adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/053f26a4-8fac-4733-a114-a6c0bdfd1e1c.json

12410 lines
No EOL
509 KiB
JSON
Raw Blame History

{
"type": "bundle",
"id": "bundle--053f26a4-8fac-4733-a114-a6c0bdfd1e1c",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-01T07:47:22.000Z",
"modified": "2022-06-01T07:47:22.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--053f26a4-8fac-4733-a114-a6c0bdfd1e1c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-01T07:47:22.000Z",
"modified": "2022-06-01T07:47:22.000Z",
"name": "OSINT - Space Pirates: analyzing the tools and connections of a new hacker group",
"published": "2022-06-01T07:47:26Z",
"object_refs": [
"indicator--62bcf059-96b2-453a-a209-b3cc852f16c5",
"indicator--75a8b09d-4b2b-4ce7-a3ef-dfe9d3c26480",
"indicator--6bda536c-2312-4f9c-a6ff-3e0cc59a02e3",
"indicator--f6ccec1c-4851-41ea-9f6c-ace51a7fb606",
"indicator--864466e8-2bf3-4bea-9e5a-cfeeb3fe9d76",
"indicator--1223e02b-71e8-43ad-bfad-3ec791d494d9",
"indicator--cba66a34-aa23-4dac-ab96-2d88ba58f18a",
"indicator--03e6e26e-a8b1-4cab-ba9f-b0af93945e52",
"indicator--e49bfc08-1a1c-44ee-ba5c-5411ae8c9236",
"indicator--ec0b166e-7f5b-4400-b39d-d691dae67b14",
"indicator--de32de32-b70f-42e6-b77b-613af17dbb5e",
"indicator--20a0e7e3-cc17-4032-8d2e-93c027242717",
"indicator--0df0f008-2510-4394-9455-5c42767a72a0",
"indicator--3fdddde2-4542-4d40-9662-586cfef2274f",
"indicator--2009c9ef-b64a-4ab3-a1e0-0106825aeb16",
"indicator--00442e89-21c1-462a-841d-e8a0de5cb59d",
"indicator--dbab091f-639e-4916-8bdd-3a89307dd74a",
"indicator--ff8982ca-cbbd-4a0b-8ca5-5a65270f7f4e",
"indicator--170020c1-3ecb-40e3-8d48-af18a77ccfe9",
"indicator--c96c9178-ab81-49bb-afa7-2c0d7529171e",
"indicator--0cc12b24-ad45-44e4-8346-bb6b8d9c85d3",
"indicator--f2800e0c-3ef9-48b7-9766-334d1ad53d97",
"indicator--e1f8af8f-1915-46a6-bcff-c52fb929c55f",
"indicator--69b280d5-d3bc-41f8-9134-2f8ab2d587de",
"indicator--0dc858dd-add6-4a3f-956e-41281d837caa",
"indicator--d7760b7a-e57c-460f-aba0-a50ef1b110c6",
"indicator--e8aca24c-7c0d-4b74-a9c5-d6aec1f3cebf",
"indicator--74949f6c-cc97-479d-8975-c114d2f9904d",
"indicator--9f453869-0877-4b13-89c4-8bfa39a6d792",
"indicator--f19f00d6-534d-4cd9-a958-e31712a174fe",
"indicator--9c163897-195d-4c61-ba2e-d25f1c00f6b9",
"indicator--772244b6-5821-4e1e-a5c5-dc3593cff260",
"indicator--8f28e022-914c-47ea-a566-2bbb97661406",
"indicator--0b087939-553e-454f-b113-d6f2a21d5da9",
"indicator--8bcdf22d-c894-4527-b6e9-fe9a2816e162",
"indicator--8b720095-c849-43e6-9904-ed865b072c3f",
"indicator--dbcb3cba-c092-4ca7-84d3-a80c1f183be8",
"indicator--5d3e6b49-6857-4b19-b639-6c95120ea0f9",
"indicator--84b4caf2-f862-48f0-b00b-f0e6b5d1ce2a",
"indicator--3a1bfc45-b529-446b-92e4-6ccc7122f099",
"indicator--7572cc14-cbd4-476c-9d80-bb67c540592e",
"indicator--2b75ac24-8b91-458f-928e-b60d2d11cb24",
"indicator--6c1920e2-4f6f-4229-80c1-92b4b3561f84",
"indicator--905879a0-660b-4acb-8007-2d7ce4332bcc",
"indicator--2f4c68b2-0c6e-4f8a-a719-1a30040f33e1",
"indicator--cc6c36d6-590e-4692-ab0a-32da7bf4958e",
"indicator--a0d78d22-43bd-4584-b864-ce03984a3895",
"indicator--9f8e7366-91a8-4632-9b77-0ac65975b99d",
"indicator--f1b3900f-e6fe-49ca-8785-636da521bf80",
"indicator--b2f12c27-6869-4bdd-a816-e9169528d2e4",
"indicator--8f5f94fd-ddb5-4219-b4f5-8a5b99203c50",
"indicator--f0d4d8ca-7754-49f9-a454-15e2e4008950",
"indicator--a2cb79cc-198a-4f73-b480-e0d9d41decb2",
"indicator--08ff0149-67c3-47d1-8f2f-2e29d170df8c",
"indicator--fea883ae-05b6-48c5-9825-babd87acf648",
"indicator--00146922-6ec2-4909-9c49-53246d23b121",
"indicator--52b044bc-4a4f-49ba-bd09-116f239e668f",
"indicator--3f886047-ff57-4942-80ee-d35a7276c033",
"indicator--63134076-a266-493d-9fe1-96bdeadc59b6",
"indicator--6f44b831-b29b-49e4-8068-e72f15c72e1b",
"indicator--fde7c1c8-d8bb-4be5-b418-8cc58eb8cbb6",
"indicator--383e9cff-d0a1-4a3c-b832-9121ea699649",
"indicator--a1e56eae-3c37-4730-acb8-658c90482f24",
"indicator--f06011f7-2cc0-4064-a396-9f82e2dab32a",
"indicator--ae589c12-d3e3-4992-857c-a17ede9a6388",
"indicator--e4ad05e8-51b8-4296-ad61-62193c62ec3d",
"indicator--5877c0e5-aeea-4460-9073-ce415503f871",
"indicator--d8c9ba23-c063-41f9-9fb5-3f8f3496568d",
"indicator--a4712508-4e0e-4793-9bff-eea0f41b9563",
"indicator--aee705fe-5f03-44ab-bc40-1d84c1c0ea08",
"indicator--7ac8ce83-24f0-47aa-880d-09c5978d0493",
"indicator--b764b752-8559-4b1c-b1cd-88d637dd3947",
"indicator--e66ce31e-755d-4644-98a5-143d24b353c1",
"indicator--7e27d40f-956f-46f8-b379-a26c8c550183",
"indicator--9480fa54-fbaa-43b6-8b91-fb777629b2f3",
"indicator--3ffcbc80-3e64-4e84-9a40-b3ed9bc9beb9",
"indicator--3b51b1bd-57b1-45ad-9ab9-b23ce1d23597",
"indicator--2d1c6f7f-feef-4e9a-88d8-c990fcb91b97",
"indicator--419bb539-ee0d-4a59-b55b-cbaba5d25c4f",
"indicator--39669d7d-b82f-4832-a777-ac6fe364bbfe",
"indicator--1237e5e8-6ce8-466e-9430-352d7f695878",
"indicator--4c315bb1-de36-4ee0-8210-a4c616bf67ef",
"indicator--a5e43bac-d62f-4f9f-bfae-84c0d4bdce20",
"indicator--218c4a70-77ee-4b56-9378-46b3b8e28d4e",
"indicator--023cc47f-39b5-4fa1-af8d-f3e861fd01e5",
"indicator--56cb9786-2ff0-46e2-ac06-8c93d59cc8c3",
"indicator--0635b388-873b-474e-afae-91ff823a240d",
"indicator--09cc0130-e20f-4fb8-888f-a6a2a8b004f9",
"indicator--f8dd30c3-78e7-44fa-ae97-662439af7d88",
"indicator--811204ad-c0c8-403e-b4e0-4267bb720619",
"indicator--80424eba-d545-496a-9521-944a14717ddf",
"indicator--3810a8dd-fed6-490c-8dcc-2da49b064263",
"indicator--09e78c40-0404-4b2c-a924-429ef7ea2482",
"indicator--5abfcbd5-2e48-4509-a613-7928ba23af18",
"indicator--dab47fe9-bd96-4f4e-a5ed-4e9209122b2d",
"indicator--c2c9a846-0975-4d00-863d-4e1943bc1cdd",
"indicator--a32d5258-cf83-469a-8fb1-d9429c8c0466",
"indicator--24ff3a9f-ddeb-4c5d-9b49-d6f58f5e2eca",
"indicator--2ff26717-0f33-40f1-9ed3-f8b38107b324",
"indicator--00b08a95-a9bf-4c09-aba5-381c10349451",
"indicator--7b990f33-3221-4b5e-99e8-4d3fb2bc6b80",
"indicator--f461530e-6503-4ed6-8fd9-c8e48e369be4",
"indicator--7bc4b528-9822-48fb-b40d-4f2f2a38adb9",
"indicator--a605e5ed-cff1-49d5-a0f1-b31c5c1c841c",
"indicator--b8091606-31d9-4378-bfe1-68c1b04a4c22",
"indicator--56d6a777-34af-43ed-9684-ed5e1b338cf8",
"indicator--9b07e3e0-aee5-482f-b851-e03dd43c8e8c",
"indicator--9020b277-e4a0-49ff-a27a-4f195edf28e1",
"indicator--c38af120-1a53-4671-93e3-93b730fba90f",
"indicator--7aa60e34-b1f9-40a1-accc-b3fe4dca1e81",
"indicator--d7a55280-940d-4d21-b5b3-27314a83deec",
"indicator--4232bffc-a4d9-4f46-9ee0-8c8fdeb273a3",
"indicator--e1332646-50ba-404f-b62d-eac2eaa934b4",
"indicator--9c22acd0-940c-4082-aae6-f473a5687ccc",
"indicator--eae2e330-49c4-4daa-be40-999517123d64",
"indicator--e400c815-e22a-4a48-a68a-4341ae0ffe39",
"indicator--2ef7de1c-1cc0-43ac-8dc7-bea92f140c50",
"indicator--c5580450-bd3e-471f-97a4-a6a7651f5d6d",
"indicator--f0f2eecb-5bf3-47f4-8b63-9cde45e30ccd",
"indicator--25261acc-4dd8-4dba-8f8a-7bad849b25cd",
"indicator--d2b2c891-8950-4043-964e-d1d14448dddb",
"indicator--8930a608-e40b-42a3-bc83-a913a1a86797",
"indicator--fdd9e592-ba89-4c8b-b73f-e369763376b1",
"indicator--f915a3e9-f768-4edd-88bd-89d53e7fe455",
"indicator--0d862f0f-fe5f-4fbc-b6a4-32e9aa506898",
"indicator--3b91243e-c86c-42ad-8b3d-1e0ff40c3fd6",
"indicator--2c2c23ab-a6ea-4ff8-a328-754c7d8d4428",
"indicator--a3f757fc-bafd-4785-8c36-1dbf5aebf67f",
"indicator--1c198748-64ff-4132-b247-2ab06a91d037",
"indicator--f88e8246-197d-4136-81b1-c7c055952927",
"indicator--df54cb28-fae8-4761-88ac-43c3a6ace821",
"indicator--ab0d324d-5b91-46ac-91bc-b312c857a16e",
"indicator--6e0f331d-49d2-4765-a860-4a03da843a8c",
"indicator--d1ab6e60-62d9-4e95-b3a1-06ee25f75c4a",
"indicator--0d7e360c-12a9-4f95-ac2e-0c5f3bbe2d97",
"indicator--a175ece7-f872-4c07-bc6b-a65e1f0e1953",
"indicator--3d8faf7f-a9b1-49b6-aeb0-98e805a6646e",
"indicator--9ece1dd5-20d8-46a0-b130-c6c97f761d62",
"indicator--69617707-cf80-4fd3-875b-698e7238c49e",
"indicator--c80dd27c-3e32-4127-8c44-c91776592764",
"indicator--f5a69ed1-988e-4bd0-828a-a3fa71fb74fc",
"indicator--b80328b5-2b14-4b0f-92dc-0d27b5f18386",
"indicator--9c1c265b-564f-4f58-9ee9-63bac1f57344",
"indicator--946ad922-3d8a-4f9c-b350-c291a9b37ab0",
"indicator--3f38cfbf-278c-44ba-aa03-be6ef203b1fc",
"indicator--90c451fa-2879-46a2-bf8a-caca9b61f3b2",
"indicator--579fff57-9024-4abc-99e6-aaad69dac773",
"indicator--72dff381-acf0-448f-8566-4e3c5b156134",
"indicator--5541ca09-bf1d-4f0f-ab70-397224ede358",
"indicator--addd3972-2782-4b8c-8662-478f3fa2061d",
"indicator--c91b0f2b-2109-4f12-b955-ae75129cf911",
"indicator--cafd595c-9454-409a-8069-5ae38e974c85",
"indicator--43997591-7f3d-44dc-9b27-dc0b7c3a0eb3",
"indicator--fec06490-93a5-478f-acff-fd62f599ca12",
"indicator--762b9c2d-544d-46a0-9abf-bb60a418512d",
"indicator--30360986-55d5-4298-b232-6c3f2ff4e9c1",
"indicator--0e8f6876-49ec-40fd-852f-2fd63962396a",
"indicator--0d424d9c-658a-4aa9-9fba-274606713280",
"indicator--19c059f8-96ea-4630-b477-d85c9552a771",
"indicator--05aef884-0de4-43e3-a759-4e209143566d",
"indicator--95b2cae6-7d51-45be-b9dc-c02b98c230e8",
"indicator--fa4e075a-c5d6-4b24-a4f2-20e457ca0306",
"indicator--0bcbff9a-af7c-42af-a059-86142b1df663",
"indicator--2b3706ec-2b58-486f-b14c-dab7dccab970",
"indicator--e503949d-f0dd-49d6-ad1e-d8ccbaf9ca5b",
"indicator--88a95f4e-f334-4d8c-a0dc-a4d33edbcfe2",
"indicator--af5e7c18-444e-49f1-8f17-bfcaeee08dee",
"indicator--8844d4fe-3281-4200-927a-dc2082f86402",
"indicator--a6090c7f-27f3-473f-b5d8-0c8bfae4b689",
"indicator--1030e771-1b00-4033-9823-283235894a09",
"indicator--07f3cab9-e213-4ab2-866c-c139606f481c",
"indicator--9bdd73e3-06bc-4de2-85d8-e486666079f5",
"indicator--20c94910-a796-471c-8ab9-727a19f518db",
"indicator--0ef9900e-1901-42c2-91da-82a7600cd5c7",
"indicator--10ae13ee-1763-43e1-9a17-c203e2cd81ff",
"indicator--bf3bf28e-a0a5-4e1f-8c96-35ad692a721b",
"indicator--030d5423-e78e-4b4e-bc11-7feb1fbd0365",
"indicator--e07be9b5-ac7d-4074-a4b4-ff6534c58fce",
"indicator--8129d17d-39bf-41ad-ba71-4f334cc0d7f5",
"indicator--ac1dc2e7-c1fd-4e94-96cb-33eb3479d6b6",
"indicator--3c0ffee8-e707-41af-8066-a5ca1b18aac5",
"indicator--d1bc4ca8-bd65-4449-b4e4-1a077ba552fa",
"indicator--fc958499-41d4-4109-ba52-1141b23c652c",
"indicator--fcd53eb4-4189-4139-8495-affa846897d6",
"indicator--f6a03684-7a91-4f2e-9967-94dffa1c50e0",
"indicator--384a58a2-573c-4ed9-aa66-cbcd683a6f7a",
"indicator--a9a453e8-9498-4a79-b844-8ac42c53e747",
"indicator--44fbd3a3-83fe-4b3f-83b6-309e56360918",
"indicator--5d9330e7-0748-4b58-9b7d-8ac621e1cc94",
"indicator--091cd082-8b29-4041-b692-d41d23778f00",
"indicator--84d28cee-420d-4ede-8631-ffa4f1b88439",
"indicator--6ac5e026-94b8-46ae-927b-d350bb89b3c5",
"indicator--285b3234-0dfb-44bb-8ff0-06e87d3422b0",
"indicator--fc18b391-40a3-4107-b070-88d547be5096",
"indicator--fa967727-02a3-428f-ac07-7563c3e492b9",
"indicator--2697a5ec-a9a8-47ac-8bb0-6c88928e4666",
"indicator--694b642b-e850-4a78-881f-cae5b5012ddd",
"indicator--ee940515-9e58-40e0-a033-ab07d7ecdb03",
"indicator--f02cc983-842d-4358-8b88-a6c7b4dbb125",
"indicator--7f907d27-a700-46ef-94d1-cb1f4354db1b",
"indicator--106fc338-a3ab-4849-9125-c1ee38b747b2",
"indicator--ca4d37a6-2c19-413c-8fbf-a1f7ff4df201",
"indicator--817d98e5-452b-40bd-a7ef-db87d7a0f80b",
"indicator--add33867-477f-4bc3-af3b-9bac0ab185d9",
"indicator--a5e9d517-6c65-4fc7-a134-054bece5e013",
"indicator--5c5475a7-ed9f-44de-bd3b-da11053c382c",
"indicator--8bb746f6-37f5-49ad-b39f-eda7f65402ca",
"indicator--8cedd9f4-d7b0-422f-be5e-29ff339a0f5b",
"indicator--9cc2e668-78b0-45b1-abe7-620a50f444d2",
"indicator--6264f83f-1a23-4fbc-8ac3-d7c4be164b51",
"indicator--6ada6b8b-9dcd-46c1-b225-b140474c3006",
"indicator--baa313bf-017b-43e8-9675-9c8a52f2d29e",
"indicator--1e128d04-a418-4710-837c-5f255b536128",
"indicator--e6a61945-7965-4149-9bd4-fae59b1357de",
"indicator--c0b58339-ea8f-4642-aa19-b876a5427667",
"indicator--8ccabd75-cf47-456e-b272-b9c02f7f41a8",
"indicator--532799de-ebd8-41b3-863e-dee0e6951025",
"indicator--d4fcb851-379b-4eea-bdd5-638eabcba460",
"indicator--7d72d88c-9e9b-4302-a7b8-7c10ed24e962",
"indicator--5785a607-977c-41df-918a-ba42245ed4c7",
"indicator--216c6f4c-f217-4eec-9b4e-3ba4091a072f",
"indicator--15a6daf6-1922-49f2-a9bf-dda65f1ff81a",
"indicator--142cb30a-d898-44a7-b187-0a5f6b317a05",
"indicator--f38dd78b-be26-4564-a238-6cb8565c6db9",
"indicator--41005e26-95a7-416e-91e0-13c29b2887fb",
"indicator--ce8883b8-f31d-4e3e-89c0-eeca59280948",
"indicator--a28021cd-0370-4c12-9329-7a0142491bf8",
"indicator--ae537dbc-cfb9-4d66-adf5-74f2d3f93c70",
"indicator--59ba602a-0e83-4739-bfec-fc00188c3335",
"indicator--6af6c6f9-f1b2-4525-ae07-33918e2cd6b4",
"indicator--2b29bd6e-013c-4c5e-bd17-c1da06ee559b",
"indicator--81bd77b3-0cda-413b-81eb-1becbf6dc61b",
"indicator--e264032b-b941-4614-8c66-3fcf235ad0d0",
"indicator--8f300eea-3286-46ca-ad3b-655975a81701",
"indicator--98172e81-5ebf-4a00-87d9-c4ca2a58700f",
"indicator--752a8507-d561-45ee-9d21-172840efcce3",
"indicator--6adb5419-b9fd-4274-b9d5-32e8045669d7",
"indicator--d17249a7-e6ab-4278-b30a-1335e3ce6325",
"indicator--87209073-2ca3-4b72-9622-72ea7837aa30",
"indicator--7a9ce085-b6c2-445b-a65a-7c5f60b889ef",
"indicator--4519014a-cd87-4ce7-b726-740e3d303021",
"indicator--434f0912-2835-4d21-a3ca-35ac89d6359e",
"indicator--294aa829-03d8-4014-96f7-d7c14d591a19",
"indicator--d2b37fd8-3b39-46a2-ae09-1af9005af48d",
"indicator--fd857226-7c7c-44b2-81e5-bebe58812c49",
"indicator--0bf29ee4-5e63-4756-be23-ba3a3a17b9c8",
"indicator--7eca7cf4-b98d-4982-a2ce-e59d7598bf4c",
"indicator--6c8df83a-cc18-4087-b163-768488e4891f",
"indicator--f0bebd1c-8fa0-439b-ba4c-41f24ebd2b0b",
"indicator--0ac57f35-366c-45f9-a4cf-c15d3c156c17",
"indicator--e6b8ed73-74f2-4f0e-b70f-5a7c27939c8b",
"indicator--483dd923-9e30-4de9-b57a-0db4c449da88",
"indicator--796a24d7-2565-457d-9288-ee70a0f16afc",
"indicator--e81e07f9-97c4-4f38-b32b-d29d60fce1d9",
"indicator--ff369bda-17f8-4ddf-8029-4139668a6d9b",
"indicator--47bcef9d-9599-4a5a-ba58-31ea91fd0de0",
"indicator--6313de41-8cb2-413a-94e8-c3df9253033a",
"indicator--fdf294aa-71a1-47dc-a477-32abc0870ac9",
"indicator--1ea61068-647b-4763-86b8-a411a3849968",
"indicator--25fb61c2-d843-40ac-b51c-69a0a51838c4",
"indicator--879e2c43-be5d-4e62-b3fa-ce97bf8b04f1",
"indicator--4439a989-bb98-4df1-b09d-6e3aea66ee0a",
"indicator--4638f414-8a9f-4092-8474-6568c00f7177",
"indicator--0cd26efe-d7dd-49ae-9158-a3203259c3fb",
"indicator--9a467d03-0b97-4284-a198-6d8fa90be134",
"indicator--6c3a1567-9939-4397-af69-e320713af79a",
"indicator--a41f06f2-6f7c-4906-a789-41df511ac5c2",
"indicator--74e28db8-7140-4bd5-a292-7763e340dad8",
"indicator--a9e31216-2664-4041-a999-121b62414022",
"indicator--d745cace-363e-4f51-8f9c-0812bbccd6df",
"indicator--eb151a3f-c3f1-4d4f-a91f-b7a67c56f29a",
"indicator--d9d1cfc9-1870-4bf6-bd97-5d69c45d7f16",
"indicator--7fb913ac-cca5-49cf-b87e-b51a70d3ad12",
"indicator--cea2f686-8f26-4f91-bfe7-cf1c8df95fae",
"indicator--b88afa59-21f9-4bfc-9d67-323f9276839d",
"indicator--2130bf20-2672-4aaa-9fc2-b1da06add328",
"indicator--0108cb8b-cff9-4662-86ec-62e458b23ea0",
"indicator--046f4ce3-253d-4a7b-9d80-5be2a3ecc929",
"indicator--2b8a4cf7-0994-4767-a45e-f458d6f5c876",
"indicator--ff6905ba-b1cc-4783-b1fc-a78f44ef284e",
"indicator--f89d92ec-fb63-48c9-bd7e-8315a9bbf551",
"indicator--57f14153-4a5a-4817-b159-7564755224bf",
"indicator--19cc86e4-cea6-47db-b446-8c4d4e882eab",
"indicator--031c6dd7-c9c0-4c1d-83bf-ccb2f4d2f36d",
"indicator--90c2998c-083d-4647-b68e-104e09725c4d",
"indicator--79b6fb5a-8469-4c1c-89e6-103a3be786a8",
"indicator--e4c3d99f-1ce0-47c6-9bb1-ab7c80f7e804",
"indicator--86fb364b-9cd5-406b-84ea-3c37c968680f",
"indicator--945cc5cd-1f3c-48e9-82c1-c09211e6642f",
"indicator--319155c5-e777-4cba-9b5f-4d2a863fda46",
"indicator--0ab6e78f-b45c-4e03-bf04-53f0a655ad53",
"indicator--93a3b378-84ec-4846-913d-0ffd71c8a66d",
"indicator--59a9e638-cac4-4294-a2ef-d6c22dda6072",
"indicator--7cf55788-877b-4f01-80f1-835f70e6426b",
"indicator--2e416b4e-b1c7-4852-b641-62448c523507",
"indicator--b7ce3e36-79c8-4887-90e3-4838923dd777",
"indicator--024d7ce9-7fb5-45c2-a2d7-0faae239848a",
"indicator--c1bb89ae-2b20-4510-b44e-c0b2d4fdf814",
"indicator--3dbea17f-1f6b-404f-8dc3-d07ef3442e82",
"indicator--17426cc8-6e71-43ff-9d24-835214a0bd16",
"indicator--9c4d4247-72aa-465e-b84f-f477e9d203bc",
"indicator--083ca25f-62b6-4e65-a953-5d86899bdc7b",
"indicator--50323276-5502-453e-a563-de2cbe699bec",
"indicator--a97ae723-03a1-46c6-bf29-6be7ee0904cc",
"indicator--b6d02461-0f3a-4d3a-867c-538ae277c1dd",
"indicator--130aa646-7203-4b78-9493-5dfe3a703b2b",
"indicator--cda0c391-8793-403f-b2ef-7e2ae6079158",
"indicator--fafb4bc7-ea99-40eb-9f6b-4fc09f184a64",
"indicator--0f03ff08-9bd7-4a5d-9555-10581458e72c",
"indicator--aedaf623-f579-4a37-abe6-1b586e6a1ac6",
"indicator--979be04a-36d2-417b-a74c-f340464175fb",
"indicator--bacb163c-390e-4fd5-8dc3-80a6fb7a87e2",
"indicator--3521e466-847c-4024-b031-38c3c7cfc359",
"indicator--2b812212-ceff-4c18-8242-257c14d19a31",
"indicator--3cd6632d-4de8-4d24-855f-37ed824a020e",
"indicator--98649715-16d5-48df-8b63-2416f632991b",
"indicator--308aeb36-0972-4936-8b3f-c6a6be6287d6",
"indicator--9487ee79-8177-4724-9510-08a31b60fec6",
"indicator--75c16458-7e7a-452f-b3da-f9964dd6631f",
"indicator--d9ce0e4c-c5ac-41ca-b0e1-c1557a12d377",
"indicator--e135b7cf-58bf-4f60-9f92-da78afe492b5",
"indicator--050f61b1-85da-49cd-a509-8d6aacdecff9",
"indicator--020de331-d4cd-422a-ba37-fad96114b350",
"indicator--4f107e0f-a72a-4500-8de2-f52769cefd20",
"indicator--1fdb3f11-bacc-4ad0-a074-12c24b9a94b6",
"indicator--46686409-fd3f-4c9b-954b-017ac621e57e",
"indicator--4bbe93a6-866b-4757-9172-856ec0c60dab",
"indicator--34a5a18b-7100-4d05-acaa-333a9c89bd41",
"indicator--ae0c78e8-7ff9-4ec3-abf2-a130680de0d3",
"indicator--4887a45d-481e-476b-819a-68278cfd9efb",
"indicator--5a7e58c9-831c-4054-a390-6abb26d192b6",
"indicator--13599059-4536-4a8c-b9db-cc9be1866394",
"indicator--0c896420-8c3b-45de-a2cd-f2791c2cfd79",
"indicator--6a147bca-6147-42ec-9898-c66f9e59b076",
"indicator--b2682e4d-ccda-46cb-83a1-7c3d7cc573d0",
"indicator--132f3c18-4277-4108-982d-43b695f27cc7",
"indicator--85c0536f-4452-4a9d-965c-38acafdd11a4",
"indicator--6cbdc5e4-918c-4665-a5ae-426b4831412b",
"indicator--9203b1ca-9119-48a9-aed3-2d23a7c6f9ec",
"indicator--dbb402f4-7053-4a27-9f5c-00ee59118e24",
"indicator--1d7caba3-7aba-4c94-a7b2-2115ba46584e",
"indicator--f81eb9ed-ea9e-439f-8e43-01b177e2c6c7",
"indicator--5c636053-eb43-443f-bb35-4e76a145814f",
"indicator--31571c86-d4b8-44ee-b17b-95e32b7a18bd",
"indicator--dcd5f3ba-3e06-4066-99d7-b5bc576c30fd",
"indicator--ea14d28d-c153-4bef-89f5-89c7340eaf47",
"indicator--0ee6a53f-5c91-464d-b369-9af985b8c7b4",
"indicator--42d09161-45da-4029-ae59-d73192c4871f",
"indicator--751443c0-2aec-435e-b952-d40bbad25664",
"indicator--bc24edde-c19b-4024-8366-4324e95069f8",
"indicator--d2ab52fd-74c1-4a18-b893-4701f0d49959",
"indicator--c1047eab-dfec-41a3-82fa-b2e58eb83c8c",
"indicator--b6530802-1e39-4ff5-ac1a-9536c0269dc7",
"indicator--f9fbffca-b239-41c1-a036-ff15798f1150",
"indicator--2a0162fe-06d5-4479-9355-14e8ea180648",
"indicator--f33630b7-6708-4714-897c-a3d90cf7e71d",
"indicator--382b7e62-f7e3-478d-8af0-70ff5a86c4e3",
"indicator--64f4cc76-6db4-4535-97b1-70b421cafaf7",
"indicator--e75ed34f-f967-48de-89ad-6294a334b962",
"indicator--099008f5-a76a-4c73-a60d-e9a134f0cb02",
"indicator--84f0d1ca-6e4c-4c7c-9642-f3b402ce872b",
"indicator--237d5c34-3cbc-40d8-9e35-f9b2387deaf7",
"indicator--72311538-df03-41b4-8384-acc9a283f100",
"indicator--638b3f82-91a9-41ac-a3bc-bb409b46794e",
"indicator--6c40f614-7c36-4b7f-ac8b-71f4a7e2ff06",
"indicator--bb409307-8964-427a-99d8-6f58bb02db07",
"indicator--6d27e083-e8f3-41a1-88f2-2a9c20f3ba15",
"indicator--d6454a7b-0e66-422e-82e5-3d0d38c3e5e1",
"indicator--744a72a8-864e-40ff-8543-a05da2c8b55b",
"indicator--cbfadbc6-c513-4553-aced-339d2018e157",
"indicator--1cf1b286-5ccb-4729-9430-a0a0369abdc1",
"indicator--68535c67-a7cb-47a4-a8b5-7d6cdece3073",
"indicator--bd267e04-52c7-48e2-87fe-956436e28aef",
"indicator--8df2a760-b75b-44b7-b6c7-506802797545",
"indicator--60b26709-3799-4e4b-a1eb-813165f2089f",
"indicator--5efda199-96d2-4019-8c87-94dc26cc8efd",
"indicator--2bb91b0d-845c-4b98-8b66-015ea7d2c0c1",
"indicator--2c018ee4-78a9-404d-a65f-eca18340f408",
"indicator--61dabcff-7c64-4ff8-98f3-51b5f4ce32b9",
"indicator--7e858382-2857-43d8-a82d-2bec08d265f2",
"indicator--d071c804-01bd-4b4d-8605-995410bf403f",
"indicator--ac2a7092-5565-47ac-9b54-dbbf518f5399",
"indicator--afd9c82e-cac6-4322-857f-8b3873d4284e",
"indicator--447bec02-13aa-4977-97bf-059797255cc4",
"indicator--6ac97ec5-4527-40bc-8506-d660350ef1d7",
"indicator--4952ec1b-7c20-4513-b90f-495a4e8de604",
"indicator--0d663efd-9cb9-4e91-9874-8bbf83cef779",
"indicator--c9503e42-0225-4d10-94f9-536fd02f99d9",
"indicator--1ea60445-f7ee-45ca-a493-f7a02977b0cf",
"indicator--42a519d7-23b7-4432-8e38-0d1c4129c4f2",
"indicator--f4f49faa-2632-4fb6-a3d5-06bed9cc0d2f",
"indicator--1a5809a0-ab97-4ae2-a2d8-65fc304fe74b",
"indicator--8b9053a2-3f62-4a52-8eda-d8f9add376ae",
"indicator--89536fc7-b481-442b-94ee-81d9a0a1ab33",
"indicator--c31e5875-4a02-4978-afff-1b6157d9a64c",
"indicator--9cf9258a-b79d-4ef2-8421-9ab2119cfae1",
"indicator--34663d08-38a8-4768-bce8-334ec2b34129",
"indicator--0277467e-9385-463c-8058-9e71183ab32f",
"indicator--d186bf1b-aefe-4470-bdb8-b892b287c5fb",
"indicator--fd7ed46e-7617-4500-804a-52330441571a",
"indicator--489d0c3b-5cff-4bda-ad81-fb3c32e8d49c",
"indicator--fbfc563b-4e1c-4827-9966-13c87b84b784",
"indicator--c7ec2580-f91a-4e9a-967e-f932bb53b26b",
"indicator--ef3ff6b0-6940-4495-9f44-ea0df7f17a20",
"indicator--122cf7ed-65a0-4ff4-a61f-e9e017b6768e",
"indicator--9f203629-c9fb-41f7-bed3-cbebe50b2763",
"indicator--9aa62de4-f07b-4c11-8cad-9d94f40bea2d",
"indicator--09f13c1e-dd0f-4b0d-a292-2727252857e6",
"indicator--78c5a221-0475-4ee8-a072-cbfeae63fe1f",
"indicator--a43ca87f-a097-4ebb-af20-a37d75fa06bc",
"indicator--91f6ed21-fa01-48a9-aeea-bf4b527d52c0",
"indicator--c9a3d4dd-67a6-415f-903a-c4eba03041f7",
"indicator--fb135b17-9718-4ad1-8abd-9953947dcdc8",
"indicator--a8d72b29-0de7-4c54-921f-1e399950b35d",
"indicator--40c00324-f633-4289-a358-69f7b722d15a",
"indicator--20f44718-848b-4f5b-8f3d-9d154e0cc052",
"indicator--f1e3566e-e947-4447-a1bf-d7adaf720ced",
"indicator--3aed1c85-6bba-4c69-b86b-ae8060e5f956",
"indicator--c7cecdbf-1538-4046-abf3-4abc7863ee27",
"indicator--c5b63bf5-9bb0-4ba3-aeee-5bee8da9719d",
"indicator--34268124-cf14-433e-9b9f-e18c7803221d",
"indicator--cc4b3af7-4432-44e6-8745-5b20435ae2f1",
"indicator--41c6ff12-ef02-410a-978f-40230b7be557",
"indicator--6a9647d9-00ff-4a44-87fe-00f8d0bde4bf",
"indicator--3e1d7bac-8422-49ea-8a9c-8dfa2ef0f36a",
"indicator--5e714891-3cb5-40b3-ac76-9932ce8691e0",
"indicator--4e8b8175-e251-412f-88b6-c4fda6a9fa80",
"indicator--6ec20c7b-3f57-416f-83bb-b23c9e54f166",
"indicator--bb4569e1-bff1-4874-819f-7a514de16f2f",
"indicator--2a2d91c1-4166-4348-82ca-6408307148bf",
"indicator--e2deed8b-6a81-48f9-99f1-78539a6c4ff3",
"indicator--9a80f880-e66c-4e06-8699-b62bfa11e785",
"indicator--ef7ffbfd-f5ae-4960-9364-b92d0ba72f3d",
"indicator--b9739230-23b3-4176-96da-f04d7b7bb294",
"indicator--70a31194-dccb-490e-bb94-9e46b79f2d87",
"indicator--c9bcb38c-fc1f-4807-bc29-1a35512fd8bc",
"indicator--16f6ec45-22a9-4eb0-885d-8ed9c1cbd7f5",
"indicator--424ed44a-2f99-44b4-88f7-b30efabf789a",
"indicator--f5a8e175-9518-434b-af4a-b968829203a1",
"indicator--1063756b-0c94-4efd-83fd-efcdbf39659e",
"indicator--70d3e7c2-7331-4550-9a0a-9a1fd4ced5e4",
"indicator--4ee73875-6903-40dc-ae8b-ec1cddba2fa6",
"indicator--36b02708-56ca-4918-95cf-3c49b6e94dc6",
"indicator--f6e7472a-a26f-434e-bcc9-6ad5d8ef4571",
"indicator--d9f4f9ce-a58d-4cae-95d5-0c65ec412c52",
"indicator--b74ee28f-3dc0-4cb4-bb44-20d6f89b7cee",
"indicator--07fdc96f-3992-4764-b8c6-26085d77818a",
"indicator--8146f76f-6b5a-4499-bd68-1ba34c043ba0",
"indicator--f4681046-eb83-4bac-ae49-2cd6779f53a9",
"indicator--562eeb34-5e46-4777-a06a-38c50d90fb43",
"indicator--9140476f-706f-4e4f-b455-4226c0f12b6e",
"indicator--974beac9-e2f7-49b0-97b0-a7ac6042816a",
"indicator--a7fb7228-c964-4c92-9f23-8da6f48e2276",
"indicator--c87f703e-d8f9-4b1c-a4b7-c94195a2b08c",
"indicator--82da61b0-928a-4c3f-8e0f-cc2269792353",
"indicator--576235f5-ad18-4ef2-b80d-a8bcd21e15a8",
"indicator--a45a767d-8d4b-48ab-9956-b458241bbcf4",
"indicator--d5bc2cf0-6bd2-480f-8ba1-1fa3ede4d2a0",
"indicator--d25a58cd-79be-455a-bf0d-7270e851346d",
"indicator--b442c475-ce6d-40c5-87d8-d994b2db5ca9",
"indicator--213f4196-e6a6-4e19-a0f8-8bc17a30f9d3",
"indicator--5f900978-03ff-46fa-b43d-afdffb55bed8",
"indicator--8ad1cc62-dec8-488c-ba36-da10531bcfe7",
"indicator--011bc8b2-00f0-4a83-ab70-2fde03b8f41e",
"indicator--014006bf-b59c-4c02-83d0-8425231a3033",
"indicator--ecf3b8c5-30f2-49a6-a601-aa451e6ea7c5",
"indicator--6644052b-0fef-43af-b5e8-8f9135d4825b",
"indicator--8bc77e04-2b3e-4a51-a4cf-3fd70e1c30ef",
"indicator--679eea8c-6319-48d3-885a-83711e89e26c",
"indicator--0ddc5260-94f4-4bca-aaf2-2a66934cf290",
"indicator--d3d9cb5a-4ae8-4710-93f7-af42fa843996",
"indicator--cee80ca9-5466-443a-93d2-665bab4d90f3",
"indicator--5e2ee787-11ed-4eb3-980a-6fcb1062f282",
"indicator--727df8de-d741-457d-85a0-e82e58442f68",
"indicator--f3fb441d-2ff2-4af0-8338-692897ea4849",
"indicator--5935d36b-f530-435e-acdb-14b976f4edb0",
"indicator--103aaf14-aae4-4b52-89b3-6a1ba845b58e",
"indicator--aa713d9c-d294-4df5-bdd4-abbeb1da7843",
"indicator--3ecc7f9a-b35b-40af-876f-0b00e8bb6956",
"indicator--78c0c60e-91f0-42e8-84a9-a3c2d06dea7d",
"indicator--7d1a11b1-7630-4922-a792-8bdb6d756d57",
"x-misp-attribute--03cc138b-ae76-458c-b9f6-f97453bed527",
"x-misp-attribute--3953fb50-dbe6-445f-9fac-0978abb14446",
"x-misp-attribute--0b5b61e1-63b5-4976-b296-e1cb0aed4a33",
"x-misp-attribute--f68f0a9d-9818-4a22-b789-7bd973105989",
"x-misp-attribute--9ead6ce0-9b4a-4191-9aac-7d72ba394a2d",
"x-misp-object--81b42b01-1626-4012-bbab-b333c5db9014",
"x-misp-object--2ab87780-14c5-451c-ab22-d6640deb4850",
"indicator--ee1a367c-26cd-43aa-b9dd-2f8a3ea79d8a",
"x-misp-object--6f0f8b25-237d-4fcb-b914-653621b4e0bf",
"x-misp-object--f1ea13db-86d5-484b-8f48-f96c1b74bd73",
"indicator--437e1761-ba5c-454f-9ef6-b197930ef918",
"x-misp-object--e7eea1e9-b576-47c2-82c7-ff52ac8b7813",
"indicator--6904ad08-6cf6-44c2-b0ae-ddb145be07ee"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"misp-galaxy:malpedia=\"PlugX\"",
"misp-galaxy:mitre-enterprise-attack-malware=\"PlugX - S0013\"",
"misp-galaxy:mitre-malware=\"PlugX - S0013\"",
"misp-galaxy:rat=\"PlugX\"",
"misp-galaxy:tool=\"PlugX\"",
"misp-galaxy:malpedia=\"ShadowPad\"",
"misp-galaxy:mitre-malware=\"ShadowPad - S0596\"",
"misp-galaxy:tool=\"ShadowPad\"",
"misp-galaxy:malpedia=\"Poison Ivy\"",
"misp-galaxy:tool=\"Poison Ivy\"",
"misp-galaxy:country=\"china\"",
"type:OSINT",
"osint:lifetime=\"perpetual\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--62bcf059-96b2-453a-a209-b3cc852f16c5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:51:31.000Z",
"modified": "2022-05-31T08:51:31.000Z",
"description": "MyKLoadClient",
"pattern": "[domain-name:value = 'microft.dynssl.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:51:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--75a8b09d-4b2b-4ce7-a3ef-dfe9d3c26480",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:51:31.000Z",
"modified": "2022-05-31T08:51:31.000Z",
"description": "MyKLoadClient",
"pattern": "[domain-name:value = 'micro.dns04.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:51:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6bda536c-2312-4f9c-a6ff-3e0cc59a02e3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:51:31.000Z",
"modified": "2022-05-31T08:51:31.000Z",
"description": "MyKLoadClient",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '207.148.121.88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:51:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f6ccec1c-4851-41ea-9f6c-ace51a7fb606",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:51:31.000Z",
"modified": "2022-05-31T08:51:31.000Z",
"description": "MyKLoadClient",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '47.108.89.169']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:51:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--864466e8-2bf3-4bea-9e5a-cfeeb3fe9d76",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:51:31.000Z",
"modified": "2022-05-31T08:51:31.000Z",
"description": "MyKLoadClient",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '120.78.127.189']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:51:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1223e02b-71e8-43ad-bfad-3ec791d494d9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:51:31.000Z",
"modified": "2022-05-31T08:51:31.000Z",
"description": "MyKLoadClient",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '121.89.210.144']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:51:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cba66a34-aa23-4dac-ab96-2d88ba58f18a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:52:01.000Z",
"modified": "2022-05-31T08:52:01.000Z",
"description": "Zupdax",
"pattern": "[domain-name:value = 'ns2.gamepoer7.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:52:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--03e6e26e-a8b1-4cab-ba9f-b0af93945e52",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:52:01.000Z",
"modified": "2022-05-31T08:52:01.000Z",
"description": "Zupdax",
"pattern": "[domain-name:value = 'mail.playdr2.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:52:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e49bfc08-1a1c-44ee-ba5c-5411ae8c9236",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:52:01.000Z",
"modified": "2022-05-31T08:52:01.000Z",
"description": "Zupdax",
"pattern": "[domain-name:value = 'pop.playdr2.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:52:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ec0b166e-7f5b-4400-b39d-d691dae67b14",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:52:01.000Z",
"modified": "2022-05-31T08:52:01.000Z",
"description": "Zupdax",
"pattern": "[domain-name:value = 'news.flashplayeractivex.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:52:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--de32de32-b70f-42e6-b77b-613af17dbb5e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:52:01.000Z",
"modified": "2022-05-31T08:52:01.000Z",
"description": "Zupdax",
"pattern": "[domain-name:value = 'update.flashplayeractivex.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:52:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--20a0e7e3-cc17-4032-8d2e-93c027242717",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:52:01.000Z",
"modified": "2022-05-31T08:52:01.000Z",
"description": "Zupdax",
"pattern": "[domain-name:value = 'ns9.mcafee-update.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:52:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0df0f008-2510-4394-9455-5c42767a72a0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:52:01.000Z",
"modified": "2022-05-31T08:52:01.000Z",
"description": "Zupdax",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '154.211.161.161']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:52:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3fdddde2-4542-4d40-9662-586cfef2274f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:52:01.000Z",
"modified": "2022-05-31T08:52:01.000Z",
"description": "Zupdax",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.225.226.218']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:52:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2009c9ef-b64a-4ab3-a1e0-0106825aeb16",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:54:12.000Z",
"modified": "2022-05-31T08:54:12.000Z",
"description": "Downloader.Climax.A",
"pattern": "[domain-name:value = 'bamo.ocry.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:54:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--00442e89-21c1-462a-841d-e8a0de5cb59d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:54:12.000Z",
"modified": "2022-05-31T08:54:12.000Z",
"description": "Downloader.Climax.A",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '202.182.98.74']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:54:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dbab091f-639e-4916-8bdd-3a89307dd74a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:54:39.000Z",
"modified": "2022-05-31T08:54:39.000Z",
"description": "Downloader.Climax.B",
"pattern": "[domain-name:value = 'ruclient.dns04.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:54:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ff8982ca-cbbd-4a0b-8ca5-5a65270f7f4e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:54:39.000Z",
"modified": "2022-05-31T08:54:39.000Z",
"description": "Downloader.Climax.B",
"pattern": "[domain-name:value = 'loge.otzo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:54:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--170020c1-3ecb-40e3-8d48-af18a77ccfe9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:15.000Z",
"modified": "2022-05-31T08:55:15.000Z",
"description": "RtlShare",
"pattern": "[domain-name:value = 'asd.powergame.0077.x24hr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c96c9178-ab81-49bb-afa7-2c0d7529171e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:15.000Z",
"modified": "2022-05-31T08:55:15.000Z",
"description": "RtlShare",
"pattern": "[domain-name:value = 'w.asd3.as.amazon-corp.wikaba.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0cc12b24-ad45-44e4-8346-bb6b8d9c85d3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:15.000Z",
"modified": "2022-05-31T08:55:15.000Z",
"description": "RtlShare",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.76.145.22']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f2800e0c-3ef9-48b7-9766-334d1ad53d97",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:15.000Z",
"modified": "2022-05-31T08:55:15.000Z",
"description": "RtlShare",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '141.164.35.87']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e1f8af8f-1915-46a6-bcff-c52fb929c55f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[domain-name:value = 'api.microft.dynssl.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--69b280d5-d3bc-41f8-9134-2f8ab2d587de",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[domain-name:value = 'www.0077.x24hr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0dc858dd-add6-4a3f-956e-41281d837caa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[domain-name:value = 'js.journal.itsaol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d7760b7a-e57c-460f-aba0-a50ef1b110c6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[domain-name:value = 'fgjhkergvlimdfg2.wikaba.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e8aca24c-7c0d-4b74-a9c5-d6aec1f3cebf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[domain-name:value = 'goon.oldvideo.longmusic.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--74949f6c-cc97-479d-8975-c114d2f9904d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[domain-name:value = 'as.amazon-corp.wikaba.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9f453869-0877-4b13-89c4-8bfa39a6d792",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[domain-name:value = 'freewula.strangled.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f19f00d6-534d-4cd9-a958-e31712a174fe",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[domain-name:value = 'szuunet.strangled.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9c163897-195d-4c61-ba2e-d25f1c00f6b9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[domain-name:value = 'lib.hostareas.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--772244b6-5821-4e1e-a5c5-dc3593cff260",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[domain-name:value = 'web.miscrosaft.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8f28e022-914c-47ea-a566-2bbb97661406",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[domain-name:value = 'eset.zzux.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0b087939-553e-454f-b113-d6f2a21d5da9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[domain-name:value = 'elienceso.kozow.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8bcdf22d-c894-4527-b6e9-fe9a2816e162",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[domain-name:value = 'lck.gigabitdate.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8b720095-c849-43e6-9904-ed865b072c3f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[domain-name:value = 'miche.justdied.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dbcb3cba-c092-4ca7-84d3-a80c1f183be8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.77.16.91']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d3e6b49-6857-4b19-b639-6c95120ea0f9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.101.178.152']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--84b4caf2-f862-48f0-b00b-f0e6b5d1ce2a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '123.1.151.64']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3a1bfc45-b529-446b-92e4-6ccc7122f099",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '154.85.48.108']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7572cc14-cbd4-476c-9d80-bb67c540592e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '154.213.21.207']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2b75ac24-8b91-458f-928e-b60d2d11cb24",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.225.226.123']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6c1920e2-4f6f-4229-80c1-92b4b3561f84",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:55:51.000Z",
"modified": "2022-05-31T08:55:51.000Z",
"description": "PlugX",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.225.226.217']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--905879a0-660b-4acb-8007-2d7ce4332bcc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:56:21.000Z",
"modified": "2022-05-31T08:56:21.000Z",
"description": "BH_A006",
"pattern": "[domain-name:value = 'comein.journal.itsaol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:56:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2f4c68b2-0c6e-4f8a-a719-1a30040f33e1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:56:21.000Z",
"modified": "2022-05-31T08:56:21.000Z",
"description": "BH_A006",
"pattern": "[domain-name:value = 'www.omgod.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:56:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cc6c36d6-590e-4692-ab0a-32da7bf4958e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:56:21.000Z",
"modified": "2022-05-31T08:56:21.000Z",
"description": "BH_A006",
"pattern": "[domain-name:value = 'findanswer123.tk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:56:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a0d78d22-43bd-4584-b864-ce03984a3895",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:56:21.000Z",
"modified": "2022-05-31T08:56:21.000Z",
"description": "BH_A006",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.27.109.234']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:56:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9f8e7366-91a8-4632-9b77-0ac65975b99d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:56:21.000Z",
"modified": "2022-05-31T08:56:21.000Z",
"description": "BH_A006",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.160.134.113']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:56:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f1b3900f-e6fe-49ca-8785-636da521bf80",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:56:39.000Z",
"modified": "2022-05-31T08:56:39.000Z",
"description": "Deed RAT",
"pattern": "[domain-name:value = 'ftp.microft.dynssl.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:56:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b2f12c27-6869-4bdd-a816-e9169528d2e4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:01.000Z",
"modified": "2022-05-31T08:57:01.000Z",
"description": "ShadowPad",
"pattern": "[domain-name:value = 'toogasd.www.oldvideo.longmusic.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8f5f94fd-ddb5-4219-b4f5-8a5b99203c50",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:01.000Z",
"modified": "2022-05-31T08:57:01.000Z",
"description": "ShadowPad",
"pattern": "[domain-name:value = 'wwa1we.wbew.amazon-corp.wikaba.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f0d4d8ca-7754-49f9-a454-15e2e4008950",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:18.000Z",
"modified": "2022-05-31T08:57:18.000Z",
"description": "Poison Ivy",
"pattern": "[domain-name:value = 'shareddocs.microft.dynssl.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a2cb79cc-198a-4f73-b480-e0d9d41decb2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:57.000Z",
"modified": "2022-05-31T08:57:57.000Z",
"description": "Third-level DDNS domains",
"pattern": "[domain-name:value = 'reportsearch.dynamic-dns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--08ff0149-67c3-47d1-8f2f-2e29d170df8c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:57.000Z",
"modified": "2022-05-31T08:57:57.000Z",
"description": "Third-level DDNS domains",
"pattern": "[domain-name:value = 'werwesf.dynamic-dns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fea883ae-05b6-48c5-9825-babd87acf648",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:57.000Z",
"modified": "2022-05-31T08:57:57.000Z",
"description": "Third-level DDNS domains",
"pattern": "[domain-name:value = 'fssprus.dns04.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--00146922-6ec2-4909-9c49-53246d23b121",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:57.000Z",
"modified": "2022-05-31T08:57:57.000Z",
"description": "Third-level DDNS domains",
"pattern": "[domain-name:value = 'alex.dnset.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--52b044bc-4a4f-49ba-bd09-116f239e668f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:57.000Z",
"modified": "2022-05-31T08:57:57.000Z",
"description": "Third-level DDNS domains",
"pattern": "[domain-name:value = 'tombstone.kozow.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3f886047-ff57-4942-80ee-d35a7276c033",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:57.000Z",
"modified": "2022-05-31T08:57:57.000Z",
"description": "Third-level DDNS domains",
"pattern": "[domain-name:value = 'toon.mrbasic.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--63134076-a266-493d-9fe1-96bdeadc59b6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:57.000Z",
"modified": "2022-05-31T08:57:57.000Z",
"description": "Third-level DDNS domains",
"pattern": "[domain-name:value = 'rt.ftp1.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6f44b831-b29b-49e4-8068-e72f15c72e1b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:57.000Z",
"modified": "2022-05-31T08:57:57.000Z",
"description": "Third-level DDNS domains",
"pattern": "[domain-name:value = 'apple-corp.changeip.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fde7c1c8-d8bb-4be5-b418-8cc58eb8cbb6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:57.000Z",
"modified": "2022-05-31T08:57:57.000Z",
"description": "Third-level DDNS domains",
"pattern": "[domain-name:value = 'amazon-corp.wikaba.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--383e9cff-d0a1-4a3c-b832-9121ea699649",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:57.000Z",
"modified": "2022-05-31T08:57:57.000Z",
"description": "Third-level DDNS domains",
"pattern": "[domain-name:value = '0077.x24hr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a1e56eae-3c37-4730-acb8-658c90482f24",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:57.000Z",
"modified": "2022-05-31T08:57:57.000Z",
"description": "Third-level DDNS domains",
"pattern": "[domain-name:value = 'staticd.dynamic-dns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f06011f7-2cc0-4064-a396-9f82e2dab32a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:57.000Z",
"modified": "2022-05-31T08:57:57.000Z",
"description": "Third-level DDNS domains",
"pattern": "[domain-name:value = 'srv.xxxy.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ae589c12-d3e3-4992-857c-a17ede9a6388",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:57.000Z",
"modified": "2022-05-31T08:57:57.000Z",
"description": "Third-level DDNS domains",
"pattern": "[domain-name:value = 'serviechelp.changeip.us']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e4ad05e8-51b8-4296-ad61-62193c62ec3d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:57.000Z",
"modified": "2022-05-31T08:57:57.000Z",
"description": "Third-level DDNS domains",
"pattern": "[domain-name:value = 'mktoon.ftp1.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5877c0e5-aeea-4460-9073-ce415503f871",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:57.000Z",
"modified": "2022-05-31T08:57:57.000Z",
"description": "Third-level DDNS domains",
"pattern": "[domain-name:value = 'noon.dns04.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d8c9ba23-c063-41f9-9fb5-3f8f3496568d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:57.000Z",
"modified": "2022-05-31T08:57:57.000Z",
"description": "Third-level DDNS domains",
"pattern": "[domain-name:value = 'ybcps4.freeddns.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a4712508-4e0e-4793-9bff-eea0f41b9563",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:57.000Z",
"modified": "2022-05-31T08:57:57.000Z",
"description": "Third-level DDNS domains",
"pattern": "[domain-name:value = 'oldvideo.longmusic.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aee705fe-5f03-44ab-bc40-1d84c1c0ea08",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:57.000Z",
"modified": "2022-05-31T08:57:57.000Z",
"description": "Third-level DDNS domains",
"pattern": "[domain-name:value = 'chdsjjkrazomg.dhcp.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7ac8ce83-24f0-47aa-880d-09c5978d0493",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:57.000Z",
"modified": "2022-05-31T08:57:57.000Z",
"description": "Third-level DDNS domains",
"pattern": "[domain-name:value = 'q34ewrd.youdontcare.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b764b752-8559-4b1c-b1cd-88d637dd3947",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:57:57.000Z",
"modified": "2022-05-31T08:57:57.000Z",
"description": "Third-level DDNS domains",
"pattern": "[domain-name:value = 'journal.itsaol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:57:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e66ce31e-755d-4644-98a5-143d24b353c1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:58:51.000Z",
"modified": "2022-05-31T08:58:51.000Z",
"description": "Poison Ivy",
"pattern": "[file:hashes.SHA256 = '672d1ec9f27870a9ed4983038e58e8577bacc735d5168d74bcff8d6ed9aa7947']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:58:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7e27d40f-956f-46f8-b379-a26c8c550183",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:58:51.000Z",
"modified": "2022-05-31T08:58:51.000Z",
"description": "Poison Ivy",
"pattern": "[file:hashes.SHA256 = '2e35a1599b58e76167f2235d46840cc973dc49a6f14c0c2a2e91310a2fe2c2dd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T08:58:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9480fa54-fbaa-43b6-8b91-fb777629b2f3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:05:03.000Z",
"modified": "2022-05-31T09:05:03.000Z",
"description": "ShadowPad",
"pattern": "[file:hashes.SHA256 = '9324d7a72c436d8eb77f3df72b6f41aa4e1b85f08ef7583e26de75e17cad490c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:05:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3ffcbc80-3e64-4e84-9a40-b3ed9bc9beb9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:05:03.000Z",
"modified": "2022-05-31T09:05:03.000Z",
"description": "ShadowPad",
"pattern": "[file:hashes.SHA256 = '06ce5271836a6a1ee40513b1de6991ccd87bc7ff640948f194e7c12bdf779fd9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:05:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3b51b1bd-57b1-45ad-9ab9-b23ce1d23597",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:05:03.000Z",
"modified": "2022-05-31T09:05:03.000Z",
"description": "ShadowPad",
"pattern": "[file:hashes.SHA256 = 'd34b6306aeaaccea3b30dde377701c4a23b861b47f9bda777ca7dc0552f2754f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:05:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2d1c6f7f-feef-4e9a-88d8-c990fcb91b97",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:05:03.000Z",
"modified": "2022-05-31T09:05:03.000Z",
"description": "ShadowPad",
"pattern": "[file:hashes.SHA256 = 'd011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:05:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--419bb539-ee0d-4a59-b55b-cbaba5d25c4f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:05:03.000Z",
"modified": "2022-05-31T09:05:03.000Z",
"description": "ShadowPad",
"pattern": "[file:hashes.SHA256 = '459f386be186c0e23234f299f2607d0eb2745eb743e1422a95ec2dca645b0e21']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:05:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--39669d7d-b82f-4832-a777-ac6fe364bbfe",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:06:46.000Z",
"modified": "2022-05-31T09:06:46.000Z",
"description": "Deed RAT",
"pattern": "[file:hashes.SHA256 = 'ff87ec66b89db551d6f4ce33ad150fae7286f58d465179acf2b8001d9ca9bcea']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:06:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1237e5e8-6ce8-466e-9430-352d7f695878",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:06:46.000Z",
"modified": "2022-05-31T09:06:46.000Z",
"description": "Deed RAT",
"pattern": "[file:hashes.SHA256 = '761557ecc63ec5fbc2e3573f61a860bd8967f04818be25893361c63409ab5af0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:06:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4c315bb1-de36-4ee0-8210-a4c616bf67ef",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = 'c0292c55fca5f68f4f4831fb5d2a77a78c1f1a45']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a5e43bac-d62f-4f9f-bfae-84c0d4bdce20",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = '36a8ce6f27c251a81d9deada291b2a2c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--218c4a70-77ee-4b56-9378-46b3b8e28d4e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA256 = 'e76567a61f905a2825262d5f653416ef88728371a0a2fe75ddc53aad100e6f46']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--023cc47f-39b5-4fa1-af8d-f3e861fd01e5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = 'e45a5d9b03cfbe7eb2e90181756fdf0dd690c00c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56cb9786-2ff0-46e2-ac06-8c93d59cc8c3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = '06af27c0f47837fb54490a8fe8332e04']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0635b388-873b-474e-afae-91ff823a240d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA256 = 'f2ab7d78377fe1898eb6406d66668c9dbbe0836e9c97af08bc57da56a78272a1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--09cc0130-e20f-4fb8-888f-a6a2a8b004f9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = '87ae868159d572acbb376faf7fda6593058f8518']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f8dd30c3-78e7-44fa-ae97-662439af7d88",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = 'c241e8486a0674f7af1b0928b59b94df']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--811204ad-c0c8-403e-b4e0-4267bb720619",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA256 = '1a4cc1c66082f4bb10b917bc434ecc9e7e4f92877fd42e3fbe5e8a96154318f5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--80424eba-d545-496a-9521-944a14717ddf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = '927f428e0de0391a6392943b3c79fda8363828d0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3810a8dd-fed6-490c-8dcc-2da49b064263",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = '758eabd1b7b644b01a21011d6e1159e6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--09e78c40-0404-4b2c-a924-429ef7ea2482",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA256 = '1b0e8f31b513ad53db7ca6d8db35c37eb24eaddf859521b6913209af934808ce']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5abfcbd5-2e48-4509-a613-7928ba23af18",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = '9df3431e26b958f671b28d1c4d34dfa5c0c653bf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dab47fe9-bd96-4f4e-a5ed-4e9209122b2d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = '94759ce1618ffa9e38cfa7c3ad43061a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c2c9a846-0975-4d00-863d-4e1943bc1cdd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA256 = 'f42f8896183d298a6ecd2c3fa78393bf7e58bc33ab7994e35346a57cbe2e2521']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a32d5258-cf83-469a-8fb1-d9429c8c0466",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = 'f214cbda1dcdc75b3d355affef74354a104d5b29']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--24ff3a9f-ddeb-4c5d-9b49-d6f58f5e2eca",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = '5ea6d25bb95d8643dfe2deb4afd92843']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2ff26717-0f33-40f1-9ed3-f8b38107b324",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA256 = 'bd366f22fd0f1b5b5a041621f70b357287c45883e847bb8f31809d16ca46052f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--00b08a95-a9bf-4c09-aba5-381c10349451",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = 'c213d8d98359c32e1b320b8ab0cf168e3f369441']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7b990f33-3221-4b5e-99e8-4d3fb2bc6b80",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = '8f088b92a9f68681dd17f0fb89b1058d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f461530e-6503-4ed6-8fd9-c8e48e369be4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA256 = '77052236a7061f91ba6442568f6db1200169fe4afdf9c3c81750e0929dd4fb96']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7bc4b528-9822-48fb-b40d-4f2f2a38adb9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = 'aa9b71858b893a131908b3236bb724226af6b1dc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a605e5ed-cff1-49d5-a0f1-b31c5c1c841c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = '02a7272416fefc68ff214b24214fc370']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b8091606-31d9-4378-bfe1-68c1b04a4c22",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA256 = '2bd9b56ddcccc0a9d33debd1c56b493bb60f8b4229f728b0c6c3bac0e556d080']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56d6a777-34af-43ed-9684-ed5e1b338cf8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = '0e2c294692cebcaecb5e2f3677d07f96a09ab610']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9b07e3e0-aee5-482f-b851-e03dd43c8e8c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = 'c7f0ec11b70be64695d826587d8fb9f2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9020b277-e4a0-49ff-a27a-4f195edf28e1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:53.000Z",
"modified": "2022-05-31T09:07:53.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA256 = '59fe1b5b641c140225ed12a8122da47716b9d841754f4604a2bdbb2a0dc765ad']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c38af120-1a53-4671-93e3-93b730fba90f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = '7324dd736142db51c4d3887c30df810a45b46b08']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7aa60e34-b1f9-40a1-accc-b3fe4dca1e81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = '32cb37c984fe0d00009e7566f18463eb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d7a55280-940d-4d21-b5b3-27314a83deec",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA256 = 'cb35899e21269b564ffdd4785961195af1779daf5ff3e64746e2d6368744ba2a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4232bffc-a4d9-4f46-9ee0-8c8fdeb273a3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = '5ad5183ce68975a59d85d650e72b13a845be82e4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e1332646-50ba-404f-b62d-eac2eaa934b4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = '7950cf56e58e2be3fc401885e815e9b6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9c22acd0-940c-4082-aae6-f473a5687ccc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA256 = 'f97d1f7e3ed963654fb68803f2ac6cd79580abb8f86ab477c49aec76157bb184']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--eae2e330-49c4-4daa-be40-999517123d64",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = 'cf1a335ffe672f19fa0160151c50eb9209b5e99b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e400c815-e22a-4a48-a68a-4341ae0ffe39",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = 'b66203f634e48430af63a3c1503b2a4d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2ef7de1c-1cc0-43ac-8dc7-bea92f140c50",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA256 = '74af7c238935e2fc11f97e122bbcf0b813c27f5a4a3b8aa47a574c24003df533']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c5580450-bd3e-471f-97a4-a6a7651f5d6d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = 'ffb8da41d8a92b4cbeaf4d85a4c2732b90d178c3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f0f2eecb-5bf3-47f4-8b63-9cde45e30ccd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = '7428f82ed54e0d75c37afc0dde45ea57']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--25261acc-4dd8-4dba-8f8a-7bad849b25cd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA256 = '9cd487bcec62fb5192fbe654ca5c02750b846070b85016fc3d2071add8e04f39']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d2b2c891-8950-4043-964e-d1d14448dddb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = 'b20c993e963a5540593120cfc1b596ba42aff649']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8930a608-e40b-42a3-bc83-a913a1a86797",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = '46c4fd5ae4f5907d5ba3faa2978ffbe5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fdd9e592-ba89-4c8b-b73f-e369763376b1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA256 = 'b0a58c6c859833eb6fb1c7d8cb0c5875ab42be727996bcc20b17dd8ad0058ffa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f915a3e9-f768-4edd-88bd-89d53e7fe455",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = 'fcc66ea2198a03def308c53adda78d4a64ed22f7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0d862f0f-fe5f-4fbc-b6a4-32e9aa506898",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = '823e689e34be362faeddb2bd8d32a05e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3b91243e-c86c-42ad-8b3d-1e0ff40c3fd6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA256 = '9843ceaca2b9173d3a1f9b24ba85180a40884dbf78dd7298b0c57008fa36e33d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2c2c23ab-a6ea-4ff8-a328-754c7d8d4428",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = '6c8ab56853218f28ac11c16b050ad589ea14bafe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a3f757fc-bafd-4785-8c36-1dbf5aebf67f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = '964be19e477b57d85aceb7648e2c105d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1c198748-64ff-4132-b247-2ab06a91d037",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA256 = '9969fc3043ed2917b76b6dbae36bd2e0846b90e9d93df4fc4f490fdf153da435']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f88e8246-197d-4136-81b1-c7c055952927",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = 'e102a2ff536d2df93ec9c507e52c04bba773b550']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--df54cb28-fae8-4761-88ac-43c3a6ace821",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = 'fff3c03e6c455eaba70ec816a4439b95']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ab0d324d-5b91-46ac-91bc-b312c857a16e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA256 = '690f5bd392269d80061e8e90a9aedac4f9bb2e898db4211b76a6e27a1ed95462']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6e0f331d-49d2-4765-a860-4a03da843a8c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = '5c1d4af865b4d514340d6a2dbb42523a142ab5d8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d1ab6e60-62d9-4e95-b3a1-06ee25f75c4a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = '18ea3d4c9639a696b96e49f53af2b161']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0d7e360c-12a9-4f95-ac2e-0c5f3bbe2d97",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA256 = '7bd1016b5f3a5004166de5cf7f1846024684979de413417d83321c931c1b5929']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a175ece7-f872-4c07-bc6b-a65e1f0e1953",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = 'cebabb80844c823df4539f4db29d7bca27e1f50a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3d8faf7f-a9b1-49b6-aeb0-98e805a6646e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = '89de9c0ce214d2e437e2ce6d266ab100']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9ece1dd5-20d8-46a0-b130-c6c97f761d62",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA256 = '1687af091d38108eeed634c0539b9639c6128aed9588a370f51a957bee534f39']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--69617707-cf80-4fd3-875b-698e7238c49e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = '53ab54c2c3ea3d6921fa2bf5fde69255dc41fbed']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c80dd27c-3e32-4127-8c44-c91776592764",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = 'ae755e20cd3a6f2721096736c5c3aed5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f5a69ed1-988e-4bd0-828a-a3fa71fb74fc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA256 = '16d2b4bb67147c0086c5716639e226fe1656da26f40bac86f7df970fa92a8460']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b80328b5-2b14-4b0f-92dc-0d27b5f18386",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.SHA1 = '1f89b71204ef85c00a6675f65acf4b834c0a58ce']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9c1c265b-564f-4f58-9ee9-63bac1f57344",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:07:54.000Z",
"modified": "2022-05-31T09:07:54.000Z",
"description": "BH_A006",
"pattern": "[file:hashes.MD5 = '68f52f72f9f3becd0f51da342dd6bd31']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--946ad922-3d8a-4f9c-b350-c291a9b37ab0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.SHA256 = '50f1092795c493c5275637b81fbcacfc4ca7951dfda06782a792988bbde2f5a1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3f38cfbf-278c-44ba-aa03-be6ef203b1fc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.SHA1 = '8e0ee1ceb7ce14994a481c266eef1f67087b59b1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--90c451fa-2879-46a2-bf8a-caca9b61f3b2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.MD5 = '6dfabe77bf18f1424cf47e2e0794f6d5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--579fff57-9024-4abc-99e6-aaad69dac773",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.SHA256 = '82894e2534feb0d9edbb3dd5339c3ff0f6eb73b07e40f0f8b15e759e8a55d052']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--72dff381-acf0-448f-8566-4e3c5b156134",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.SHA1 = '0b8c9bbea5614d2fec852cf2f74fd20b591edbb2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5541ca09-bf1d-4f0f-ab70-397224ede358",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.MD5 = '814e3cfdbf77e8b400dda78ab0a80e24']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--addd3972-2782-4b8c-8662-478f3fa2061d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.SHA256 = 'e5f471dcd4f5a47f0a53fc389e58c70b9ef81805c503ed6b100950d02ee7f777']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c91b0f2b-2109-4f12-b955-ae75129cf911",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.SHA1 = '9eb2ed9db419cda517fbea69a9204644e946913c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cafd595c-9454-409a-8069-5ae38e974c85",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.MD5 = 'a70db29d6a7ba154eeb029be19136cb6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--43997591-7f3d-44dc-9b27-dc0b7c3a0eb3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.SHA256 = 'aeee80588212bc941e179ca95931a91bf446cbc1446111d4e520243d708f1d5b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fec06490-93a5-478f-acff-fd62f599ca12",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.SHA1 = 'dbb93c7b7e36b5eb0dd408e836f7bf305ee076bf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--762b9c2d-544d-46a0-9abf-bb60a418512d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.MD5 = '661635e774fef37e56928333d6040cac']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--30360986-55d5-4298-b232-6c3f2ff4e9c1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.SHA256 = 'c66dda5131c0aaa118e7cbb5de16fbc984f1f0c9194717b8981bca0fb024f170']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0e8f6876-49ec-40fd-852f-2fd63962396a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.SHA1 = '58ec65e2d39e3dff7df3c85d3896ab37a04cd475']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0d424d9c-658a-4aa9-9fba-274606713280",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.MD5 = 'a96e3b2fd7c8bb7c903240e0b9b1e980']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--19c059f8-96ea-4630-b477-d85c9552a771",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.SHA256 = '051b08ef35a6122bd9ff75609ccd50d84793e5502a9e428a57f2bf688d21d1e9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--05aef884-0de4-43e3-a759-4e209143566d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.SHA1 = '1b43bb893767f48bc134c1894f3390fd20dbb22d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--95b2cae6-7d51-45be-b9dc-c02b98c230e8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.MD5 = 'd2b60af1360508ca2728f06f45a3f931']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fa4e075a-c5d6-4b24-a4f2-20e457ca0306",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.SHA256 = 'f96adc9e046ecc6f22d3ba9cfea47a4af75bcba369f454b7a9c8d7ca3d423ac4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0bcbff9a-af7c-42af-a059-86142b1df663",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.SHA1 = 'cb85578a26dd90f536b9c97cf88ff93baba22107']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2b3706ec-2b58-486f-b14c-dab7dccab970",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:11:39.000Z",
"modified": "2022-05-31T09:11:39.000Z",
"description": "PlugX demo dropper",
"pattern": "[file:hashes.MD5 = '4412dcf06cb428d710297a3efcf24a91']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:11:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e503949d-f0dd-49d6-ad1e-d8ccbaf9ca5b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:49.000Z",
"modified": "2022-05-31T09:12:49.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '0f7556c6490c4a45a95f5b74ced21185fe48a788bcbe847017084ec1bf75d20a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--88a95f4e-f334-4d8c-a0dc-a4d33edbcfe2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:49.000Z",
"modified": "2022-05-31T09:12:49.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '53a17133173ee8f32261d4ac8afb956e1540f7be']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--af5e7c18-444e-49f1-8f17-bfcaeee08dee",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:49.000Z",
"modified": "2022-05-31T09:12:49.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = '4b6e1f5375552e09975f23fd8661e0f3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8844d4fe-3281-4200-927a-dc2082f86402",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:49.000Z",
"modified": "2022-05-31T09:12:49.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '429b6c5d380589f2d654a79ea378db118db4c1fd1d399456af08e807d552e428']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a6090c7f-27f3-473f-b5d8-0c8bfae4b689",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:49.000Z",
"modified": "2022-05-31T09:12:49.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '97ecc5aba4ce94a5012dcf609f2d325f293d4bea']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1030e771-1b00-4033-9823-283235894a09",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:49.000Z",
"modified": "2022-05-31T09:12:49.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = '3f8de0e26ee2f1f030e7d61215a227fe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--07f3cab9-e213-4ab2-866c-c139606f481c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:49.000Z",
"modified": "2022-05-31T09:12:49.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '0956ab263c7c112e0a8466406e68765350db654dbe6d6905e7c38e4f912a244e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9bdd73e3-06bc-4de2-85d8-e486666079f5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:49.000Z",
"modified": "2022-05-31T09:12:49.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '457a592ece5e309cc8844623f29fc6be62c5be60']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--20c94910-a796-471c-8ab9-727a19f518db",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:49.000Z",
"modified": "2022-05-31T09:12:49.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = 'bdc734d2c049d77285fdb503aac86cd8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0ef9900e-1901-42c2-91da-82a7600cd5c7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:49.000Z",
"modified": "2022-05-31T09:12:49.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '1c0cf69bce6fb6ec59be3044d35d3a130acddbbf9288d7bc58b7bb87c0a4fb97']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--10ae13ee-1763-43e1-9a17-c203e2cd81ff",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:49.000Z",
"modified": "2022-05-31T09:12:49.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = 'ef3e558ecb313a74eeafca3f99b7d4e038e11516']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bf3bf28e-a0a5-4e1f-8c96-35ad692a721b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:49.000Z",
"modified": "2022-05-31T09:12:49.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = 'b4f12a7be68d71f9645b789ccdc20561']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--030d5423-e78e-4b4e-bc11-7feb1fbd0365",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:49.000Z",
"modified": "2022-05-31T09:12:49.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = 'a072133a68891a37076cd1eaf1abb1b0bf9443488d4c6b9530e490f246008dba']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e07be9b5-ac7d-4074-a4b4-ff6534c58fce",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:49.000Z",
"modified": "2022-05-31T09:12:49.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = 'e9e8c2e720f5179ff1c0ac30ce017224ac0b2f1b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8129d17d-39bf-41ad-ba71-4f334cc0d7f5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:49.000Z",
"modified": "2022-05-31T09:12:49.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = 'd5f5bb6368735f34440621b80fb8e003']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ac1dc2e7-c1fd-4e94-96cb-33eb3479d6b6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:49.000Z",
"modified": "2022-05-31T09:12:49.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '1bad7e53cb4924576b221a62d2cddb4d18bd387734328b7d48e32046700e2df9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3c0ffee8-e707-41af-8066-a5ca1b18aac5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:49.000Z",
"modified": "2022-05-31T09:12:49.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '7539e5f25b3e66ea849ebee6bf6104d504573035']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d1bc4ca8-bd65-4449-b4e4-1a077ba552fa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = '25db7152f66588dd8ce035f4bbd811d6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fc958499-41d4-4109-ba52-1141b23c652c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '39083375012d2a854e6310411e7ce4c4e3440bd5784ae158599be25deaeabcb5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fcd53eb4-4189-4139-8495-affa846897d6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '7ad24d1873325a02ca4644ebbebe5c5f95bb927c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f6a03684-7a91-4f2e-9967-94dffa1c50e0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = 'e7a9d56297f8d0c16eca077b5f0a86bf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--384a58a2-573c-4ed9-aa66-cbcd683a6f7a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '3c4483e1185d00b282b19910ad5e7970462122b8b7d8895860ffc132a05b3b9d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a9a453e8-9498-4a79-b844-8ac42c53e747",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '62d33015859f49e2ad178239891dbed78a0e2de6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--44fbd3a3-83fe-4b3f-83b6-309e56360918",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = 'a83b0a6b5c590aaf7528dc23ce1856f2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d9330e7-0748-4b58-9b7d-8ac621e1cc94",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = 'f8885d5caeec2627d808dc20bd1fbcd42732700686d34f1bb29d83d5d5115ee0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--091cd082-8b29-4041-b692-d41d23778f00",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '8a44433cfc2e4f116ebd59aac5f596f83c468d44']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--84d28cee-420d-4ede-8631-ffa4f1b88439",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = '633eaedd4944db79d0ac68e71418c34c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6ac5e026-94b8-46ae-927b-d350bb89b3c5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '07ef63b7c9554065e3a6047404d2526e8c8e450c5fe977247336626be403d790']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--285b3234-0dfb-44bb-8ff0-06e87d3422b0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = 'a397d9d7d242bc748dc2bf5307d0f16c5144d98d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fc18b391-40a3-4107-b070-88d547be5096",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = 'cfd0a7ab2c2c99dd341d844a5486599b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fa967727-02a3-428f-ac07-7563c3e492b9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '8d2ff35a5c941cb2f0438969be1a16116efacb51bb9820e6facc285640855682']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2697a5ec-a9a8-47ac-8bb0-6c88928e4666",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '702cf75a6b23a18001a909d6743a739837cc2053']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--694b642b-e850-4a78-881f-cae5b5012ddd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = '0fe86427810229e4927b3a7091bea583']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ee940515-9e58-40e0-a033-ab07d7ecdb03",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '31af406fababf825eb15969970f5de1d2de9fa29a3ca609aed3174c48806492f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f02cc983-842d-4358-8b88-a6c7b4dbb125",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '12e4407d5341836635ce54727ad4dae7712c2a4c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7f907d27-a700-46ef-94d1-cb1f4354db1b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = 'f4c9dd900488d6ad172f16a812b5e0fc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--106fc338-a3ab-4849-9125-c1ee38b747b2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = 'c150172ae47f9708bf4a87cf67eb19b09e6d4f5a565043f309c1da5ffc9bd656']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ca4d37a6-2c19-413c-8fbf-a1f7ff4df201",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = 'eb6b2ddf1da767848ffe51f14b177298173227f5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--817d98e5-452b-40bd-a7ef-db87d7a0f80b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = '7a4a791eeb0a195057a65ecceeafc8ff']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--add33867-477f-4bc3-af3b-9bac0ab185d9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '5f8e8eada8ad8fcb007a1da7d2dedfdc55473cd5d65a287224c345edf9c1e964']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a5e9d517-6c65-4fc7-a134-054bece5e013",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = 'a7837c8e3f789a112fbc2eea623c4e03664280ce']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c5475a7-ed9f-44de-bd3b-da11053c382c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = '11fba00953cbd550be12a5691f79547a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8bb746f6-37f5-49ad-b39f-eda7f65402ca",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = 'fda4712cfb3007e7eb5f61b37c746640ff5428108c74106352b69a11193d79a1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8cedd9f4-d7b0-422f-be5e-29ff339a0f5b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '628dc1642de5e74bf230e9b933f264196b9678bb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9cc2e668-78b0-45b1-abe7-620a50f444d2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = 'be4625cb6e797b05a5ce3f2f5d0618c2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6264f83f-1a23-4fbc-8ac3-d7c4be164b51",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '17c4a6adca907b7cd0fc75d6008a307a3813ac3b75bfebb4f173360b5d2e7964']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6ada6b8b-9dcd-46c1-b225-b140474c3006",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = 'd5959009d3a2bdadd0db5385706920da21e5c8d4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--baa313bf-017b-43e8-9675-9c8a52f2d29e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = 'ff7b237c3049fce0559876239e5c0ae8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1e128d04-a418-4710-837c-5f255b536128",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = 'b153195807d9b58168bba751517498268e396a79965c5d323fad5c16bbc9520d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e6a61945-7965-4149-9bd4-fae59b1357de",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = 'c14b4468a33b12250b560a0c7e884e01dd986c95']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c0b58339-ea8f-4642-aa19-b876a5427667",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = '9f4150eee0d18c7ebe6fe2881e40f1a2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8ccabd75-cf47-456e-b272-b9c02f7f41a8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '7112f1033f1fafd9cef1862f6ea0a77994858bb54270deede1ed24b0f18fa7b1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--532799de-ebd8-41b3-863e-dee0e6951025",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = 'bc0a54644b5ba7eff9ca10d8b42d73f0c69e4c53']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d4fcb851-379b-4eea-bdd5-638eabcba460",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = '824e76688a5b5bad414bc170721a29da']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7d72d88c-9e9b-4302-a7b8-7c10ed24e962",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '5ece318d3df972291896e858b76224c5ec34637d5409db44c89ec67ee0a6089d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5785a607-977c-41df-918a-ba42245ed4c7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = 'b253c8ff5fc2cb1ea8933721c3a4002a42eec2f9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--216c6f4c-f217-4eec-9b4e-3ba4091a072f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = 'b0b6d1d000f031c2883df9f67360a338']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--15a6daf6-1922-49f2-a9bf-dda65f1ff81a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = 'e452ea28a9d3e37a2ac0cb8f4bca8ce41bea1a362d4c1680ab3ccaec6e5123d9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--142cb30a-d898-44a7-b187-0a5f6b317a05",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '7f81103b574a3c26b478e9ab41abc422f979f299']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f38dd78b-be26-4564-a238-6cb8565c6db9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = '49a5af86baf3d7bee422b841781d1bfe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--41005e26-95a7-416e-91e0-13c29b2887fb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '195b39d40cd9d50e0b4b6b41f8b45140bb0f6e201e75b4398bd07b1e5959970b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ce8883b8-f31d-4e3e-89c0-eeca59280948",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '5d449cad4b2a8d8a6b7489d82b110c370142acdd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a28021cd-0370-4c12-9329-7a0142491bf8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = 'ff58ce5d9d76502785ed1900056a4501']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ae537dbc-cfb9-4d66-adf5-74f2d3f93c70",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '675abcf2bc7b1792b50fa296315f39ce5ac8e7e3f754a9be867eb0dd6bbf1799']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba602a-0e83-4739-bfec-fc00188c3335",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '103cf5647a8dc33d9d611b5b1eafc3e498d02dab']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6af6c6f9-f1b2-4525-ae07-33918e2cd6b4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = 'cb9b8cf286b84678784e7456b7d8fa85']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2b29bd6e-013c-4c5e-bd17-c1da06ee559b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = 'e60757a893881559104513d75cf521c8f72e10653442b9f2510402453e48cdcb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--81bd77b3-0cda-413b-81eb-1becbf6dc61b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = 'b2e4179f7a2d1942fdb8e0fff632a3b65e9dce37']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e264032b-b941-4614-8c66-3fcf235ad0d0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = '3a0536d8cd93119389d06575adc64079']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8f300eea-3286-46ca-ad3b-655975a81701",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = 'a9acf75a658cb6e8aed6f638b08931fbe74f7b69a26e6b45486caff9d8e455a4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--98172e81-5ebf-4a00-87d9-c4ca2a58700f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '187541ef47985e11324be53309808e23b33c12a1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--752a8507-d561-45ee-9d21-172840efcce3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = 'ef479d7cd2e77a764ffb0a4b291a70fc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6adb5419-b9fd-4274-b9d5-32e8045669d7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = 'ad48650c6ab73e2f94b706e28a1b17b2ff1af1864380edc79642df3a47e579bb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d17249a7-e6ab-4278-b30a-1335e3ce6325",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = 'f1a8c309806c90c100e680299a037ec71cf4397c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--87209073-2ca3-4b72-9622-72ea7837aa30",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = '1cba2ec3fc5f1451aaf3a75c9823825e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7a9ce085-b6c2-445b-a65a-7c5f60b889ef",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '0b1ed5214dd31a241920de4b5c7cdf3f02ad5f76260bcd260328732c9bedbcec']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4519014a-cd87-4ce7-b726-740e3d303021",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '9be46478e3cbeb51267b8fb88952860790051c07']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--434f0912-2835-4d21-a3ca-35ac89d6359e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = 'b404e426c53c066620d440f92331a113']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--294aa829-03d8-4014-96f7-d7c14d591a19",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '555fd0d7c1584f7b504ac65f34017f7070ee12ce0f4070cd0555361b3adea54c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d2b37fd8-3b39-46a2-ae09-1af9005af48d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '1f10627b46b51a97b059395bf062117fdfae4cf0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fd857226-7c7c-44b2-81e5-bebe58812c49",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = '895644020eba9ec62d47ca85ccf94012']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0bf29ee4-5e63-4756-be23-ba3a3a17b9c8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = 'fe885d1a2bef4e99dcbcacd9393c59ed52a718ff2cbbc6a15e443e150edaa662']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7eca7cf4-b98d-4982-a2ce-e59d7598bf4c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '9d490725443c9f426cdc0bfa75b3d900404153c0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6c8df83a-cc18-4087-b163-768488e4891f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = '13febb9240f37a69f251fd6055b8e1eb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f0bebd1c-8fa0-439b-ba4c-41f24ebd2b0b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '354c3c2a7602475b72727158ebae8261f0ac9f2ce6c2ab86ee9ec38169b40f62']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0ac57f35-366c-45f9-a4cf-c15d3c156c17",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '68a651026a3bae94776a9e1a45c6cca58b9609b7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e6b8ed73-74f2-4f0e-b70f-5a7c27939c8b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = '1d866ed934518061839588565ff71edd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--483dd923-9e30-4de9-b57a-0db4c449da88",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = 'ab1282afced126da7d330d7be338dfe1f3623970a696710e55a67fb549118f1d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--796a24d7-2565-457d-9288-ee70a0f16afc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '3ebe6bd2d44a4d54d8ba314b92c9c379398bf095']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e81e07f9-97c4-4f38-b32b-d29d60fce1d9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = 'c063adbb4a8a41a8678c594258065fb7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ff369bda-17f8-4ddf-8029-4139668a6d9b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = 'e3d32b0758f98b55483a18631ae42e944c387b5a73b1fbc39f62b2c13a6ec198']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--47bcef9d-9599-4a5a-ba58-31ea91fd0de0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '5fe3b83b3ccdf78303b59e5f3e628a2cf80e9d13']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6313de41-8cb2-413a-94e8-c3df9253033a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = '923165c972c38678f6d9ab4cef36a007']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fdf294aa-71a1-47dc-a477-32abc0870ac9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = 'a4576ca47764284bc3aa8e5dacad84163ca56258dc8af4aa4916bb3bacbd58e0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1ea61068-647b-4763-86b8-a411a3849968",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '1166b3daa8ad2496a8b71f37656be7ac41821e03']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--25fb61c2-d843-40ac-b51c-69a0a51838c4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = 'a1503cec20057e367cff4db5e4a8b93c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--879e2c43-be5d-4e62-b3fa-ce97bf8b04f1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '8871bd39918868d4f4390e430e82730819182a8ae9fb3ef7096c2ce5dbafbe26']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4439a989-bb98-4df1-b09d-6e3aea66ee0a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = 'f1d74087627879e224303ee56e74d53f6dc67204']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4638f414-8a9f-4092-8474-6568c00f7177",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = 'ec0a9cecb7e1b4b40ffdba19407332ea']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0cd26efe-d7dd-49ae-9158-a3203259c3fb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = 'f5e780d10780f45adb0ddc540978d7e170e8c143a251003651e12c18142cee16']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9a467d03-0b97-4284-a198-6d8fa90be134",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '8e5ef3c08eb584d041a7aa93473aa2e31787d111']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6c3a1567-9939-4397-af69-e320713af79a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = 'f16790e4e2029367cf3ae07037169424']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a41f06f2-6f7c-4906-a789-41df511ac5c2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '37b3fb9aa12277f355bbb334c82b41e4155836cf3a1b83e543ce53da9d429e2f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--74e28db8-7140-4bd5-a292-7763e340dad8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = 'ea7595bff1cfd1d72fe72417bf263d9adc9bc59e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a9e31216-2664-4041-a999-121b62414022",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = '9ae8a7837c60f3f587701934ff41bd96']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d745cace-363e-4f51-8f9c-0812bbccd6df",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = '6cd5079a69d9a68029e37f2680f44b7ba71c2b1eecf4894c2a8b293d5f768f10']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--eb151a3f-c3f1-4d4f-a91f-b7a67c56f29a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '50064d66c9b55b6f7d22051b81914d8366fe36c8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d9d1cfc9-1870-4bf6-bd97-5d69c45d7f16",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:50.000Z",
"modified": "2022-05-31T09:12:50.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = 'd5915394a6916a00c426aa2827d97c0e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7fb913ac-cca5-49cf-b87e-b51a70d3ad12",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:51.000Z",
"modified": "2022-05-31T09:12:51.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = 'c21a3a44b46e7242c0762c8ec5e8a394ddc74b747244c5b83678620ae141e59c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cea2f686-8f26-4f91-bfe7-cf1c8df95fae",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:51.000Z",
"modified": "2022-05-31T09:12:51.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '31d67b5a5588b2d28365534c36a7b754f28e1df9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b88afa59-21f9-4bfc-9d67-323f9276839d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:51.000Z",
"modified": "2022-05-31T09:12:51.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = 'ecab63b6de18073453310a9c4551074b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2130bf20-2672-4aaa-9fc2-b1da06add328",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:51.000Z",
"modified": "2022-05-31T09:12:51.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA256 = 'fe18adaec076ffce63da6a2a024ce99b8a55bc40a1f06ed556e0997ba6b6d716']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0108cb8b-cff9-4662-86ec-62e458b23ea0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:51.000Z",
"modified": "2022-05-31T09:12:51.000Z",
"description": "PlugX",
"pattern": "[file:hashes.SHA1 = '1e8dee59355e064790d05e44199443d94ab1aa02']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--046f4ce3-253d-4a7b-9d80-5be2a3ecc929",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:12:51.000Z",
"modified": "2022-05-31T09:12:51.000Z",
"description": "PlugX",
"pattern": "[file:hashes.MD5 = '219983c1a7c6c08707f4907b17a72eb9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:12:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2b8a4cf7-0994-4767-a45e-f458d6f5c876",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:42:51.000Z",
"modified": "2022-05-31T09:42:51.000Z",
"description": "RtlShare",
"pattern": "[file:hashes.SHA1 = '8903e04d7ffae2081867337801ca2fa5f93220bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:42:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ff6905ba-b1cc-4783-b1fc-a78f44ef284e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:42:51.000Z",
"modified": "2022-05-31T09:42:51.000Z",
"description": "RtlShare",
"pattern": "[file:hashes.MD5 = '9d116d94151682934dfd753485c91b88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:42:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f89d92ec-fb63-48c9-bd7e-8315a9bbf551",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:42:51.000Z",
"modified": "2022-05-31T09:42:51.000Z",
"description": "RtlShare",
"pattern": "[file:hashes.SHA256 = '8ac2165dc395d1e76c3d2fbd4bec429a98e3b2ec131e7951d28a10e9ca8bbc46']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:42:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57f14153-4a5a-4817-b159-7564755224bf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:42:51.000Z",
"modified": "2022-05-31T09:42:51.000Z",
"description": "RtlShare",
"pattern": "[file:hashes.SHA1 = 'c0988a4ade711993632a03a2f82eea412616ef2a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:42:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--19cc86e4-cea6-47db-b446-8c4d4e882eab",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:42:51.000Z",
"modified": "2022-05-31T09:42:51.000Z",
"description": "RtlShare",
"pattern": "[file:hashes.MD5 = 'ab01a4642e76df9e20a6d936d1f287fc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:42:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--031c6dd7-c9c0-4c1d-83bf-ccb2f4d2f36d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:42:51.000Z",
"modified": "2022-05-31T09:42:51.000Z",
"description": "RtlShare",
"pattern": "[file:hashes.SHA256 = '3f6102bd9add588b4df9b1523e40bb124af36a729037b8c3f2261563e4fa4be9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:42:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--90c2998c-083d-4647-b68e-104e09725c4d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:42:51.000Z",
"modified": "2022-05-31T09:42:51.000Z",
"description": "RtlShare",
"pattern": "[file:hashes.SHA1 = 'c865ef013018db3ed00f946b96a7a98ef2660e65']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:42:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--79b6fb5a-8469-4c1c-89e6-103a3be786a8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:42:51.000Z",
"modified": "2022-05-31T09:42:51.000Z",
"description": "RtlShare",
"pattern": "[file:hashes.MD5 = 'e8e966455a60c6f5dbfce3e82564d2c7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:42:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e4c3d99f-1ce0-47c6-9bb1-ab7c80f7e804",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:42:51.000Z",
"modified": "2022-05-31T09:42:51.000Z",
"description": "RtlShare",
"pattern": "[file:hashes.SHA256 = '785ac72b10fd9cf98b5e2a40dc607e1ff735fcd8192bf71747755c963c764e2d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:42:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--86fb364b-9cd5-406b-84ea-3c37c968680f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:42:51.000Z",
"modified": "2022-05-31T09:42:51.000Z",
"description": "RtlShare",
"pattern": "[file:hashes.SHA1 = 'a429d9c8c67c8c8036ef05f7b4a27530ee6ae98a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:42:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--945cc5cd-1f3c-48e9-82c1-c09211e6642f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:42:51.000Z",
"modified": "2022-05-31T09:42:51.000Z",
"description": "RtlShare",
"pattern": "[file:hashes.MD5 = 'f15c15e2b26f47b436b2a91d332ad59f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:42:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--319155c5-e777-4cba-9b5f-4d2a863fda46",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:06.000Z",
"modified": "2022-05-31T10:03:06.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.SHA256 = '7d9e1a193402b87dbbb81c2ab95632686154cff9c991324e46b275850a4b2db6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0ab6e78f-b45c-4e03-bf04-53f0a655ad53",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:06.000Z",
"modified": "2022-05-31T10:03:06.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.SHA1 = '36a6eb414c9b8a7c2cdf12eb46e490d288e7a47a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--93a3b378-84ec-4846-913d-0ffd71c8a66d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:06.000Z",
"modified": "2022-05-31T10:03:06.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.MD5 = '98416b41f386bb45ed36c2b6bd0f55ca']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59a9e638-cac4-4294-a2ef-d6c22dda6072",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:06.000Z",
"modified": "2022-05-31T10:03:06.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.SHA256 = 'dd82a7b9b5dc0ee1f9e9f19d46212f3e2a1d09a816f5c0ece96275ee221fca13']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7cf55788-877b-4f01-80f1-835f70e6426b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:06.000Z",
"modified": "2022-05-31T10:03:06.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.SHA1 = 'cf0fb4950130abddead04c21316912418562bf8a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2e416b4e-b1c7-4852-b641-62448c523507",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:06.000Z",
"modified": "2022-05-31T10:03:06.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.MD5 = 'a74341091f88d5980a2394be28ed0239']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b7ce3e36-79c8-4887-90e3-4838923dd777",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:06.000Z",
"modified": "2022-05-31T10:03:06.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.SHA256 = '9f4d15ca56f87a5ded792f2a27a4c112bf59517079aedbefe49fcd0474600b69']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--024d7ce9-7fb5-45c2-a2d7-0faae239848a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:06.000Z",
"modified": "2022-05-31T10:03:06.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.SHA1 = 'bbbca10a8545b0421fbfcbd0b3b7a42527fea641']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c1bb89ae-2b20-4510-b44e-c0b2d4fdf814",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:06.000Z",
"modified": "2022-05-31T10:03:06.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.MD5 = '1bdaa370b064f90abbc2c7cecc6d3316']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3dbea17f-1f6b-404f-8dc3-d07ef3442e82",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:06.000Z",
"modified": "2022-05-31T10:03:06.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.SHA256 = '5872abe12a8e4c7182e4c6a894d6c27961b00d333657736bcbfd7cb1b38af2ed']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--17426cc8-6e71-43ff-9d24-835214a0bd16",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:06.000Z",
"modified": "2022-05-31T10:03:06.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.SHA1 = '133eca56512d8d5f8c730e102bf9042915e9bf41']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9c4d4247-72aa-465e-b84f-f477e9d203bc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:06.000Z",
"modified": "2022-05-31T10:03:06.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.MD5 = 'c60df47562dba1c75e9932aa088c24bf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--083ca25f-62b6-4e65-a953-5d86899bdc7b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:07.000Z",
"modified": "2022-05-31T10:03:07.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.SHA256 = '8dcb99e56c888800e0712faddc07d991b6dcb7a6fd4cceffe9e27fe3da83d206']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--50323276-5502-453e-a563-de2cbe699bec",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:07.000Z",
"modified": "2022-05-31T10:03:07.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.SHA1 = '2e76fa63adc870ca1de19fc7ea5afd6860f36e32']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a97ae723-03a1-46c6-bf29-6be7ee0904cc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:07.000Z",
"modified": "2022-05-31T10:03:07.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.MD5 = '1a22342f883ad150c5a6f7e85e9ba2ae']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b6d02461-0f3a-4d3a-867c-538ae277c1dd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:07.000Z",
"modified": "2022-05-31T10:03:07.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.SHA256 = '7079d8c92cc668f903f3a60ec04dbb2508f23840ef3c57efffb9f906d3bc05ff']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--130aa646-7203-4b78-9493-5dfe3a703b2b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:07.000Z",
"modified": "2022-05-31T10:03:07.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.SHA1 = '8993d0d5ec2f898eb8d1b8785cc5bb3275b43571']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cda0c391-8793-403f-b2ef-7e2ae6079158",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:07.000Z",
"modified": "2022-05-31T10:03:07.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.MD5 = '1690766e844034b3c2ab4f853bd59df7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fafb4bc7-ea99-40eb-9f6b-4fc09f184a64",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:07.000Z",
"modified": "2022-05-31T10:03:07.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.SHA256 = '5e8df46c9bc75450e2660d77897fa3dfa4d6c21eea10a962f7a9cf950ca9ca76']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0f03ff08-9bd7-4a5d-9555-10581458e72c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:07.000Z",
"modified": "2022-05-31T10:03:07.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.SHA1 = 'b0506335e332d64d6568f7830a8fab6a8a6ce1f8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aedaf623-f579-4a37-abe6-1b586e6a1ac6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:07.000Z",
"modified": "2022-05-31T10:03:07.000Z",
"description": "Downloader.Climax.B",
"pattern": "[file:hashes.MD5 = '923d60f3e63c95021f9e99f943fcfbbc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--979be04a-36d2-417b-a74c-f340464175fb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.SHA256 = 'fa2305975aded0fd0601fdab3013f8877969cb873fb9620b4d65ac6ff3b25522']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bacb163c-390e-4fd5-8dc3-80a6fb7a87e2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.SHA1 = '003f46f74bbfc44ffd7f3ebfec67c80cf0a07bbf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3521e466-847c-4024-b031-38c3c7cfc359",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.MD5 = '24b90157056913bef8c90b6319164afe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2b812212-ceff-4c18-8242-257c14d19a31",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.SHA256 = '0a0ce7fb610e3c037beb2c331e147c8750ba9f7ea2ece2f91f27f1a83c6839e4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3cd6632d-4de8-4d24-855f-37ed824a020e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.SHA1 = '1e0a63331814aab39ffb7806289a8ef3433553c3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--98649715-16d5-48df-8b63-2416f632991b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.MD5 = '68875f4b80fd1350af7dbea4d05a811b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--308aeb36-0972-4936-8b3f-c6a6be6287d6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.SHA256 = '898741e11fbbe6b5534fb12a489add1aaa379ee6757c0bd8d6c631473d5c66f7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9487ee79-8177-4724-9510-08a31b60fec6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.SHA1 = '3fa2f11e142f5f07f2dd63d89b58d01e9397ded0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--75c16458-7e7a-452f-b3da-f9964dd6631f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.MD5 = '1fe521f0ad24145704e6085b4a4859a9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d9ce0e4c-c5ac-41ca-b0e1-c1557a12d377",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.SHA256 = '59e4b8d2b65f1690139c094ee27182285febda115304c44e8d9e7329e09dc794']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e135b7cf-58bf-4f60-9f92-da78afe492b5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.SHA1 = '18cd249add7cfae87615ca5b32aca8503337a2d6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--050f61b1-85da-49cd-a509-8d6aacdecff9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.MD5 = '9bf855e5e8480fdb93fd12068699446d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--020de331-d4cd-422a-ba37-fad96114b350",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.SHA256 = '0c64cc96a52ff9bdf6593e948fed1bc743bdf714ec1f7b392490423d927c3bb4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4f107e0f-a72a-4500-8de2-f52769cefd20",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.SHA1 = 'bb1c27db5f8d7e43592fa81cbfa319f1ce7c828f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1fdb3f11-bacc-4ad0-a074-12c24b9a94b6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.MD5 = '0830581452de0c91090f8de7dbd123fb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--46686409-fd3f-4c9b-954b-017ac621e57e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.SHA256 = '1ca423fe0159e75718eb66524cd24002071a06b2fa68ce2cbb39d10682a154a6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4bbe93a6-866b-4757-9172-856ec0c60dab",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.SHA1 = '78c8298b8357eee1a2d5d9da86f290bad798ce39']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--34a5a18b-7100-4d05-acaa-333a9c89bd41",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.MD5 = 'ff5896c0749b1e8c403203ebb679ab09']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ae0c78e8-7ff9-4ec3-abf2-a130680de0d3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.SHA256 = 'e9c94ed7265c04eac25bbcdb520e65fcfa31a3290b908c2c2273c29120d0617b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4887a45d-481e-476b-819a-68278cfd9efb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.SHA1 = '47edf57c5724ef9ff232dbb76f749977c767106a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a7e58c9-831c-4054-a390-6abb26d192b6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.MD5 = 'ef8bcb5865669bc1d1776aeecd1c29de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--13599059-4536-4a8c-b9db-cc9be1866394",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.SHA256 = 'd376164e377577fc590a780d15603d6411fde6e45ea21971670d5dff597d9def']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0c896420-8c3b-45de-a2cd-f2791c2cfd79",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.SHA1 = 'd9e12317a43f233a739972723abc00f1b88f53b0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6a147bca-6147-42ec-9898-c66f9e59b076",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.MD5 = '5faa973967fee2f35229685ceacf20b3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b2682e4d-ccda-46cb-83a1-7c3d7cc573d0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.SHA256 = '4301abae1a62f87b1c51acc6a6b4f2c3926a248b4aa9c04b734cef550196c030']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--132f3c18-4277-4108-982d-43b695f27cc7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.SHA1 = 'cc402936b3d6fa5db14b54f0065404d975f2aeb5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--85c0536f-4452-4a9d-965c-38acafdd11a4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:03:32.000Z",
"modified": "2022-05-31T10:03:32.000Z",
"description": "Downloader.Climax.A",
"pattern": "[file:hashes.MD5 = 'f0f2731cabf1c1a6381d0cd265c937bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6cbdc5e4-918c-4665-a5ae-426b4831412b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:12.000Z",
"modified": "2022-05-31T10:04:12.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA256 = 'f2ce101698952e1c4309f8696fd43d694a79d35bb090e6a7fd4651c8f41794a3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9203b1ca-9119-48a9-aed3-2d23a7c6f9ec",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:12.000Z",
"modified": "2022-05-31T10:04:12.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA1 = '9ec2f21641bd3f482b4c85cd6050432dc05e7680']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dbb402f4-7053-4a27-9f5c-00ee59118e24",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:12.000Z",
"modified": "2022-05-31T10:04:12.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.MD5 = 'd0cb15e5fd961e4f5b3b120fc60dbdf8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1d7caba3-7aba-4c94-a7b2-2115ba46584e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:12.000Z",
"modified": "2022-05-31T10:04:12.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA256 = '84b8bfe8161da581a88c0ac362318827d4c28edb057e23402523d3c93a5b3429']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f81eb9ed-ea9e-439f-8e43-01b177e2c6c7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:12.000Z",
"modified": "2022-05-31T10:04:12.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA1 = '6f1b4ccd2ad5f4787ed78a7b0a304e927e7d9a3c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c636053-eb43-443f-bb35-4e76a145814f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:12.000Z",
"modified": "2022-05-31T10:04:12.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.MD5 = '6e9ff09f5a7daa46cfbfb1cf5707179f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--31571c86-d4b8-44ee-b17b-95e32b7a18bd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:12.000Z",
"modified": "2022-05-31T10:04:12.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA256 = '3a093f2c2cb5ba59197a4c978cfa9687d5778a53ae17c2ce2757d3577a5e7c69']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dcd5f3ba-3e06-4066-99d7-b5bc576c30fd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:12.000Z",
"modified": "2022-05-31T10:04:12.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA1 = '9e0e0582eef9e2e2f38893a06c552d607f835fcc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ea14d28d-c153-4bef-89f5-89c7340eaf47",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:12.000Z",
"modified": "2022-05-31T10:04:12.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.MD5 = 'b0f95350b13b65ae427075fbdf5f7230']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0ee6a53f-5c91-464d-b369-9af985b8c7b4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:12.000Z",
"modified": "2022-05-31T10:04:12.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA256 = '137a3cc8b2ecd98f7d6b787d259e66ca2c1dae968c785d75c7a2fecb4cbbcaf0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--42d09161-45da-4029-ae59-d73192c4871f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:12.000Z",
"modified": "2022-05-31T10:04:12.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA1 = '1a7967c6357269414cfd1f9e1060a8613bc59f7b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--751443c0-2aec-435e-b952-d40bbad25664",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:12.000Z",
"modified": "2022-05-31T10:04:12.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.MD5 = '869de5ac4d3520373a8a2f1a5991d365']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bc24edde-c19b-4024-8366-4324e95069f8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:12.000Z",
"modified": "2022-05-31T10:04:12.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA256 = '9e010a2b43a6b588b95b5281544739833fb0250e8e990a4fe9879459f92367d0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d2ab52fd-74c1-4a18-b893-4701f0d49959",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:12.000Z",
"modified": "2022-05-31T10:04:12.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA1 = '24732b6b00326439dc373df56aff78c9c82d7169']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c1047eab-dfec-41a3-82fa-b2e58eb83c8c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:12.000Z",
"modified": "2022-05-31T10:04:12.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.MD5 = '814019ff0004d54c9b14981ac02752d4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b6530802-1e39-4ff5-ac1a-9536c0269dc7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA256 = '408608c6b6f7299561c04f37ab46ca9c82834428ad0e8d42b16ca5da9b86d62e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f9fbffca-b239-41c1-a036-ff15798f1150",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA1 = '9f596346c9acc09772bc5baf8c4dbc80fbdbf03b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2a0162fe-06d5-4479-9355-14e8ea180648",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.MD5 = '3801a156c01b2d3ab42bc431a5f2fc46']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f33630b7-6708-4714-897c-a3d90cf7e71d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA256 = '6cc33a21417967a1bb3294179ea10aa3d9ee8d945a5ea0f6c44530189344a10a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--382b7e62-f7e3-478d-8af0-70ff5a86c4e3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA1 = '6f43f6e8cb1474a6272f9632487fa1932dfba18c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--64f4cc76-6db4-4535-97b1-70b421cafaf7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.MD5 = '6d6c3cbf2c2a3f106fcffdcbf4c70990']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e75ed34f-f967-48de-89ad-6294a334b962",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA256 = '24b749191d64ed793cb9e540e8d4b1808d6c37c5712e737674417573778f665b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--099008f5-a76a-4c73-a60d-e9a134f0cb02",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA1 = '26062de2657bd2a3c228049af27333d2c46a041b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--84f0d1ca-6e4c-4c7c-9642-f3b402ce872b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.MD5 = '58c734474fc415905c6c9f95783d79b7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--237d5c34-3cbc-40d8-9e35-f9b2387deaf7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA256 = 'a95dfb8a8d03e9bcb50451068773cc1f1dd4b022bb39dce3679f1b3ce70aa4f9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--72311538-df03-41b4-8384-acc9a283f100",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA1 = '1e8bf3c1a05f37857a9e8f7adb773ed9b9af1b8b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--638b3f82-91a9-41ac-a3bc-bb409b46794e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.MD5 = '4ef9466b7ef300ec5fc98257e07efd40']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6c40f614-7c36-4b7f-ac8b-71f4a7e2ff06",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA256 = 'efaa30bef6327ca8123e5443aa831dd7173de8ac9a016aaa2ae878641f85f952']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bb409307-8964-427a-99d8-6f58bb02db07",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA1 = '04951144dc621f5f7ff2d66c8bcb710b77cc3d55']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6d27e083-e8f3-41a1-88f2-2a9c20f3ba15",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.MD5 = '80397808492e12b83e5c9f5467740fd7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d6454a7b-0e66-422e-82e5-3d0d38c3e5e1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA256 = '699bd1babf50a360e0a2ba6b5e0ed2379571ee8356f3f08b09ff8ce434d72696']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--744a72a8-864e-40ff-8543-a05da2c8b55b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA1 = '3c10a0256cc1f0af3c31770314257eb8f994260c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cbfadbc6-c513-4553-aced-339d2018e157",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.MD5 = '09c34b06199eb1cacfbfc159e88e13e4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1cf1b286-5ccb-4729-9430-a0a0369abdc1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA256 = 'd6af2d1df948e2221a4bdaa3dd736dc0646c95d76f1aa1a1d314e5b20185e161']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--68535c67-a7cb-47a4-a8b5-7d6cdece3073",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA1 = '44858761afc0439ba361c90f04ae9719b362d315']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bd267e04-52c7-48e2-87fe-956436e28aef",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.MD5 = '9afe1f1936145a0a2ff1f6b34160c37f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8df2a760-b75b-44b7-b6c7-506802797545",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA256 = '0ecd7741dbdfa0707ccd8613a5ea91e62ab187313dd07d41760c87ed42649793']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--60b26709-3799-4e4b-a1eb-813165f2089f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA1 = 'daacbe773105fd7b0834ed2e3a05ef80275e3c11']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5efda199-96d2-4019-8c87-94dc26cc8efd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.MD5 = 'e8357ac87261f74c5d40e4baa273d3f0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2bb91b0d-845c-4b98-8b66-015ea7d2c0c1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA256 = '2360fa60a1b6e9705bf6b631fcfe53616f37738cf61bc0444ea94ce09c699c7f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2c018ee4-78a9-404d-a65f-eca18340f408",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA1 = '54e9de60e3a5c58fc2f3daadd18a1355350e13ec']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--61dabcff-7c64-4ff8-98f3-51b5f4ce32b9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.MD5 = 'e0592c56ee8f0a2149fd9a8ed3b85f6f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7e858382-2857-43d8-a82d-2bec08d265f2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA256 = 'ffe19202300785f7e745957b48ecc1c108157a6edef6755667a9e7bebcbf750b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d071c804-01bd-4b4d-8605-995410bf403f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA1 = '25d0321df77623c5af6629c357201941d4cd452c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ac2a7092-5565-47ac-9b54-dbbf518f5399",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.MD5 = 'ddf7ed52856f7ab9cb75403c30cc2c2b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--afd9c82e-cac6-4322-857f-8b3873d4284e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA256 = 'd45c1ce5678259755df24bd680316a945515fc1bd916ce1d504f9d27cf9d03e4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--447bec02-13aa-4977-97bf-059797255cc4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA1 = '0f5a74f11c270a02b0c0cc317e0b850c78261b04']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6ac97ec5-4527-40bc-8506-d660350ef1d7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.MD5 = 'a2972cb5228a56a530543f187e33e160']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4952ec1b-7c20-4513-b90f-495a4e8de604",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA256 = '00847787ea6568cfaaa762f4ee333b44f35a34e90858c1c8899144be016510ef']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0d663efd-9cb9-4e91-9874-8bbf83cef779",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.SHA1 = 'd82bc3800396452ee519fbb35f708802fee335af']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c9503e42-0225-4d10-94f9-536fd02f99d9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:13.000Z",
"modified": "2022-05-31T10:04:13.000Z",
"description": "Zupdax",
"pattern": "[file:hashes.MD5 = '41f3e576216bb551a0ab1f3f18e9749d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1ea60445-f7ee-45ca-a493-f7a02977b0cf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '947f042bd07902100dd2f72a15c37e2397d44db4974f4aeb2af709258953636f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--42a519d7-23b7-4432-8e38-0d1c4129c4f2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = '09c29c4d01d25bae31c5a8b29474258dc1e40936']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f4f49faa-2632-4fb6-a3d5-06bed9cc0d2f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = 'a2f2e6cdd27c13d2d2d3a5d15e905bb4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1a5809a0-ab97-4ae2-a2d8-65fc304fe74b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '949cb5d03a7952ce24b15d6fccd44f9ed461513209ad74e6b1efae01879395b1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8b9053a2-3f62-4a52-8eda-d8f9add376ae",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = '55604a258d56931d0e1be05bcbe76f675ed69e6e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--89536fc7-b481-442b-94ee-81d9a0a1ab33",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = '5cce810a04197dc25231c477e7e0b402']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c31e5875-4a02-4978-afff-1b6157d9a64c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '35e36627dbbcb2b6091cc5a75ab26d9e5b0d6f9764bc11eb2851e3ebd3fbfe6e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9cf9258a-b79d-4ef2-8421-9ab2119cfae1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = '415ae82bc0aa94e425009068a239e85a78b8e837']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--34663d08-38a8-4768-bce8-334ec2b34129",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = 'f250cc6ea8b240cfe9eb7e2007656e53']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0277467e-9385-463c-8058-9e71183ab32f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '730b9ee9f031c8c543664ee281c7988467a3c83eabbbde181aa280314a91ba41']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d186bf1b-aefe-4470-bdb8-b892b287c5fb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = '7be81aa01715c78166b8529eb999ec52f01a6367']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fd7ed46e-7617-4500-804a-52330441571a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = '399e655f1544e6c34601d3ee1e99d088']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--489d0c3b-5cff-4bda-ad81-fb3c32e8d49c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '16c2e10b2e3d74732edfae4a4fcc118600e9212162256434f34121fa41eaf108']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fbfc563b-4e1c-4827-9966-13c87b84b784",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = '7f9d53dc8247e68bfc30c2399eb227a9f1aa9dae']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c7ec2580-f91a-4e9a-967e-f932bb53b26b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = '850c1355f713c6f6235863d7245221ea']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ef3ff6b0-6940-4495-9f44-ea0df7f17a20",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = 'b822a4ec46aacb3bb4c22fe5d9298210bfa442118ee05a1532c324a5f847a9e6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--122cf7ed-65a0-4ff4-a61f-e9e017b6768e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = '869bd4d2520e5f2cf1d86e7fa21d0fb9a8fae41b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9f203629-c9fb-41f7-bed3-cbebe50b2763",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = '12c83dc14e08c206725933e7b69e8e66']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9aa62de4-f07b-4c11-8cad-9d94f40bea2d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '192499ad69ec23900f4c0971801e7688f9b5e1dc5d5365d3d77cb9bf14e5fd73']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--09f13c1e-dd0f-4b0d-a292-2727252857e6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = 'c3f82d46c5138ba89e3a8fe5ea80ce3b0d2467c0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--78c5a221-0475-4ee8-a072-cbfeae63fe1f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = '5865679e252c0c9fcfcae4546760f7a5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a43ca87f-a097-4ebb-af20-a37d75fa06bc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '56b9648fd3ffd1bf3cb030cb64c1d983fcd1ee047bb6bd97f32edbe692fa8570']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--91f6ed21-fa01-48a9-aeea-bf4b527d52c0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = 'a8d5e941b04cdd0070fe3218fa1bc04fb1bdd1b4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c9a3d4dd-67a6-415f-903a-c4eba03041f7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = 'a5d85f982d6650b26cccee4741fc3f00']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fb135b17-9718-4ad1-8abd-9953947dcdc8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '0bac8f569df79b5201e353e1063933e52cfb7e34cd092fc441d514d3487f7771']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a8d72b29-0de7-4c54-921f-1e399950b35d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = '64d97ea909a9b14857490724f19b971bb95d641d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--40c00324-f633-4289-a358-69f7b722d15a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = 'cb9617de5bc93949844a3e26e1360aa3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--20f44718-848b-4f5b-8f3d-9d154e0cc052",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '1bab80116fa1f1123553bdaf3048246f8c8a8bb3a71b2a13e87b704e68d10d2b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f1e3566e-e947-4447-a1bf-d7adaf720ced",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = '3f32c341a71a32b6421822f44d4efde30d15421b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3aed1c85-6bba-4c69-b86b-ae8060e5f956",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = 'e26713d8091da1946a158f168342cae9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c7cecdbf-1538-4046-abf3-4abc7863ee27",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '444d376d251911810f3f4b75923313b3726050153d50ad59deff5a0b8b1ada20']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c5b63bf5-9bb0-4ba3-aeee-5bee8da9719d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = '90ff670baddb8bce0444a8a422096461e78fb287']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--34268124-cf14-433e-9b9f-e18c7803221d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = 'bf11b368d610922ac28cd4a9f20bfe97']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cc4b3af7-4432-44e6-8745-5b20435ae2f1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '84eb2efa324eba0c2e06c3b84395e9f5e3f28a3c9b86edd1f813807ba39d9acb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--41c6ff12-ef02-410a-978f-40230b7be557",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = '82c18765ac3a1a2ecf3f258c0912beaf5aedd175']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6a9647d9-00ff-4a44-87fe-00f8d0bde4bf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:48.000Z",
"modified": "2022-05-31T10:04:48.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = 'ddc9174f111e8aa445a71b8eeb0ad490']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3e1d7bac-8422-49ea-8a9c-8dfa2ef0f36a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '14b03ac41b5ef44ca31790fefb23968f2525c3aabfe11e96b9b1ccb6215eb8be']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5e714891-3cb5-40b3-ac76-9932ce8691e0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = 'e5882192901c00d8ac47bd82b7d4565761847e7b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4e8b8175-e251-412f-88b6-c4fda6a9fa80",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = '7b7c21eac0d9a06178a68d73fc5a18a6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6ec20c7b-3f57-416f-83bb-b23c9e54f166",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = 'b1d6ba4d995061a0011cb03cd821aaa79f0a45ba2647885171d473ca1a38c098']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bb4569e1-bff1-4874-819f-7a514de16f2f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = '9f671e338bc9b66e2dd3b7a3c9115723911b8f65']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2a2d91c1-4166-4348-82ca-6408307148bf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = '135f224c2d740b1f1b6f43235e96d3f2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e2deed8b-6a81-48f9-99f1-78539a6c4ff3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '5847c8b8f54c60db939b045d385aba0795880d92b00d28447d7d9293693f622b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9a80f880-e66c-4e06-8699-b62bfa11e785",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = '878b2b8543ee103841cf30af70813b1c27434d71']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ef7ffbfd-f5ae-4960-9364-b92d0ba72f3d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = '10b52c1ccaba52a52c991b05704bb12e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b9739230-23b3-4176-96da-f04d7b7bb294",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '95811d4e3c274f4c2d8f1bf092b9ddc488aa325aabf7c87a2c4877af4ba8bfb7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--70a31194-dccb-490e-bb94-9e46b79f2d87",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = '6b0bebd54877e42f5082e674d07563f527fdd110']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c9bcb38c-fc1f-4807-bc29-1a35512fd8bc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = 'fed14e228ba25fdef9904adaf70c145f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--16f6ec45-22a9-4eb0-885d-8ed9c1cbd7f5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '0712456669e65b2b3e8d1305256992c79213a6dd4fd9128cf3e78ab9bae3cff6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--424ed44a-2f99-44b4-88f7-b30efabf789a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = 'ee6b0845ebaae57f88b262c198fad8cf151f6b85']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f5a8e175-9518-434b-af4a-b968829203a1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = '72571ebddf49e7546f9d5fafc0664e0c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1063756b-0c94-4efd-83fd-efcdbf39659e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '607c92088b7a3256302f69edbfad204cab12bf051a5aac3395130e18ae568dd5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--70d3e7c2-7331-4550-9a0a-9a1fd4ced5e4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = '2452567c5e28f622fa11c8e92f737cd5d8272abf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4ee73875-6903-40dc-ae8b-ec1cddba2fa6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = '3562bd5a94f4e8d62250201e035e1a49']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--36b02708-56ca-4918-95cf-3c49b6e94dc6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = 'd0fb0a0379248cdada356da83cd2ee364e0e58f4ed272d3369fe1d6ca8029679']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f6e7472a-a26f-434e-bcc9-6ad5d8ef4571",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = '96bae22955bd85110c3f0b7de9a71b81c025f76a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d9f4f9ce-a58d-4cae-95d5-0c65ec412c52",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = '8a8425a0a4988fa7e9bf98def23c1ec4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b74ee28f-3dc0-4cb4-bb44-20d6f89b7cee",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = 'a8a16168af9dcdc4b34d8817b430a76275338dbbda32328520a4669dbe56e91b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--07fdc96f-3992-4764-b8c6-26085d77818a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = '57bd45e4afb8cd0d6b5360de6411ae0327812d5f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8146f76f-6b5a-4499-bd68-1ba34c043ba0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = 'a2b245bbb1de4f61dd8c31f391b28605']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f4681046-eb83-4bac-ae49-2cd6779f53a9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '7b7a65c314125692524d588553da7f6ab3179ceb639f677ed1cefe3f1d03f36e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--562eeb34-5e46-4777-a06a-38c50d90fb43",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = 'a97b1e1e0de7f0eab5304d206f4d7131987aca6e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9140476f-706f-4e4f-b455-4226c0f12b6e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = '568594397a24a53ecbbb9c7766194678']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--974beac9-e2f7-49b0-97b0-a7ac6042816a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = 'f6c4c84487bbec5959068e4a8b84e515de4695c794769c3d3080bf5c2bb63d00']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a7fb7228-c964-4c92-9f23-8da6f48e2276",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = '9358b341bc217dcd15599b43d88b157f8a9f4882']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c87f703e-d8f9-4b1c-a4b7-c94195a2b08c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = '05a025736a6fd75f183a04a267cee165']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--82da61b0-928a-4c3f-8e0f-cc2269792353",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '467979d766b7e4a804b2247bbcdde7ef2bbaf15a4497ddb454d77ced72980580']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576235f5-ad18-4ef2-b80d-a8bcd21e15a8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = 'ae021c91c759d087ead95319608326e0ed154cfd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a45a767d-8d4b-48ab-9956-b458241bbcf4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = '78acab8a8d263968c46ef07d8ba98f0a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d5bc2cf0-6bd2-480f-8ba1-1fa3ede4d2a0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '3e57ca992c235b68027cb62740d8e86a3294ac0ebcff4a2683b29bdaec016646']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d25a58cd-79be-455a-bf0d-7270e851346d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = 'aad3241fd23372523528a99f4c18127a3ebbea59']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b442c475-ce6d-40c5-87d8-d994b2db5ca9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = 'a75c81a18e3965b5942e7b1669db16ca']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--213f4196-e6a6-4e19-a0f8-8bc17a30f9d3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = 'c3415bddc506839614cbb7186bfc6643713806de4f5b1c15445e96a644b44bea']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5f900978-03ff-46fa-b43d-afdffb55bed8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = 'e29b263a89217412f45d6c7a0235b19af030755a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8ad1cc62-dec8-488c-ba36-da10531bcfe7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = 'b1f907379148c1e09009cda3cbd3877b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--011bc8b2-00f0-4a83-ab70-2fde03b8f41e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = 'd3a50abae9ab782b293d7e06c7cd518bbcec16df867f2bdcc106dec1e75dc80b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--014006bf-b59c-4c02-83d0-8425231a3033",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = 'a9d64e615171b05a402422056ddfcd250febae93']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ecf3b8c5-30f2-49a6-a601-aa451e6ea7c5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = 'b03192389159b15f5552c82a29c747fe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6644052b-0fef-43af-b5e8-8f9135d4825b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '69863ba336156f4e559364b63a39f16e08ac3a6e3a0fa4ce11486ea16827f772']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8bc77e04-2b3e-4a51-a4cf-3fd70e1c30ef",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = 'ec928047d511286c4db2580045d02ced34b639ea']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--679eea8c-6319-48d3-885a-83711e89e26c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = '27ea69e0233f32d521c7bb1330690731']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0ddc5260-94f4-4bca-aaf2-2a66934cf290",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '50f035100948f72b6f03ccc02f9c6073c9060d6e9c53c563a3fdb1d0c454916e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d3d9cb5a-4ae8-4710-93f7-af42fa843996",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = 'd5ce13a66e8407baec0f447c7fb41d493fd8d73a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cee80ca9-5466-443a-93d2-665bab4d90f3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = '343a9cc37cc9843cf862dd946c7eb714']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5e2ee787-11ed-4eb3-980a-6fcb1062f282",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '6bc77fa21232460c1b0c89000e7d45fe42e7723d075b752359c28a473d8dd1fd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--727df8de-d741-457d-85a0-e82e58442f68",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = '74847db3abdb5b0fd3952bb76018f9346815035a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f3fb441d-2ff2-4af0-8338-692897ea4849",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = '359ae18fbfc16b5b09e0f571d563d8e6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5935d36b-f530-435e-acdb-14b976f4edb0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = '3ccae178d691fc95f6c52264242a39daf4c44813d835eaa051e7558b191d19ee']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--103aaf14-aae4-4b52-89b3-6a1ba845b58e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = '0e40d0424aefa672c18e0500ff940681798f2f02']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aa713d9c-d294-4df5-bdd4-abbeb1da7843",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = '196222b313b6c2ef728695ad5133da06']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3ecc7f9a-b35b-40af-876f-0b00e8bb6956",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA256 = 'a99612370a8407f98746eb0bf60c72393b1b4a23f52e7d7a6896471f85e28834']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--78c0c60e-91f0-42e8-84a9-a3c2d06dea7d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.SHA1 = '757af512d07fc8fe1167750a748dbb9c700f71f1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7d1a11b1-7630-4922-a792-8bdb6d756d57",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T10:04:49.000Z",
"modified": "2022-05-31T10:04:49.000Z",
"description": "MyKLoadClient",
"pattern": "[file:hashes.MD5 = '6b2e4ff182bffe5a22944fa8d2a7d41d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T10:04:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--03cc138b-ae76-458c-b9f6-f97453bed527",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-01T07:38:46.000Z",
"modified": "2022-06-01T07:38:46.000Z",
"labels": [
"misp:type=\"pdb\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
],
"x_misp_category": "Artifacts dropped",
"x_misp_type": "pdb",
"x_misp_value": "d:\\Leee\\515\u8fdc\u7a0b\u6587\u4ef6\\P1Rat_2017_07_28A\\src\\MyLoaderBypassNorton\\Release\\loaderexe.pdb"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--3953fb50-dbe6-445f-9fac-0978abb14446",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-01T07:38:46.000Z",
"modified": "2022-06-01T07:38:46.000Z",
"labels": [
"misp:type=\"pdb\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
],
"x_misp_category": "Artifacts dropped",
"x_misp_type": "pdb",
"x_misp_value": "d:\\Leee\\515\u8fdc\u7a0b\u6587\u4ef6\\P1Rat_2017_07_28A\\src\\MyLoader_bypassKIS\\snake\\res\\SiteAdv.pdb."
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--0b5b61e1-63b5-4976-b296-e1cb0aed4a33",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-01T07:39:22.000Z",
"modified": "2022-06-01T07:39:22.000Z",
"labels": [
"misp:type=\"pdb\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
],
"x_misp_category": "Artifacts dropped",
"x_misp_type": "pdb",
"x_misp_value": "%USERPROFILE%\\Desktop\\Badger\\En-v2\\\u514d\u6740\\MyLoader_bypassKIS\\bin\\loaderdll.pdb"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--f68f0a9d-9818-4a22-b789-7bd973105989",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-01T07:40:44.000Z",
"modified": "2022-06-01T07:40:44.000Z",
"labels": [
"misp:type=\"pdb\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
],
"x_misp_category": "Artifacts dropped",
"x_misp_type": "pdb",
"x_misp_value": "h:\\E\\\u9879\u76ee\u95ee\u9898\\UDPUDP-\u82f1\u6587\\bin\\server.pdb"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--9ead6ce0-9b4a-4191-9aac-7d72ba394a2d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-06-01T07:40:44.000Z",
"modified": "2022-06-01T07:40:44.000Z",
"labels": [
"misp:type=\"pdb\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
],
"x_misp_category": "Artifacts dropped",
"x_misp_type": "pdb",
"x_misp_value": "d:\\\u78c1\u76d8\\E\\\u9879\u76ee\u95ee\u9898\\\u7248\u672c\\UDPUDP-\u82f1\u6587\\bin\\server.pdb"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--81b42b01-1626-4012-bbab-b333c5db9014",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T08:49:34.000Z",
"modified": "2022-05-31T08:49:34.000Z",
"labels": [
"misp:name=\"report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "link",
"value": "https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/space-pirates-tools-and-connections/",
"category": "External analysis",
"uuid": "5ce4f447-0e09-4860-a56c-7592919bc616"
},
{
"type": "text",
"object_relation": "summary",
"value": "At the end of 2019, Positive Technologies Expert Security Center (PT ESC) found a phishing email aimed at a Russian aerospace enterprise. It contained a link to previously unknown malware. Our experts discovered the same malware in 2020 when investigating an information security incident at a Russian government agency. During the investigation, several new malware families using a common network infrastructure were also discovered, some of which had not previously been mentioned in open sources.\r\n\r\nIn the summer of 2021, PT ESC revealed traces of compromise of another Russian aerospace enterprise. The organization was duly informed. As a result of the investigation, we found connections to the same network infrastructure on its computers. Further research made it possible to identify at least two more organizations in Russia, both partially state-owned, that were attacked using the same malware and network infrastructure.\r\n\r\nWe could not unambiguously link the detected malicious activity to any known hacker group, so we gave the attackers a new name\u2014Space Pirates. The reason for the name was the P1Rat string used in the PDB paths, and the targeting of the aerospace industry. This report describes the group's detected activity, the features of the malware it uses, as well as its connection with other APT groups.\r\nGeneral information\r\n\r\nWe assume that Space Pirates has Asian roots, as indicated by the active use of the Chinese language in resources, SFX archives, and paths to PDB files. In addition, the group's toolkit includes the Royal Road RTF (or 8.t) builder (common among hackers of Asian origin) and the PcShare backdoor, and almost all intersections with previously known activity are associated with APT groups in the Asian region.\r\n\r\nThe group began its activity no later than 2017. The main targets of the criminals are espionage and theft of confidential information. Among the victims identified during the threat study are government agencies and IT departments, as well as aerospace and power enterprises in Russia, Georgia, and Mongolia. At least five organizations were attacked in Russia, one in Georgia, and the exact number of victims in Mongolia is unknown.\r\n\r\nSome APT group attacks using malware were also targeted at Chinese financial companies, which suggests a monetary motivation. All potential victims were notified by the respective national CERTs.\r\n\r\nAt least two attacks on Russian organizations can be considered successful. In the first case, the attackers gained access to at least 20 servers on the corporate network, where they remained for about 10 months. During this time, more than 1,500 internal documents were stolen, as well as information about all employee accounts in one of the network domains. In the second case, the attackers managed to gain persistence in the company's network and remain there for more than a year, obtain information about the computers on the network, and install malware on at least 12 corporate nodes in three different regions.\r\n\r\nThe Space Pirates toolkit includes unique downloaders and several backdoors which we have not previously encountered and which are presumably specific to the group: MyKLoadClient, BH_A006, and Deed RAT. The criminals also have access to the Zupdax backdoor: its modern variants use a similar MyKLoadClient execution scheme; however, the code of the backdoor itself dates back to 2010 and cannot be uniquely attributed to the group.\r\n\r\nIn addition, the attackers use well-known malware, such as PlugX, ShadowPad, Poison Ivy, a modified version of PcShare, and the public shell ReVBShell. The dog-tunnel utility is used to tunnel traffic.\r\n\r\nThe main network infrastructure of the group uses a small number of IP addresses indicated by DDNS domains. Interestingly, the attackers use not only third-level domains, but also fourth- and higher-level ones, for example, w.asd3.as.amazon-corp.wikaba.com.\r\n\r\nIn the process of investigating Space Pirates, we found a large number of intersections with previously identified activity, which researchers associate with the following groups: Winnti (APT41), Bronze Union (APT27), TA428, RedFoxtrot, Mustang Panda, and Night Dragon. The reason for this is probably the exchange of tools between groups, which is common practice for APT groups in the Asian region.\r\n\r\nThe connection between the Space Pirates and TA428 groups should be specially noted. As part of another investigation, we observed the activities of both groups on infected computers, which, however, had no intersections in the network infrastructure. During Operation StealthyTrident, described by ESET, the attackers used Tmanger, attributed to TA428, and Zupdax, associated with Space Pirates. The connection with another TA428 malware, in particular Albaniiutas (RemShell), and Zupdax can also be traced in the network infrastructure adjacent to the one mentioned in the ESET report. All this suggests that Space Pirates and TA428 can combine their efforts and share tools, network resources, and access to infected systems.\r\n\r\nThe key connections between the affected organizations, malware families, and fragments of the network infrastructure, as well as public information about the attackers, can be seen in Figure 1. Later in the report, we will give more details about them.",
"category": "Other",
"uuid": "272b6404-0d82-43c7-a310-fc48c34167d9"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--2ab87780-14c5-451c-ab22-d6640deb4850",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:02:27.000Z",
"modified": "2022-05-31T09:02:27.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/gui/file/2e35a1599b58e76167f2235d46840cc973dc49a6f14c0c2a2e91310a2fe2c2dd",
"category": "External analysis",
"comment": "2e35a1599b58e76167f2235d46840cc973dc49a6f14c0c2a2e91310a2fe2c2dd: Enriched via the virustotal module",
"uuid": "0bf8adca-f50c-4881-bdd9-9cddac41ebab"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "0/57",
"category": "Other",
"comment": "2e35a1599b58e76167f2235d46840cc973dc49a6f14c0c2a2e91310a2fe2c2dd: Enriched via the virustotal module",
"uuid": "5b1b9919-78ff-4279-9157-759b894d1bae"
}
],
"x_misp_comment": "2e35a1599b58e76167f2235d46840cc973dc49a6f14c0c2a2e91310a2fe2c2dd: Enriched via the virustotal module",
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ee1a367c-26cd-43aa-b9dd-2f8a3ea79d8a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:02:27.000Z",
"modified": "2022-05-31T09:02:27.000Z",
"description": "2e35a1599b58e76167f2235d46840cc973dc49a6f14c0c2a2e91310a2fe2c2dd: Enriched via the virustotal module",
"pattern": "[file:hashes.MD5 = 'b1aadcb19d49519f4564d6f52c3c8efa' AND file:hashes.SHA1 = 'd80b939d9d46cdff9cf20f6234186a1bf3b963c2' AND file:hashes.SHA256 = '2e35a1599b58e76167f2235d46840cc973dc49a6f14c0c2a2e91310a2fe2c2dd' AND file:hashes.SSDEEP = '768:Kl0E7raH9NpcxR8RQmi4M9u3IgD81BzU8bDHJG5tq9FM:K/G7psR8RQmBku3Id1BoioT5' AND file:x_misp_tlsh = 't175f229573164a4c90d81935f47eaf62ef4eb88f52c385ba79cfd9ff2a1a44800ca518d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:02:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--6f0f8b25-237d-4fcb-b914-653621b4e0bf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:02:47.000Z",
"modified": "2022-05-31T09:02:47.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/gui/file/672d1ec9f27870a9ed4983038e58e8577bacc735d5168d74bcff8d6ed9aa7947",
"category": "External analysis",
"comment": "672d1ec9f27870a9ed4983038e58e8577bacc735d5168d74bcff8d6ed9aa7947: Enriched via the virustotal module",
"uuid": "1b90a2ee-7007-404a-8d33-c1de8bc60809"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "30/68",
"category": "Other",
"comment": "672d1ec9f27870a9ed4983038e58e8577bacc735d5168d74bcff8d6ed9aa7947: Enriched via the virustotal module",
"uuid": "0385d5d0-2dd5-4f95-8d89-d0e3ae52a206"
}
],
"x_misp_comment": "672d1ec9f27870a9ed4983038e58e8577bacc735d5168d74bcff8d6ed9aa7947: Enriched via the virustotal module",
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--f1ea13db-86d5-484b-8f48-f96c1b74bd73",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:05:23.000Z",
"modified": "2022-05-31T09:05:23.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/gui/file/d34b6306aeaaccea3b30dde377701c4a23b861b47f9bda777ca7dc0552f2754f",
"category": "External analysis",
"comment": "d34b6306aeaaccea3b30dde377701c4a23b861b47f9bda777ca7dc0552f2754f: Enriched via the virustotal module",
"uuid": "39431234-ee94-46fc-8ffa-7edc1cbf904f"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "40/68",
"category": "Other",
"comment": "d34b6306aeaaccea3b30dde377701c4a23b861b47f9bda777ca7dc0552f2754f: Enriched via the virustotal module",
"uuid": "cb36850f-17a0-4bea-84a7-178fe065e9b2"
}
],
"x_misp_comment": "d34b6306aeaaccea3b30dde377701c4a23b861b47f9bda777ca7dc0552f2754f: Enriched via the virustotal module",
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--437e1761-ba5c-454f-9ef6-b197930ef918",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:05:23.000Z",
"modified": "2022-05-31T09:05:23.000Z",
"description": "d34b6306aeaaccea3b30dde377701c4a23b861b47f9bda777ca7dc0552f2754f: Enriched via the virustotal module",
"pattern": "[file:hashes.MD5 = '15d973bcaef5f97329f76be89ee26cdd' AND file:hashes.SHA1 = '72881125929a2c445c6cd094fa13607b9cdea95c' AND file:hashes.SHA256 = 'd34b6306aeaaccea3b30dde377701c4a23b861b47f9bda777ca7dc0552f2754f' AND file:hashes.SSDEEP = '1536:Pixtl/JF3yqJCPFmHCeN6PulhXvsW2d09dlhm5GPOd4Cx:PibJr3pJC8CeN6PWhOMfs6Q4C' AND file:hashes.VHASH = '015076655d151515155az42!z' AND file:x_misp_tlsh = 't17b042743a6ec3cdad0398370b7bb83c4d72eec6551a2c61e46d002959e7e5537d22be4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:05:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e7eea1e9-b576-47c2-82c7-ff52ac8b7813",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:05:38.000Z",
"modified": "2022-05-31T09:05:38.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/gui/file/d011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025",
"category": "External analysis",
"comment": "d011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025: Enriched via the virustotal module",
"uuid": "40ee21a7-9a04-4ec0-a5af-7a672f42e363"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "7/57",
"category": "Other",
"comment": "d011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025: Enriched via the virustotal module",
"uuid": "7c2ba27a-a43d-420d-87c7-1a114a2220cb"
}
],
"x_misp_comment": "d011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025: Enriched via the virustotal module",
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6904ad08-6cf6-44c2-b0ae-ddb145be07ee",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2022-05-31T09:05:38.000Z",
"modified": "2022-05-31T09:05:38.000Z",
"description": "d011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025: Enriched via the virustotal module",
"pattern": "[file:hashes.MD5 = '08b419b754122d44b44831384c520b21' AND file:hashes.SHA1 = 'a43edb2221919ac5d52bde498f604164b3c86118' AND file:hashes.SHA256 = 'd011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025' AND file:hashes.SSDEEP = '3072:pq02gisdora1HhYHIrnPLXISm9HVwQ+K2r:pqLgVJHSHIrnPTISmNVwnr' AND file:x_misp_tlsh = 't17fc3f1d4256d20b0e4399579c8c2467bdaf2b44a93b961cf27c909a60f476d1f338bc3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-05-31T09:05:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue View git blame Copy permalink