5eebfd4c44c3069a393e824d455c7405d57ee99fd7613b8211b31']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--0878ecdd-7b9e-44ad-b533-7a494082d77d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:33.000Z", "modified": "2019-04-09T14:53:33.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:46", "category": "Other", "comment": "Xilinx MicroBlaze Samples", "uuid": "bf12de8b-65d0-4cc4-9ab3-083e8622933e" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/c75b3c52c0f5eebfd4c44c3069a393e824d455c7405d57ee99fd7613b8211b31/analysis/1554820726/", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "4f23f90d-8c4c-46b2-807e-4ccb5f45e50f" }, { "type": "text", "object_relation": "detection-ratio", "value": "27/59", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "b9a49c19-42d7-4105-9f29-b4f6f8eb77a2" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--2bc22de4-2a0d-4cb2-a9b3-eb4daec315b0", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:33.000Z", "modified": "2019-04-09T14:53:33.000Z", "pattern": "[file:hashes.MD5 = '7f4c596f95d86c5e1843090dd01bf5e3' AND file:hashes.SHA1 = '50762cbb68321234f92a261a7581c5ca3d4e8ce7' AND file:hashes.SHA256 = 'a457090fb6df8cb93c91ec6b5d89927f7a6f9e247389d945d44731351a367b4e']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--9c207223-e112-4cf8-8ee7-6a1d559a8423", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:33.000Z", "modified": "2019-04-09T14:53:33.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:46", "category": "Other", "comment": "Altera Nios II Samples", "uuid": "5a53a2f4-e825-4a43-b172-b597240765e8" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/a457090fb6df8cb93c91ec6b5d89927f7a6f9e247389d945d44731351a367b4e/analysis/1554820726/", "category": "Payload delivery", "comment": "Altera Nios II Samples", "uuid": "006b984c-d154-403a-a4fd-9ed8cd08be6e" }, { "type": "text", "object_relation": "detection-ratio", "value": "24/56", "category": "Payload delivery", "comment": "Altera Nios II Samples", "uuid": "e06e7085-4245-4dc0-8362-2751df2857bd" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--fa5e7f90-245b-4742-b7d0-2394fec51c85", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:33.000Z", "modified": "2019-04-09T14:53:33.000Z", "pattern": "[file:hashes.MD5 = '0c44d70b35b4daaf693644c524c26752' AND file:hashes.SHA1 = '618f2cf0181747b7b851ce0aff7639f7e4fa63fb' AND file:hashes.SHA256 = '9b1eab0283fd6948a9a181abaa2f6b3c26f2b0077c8a8b32e763790dd64d2a22']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--73e039e4-7edb-4e20-a441-91746475ea90", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:33.000Z", "modified": "2019-04-09T14:53:33.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:46", "category": "Other", "comment": "Xilinx MicroBlaze Samples", "uuid": "ad2e9b69-bddb-4e9a-8eac-c32c493b37c1" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/9b1eab0283fd6948a9a181abaa2f6b3c26f2b0077c8a8b32e763790dd64d2a22/analysis/1554820726/", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "65fd98a1-9315-4f58-ba58-41bd1aebc944" }, { "type": "text", "object_relation": "detection-ratio", "value": "27/59", "category": "Payload delivery", "comment": "Xilinx MicroBlaze Samples", "uuid": "8e59039d-fe6d-4be4-88fe-776945882804" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--03c14a71-6d63-4b20-a22d-f00e5edce6c0", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:33.000Z", "modified": "2019-04-09T14:53:33.000Z", "pattern": "[file:hashes.MD5 = '3435076494a390266c3c0075997061b3' AND file:hashes.SHA1 = '735eb8ae448bfcb2ffb3fc283d2aac68f687f356' AND file:hashes.SHA256 = 'fae498477388c53c8c623fd8ddb710cc286584200767907b104d55f916d37c05']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--6cfcd770-a39a-4100-aa77-114a93d0d742", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:34.000Z", "modified": "2019-04-09T14:53:34.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:50", "category": "Other", "comment": "Altera Nios II Samples", "uuid": "bb56ee61-aae8-4c6a-92c3-6bc930d16ab4" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/fae498477388c53c8c623fd8ddb710cc286584200767907b104d55f916d37c05/analysis/1554820730/", "category": "Payload delivery", "comment": "Altera Nios II Samples", "uuid": "c81ac748-2a6b-46e9-adfd-983708fe503b" }, { "type": "text", "object_relation": "detection-ratio", "value": "24/56", "category": "Payload delivery", "comment": "Altera Nios II Samples", "uuid": "38e6b010-35c6-43a3-9241-64efcf5eb198" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b4ff969b-0790-4864-a6aa-4ee7b041f432", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:34.000Z", "modified": "2019-04-09T14:53:34.000Z", "pattern": "[file:hashes.MD5 = 'c1c7a371b3c3693ce248acad48865731' AND file:hashes.SHA1 = '8eedefcfebe110030bcddf42c0ce3ee336fda624' AND file:hashes.SHA256 = '61893583675935ac7a4857542f13d513ffbb176b302a72d26d7ec39fd931decb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-04-09T14:53:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--c98512db-97ea-4c11-ad77-ac0cda300412", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-04-09T14:53:34.000Z", "modified": "2019-04-09T14:53:34.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-09T14:38:42", "category": "Other", "comment": "Tensilica Xtensa Samples", "uuid": "f24c6a63-146f-48fe-bcdd-4fcbac87e608" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/61893583675935ac7a4857542f13d513ffbb176b302a72d26d7ec39fd931decb/analysis/1554820722/", "category": "Payload delivery", "comment": "Tensilica Xtensa Samples", "uuid": "b85ff7af-7a3f-4120-8a6c-94d97817ad51" }, { "type": "text", "object_relation": "detection-ratio", "value": "22/57", "category": "Payload delivery", "comment": "Tensilica Xtensa Samples", "uuid": "a8454d86-cb50-4e4a-8741-7b2a7e99d5de" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--344c0d01-8e15-4f62-b061-c321a6643c2f", "created": "2019-04-09T14:53:34.000Z", "modified": "2019-04-09T14:53:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--4d6e3fee-7c21-49c4-ae5f-9cc8c2a51e0f", "target_ref": "x-misp-object--3c8f723c-33a7-49c2-93ba-1e85d049c50c" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--770aa7de-c16d-4350-b38d-eb750bb721bc", "created": "2019-04-09T14:53:34.000Z", "modified": "2019-04-09T14:53:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--f7d995da-6b74-46bd-a3bd-b216173f7ecd", "target_ref": "x-misp-object--08d445db-073c-4725-b822-4dc12152dc6d" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--19812b4a-c0cb-4737-b7a7-c3c422dc8b3c", "created": "2019-04-09T14:53:34.000Z", "modified": "2019-04-09T14:53:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--30d18426-8b6c-4bd7-9dbe-fe48578c0858", "target_ref": "x-misp-object--b65f158d-86b3-46ea-8e90-5aff73b83607" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--2cb1dfac-87b2-4179-b724-c17ee162c367", "created": "2019-04-09T14:53:34.000Z", "modified": "2019-04-09T14:53:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--b193159a-ffa2-487b-95c4-0d8243f8ad9c", "target_ref": "x-misp-object--032474ca-6510-4dde-8ed2-b9da5050112e" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--3b465958-8601-4d5b-9551-06bf3689b30a", "created": "2019-04-09T14:53:34.000Z", "modified": "2019-04-09T14:53:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--71263d1f-4ce5-4dfd-8b98-22edc46918aa", "target_ref": "x-misp-object--5d7e98f1-3719-4c81-9fa8-0e8c5d58cc7a" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--f7c8e864-fea4-437a-9948-ea6c5c29ca62", "created": "2019-04-09T14:53:34.000Z", "modified": "2019-04-09T14:53:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--f520e3f7-1da0-4457-8f67-3515a31174bc", "target_ref": "x-misp-object--7fd6de13-43fb-46d7-a71c-3d7df2cb0667" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--24ca1957-1e5a-4f3b-93e3-38ddb2698290", "created": "2019-04-09T14:53:34.000Z", "modified": "2019-04-09T14:53:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--6a5f7378-218c-4ea3-a54d-c5767472ddb1", "target_ref": "x-misp-object--b8d2d6ad-e5e3-42a5-b950-1046b821f68f" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--a7032277-eb6c-49cf-8f99-4fecb1bdc77a", "created": "2019-04-09T14:53:35.000Z", "modified": "2019-04-09T14:53:35.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--ccaa3b0c-b5e6-4536-9606-b56b08602015", "target_ref": "x-misp-object--298cf9d4-5927-4a83-abf4-b195c0b926a7" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--21cdc8ee-f1c6-4ef1-b1ca-47d45a1b60ee", "created": "2019-04-09T14:53:35.000Z", "modified": "2019-04-09T14:53:35.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--e431dfa4-ace9-4c86-8348-47f0c41d5424", "target_ref": "x-misp-object--36cb190d-e9c4-4a68-a628-a79c96323f5a" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--ee15e46d-227f-416f-94ca-129fa3ce595e", "created": "2019-04-09T14:53:35.000Z", "modified": "2019-04-09T14:53:35.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--eaa5e596-0f6d-4ce1-aa4f-602720bd37ea", "target_ref": "x-misp-object--fe27f62d-2cb0-4d56-a1ea-30eebcf27b8a" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--62dc2765-fc24-46c3-b4b5-74f70100438d", "created": "2019-04-09T14:53:35.000Z", "modified": "2019-04-09T14:53:35.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--6d039067-955e-4e72-a631-e049cf35a77f", "target_ref": "x-misp-object--5349f3ce-b5d8-47d3-b28a-f01f5ca628d8" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--1e1ad1d0-701c-4d1a-a4fd-049d025d8778", "created": "2019-04-09T14:53:35.000Z", "modified": "2019-04-09T14:53:35.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--906f4543-dd5e-40cb-83f5-6a30ad65a3bb", "target_ref": "x-misp-object--57817aa5-8715-40b2-9f08-795fff3f197c" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--174bc9df-06a4-42fb-aab8-83bcfe0d83e9", "created": "2019-04-09T14:53:35.000Z", "modified": "2019-04-09T14:53:35.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--6e8a1137-4eeb-42f5-8b5b-30d6b8f325ef", "target_ref": "x-misp-object--b002923b-f027-4427-a79e-2802833d564d" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--5db5813d-f4fa-47bc-bfd5-36cbd65ddd36", "created": "2019-04-09T14:53:35.000Z", "modified": "2019-04-09T14:53:35.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--ba07517c-15ac-49e5-b2b6-c6bcc1573288", "target_ref": "x-misp-object--bd8d81c1-a0c1-46cc-b8e0-d6742f9b5bbb" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--6232ea45-43b3-4691-80b6-49ca4dfb98de", "created": "2019-04-09T14:53:35.000Z", "modified": "2019-04-09T14:53:35.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--6360d4f6-e24c-4cce-869a-24ccd7f9c129", "target_ref": "x-misp-object--bc7587c2-e369-4c0c-b2d2-b05a4210bcf3" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--c39679b6-3b58-4562-9710-e9175b9932b2", "created": "2019-04-09T14:53:35.000Z", "modified": "2019-04-09T14:53:35.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--4416ae3a-0659-4f4e-bc6e-5cff3da3130d", "target_ref": "x-misp-object--8bb6ab5a-d092-4bd3-8039-db1c1610653c" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--437b3a7c-4e89-4ac9-9fa6-cbf35cc9f3e2", "created": "2019-04-09T14:53:35.000Z", "modified": "2019-04-09T14:53:35.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--382a6691-5e36-4d86-b0d8-5a04e43342fc", "target_ref": "x-misp-object--6ef3df89-54b3-4737-a303-bfd64e0ace0d" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--a5863cbe-c745-4731-8cbd-1171628d1329", "created": "2019-04-09T14:53:35.000Z", "modified": "2019-04-09T14:53:35.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--6216369c-87cb-453b-931f-83a18954a135", "target_ref": "x-misp-object--4ec12cbe-898c-4ccc-8775-28e4e121d5db" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--6613de98-d4dd-4335-bc14-57fd6ffaa63a", "created": "2019-04-09T14:53:35.000Z", "modified": "2019-04-09T14:53:35.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--d8c1ba83-dbd0-4daa-9a16-4dc2465eab8a", "target_ref": "x-misp-object--92650226-7b52-4e62-be35-e3127a417cf0" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--a70fb91f-8889-4dde-88a9-e3e29ab9c534", "created": "2019-04-09T14:53:35.000Z", "modified": "2019-04-09T14:53:35.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--a4923d2f-c6ba-4228-883c-d93835435f9a", "target_ref": "x-misp-object--4ab686a6-fb66-492d-9bb1-487d10f99d09" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--48e54a93-e285-4cc8-8157-6a05d8271212", "created": "2019-04-09T14:53:35.000Z", "modified": "2019-04-09T14:53:35.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--b7a2d065-ed7c-41c8-a2f9-e066c92afe89", "target_ref": "x-misp-object--ba0f4453-12d4-492f-90d2-b61e08f8e2d4" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--7509efa6-741e-479b-b71d-6a3bb6a89a11", "created": "2019-04-09T14:53:35.000Z", "modified": "2019-04-09T14:53:35.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--b21504d6-8f09-420e-8dd4-4156c9fe6c4c", "target_ref": "x-misp-object--02c8cf93-3806-4e09-a801-830a0db3abf6" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--394595d1-01a2-4eb0-8224-2d040123bca8", "created": "2019-04-09T14:53:35.000Z", "modified": "2019-04-09T14:53:35.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--37d88da7-8284-4bc6-9a6f-2cd49c1971cd", "target_ref": "x-misp-object--21b4521f-74e3-4b6d-90df-c30faad750de" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--b45ec65f-be58-40c2-ae08-5ddd29acb634", "created": "2019-04-09T14:53:36.000Z", "modified": "2019-04-09T14:53:36.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--ceeb65b8-0b04-4166-b355-252b12391f98", "target_ref": "x-misp-object--657d45df-b4ba-4dd2-8762-43a8fd4487bf" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--95970c32-9c3b-4097-8b55-d22d94aedd0a", "created": "2019-04-09T14:53:36.000Z", "modified": "2019-04-09T14:53:36.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--98ce3838-810e-49a0-a73c-2255aceb0b23", "target_ref": "x-misp-object--4304fa8d-bcc3-4596-b45b-92a1084f6e80" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--c59c8d24-4c3d-4686-9588-3502f2e6245c", "created": "2019-04-09T14:53:36.000Z", "modified": "2019-04-09T14:53:36.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--8f46177b-5fad-4dff-bfe2-a64700c10f7a", "target_ref": "x-misp-object--6aa42e4d-4b31-4f21-a7c4-c7c2fb0a8c16" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--1d1bf0a0-7a35-453c-9025-f10d31bc22d7", "created": "2019-04-09T14:53:36.000Z", "modified": "2019-04-09T14:53:36.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--0a1c567d-90f2-4bc1-b0b8-0f863fbd1a96", "target_ref": "x-misp-object--8d50aae1-1b2e-40ae-a3ca-c8f5280b0097" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--0d3746cd-2253-4aaa-adf2-8ec13f7182d2", "created": "2019-04-09T14:53:36.000Z", "modified": "2019-04-09T14:53:36.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--9aa1e457-864e-45d3-8efb-3f767f69c7fe", "target_ref": "x-misp-object--676eeeaa-4548-47d8-9cb3-d5c7d0662245" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--61f76031-6702-4986-a51c-2f78ce2a1b58", "created": "2019-04-09T14:53:36.000Z", "modified": "2019-04-09T14:53:36.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--5ef45cc5-87ac-40c8-9769-90aeee950b48", "target_ref": "x-misp-object--3c601fd8-25f7-472c-aafb-61246bf050ab" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--31da2c49-b5e2-4bf6-8db9-35303c48dcc5", "created": "2019-04-09T14:53:36.000Z", "modified": "2019-04-09T14:53:36.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--4bd0f4ab-1dd2-47c1-bc9e-cc984e224ed3", "target_ref": "x-misp-object--a14d1157-bb64-44aa-9a5d-4b078c397453" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--347236e2-6a71-4bf4-a075-bd1300db1745", "created": "2019-04-09T14:53:36.000Z", "modified": "2019-04-09T14:53:36.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--7265f4d8-423f-4089-b8bf-61154434bbec", "target_ref": "x-misp-object--108baa35-aecc-436f-b100-d49c28ba513e" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--e9919b8a-0487-4ba6-8e2e-702e86201848", "created": "2019-04-09T14:53:36.000Z", "modified": "2019-04-09T14:53:36.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--48e16861-6796-4e02-88a7-79c2d7858609", "target_ref": "x-misp-object--0878ecdd-7b9e-44ad-b533-7a494082d77d" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--d3fd3c0c-313c-472c-8133-ac16ee0557e5", "created": "2019-04-09T14:53:36.000Z", "modified": "2019-04-09T14:53:36.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--2bc22de4-2a0d-4cb2-a9b3-eb4daec315b0", "target_ref": "x-misp-object--9c207223-e112-4cf8-8ee7-6a1d559a8423" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--9f43bbc1-2455-4ff3-b919-99c30a803bb4", "created": "2019-04-09T14:53:36.000Z", "modified": "2019-04-09T14:53:36.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--fa5e7f90-245b-4742-b7d0-2394fec51c85", "target_ref": "x-misp-object--73e039e4-7edb-4e20-a441-91746475ea90" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--caf77720-0753-4cf8-bbb5-da8ae9734d42", "created": "2019-04-09T14:53:36.000Z", "modified": "2019-04-09T14:53:36.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--03c14a71-6d63-4b20-a22d-f00e5edce6c0", "target_ref": "x-misp-object--6cfcd770-a39a-4100-aa77-114a93d0d742" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--803e75d6-456b-4a5f-b690-217bb34d662a", "created": "2019-04-09T14:53:36.000Z", "modified": "2019-04-09T14:53:36.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--b4ff969b-0790-4864-a6aa-4ee7b041f432", "target_ref": "x-misp-object--c98512db-97ea-4c11-ad77-ac0cda300412" }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }