{ "type": "bundle", "id": "bundle--5b1e42d7-ceb4-4f0f-8abf-45ac950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:21.000Z", "modified": "2018-06-13T07:24:21.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "grouping", "spec_version": "2.1", "id": "grouping--5b1e42d7-ceb4-4f0f-8abf-45ac950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:21.000Z", "modified": "2018-06-13T07:24:21.000Z", "name": "OSINT - Pocket cryptofarms", "context": "suspicious-activity", "object_refs": [ "observed-data--5b1e46ed-a44c-4de8-a7a5-4da5950d210f", "url--5b1e46ed-a44c-4de8-a7a5-4da5950d210f", "x-misp-attribute--5b1e47ca-02fc-4c40-a75d-41ea950d210f", "indicator--5b1e4e4a-cd44-4faa-a482-444c950d210f", "indicator--5b1e4e4b-3dec-46cb-b2a1-4174950d210f", "indicator--5b1e4e4b-f6e4-4271-a49e-4ea7950d210f", "indicator--5b1e4e4c-937c-4df3-95e2-4802950d210f", "indicator--5b1e4e4c-12d0-46bf-af3d-4c7c950d210f", "indicator--5b1e4e4d-4af0-4ec0-83fe-4d83950d210f", "indicator--5b1e4e4d-bb40-4688-b248-4a9e950d210f", "indicator--5b1e4e4d-fe34-4c85-993e-47e1950d210f", "indicator--5b1e4e4e-52d8-491f-aa8e-4904950d210f", "indicator--5b1e4e4e-ad28-47cd-aa92-4250950d210f", "indicator--5b1e4e4f-efac-413c-a6d5-4cca950d210f", "indicator--5b1e4e4f-5a80-4f20-a43a-4d06950d210f", "indicator--5b1e4e4f-86cc-49db-91c0-4b8d950d210f", "indicator--5b1e4e50-f08c-4581-8452-43e2950d210f", "indicator--5b1e4e50-d3f0-470b-bc89-4fdb950d210f", "indicator--5b1e4e51-5b0c-4989-99b2-43a0950d210f", "indicator--5b1e4e51-a480-4552-9275-4688950d210f", "indicator--5b1e4e52-0f08-4950-b0c1-4b77950d210f", "x-misp-object--90d3388f-0399-442e-9f05-6aeedf969ab1", "x-misp-object--e76744bc-f0a4-462c-9431-9932cc795bd4", "x-misp-object--29cff4cf-8143-4cca-a2a9-0bdea038f709", "x-misp-object--41786412-9231-4d92-a260-4f0d949ab4fe", "x-misp-object--cc73e439-bde3-4744-b359-d62aacc658a8", "x-misp-object--23e86cd6-5f08-4703-a4ad-dbef0cd47ad0", "x-misp-object--444a95bf-2b57-4886-bc25-06baff74bdc5", "x-misp-object--49cb60aa-fc0e-4762-916b-98fecabec27d", "x-misp-object--f2ddbc68-4fd0-498c-940e-c5c4d90e6a97", "x-misp-object--f3db0dbc-07eb-4ab4-a75c-8a977c77adbd", "x-misp-object--e708c4f1-ba89-4caa-ba40-a1ad1c240531", "x-misp-object--8ef9ff98-08b0-4ed6-81f7-a9e45bf9f70a", "x-misp-object--785d637c-5bca-4c03-9821-7a0f1a8a3c89", "x-misp-object--90adc604-6b9f-402a-b740-cf336aa862ee", "x-misp-object--e931b37c-a031-4d3c-a945-d69f7d9eb6a4", "x-misp-object--ec7364af-46f9-41d7-9bdc-386b25c05745", "x-misp-object--1f75b405-a90c-42a0-b997-d9ad39ffae02", "x-misp-object--393b8eb5-ca00-4776-88b7-9c3876c96b8c", "x-misp-object--4481b6fa-ca6a-4383-8314-04fbdd03d0c8", "x-misp-object--67034fc2-1be9-4965-87cf-48caa4a01c1c", "x-misp-object--bcaead79-2fce-424c-ad30-f4f77e614a39", "x-misp-object--d6a8098a-f779-4144-bde9-981d45c0b31e", "x-misp-object--8a2d35ab-71b7-4c9a-bc1c-d2dd7f8b9639", "x-misp-object--3aa8f277-3452-4ae1-a73b-e7df63983f99", "x-misp-object--57c269af-ab8a-4677-ac0e-2530fccb3cc5", "x-misp-object--7882e8c6-9798-4cf1-9b0d-9c441f24b9b6", "x-misp-object--f757135a-24d4-4a12-bab7-cf35b2fd0b02", "x-misp-object--ec5c8c73-132e-4124-8991-ffffd45519a9", "x-misp-object--fae0f8de-03d1-4115-b138-fc95e50f55a0", "x-misp-object--9c49d20a-1bc1-495d-80c1-31cf646cdcb3", "x-misp-object--e08004b1-c47a-4ac6-8cfc-f6d0fede16c2", "x-misp-object--313cd2f5-94fd-4c71-9696-28bb02e5bb42", "x-misp-object--8393ebcf-fb96-4425-84c0-3e9b52c5b6ad", "x-misp-object--6e24c710-c408-4bd6-a3d8-f0908de408d1", "relationship--08f4b1ab-3e4c-48be-b3fb-b7935d64d092", "relationship--354de6af-7b7f-4eaf-8bc2-96cf62dc3965", "relationship--01691191-bca6-4090-96a9-6dc0a54af13b", "relationship--c79b5612-68d0-469e-8454-d720ea52335e", "relationship--381bb0b5-9bf8-45de-a16e-1ad366af8d72", "relationship--94ed5c2a-6455-402b-9a1d-7278ee32d7a4", "relationship--97940937-0cfa-4da7-97e4-fe7817c489a8", "relationship--3fe9cf21-946a-46fc-9a58-96cb7509d1c6", "relationship--4304a370-f0af-4a08-9230-cba5dded123b", "relationship--b6a706d0-a4cc-414d-94a9-946f13f08ffc", "relationship--25e5797e-dc2e-476a-997e-b1e0bc3ea9a4", "relationship--7477fa5c-3793-4c18-8f3c-887891490faa", "relationship--031c590b-55e2-4662-9f32-17cb8478072d", "relationship--17fdfb97-de86-4397-9607-bdc92b29dbe0", "relationship--b54a09da-2a6a-4f43-9fd2-64ec244352b0", "relationship--0ed22116-2b03-40dd-b923-77f39a70706f", "relationship--7ac933bd-6540-4749-9930-600bbaf12394" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "circl:incident-classification=\"malware\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--5b1e46ed-a44c-4de8-a7a5-4da5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T09:54:53.000Z", "modified": "2018-06-11T09:54:53.000Z", "first_observed": "2018-06-11T09:54:53Z", "last_observed": "2018-06-11T09:54:53Z", "number_observed": 1, "object_refs": [ "url--5b1e46ed-a44c-4de8-a7a5-4da5950d210f" ], "labels": [ "misp:type=\"link\"", "misp:category=\"External analysis\"" ] }, { "type": "url", "spec_version": "2.1", "id": "url--5b1e46ed-a44c-4de8-a7a5-4da5950d210f", "value": "https://securelist.com/pocket-cryptofarms/85137/" }, { "type": "x-misp-attribute", "spec_version": "2.1", "id": "x-misp-attribute--5b1e47ca-02fc-4c40-a75d-41ea950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T09:58:34.000Z", "modified": "2018-06-11T09:58:34.000Z", "labels": [ "misp:type=\"text\"", "misp:category=\"External analysis\"" ], "x_misp_category": "External analysis", "x_misp_type": "text", "x_misp_value": "In recent months, the topic of cryptocurrency has been a permanent news fixture \u2014 the value of digital money has been see-sawing spectacularly. Such pyrotechnics could hardly have escaped the attention of scammers, which is why cryptocurrency fluctuations have gone hand in hand with all kinds of stories. These include hacked exchanges, Bitcoin and Monero ransoms, and, of course, hidden mining. We\u2019ve noticed that attackers no longer limit themselves to servers, desktops, and laptops. They are increasingly drawn to mobile devices, mainly Android. We decided to take a closer look to see which mobile apps stealthily mine digital coins on user devices and how widespread they are." }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e4e4a-cd44-4faa-a482-444c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T10:26:18.000Z", "modified": "2018-06-11T10:26:18.000Z", "pattern": "[file:hashes.MD5 = 'f9c4a28284cd7a4534a1102c20f04c9d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T10:26:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e4e4b-3dec-46cb-b2a1-4174950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T10:26:19.000Z", "modified": "2018-06-11T10:26:19.000Z", "pattern": "[file:hashes.MD5 = 'b32dbbfbb0d4ec97c59b50d29ddaaa2d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T10:26:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e4e4b-f6e4-4271-a49e-4ea7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T10:26:19.000Z", "modified": "2018-06-11T10:26:19.000Z", "pattern": "[file:hashes.MD5 = '2d846265f6569547490fcb38970fc93e']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T10:26:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e4e4c-937c-4df3-95e2-4802950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T10:26:20.000Z", "modified": "2018-06-11T10:26:20.000Z", "pattern": "[file:hashes.MD5 = '6e1fdfbdab69090fea77b3f2f33098a8']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T10:26:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e4e4c-12d0-46bf-af3d-4c7c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T10:26:20.000Z", "modified": "2018-06-11T10:26:20.000Z", "pattern": "[file:hashes.MD5 = '5464647b09d5f2e064183a073ae97d7b']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T10:26:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e4e4d-4af0-4ec0-83fe-4d83950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T10:26:21.000Z", "modified": "2018-06-11T10:26:21.000Z", "pattern": "[file:hashes.MD5 = '5b7324c165ee6af26cda55293daeacdf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T10:26:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e4e4d-bb40-4688-b248-4a9e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T10:26:21.000Z", "modified": "2018-06-11T10:26:21.000Z", "pattern": "[file:hashes.MD5 = 'e771099aca570f53a94be713a3c2ed63']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T10:26:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e4e4d-fe34-4c85-993e-47e1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T10:26:21.000Z", "modified": "2018-06-11T10:26:21.000Z", "pattern": "[file:hashes.MD5 = '3062659c25f44eea5fe8d3d85c99907d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T10:26:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e4e4e-52d8-491f-aa8e-4904950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T10:26:22.000Z", "modified": "2018-06-11T10:26:22.000Z", "pattern": "[file:hashes.MD5 = 'aebb87e9aea464efb6fcc550bf7d2d38']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T10:26:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e4e4e-ad28-47cd-aa92-4250950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T10:26:22.000Z", "modified": "2018-06-11T10:26:22.000Z", "pattern": "[file:hashes.MD5 = '38ce6c161f87345b773795553aae2c28']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T10:26:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e4e4f-efac-413c-a6d5-4cca950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T10:26:23.000Z", "modified": "2018-06-11T10:26:23.000Z", "pattern": "[file:hashes.MD5 = 'ca3e7a442d5a316da9ed8db3c4d913a7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T10:26:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e4e4f-5a80-4f20-a43a-4d06950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T10:26:23.000Z", "modified": "2018-06-11T10:26:23.000Z", "pattern": "[file:hashes.MD5 = '34f43baafaebdac4cc582e1aaacf26bd']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T10:26:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e4e4f-86cc-49db-91c0-4b8d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T10:26:23.000Z", "modified": "2018-06-11T10:26:23.000Z", "pattern": "[file:hashes.MD5 = 'f8de7065a7d9f191fd0a53289cdb959b']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T10:26:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e4e50-f08c-4581-8452-43e2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T10:26:24.000Z", "modified": "2018-06-11T10:26:24.000Z", "pattern": "[file:hashes.MD5 = '34eb1ffdc8d9d5dd3c32a0acc4995e29']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T10:26:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e4e50-d3f0-470b-bc89-4fdb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T10:26:24.000Z", "modified": "2018-06-11T10:26:24.000Z", "pattern": "[file:hashes.MD5 = '020a9064d3819a0293940a4f0b36dd2a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T10:26:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e4e51-5b0c-4989-99b2-43a0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T10:26:25.000Z", "modified": "2018-06-11T10:26:25.000Z", "pattern": "[file:hashes.MD5 = 'ee78507a293d007c47f3d2d471aad013']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T10:26:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e4e51-a480-4552-9275-4688950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T10:26:25.000Z", "modified": "2018-06-11T10:26:25.000Z", "pattern": "[file:hashes.MD5 = '0e129e2f4ea3c09bfb0c4841e173580c']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T10:26:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b1e4e52-0f08-4950-b0c1-4b77950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-11T10:26:26.000Z", "modified": "2018-06-11T10:26:26.000Z", "pattern": "[file:hashes.MD5 = '50bf20954b8388fa3d5e048e6fa493a9']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-11T10:26:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--90d3388f-0399-442e-9f05-6aeedf969ab1", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:31.000Z", "modified": "2018-06-13T07:23:31.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--e76744bc-f0a4-462c-9431-9932cc795bd4", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:29.000Z", "modified": "2018-06-13T07:23:29.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--29cff4cf-8143-4cca-a2a9-0bdea038f709", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:33.000Z", "modified": "2018-06-13T07:23:33.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--41786412-9231-4d92-a260-4f0d949ab4fe", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:31.000Z", "modified": "2018-06-13T07:23:31.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--cc73e439-bde3-4744-b359-d62aacc658a8", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:35.000Z", "modified": "2018-06-13T07:23:35.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--23e86cd6-5f08-4703-a4ad-dbef0cd47ad0", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:33.000Z", "modified": "2018-06-13T07:23:33.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--444a95bf-2b57-4886-bc25-06baff74bdc5", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:37.000Z", "modified": "2018-06-13T07:23:37.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--49cb60aa-fc0e-4762-916b-98fecabec27d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:36.000Z", "modified": "2018-06-13T07:23:36.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--f2ddbc68-4fd0-498c-940e-c5c4d90e6a97", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:40.000Z", "modified": "2018-06-13T07:23:40.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--f3db0dbc-07eb-4ab4-a75c-8a977c77adbd", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:38.000Z", "modified": "2018-06-13T07:23:38.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--e708c4f1-ba89-4caa-ba40-a1ad1c240531", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:42.000Z", "modified": "2018-06-13T07:23:42.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--8ef9ff98-08b0-4ed6-81f7-a9e45bf9f70a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:40.000Z", "modified": "2018-06-13T07:23:40.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--785d637c-5bca-4c03-9821-7a0f1a8a3c89", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:44.000Z", "modified": "2018-06-13T07:23:44.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--90adc604-6b9f-402a-b740-cf336aa862ee", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:42.000Z", "modified": "2018-06-13T07:23:42.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--e931b37c-a031-4d3c-a945-d69f7d9eb6a4", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:46.000Z", "modified": "2018-06-13T07:23:46.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--ec7364af-46f9-41d7-9bdc-386b25c05745", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:45.000Z", "modified": "2018-06-13T07:23:45.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--1f75b405-a90c-42a0-b997-d9ad39ffae02", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:48.000Z", "modified": "2018-06-13T07:23:48.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--393b8eb5-ca00-4776-88b7-9c3876c96b8c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:47.000Z", "modified": "2018-06-13T07:23:47.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--4481b6fa-ca6a-4383-8314-04fbdd03d0c8", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:51.000Z", "modified": "2018-06-13T07:23:51.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--67034fc2-1be9-4965-87cf-48caa4a01c1c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:49.000Z", "modified": "2018-06-13T07:23:49.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--bcaead79-2fce-424c-ad30-f4f77e614a39", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:53.000Z", "modified": "2018-06-13T07:23:53.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--d6a8098a-f779-4144-bde9-981d45c0b31e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:51.000Z", "modified": "2018-06-13T07:23:51.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--8a2d35ab-71b7-4c9a-bc1c-d2dd7f8b9639", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:55.000Z", "modified": "2018-06-13T07:23:55.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--3aa8f277-3452-4ae1-a73b-e7df63983f99", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:53.000Z", "modified": "2018-06-13T07:23:53.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--57c269af-ab8a-4677-ac0e-2530fccb3cc5", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:57.000Z", "modified": "2018-06-13T07:23:57.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--7882e8c6-9798-4cf1-9b0d-9c441f24b9b6", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:55.000Z", "modified": "2018-06-13T07:23:55.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--f757135a-24d4-4a12-bab7-cf35b2fd0b02", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:59.000Z", "modified": "2018-06-13T07:23:59.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--ec5c8c73-132e-4124-8991-ffffd45519a9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:23:58.000Z", "modified": "2018-06-13T07:23:58.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--fae0f8de-03d1-4115-b138-fc95e50f55a0", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:02.000Z", "modified": "2018-06-13T07:24:02.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--9c49d20a-1bc1-495d-80c1-31cf646cdcb3", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:00.000Z", "modified": "2018-06-13T07:24:00.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--e08004b1-c47a-4ac6-8cfc-f6d0fede16c2", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:04.000Z", "modified": "2018-06-13T07:24:04.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--313cd2f5-94fd-4c71-9696-28bb02e5bb42", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:04.000Z", "modified": "2018-06-13T07:24:04.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--8393ebcf-fb96-4425-84c0-3e9b52c5b6ad", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:07.000Z", "modified": "2018-06-13T07:24:07.000Z", "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"" ], "x_misp_meta_category": "file", "x_misp_name": "file" }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--6e24c710-c408-4bd6-a3d8-f0908de408d1", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2018-06-13T07:24:06.000Z", "modified": "2018-06-13T07:24:06.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--08f4b1ab-3e4c-48be-b3fb-b7935d64d092", "created": "2018-06-13T07:24:07.000Z", "modified": "2018-06-13T07:24:07.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--90d3388f-0399-442e-9f05-6aeedf969ab1", "target_ref": "x-misp-object--e76744bc-f0a4-462c-9431-9932cc795bd4" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--354de6af-7b7f-4eaf-8bc2-96cf62dc3965", "created": "2018-06-13T07:24:07.000Z", "modified": "2018-06-13T07:24:07.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--29cff4cf-8143-4cca-a2a9-0bdea038f709", "target_ref": "x-misp-object--41786412-9231-4d92-a260-4f0d949ab4fe" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--01691191-bca6-4090-96a9-6dc0a54af13b", "created": "2018-06-13T07:24:07.000Z", "modified": "2018-06-13T07:24:07.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--cc73e439-bde3-4744-b359-d62aacc658a8", "target_ref": "x-misp-object--23e86cd6-5f08-4703-a4ad-dbef0cd47ad0" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--c79b5612-68d0-469e-8454-d720ea52335e", "created": "2018-06-13T07:24:07.000Z", "modified": "2018-06-13T07:24:07.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--444a95bf-2b57-4886-bc25-06baff74bdc5", "target_ref": "x-misp-object--49cb60aa-fc0e-4762-916b-98fecabec27d" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--381bb0b5-9bf8-45de-a16e-1ad366af8d72", "created": "2018-06-13T07:24:07.000Z", "modified": "2018-06-13T07:24:07.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--f2ddbc68-4fd0-498c-940e-c5c4d90e6a97", "target_ref": "x-misp-object--f3db0dbc-07eb-4ab4-a75c-8a977c77adbd" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--94ed5c2a-6455-402b-9a1d-7278ee32d7a4", "created": "2018-06-13T07:24:07.000Z", "modified": "2018-06-13T07:24:07.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--e708c4f1-ba89-4caa-ba40-a1ad1c240531", "target_ref": "x-misp-object--8ef9ff98-08b0-4ed6-81f7-a9e45bf9f70a" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--97940937-0cfa-4da7-97e4-fe7817c489a8", "created": "2018-06-13T07:24:07.000Z", "modified": "2018-06-13T07:24:07.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--785d637c-5bca-4c03-9821-7a0f1a8a3c89", "target_ref": "x-misp-object--90adc604-6b9f-402a-b740-cf336aa862ee" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--3fe9cf21-946a-46fc-9a58-96cb7509d1c6", "created": "2018-06-13T07:24:07.000Z", "modified": "2018-06-13T07:24:07.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--e931b37c-a031-4d3c-a945-d69f7d9eb6a4", "target_ref": "x-misp-object--ec7364af-46f9-41d7-9bdc-386b25c05745" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--4304a370-f0af-4a08-9230-cba5dded123b", "created": "2018-06-13T07:24:07.000Z", "modified": "2018-06-13T07:24:07.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--1f75b405-a90c-42a0-b997-d9ad39ffae02", "target_ref": "x-misp-object--393b8eb5-ca00-4776-88b7-9c3876c96b8c" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--b6a706d0-a4cc-414d-94a9-946f13f08ffc", "created": "2018-06-13T07:24:07.000Z", "modified": "2018-06-13T07:24:07.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--4481b6fa-ca6a-4383-8314-04fbdd03d0c8", "target_ref": "x-misp-object--67034fc2-1be9-4965-87cf-48caa4a01c1c" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--25e5797e-dc2e-476a-997e-b1e0bc3ea9a4", "created": "2018-06-13T07:24:07.000Z", "modified": "2018-06-13T07:24:07.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--bcaead79-2fce-424c-ad30-f4f77e614a39", "target_ref": "x-misp-object--d6a8098a-f779-4144-bde9-981d45c0b31e" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--7477fa5c-3793-4c18-8f3c-887891490faa", "created": "2018-06-13T07:24:08.000Z", "modified": "2018-06-13T07:24:08.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--8a2d35ab-71b7-4c9a-bc1c-d2dd7f8b9639", "target_ref": "x-misp-object--3aa8f277-3452-4ae1-a73b-e7df63983f99" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--031c590b-55e2-4662-9f32-17cb8478072d", "created": "2018-06-13T07:24:08.000Z", "modified": "2018-06-13T07:24:08.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--57c269af-ab8a-4677-ac0e-2530fccb3cc5", "target_ref": "x-misp-object--7882e8c6-9798-4cf1-9b0d-9c441f24b9b6" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--17fdfb97-de86-4397-9607-bdc92b29dbe0", "created": "2018-06-13T07:24:08.000Z", "modified": "2018-06-13T07:24:08.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--f757135a-24d4-4a12-bab7-cf35b2fd0b02", "target_ref": "x-misp-object--ec5c8c73-132e-4124-8991-ffffd45519a9" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--b54a09da-2a6a-4f43-9fd2-64ec244352b0", "created": "2018-06-13T07:24:08.000Z", "modified": "2018-06-13T07:24:08.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--fae0f8de-03d1-4115-b138-fc95e50f55a0", "target_ref": "x-misp-object--9c49d20a-1bc1-495d-80c1-31cf646cdcb3" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--0ed22116-2b03-40dd-b923-77f39a70706f", "created": "2018-06-13T07:24:08.000Z", "modified": "2018-06-13T07:24:08.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--e08004b1-c47a-4ac6-8cfc-f6d0fede16c2", "target_ref": "x-misp-object--313cd2f5-94fd-4c71-9696-28bb02e5bb42" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--7ac933bd-6540-4749-9930-600bbaf12394", "created": "2018-06-13T07:24:08.000Z", "modified": "2018-06-13T07:24:08.000Z", "relationship_type": "analysed-with", "source_ref": "x-misp-object--8393ebcf-fb96-4425-84c0-3e9b52c5b6ad", "target_ref": "x-misp-object--6e24c710-c408-4bd6-a3d8-f0908de408d1" }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }