adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/e6d2f7c9-c183-43c9-bd3c-3dcfbb34665c.json

991 lines
No EOL
41 KiB
JSON
Raw Blame History

{
"type": "bundle",
"id": "bundle--e6d2f7c9-c183-43c9-bd3c-3dcfbb34665c",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:48:11.000Z",
"modified": "2020-12-15T08:48:11.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--e6d2f7c9-c183-43c9-bd3c-3dcfbb34665c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:48:11.000Z",
"modified": "2020-12-15T08:48:11.000Z",
"name": "OSINT Threat Advisory: SolarWinds supply chain attack",
"published": "2020-12-15T08:48:30Z",
"object_refs": [
"indicator--c07901d2-ca25-4986-84c4-f45a3d4f9937",
"indicator--16bb46e1-e3ee-41a5-b1d4-b0adff96a433",
"indicator--432b2d64-6a64-404c-adf6-4bba616cbc7b",
"indicator--c2c90e65-9240-4223-92b1-5cdf29b413e6",
"indicator--b2f7c60c-95e0-41a0-94f6-a07b3aeb7ba3",
"indicator--c8dd6cd6-2013-4ca2-9662-bf47ec8fabe4",
"indicator--35eb0eb7-c945-41f5-85f2-ee28e4b088e6",
"indicator--a576de5e-3459-4748-abf7-e524283a2097",
"indicator--3889ee21-49be-459b-8c01-064532e02b75",
"indicator--00645cce-0a90-454f-bffa-42c82953f638",
"indicator--ea49694a-96f1-430d-b809-e4026a06db8c",
"indicator--ea94b805-134d-45b9-95e7-e35ac94579a7",
"indicator--4494738b-8193-49b7-9765-f594448319fb",
"indicator--b82f53a3-007d-44cc-ae1d-58b717e46126",
"indicator--70aa6792-60ef-41b3-972f-4d3ec5c3f717",
"indicator--cdff90cd-9e2e-4f54-929f-1836956a914c",
"indicator--d760f240-4654-4bb3-8bf5-9d33763e7c0f",
"indicator--ecd50b7b-338a-4e92-8531-6c99094f3de7",
"indicator--aff00f43-175b-4c0f-b347-fc140c8a8e87",
"indicator--64c1e9eb-0647-4333-9a10-f4bca1232aef",
"indicator--d108c2c1-5063-43da-b244-13b578932877",
"indicator--cbe65ce5-1942-493c-a528-d3a84ac0997f",
"indicator--23fe01ed-a5b5-419b-add3-4c69d41e2a96",
"observed-data--2d2d112b-d8d6-4402-b4e7-65e76744e1a1",
"url--2d2d112b-d8d6-4402-b4e7-65e76744e1a1",
"indicator--a20fef59-369c-49a0-8e44-90f88f0b4026",
"x-misp-object--f8629dcd-1aac-4818-a9ab-491c2344c795",
"indicator--094b634a-771e-4086-a212-7d72fb6b3989",
"x-misp-object--3fc73855-0ef4-4a27-8fc5-83b812d489eb",
"indicator--37dbabfb-262e-4835-889e-2e5595f7c0e4",
"x-misp-object--1b572e2c-d1ce-4cdf-a083-130a37e2db24",
"indicator--15a9eca3-03a5-49b3-ba45-63f381932aad",
"x-misp-object--1f475208-7094-488e-805e-9c3fdc643171",
"indicator--2daa2208-4a80-4d53-9e40-43714e196dc2",
"x-misp-object--3e830e40-5537-4262-8890-6662846770c8",
"relationship--55a1c5cc-d234-40fc-add7-a5febdf9dd36",
"relationship--388e41d1-60be-4d69-b5b1-d6a2e180a2e0",
"relationship--a3aeac8a-ea4e-4927-b04b-300ec5a51272",
"relationship--7086e68d-b679-4165-a54b-e8562557ce47",
"relationship--9ab6ca70-556e-4511-af56-cf23913f0d89"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c07901d2-ca25-4986-84c4-f45a3d4f9937",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:20.000Z",
"modified": "2020-12-15T08:16:20.000Z",
"pattern": "[domain-name:value = 'avsvmcloud.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--16bb46e1-e3ee-41a5-b1d4-b0adff96a433",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:20.000Z",
"modified": "2020-12-15T08:16:20.000Z",
"pattern": "[domain-name:value = 'zupertech.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--432b2d64-6a64-404c-adf6-4bba616cbc7b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:20.000Z",
"modified": "2020-12-15T08:16:20.000Z",
"pattern": "[domain-name:value = 'panhardware.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c2c90e65-9240-4223-92b1-5cdf29b413e6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:20.000Z",
"modified": "2020-12-15T08:16:20.000Z",
"pattern": "[domain-name:value = 'databasegalore.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b2f7c60c-95e0-41a0-94f6-a07b3aeb7ba3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:20.000Z",
"modified": "2020-12-15T08:16:20.000Z",
"pattern": "[domain-name:value = 'incomeupdate.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c8dd6cd6-2013-4ca2-9662-bf47ec8fabe4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:20.000Z",
"modified": "2020-12-15T08:16:20.000Z",
"pattern": "[domain-name:value = 'highdatabase.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--35eb0eb7-c945-41f5-85f2-ee28e4b088e6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:20.000Z",
"modified": "2020-12-15T08:16:20.000Z",
"pattern": "[domain-name:value = 'websitetheme.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a576de5e-3459-4748-abf7-e524283a2097",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:20.000Z",
"modified": "2020-12-15T08:16:20.000Z",
"pattern": "[domain-name:value = 'freescanonline.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3889ee21-49be-459b-8c01-064532e02b75",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:20.000Z",
"modified": "2020-12-15T08:16:20.000Z",
"pattern": "[domain-name:value = 'virtualdataserver.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--00645cce-0a90-454f-bffa-42c82953f638",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:20.000Z",
"modified": "2020-12-15T08:16:20.000Z",
"pattern": "[domain-name:value = 'deftsecurity.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ea49694a-96f1-430d-b809-e4026a06db8c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:20.000Z",
"modified": "2020-12-15T08:16:20.000Z",
"pattern": "[domain-name:value = 'thedoccloud.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ea94b805-134d-45b9-95e7-e35ac94579a7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:20.000Z",
"modified": "2020-12-15T08:16:20.000Z",
"pattern": "[domain-name:value = 'digitalcollege.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4494738b-8193-49b7-9765-f594448319fb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:20.000Z",
"modified": "2020-12-15T08:16:20.000Z",
"pattern": "[domain-name:value = 'globalnetworkissues.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b82f53a3-007d-44cc-ae1d-58b717e46126",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:20.000Z",
"modified": "2020-12-15T08:16:20.000Z",
"pattern": "[domain-name:value = 'seobundlekit.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--70aa6792-60ef-41b3-972f-4d3ec5c3f717",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:20.000Z",
"modified": "2020-12-15T08:16:20.000Z",
"pattern": "[domain-name:value = 'virtualwebdata.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cdff90cd-9e2e-4f54-929f-1836956a914c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:35.000Z",
"modified": "2020-12-15T08:16:35.000Z",
"pattern": "[file:hashes.SHA256 = '019085a76ba7126fff22770d71bd901c325fc68ac55aa743327984e89f4b0134']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d760f240-4654-4bb3-8bf5-9d33763e7c0f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:35.000Z",
"modified": "2020-12-15T08:16:35.000Z",
"pattern": "[file:hashes.SHA256 = '32519b85c0b422e4656de6e6c41878e95fd95026267daab4215ee59c107d6c77']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ecd50b7b-338a-4e92-8531-6c99094f3de7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:35.000Z",
"modified": "2020-12-15T08:16:35.000Z",
"pattern": "[file:hashes.SHA256 = 'ac1b2b89e60707a20e9eb1ca480bc3410ead40643b386d624c5d21b47c02917c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aff00f43-175b-4c0f-b347-fc140c8a8e87",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:35.000Z",
"modified": "2020-12-15T08:16:35.000Z",
"pattern": "[file:hashes.SHA256 = 'c09040d35630d75dfef0f804f320f8b3d16a481071076918e9b236a321c1ea77']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--64c1e9eb-0647-4333-9a10-f4bca1232aef",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:35.000Z",
"modified": "2020-12-15T08:16:35.000Z",
"pattern": "[file:hashes.SHA256 = 'c15abaf51e78ca56c0376522d699c978217bf041a3bd3c71d09193efa5717c71']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d108c2c1-5063-43da-b244-13b578932877",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:35.000Z",
"modified": "2020-12-15T08:16:35.000Z",
"pattern": "[file:hashes.SHA256 = 'ce77d116a074dab7a22a0fd4f2c1ab475f16eec42e1ded3c0b0aa8211fe858d6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cbe65ce5-1942-493c-a528-d3a84ac0997f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:35.000Z",
"modified": "2020-12-15T08:16:35.000Z",
"pattern": "[file:hashes.SHA256 = 'd0d626deb3f9484e649294a8dfa814c5568f846d5aa02d4cdad5d041a29d5600']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--23fe01ed-a5b5-419b-add3-4c69d41e2a96",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:16:35.000Z",
"modified": "2020-12-15T08:16:35.000Z",
"pattern": "[file:hashes.SHA256 = 'dab758bf98d9b36fa057a66cd0284737abf89857b73ca89280267ee7caf62f3b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:16:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--2d2d112b-d8d6-4402-b4e7-65e76744e1a1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:17:01.000Z",
"modified": "2020-12-15T08:17:01.000Z",
"first_observed": "2020-12-15T08:17:01Z",
"last_observed": "2020-12-15T08:17:01Z",
"number_observed": 1,
"object_refs": [
"url--2d2d112b-d8d6-4402-b4e7-65e76744e1a1"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--2d2d112b-d8d6-4402-b4e7-65e76744e1a1",
"value": "https://blog.talosintelligence.com/2020/12/solarwinds-supplychain-coverage.html"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a20fef59-369c-49a0-8e44-90f88f0b4026",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:18:26.000Z",
"modified": "2020-12-15T08:18:26.000Z",
"pattern": "[file:hashes.MD5 = '02af7cec58b9a5da1c542b5a32151ba1' AND file:hashes.SHA1 = '1b476f58ca366b54f34d714ffce3fd73cc30db1a' AND file:hashes.SHA256 = 'd0d626deb3f9484e649294a8dfa814c5568f846d5aa02d4cdad5d041a29d5600']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:18:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--f8629dcd-1aac-4818-a9ab-491c2344c795",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:18:26.000Z",
"modified": "2020-12-15T08:18:26.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2020-12-15T08:08:23+00:00",
"category": "Other",
"uuid": "4b114d22-6e88-4edd-a380-447c957f6b00"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/gui/file/d0d626deb3f9484e649294a8dfa814c5568f846d5aa02d4cdad5d041a29d5600/detection/f-d0d626deb3f9484e649294a8dfa814c5568f846d5aa02d4cdad5d041a29d5600-1608019703",
"category": "Payload delivery",
"uuid": "3cc15b9f-7b5d-4772-947e-21f2deab16d6"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "6/48",
"category": "Payload delivery",
"uuid": "b0daaf8c-4ba1-464b-9dbe-e23adf6bbc9a"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--094b634a-771e-4086-a212-7d72fb6b3989",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:18:26.000Z",
"modified": "2020-12-15T08:18:26.000Z",
"pattern": "[file:hashes.MD5 = '2c4a910a1299cdae2a4e55988a2f102e' AND file:hashes.SHA1 = '2f1a5a7411d015d01aaee4535835400191645023' AND file:hashes.SHA256 = '019085a76ba7126fff22770d71bd901c325fc68ac55aa743327984e89f4b0134']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:18:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--3fc73855-0ef4-4a27-8fc5-83b812d489eb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:18:26.000Z",
"modified": "2020-12-15T08:18:26.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2020-12-15T08:07:29+00:00",
"category": "Other",
"uuid": "aabd4c40-51c2-44db-aff9-e22d42ff8073"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/gui/file/019085a76ba7126fff22770d71bd901c325fc68ac55aa743327984e89f4b0134/detection/f-019085a76ba7126fff22770d71bd901c325fc68ac55aa743327984e89f4b0134-1608019649",
"category": "Payload delivery",
"uuid": "2bd19d5b-2579-46b2-83e2-802aeb053746"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "38/69",
"category": "Payload delivery",
"uuid": "49603f27-23c5-47da-8b0c-d467bfaec90d"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--37dbabfb-262e-4835-889e-2e5595f7c0e4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:18:26.000Z",
"modified": "2020-12-15T08:18:26.000Z",
"pattern": "[file:hashes.MD5 = '56ceb6d0011d87b6e4d7023d7ef85676' AND file:hashes.SHA1 = '75af292f34789a1c782ea36c7127bf6106f595e8' AND file:hashes.SHA256 = 'c15abaf51e78ca56c0376522d699c978217bf041a3bd3c71d09193efa5717c71']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:18:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--1b572e2c-d1ce-4cdf-a083-130a37e2db24",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:18:26.000Z",
"modified": "2020-12-15T08:18:26.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2020-12-15T08:02:48+00:00",
"category": "Other",
"uuid": "6cc5b161-ca94-401a-ac7e-c88c80c83535"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/gui/file/c15abaf51e78ca56c0376522d699c978217bf041a3bd3c71d09193efa5717c71/detection/f-c15abaf51e78ca56c0376522d699c978217bf041a3bd3c71d09193efa5717c71-1608019368",
"category": "Payload delivery",
"uuid": "9e33a77b-2ac6-4575-89ff-6a8b4267ed01"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "39/68",
"category": "Payload delivery",
"uuid": "8aa4bec2-67e3-4f3b-979e-6ddc36335eeb"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--15a9eca3-03a5-49b3-ba45-63f381932aad",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:18:26.000Z",
"modified": "2020-12-15T08:18:26.000Z",
"pattern": "[file:hashes.MD5 = 'b91ce2fa41029f6955bff20079468448' AND file:hashes.SHA1 = '76640508b1e7759e548771a5359eaed353bf1eec' AND file:hashes.SHA256 = '32519b85c0b422e4656de6e6c41878e95fd95026267daab4215ee59c107d6c77']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:18:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--1f475208-7094-488e-805e-9c3fdc643171",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:18:26.000Z",
"modified": "2020-12-15T08:18:26.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2020-12-15T08:06:06+00:00",
"category": "Other",
"uuid": "9f9f7467-bb1e-487e-a310-a356bbbba48c"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/gui/file/32519b85c0b422e4656de6e6c41878e95fd95026267daab4215ee59c107d6c77/detection/f-32519b85c0b422e4656de6e6c41878e95fd95026267daab4215ee59c107d6c77-1608019566",
"category": "Payload delivery",
"uuid": "adaee742-60b7-4662-92b3-54c2ac7f0aa0"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "36/66",
"category": "Payload delivery",
"uuid": "6ac308e3-251a-40b6-9cd9-b0611bdfa5ab"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2daa2208-4a80-4d53-9e40-43714e196dc2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:18:26.000Z",
"modified": "2020-12-15T08:18:26.000Z",
"pattern": "[file:hashes.MD5 = '846e27a652a5e1bfbd0ddd38a16dc865' AND file:hashes.SHA1 = 'd130bd75645c2433f88ac03e73395fba172ef676' AND file:hashes.SHA256 = 'ce77d116a074dab7a22a0fd4f2c1ab475f16eec42e1ded3c0b0aa8211fe858d6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-12-15T08:18:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--3e830e40-5537-4262-8890-6662846770c8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-12-15T08:18:26.000Z",
"modified": "2020-12-15T08:18:26.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2020-12-15T08:11:50+00:00",
"category": "Other",
"uuid": "21cb4f65-7f18-4e2e-b9b7-c504ccb796c4"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/gui/file/ce77d116a074dab7a22a0fd4f2c1ab475f16eec42e1ded3c0b0aa8211fe858d6/detection/f-ce77d116a074dab7a22a0fd4f2c1ab475f16eec42e1ded3c0b0aa8211fe858d6-1608019910",
"category": "Payload delivery",
"uuid": "47343bb3-e08d-48d2-b02d-e505db8558d9"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "38/70",
"category": "Payload delivery",
"uuid": "b9305874-956b-4547-b2e2-75b94c05d537"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--55a1c5cc-d234-40fc-add7-a5febdf9dd36",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--a20fef59-369c-49a0-8e44-90f88f0b4026",
"target_ref": "x-misp-object--f8629dcd-1aac-4818-a9ab-491c2344c795"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--388e41d1-60be-4d69-b5b1-d6a2e180a2e0",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--094b634a-771e-4086-a212-7d72fb6b3989",
"target_ref": "x-misp-object--3fc73855-0ef4-4a27-8fc5-83b812d489eb"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--a3aeac8a-ea4e-4927-b04b-300ec5a51272",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--37dbabfb-262e-4835-889e-2e5595f7c0e4",
"target_ref": "x-misp-object--1b572e2c-d1ce-4cdf-a083-130a37e2db24"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--7086e68d-b679-4165-a54b-e8562557ce47",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--15a9eca3-03a5-49b3-ba45-63f381932aad",
"target_ref": "x-misp-object--1f475208-7094-488e-805e-9c3fdc643171"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--9ab6ca70-556e-4511-af56-cf23913f0d89",
"created": "1970-01-01T00:00:00.000Z",
"modified": "1970-01-01T00:00:00.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--2daa2208-4a80-4d53-9e40-43714e196dc2",
"target_ref": "x-misp-object--3e830e40-5537-4262-8890-6662846770c8"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue View git blame Copy permalink