{ "type": "bundle", "id": "bundle--5d10a039-8c58-42e1-b663-4f85950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:07:53.000Z", "modified": "2019-06-24T10:07:53.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--5d10a039-8c58-42e1-b663-4f85950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:07:53.000Z", "modified": "2019-06-24T10:07:53.000Z", "name": "Related malware samples", "published": "2019-06-24T10:12:10Z", "object_refs": [ "indicator--5d10a065-e758-45c5-8eea-be4f950d210f", "indicator--5d10a065-cc98-4df4-9b90-be4f950d210f", "indicator--5d10a065-933c-4b80-b3ba-be4f950d210f", "indicator--5d10a065-a8e4-4824-aa3d-be4f950d210f", "indicator--5d10a065-3468-416c-8e0c-be4f950d210f", "indicator--5d10a065-1650-4efc-9404-be4f950d210f", "indicator--5d10a065-82f8-4a57-a0a5-be4f950d210f", "indicator--5d10a066-ec78-4ac0-a1ed-be4f950d210f", "indicator--5d10a066-a648-495f-bdc7-be4f950d210f", "indicator--5d10a066-1f30-4585-b9fd-be4f950d210f", "indicator--5d10a066-8a58-47f6-9e3a-be4f950d210f", "indicator--5d10a066-4750-4d8f-a53b-be4f950d210f", "indicator--5d10a066-3dac-4f3a-935a-be4f950d210f", "indicator--5d10a066-3960-4e07-bd00-be4f950d210f", "indicator--5d10a066-f440-4456-ae4a-be4f950d210f", "indicator--5d10a066-03bc-4379-bffb-be4f950d210f", "indicator--5d10a066-7c74-4dfa-b8e7-be4f950d210f", "indicator--5d10a066-3c4c-4b6e-8554-be4f950d210f", "indicator--5d10a066-19f0-4d1e-8ad2-be4f950d210f", "indicator--5d10a066-12cc-44bd-850b-be4f950d210f", "indicator--67ed59a2-66f4-4c95-8b12-7679358cc061", "x-misp-object--68ee7f9d-3892-4898-9f9a-27eb405ea646", "indicator--6b7dc6c8-405a-491a-941e-0838ac468eb8", "x-misp-object--27f8ac92-a4ae-40ae-8106-a2a1d3289cac", "indicator--dc9a1181-16f6-4df6-ad77-b57aa97fb01b", "x-misp-object--02f369b7-41f1-4700-87fb-dc09d8e8c079", "indicator--7efa6bfe-0403-4c88-9574-51082d33ae16", "x-misp-object--db7648f2-19ba-4594-9798-579a888aa535", "indicator--90a41b1c-dd6f-4264-abc7-31372e4cb611", "x-misp-object--3b0fc520-fc60-4042-a9c3-0ed308468809", "indicator--c58b70f1-7199-48e2-9325-242b34f59df7", "x-misp-object--2363af85-ce15-4491-98ef-b5109c7f9e3a", "indicator--6c35f8b2-be3b-4ee0-86a4-44cadfe24502", "x-misp-object--db7ffcf5-82f6-4062-9e71-117cfa5e11bf", "indicator--a3d8ece6-076d-4e93-817c-e52f99d7bc91", "x-misp-object--ae889334-b1e2-420a-a6f9-fa7b9cac3dd4", "indicator--c65542a4-ff6d-4b6e-ac43-250a1934f1ca", "x-misp-object--065b2da9-fbc7-437d-9f97-12708be65916", "indicator--ca75b7ba-1603-4c52-8509-c0416e6a8d75", "x-misp-object--52acc3e5-56f7-4a09-9b95-111eadc88a30", "indicator--b7b34087-2523-4f90-834c-4c39d1f9fd80", "x-misp-object--3fdf498f-9cf6-4d8a-9c33-3c8c79f978ac", "indicator--c8c8015e-e4f3-4972-9e38-68844fc75b94", "x-misp-object--33dd33ef-deb9-45a1-86ef-a95c874fe704", "indicator--6c7582dd-51b6-4f33-b7c7-1d38cb37d2fd", "x-misp-object--21605925-6731-40ca-839d-27014ce56478", "indicator--fa65035d-0778-4816-b10f-b68db668549c", "x-misp-object--74c01042-8a35-49a1-8d8f-3bf768d9ad88", "indicator--1ce52f7f-f76b-421c-957d-461143d8f1db", "x-misp-object--6306d01a-00de-483a-b6fb-b82582968cbd", "indicator--ffe83192-dacd-4f72-a61b-b20d25900bf5", "x-misp-object--cece1d62-a9ee-415c-b2d2-f336e70d73c8", "indicator--c10ef3c3-4023-44e9-97bc-923cce79333f", "x-misp-object--47d0ede0-654e-455f-88d8-a9437d6de5ee", "indicator--88ff7349-f299-4e93-bbd6-e20983e8ed8e", "x-misp-object--d91e91e4-1a4a-45f6-8711-5d1490d26630", "indicator--f644c6a7-515d-4dfc-8680-17f45d376d0b", "x-misp-object--81d23148-fa66-4de6-b534-ca97bc2763cd", "indicator--ad82fd5d-18fa-41dc-9415-0c43b49f757d", "x-misp-object--043507f2-5a95-46e8-ae78-ea3a943a5dc5", "relationship--763f9ddf-4f4b-4077-8d24-de24a36479ed", "relationship--7a43bccd-a70a-4445-8f84-b49239d04a4c", "relationship--3978c5b0-6827-438c-9150-d090a824a9a0", "relationship--a5a1070c-f540-457d-9b7d-ccdce5234154", "relationship--e8860f22-ecd1-4733-bff5-0476fcd4a05f", "relationship--47d8cf55-0945-4e71-bdeb-46b8a9b2d3ce", "relationship--3a0bab96-e75d-4008-a4df-190653a3d22b", "relationship--9a3b83c4-5c88-4ca6-adf5-3574a79b3add", "relationship--b3cd50b5-e182-4442-8a8b-0dd8771cd223", "relationship--d2d9c4b2-8171-474d-bebc-de181c78145e", "relationship--b11f3226-324a-471a-9102-efdf4b09e4c7", "relationship--421a7804-3017-4ce3-b215-8cc6dbccb6ef", "relationship--2d106bec-f950-4c1e-bd81-563979717683", "relationship--d5b15bba-fbe9-4837-aaa7-8185ad6964d7", "relationship--26ff4263-59ee-4a67-9be8-aa684883c44f", "relationship--7e7d5dc4-65f4-4ee3-a8a4-ca17fc71f963", "relationship--f95f4062-d6a3-486c-b16e-f25e354f2ae8", "relationship--bc39140f-f7e2-4509-8f2c-7e69fbf8ddc1", "relationship--c8e94af7-c460-4aa6-a77f-5d5ab9316fb1", "relationship--79c308c3-3f36-47f4-b669-a35ae9bddaeb" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "type:OSINT", "osint:lifetime=\"perpetual\"", "osint:certainty=\"50\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d10a065-e758-45c5-8eea-be4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:05:25.000Z", "modified": "2019-06-24T10:05:25.000Z", "description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "pattern": "[file:hashes.SHA256 = '68119bdc5aabd1ff246318d16c70dc894bb7e13e72e1e754afc2d9ecdf66d602']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:05:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d10a065-cc98-4df4-9b90-be4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:05:25.000Z", "modified": "2019-06-24T10:05:25.000Z", "description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "pattern": "[file:hashes.SHA256 = 'e82bc26207786dc9b539f51dc4040840cc33df962b7bcd0965eb9580cf3563eb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:05:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d10a065-933c-4b80-b3ba-be4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:05:25.000Z", "modified": "2019-06-24T10:05:25.000Z", "description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "pattern": "[file:hashes.SHA256 = 'fee3b8f29ced54cd36da1c6263ec22739f1f545781485553d69769bae81452f1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:05:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d10a065-a8e4-4824-aa3d-be4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:05:25.000Z", "modified": "2019-06-24T10:05:25.000Z", "description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "pattern": "[file:hashes.SHA256 = '20a4730fb7eb79a85b02dc8e2ef185f4f5b2e3b0c53ffeba65d77dace18f8596']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:05:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d10a065-3468-416c-8e0c-be4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:05:25.000Z", "modified": "2019-06-24T10:05:25.000Z", "description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "pattern": "[file:hashes.SHA256 = '42746e8f39ac613d17ed3e66032a953d190495f9dfd3baff23b192e825c5330a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:05:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d10a065-1650-4efc-9404-be4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:05:25.000Z", "modified": "2019-06-24T10:05:25.000Z", "description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "pattern": "[file:hashes.SHA256 = 'fd43d3f491eb73af2c4499f0e12e0dadb4134d6fa713972dcfd225958e53edae']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:05:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d10a065-82f8-4a57-a0a5-be4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:05:25.000Z", "modified": "2019-06-24T10:05:25.000Z", "description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "pattern": "[file:hashes.SHA256 = 'c96ffb18c019301004ee5e0659ac76d040f845a5d1035f6fb52c07d452268080']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:05:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d10a066-ec78-4ac0-a1ed-be4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:05:26.000Z", "modified": "2019-06-24T10:05:26.000Z", "description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "pattern": "[file:hashes.SHA256 = '2131fa07ecb0799ebdca4607133b688bdb6987deed9df117aa804483a900700a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:05:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d10a066-a648-495f-bdc7-be4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:05:26.000Z", "modified": "2019-06-24T10:05:26.000Z", "description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "pattern": "[file:hashes.SHA256 = 'd539f4051bd555b5d365f873f3b5f42dd697217c2da20502a0319d5a2cbaf983']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:05:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d10a066-1f30-4585-b9fd-be4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:05:26.000Z", "modified": "2019-06-24T10:05:26.000Z", "description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "pattern": "[file:hashes.SHA256 = '15f6fa49df4acd4eb81f6df4fe5a678eba322bb40c853bd55548110617b70ccb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:05:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d10a066-8a58-47f6-9e3a-be4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:05:26.000Z", "modified": "2019-06-24T10:05:26.000Z", "description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "pattern": "[file:hashes.SHA256 = 'f3de0fd3a162cbc36086793450ee7fa163bda2afc987f151ffa7f2e76fed31ac']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:05:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d10a066-4750-4d8f-a53b-be4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:05:26.000Z", "modified": "2019-06-24T10:05:26.000Z", "description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "pattern": "[file:hashes.SHA256 = 'd4e94cc61eada4217334b59d2a1530faa8aaeaf8eab87414d51e6f075ef0d650']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:05:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d10a066-3dac-4f3a-935a-be4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:05:26.000Z", "modified": "2019-06-24T10:05:26.000Z", "pattern": "[file:hashes.SHA256 = 'c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:05:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d10a066-3960-4e07-bd00-be4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:05:26.000Z", "modified": "2019-06-24T10:05:26.000Z", "description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "pattern": "[file:hashes.SHA256 = '06ecc4e30d19a68948bd40f8fd2519a51e83e67d11267cc65888bf6b9688064e']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:05:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d10a066-f440-4456-ae4a-be4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:05:26.000Z", "modified": "2019-06-24T10:05:26.000Z", "description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "pattern": "[file:hashes.SHA256 = '5b0cbc9ffc804a87e657989eb8d4dbf0db2e9f838ee0c904e5b295ae0cd77cf0']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:05:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d10a066-03bc-4379-bffb-be4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:05:26.000Z", "modified": "2019-06-24T10:05:26.000Z", "description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "pattern": "[file:hashes.SHA256 = '74e135349aca525b39219e6260e371065f2d0da625cebf54cbc258e5fc89c2bb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:05:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d10a066-7c74-4dfa-b8e7-be4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:05:26.000Z", "modified": "2019-06-24T10:05:26.000Z", "description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "pattern": "[file:hashes.SHA256 = '75238f0112ba8bdb192f7db0e3a8cdb937294d09d108713c3ac71e38d6aa282b']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:05:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d10a066-3c4c-4b6e-8554-be4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:05:26.000Z", "modified": "2019-06-24T10:05:26.000Z", "description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "pattern": "[file:hashes.SHA256 = 'f39ee72b2cd385cfb7bfdd10a7189c48c5f8dcdd06d52cb6067e9856b8fde8e4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:05:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d10a066-19f0-4d1e-8ad2-be4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:05:26.000Z", "modified": "2019-06-24T10:05:26.000Z", "description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "pattern": "[file:hashes.SHA256 = 'c7bfe41bca92e8fb1e50e71c977d05e1f36cf69e05d83a6333562b98792aa4d8']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:05:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5d10a066-12cc-44bd-850b-be4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:05:26.000Z", "modified": "2019-06-24T10:05:26.000Z", "description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "pattern": "[file:hashes.SHA256 = 'b1f443b93048da15ce9c875c2d47cc098d4677f45d04baecfe19f7c0deea5230']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:05:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--67ed59a2-66f4-4c95-8b12-7679358cc061", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:21.000Z", "modified": "2019-06-24T10:06:21.000Z", "pattern": "[file:hashes.MD5 = 'ca6924653317bdce9630b9489b4bf2cd' AND file:hashes.SHA1 = '41fb47451bf90062554d943e46c5658c17fec0c4' AND file:hashes.SHA256 = 'd4e94cc61eada4217334b59d2a1530faa8aaeaf8eab87414d51e6f075ef0d650']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:06:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--68ee7f9d-3892-4898-9f9a-27eb405ea646", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:22.000Z", "modified": "2019-06-24T10:06:22.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-06-24T05:12:11", "category": "Other", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "2175b7c2-8d64-4b21-aff9-1aac433a7466" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/d4e94cc61eada4217334b59d2a1530faa8aaeaf8eab87414d51e6f075ef0d650/analysis/1561353131/", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "61210eca-a58d-46d7-8a3b-aca95eeb537e" }, { "type": "text", "object_relation": "detection-ratio", "value": "14/71", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "f09efb6b-dd17-405b-8d5c-abdf89fd3e22" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6b7dc6c8-405a-491a-941e-0838ac468eb8", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:22.000Z", "modified": "2019-06-24T10:06:22.000Z", "pattern": "[file:hashes.MD5 = '6af4f7d24b875d20966f5daff5fc531f' AND file:hashes.SHA1 = '99aff96b4a14c4ea03a62c73033db059d5b389d4' AND file:hashes.SHA256 = '15f6fa49df4acd4eb81f6df4fe5a678eba322bb40c853bd55548110617b70ccb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:06:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--27f8ac92-a4ae-40ae-8106-a2a1d3289cac", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:22.000Z", "modified": "2019-06-24T10:06:22.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-28T23:00:04", "category": "Other", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "076476b4-bdf6-47c1-a5d3-5e4606eb1a4c" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/15f6fa49df4acd4eb81f6df4fe5a678eba322bb40c853bd55548110617b70ccb/analysis/1556492404/", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "9547870d-47ea-40d8-ba0a-5edd03fdca6d" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/73", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "280f530d-5636-4cd7-8d41-c4fc77b07e56" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--dc9a1181-16f6-4df6-ad77-b57aa97fb01b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:23.000Z", "modified": "2019-06-24T10:06:23.000Z", "pattern": "[file:hashes.MD5 = 'f4f761d3bd528c62e654d6d781d52c15' AND file:hashes.SHA1 = 'c4238ff628940b8a6a043ceed83a1557cd8a672b' AND file:hashes.SHA256 = 'c96ffb18c019301004ee5e0659ac76d040f845a5d1035f6fb52c07d452268080']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:06:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--02f369b7-41f1-4700-87fb-dc09d8e8c079", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:23.000Z", "modified": "2019-06-24T10:06:23.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2018-03-07T12:27:14", "category": "Other", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "dfd170ae-4fc0-42d1-b107-7c72e4bc34f0" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/c96ffb18c019301004ee5e0659ac76d040f845a5d1035f6fb52c07d452268080/analysis/1520425634/", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "1450d2d2-ca82-4fcb-bc64-55845f1f63f0" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/68", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "4e0f19c4-7b1a-46d5-81d0-45192b3c5258" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--7efa6bfe-0403-4c88-9574-51082d33ae16", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:23.000Z", "modified": "2019-06-24T10:06:23.000Z", "pattern": "[file:hashes.MD5 = '9345fecf6526dd824c4554a965fd8ed0' AND file:hashes.SHA1 = 'b38f7ab840943d90886a11344ce5113405c57391' AND file:hashes.SHA256 = '5b0cbc9ffc804a87e657989eb8d4dbf0db2e9f838ee0c904e5b295ae0cd77cf0']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:06:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--db7648f2-19ba-4594-9798-579a888aa535", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:24.000Z", "modified": "2019-06-24T10:06:24.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-06-24T08:14:05", "category": "Other", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "62dfe760-984e-4eb5-a5ff-b40f060b1640" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/5b0cbc9ffc804a87e657989eb8d4dbf0db2e9f838ee0c904e5b295ae0cd77cf0/analysis/1561364045/", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "aa2f957e-ddb4-4d0e-8ba6-4468225bf27c" }, { "type": "text", "object_relation": "detection-ratio", "value": "16/70", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "ab245b26-f046-49b8-b0e8-bc9ae1130357" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--90a41b1c-dd6f-4264-abc7-31372e4cb611", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:24.000Z", "modified": "2019-06-24T10:06:24.000Z", "pattern": "[file:hashes.MD5 = '236b4c24d8c21081b2d4555c97caf81f' AND file:hashes.SHA1 = '77c3f37021e1389f7f37942c1ac739e3d59903e3' AND file:hashes.SHA256 = '42746e8f39ac613d17ed3e66032a953d190495f9dfd3baff23b192e825c5330a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:06:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--3b0fc520-fc60-4042-a9c3-0ed308468809", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:24.000Z", "modified": "2019-06-24T10:06:24.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2018-01-28T17:27:08", "category": "Other", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "971c0648-fcc4-41f3-abc9-ff1df83827ef" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/42746e8f39ac613d17ed3e66032a953d190495f9dfd3baff23b192e825c5330a/analysis/1517160428/", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "a58c70bc-5d01-4817-89ea-aea12d3be3a6" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/66", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "a8fce262-c9be-464b-8e1e-bb25b2956003" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--c58b70f1-7199-48e2-9325-242b34f59df7", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:25.000Z", "modified": "2019-06-24T10:06:25.000Z", "pattern": "[file:hashes.MD5 = '604ee583a7afcfe26850722702dcf71c' AND file:hashes.SHA1 = '4f94e277bb93dfa35b9aa9e7fe3fe506a60b2579' AND file:hashes.SHA256 = '74e135349aca525b39219e6260e371065f2d0da625cebf54cbc258e5fc89c2bb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:06:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--2363af85-ce15-4491-98ef-b5109c7f9e3a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:25.000Z", "modified": "2019-06-24T10:06:25.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-06-24T06:20:48", "category": "Other", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "275d7278-b07d-4caa-ada8-7692e08208ab" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/74e135349aca525b39219e6260e371065f2d0da625cebf54cbc258e5fc89c2bb/analysis/1561357248/", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "d48a2b53-ba80-4d2f-90a4-9211dba387c4" }, { "type": "text", "object_relation": "detection-ratio", "value": "15/68", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "4bd24e8b-cc6e-44af-93ed-6bba2a97926a" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6c35f8b2-be3b-4ee0-86a4-44cadfe24502", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:25.000Z", "modified": "2019-06-24T10:06:25.000Z", "pattern": "[file:hashes.MD5 = 'b4abcaa84aa2b70b029d875179e89a52' AND file:hashes.SHA1 = 'cd5afa7d5fb1976267f7892f530c90898463267d' AND file:hashes.SHA256 = 'c7bfe41bca92e8fb1e50e71c977d05e1f36cf69e05d83a6333562b98792aa4d8']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:06:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--db7ffcf5-82f6-4062-9e71-117cfa5e11bf", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:25.000Z", "modified": "2019-06-24T10:06:25.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-04-27T11:37:47", "category": "Other", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "55c7ea9a-022e-4858-a901-4ec28c62ed66" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/c7bfe41bca92e8fb1e50e71c977d05e1f36cf69e05d83a6333562b98792aa4d8/analysis/1556365067/", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "33e035a3-5323-40da-bdac-60c272341b93" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/72", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "9e4db766-f7f1-4a86-b359-8787fec3abec" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--a3d8ece6-076d-4e93-817c-e52f99d7bc91", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:26.000Z", "modified": "2019-06-24T10:06:26.000Z", "pattern": "[file:hashes.MD5 = '29e033f7c1617337d8cea7e9b799b73a' AND file:hashes.SHA1 = '26bb3217cbb55820aeb4a0b0769178646a96c7a8' AND file:hashes.SHA256 = 'e82bc26207786dc9b539f51dc4040840cc33df962b7bcd0965eb9580cf3563eb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:06:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--ae889334-b1e2-420a-a6f9-fa7b9cac3dd4", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:26.000Z", "modified": "2019-06-24T10:06:26.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2018-02-19T04:21:00", "category": "Other", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "8959fdf7-2fdd-401b-a528-34d7382063c9" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/e82bc26207786dc9b539f51dc4040840cc33df962b7bcd0965eb9580cf3563eb/analysis/1519014060/", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "0d396da5-90ec-4157-b5d3-65ac0dbbd59b" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/68", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "b24e2232-b534-45c9-a424-0120603d130a" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--c65542a4-ff6d-4b6e-ac43-250a1934f1ca", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:26.000Z", "modified": "2019-06-24T10:06:26.000Z", "pattern": "[file:hashes.MD5 = '3fa74cef2a744af4658a8a637079fdea' AND file:hashes.SHA1 = 'dabbca5b727e1778bcea0d0c7064ba0e582c8dc3' AND file:hashes.SHA256 = '06ecc4e30d19a68948bd40f8fd2519a51e83e67d11267cc65888bf6b9688064e']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:06:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--065b2da9-fbc7-437d-9f97-12708be65916", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:26.000Z", "modified": "2019-06-24T10:06:26.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-06-24T07:23:57", "category": "Other", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "2ce98037-8e93-47c7-8ce0-d90847571b9c" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/06ecc4e30d19a68948bd40f8fd2519a51e83e67d11267cc65888bf6b9688064e/analysis/1561361037/", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "8a2245af-145f-4f8b-b0db-b637337c8f60" }, { "type": "text", "object_relation": "detection-ratio", "value": "9/70", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "48b46bda-a8d6-4f5d-879b-c9dbae138dff" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--ca75b7ba-1603-4c52-8509-c0416e6a8d75", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:27.000Z", "modified": "2019-06-24T10:06:27.000Z", "pattern": "[file:hashes.MD5 = '8989672db4d283f6c8e5b97eda426ef4' AND file:hashes.SHA1 = '7cae4abd0b632e822d3163bf62435e658cab76c4' AND file:hashes.SHA256 = 'c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:06:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--52acc3e5-56f7-4a09-9b95-111eadc88a30", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:27.000Z", "modified": "2019-06-24T10:06:27.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-06-24T08:53:28", "category": "Other", "uuid": "42011254-d61b-4f92-9e90-b80437193e7e" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3/analysis/1561366408/", "category": "Payload delivery", "uuid": "1835e037-f81d-4163-a750-6bcc104b4b91" }, { "type": "text", "object_relation": "detection-ratio", "value": "9/72", "category": "Payload delivery", "uuid": "8812b962-73d6-48da-be8a-657181a5aaba" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b7b34087-2523-4f90-834c-4c39d1f9fd80", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:27.000Z", "modified": "2019-06-24T10:06:27.000Z", "pattern": "[file:hashes.MD5 = 'daf9990d0087f355bd48691d7aa7fec2' AND file:hashes.SHA1 = '42663d524bc1d0e061544a7d441708f632cc5b0b' AND file:hashes.SHA256 = 'fd43d3f491eb73af2c4499f0e12e0dadb4134d6fa713972dcfd225958e53edae']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:06:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--3fdf498f-9cf6-4d8a-9c33-3c8c79f978ac", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:27.000Z", "modified": "2019-06-24T10:06:27.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-01-31T13:31:28", "category": "Other", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "dd981624-faca-4657-86b9-ea74065a9534" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/fd43d3f491eb73af2c4499f0e12e0dadb4134d6fa713972dcfd225958e53edae/analysis/1548941488/", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "d36e55a7-e915-4592-a1f6-b12f80d964ca" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/71", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "43784ef4-34c5-4325-b1f8-be94f3324b99" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--c8c8015e-e4f3-4972-9e38-68844fc75b94", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:28.000Z", "modified": "2019-06-24T10:06:28.000Z", "pattern": "[file:hashes.MD5 = '785a43c266110a23eeda98d025ee8355' AND file:hashes.SHA1 = 'e361ccf82aeacc043b6b96a4d9bff52e2faabce8' AND file:hashes.SHA256 = '2131fa07ecb0799ebdca4607133b688bdb6987deed9df117aa804483a900700a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:06:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--33dd33ef-deb9-45a1-86ef-a95c874fe704", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:28.000Z", "modified": "2019-06-24T10:06:28.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-06-18T23:15:53", "category": "Other", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "cf38cd9c-89f6-47d2-9656-884640682d9b" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/2131fa07ecb0799ebdca4607133b688bdb6987deed9df117aa804483a900700a/analysis/1560899753/", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "dd0cbb07-4ab3-4c9a-a69d-2ddd63446f33" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/70", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "b026bd6c-d16b-4765-bf2a-f1b2ddd0c436" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6c7582dd-51b6-4f33-b7c7-1d38cb37d2fd", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:29.000Z", "modified": "2019-06-24T10:06:29.000Z", "pattern": "[file:hashes.MD5 = 'e51f59de0ec12c91bfc0781c19b56d46' AND file:hashes.SHA1 = '0599bcee54874f5549c9ec322ce39958fc940cf6' AND file:hashes.SHA256 = 'f39ee72b2cd385cfb7bfdd10a7189c48c5f8dcdd06d52cb6067e9856b8fde8e4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:06:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--21605925-6731-40ca-839d-27014ce56478", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:29.000Z", "modified": "2019-06-24T10:06:29.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-06-24T06:02:33", "category": "Other", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "e0cd214b-b04b-4df9-84e1-8456e27ae039" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/f39ee72b2cd385cfb7bfdd10a7189c48c5f8dcdd06d52cb6067e9856b8fde8e4/analysis/1561356153/", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "c99de52c-6122-4026-9416-4599a493ae3d" }, { "type": "text", "object_relation": "detection-ratio", "value": "18/69", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "4d61cfce-0b8a-4d19-a2c4-1c82908fd964" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--fa65035d-0778-4816-b10f-b68db668549c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:29.000Z", "modified": "2019-06-24T10:06:29.000Z", "pattern": "[file:hashes.MD5 = '75c404a2f5ec2bc7fa97609d6f3cd79d' AND file:hashes.SHA1 = '111041a42ec79e4c585ad21266a0d0642f892017' AND file:hashes.SHA256 = '75238f0112ba8bdb192f7db0e3a8cdb937294d09d108713c3ac71e38d6aa282b']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:06:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--74c01042-8a35-49a1-8d8f-3bf768d9ad88", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:29.000Z", "modified": "2019-06-24T10:06:29.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-06-24T07:33:28", "category": "Other", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "7cf1c4ba-f81d-471b-b6e1-d2ebb5b74820" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/75238f0112ba8bdb192f7db0e3a8cdb937294d09d108713c3ac71e38d6aa282b/analysis/1561361608/", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "30bb1459-9ebd-4deb-8245-4a73daef88e4" }, { "type": "text", "object_relation": "detection-ratio", "value": "15/70", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "5c81c225-7d7c-4fbb-912e-8bff50a2773e" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--1ce52f7f-f76b-421c-957d-461143d8f1db", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:29.000Z", "modified": "2019-06-24T10:06:29.000Z", "pattern": "[file:hashes.MD5 = '469012ef3f2f35bcdbd0b72e8cffa0a0' AND file:hashes.SHA1 = '4d983189d089865b14a7870d59a761bc352afd7e' AND file:hashes.SHA256 = '20a4730fb7eb79a85b02dc8e2ef185f4f5b2e3b0c53ffeba65d77dace18f8596']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:06:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--6306d01a-00de-483a-b6fb-b82582968cbd", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:30.000Z", "modified": "2019-06-24T10:06:30.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2018-03-28T13:26:47", "category": "Other", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "49f7b085-7537-486a-91c9-7424b5aec7b2" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/20a4730fb7eb79a85b02dc8e2ef185f4f5b2e3b0c53ffeba65d77dace18f8596/analysis/1522243607/", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "39e8d20b-60c9-4372-af38-9eb6fbadef38" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/58", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "a274d2ce-f7cb-4e03-ae3e-01a11b934d98" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--ffe83192-dacd-4f72-a61b-b20d25900bf5", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:30.000Z", "modified": "2019-06-24T10:06:30.000Z", "pattern": "[file:hashes.MD5 = '810758799934c8a3b6560e572beb303b' AND file:hashes.SHA1 = 'e1d16422934f30f35427acd7b044537d01c5392f' AND file:hashes.SHA256 = 'fee3b8f29ced54cd36da1c6263ec22739f1f545781485553d69769bae81452f1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:06:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--cece1d62-a9ee-415c-b2d2-f336e70d73c8", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:30.000Z", "modified": "2019-06-24T10:06:30.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2018-12-24T02:49:43", "category": "Other", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "c79f56f3-fd19-4ee0-87c9-deda5bfbd0a3" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/fee3b8f29ced54cd36da1c6263ec22739f1f545781485553d69769bae81452f1/analysis/1545619783/", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "03efdde6-41a1-430a-a188-c9f6e4e2074f" }, { "type": "text", "object_relation": "detection-ratio", "value": "1/71", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "c612000d-f886-4fb5-9b38-6f65356b010f" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--c10ef3c3-4023-44e9-97bc-923cce79333f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:30.000Z", "modified": "2019-06-24T10:06:30.000Z", "pattern": "[file:hashes.MD5 = '047ea9967c5a424401e2363a00420b9c' AND file:hashes.SHA1 = '7b69ccfa700fab951c964a2b58e37245a0c8185e' AND file:hashes.SHA256 = 'b1f443b93048da15ce9c875c2d47cc098d4677f45d04baecfe19f7c0deea5230']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:06:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--47d0ede0-654e-455f-88d8-a9437d6de5ee", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:31.000Z", "modified": "2019-06-24T10:06:31.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-06-24T01:45:48", "category": "Other", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "7ba9b985-86bd-4a6e-a487-7e63c7a796dc" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/b1f443b93048da15ce9c875c2d47cc098d4677f45d04baecfe19f7c0deea5230/analysis/1561340748/", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "0eb9a820-da56-4eae-8107-aa57874b34ed" }, { "type": "text", "object_relation": "detection-ratio", "value": "10/67", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "69d3c2ec-4045-48ee-b2e8-f1f29fe44543" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--88ff7349-f299-4e93-bbd6-e20983e8ed8e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:31.000Z", "modified": "2019-06-24T10:06:31.000Z", "pattern": "[file:hashes.MD5 = 'fa0cb1b4b7ccf8b8103961bbb3389799' AND file:hashes.SHA1 = '9434b5c1961f80fb309686f055cf5a6fca33e584' AND file:hashes.SHA256 = 'f3de0fd3a162cbc36086793450ee7fa163bda2afc987f151ffa7f2e76fed31ac']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:06:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--d91e91e4-1a4a-45f6-8711-5d1490d26630", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:32.000Z", "modified": "2019-06-24T10:06:32.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-06-24T05:12:05", "category": "Other", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "a090ceea-b605-4cc3-9c8c-27437e17c6f3" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/f3de0fd3a162cbc36086793450ee7fa163bda2afc987f151ffa7f2e76fed31ac/analysis/1561353125/", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "892baa9d-d0ba-4a2e-9da4-078533e365fe" }, { "type": "text", "object_relation": "detection-ratio", "value": "17/71", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "6e17e7c2-db13-4da4-a44e-1398a232bc83" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--f644c6a7-515d-4dfc-8680-17f45d376d0b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:32.000Z", "modified": "2019-06-24T10:06:32.000Z", "pattern": "[file:hashes.MD5 = 'c756e930fe90463d8cc05eeb791b7003' AND file:hashes.SHA1 = 'bd1ccc005b794e8e009c347837bb2d520de222fa' AND file:hashes.SHA256 = '68119bdc5aabd1ff246318d16c70dc894bb7e13e72e1e754afc2d9ecdf66d602']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:06:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--81d23148-fa66-4de6-b534-ca97bc2763cd", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:32.000Z", "modified": "2019-06-24T10:06:32.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-06-24T09:11:31", "category": "Other", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "21b67394-c1d9-4e0e-bf9e-2ea93014d08e" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/68119bdc5aabd1ff246318d16c70dc894bb7e13e72e1e754afc2d9ecdf66d602/analysis/1561367491/", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "d5e34d6b-e6c9-419b-9be6-fd4d6a4f51a7" }, { "type": "text", "object_relation": "detection-ratio", "value": "14/69", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "2b4942ef-85a4-402d-bf1c-a7cebf289d06" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--ad82fd5d-18fa-41dc-9415-0c43b49f757d", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:32.000Z", "modified": "2019-06-24T10:06:32.000Z", "pattern": "[file:hashes.MD5 = 'b9fbb85b713a6a9df88592fb0a66cf20' AND file:hashes.SHA1 = '5773cd6c7300a18e3b2e60531f9033ad7a047563' AND file:hashes.SHA256 = 'd539f4051bd555b5d365f873f3b5f42dd697217c2da20502a0319d5a2cbaf983']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-06-24T10:06:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--043507f2-5a95-46e8-ae78-ea3a943a5dc5", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-06-24T10:06:33.000Z", "modified": "2019-06-24T10:06:33.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2018-03-03T05:33:38", "category": "Other", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "4c906868-98d4-40b8-8213-f3754a672419" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/d539f4051bd555b5d365f873f3b5f42dd697217c2da20502a0319d5a2cbaf983/analysis/1520055218/", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "6fd2097c-6a87-4a21-a372-a4678498ee64" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/68", "category": "Payload delivery", "comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)", "uuid": "a6b829f7-6716-4ad9-8b6e-cff5973d7206" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--763f9ddf-4f4b-4077-8d24-de24a36479ed", "created": "2019-06-24T10:06:33.000Z", "modified": "2019-06-24T10:06:33.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--67ed59a2-66f4-4c95-8b12-7679358cc061", "target_ref": "x-misp-object--68ee7f9d-3892-4898-9f9a-27eb405ea646" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--7a43bccd-a70a-4445-8f84-b49239d04a4c", "created": "2019-06-24T10:06:33.000Z", "modified": "2019-06-24T10:06:33.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--6b7dc6c8-405a-491a-941e-0838ac468eb8", "target_ref": "x-misp-object--27f8ac92-a4ae-40ae-8106-a2a1d3289cac" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--3978c5b0-6827-438c-9150-d090a824a9a0", "created": "2019-06-24T10:06:33.000Z", "modified": "2019-06-24T10:06:33.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--dc9a1181-16f6-4df6-ad77-b57aa97fb01b", "target_ref": "x-misp-object--02f369b7-41f1-4700-87fb-dc09d8e8c079" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--a5a1070c-f540-457d-9b7d-ccdce5234154", "created": "2019-06-24T10:06:33.000Z", "modified": "2019-06-24T10:06:33.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--7efa6bfe-0403-4c88-9574-51082d33ae16", "target_ref": "x-misp-object--db7648f2-19ba-4594-9798-579a888aa535" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--e8860f22-ecd1-4733-bff5-0476fcd4a05f", "created": "2019-06-24T10:06:34.000Z", "modified": "2019-06-24T10:06:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--90a41b1c-dd6f-4264-abc7-31372e4cb611", "target_ref": "x-misp-object--3b0fc520-fc60-4042-a9c3-0ed308468809" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--47d8cf55-0945-4e71-bdeb-46b8a9b2d3ce", "created": "2019-06-24T10:06:34.000Z", "modified": "2019-06-24T10:06:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--c58b70f1-7199-48e2-9325-242b34f59df7", "target_ref": "x-misp-object--2363af85-ce15-4491-98ef-b5109c7f9e3a" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--3a0bab96-e75d-4008-a4df-190653a3d22b", "created": "2019-06-24T10:06:34.000Z", "modified": "2019-06-24T10:06:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--6c35f8b2-be3b-4ee0-86a4-44cadfe24502", "target_ref": "x-misp-object--db7ffcf5-82f6-4062-9e71-117cfa5e11bf" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--9a3b83c4-5c88-4ca6-adf5-3574a79b3add", "created": "2019-06-24T10:06:34.000Z", "modified": "2019-06-24T10:06:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--a3d8ece6-076d-4e93-817c-e52f99d7bc91", "target_ref": "x-misp-object--ae889334-b1e2-420a-a6f9-fa7b9cac3dd4" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--b3cd50b5-e182-4442-8a8b-0dd8771cd223", "created": "2019-06-24T10:06:34.000Z", "modified": "2019-06-24T10:06:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--c65542a4-ff6d-4b6e-ac43-250a1934f1ca", "target_ref": "x-misp-object--065b2da9-fbc7-437d-9f97-12708be65916" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--d2d9c4b2-8171-474d-bebc-de181c78145e", "created": "2019-06-24T10:06:34.000Z", "modified": "2019-06-24T10:06:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--ca75b7ba-1603-4c52-8509-c0416e6a8d75", "target_ref": "x-misp-object--52acc3e5-56f7-4a09-9b95-111eadc88a30" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--b11f3226-324a-471a-9102-efdf4b09e4c7", "created": "2019-06-24T10:06:34.000Z", "modified": "2019-06-24T10:06:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--b7b34087-2523-4f90-834c-4c39d1f9fd80", "target_ref": "x-misp-object--3fdf498f-9cf6-4d8a-9c33-3c8c79f978ac" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--421a7804-3017-4ce3-b215-8cc6dbccb6ef", "created": "2019-06-24T10:06:34.000Z", "modified": "2019-06-24T10:06:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--c8c8015e-e4f3-4972-9e38-68844fc75b94", "target_ref": "x-misp-object--33dd33ef-deb9-45a1-86ef-a95c874fe704" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--2d106bec-f950-4c1e-bd81-563979717683", "created": "2019-06-24T10:06:34.000Z", "modified": "2019-06-24T10:06:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--6c7582dd-51b6-4f33-b7c7-1d38cb37d2fd", "target_ref": "x-misp-object--21605925-6731-40ca-839d-27014ce56478" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--d5b15bba-fbe9-4837-aaa7-8185ad6964d7", "created": "2019-06-24T10:06:34.000Z", "modified": "2019-06-24T10:06:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--fa65035d-0778-4816-b10f-b68db668549c", "target_ref": "x-misp-object--74c01042-8a35-49a1-8d8f-3bf768d9ad88" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--26ff4263-59ee-4a67-9be8-aa684883c44f", "created": "2019-06-24T10:06:34.000Z", "modified": "2019-06-24T10:06:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--1ce52f7f-f76b-421c-957d-461143d8f1db", "target_ref": "x-misp-object--6306d01a-00de-483a-b6fb-b82582968cbd" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--7e7d5dc4-65f4-4ee3-a8a4-ca17fc71f963", "created": "2019-06-24T10:06:34.000Z", "modified": "2019-06-24T10:06:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--ffe83192-dacd-4f72-a61b-b20d25900bf5", "target_ref": "x-misp-object--cece1d62-a9ee-415c-b2d2-f336e70d73c8" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--f95f4062-d6a3-486c-b16e-f25e354f2ae8", "created": "2019-06-24T10:06:35.000Z", "modified": "2019-06-24T10:06:35.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--c10ef3c3-4023-44e9-97bc-923cce79333f", "target_ref": "x-misp-object--47d0ede0-654e-455f-88d8-a9437d6de5ee" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--bc39140f-f7e2-4509-8f2c-7e69fbf8ddc1", "created": "2019-06-24T10:06:35.000Z", "modified": "2019-06-24T10:06:35.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--88ff7349-f299-4e93-bbd6-e20983e8ed8e", "target_ref": "x-misp-object--d91e91e4-1a4a-45f6-8711-5d1490d26630" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--c8e94af7-c460-4aa6-a77f-5d5ab9316fb1", "created": "2019-06-24T10:06:35.000Z", "modified": "2019-06-24T10:06:35.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--f644c6a7-515d-4dfc-8680-17f45d376d0b", "target_ref": "x-misp-object--81d23148-fa66-4de6-b534-ca97bc2763cd" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--79c308c3-3f36-47f4-b669-a35ae9bddaeb", "created": "2019-06-24T10:06:35.000Z", "modified": "2019-06-24T10:06:35.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--ad82fd5d-18fa-41dc-9415-0c43b49f757d", "target_ref": "x-misp-object--043507f2-5a95-46e8-ae78-ea3a943a5dc5" }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }