misp-circl-feed/feeds/circl/stix-2.1/5d47cdea-435c-45aa-8db0-4693950d210f.json

1215 lines
No EOL
53 KiB
JSON

{
"type": "bundle",
"id": "bundle--5d47cdea-435c-45aa-8db0-4693950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-11T06:43:15.000Z",
"modified": "2019-08-11T06:43:15.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5d47cdea-435c-45aa-8db0-4693950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-11T06:43:15.000Z",
"modified": "2019-08-11T06:43:15.000Z",
"name": "OSINT - From Carnaval to Cinco de Mayo \u00e2\u20ac\u201c The journey of Amavaldo",
"published": "2019-08-11T06:43:34Z",
"object_refs": [
"observed-data--5d47cdfa-0d14-464f-8041-4abe950d210f",
"url--5d47cdfa-0d14-464f-8041-4abe950d210f",
"indicator--5d482f74-badc-495e-920c-4329950d210f",
"indicator--5d483181-9e28-42d9-b8a9-460d950d210f",
"indicator--5d48319b-07ec-4769-9c2f-4fda950d210f",
"observed-data--5d492766-d074-47b5-9e28-4a78950d210f",
"mutex--5d492766-d074-47b5-9e28-4a78950d210f",
"indicator--5d493cd2-4ca4-44a7-a9f0-4b5b950d210f",
"indicator--5d493cf7-aeac-4fd3-99f3-6ecc950d210f",
"indicator--5d493d5f-8ba4-4543-bcd8-6752950d210f",
"indicator--5d493d77-e7e4-4082-82c3-41d0950d210f",
"indicator--5d493ef5-9554-4e6d-884f-490f950d210f",
"indicator--5d493f8a-85c0-4389-9644-aca6950d210f",
"indicator--5d494a11-3c6c-4c89-9d11-daa8950d210f",
"indicator--5d494a3f-1b3c-4bcc-8b34-4db5950d210f",
"indicator--5d494a5d-de44-423a-b8d1-daa7950d210f",
"indicator--5d49553d-701c-4eb3-954a-eaeb950d210f",
"indicator--5d496104-67d8-48c9-a044-7a57950d210f",
"indicator--5d4982df-1a94-4914-9cf1-464e950d210f",
"indicator--5d4982f2-0190-427f-b4c5-4f08950d210f",
"indicator--e462def8-1643-4d2f-a15a-825ff3fb335e",
"x-misp-object--6b54feea-5cb0-4c57-b10c-7a1d4a274581",
"indicator--211c8a88-4c1a-447b-a768-0ab6e30246b8",
"x-misp-object--e1227ba7-e304-4792-8a0d-039b87b94ec0",
"indicator--18ccf1e5-236a-4ad0-8556-2d5ff4532a11",
"x-misp-object--ef63bd95-99e9-4843-9ad6-725ee617c410",
"indicator--66ffca83-f5bf-46b5-aa17-25a0da26b4a8",
"x-misp-object--fa950a27-172c-4243-92fe-c54894fe8f03",
"indicator--168eca3c-6b0c-495b-bc97-76fc044663da",
"x-misp-object--299f2cd3-4943-45c0-89fd-688831a58235",
"indicator--0f1baa55-4a99-4cc2-84d1-7032ab3b20a6",
"x-misp-object--fef464cf-27a2-4bfb-bf12-4adb789baa4e",
"indicator--a7c89ed2-b308-4953-98a4-8b7b7f74f90e",
"x-misp-object--76da6429-cbfd-4a4b-83ad-a6511f97a14e",
"indicator--8ea7872e-f1cb-4652-945b-4f8f9558f662",
"x-misp-object--569e0439-c30e-444a-8ef9-76c1388c03a6",
"indicator--71291c97-7e50-4601-8836-d13f6a601564",
"x-misp-object--29b46ebc-f105-45dd-9b0e-c50ac28523bb",
"relationship--2a0b810e-9644-4d8b-8646-cc170514ec25",
"relationship--24d33beb-5e2d-424b-bc13-86413aa58529",
"relationship--9bbad80c-cf00-4842-8ded-8d30342d96d9",
"relationship--15c165bb-e6b1-4bd6-b1d5-aaa0978a96c2",
"relationship--b8f2d7f2-963c-4f7c-a453-9e3b2014bea9",
"relationship--16ea6be8-cb6f-440b-bf43-6f391bddfc96",
"relationship--0fe83ea8-e303-46b6-8f95-dfb230491c13",
"relationship--057140a5-a0f3-4567-b458-4c79518ee8c7",
"relationship--9ce8f894-a90e-4987-bd97-0311708a22df",
"relationship--f00309a1-bf2c-4cf7-b62d-e4cb1a849900",
"relationship--1dda60ea-59f6-4f55-802b-e11f2212a6b0",
"relationship--fa7c7dc8-e859-4a19-a711-707d193f867b",
"relationship--61c136ce-eccb-4eb9-bde2-4457a6f64b43"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"ecsirt:intrusions=\"backdoor\"",
"veris:action:malware:variety=\"Backdoor\"",
"ms-caro-malware:malware-type=\"Backdoor\"",
"ms-caro-malware-full:malware-type=\"Backdoor\"",
"misp-galaxy:mitre-attack-pattern=\"Masquerading - T1036\"",
"misp-galaxy:mitre-attack-pattern=\"Spearphishing via Service - T1194\"",
"misp-galaxy:mitre-attack-pattern=\"Screen Capture - T1113\"",
"misp-galaxy:mitre-attack-pattern=\"Input Capture - T1056\"",
"misp-galaxy:mitre-attack-pattern=\"Video Capture - T1125\"",
"misp-galaxy:mitre-attack-pattern=\"Forced Authentication - T1187\"",
"misp-galaxy:mitre-attack-pattern=\"Application Deployment Software - T1017\"",
"veris:action:malware:variety=\"Spyware/Keylogger\"",
"misp-galaxy:rat=\"Amavaldo Banking Trojan\"",
"misp-galaxy:tool=\"Amavaldo\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5d47cdfa-0d14-464f-8041-4abe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-05T06:34:34.000Z",
"modified": "2019-08-05T06:34:34.000Z",
"first_observed": "2019-08-05T06:34:34Z",
"last_observed": "2019-08-05T06:34:34Z",
"number_observed": 1,
"object_refs": [
"url--5d47cdfa-0d14-464f-8041-4abe950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5d47cdfa-0d14-464f-8041-4abe950d210f",
"value": "https://www.welivesecurity.com/2019/08/01/banking-trojans-amavaldo/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d482f74-badc-495e-920c-4329950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-06T11:27:20.000Z",
"modified": "2019-08-06T11:27:20.000Z",
"description": "Abused legitimate application",
"pattern": "[file:hashes.SHA1 = '6c04499f7406e270b590374ef813c4012530273e' AND file:name = 'ctfmon.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-06T11:27:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d483181-9e28-42d9-b8a9-460d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-06T11:42:32.000Z",
"modified": "2019-08-06T11:42:32.000Z",
"description": "encrypted banking trojan - ESET detection name: Win32/Spy.Amavaldo.N trojan",
"pattern": "[file:hashes.SHA1 = 'b761d9216c00f5e2871de16ae157de13c6283b5d' AND file:name = 'MsCtfMonitor']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-06T11:42:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d48319b-07ec-4769-9c2f-4fda950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-06T11:28:11.000Z",
"modified": "2019-08-06T11:28:11.000Z",
"description": "Injector for Amavaldo - ESET detection name: Win32/Spy.Amavaldo.U trojan",
"pattern": "[file:hashes.SHA1 = '1d56bab28793e3ab96e390f09f02425e52e28ffc' AND file:name = 'MsCtfMonitor.dll']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-06T11:28:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5d492766-d074-47b5-9e28-4a78950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-06T07:08:22.000Z",
"modified": "2019-08-06T07:08:22.000Z",
"first_observed": "2019-08-06T07:08:22Z",
"last_observed": "2019-08-06T07:08:22Z",
"number_observed": 1,
"object_refs": [
"mutex--5d492766-d074-47b5-9e28-4a78950d210f"
],
"labels": [
"misp:name=\"mutex\"",
"misp:meta-category=\"misc\"",
"misp:to_ids=\"False\""
]
},
{
"type": "mutex",
"spec_version": "2.1",
"id": "mutex--5d492766-d074-47b5-9e28-4a78950d210f",
"name": "D7F8FEDF-D9A0-4335-A619-D3BB3EEAEDDB",
"x_misp_description": "Additionally, the latest versions of Amavaldo can be identified by a mutex that seems to have the constant name"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d493cd2-4ca4-44a7-a9f0-4b5b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-06T13:35:56.000Z",
"modified": "2019-08-06T13:35:56.000Z",
"description": "a tool for checking internet connectivity",
"pattern": "[file:hashes.SHA1 = 'b80294261c8a1635e16e14f55a3d76889ff2c857' AND file:name = 'AICustAct.dll']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-06T13:35:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d493cf7-aeac-4fd3-99f3-6ecc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-06T13:35:33.000Z",
"modified": "2019-08-06T13:35:33.000Z",
"description": "a tool for detecting virtual environment\t",
"pattern": "[file:hashes.SHA1 = 'b191810094dd2ee6b13c0d33458fafcd459681ae' AND file:name = 'VmDetect.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-06T13:35:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d493d5f-8ba4-4543-bcd8-6752950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-06T13:13:20.000Z",
"modified": "2019-08-06T13:13:20.000Z",
"description": "Abuse legitimate application",
"pattern": "[file:hashes.SHA1 = '12c93bb262696314123562f8a4b158074c9f6b95' AND file:name = 'nvsmartmaxapp.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-06T13:13:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d493d77-e7e4-4082-82c3-41d0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-06T13:13:57.000Z",
"modified": "2019-08-06T13:13:57.000Z",
"description": "Injector for Amavaldo - ESET detection name: Win32/Spy.Amavaldo.P trojan",
"pattern": "[file:hashes.SHA1 = '6d80a959e7f52150fda2241a4073a29085c9386b' AND file:name = 'NvSmartMax.dll']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-06T13:13:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d493ef5-9554-4e6d-884f-490f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-06T13:33:28.000Z",
"modified": "2019-08-06T13:33:28.000Z",
"description": "Amavaldo - ESET detection name: Win32/Spy.Amavaldo.N trojan",
"pattern": "[file:hashes.SHA1 = 'b855d8b1bad07d578013bdb472122e405d49acc1' AND file:name = 'NvSmartMax']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-06T13:33:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d493f8a-85c0-4389-9644-aca6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-06T13:35:09.000Z",
"modified": "2019-08-06T13:35:09.000Z",
"description": "Abused legitimate application",
"pattern": "[file:hashes.SHA1 = 'fc37ac7523cf3b4020ec46d6a47bc26957e3c054' AND file:name = 'Gup.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-06T13:35:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d494a11-3c6c-4c89-9d11-daa8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-06T11:57:41.000Z",
"modified": "2019-08-06T11:57:41.000Z",
"description": "Injector for email tool - ESET detection name: Win32/Spy.Amavaldo.P trojan",
"pattern": "[file:hashes.SHA1 = '4dba5fe842b01b641a7228a4c8f805e4627c0012' AND file:name = 'libcurl.dll']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-06T11:57:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d494a3f-1b3c-4bcc-8b34-4db5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-06T13:37:59.000Z",
"modified": "2019-08-06T13:37:59.000Z",
"description": "Email tool - ESET detection name: Win32/Spy.Banker.AEGH trojan",
"pattern": "[file:hashes.SHA1 = '9a968341c65ab47bf5c7290f3b36fcf70e9c574b' AND file:name = 'Libcurl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-06T13:37:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d494a5d-de44-423a-b8d1-daa7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-06T09:40:47.000Z",
"modified": "2019-08-06T09:40:47.000Z",
"description": "Configuration file for gup.exe",
"pattern": "[file:name = 'gup.xml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-06T09:40:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d49553d-701c-4eb3-954a-eaeb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-06T10:23:57.000Z",
"modified": "2019-08-06T10:23:57.000Z",
"pattern": "[file:name = 'CurriculumVitae[\u00e2\u20ac\u00a6].msi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-06T10:23:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d496104-67d8-48c9-a044-7a57950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-06T11:14:12.000Z",
"modified": "2019-08-06T11:14:12.000Z",
"pattern": "[file:name = 'FotosPost[\u00e2\u20ac\u00a6].msi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-06T11:14:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d4982df-1a94-4914-9cf1-464e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-06T13:38:39.000Z",
"modified": "2019-08-06T13:38:39.000Z",
"description": "Downloader (MSI installer) - ESET detection name: Trojan.VBS/TrojanDownloader.Agent.QSL",
"pattern": "[file:hashes.SHA1 = 'e0c8e11f8b271c1e40f5c184afa427ffe99444f8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-06T13:38:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d4982f2-0190-427f-b4c5-4f08950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-06T13:38:58.000Z",
"modified": "2019-08-06T13:38:58.000Z",
"description": "Downloader (MSI installer) - ESET detection name: Win32/TrojanDownloader.Delf.CSG trojan",
"pattern": "[file:hashes.SHA1 = 'ad1fce0c62b532d097dacfce149c452154d51eb0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-06T13:38:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e462def8-1643-4d2f-a15a-825ff3fb335e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-11T06:32:54.000Z",
"modified": "2019-08-11T06:32:54.000Z",
"pattern": "[file:hashes.MD5 = '45c01734ed56c52797156620a5f8b414' AND file:hashes.SHA1 = 'fc37ac7523cf3b4020ec46d6a47bc26957e3c054' AND file:hashes.SHA256 = '20ae23a6793e58761a28949dec7e910ce6479ab9c2b7bcbd7a1bb4df1171c503']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-11T06:32:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--6b54feea-5cb0-4c57-b10c-7a1d4a274581",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-11T06:32:54.000Z",
"modified": "2019-08-11T06:32:54.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-08T11:14:28",
"category": "Other",
"uuid": "7e4b14b4-0aae-4ef9-a053-82ed74c31fb7"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/20ae23a6793e58761a28949dec7e910ce6479ab9c2b7bcbd7a1bb4df1171c503/analysis/1565262868/",
"category": "Payload delivery",
"uuid": "adeb231a-0e31-41ab-98e6-b1f51bf56107"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "1/66",
"category": "Payload delivery",
"uuid": "c8287316-9bfc-4ab0-8fe1-1784b0a875df"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--211c8a88-4c1a-447b-a768-0ab6e30246b8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-11T06:32:55.000Z",
"modified": "2019-08-11T06:32:55.000Z",
"pattern": "[file:hashes.MD5 = 'df3e0e32d1e1fb50cc292aebc5e5b322' AND file:hashes.SHA1 = '12c93bb262696314123562f8a4b158074c9f6b95' AND file:hashes.SHA256 = '6a1f91b94bc6c7167967983a78aa1c8780decad66c278e3d7da5e8d4dbec4412']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-11T06:32:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e1227ba7-e304-4792-8a0d-039b87b94ec0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-11T06:32:55.000Z",
"modified": "2019-08-11T06:32:55.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-07T07:57:31",
"category": "Other",
"uuid": "7e17b294-cd02-4cbf-8360-6b980e944a60"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/6a1f91b94bc6c7167967983a78aa1c8780decad66c278e3d7da5e8d4dbec4412/analysis/1565164651/",
"category": "Payload delivery",
"uuid": "3004172e-acdc-4959-b3db-66f1c5d0abe0"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "0/66",
"category": "Payload delivery",
"uuid": "d02a7092-c6ff-445e-b8df-fa9ce122458f"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--18ccf1e5-236a-4ad0-8556-2d5ff4532a11",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-11T06:32:55.000Z",
"modified": "2019-08-11T06:32:55.000Z",
"pattern": "[file:hashes.MD5 = 'e880c09454a68b4714c6f184f7968070' AND file:hashes.SHA1 = '4dba5fe842b01b641a7228a4c8f805e4627c0012' AND file:hashes.SHA256 = 'c9cf8e159809cfa97971a0b84801c6aead32e03a423a2fd0ca1c402032b16a82']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-11T06:32:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--ef63bd95-99e9-4843-9ad6-725ee617c410",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-11T06:32:55.000Z",
"modified": "2019-08-11T06:32:55.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-09T10:12:09",
"category": "Other",
"uuid": "73ae0c5f-3822-44a5-8e6a-e0c5cc7ae015"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/c9cf8e159809cfa97971a0b84801c6aead32e03a423a2fd0ca1c402032b16a82/analysis/1565345529/",
"category": "Payload delivery",
"uuid": "147b157c-4060-4849-8597-6b3cf41e56be"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "41/62",
"category": "Payload delivery",
"uuid": "cab2413e-ee43-4916-8f7f-77eab426ae20"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--66ffca83-f5bf-46b5-aa17-25a0da26b4a8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-11T06:32:55.000Z",
"modified": "2019-08-11T06:32:55.000Z",
"pattern": "[file:hashes.MD5 = '6f2bf181f8b9ca1d28465ed6bab6f3e2' AND file:hashes.SHA1 = 'ad1fce0c62b532d097dacfce149c452154d51eb0' AND file:hashes.SHA256 = '8171cbd7bc06d905a7d77d2d0dd147b0b9305d76f76a176fbda4b78768656a47']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-11T06:32:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--fa950a27-172c-4243-92fe-c54894fe8f03",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-11T06:32:55.000Z",
"modified": "2019-08-11T06:32:55.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-09T10:13:10",
"category": "Other",
"uuid": "514b8275-5a02-4fa7-bbf3-44d83f3d4c03"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/8171cbd7bc06d905a7d77d2d0dd147b0b9305d76f76a176fbda4b78768656a47/analysis/1565345590/",
"category": "Payload delivery",
"uuid": "18817da9-db4e-468c-81ab-f0fc22af73df"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "28/53",
"category": "Payload delivery",
"uuid": "fe7700b1-4509-452c-83e0-697b67eea1de"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--168eca3c-6b0c-495b-bc97-76fc044663da",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-11T06:32:56.000Z",
"modified": "2019-08-11T06:32:56.000Z",
"pattern": "[file:hashes.MD5 = '9f1e5d66c2889018daef4aef604eebc4' AND file:hashes.SHA1 = 'b80294261c8a1635e16e14f55a3d76889ff2c857' AND file:hashes.SHA256 = '02a81aea451cdfa2cd6668e3b814c4e50c6025e36b70ab972a8cc68aba5b3222']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-11T06:32:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--299f2cd3-4943-45c0-89fd-688831a58235",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-11T06:32:56.000Z",
"modified": "2019-08-11T06:32:56.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-06T18:49:02",
"category": "Other",
"uuid": "0abdb5b6-5361-4012-ba4b-bca90ddac639"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/02a81aea451cdfa2cd6668e3b814c4e50c6025e36b70ab972a8cc68aba5b3222/analysis/1565117342/",
"category": "Payload delivery",
"uuid": "e629edd0-952f-4a57-87c7-3ebfe9e54987"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "1/66",
"category": "Payload delivery",
"uuid": "98555b2e-b57c-4506-9068-8f11a7d07ca1"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0f1baa55-4a99-4cc2-84d1-7032ab3b20a6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-11T06:32:56.000Z",
"modified": "2019-08-11T06:32:56.000Z",
"pattern": "[file:hashes.MD5 = '55ffee241709ae96cf64cb0b9a96f0d7' AND file:hashes.SHA1 = 'b191810094dd2ee6b13c0d33458fafcd459681ae' AND file:hashes.SHA256 = '64bc6cf6b6e9850cea2a36cabc88982b0b936dd7f0bc169a2f6dd2a5d1e86abf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-11T06:32:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--fef464cf-27a2-4bfb-bf12-4adb789baa4e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-11T06:32:56.000Z",
"modified": "2019-08-11T06:32:56.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-09T01:41:32",
"category": "Other",
"uuid": "932dfeb4-c96d-4337-b8ac-b19215b28b68"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/64bc6cf6b6e9850cea2a36cabc88982b0b936dd7f0bc169a2f6dd2a5d1e86abf/analysis/1565314892/",
"category": "Payload delivery",
"uuid": "2ef12f33-7867-4996-a410-c4022c862b9d"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "0/68",
"category": "Payload delivery",
"uuid": "40e4ead5-bde4-4c4e-80ff-95d7236b9f0a"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a7c89ed2-b308-4953-98a4-8b7b7f74f90e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-11T06:32:56.000Z",
"modified": "2019-08-11T06:32:56.000Z",
"pattern": "[file:hashes.MD5 = '1091a566e2f44bada1f814998034bd04' AND file:hashes.SHA1 = 'e0c8e11f8b271c1e40f5c184afa427ffe99444f8' AND file:hashes.SHA256 = '1c17cf7af862cdb0af2f5540391ac3d0b427bd6369cf1a5fbb8d82fb80964d1c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-11T06:32:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--76da6429-cbfd-4a4b-83ad-a6511f97a14e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-11T06:32:57.000Z",
"modified": "2019-08-11T06:32:57.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-09T10:12:08",
"category": "Other",
"uuid": "753365f1-529c-40e2-80d8-2996a57fb0f6"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/1c17cf7af862cdb0af2f5540391ac3d0b427bd6369cf1a5fbb8d82fb80964d1c/analysis/1565345528/",
"category": "Payload delivery",
"uuid": "b2c2427d-024a-4003-97f2-4c661da00e90"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "25/52",
"category": "Payload delivery",
"uuid": "f6edb2bf-fafc-4ee9-9aae-82b2531b3718"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8ea7872e-f1cb-4652-945b-4f8f9558f662",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-11T06:32:57.000Z",
"modified": "2019-08-11T06:32:57.000Z",
"pattern": "[file:hashes.MD5 = '4a3cdcef8ed41b221f3dbef5792fb52d' AND file:hashes.SHA1 = '6c04499f7406e270b590374ef813c4012530273e' AND file:hashes.SHA256 = '6bb5f3a7147660db416b838893c7d0734872ada9f7db68b1d019043a1cb89397']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-11T06:32:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--569e0439-c30e-444a-8ef9-76c1388c03a6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-11T06:32:57.000Z",
"modified": "2019-08-11T06:32:57.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-09T12:53:04",
"category": "Other",
"uuid": "0ccdca69-9f20-42e3-ab13-e2e6b98cc13e"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/6bb5f3a7147660db416b838893c7d0734872ada9f7db68b1d019043a1cb89397/analysis/1565355184/",
"category": "Payload delivery",
"uuid": "8db662d3-7baf-4543-b958-bdebb1bdb185"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "0/66",
"category": "Payload delivery",
"uuid": "8c2c7ee6-599a-4468-bb8f-e90793092ed1"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--71291c97-7e50-4601-8836-d13f6a601564",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-11T06:32:57.000Z",
"modified": "2019-08-11T06:32:57.000Z",
"pattern": "[file:hashes.MD5 = '88eca26e7f720a3faa94864359681590' AND file:hashes.SHA1 = '6d80a959e7f52150fda2241a4073a29085c9386b' AND file:hashes.SHA256 = 'b7e72ad59f05b67e7f44f071e7c3e46a490261c653cac66063ceed52c176fae0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-11T06:32:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--29b46ebc-f105-45dd-9b0e-c50ac28523bb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-11T06:32:58.000Z",
"modified": "2019-08-11T06:32:58.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-09T10:12:08",
"category": "Other",
"uuid": "9d0e29a6-ce2e-4af8-baa0-f1a20ea19ae3"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/b7e72ad59f05b67e7f44f071e7c3e46a490261c653cac66063ceed52c176fae0/analysis/1565345528/",
"category": "Payload delivery",
"uuid": "9bb01340-6430-43f8-be1d-2c9c37985fcc"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "38/62",
"category": "Payload delivery",
"uuid": "dae0b425-f835-4ad2-87f8-709822134d4b"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--2a0b810e-9644-4d8b-8646-cc170514ec25",
"created": "2019-08-06T06:54:44.000Z",
"modified": "2019-08-06T06:54:44.000Z",
"relationship_type": "executed-by",
"source_ref": "indicator--5d483181-9e28-42d9-b8a9-460d950d210f",
"target_ref": "indicator--5d48319b-07ec-4769-9c2f-4fda950d210f"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--24d33beb-5e2d-424b-bc13-86413aa58529",
"created": "2019-08-06T06:54:27.000Z",
"modified": "2019-08-06T06:54:27.000Z",
"relationship_type": "executes",
"source_ref": "indicator--5d48319b-07ec-4769-9c2f-4fda950d210f",
"target_ref": "indicator--5d483181-9e28-42d9-b8a9-460d950d210f"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--9bbad80c-cf00-4842-8ded-8d30342d96d9",
"created": "2019-08-06T09:41:07.000Z",
"modified": "2019-08-06T09:41:07.000Z",
"relationship_type": "uses",
"source_ref": "indicator--5d493f8a-85c0-4389-9644-aca6950d210f",
"target_ref": "indicator--5d494a5d-de44-423a-b8d1-daa7950d210f"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--15c165bb-e6b1-4bd6-b1d5-aaa0978a96c2",
"created": "2019-08-06T09:40:47.000Z",
"modified": "2019-08-06T09:40:47.000Z",
"relationship_type": "used-by",
"source_ref": "indicator--5d494a5d-de44-423a-b8d1-daa7950d210f",
"target_ref": "indicator--5d493f8a-85c0-4389-9644-aca6950d210f"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--b8f2d7f2-963c-4f7c-a453-9e3b2014bea9",
"created": "2019-08-11T06:32:58.000Z",
"modified": "2019-08-11T06:32:58.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--e462def8-1643-4d2f-a15a-825ff3fb335e",
"target_ref": "x-misp-object--6b54feea-5cb0-4c57-b10c-7a1d4a274581"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--16ea6be8-cb6f-440b-bf43-6f391bddfc96",
"created": "2019-08-11T06:32:59.000Z",
"modified": "2019-08-11T06:32:59.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--211c8a88-4c1a-447b-a768-0ab6e30246b8",
"target_ref": "x-misp-object--e1227ba7-e304-4792-8a0d-039b87b94ec0"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--0fe83ea8-e303-46b6-8f95-dfb230491c13",
"created": "2019-08-11T06:32:59.000Z",
"modified": "2019-08-11T06:32:59.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--18ccf1e5-236a-4ad0-8556-2d5ff4532a11",
"target_ref": "x-misp-object--ef63bd95-99e9-4843-9ad6-725ee617c410"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--057140a5-a0f3-4567-b458-4c79518ee8c7",
"created": "2019-08-11T06:32:59.000Z",
"modified": "2019-08-11T06:32:59.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--66ffca83-f5bf-46b5-aa17-25a0da26b4a8",
"target_ref": "x-misp-object--fa950a27-172c-4243-92fe-c54894fe8f03"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--9ce8f894-a90e-4987-bd97-0311708a22df",
"created": "2019-08-11T06:32:59.000Z",
"modified": "2019-08-11T06:32:59.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--168eca3c-6b0c-495b-bc97-76fc044663da",
"target_ref": "x-misp-object--299f2cd3-4943-45c0-89fd-688831a58235"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--f00309a1-bf2c-4cf7-b62d-e4cb1a849900",
"created": "2019-08-11T06:32:59.000Z",
"modified": "2019-08-11T06:32:59.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--0f1baa55-4a99-4cc2-84d1-7032ab3b20a6",
"target_ref": "x-misp-object--fef464cf-27a2-4bfb-bf12-4adb789baa4e"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--1dda60ea-59f6-4f55-802b-e11f2212a6b0",
"created": "2019-08-11T06:32:59.000Z",
"modified": "2019-08-11T06:32:59.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--a7c89ed2-b308-4953-98a4-8b7b7f74f90e",
"target_ref": "x-misp-object--76da6429-cbfd-4a4b-83ad-a6511f97a14e"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--fa7c7dc8-e859-4a19-a711-707d193f867b",
"created": "2019-08-11T06:32:59.000Z",
"modified": "2019-08-11T06:32:59.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--8ea7872e-f1cb-4652-945b-4f8f9558f662",
"target_ref": "x-misp-object--569e0439-c30e-444a-8ef9-76c1388c03a6"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--61c136ce-eccb-4eb9-bde2-4457a6f64b43",
"created": "2019-08-11T06:32:59.000Z",
"modified": "2019-08-11T06:32:59.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--71291c97-7e50-4601-8836-d13f6a601564",
"target_ref": "x-misp-object--29b46ebc-f105-45dd-9b0e-c50ac28523bb"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}