4237 lines
No EOL
186 KiB
JSON
4237 lines
No EOL
186 KiB
JSON
{
|
|
"type": "bundle",
|
|
"id": "bundle--5cacb081-1854-4035-acbc-4096950d210f",
|
|
"objects": [
|
|
{
|
|
"type": "identity",
|
|
"spec_version": "2.1",
|
|
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:34.000Z",
|
|
"modified": "2019-04-09T14:53:34.000Z",
|
|
"name": "CIRCL",
|
|
"identity_class": "organization"
|
|
},
|
|
{
|
|
"type": "report",
|
|
"spec_version": "2.1",
|
|
"id": "report--5cacb081-1854-4035-acbc-4096950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:34.000Z",
|
|
"modified": "2019-04-09T14:53:34.000Z",
|
|
"name": "OSINT - Mirai Compiled for New Processors Surfaces in the Wild",
|
|
"published": "2019-04-09T14:54:04Z",
|
|
"object_refs": [
|
|
"indicator--5cacb092-2ab0-4c03-9b7e-427d950d210f",
|
|
"indicator--5cacb092-eae8-477b-8bfd-44eb950d210f",
|
|
"indicator--5cacb092-8b44-4727-a24b-4f37950d210f",
|
|
"indicator--5cacb092-dfd8-4b5d-a111-4cb6950d210f",
|
|
"indicator--5cacb092-5308-44b2-b3d7-4fce950d210f",
|
|
"indicator--5cacb092-e640-44c3-8a4c-4d74950d210f",
|
|
"indicator--5cacb092-0e8c-47c6-9c76-43ae950d210f",
|
|
"indicator--5cacb0a0-da90-4388-8e3a-4629950d210f",
|
|
"indicator--5cacb0a0-55e4-459d-b37f-49d8950d210f",
|
|
"indicator--5cacb0a0-0004-4e31-ad5f-4829950d210f",
|
|
"indicator--5cacb0a0-d83c-414d-b500-4ccc950d210f",
|
|
"indicator--5cacb0a0-0580-43b0-9646-4723950d210f",
|
|
"indicator--5cacb0a0-5dbc-4d80-b9a3-48b5950d210f",
|
|
"indicator--5cacb0a0-461c-4f4b-8908-4ec1950d210f",
|
|
"indicator--5cacb0a0-00c8-43ec-af2e-4022950d210f",
|
|
"indicator--5cacb0af-3dec-451d-a56a-4c90950d210f",
|
|
"indicator--5cacb0af-f534-484b-b714-4072950d210f",
|
|
"indicator--5cacb0af-3384-4735-beef-4d84950d210f",
|
|
"indicator--5cacb0af-823c-4fa5-b5c3-4637950d210f",
|
|
"indicator--5cacb0af-3518-4f11-b865-4fae950d210f",
|
|
"indicator--5cacb0af-daec-4e16-b566-445c950d210f",
|
|
"indicator--5cacb0af-fd54-474b-b2a5-486a950d210f",
|
|
"indicator--5cacb0af-89b4-47cd-81b9-4180950d210f",
|
|
"indicator--5cacb0af-7854-48cf-a3ce-4d00950d210f",
|
|
"indicator--5cacb0af-233c-4797-b963-4c10950d210f",
|
|
"indicator--5cacb0af-569c-4e62-8740-4833950d210f",
|
|
"indicator--5cacb0af-a4f0-4040-ba9c-4816950d210f",
|
|
"indicator--5cacb0af-729c-4027-818f-4c88950d210f",
|
|
"indicator--5cacb0af-16a0-4006-bfac-4e6e950d210f",
|
|
"indicator--5cacb0c0-cc98-4ca4-a94f-484a950d210f",
|
|
"indicator--5cacb0c0-cbc0-473c-a8ba-4c37950d210f",
|
|
"indicator--5cacb0c0-dc38-4436-9c13-42e7950d210f",
|
|
"indicator--5cacb0c0-9148-4f8d-a324-4aae950d210f",
|
|
"indicator--5cacb0c0-5274-4f59-86ea-4bba950d210f",
|
|
"indicator--5cacb0c0-a2e0-4e05-9f43-46eb950d210f",
|
|
"indicator--5cacb0c0-bed0-4c8e-a3b5-4fe7950d210f",
|
|
"indicator--5cacb0c0-0dac-42be-bc13-410f950d210f",
|
|
"indicator--5cacb0c0-7ee8-418b-92fb-4304950d210f",
|
|
"indicator--5cacb0c0-1928-474d-ad59-40d2950d210f",
|
|
"indicator--5cacb0c0-84ec-47d4-9eec-4c10950d210f",
|
|
"indicator--5cacb0c0-c5b8-4b62-bd40-43de950d210f",
|
|
"indicator--5cacb0c0-9e54-45a4-a8ce-49be950d210f",
|
|
"indicator--5cacb0c0-3704-471e-99fe-43aa950d210f",
|
|
"indicator--5cacb0c0-a3f4-4e70-bc39-4db1950d210f",
|
|
"indicator--5cacb0c0-9b08-4cf0-ad80-4144950d210f",
|
|
"indicator--5cacb0c0-63a8-4643-bbc1-4a91950d210f",
|
|
"indicator--5cacb0c0-1af4-4984-aa83-4b10950d210f",
|
|
"indicator--5cacb0c0-d36c-4c49-9f3b-4300950d210f",
|
|
"indicator--5cacb0c0-2d9c-43cb-91cf-429b950d210f",
|
|
"indicator--5cacb0e1-0414-411b-b1ac-4c92950d210f",
|
|
"indicator--5cacb0e1-85bc-4131-95e0-4779950d210f",
|
|
"indicator--5cacb0e1-786c-4147-b142-4bef950d210f",
|
|
"indicator--5cacb0e1-6158-48f4-8fa7-4af9950d210f",
|
|
"indicator--5cacb0e1-31a8-4b18-b798-489b950d210f",
|
|
"observed-data--5cacb113-90c0-483e-ad66-449a950d210f",
|
|
"url--5cacb113-90c0-483e-ad66-449a950d210f",
|
|
"x-misp-attribute--5cacb123-ac18-4214-86b8-48ca950d210f",
|
|
"vulnerability--5cacb17c-a0f0-4063-b721-1fd6950d210f",
|
|
"vulnerability--5cacb17c-8378-43b1-a6dd-1fd6950d210f",
|
|
"indicator--5cacb19b-aa84-4b1e-a70d-44a6950d210f",
|
|
"indicator--4d6e3fee-7c21-49c4-ae5f-9cc8c2a51e0f",
|
|
"x-misp-object--3c8f723c-33a7-49c2-93ba-1e85d049c50c",
|
|
"indicator--f7d995da-6b74-46bd-a3bd-b216173f7ecd",
|
|
"x-misp-object--08d445db-073c-4725-b822-4dc12152dc6d",
|
|
"indicator--30d18426-8b6c-4bd7-9dbe-fe48578c0858",
|
|
"x-misp-object--b65f158d-86b3-46ea-8e90-5aff73b83607",
|
|
"indicator--b193159a-ffa2-487b-95c4-0d8243f8ad9c",
|
|
"x-misp-object--032474ca-6510-4dde-8ed2-b9da5050112e",
|
|
"indicator--71263d1f-4ce5-4dfd-8b98-22edc46918aa",
|
|
"x-misp-object--5d7e98f1-3719-4c81-9fa8-0e8c5d58cc7a",
|
|
"indicator--f520e3f7-1da0-4457-8f67-3515a31174bc",
|
|
"x-misp-object--7fd6de13-43fb-46d7-a71c-3d7df2cb0667",
|
|
"indicator--6a5f7378-218c-4ea3-a54d-c5767472ddb1",
|
|
"x-misp-object--b8d2d6ad-e5e3-42a5-b950-1046b821f68f",
|
|
"indicator--ccaa3b0c-b5e6-4536-9606-b56b08602015",
|
|
"x-misp-object--298cf9d4-5927-4a83-abf4-b195c0b926a7",
|
|
"indicator--e431dfa4-ace9-4c86-8348-47f0c41d5424",
|
|
"x-misp-object--36cb190d-e9c4-4a68-a628-a79c96323f5a",
|
|
"indicator--eaa5e596-0f6d-4ce1-aa4f-602720bd37ea",
|
|
"x-misp-object--fe27f62d-2cb0-4d56-a1ea-30eebcf27b8a",
|
|
"indicator--6d039067-955e-4e72-a631-e049cf35a77f",
|
|
"x-misp-object--5349f3ce-b5d8-47d3-b28a-f01f5ca628d8",
|
|
"indicator--906f4543-dd5e-40cb-83f5-6a30ad65a3bb",
|
|
"x-misp-object--57817aa5-8715-40b2-9f08-795fff3f197c",
|
|
"indicator--6e8a1137-4eeb-42f5-8b5b-30d6b8f325ef",
|
|
"x-misp-object--b002923b-f027-4427-a79e-2802833d564d",
|
|
"indicator--ba07517c-15ac-49e5-b2b6-c6bcc1573288",
|
|
"x-misp-object--bd8d81c1-a0c1-46cc-b8e0-d6742f9b5bbb",
|
|
"indicator--6360d4f6-e24c-4cce-869a-24ccd7f9c129",
|
|
"x-misp-object--bc7587c2-e369-4c0c-b2d2-b05a4210bcf3",
|
|
"indicator--4416ae3a-0659-4f4e-bc6e-5cff3da3130d",
|
|
"x-misp-object--8bb6ab5a-d092-4bd3-8039-db1c1610653c",
|
|
"indicator--382a6691-5e36-4d86-b0d8-5a04e43342fc",
|
|
"x-misp-object--6ef3df89-54b3-4737-a303-bfd64e0ace0d",
|
|
"indicator--6216369c-87cb-453b-931f-83a18954a135",
|
|
"x-misp-object--4ec12cbe-898c-4ccc-8775-28e4e121d5db",
|
|
"indicator--d8c1ba83-dbd0-4daa-9a16-4dc2465eab8a",
|
|
"x-misp-object--92650226-7b52-4e62-be35-e3127a417cf0",
|
|
"indicator--a4923d2f-c6ba-4228-883c-d93835435f9a",
|
|
"x-misp-object--4ab686a6-fb66-492d-9bb1-487d10f99d09",
|
|
"indicator--b7a2d065-ed7c-41c8-a2f9-e066c92afe89",
|
|
"x-misp-object--ba0f4453-12d4-492f-90d2-b61e08f8e2d4",
|
|
"indicator--b21504d6-8f09-420e-8dd4-4156c9fe6c4c",
|
|
"x-misp-object--02c8cf93-3806-4e09-a801-830a0db3abf6",
|
|
"indicator--37d88da7-8284-4bc6-9a6f-2cd49c1971cd",
|
|
"x-misp-object--21b4521f-74e3-4b6d-90df-c30faad750de",
|
|
"indicator--ceeb65b8-0b04-4166-b355-252b12391f98",
|
|
"x-misp-object--657d45df-b4ba-4dd2-8762-43a8fd4487bf",
|
|
"indicator--98ce3838-810e-49a0-a73c-2255aceb0b23",
|
|
"x-misp-object--4304fa8d-bcc3-4596-b45b-92a1084f6e80",
|
|
"indicator--8f46177b-5fad-4dff-bfe2-a64700c10f7a",
|
|
"x-misp-object--6aa42e4d-4b31-4f21-a7c4-c7c2fb0a8c16",
|
|
"indicator--0a1c567d-90f2-4bc1-b0b8-0f863fbd1a96",
|
|
"x-misp-object--8d50aae1-1b2e-40ae-a3ca-c8f5280b0097",
|
|
"indicator--9aa1e457-864e-45d3-8efb-3f767f69c7fe",
|
|
"x-misp-object--676eeeaa-4548-47d8-9cb3-d5c7d0662245",
|
|
"indicator--5ef45cc5-87ac-40c8-9769-90aeee950b48",
|
|
"x-misp-object--3c601fd8-25f7-472c-aafb-61246bf050ab",
|
|
"indicator--4bd0f4ab-1dd2-47c1-bc9e-cc984e224ed3",
|
|
"x-misp-object--a14d1157-bb64-44aa-9a5d-4b078c397453",
|
|
"indicator--7265f4d8-423f-4089-b8bf-61154434bbec",
|
|
"x-misp-object--108baa35-aecc-436f-b100-d49c28ba513e",
|
|
"indicator--48e16861-6796-4e02-88a7-79c2d7858609",
|
|
"x-misp-object--0878ecdd-7b9e-44ad-b533-7a494082d77d",
|
|
"indicator--2bc22de4-2a0d-4cb2-a9b3-eb4daec315b0",
|
|
"x-misp-object--9c207223-e112-4cf8-8ee7-6a1d559a8423",
|
|
"indicator--fa5e7f90-245b-4742-b7d0-2394fec51c85",
|
|
"x-misp-object--73e039e4-7edb-4e20-a441-91746475ea90",
|
|
"indicator--03c14a71-6d63-4b20-a22d-f00e5edce6c0",
|
|
"x-misp-object--6cfcd770-a39a-4100-aa77-114a93d0d742",
|
|
"indicator--b4ff969b-0790-4864-a6aa-4ee7b041f432",
|
|
"x-misp-object--c98512db-97ea-4c11-ad77-ac0cda300412",
|
|
"relationship--512bcfa7-c9bb-43ba-a5db-ac8ae562981b",
|
|
"relationship--aafda201-678d-4001-bfb1-e557f687c7fd",
|
|
"relationship--e2a2d5d3-519e-4573-bbec-8bb73198c70d",
|
|
"relationship--d063165c-6759-42ba-a82f-39d6ab23f02c",
|
|
"relationship--bc55216c-24c9-4400-9cde-a1ad3f387c62",
|
|
"relationship--24c9fa3f-14f8-4587-9ccb-bad70a50c862",
|
|
"relationship--9de54a49-0c01-4242-bf8a-443218e74e0b",
|
|
"relationship--4b52c143-249a-44a8-8c83-c0f186309a98",
|
|
"relationship--3c2e0a74-7140-4c7d-9d77-7be6f369d645",
|
|
"relationship--956d73f0-eb89-45d6-8904-fd1ba8f4ef7a",
|
|
"relationship--7a7c101c-b957-4c97-8d4a-ef48bf56abb9",
|
|
"relationship--e9247b6d-de78-4646-b709-4826e986e5ff",
|
|
"relationship--72e761a7-6c70-4b3f-bd8d-d545a93f20f9",
|
|
"relationship--bd763070-288d-4aac-a559-c8f168128135",
|
|
"relationship--5c557354-e380-4fb9-a6a3-e8520767269e",
|
|
"relationship--c6d0c2be-a171-4167-9d68-0ff6bce6f63f",
|
|
"relationship--65550271-ac81-4e34-9978-e6c296e2c89f",
|
|
"relationship--1598145c-89a5-44a8-ad6c-0aab78c6befe",
|
|
"relationship--4fa96f50-16cf-4f78-9413-5da43eee5c9f",
|
|
"relationship--71d59337-47fc-4bc4-9b46-407553979c3d",
|
|
"relationship--d963416c-91f4-4082-b9f3-78e8d70cbebf",
|
|
"relationship--b2a14cc4-1b50-4bd6-859b-f615440fc9c2",
|
|
"relationship--dd6db69f-48a0-42c7-a8a5-87bfd56589db",
|
|
"relationship--101a536d-1940-41a3-99e0-4c6e69c998b2",
|
|
"relationship--eea155b2-4b93-4660-9beb-58d17160b6f9",
|
|
"relationship--6d2cc2b5-dd79-4f63-9154-3989c13ca301",
|
|
"relationship--f33136bc-da65-4f3a-865e-6759021798d2",
|
|
"relationship--6d4fc511-adaf-4965-a86e-30e42962c999",
|
|
"relationship--5c466d02-0b9d-4310-b03c-1288977ea9bb",
|
|
"relationship--3afe6c55-9fa5-49fc-88ca-6a89c4511c4a",
|
|
"relationship--5c111962-fc68-48eb-8e66-4b0ba67a68f2",
|
|
"relationship--198650a4-310a-4040-8c53-d79723a50d47",
|
|
"relationship--e3e00dc1-3f05-4fc7-8a11-242d70f712e6",
|
|
"relationship--4062e539-668b-42f8-8592-081ba23b413f",
|
|
"relationship--c7bb5dc2-227c-47e8-a942-dc0f92235e50",
|
|
"relationship--c0d06b43-1c64-42b1-9eee-aa549faf1ed0"
|
|
],
|
|
"labels": [
|
|
"Threat-Report",
|
|
"misp:tool=\"MISP-STIX-Converter\"",
|
|
"type:OSINT",
|
|
"osint:lifetime=\"perpetual\"",
|
|
"osint:certainty=\"50\"",
|
|
"misp-galaxy:botnet=\"Mirai\"",
|
|
"misp-galaxy:malpedia=\"Mirai\""
|
|
],
|
|
"object_marking_refs": [
|
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb092-2ab0-4c03-9b7e-427d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:47:46.000Z",
|
|
"modified": "2019-04-09T14:47:46.000Z",
|
|
"description": "Altera Nios II Samples",
|
|
"pattern": "[file:hashes.SHA256 = '0c35f2902d92ef4f46e4643d11c46bde57027bb14e2b75c027a50fe7efc4f358']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:47:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb092-eae8-477b-8bfd-44eb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:47:46.000Z",
|
|
"modified": "2019-04-09T14:47:46.000Z",
|
|
"description": "Altera Nios II Samples",
|
|
"pattern": "[file:hashes.SHA256 = '3446c2ed11a6a5e02702afd5f7082eb435b2922096443cabd45d54b5b7582cc1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:47:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb092-8b44-4727-a24b-4f37950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:47:46.000Z",
|
|
"modified": "2019-04-09T14:47:46.000Z",
|
|
"description": "Altera Nios II Samples",
|
|
"pattern": "[file:hashes.SHA256 = '48c760ba6b6a29e2a90bdb88bf96486c158f2b47ee9e1c560a47071e39bb5e87']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:47:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb092-dfd8-4b5d-a111-4cb6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:47:46.000Z",
|
|
"modified": "2019-04-09T14:47:46.000Z",
|
|
"description": "Altera Nios II Samples",
|
|
"pattern": "[file:hashes.SHA256 = '5876c9ac609ece0e051c57b380489490bc78e40c796b637af1e80adbdb9f70dc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:47:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb092-5308-44b2-b3d7-4fce950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:47:46.000Z",
|
|
"modified": "2019-04-09T14:47:46.000Z",
|
|
"description": "Altera Nios II Samples",
|
|
"pattern": "[file:hashes.SHA256 = 'a457090fb6df8cb93c91ec6b5d89927f7a6f9e247389d945d44731351a367b4e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:47:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb092-e640-44c3-8a4c-4d74950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:47:46.000Z",
|
|
"modified": "2019-04-09T14:47:46.000Z",
|
|
"description": "Altera Nios II Samples",
|
|
"pattern": "[file:hashes.SHA256 = 'ed5e313821bf3a20d226c1b5f2b0ba7f1897d0778c27620017b852579e3e1894']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:47:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb092-0e8c-47c6-9c76-43ae950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:47:46.000Z",
|
|
"modified": "2019-04-09T14:47:46.000Z",
|
|
"description": "Altera Nios II Samples",
|
|
"pattern": "[file:hashes.SHA256 = 'fae498477388c53c8c623fd8ddb710cc286584200767907b104d55f916d37c05']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:47:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0a0-da90-4388-8e3a-4629950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:00.000Z",
|
|
"modified": "2019-04-09T14:48:00.000Z",
|
|
"description": "Tensilica Xtensa Samples",
|
|
"pattern": "[file:hashes.SHA256 = '006436f282f46f49eb97c2e119622ac61086a908623ca741eb29caeca22c797a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0a0-55e4-459d-b37f-49d8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:00.000Z",
|
|
"modified": "2019-04-09T14:48:00.000Z",
|
|
"description": "Tensilica Xtensa Samples",
|
|
"pattern": "[file:hashes.SHA256 = '28bb80c687cb0aeea0b2d53dd5bf34f21f7292e5708b0aefeea25aebe2ff93af']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0a0-0004-4e31-ad5f-4829950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:00.000Z",
|
|
"modified": "2019-04-09T14:48:00.000Z",
|
|
"description": "Tensilica Xtensa Samples",
|
|
"pattern": "[file:hashes.SHA256 = '5647168f9818dc40599d057c426424709bde5722c62088ecff64b97d3acfc4a7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0a0-d83c-414d-b500-4ccc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:00.000Z",
|
|
"modified": "2019-04-09T14:48:00.000Z",
|
|
"description": "Tensilica Xtensa Samples",
|
|
"pattern": "[file:hashes.SHA256 = '57cc6875ae0c571ef1edaae72d82b0da6e60331ad4b3ad34c922b9e4612b8779']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0a0-0580-43b0-9646-4723950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:00.000Z",
|
|
"modified": "2019-04-09T14:48:00.000Z",
|
|
"description": "Tensilica Xtensa Samples",
|
|
"pattern": "[file:hashes.SHA256 = '61893583675935ac7a4857542f13d513ffbb176b302a72d26d7ec39fd931decb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0a0-5dbc-4d80-b9a3-48b5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:00.000Z",
|
|
"modified": "2019-04-09T14:48:00.000Z",
|
|
"description": "Tensilica Xtensa Samples",
|
|
"pattern": "[file:hashes.SHA256 = 'ac4a00bfe1031e19eb9a101d61ef5267627ebaeb2aca4b962c7bb1b5a59e337c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0a0-461c-4f4b-8908-4ec1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:00.000Z",
|
|
"modified": "2019-04-09T14:48:00.000Z",
|
|
"description": "Tensilica Xtensa Samples",
|
|
"pattern": "[file:hashes.SHA256 = 'b0cef399ea8ec2244aebb3506a2bb60c64c3921e816c0fc9752caf84c6cf196d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0a0-00c8-43ec-af2e-4022950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:00.000Z",
|
|
"modified": "2019-04-09T14:48:00.000Z",
|
|
"description": "Tensilica Xtensa Samples",
|
|
"pattern": "[file:hashes.SHA256 = 'b5da0b6070d9cf3a3d628864e0f0860c8fc967ce692c0142f5a6dafee64079f6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0af-3dec-451d-a56a-4c90950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:15.000Z",
|
|
"modified": "2019-04-09T14:48:15.000Z",
|
|
"description": "OpenRISC Samples",
|
|
"pattern": "[file:hashes.SHA256 = '09f8885872bc47e03608d6725f8735074c8b915ca08540e367921223058c108a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0af-f534-484b-b714-4072950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:15.000Z",
|
|
"modified": "2019-04-09T14:48:15.000Z",
|
|
"description": "OpenRISC Samples",
|
|
"pattern": "[file:hashes.SHA256 = '199f1976cb5fb39a9c395a28e2178476b6eaec0f3499a5a11912f103dcd64d00']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0af-3384-4735-beef-4d84950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:15.000Z",
|
|
"modified": "2019-04-09T14:48:15.000Z",
|
|
"description": "OpenRISC Samples",
|
|
"pattern": "[file:hashes.SHA256 = '1efdfc79d0c4b779966dfcae7d4f0a1f17f043e098ec0f90ff12a7ebc3c3f1f1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0af-823c-4fa5-b5c3-4637950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:15.000Z",
|
|
"modified": "2019-04-09T14:48:15.000Z",
|
|
"description": "OpenRISC Samples",
|
|
"pattern": "[file:hashes.SHA256 = '24b4c838dd41c0d812f747e48cf24be4f2265bce8f1e4d0d8ca6a7fc5649019b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0af-3518-4f11-b865-4fae950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:15.000Z",
|
|
"modified": "2019-04-09T14:48:15.000Z",
|
|
"description": "OpenRISC Samples",
|
|
"pattern": "[file:hashes.SHA256 = '59b7a7baf4c239786fdf5ceca9084d829c6f6fc0603a524df313b2ef4958e4c2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0af-daec-4e16-b566-445c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:15.000Z",
|
|
"modified": "2019-04-09T14:48:15.000Z",
|
|
"description": "OpenRISC Samples",
|
|
"pattern": "[file:hashes.SHA256 = '6183c7c87ff7cc3721c000af73714be27884a22057c4dc69bccd34571353f327']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0af-fd54-474b-b2a5-486a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:15.000Z",
|
|
"modified": "2019-04-09T14:48:15.000Z",
|
|
"description": "OpenRISC Samples",
|
|
"pattern": "[file:hashes.SHA256 = '74a45ff17678e0bddf383b5229785dda04c515e778bc9421d9396168f1cf3c3d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0af-89b4-47cd-81b9-4180950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:15.000Z",
|
|
"modified": "2019-04-09T14:48:15.000Z",
|
|
"description": "OpenRISC Samples",
|
|
"pattern": "[file:hashes.SHA256 = '76c9e543a0386994031b4905533eccd05400b3bb12fefc94f1eb65af5debe986']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0af-7854-48cf-a3ce-4d00950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:15.000Z",
|
|
"modified": "2019-04-09T14:48:15.000Z",
|
|
"description": "OpenRISC Samples",
|
|
"pattern": "[file:hashes.SHA256 = 'b6359a84bd36a3ce8a13f1306ad74d757c384a772691c228c9a00a5246d828fa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0af-233c-4797-b963-4c10950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:15.000Z",
|
|
"modified": "2019-04-09T14:48:15.000Z",
|
|
"description": "OpenRISC Samples",
|
|
"pattern": "[file:hashes.SHA256 = 'b758405fd18c4518878868163472bcb4e988e4ecbc3312b9756d231b80646816']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0af-569c-4e62-8740-4833950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:15.000Z",
|
|
"modified": "2019-04-09T14:48:15.000Z",
|
|
"description": "OpenRISC Samples",
|
|
"pattern": "[file:hashes.SHA256 = 'b89196b9773c6c809a2547434ce3e9de8a494ed7b338e013fd3f2818b4b54fd1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0af-a4f0-4040-ba9c-4816950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:15.000Z",
|
|
"modified": "2019-04-09T14:48:15.000Z",
|
|
"description": "OpenRISC Samples",
|
|
"pattern": "[file:hashes.SHA256 = 'c33080bea85616fd1251f877cd9ff570dd6a2e2f24cc20254754cb2c74a2375e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0af-729c-4027-818f-4c88950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:15.000Z",
|
|
"modified": "2019-04-09T14:48:15.000Z",
|
|
"description": "OpenRISC Samples",
|
|
"pattern": "[file:hashes.SHA256 = 'd21880f4f919c410d0f2ee447716a2f7288dbaa21ec7de8601f0fc999b4d3d45']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0af-16a0-4006-bfac-4e6e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:15.000Z",
|
|
"modified": "2019-04-09T14:48:15.000Z",
|
|
"description": "OpenRISC Samples",
|
|
"pattern": "[file:hashes.SHA256 = 'f646c45feb0ccab4caf61bdb4aa45b0295614b2e881ad9c594ccaec2ea886671']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0c0-cc98-4ca4-a94f-484a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:32.000Z",
|
|
"modified": "2019-04-09T14:48:32.000Z",
|
|
"description": "Xilinx MicroBlaze Samples",
|
|
"pattern": "[file:hashes.SHA256 = '006b73c03760f168a5d71c0edd50e9a437aca7b3db1dbecac75ea2ef9e74f54f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0c0-cbc0-473c-a8ba-4c37950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:32.000Z",
|
|
"modified": "2019-04-09T14:48:32.000Z",
|
|
"description": "Xilinx MicroBlaze Samples",
|
|
"pattern": "[file:hashes.SHA256 = '233790b3a74245c4660cadec23145246484154abd01edd45836c31598f96b13d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0c0-dc38-4436-9c13-42e7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:32.000Z",
|
|
"modified": "2019-04-09T14:48:32.000Z",
|
|
"description": "Xilinx MicroBlaze Samples",
|
|
"pattern": "[file:hashes.SHA256 = '26298ff73035ef2dc92cda118d476933d3014b39ac478865bd86d28aa5457459']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0c0-9148-4f8d-a324-4aae950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:32.000Z",
|
|
"modified": "2019-04-09T14:48:32.000Z",
|
|
"description": "Xilinx MicroBlaze Samples",
|
|
"pattern": "[file:hashes.SHA256 = '2d7ed9ccd1b94f58aff30f7a7d798dd03b6a0f5bed2a529e1e13d8d78e9ae289']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0c0-5274-4f59-86ea-4bba950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:32.000Z",
|
|
"modified": "2019-04-09T14:48:32.000Z",
|
|
"description": "Xilinx MicroBlaze Samples",
|
|
"pattern": "[file:hashes.SHA256 = '3891a82075bd173bb1e052c27f1be946559aaeb65e6a4c761ba8bbd2cbccd3fb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0c0-a2e0-4e05-9f43-46eb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:32.000Z",
|
|
"modified": "2019-04-09T14:48:32.000Z",
|
|
"description": "Xilinx MicroBlaze Samples",
|
|
"pattern": "[file:hashes.SHA256 = '43c5efda1875fd809f97b49d296f34e1292ed86e5a4197460764fe67b98294ef']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0c0-bed0-4c8e-a3b5-4fe7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:32.000Z",
|
|
"modified": "2019-04-09T14:48:32.000Z",
|
|
"description": "Xilinx MicroBlaze Samples",
|
|
"pattern": "[file:hashes.SHA256 = '44f1d6144df90adea1b7b482c84946257c9fb70a9c195a6846f416de80b5e6fd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0c0-0dac-42be-bc13-410f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:32.000Z",
|
|
"modified": "2019-04-09T14:48:32.000Z",
|
|
"description": "Xilinx MicroBlaze Samples",
|
|
"pattern": "[file:hashes.SHA256 = '4cb4c5cbf7eb646bdc08640f4f9e9a4383a9c7ac4e26be0caeb9dc904670c5bf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0c0-7ee8-418b-92fb-4304950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:32.000Z",
|
|
"modified": "2019-04-09T14:48:32.000Z",
|
|
"description": "Xilinx MicroBlaze Samples",
|
|
"pattern": "[file:hashes.SHA256 = '4d8a4841a2f4a61ed6df2be79dd7ea1eb2052cee6eba4d8de30add7908ebb779']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0c0-1928-474d-ad59-40d2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:32.000Z",
|
|
"modified": "2019-04-09T14:48:32.000Z",
|
|
"description": "Xilinx MicroBlaze Samples",
|
|
"pattern": "[file:hashes.SHA256 = '537c2d136a805fe1b703709b0794e25f91f2136027287fa4817080330c7989ce']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0c0-84ec-47d4-9eec-4c10950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:32.000Z",
|
|
"modified": "2019-04-09T14:48:32.000Z",
|
|
"description": "Xilinx MicroBlaze Samples",
|
|
"pattern": "[file:hashes.SHA256 = '683b6f8209725ae0e715cda5a1cd35bcaacb5d45ae8e487c98dce2c01c91c887']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0c0-c5b8-4b62-bd40-43de950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:32.000Z",
|
|
"modified": "2019-04-09T14:48:32.000Z",
|
|
"description": "Xilinx MicroBlaze Samples",
|
|
"pattern": "[file:hashes.SHA256 = '9b1eab0283fd6948a9a181abaa2f6b3c26f2b0077c8a8b32e763790dd64d2a22']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0c0-9e54-45a4-a8ce-49be950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:32.000Z",
|
|
"modified": "2019-04-09T14:48:32.000Z",
|
|
"description": "Xilinx MicroBlaze Samples",
|
|
"pattern": "[file:hashes.SHA256 = 'a736d6ebf9596872f3c92ac486be2588ccf0c53cf15a3897a97c83ca1525ff8d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0c0-3704-471e-99fe-43aa950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:32.000Z",
|
|
"modified": "2019-04-09T14:48:32.000Z",
|
|
"description": "Xilinx MicroBlaze Samples",
|
|
"pattern": "[file:hashes.SHA256 = 'a9dbcc2681d427f9820ca9c5ec120b9bf3e83c9856e89736884ee4dc26712e50']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0c0-a3f4-4e70-bc39-4db1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:32.000Z",
|
|
"modified": "2019-04-09T14:48:32.000Z",
|
|
"description": "Xilinx MicroBlaze Samples",
|
|
"pattern": "[file:hashes.SHA256 = 'bdd19fa8a7c0e3a5ebbb14d5885cb09a863122ad2c78f53361db0c194045d491']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0c0-9b08-4cf0-ad80-4144950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:32.000Z",
|
|
"modified": "2019-04-09T14:48:32.000Z",
|
|
"description": "Xilinx MicroBlaze Samples",
|
|
"pattern": "[file:hashes.SHA256 = 'c0f18a5113b341faacb9f647cee954a237925cc62d5daff559a8a880702273c1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0c0-63a8-4643-bbc1-4a91950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:32.000Z",
|
|
"modified": "2019-04-09T14:48:32.000Z",
|
|
"description": "Xilinx MicroBlaze Samples",
|
|
"pattern": "[file:hashes.SHA256 = 'c75b3c52c0f5eebfd4c44c3069a393e824d455c7405d57ee99fd7613b8211b31']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0c0-1af4-4984-aa83-4b10950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:32.000Z",
|
|
"modified": "2019-04-09T14:48:32.000Z",
|
|
"description": "Xilinx MicroBlaze Samples",
|
|
"pattern": "[file:hashes.SHA256 = 'd28d05477ddbb1e3de330e98a2cb199ed76df0d1c942c467c977c9b70771477a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0c0-d36c-4c49-9f3b-4300950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:32.000Z",
|
|
"modified": "2019-04-09T14:48:32.000Z",
|
|
"description": "Xilinx MicroBlaze Samples",
|
|
"pattern": "[file:hashes.SHA256 = 'de6a0d2b8b4323bc06a6cd02b0042fc92c36319696dafafd057e905d359f60ea']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0c0-2d9c-43cb-91cf-429b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:48:32.000Z",
|
|
"modified": "2019-04-09T14:48:32.000Z",
|
|
"description": "Xilinx MicroBlaze Samples",
|
|
"pattern": "[file:hashes.SHA256 = 'e740f780f2b91a41c5024115bbed607b0a75e52fcf4f96b86d0f8adda0c97ddf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0e1-0414-411b-b1ac-4c92950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:49:16.000Z",
|
|
"modified": "2019-04-09T14:49:16.000Z",
|
|
"pattern": "[url:value = '178.62.227.13/wrgjwrgjwrg246356356356/hmicroblazebe']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:49:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0e1-85bc-4131-95e0-4779950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:49:28.000Z",
|
|
"modified": "2019-04-09T14:49:28.000Z",
|
|
"pattern": "[url:value = '178.62.227.13/wrgjwrgjwrg246356356356/hmicroblazeel']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:49:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0e1-786c-4147-b142-4bef950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:49:28.000Z",
|
|
"modified": "2019-04-09T14:49:28.000Z",
|
|
"pattern": "[url:value = '178.62.227.13/wrgjwrgjwrg246356356356/hnios2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:49:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0e1-6158-48f4-8fa7-4af9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:49:28.000Z",
|
|
"modified": "2019-04-09T14:49:28.000Z",
|
|
"pattern": "[url:value = '178.62.227.13/wrgjwrgjwrg246356356356/hopenrisc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:49:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb0e1-31a8-4b18-b798-489b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:49:28.000Z",
|
|
"modified": "2019-04-09T14:49:28.000Z",
|
|
"pattern": "[url:value = '178.62.227.13/wrgjwrgjwrg246356356356/hxtensa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:49:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5cacb113-90c0-483e-ad66-449a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:49:55.000Z",
|
|
"modified": "2019-04-09T14:49:55.000Z",
|
|
"first_observed": "2019-04-09T14:49:55Z",
|
|
"last_observed": "2019-04-09T14:49:55Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5cacb113-90c0-483e-ad66-449a950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5cacb113-90c0-483e-ad66-449a950d210f",
|
|
"value": "https://unit42.paloaltonetworks.com/mirai-compiled-for-new-processor-surfaces/"
|
|
},
|
|
{
|
|
"type": "x-misp-attribute",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-attribute--5cacb123-ac18-4214-86b8-48ca950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:50:11.000Z",
|
|
"modified": "2019-04-09T14:50:11.000Z",
|
|
"labels": [
|
|
"misp:type=\"text\"",
|
|
"misp:category=\"External analysis\""
|
|
],
|
|
"x_misp_category": "External analysis",
|
|
"x_misp_type": "text",
|
|
"x_misp_value": "In late February 2019, Unit 42 discovered Mirai samples compiled for new processors/architectures not previously seen before. Despite the source code being publicly released In October of 2016, the malware has, until now, only been found targeting a fixed set of processors/architectures.\r\n\r\nUnit 42 has found the newly discovered samples are compiled for Altera Nios II, OpenRISC, Tensilica Xtensa, and Xilinx MicroBlaze processors. This is not the first time Mirai has been expanded for new processor architectures, samples targeting ARC CPUs were discovered in January 2018. Yet this development shows that Mirai developers continue to actively innovate, targeting a growing array of IoT devices. The malware gained notoriety in 2016 for its use in massive denial of service attacks on Dyn and the website of security blogger Brian Krebs. If the latest innovations lead to an increase in the number of infected devices, that means that Mirai attackers would have access to additional firepower for use in denial of service attacks.\r\n\r\nIn this blog, we show the new features we\u00e2\u20ac\u2122ve found in these new samples, discuss the infrastructure we observed, show how other Mirai samples using known exploits were hosted on the same infrastructure as the new samples, and give indicators of compromise (IoCs) for these new samples.\r\n\r\nTo protect against Mirai and other threats, organizations should make securing their IoT devices with the latest updates and non-default passwords a priority."
|
|
},
|
|
{
|
|
"type": "vulnerability",
|
|
"spec_version": "2.1",
|
|
"id": "vulnerability--5cacb17c-a0f0-4063-b721-1fd6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:51:40.000Z",
|
|
"modified": "2019-04-09T14:51:40.000Z",
|
|
"name": "CVE-2014-8361",
|
|
"labels": [
|
|
"misp:type=\"vulnerability\"",
|
|
"misp:category=\"Payload delivery\""
|
|
],
|
|
"external_references": [
|
|
{
|
|
"source_name": "cve",
|
|
"external_id": "CVE-2014-8361"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"type": "vulnerability",
|
|
"spec_version": "2.1",
|
|
"id": "vulnerability--5cacb17c-8378-43b1-a6dd-1fd6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:51:40.000Z",
|
|
"modified": "2019-04-09T14:51:40.000Z",
|
|
"name": "CVE-2017-17215",
|
|
"labels": [
|
|
"misp:type=\"vulnerability\"",
|
|
"misp:category=\"Payload delivery\""
|
|
],
|
|
"external_references": [
|
|
{
|
|
"source_name": "cve",
|
|
"external_id": "CVE-2017-17215"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5cacb19b-aa84-4b1e-a70d-44a6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:52:11.000Z",
|
|
"modified": "2019-04-09T14:52:11.000Z",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.62.227.13']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:52:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--4d6e3fee-7c21-49c4-ae5f-9cc8c2a51e0f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:25.000Z",
|
|
"modified": "2019-04-09T14:53:25.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'faa296969c2a02bcb4d810a13eb5c851' AND file:hashes.SHA1 = '0e19b991b88c8c53384fb3a0ac04653db8e6c29b' AND file:hashes.SHA256 = '44f1d6144df90adea1b7b482c84946257c9fb70a9c195a6846f416de80b5e6fd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--3c8f723c-33a7-49c2-93ba-1e85d049c50c",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:26.000Z",
|
|
"modified": "2019-04-09T14:53:26.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:43",
|
|
"category": "Other",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "73fbcfe8-b315-424c-8f13-3ebebd0d29da"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/44f1d6144df90adea1b7b482c84946257c9fb70a9c195a6846f416de80b5e6fd/analysis/1554820723/",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "cef990fb-ed10-4ac1-8de5-f3dd99be4d7a"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "27/57",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "06fc83ee-7be8-490d-9d49-79f16c3d18ba"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--f7d995da-6b74-46bd-a3bd-b216173f7ecd",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:26.000Z",
|
|
"modified": "2019-04-09T14:53:26.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'db7d0b0918d8918a28ada67f2dc28d7e' AND file:hashes.SHA1 = 'a5583a253c1a2441439d93762563500e6a145e08' AND file:hashes.SHA256 = '537c2d136a805fe1b703709b0794e25f91f2136027287fa4817080330c7989ce']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--08d445db-073c-4725-b822-4dc12152dc6d",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:26.000Z",
|
|
"modified": "2019-04-09T14:53:26.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:43",
|
|
"category": "Other",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "11a6886f-371b-4c90-a19b-36ae205b473d"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/537c2d136a805fe1b703709b0794e25f91f2136027287fa4817080330c7989ce/analysis/1554820723/",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "968baca9-1027-4316-bb45-b9c041a78ada"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "27/56",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "52b9e278-211e-4527-b57d-1c2df1246fa3"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--30d18426-8b6c-4bd7-9dbe-fe48578c0858",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:26.000Z",
|
|
"modified": "2019-04-09T14:53:26.000Z",
|
|
"pattern": "[file:hashes.MD5 = '28e21fc1cd115a22e461b66614e76726' AND file:hashes.SHA1 = '2db0b72452e9e676c03cb580c0bd8f128fa16349' AND file:hashes.SHA256 = 'e740f780f2b91a41c5024115bbed607b0a75e52fcf4f96b86d0f8adda0c97ddf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--b65f158d-86b3-46ea-8e90-5aff73b83607",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:26.000Z",
|
|
"modified": "2019-04-09T14:53:26.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:48",
|
|
"category": "Other",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "2b7bdcc5-8354-4034-b97b-f609c0c8ec8d"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/e740f780f2b91a41c5024115bbed607b0a75e52fcf4f96b86d0f8adda0c97ddf/analysis/1554820728/",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "9d9ec46e-dfa0-4131-ac1c-e1a7ef6aab57"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "26/55",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "f7f7b737-92a0-425a-8076-d821dae9fdf8"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--b193159a-ffa2-487b-95c4-0d8243f8ad9c",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:26.000Z",
|
|
"modified": "2019-04-09T14:53:26.000Z",
|
|
"pattern": "[file:hashes.MD5 = '5e687ed6f3887cabe76df9ff3bb55544' AND file:hashes.SHA1 = '3c8e5a63687573e83ef36ad36b1ed11ded782670' AND file:hashes.SHA256 = 'a736d6ebf9596872f3c92ac486be2588ccf0c53cf15a3897a97c83ca1525ff8d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--032474ca-6510-4dde-8ed2-b9da5050112e",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:26.000Z",
|
|
"modified": "2019-04-09T14:53:26.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:47",
|
|
"category": "Other",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "be28fdd4-91ce-4d89-86d8-41277d44fa1d"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/a736d6ebf9596872f3c92ac486be2588ccf0c53cf15a3897a97c83ca1525ff8d/analysis/1554820727/",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "b63dd06c-915d-45b5-8b8e-6c969f111e54"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "26/55",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "921ca717-b58f-419d-bfc6-f502d1a089ef"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--71263d1f-4ce5-4dfd-8b98-22edc46918aa",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:26.000Z",
|
|
"modified": "2019-04-09T14:53:26.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd88dae330b75ea78e773e2467b07a449' AND file:hashes.SHA1 = '5a405e547f0070c65bec869f8e42c19277100c44' AND file:hashes.SHA256 = '28bb80c687cb0aeea0b2d53dd5bf34f21f7292e5708b0aefeea25aebe2ff93af']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--5d7e98f1-3719-4c81-9fa8-0e8c5d58cc7a",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:27.000Z",
|
|
"modified": "2019-04-09T14:53:27.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:44",
|
|
"category": "Other",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "ede52e54-04d2-4758-9540-c1f45d09b35e"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/28bb80c687cb0aeea0b2d53dd5bf34f21f7292e5708b0aefeea25aebe2ff93af/analysis/1554820724/",
|
|
"category": "Payload delivery",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "05ebcbf9-2914-40c1-b083-7b70f091e9a5"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "26/55",
|
|
"category": "Payload delivery",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "d3b485ad-00f0-477d-a050-78707dc34a74"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--f520e3f7-1da0-4457-8f67-3515a31174bc",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:27.000Z",
|
|
"modified": "2019-04-09T14:53:27.000Z",
|
|
"pattern": "[file:hashes.MD5 = '68474973ee4e95a5316e2c038b4f1b76' AND file:hashes.SHA1 = '4f25dd20f320f4737369535e18a1ddd6b144f582' AND file:hashes.SHA256 = '5647168f9818dc40599d057c426424709bde5722c62088ecff64b97d3acfc4a7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--7fd6de13-43fb-46d7-a71c-3d7df2cb0667",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:27.000Z",
|
|
"modified": "2019-04-09T14:53:27.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:44",
|
|
"category": "Other",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "ee7b9358-d974-438b-a2db-0aa98329a899"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/5647168f9818dc40599d057c426424709bde5722c62088ecff64b97d3acfc4a7/analysis/1554820724/",
|
|
"category": "Payload delivery",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "06e4ca20-4ec3-4452-a467-0beb1719f2c9"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "25/56",
|
|
"category": "Payload delivery",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "7a607e73-86da-45da-8032-7f318678583b"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--6a5f7378-218c-4ea3-a54d-c5767472ddb1",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:27.000Z",
|
|
"modified": "2019-04-09T14:53:27.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b93e64100d422a1e1bd2c857d04d16d9' AND file:hashes.SHA1 = '9f54db846bff49c5467ed03c583a851d882f930a' AND file:hashes.SHA256 = 'b5da0b6070d9cf3a3d628864e0f0860c8fc967ce692c0142f5a6dafee64079f6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--b8d2d6ad-e5e3-42a5-b950-1046b821f68f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:27.000Z",
|
|
"modified": "2019-04-09T14:53:27.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:45",
|
|
"category": "Other",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "7c7097dc-7c52-48be-8ef6-3e430f924a3a"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/b5da0b6070d9cf3a3d628864e0f0860c8fc967ce692c0142f5a6dafee64079f6/analysis/1554820725/",
|
|
"category": "Payload delivery",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "ef14212c-5ae7-4d28-8f08-7ad47b711b5d"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "26/57",
|
|
"category": "Payload delivery",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "5acef96f-3e25-4bd6-a96f-f35eb4498f48"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--ccaa3b0c-b5e6-4536-9606-b56b08602015",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:27.000Z",
|
|
"modified": "2019-04-09T14:53:27.000Z",
|
|
"pattern": "[file:hashes.MD5 = '9c691e5f7d2a0f99b0e9bce04e9f89f9' AND file:hashes.SHA1 = '2f63f5e91a43b3377ec703ee71b686f738fd3075' AND file:hashes.SHA256 = 'f646c45feb0ccab4caf61bdb4aa45b0295614b2e881ad9c594ccaec2ea886671']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--298cf9d4-5927-4a83-abf4-b195c0b926a7",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:27.000Z",
|
|
"modified": "2019-04-09T14:53:27.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:49",
|
|
"category": "Other",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "2269aa19-cffa-476b-9500-10099866f819"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/f646c45feb0ccab4caf61bdb4aa45b0295614b2e881ad9c594ccaec2ea886671/analysis/1554820729/",
|
|
"category": "Payload delivery",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "25cd2265-baed-432e-b1dc-9e388a86dc73"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "26/57",
|
|
"category": "Payload delivery",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "d42b4f59-5a9e-413a-afdf-194dcc3b6d3a"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--e431dfa4-ace9-4c86-8348-47f0c41d5424",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:27.000Z",
|
|
"modified": "2019-04-09T14:53:27.000Z",
|
|
"pattern": "[file:hashes.MD5 = '96bcf6a954e4a09013aafcfd1613d3c1' AND file:hashes.SHA1 = 'f745cabbabe6bc0b94edb282f23ceae43687ac9d' AND file:hashes.SHA256 = '43c5efda1875fd809f97b49d296f34e1292ed86e5a4197460764fe67b98294ef']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--36cb190d-e9c4-4a68-a628-a79c96323f5a",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:27.000Z",
|
|
"modified": "2019-04-09T14:53:27.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:42",
|
|
"category": "Other",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "5f5f84bf-3939-4436-b488-895e354ed150"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/43c5efda1875fd809f97b49d296f34e1292ed86e5a4197460764fe67b98294ef/analysis/1554820722/",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "2143807d-9289-4f40-a9b7-eee165f261e9"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "23/56",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "f3981f91-a741-4363-83f5-67372127ee89"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--eaa5e596-0f6d-4ce1-aa4f-602720bd37ea",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:27.000Z",
|
|
"modified": "2019-04-09T14:53:27.000Z",
|
|
"pattern": "[file:hashes.MD5 = '030d0ed66c1976cbfebe1f2f77e185b9' AND file:hashes.SHA1 = '62e043ab97411660ead3ab107d31cf36e7f7cc6a' AND file:hashes.SHA256 = '26298ff73035ef2dc92cda118d476933d3014b39ac478865bd86d28aa5457459']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--fe27f62d-2cb0-4d56-a1ea-30eebcf27b8a",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:27.000Z",
|
|
"modified": "2019-04-09T14:53:27.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:44",
|
|
"category": "Other",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "6a26bbe5-6e2a-4c57-9caf-1d9e2bcf49c7"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/26298ff73035ef2dc92cda118d476933d3014b39ac478865bd86d28aa5457459/analysis/1554820724/",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "8649496d-2958-4073-95d3-2c6775e46e3c"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "28/58",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "393098d7-6be0-4396-b020-8c93d6484d00"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--6d039067-955e-4e72-a631-e049cf35a77f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:28.000Z",
|
|
"modified": "2019-04-09T14:53:28.000Z",
|
|
"pattern": "[file:hashes.MD5 = '070923d033e0f0df5a346f95ef213603' AND file:hashes.SHA1 = 'dc1a187834113a8282bb508ecc491b3a5228df87' AND file:hashes.SHA256 = 'b6359a84bd36a3ce8a13f1306ad74d757c384a772691c228c9a00a5246d828fa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--5349f3ce-b5d8-47d3-b28a-f01f5ca628d8",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:28.000Z",
|
|
"modified": "2019-04-09T14:53:28.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:45",
|
|
"category": "Other",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "ca07c1a1-7a95-482b-ad31-1b9039796701"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/b6359a84bd36a3ce8a13f1306ad74d757c384a772691c228c9a00a5246d828fa/analysis/1554820725/",
|
|
"category": "Payload delivery",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "5b8cd520-b5c5-4a44-b5f2-92d4e7409f2e"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "24/58",
|
|
"category": "Payload delivery",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "41d7af15-4288-4e2b-8b30-4c451551dd26"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--906f4543-dd5e-40cb-83f5-6a30ad65a3bb",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:28.000Z",
|
|
"modified": "2019-04-09T14:53:28.000Z",
|
|
"pattern": "[file:hashes.MD5 = '1b31128247d016ce5607b05c0f834d37' AND file:hashes.SHA1 = '7f39e85c750bc6a04295c8edec05d279ae7abf4a' AND file:hashes.SHA256 = 'd28d05477ddbb1e3de330e98a2cb199ed76df0d1c942c467c977c9b70771477a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--57817aa5-8715-40b2-9f08-795fff3f197c",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:28.000Z",
|
|
"modified": "2019-04-09T14:53:28.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:47",
|
|
"category": "Other",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "f3e27b5a-2196-4609-8ad4-a028d15ead31"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/d28d05477ddbb1e3de330e98a2cb199ed76df0d1c942c467c977c9b70771477a/analysis/1554820727/",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "086c032d-d09e-4d40-a384-da1bbb3b1d3f"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "24/56",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "2215e1c4-0b33-4ed6-9dfb-1568fd71528a"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--6e8a1137-4eeb-42f5-8b5b-30d6b8f325ef",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:28.000Z",
|
|
"modified": "2019-04-09T14:53:28.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c0736037b15f55e27bbdbd5ec15d1546' AND file:hashes.SHA1 = '541adaf3c110d45eb40c7856ed08c134eb22de38' AND file:hashes.SHA256 = '199f1976cb5fb39a9c395a28e2178476b6eaec0f3499a5a11912f103dcd64d00']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--b002923b-f027-4427-a79e-2802833d564d",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:28.000Z",
|
|
"modified": "2019-04-09T14:53:28.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:43",
|
|
"category": "Other",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "6c5d257d-be36-426d-9928-f6db85734d39"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/199f1976cb5fb39a9c395a28e2178476b6eaec0f3499a5a11912f103dcd64d00/analysis/1554820723/",
|
|
"category": "Payload delivery",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "387ad1df-153a-4def-a115-56aacc343a51"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "22/57",
|
|
"category": "Payload delivery",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "2ebba7ee-205c-4153-8b88-b928f3803e5e"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--ba07517c-15ac-49e5-b2b6-c6bcc1573288",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:28.000Z",
|
|
"modified": "2019-04-09T14:53:28.000Z",
|
|
"pattern": "[file:hashes.MD5 = '19a44645ccdfefb3e0476209127e5df0' AND file:hashes.SHA1 = '7ad84ff53ad50d6c440c29f5fe0dc3cf68ac6fca' AND file:hashes.SHA256 = '4cb4c5cbf7eb646bdc08640f4f9e9a4383a9c7ac4e26be0caeb9dc904670c5bf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--bd8d81c1-a0c1-46cc-b8e0-d6742f9b5bbb",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:28.000Z",
|
|
"modified": "2019-04-09T14:53:28.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:43",
|
|
"category": "Other",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "6524b670-33b8-45f4-9235-7a3f8d9db7b3"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/4cb4c5cbf7eb646bdc08640f4f9e9a4383a9c7ac4e26be0caeb9dc904670c5bf/analysis/1554820723/",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "b0b50ff4-fdd4-4a6a-b842-a9c6eb7e6fda"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "28/58",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "7cd8cfea-f848-4995-85d5-f4124e53e7d5"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--6360d4f6-e24c-4cce-869a-24ccd7f9c129",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:28.000Z",
|
|
"modified": "2019-04-09T14:53:28.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8872577b174b01ddffa596506664b87d' AND file:hashes.SHA1 = '814df5ac6c3f29be1f969c9cb4009d6692ac1ee7' AND file:hashes.SHA256 = '1efdfc79d0c4b779966dfcae7d4f0a1f17f043e098ec0f90ff12a7ebc3c3f1f1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--bc7587c2-e369-4c0c-b2d2-b05a4210bcf3",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:28.000Z",
|
|
"modified": "2019-04-09T14:53:28.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:43",
|
|
"category": "Other",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "e42d9432-f81f-47db-b20e-e9aead7b58f9"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/1efdfc79d0c4b779966dfcae7d4f0a1f17f043e098ec0f90ff12a7ebc3c3f1f1/analysis/1554820723/",
|
|
"category": "Payload delivery",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "615eace1-018e-46f6-9c7a-cb0eb59da72e"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "23/56",
|
|
"category": "Payload delivery",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "d0fa0cd7-1e9c-4d9a-951f-4a58e20367e1"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--4416ae3a-0659-4f4e-bc6e-5cff3da3130d",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:28.000Z",
|
|
"modified": "2019-04-09T14:53:28.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'cf3c7438a29291d9f09d655037552558' AND file:hashes.SHA1 = 'fcf643feda4e1d14cffd25cde62dc83a613f67f3' AND file:hashes.SHA256 = '3446c2ed11a6a5e02702afd5f7082eb435b2922096443cabd45d54b5b7582cc1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--8bb6ab5a-d092-4bd3-8039-db1c1610653c",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:29.000Z",
|
|
"modified": "2019-04-09T14:53:29.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:41",
|
|
"category": "Other",
|
|
"comment": "Altera Nios II Samples",
|
|
"uuid": "32190af8-f097-4a30-9b79-b674f20725ce"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/3446c2ed11a6a5e02702afd5f7082eb435b2922096443cabd45d54b5b7582cc1/analysis/1554820721/",
|
|
"category": "Payload delivery",
|
|
"comment": "Altera Nios II Samples",
|
|
"uuid": "08bfb991-109b-4bee-8ceb-a3ae0e6115e9"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "23/56",
|
|
"category": "Payload delivery",
|
|
"comment": "Altera Nios II Samples",
|
|
"uuid": "bf6b88b8-4a51-4bda-a87c-55cced3494f2"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--382a6691-5e36-4d86-b0d8-5a04e43342fc",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:29.000Z",
|
|
"modified": "2019-04-09T14:53:29.000Z",
|
|
"pattern": "[file:hashes.MD5 = '527763edafc92a32f427a75885e8e093' AND file:hashes.SHA1 = '9eb84bfc2d7f690934db9927b9fffe08eddd61af' AND file:hashes.SHA256 = 'ed5e313821bf3a20d226c1b5f2b0ba7f1897d0778c27620017b852579e3e1894']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--6ef3df89-54b3-4737-a303-bfd64e0ace0d",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:29.000Z",
|
|
"modified": "2019-04-09T14:53:29.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:49",
|
|
"category": "Other",
|
|
"comment": "Altera Nios II Samples",
|
|
"uuid": "8560e62f-373b-48e4-bfb7-01885093c8b8"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/ed5e313821bf3a20d226c1b5f2b0ba7f1897d0778c27620017b852579e3e1894/analysis/1554820729/",
|
|
"category": "Payload delivery",
|
|
"comment": "Altera Nios II Samples",
|
|
"uuid": "3091c506-d4de-4985-b9a0-0c0146a064b8"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "21/57",
|
|
"category": "Payload delivery",
|
|
"comment": "Altera Nios II Samples",
|
|
"uuid": "d4641149-8302-4d2f-b1ab-1aca7286924b"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--6216369c-87cb-453b-931f-83a18954a135",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:29.000Z",
|
|
"modified": "2019-04-09T14:53:29.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ea26a487f8fe99b4e4faecbc258ae98b' AND file:hashes.SHA1 = 'c6911cd070dc46098b9acffeb834e639ae54fb5f' AND file:hashes.SHA256 = 'ac4a00bfe1031e19eb9a101d61ef5267627ebaeb2aca4b962c7bb1b5a59e337c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--4ec12cbe-898c-4ccc-8775-28e4e121d5db",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:29.000Z",
|
|
"modified": "2019-04-09T14:53:29.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:47",
|
|
"category": "Other",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "6ffa46ce-4e75-438b-a2db-08aeed47304a"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/ac4a00bfe1031e19eb9a101d61ef5267627ebaeb2aca4b962c7bb1b5a59e337c/analysis/1554820727/",
|
|
"category": "Payload delivery",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "1f4bcd4d-b4ae-4c2a-aff6-91c4b5f0e1f4"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "28/57",
|
|
"category": "Payload delivery",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "a1f2cf55-f43b-4ec1-803a-f34a4f4239cc"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--d8c1ba83-dbd0-4daa-9a16-4dc2465eab8a",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:29.000Z",
|
|
"modified": "2019-04-09T14:53:29.000Z",
|
|
"pattern": "[file:hashes.MD5 = '9c6346e59864c0163d0baa262834e925' AND file:hashes.SHA1 = '13ea794313be45e63704c665e61a515c3f7651e3' AND file:hashes.SHA256 = '006b73c03760f168a5d71c0edd50e9a437aca7b3db1dbecac75ea2ef9e74f54f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--92650226-7b52-4e62-be35-e3127a417cf0",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:29.000Z",
|
|
"modified": "2019-04-09T14:53:29.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:42",
|
|
"category": "Other",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "13ad6dbb-a89b-4bf3-aa22-ecd56317f930"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/006b73c03760f168a5d71c0edd50e9a437aca7b3db1dbecac75ea2ef9e74f54f/analysis/1554820722/",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "53db994f-8d24-4a61-9780-cfc1b1aac376"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "26/59",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "ba4b44ae-999b-44aa-ba37-dbdfd892b0a8"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--a4923d2f-c6ba-4228-883c-d93835435f9a",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:29.000Z",
|
|
"modified": "2019-04-09T14:53:29.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'cb015741bccea90fa250fed01f694c6e' AND file:hashes.SHA1 = '9b772e05b7e0a8314547530984a50b311e8b7693' AND file:hashes.SHA256 = 'c33080bea85616fd1251f877cd9ff570dd6a2e2f24cc20254754cb2c74a2375e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--4ab686a6-fb66-492d-9bb1-487d10f99d09",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:29.000Z",
|
|
"modified": "2019-04-09T14:53:29.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:46",
|
|
"category": "Other",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "14e96d42-09ba-4c7d-936d-5c17b1365f4f"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/c33080bea85616fd1251f877cd9ff570dd6a2e2f24cc20254754cb2c74a2375e/analysis/1554820726/",
|
|
"category": "Payload delivery",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "75228b11-c8f2-4ad7-b77b-5846519818f8"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "26/58",
|
|
"category": "Payload delivery",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "ed573984-b2ed-4f13-ae2d-15c11c863f09"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--b7a2d065-ed7c-41c8-a2f9-e066c92afe89",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:29.000Z",
|
|
"modified": "2019-04-09T14:53:29.000Z",
|
|
"pattern": "[file:hashes.MD5 = '573e72820acb518fe1b46b32a012f221' AND file:hashes.SHA1 = '2a9bc043794f45264f9f286f5f5bd5cc1aeffa5c' AND file:hashes.SHA256 = '76c9e543a0386994031b4905533eccd05400b3bb12fefc94f1eb65af5debe986']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--ba0f4453-12d4-492f-90d2-b61e08f8e2d4",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:30.000Z",
|
|
"modified": "2019-04-09T14:53:30.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:44",
|
|
"category": "Other",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "70ad2cc3-a9d6-4f77-82fe-f528c3211f58"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/76c9e543a0386994031b4905533eccd05400b3bb12fefc94f1eb65af5debe986/analysis/1554820724/",
|
|
"category": "Payload delivery",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "3dccb504-908a-478c-af00-c40d4c69759d"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "24/56",
|
|
"category": "Payload delivery",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "a3bb6ac8-c3b4-4f33-ac97-c846f0cfb115"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--b21504d6-8f09-420e-8dd4-4156c9fe6c4c",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:30.000Z",
|
|
"modified": "2019-04-09T14:53:30.000Z",
|
|
"pattern": "[file:hashes.MD5 = '28799a1fe00f26f9ae1a6392a2654996' AND file:hashes.SHA1 = 'e1cedd589eb9731d1494c12f90b8e98a352d6d96' AND file:hashes.SHA256 = '24b4c838dd41c0d812f747e48cf24be4f2265bce8f1e4d0d8ca6a7fc5649019b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--02c8cf93-3806-4e09-a801-830a0db3abf6",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:30.000Z",
|
|
"modified": "2019-04-09T14:53:30.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:44",
|
|
"category": "Other",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "1b14f5ce-e48d-411b-9cca-3b033b21a4b7"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/24b4c838dd41c0d812f747e48cf24be4f2265bce8f1e4d0d8ca6a7fc5649019b/analysis/1554820724/",
|
|
"category": "Payload delivery",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "225285c5-006e-4e54-8460-28f27b8bc971"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "21/55",
|
|
"category": "Payload delivery",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "d275400b-f6ee-4ae6-906d-3fd2be62d323"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--37d88da7-8284-4bc6-9a6f-2cd49c1971cd",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:30.000Z",
|
|
"modified": "2019-04-09T14:53:30.000Z",
|
|
"pattern": "[file:hashes.MD5 = '77899a6d69e23c18af5fc14605721bc1' AND file:hashes.SHA1 = '0ca2571aba52784af096ee6e5eaeced29b4746de' AND file:hashes.SHA256 = 'b0cef399ea8ec2244aebb3506a2bb60c64c3921e816c0fc9752caf84c6cf196d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--21b4521f-74e3-4b6d-90df-c30faad750de",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:30.000Z",
|
|
"modified": "2019-04-09T14:53:30.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:47",
|
|
"category": "Other",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "99d66389-79a1-47db-b88f-fd46b426e489"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/b0cef399ea8ec2244aebb3506a2bb60c64c3921e816c0fc9752caf84c6cf196d/analysis/1554820727/",
|
|
"category": "Payload delivery",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "87480978-ba55-46d2-9b34-25bdafcb1ecb"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "26/55",
|
|
"category": "Payload delivery",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "60a3e7b9-df18-439e-be34-9a82f238e3fc"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--ceeb65b8-0b04-4166-b355-252b12391f98",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:30.000Z",
|
|
"modified": "2019-04-09T14:53:30.000Z",
|
|
"pattern": "[file:hashes.MD5 = '3f7ba91642d882085ff753ffc118681e' AND file:hashes.SHA1 = '542028b60e014d5ce4f20d63fa47690d2bad6d66' AND file:hashes.SHA256 = '5876c9ac609ece0e051c57b380489490bc78e40c796b637af1e80adbdb9f70dc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--657d45df-b4ba-4dd2-8762-43a8fd4487bf",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:30.000Z",
|
|
"modified": "2019-04-09T14:53:30.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:41",
|
|
"category": "Other",
|
|
"comment": "Altera Nios II Samples",
|
|
"uuid": "4a1f7a0a-34a5-4bc4-abeb-ea63d7569649"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/5876c9ac609ece0e051c57b380489490bc78e40c796b637af1e80adbdb9f70dc/analysis/1554820721/",
|
|
"category": "Payload delivery",
|
|
"comment": "Altera Nios II Samples",
|
|
"uuid": "d1fa976e-5a91-4830-8a93-0eb11de57573"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "27/59",
|
|
"category": "Payload delivery",
|
|
"comment": "Altera Nios II Samples",
|
|
"uuid": "35cca4c8-11f1-4b9f-8e23-eb0abb77b398"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--98ce3838-810e-49a0-a73c-2255aceb0b23",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:30.000Z",
|
|
"modified": "2019-04-09T14:53:30.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8ffd76166a1c5a3f2c5439716971e226' AND file:hashes.SHA1 = '7ea7c61fa70a0526e655ec9893e8df4889b981ee' AND file:hashes.SHA256 = '74a45ff17678e0bddf383b5229785dda04c515e778bc9421d9396168f1cf3c3d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--4304fa8d-bcc3-4596-b45b-92a1084f6e80",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:30.000Z",
|
|
"modified": "2019-04-09T14:53:30.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:44",
|
|
"category": "Other",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "3620a9c2-7335-412c-ae00-6fcd135422a9"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/74a45ff17678e0bddf383b5229785dda04c515e778bc9421d9396168f1cf3c3d/analysis/1554820724/",
|
|
"category": "Payload delivery",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "32b8a7c6-0078-4014-81d1-7927b3625296"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "21/57",
|
|
"category": "Payload delivery",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "62dc6312-cb75-47c1-8978-045a7e7342a9"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--8f46177b-5fad-4dff-bfe2-a64700c10f7a",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:30.000Z",
|
|
"modified": "2019-04-09T14:53:30.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'fadf704bcfc51bb5b124fe9ea46eec5c' AND file:hashes.SHA1 = '1ef3873cd6297568bc3670e86cc78c4ed877e4d9' AND file:hashes.SHA256 = '683b6f8209725ae0e715cda5a1cd35bcaacb5d45ae8e487c98dce2c01c91c887']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--6aa42e4d-4b31-4f21-a7c4-c7c2fb0a8c16",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:31.000Z",
|
|
"modified": "2019-04-09T14:53:31.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:43",
|
|
"category": "Other",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "4bdc2e50-a2a8-4867-9d1a-c98f9b552d5f"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/683b6f8209725ae0e715cda5a1cd35bcaacb5d45ae8e487c98dce2c01c91c887/analysis/1554820723/",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "c82397ad-5b64-4c0f-946a-ffc2b414e736"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "26/55",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "1435ff7f-0d6e-4e3a-a5a8-da17a7fb2a61"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--0a1c567d-90f2-4bc1-b0b8-0f863fbd1a96",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:31.000Z",
|
|
"modified": "2019-04-09T14:53:31.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ff4a49b6dce2d03f28fc8f7646139588' AND file:hashes.SHA1 = 'd3774ca0bf2817ffe1c3fb1781e7836e35488af2' AND file:hashes.SHA256 = 'a9dbcc2681d427f9820ca9c5ec120b9bf3e83c9856e89736884ee4dc26712e50']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--8d50aae1-1b2e-40ae-a3ca-c8f5280b0097",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:31.000Z",
|
|
"modified": "2019-04-09T14:53:31.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:47",
|
|
"category": "Other",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "c6c7b55e-5ee7-4eed-91f0-8722fc996422"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/a9dbcc2681d427f9820ca9c5ec120b9bf3e83c9856e89736884ee4dc26712e50/analysis/1554820727/",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "96c1f0bb-004f-4929-b0fb-917be0e536ff"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "22/57",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "02597b74-98de-4382-a76c-f40c701f0553"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--9aa1e457-864e-45d3-8efb-3f767f69c7fe",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:31.000Z",
|
|
"modified": "2019-04-09T14:53:31.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b34a5819d7f76c7c2b7402682be2afdf' AND file:hashes.SHA1 = '223f48a513ec2626941aa92c65f52083b088076c' AND file:hashes.SHA256 = '59b7a7baf4c239786fdf5ceca9084d829c6f6fc0603a524df313b2ef4958e4c2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--676eeeaa-4548-47d8-9cb3-d5c7d0662245",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:32.000Z",
|
|
"modified": "2019-04-09T14:53:32.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:41",
|
|
"category": "Other",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "32e3a138-d2a5-4e4b-9b33-27b4226f4b33"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/59b7a7baf4c239786fdf5ceca9084d829c6f6fc0603a524df313b2ef4958e4c2/analysis/1554820721/",
|
|
"category": "Payload delivery",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "dafa897e-1b70-48f5-a296-d397eb16bf0e"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "21/55",
|
|
"category": "Payload delivery",
|
|
"comment": "OpenRISC Samples",
|
|
"uuid": "bdd373da-922c-4555-b705-13554128a922"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ef45cc5-87ac-40c8-9769-90aeee950b48",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:32.000Z",
|
|
"modified": "2019-04-09T14:53:32.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'fff9efec911c46b6622632a235e21558' AND file:hashes.SHA1 = 'be257333bab3a8184fe4493fadac018ef6b5cf90' AND file:hashes.SHA256 = '0c35f2902d92ef4f46e4643d11c46bde57027bb14e2b75c027a50fe7efc4f358']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--3c601fd8-25f7-472c-aafb-61246bf050ab",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:32.000Z",
|
|
"modified": "2019-04-09T14:53:32.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:43",
|
|
"category": "Other",
|
|
"comment": "Altera Nios II Samples",
|
|
"uuid": "74ce3e66-df6d-4cc8-b6b3-2e24778b01f7"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/0c35f2902d92ef4f46e4643d11c46bde57027bb14e2b75c027a50fe7efc4f358/analysis/1554820723/",
|
|
"category": "Payload delivery",
|
|
"comment": "Altera Nios II Samples",
|
|
"uuid": "3a59df00-0a1f-4438-a214-c23a1b36d7a4"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "24/55",
|
|
"category": "Payload delivery",
|
|
"comment": "Altera Nios II Samples",
|
|
"uuid": "250bbb1e-1a82-4b4d-a38d-85bce8f41617"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--4bd0f4ab-1dd2-47c1-bc9e-cc984e224ed3",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:32.000Z",
|
|
"modified": "2019-04-09T14:53:32.000Z",
|
|
"pattern": "[file:hashes.MD5 = '7f706738b1442e0cb68b013f1fa173e4' AND file:hashes.SHA1 = 'dea50ca3b6ef8ac547c68f2e5ad973509cb915cc' AND file:hashes.SHA256 = '57cc6875ae0c571ef1edaae72d82b0da6e60331ad4b3ad34c922b9e4612b8779']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--a14d1157-bb64-44aa-9a5d-4b078c397453",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:32.000Z",
|
|
"modified": "2019-04-09T14:53:32.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:44",
|
|
"category": "Other",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "582998a9-3667-487f-ad32-d55e79eca81c"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/57cc6875ae0c571ef1edaae72d82b0da6e60331ad4b3ad34c922b9e4612b8779/analysis/1554820724/",
|
|
"category": "Payload delivery",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "41f5eb00-5b69-4d90-ba46-4fb83f3528fd"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "22/57",
|
|
"category": "Payload delivery",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "8bf83c58-3618-4778-aa56-15d9768b5b51"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--7265f4d8-423f-4089-b8bf-61154434bbec",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:32.000Z",
|
|
"modified": "2019-04-09T14:53:32.000Z",
|
|
"pattern": "[file:hashes.MD5 = '826969c4a4395e2ac077a47c0fad04bf' AND file:hashes.SHA1 = '00f9f12d5938af4274dc07a314d63bf079b0cf67' AND file:hashes.SHA256 = '4d8a4841a2f4a61ed6df2be79dd7ea1eb2052cee6eba4d8de30add7908ebb779']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--108baa35-aecc-436f-b100-d49c28ba513e",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:32.000Z",
|
|
"modified": "2019-04-09T14:53:32.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:43",
|
|
"category": "Other",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "7cad9684-a53e-4065-9a00-b3f4177f6b80"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/4d8a4841a2f4a61ed6df2be79dd7ea1eb2052cee6eba4d8de30add7908ebb779/analysis/1554820723/",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "814f5a53-613c-4790-89a3-c6e7ee40f2ad"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "20/56",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "a57a7942-c31f-435c-819e-14bf4bacf46a"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--48e16861-6796-4e02-88a7-79c2d7858609",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:32.000Z",
|
|
"modified": "2019-04-09T14:53:32.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd6530989b7697fbfeb52c7da02606ee6' AND file:hashes.SHA1 = '8473e66bfdd122b60b61bd2edcd97742a10e0543' AND file:hashes.SHA256 = 'c75b3c52c0f5eebfd4c44c3069a393e824d455c7405d57ee99fd7613b8211b31']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--0878ecdd-7b9e-44ad-b533-7a494082d77d",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:33.000Z",
|
|
"modified": "2019-04-09T14:53:33.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:46",
|
|
"category": "Other",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "bf12de8b-65d0-4cc4-9ab3-083e8622933e"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/c75b3c52c0f5eebfd4c44c3069a393e824d455c7405d57ee99fd7613b8211b31/analysis/1554820726/",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "4f23f90d-8c4c-46b2-807e-4ccb5f45e50f"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "27/59",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "b9a49c19-42d7-4105-9f29-b4f6f8eb77a2"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--2bc22de4-2a0d-4cb2-a9b3-eb4daec315b0",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:33.000Z",
|
|
"modified": "2019-04-09T14:53:33.000Z",
|
|
"pattern": "[file:hashes.MD5 = '7f4c596f95d86c5e1843090dd01bf5e3' AND file:hashes.SHA1 = '50762cbb68321234f92a261a7581c5ca3d4e8ce7' AND file:hashes.SHA256 = 'a457090fb6df8cb93c91ec6b5d89927f7a6f9e247389d945d44731351a367b4e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--9c207223-e112-4cf8-8ee7-6a1d559a8423",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:33.000Z",
|
|
"modified": "2019-04-09T14:53:33.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:46",
|
|
"category": "Other",
|
|
"comment": "Altera Nios II Samples",
|
|
"uuid": "5a53a2f4-e825-4a43-b172-b597240765e8"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/a457090fb6df8cb93c91ec6b5d89927f7a6f9e247389d945d44731351a367b4e/analysis/1554820726/",
|
|
"category": "Payload delivery",
|
|
"comment": "Altera Nios II Samples",
|
|
"uuid": "006b984c-d154-403a-a4fd-9ed8cd08be6e"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "24/56",
|
|
"category": "Payload delivery",
|
|
"comment": "Altera Nios II Samples",
|
|
"uuid": "e06e7085-4245-4dc0-8362-2751df2857bd"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--fa5e7f90-245b-4742-b7d0-2394fec51c85",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:33.000Z",
|
|
"modified": "2019-04-09T14:53:33.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0c44d70b35b4daaf693644c524c26752' AND file:hashes.SHA1 = '618f2cf0181747b7b851ce0aff7639f7e4fa63fb' AND file:hashes.SHA256 = '9b1eab0283fd6948a9a181abaa2f6b3c26f2b0077c8a8b32e763790dd64d2a22']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--73e039e4-7edb-4e20-a441-91746475ea90",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:33.000Z",
|
|
"modified": "2019-04-09T14:53:33.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:46",
|
|
"category": "Other",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "ad2e9b69-bddb-4e9a-8eac-c32c493b37c1"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/9b1eab0283fd6948a9a181abaa2f6b3c26f2b0077c8a8b32e763790dd64d2a22/analysis/1554820726/",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "65fd98a1-9315-4f58-ba58-41bd1aebc944"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "27/59",
|
|
"category": "Payload delivery",
|
|
"comment": "Xilinx MicroBlaze Samples",
|
|
"uuid": "8e59039d-fe6d-4be4-88fe-776945882804"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--03c14a71-6d63-4b20-a22d-f00e5edce6c0",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:33.000Z",
|
|
"modified": "2019-04-09T14:53:33.000Z",
|
|
"pattern": "[file:hashes.MD5 = '3435076494a390266c3c0075997061b3' AND file:hashes.SHA1 = '735eb8ae448bfcb2ffb3fc283d2aac68f687f356' AND file:hashes.SHA256 = 'fae498477388c53c8c623fd8ddb710cc286584200767907b104d55f916d37c05']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--6cfcd770-a39a-4100-aa77-114a93d0d742",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:34.000Z",
|
|
"modified": "2019-04-09T14:53:34.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:50",
|
|
"category": "Other",
|
|
"comment": "Altera Nios II Samples",
|
|
"uuid": "bb56ee61-aae8-4c6a-92c3-6bc930d16ab4"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/fae498477388c53c8c623fd8ddb710cc286584200767907b104d55f916d37c05/analysis/1554820730/",
|
|
"category": "Payload delivery",
|
|
"comment": "Altera Nios II Samples",
|
|
"uuid": "c81ac748-2a6b-46e9-adfd-983708fe503b"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "24/56",
|
|
"category": "Payload delivery",
|
|
"comment": "Altera Nios II Samples",
|
|
"uuid": "38e6b010-35c6-43a3-9241-64efcf5eb198"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--b4ff969b-0790-4864-a6aa-4ee7b041f432",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:34.000Z",
|
|
"modified": "2019-04-09T14:53:34.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c1c7a371b3c3693ce248acad48865731' AND file:hashes.SHA1 = '8eedefcfebe110030bcddf42c0ce3ee336fda624' AND file:hashes.SHA256 = '61893583675935ac7a4857542f13d513ffbb176b302a72d26d7ec39fd931decb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-04-09T14:53:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--c98512db-97ea-4c11-ad77-ac0cda300412",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-04-09T14:53:34.000Z",
|
|
"modified": "2019-04-09T14:53:34.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-09T14:38:42",
|
|
"category": "Other",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "f24c6a63-146f-48fe-bcdd-4fcbac87e608"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/61893583675935ac7a4857542f13d513ffbb176b302a72d26d7ec39fd931decb/analysis/1554820722/",
|
|
"category": "Payload delivery",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "b85ff7af-7a3f-4120-8a6c-94d97817ad51"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "22/57",
|
|
"category": "Payload delivery",
|
|
"comment": "Tensilica Xtensa Samples",
|
|
"uuid": "a8454d86-cb50-4e4a-8741-7b2a7e99d5de"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--512bcfa7-c9bb-43ba-a5db-ac8ae562981b",
|
|
"created": "2019-04-09T14:53:34.000Z",
|
|
"modified": "2019-04-09T14:53:34.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--4d6e3fee-7c21-49c4-ae5f-9cc8c2a51e0f",
|
|
"target_ref": "x-misp-object--3c8f723c-33a7-49c2-93ba-1e85d049c50c"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--aafda201-678d-4001-bfb1-e557f687c7fd",
|
|
"created": "2019-04-09T14:53:34.000Z",
|
|
"modified": "2019-04-09T14:53:34.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--f7d995da-6b74-46bd-a3bd-b216173f7ecd",
|
|
"target_ref": "x-misp-object--08d445db-073c-4725-b822-4dc12152dc6d"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--e2a2d5d3-519e-4573-bbec-8bb73198c70d",
|
|
"created": "2019-04-09T14:53:34.000Z",
|
|
"modified": "2019-04-09T14:53:34.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--30d18426-8b6c-4bd7-9dbe-fe48578c0858",
|
|
"target_ref": "x-misp-object--b65f158d-86b3-46ea-8e90-5aff73b83607"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--d063165c-6759-42ba-a82f-39d6ab23f02c",
|
|
"created": "2019-04-09T14:53:34.000Z",
|
|
"modified": "2019-04-09T14:53:34.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--b193159a-ffa2-487b-95c4-0d8243f8ad9c",
|
|
"target_ref": "x-misp-object--032474ca-6510-4dde-8ed2-b9da5050112e"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--bc55216c-24c9-4400-9cde-a1ad3f387c62",
|
|
"created": "2019-04-09T14:53:34.000Z",
|
|
"modified": "2019-04-09T14:53:34.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--71263d1f-4ce5-4dfd-8b98-22edc46918aa",
|
|
"target_ref": "x-misp-object--5d7e98f1-3719-4c81-9fa8-0e8c5d58cc7a"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--24c9fa3f-14f8-4587-9ccb-bad70a50c862",
|
|
"created": "2019-04-09T14:53:34.000Z",
|
|
"modified": "2019-04-09T14:53:34.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--f520e3f7-1da0-4457-8f67-3515a31174bc",
|
|
"target_ref": "x-misp-object--7fd6de13-43fb-46d7-a71c-3d7df2cb0667"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--9de54a49-0c01-4242-bf8a-443218e74e0b",
|
|
"created": "2019-04-09T14:53:34.000Z",
|
|
"modified": "2019-04-09T14:53:34.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--6a5f7378-218c-4ea3-a54d-c5767472ddb1",
|
|
"target_ref": "x-misp-object--b8d2d6ad-e5e3-42a5-b950-1046b821f68f"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--4b52c143-249a-44a8-8c83-c0f186309a98",
|
|
"created": "2019-04-09T14:53:35.000Z",
|
|
"modified": "2019-04-09T14:53:35.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--ccaa3b0c-b5e6-4536-9606-b56b08602015",
|
|
"target_ref": "x-misp-object--298cf9d4-5927-4a83-abf4-b195c0b926a7"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--3c2e0a74-7140-4c7d-9d77-7be6f369d645",
|
|
"created": "2019-04-09T14:53:35.000Z",
|
|
"modified": "2019-04-09T14:53:35.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--e431dfa4-ace9-4c86-8348-47f0c41d5424",
|
|
"target_ref": "x-misp-object--36cb190d-e9c4-4a68-a628-a79c96323f5a"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--956d73f0-eb89-45d6-8904-fd1ba8f4ef7a",
|
|
"created": "2019-04-09T14:53:35.000Z",
|
|
"modified": "2019-04-09T14:53:35.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--eaa5e596-0f6d-4ce1-aa4f-602720bd37ea",
|
|
"target_ref": "x-misp-object--fe27f62d-2cb0-4d56-a1ea-30eebcf27b8a"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--7a7c101c-b957-4c97-8d4a-ef48bf56abb9",
|
|
"created": "2019-04-09T14:53:35.000Z",
|
|
"modified": "2019-04-09T14:53:35.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--6d039067-955e-4e72-a631-e049cf35a77f",
|
|
"target_ref": "x-misp-object--5349f3ce-b5d8-47d3-b28a-f01f5ca628d8"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--e9247b6d-de78-4646-b709-4826e986e5ff",
|
|
"created": "2019-04-09T14:53:35.000Z",
|
|
"modified": "2019-04-09T14:53:35.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--906f4543-dd5e-40cb-83f5-6a30ad65a3bb",
|
|
"target_ref": "x-misp-object--57817aa5-8715-40b2-9f08-795fff3f197c"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--72e761a7-6c70-4b3f-bd8d-d545a93f20f9",
|
|
"created": "2019-04-09T14:53:35.000Z",
|
|
"modified": "2019-04-09T14:53:35.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--6e8a1137-4eeb-42f5-8b5b-30d6b8f325ef",
|
|
"target_ref": "x-misp-object--b002923b-f027-4427-a79e-2802833d564d"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--bd763070-288d-4aac-a559-c8f168128135",
|
|
"created": "2019-04-09T14:53:35.000Z",
|
|
"modified": "2019-04-09T14:53:35.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--ba07517c-15ac-49e5-b2b6-c6bcc1573288",
|
|
"target_ref": "x-misp-object--bd8d81c1-a0c1-46cc-b8e0-d6742f9b5bbb"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--5c557354-e380-4fb9-a6a3-e8520767269e",
|
|
"created": "2019-04-09T14:53:35.000Z",
|
|
"modified": "2019-04-09T14:53:35.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--6360d4f6-e24c-4cce-869a-24ccd7f9c129",
|
|
"target_ref": "x-misp-object--bc7587c2-e369-4c0c-b2d2-b05a4210bcf3"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--c6d0c2be-a171-4167-9d68-0ff6bce6f63f",
|
|
"created": "2019-04-09T14:53:35.000Z",
|
|
"modified": "2019-04-09T14:53:35.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--4416ae3a-0659-4f4e-bc6e-5cff3da3130d",
|
|
"target_ref": "x-misp-object--8bb6ab5a-d092-4bd3-8039-db1c1610653c"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--65550271-ac81-4e34-9978-e6c296e2c89f",
|
|
"created": "2019-04-09T14:53:35.000Z",
|
|
"modified": "2019-04-09T14:53:35.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--382a6691-5e36-4d86-b0d8-5a04e43342fc",
|
|
"target_ref": "x-misp-object--6ef3df89-54b3-4737-a303-bfd64e0ace0d"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--1598145c-89a5-44a8-ad6c-0aab78c6befe",
|
|
"created": "2019-04-09T14:53:35.000Z",
|
|
"modified": "2019-04-09T14:53:35.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--6216369c-87cb-453b-931f-83a18954a135",
|
|
"target_ref": "x-misp-object--4ec12cbe-898c-4ccc-8775-28e4e121d5db"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--4fa96f50-16cf-4f78-9413-5da43eee5c9f",
|
|
"created": "2019-04-09T14:53:35.000Z",
|
|
"modified": "2019-04-09T14:53:35.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--d8c1ba83-dbd0-4daa-9a16-4dc2465eab8a",
|
|
"target_ref": "x-misp-object--92650226-7b52-4e62-be35-e3127a417cf0"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--71d59337-47fc-4bc4-9b46-407553979c3d",
|
|
"created": "2019-04-09T14:53:35.000Z",
|
|
"modified": "2019-04-09T14:53:35.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--a4923d2f-c6ba-4228-883c-d93835435f9a",
|
|
"target_ref": "x-misp-object--4ab686a6-fb66-492d-9bb1-487d10f99d09"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--d963416c-91f4-4082-b9f3-78e8d70cbebf",
|
|
"created": "2019-04-09T14:53:35.000Z",
|
|
"modified": "2019-04-09T14:53:35.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--b7a2d065-ed7c-41c8-a2f9-e066c92afe89",
|
|
"target_ref": "x-misp-object--ba0f4453-12d4-492f-90d2-b61e08f8e2d4"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--b2a14cc4-1b50-4bd6-859b-f615440fc9c2",
|
|
"created": "2019-04-09T14:53:35.000Z",
|
|
"modified": "2019-04-09T14:53:35.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--b21504d6-8f09-420e-8dd4-4156c9fe6c4c",
|
|
"target_ref": "x-misp-object--02c8cf93-3806-4e09-a801-830a0db3abf6"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--dd6db69f-48a0-42c7-a8a5-87bfd56589db",
|
|
"created": "2019-04-09T14:53:35.000Z",
|
|
"modified": "2019-04-09T14:53:35.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--37d88da7-8284-4bc6-9a6f-2cd49c1971cd",
|
|
"target_ref": "x-misp-object--21b4521f-74e3-4b6d-90df-c30faad750de"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--101a536d-1940-41a3-99e0-4c6e69c998b2",
|
|
"created": "2019-04-09T14:53:36.000Z",
|
|
"modified": "2019-04-09T14:53:36.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--ceeb65b8-0b04-4166-b355-252b12391f98",
|
|
"target_ref": "x-misp-object--657d45df-b4ba-4dd2-8762-43a8fd4487bf"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--eea155b2-4b93-4660-9beb-58d17160b6f9",
|
|
"created": "2019-04-09T14:53:36.000Z",
|
|
"modified": "2019-04-09T14:53:36.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--98ce3838-810e-49a0-a73c-2255aceb0b23",
|
|
"target_ref": "x-misp-object--4304fa8d-bcc3-4596-b45b-92a1084f6e80"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--6d2cc2b5-dd79-4f63-9154-3989c13ca301",
|
|
"created": "2019-04-09T14:53:36.000Z",
|
|
"modified": "2019-04-09T14:53:36.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--8f46177b-5fad-4dff-bfe2-a64700c10f7a",
|
|
"target_ref": "x-misp-object--6aa42e4d-4b31-4f21-a7c4-c7c2fb0a8c16"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--f33136bc-da65-4f3a-865e-6759021798d2",
|
|
"created": "2019-04-09T14:53:36.000Z",
|
|
"modified": "2019-04-09T14:53:36.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--0a1c567d-90f2-4bc1-b0b8-0f863fbd1a96",
|
|
"target_ref": "x-misp-object--8d50aae1-1b2e-40ae-a3ca-c8f5280b0097"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--6d4fc511-adaf-4965-a86e-30e42962c999",
|
|
"created": "2019-04-09T14:53:36.000Z",
|
|
"modified": "2019-04-09T14:53:36.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--9aa1e457-864e-45d3-8efb-3f767f69c7fe",
|
|
"target_ref": "x-misp-object--676eeeaa-4548-47d8-9cb3-d5c7d0662245"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--5c466d02-0b9d-4310-b03c-1288977ea9bb",
|
|
"created": "2019-04-09T14:53:36.000Z",
|
|
"modified": "2019-04-09T14:53:36.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--5ef45cc5-87ac-40c8-9769-90aeee950b48",
|
|
"target_ref": "x-misp-object--3c601fd8-25f7-472c-aafb-61246bf050ab"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--3afe6c55-9fa5-49fc-88ca-6a89c4511c4a",
|
|
"created": "2019-04-09T14:53:36.000Z",
|
|
"modified": "2019-04-09T14:53:36.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--4bd0f4ab-1dd2-47c1-bc9e-cc984e224ed3",
|
|
"target_ref": "x-misp-object--a14d1157-bb64-44aa-9a5d-4b078c397453"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--5c111962-fc68-48eb-8e66-4b0ba67a68f2",
|
|
"created": "2019-04-09T14:53:36.000Z",
|
|
"modified": "2019-04-09T14:53:36.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--7265f4d8-423f-4089-b8bf-61154434bbec",
|
|
"target_ref": "x-misp-object--108baa35-aecc-436f-b100-d49c28ba513e"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--198650a4-310a-4040-8c53-d79723a50d47",
|
|
"created": "2019-04-09T14:53:36.000Z",
|
|
"modified": "2019-04-09T14:53:36.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--48e16861-6796-4e02-88a7-79c2d7858609",
|
|
"target_ref": "x-misp-object--0878ecdd-7b9e-44ad-b533-7a494082d77d"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--e3e00dc1-3f05-4fc7-8a11-242d70f712e6",
|
|
"created": "2019-04-09T14:53:36.000Z",
|
|
"modified": "2019-04-09T14:53:36.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--2bc22de4-2a0d-4cb2-a9b3-eb4daec315b0",
|
|
"target_ref": "x-misp-object--9c207223-e112-4cf8-8ee7-6a1d559a8423"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--4062e539-668b-42f8-8592-081ba23b413f",
|
|
"created": "2019-04-09T14:53:36.000Z",
|
|
"modified": "2019-04-09T14:53:36.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--fa5e7f90-245b-4742-b7d0-2394fec51c85",
|
|
"target_ref": "x-misp-object--73e039e4-7edb-4e20-a441-91746475ea90"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--c7bb5dc2-227c-47e8-a942-dc0f92235e50",
|
|
"created": "2019-04-09T14:53:36.000Z",
|
|
"modified": "2019-04-09T14:53:36.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--03c14a71-6d63-4b20-a22d-f00e5edce6c0",
|
|
"target_ref": "x-misp-object--6cfcd770-a39a-4100-aa77-114a93d0d742"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--c0d06b43-1c64-42b1-9eee-aa549faf1ed0",
|
|
"created": "2019-04-09T14:53:36.000Z",
|
|
"modified": "2019-04-09T14:53:36.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--b4ff969b-0790-4864-a6aa-4ee7b041f432",
|
|
"target_ref": "x-misp-object--c98512db-97ea-4c11-ad77-ac0cda300412"
|
|
},
|
|
{
|
|
"type": "marking-definition",
|
|
"spec_version": "2.1",
|
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
|
"created": "2017-01-20T00:00:00.000Z",
|
|
"definition_type": "tlp",
|
|
"name": "TLP:WHITE",
|
|
"definition": {
|
|
"tlp": "white"
|
|
}
|
|
}
|
|
]
|
|
} |