2064 lines
No EOL
96 KiB
JSON
2064 lines
No EOL
96 KiB
JSON
{
|
|
"type": "bundle",
|
|
"id": "bundle--5d10a039-8c58-42e1-b663-4f85950d210f",
|
|
"objects": [
|
|
{
|
|
"type": "identity",
|
|
"spec_version": "2.1",
|
|
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:07:53.000Z",
|
|
"modified": "2019-06-24T10:07:53.000Z",
|
|
"name": "CIRCL",
|
|
"identity_class": "organization"
|
|
},
|
|
{
|
|
"type": "report",
|
|
"spec_version": "2.1",
|
|
"id": "report--5d10a039-8c58-42e1-b663-4f85950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:07:53.000Z",
|
|
"modified": "2019-06-24T10:07:53.000Z",
|
|
"name": "Related malware samples",
|
|
"published": "2019-06-24T10:12:10Z",
|
|
"object_refs": [
|
|
"indicator--5d10a065-e758-45c5-8eea-be4f950d210f",
|
|
"indicator--5d10a065-cc98-4df4-9b90-be4f950d210f",
|
|
"indicator--5d10a065-933c-4b80-b3ba-be4f950d210f",
|
|
"indicator--5d10a065-a8e4-4824-aa3d-be4f950d210f",
|
|
"indicator--5d10a065-3468-416c-8e0c-be4f950d210f",
|
|
"indicator--5d10a065-1650-4efc-9404-be4f950d210f",
|
|
"indicator--5d10a065-82f8-4a57-a0a5-be4f950d210f",
|
|
"indicator--5d10a066-ec78-4ac0-a1ed-be4f950d210f",
|
|
"indicator--5d10a066-a648-495f-bdc7-be4f950d210f",
|
|
"indicator--5d10a066-1f30-4585-b9fd-be4f950d210f",
|
|
"indicator--5d10a066-8a58-47f6-9e3a-be4f950d210f",
|
|
"indicator--5d10a066-4750-4d8f-a53b-be4f950d210f",
|
|
"indicator--5d10a066-3dac-4f3a-935a-be4f950d210f",
|
|
"indicator--5d10a066-3960-4e07-bd00-be4f950d210f",
|
|
"indicator--5d10a066-f440-4456-ae4a-be4f950d210f",
|
|
"indicator--5d10a066-03bc-4379-bffb-be4f950d210f",
|
|
"indicator--5d10a066-7c74-4dfa-b8e7-be4f950d210f",
|
|
"indicator--5d10a066-3c4c-4b6e-8554-be4f950d210f",
|
|
"indicator--5d10a066-19f0-4d1e-8ad2-be4f950d210f",
|
|
"indicator--5d10a066-12cc-44bd-850b-be4f950d210f",
|
|
"indicator--67ed59a2-66f4-4c95-8b12-7679358cc061",
|
|
"x-misp-object--68ee7f9d-3892-4898-9f9a-27eb405ea646",
|
|
"indicator--6b7dc6c8-405a-491a-941e-0838ac468eb8",
|
|
"x-misp-object--27f8ac92-a4ae-40ae-8106-a2a1d3289cac",
|
|
"indicator--dc9a1181-16f6-4df6-ad77-b57aa97fb01b",
|
|
"x-misp-object--02f369b7-41f1-4700-87fb-dc09d8e8c079",
|
|
"indicator--7efa6bfe-0403-4c88-9574-51082d33ae16",
|
|
"x-misp-object--db7648f2-19ba-4594-9798-579a888aa535",
|
|
"indicator--90a41b1c-dd6f-4264-abc7-31372e4cb611",
|
|
"x-misp-object--3b0fc520-fc60-4042-a9c3-0ed308468809",
|
|
"indicator--c58b70f1-7199-48e2-9325-242b34f59df7",
|
|
"x-misp-object--2363af85-ce15-4491-98ef-b5109c7f9e3a",
|
|
"indicator--6c35f8b2-be3b-4ee0-86a4-44cadfe24502",
|
|
"x-misp-object--db7ffcf5-82f6-4062-9e71-117cfa5e11bf",
|
|
"indicator--a3d8ece6-076d-4e93-817c-e52f99d7bc91",
|
|
"x-misp-object--ae889334-b1e2-420a-a6f9-fa7b9cac3dd4",
|
|
"indicator--c65542a4-ff6d-4b6e-ac43-250a1934f1ca",
|
|
"x-misp-object--065b2da9-fbc7-437d-9f97-12708be65916",
|
|
"indicator--ca75b7ba-1603-4c52-8509-c0416e6a8d75",
|
|
"x-misp-object--52acc3e5-56f7-4a09-9b95-111eadc88a30",
|
|
"indicator--b7b34087-2523-4f90-834c-4c39d1f9fd80",
|
|
"x-misp-object--3fdf498f-9cf6-4d8a-9c33-3c8c79f978ac",
|
|
"indicator--c8c8015e-e4f3-4972-9e38-68844fc75b94",
|
|
"x-misp-object--33dd33ef-deb9-45a1-86ef-a95c874fe704",
|
|
"indicator--6c7582dd-51b6-4f33-b7c7-1d38cb37d2fd",
|
|
"x-misp-object--21605925-6731-40ca-839d-27014ce56478",
|
|
"indicator--fa65035d-0778-4816-b10f-b68db668549c",
|
|
"x-misp-object--74c01042-8a35-49a1-8d8f-3bf768d9ad88",
|
|
"indicator--1ce52f7f-f76b-421c-957d-461143d8f1db",
|
|
"x-misp-object--6306d01a-00de-483a-b6fb-b82582968cbd",
|
|
"indicator--ffe83192-dacd-4f72-a61b-b20d25900bf5",
|
|
"x-misp-object--cece1d62-a9ee-415c-b2d2-f336e70d73c8",
|
|
"indicator--c10ef3c3-4023-44e9-97bc-923cce79333f",
|
|
"x-misp-object--47d0ede0-654e-455f-88d8-a9437d6de5ee",
|
|
"indicator--88ff7349-f299-4e93-bbd6-e20983e8ed8e",
|
|
"x-misp-object--d91e91e4-1a4a-45f6-8711-5d1490d26630",
|
|
"indicator--f644c6a7-515d-4dfc-8680-17f45d376d0b",
|
|
"x-misp-object--81d23148-fa66-4de6-b534-ca97bc2763cd",
|
|
"indicator--ad82fd5d-18fa-41dc-9415-0c43b49f757d",
|
|
"x-misp-object--043507f2-5a95-46e8-ae78-ea3a943a5dc5",
|
|
"relationship--7a3bc6dd-681e-4682-b1bb-2e3b2bd1055f",
|
|
"relationship--14a93aff-8488-46d6-93a6-14fdcca34598",
|
|
"relationship--4ec5608f-a984-4fc8-acba-4c00ae54c676",
|
|
"relationship--c01ef570-db25-42bf-a4ee-598a833815e6",
|
|
"relationship--583398cd-eff1-4d6b-a192-266f8bcdc52d",
|
|
"relationship--76493eac-cf14-4d32-a434-ea1031f23b12",
|
|
"relationship--eeb19999-0ce6-4d1d-a19e-20e2a90990bb",
|
|
"relationship--5f313afa-f73c-4aee-b5dd-ae3091ef6e1a",
|
|
"relationship--e4abe958-7496-445a-a436-ba192a9c05db",
|
|
"relationship--e78813fd-4ca4-4c70-a86d-7c58931b302b",
|
|
"relationship--89a060d7-7284-4c43-a03a-b81c94699095",
|
|
"relationship--ab81409d-a683-48a8-b080-ef356dc5b5d4",
|
|
"relationship--cb6fbe94-23af-4037-aafd-c18d30828307",
|
|
"relationship--b2571e0d-2841-49c8-a074-85e2dcc265d3",
|
|
"relationship--4a346e1c-742a-49ec-ac63-c45be30ae429",
|
|
"relationship--9bd65a6c-d970-4779-b9bf-4e6ad5c2f144",
|
|
"relationship--f237c23d-45bf-4c52-a8dd-5a76e50c2af0",
|
|
"relationship--cc1f1ad8-1117-4552-b3fa-74f6a56ea5e3",
|
|
"relationship--62ff35b0-c4a0-4c17-8b58-997febf9fa89",
|
|
"relationship--9fd5b74a-fe22-4d6e-846d-5dffca6596e6"
|
|
],
|
|
"labels": [
|
|
"Threat-Report",
|
|
"misp:tool=\"MISP-STIX-Converter\"",
|
|
"type:OSINT",
|
|
"osint:lifetime=\"perpetual\"",
|
|
"osint:certainty=\"50\""
|
|
],
|
|
"object_marking_refs": [
|
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5d10a065-e758-45c5-8eea-be4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:05:25.000Z",
|
|
"modified": "2019-06-24T10:05:25.000Z",
|
|
"description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"pattern": "[file:hashes.SHA256 = '68119bdc5aabd1ff246318d16c70dc894bb7e13e72e1e754afc2d9ecdf66d602']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:05:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5d10a065-cc98-4df4-9b90-be4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:05:25.000Z",
|
|
"modified": "2019-06-24T10:05:25.000Z",
|
|
"description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"pattern": "[file:hashes.SHA256 = 'e82bc26207786dc9b539f51dc4040840cc33df962b7bcd0965eb9580cf3563eb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:05:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5d10a065-933c-4b80-b3ba-be4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:05:25.000Z",
|
|
"modified": "2019-06-24T10:05:25.000Z",
|
|
"description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"pattern": "[file:hashes.SHA256 = 'fee3b8f29ced54cd36da1c6263ec22739f1f545781485553d69769bae81452f1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:05:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5d10a065-a8e4-4824-aa3d-be4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:05:25.000Z",
|
|
"modified": "2019-06-24T10:05:25.000Z",
|
|
"description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"pattern": "[file:hashes.SHA256 = '20a4730fb7eb79a85b02dc8e2ef185f4f5b2e3b0c53ffeba65d77dace18f8596']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:05:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5d10a065-3468-416c-8e0c-be4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:05:25.000Z",
|
|
"modified": "2019-06-24T10:05:25.000Z",
|
|
"description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"pattern": "[file:hashes.SHA256 = '42746e8f39ac613d17ed3e66032a953d190495f9dfd3baff23b192e825c5330a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:05:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5d10a065-1650-4efc-9404-be4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:05:25.000Z",
|
|
"modified": "2019-06-24T10:05:25.000Z",
|
|
"description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"pattern": "[file:hashes.SHA256 = 'fd43d3f491eb73af2c4499f0e12e0dadb4134d6fa713972dcfd225958e53edae']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:05:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5d10a065-82f8-4a57-a0a5-be4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:05:25.000Z",
|
|
"modified": "2019-06-24T10:05:25.000Z",
|
|
"description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"pattern": "[file:hashes.SHA256 = 'c96ffb18c019301004ee5e0659ac76d040f845a5d1035f6fb52c07d452268080']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:05:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5d10a066-ec78-4ac0-a1ed-be4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:05:26.000Z",
|
|
"modified": "2019-06-24T10:05:26.000Z",
|
|
"description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"pattern": "[file:hashes.SHA256 = '2131fa07ecb0799ebdca4607133b688bdb6987deed9df117aa804483a900700a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:05:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5d10a066-a648-495f-bdc7-be4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:05:26.000Z",
|
|
"modified": "2019-06-24T10:05:26.000Z",
|
|
"description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"pattern": "[file:hashes.SHA256 = 'd539f4051bd555b5d365f873f3b5f42dd697217c2da20502a0319d5a2cbaf983']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:05:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5d10a066-1f30-4585-b9fd-be4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:05:26.000Z",
|
|
"modified": "2019-06-24T10:05:26.000Z",
|
|
"description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"pattern": "[file:hashes.SHA256 = '15f6fa49df4acd4eb81f6df4fe5a678eba322bb40c853bd55548110617b70ccb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:05:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5d10a066-8a58-47f6-9e3a-be4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:05:26.000Z",
|
|
"modified": "2019-06-24T10:05:26.000Z",
|
|
"description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"pattern": "[file:hashes.SHA256 = 'f3de0fd3a162cbc36086793450ee7fa163bda2afc987f151ffa7f2e76fed31ac']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:05:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5d10a066-4750-4d8f-a53b-be4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:05:26.000Z",
|
|
"modified": "2019-06-24T10:05:26.000Z",
|
|
"description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"pattern": "[file:hashes.SHA256 = 'd4e94cc61eada4217334b59d2a1530faa8aaeaf8eab87414d51e6f075ef0d650']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:05:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5d10a066-3dac-4f3a-935a-be4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:05:26.000Z",
|
|
"modified": "2019-06-24T10:05:26.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:05:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5d10a066-3960-4e07-bd00-be4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:05:26.000Z",
|
|
"modified": "2019-06-24T10:05:26.000Z",
|
|
"description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"pattern": "[file:hashes.SHA256 = '06ecc4e30d19a68948bd40f8fd2519a51e83e67d11267cc65888bf6b9688064e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:05:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5d10a066-f440-4456-ae4a-be4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:05:26.000Z",
|
|
"modified": "2019-06-24T10:05:26.000Z",
|
|
"description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"pattern": "[file:hashes.SHA256 = '5b0cbc9ffc804a87e657989eb8d4dbf0db2e9f838ee0c904e5b295ae0cd77cf0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:05:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5d10a066-03bc-4379-bffb-be4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:05:26.000Z",
|
|
"modified": "2019-06-24T10:05:26.000Z",
|
|
"description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"pattern": "[file:hashes.SHA256 = '74e135349aca525b39219e6260e371065f2d0da625cebf54cbc258e5fc89c2bb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:05:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5d10a066-7c74-4dfa-b8e7-be4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:05:26.000Z",
|
|
"modified": "2019-06-24T10:05:26.000Z",
|
|
"description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"pattern": "[file:hashes.SHA256 = '75238f0112ba8bdb192f7db0e3a8cdb937294d09d108713c3ac71e38d6aa282b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:05:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5d10a066-3c4c-4b6e-8554-be4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:05:26.000Z",
|
|
"modified": "2019-06-24T10:05:26.000Z",
|
|
"description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"pattern": "[file:hashes.SHA256 = 'f39ee72b2cd385cfb7bfdd10a7189c48c5f8dcdd06d52cb6067e9856b8fde8e4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:05:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5d10a066-19f0-4d1e-8ad2-be4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:05:26.000Z",
|
|
"modified": "2019-06-24T10:05:26.000Z",
|
|
"description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"pattern": "[file:hashes.SHA256 = 'c7bfe41bca92e8fb1e50e71c977d05e1f36cf69e05d83a6333562b98792aa4d8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:05:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5d10a066-12cc-44bd-850b-be4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:05:26.000Z",
|
|
"modified": "2019-06-24T10:05:26.000Z",
|
|
"description": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"pattern": "[file:hashes.SHA256 = 'b1f443b93048da15ce9c875c2d47cc098d4677f45d04baecfe19f7c0deea5230']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:05:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--67ed59a2-66f4-4c95-8b12-7679358cc061",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:21.000Z",
|
|
"modified": "2019-06-24T10:06:21.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ca6924653317bdce9630b9489b4bf2cd' AND file:hashes.SHA1 = '41fb47451bf90062554d943e46c5658c17fec0c4' AND file:hashes.SHA256 = 'd4e94cc61eada4217334b59d2a1530faa8aaeaf8eab87414d51e6f075ef0d650']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:06:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--68ee7f9d-3892-4898-9f9a-27eb405ea646",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:22.000Z",
|
|
"modified": "2019-06-24T10:06:22.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-06-24T05:12:11",
|
|
"category": "Other",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "2175b7c2-8d64-4b21-aff9-1aac433a7466"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/d4e94cc61eada4217334b59d2a1530faa8aaeaf8eab87414d51e6f075ef0d650/analysis/1561353131/",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "61210eca-a58d-46d7-8a3b-aca95eeb537e"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "14/71",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "f09efb6b-dd17-405b-8d5c-abdf89fd3e22"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--6b7dc6c8-405a-491a-941e-0838ac468eb8",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:22.000Z",
|
|
"modified": "2019-06-24T10:06:22.000Z",
|
|
"pattern": "[file:hashes.MD5 = '6af4f7d24b875d20966f5daff5fc531f' AND file:hashes.SHA1 = '99aff96b4a14c4ea03a62c73033db059d5b389d4' AND file:hashes.SHA256 = '15f6fa49df4acd4eb81f6df4fe5a678eba322bb40c853bd55548110617b70ccb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:06:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--27f8ac92-a4ae-40ae-8106-a2a1d3289cac",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:22.000Z",
|
|
"modified": "2019-06-24T10:06:22.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-28T23:00:04",
|
|
"category": "Other",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "076476b4-bdf6-47c1-a5d3-5e4606eb1a4c"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/15f6fa49df4acd4eb81f6df4fe5a678eba322bb40c853bd55548110617b70ccb/analysis/1556492404/",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "9547870d-47ea-40d8-ba0a-5edd03fdca6d"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/73",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "280f530d-5636-4cd7-8d41-c4fc77b07e56"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--dc9a1181-16f6-4df6-ad77-b57aa97fb01b",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:23.000Z",
|
|
"modified": "2019-06-24T10:06:23.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'f4f761d3bd528c62e654d6d781d52c15' AND file:hashes.SHA1 = 'c4238ff628940b8a6a043ceed83a1557cd8a672b' AND file:hashes.SHA256 = 'c96ffb18c019301004ee5e0659ac76d040f845a5d1035f6fb52c07d452268080']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:06:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--02f369b7-41f1-4700-87fb-dc09d8e8c079",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:23.000Z",
|
|
"modified": "2019-06-24T10:06:23.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-07T12:27:14",
|
|
"category": "Other",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "dfd170ae-4fc0-42d1-b107-7c72e4bc34f0"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/c96ffb18c019301004ee5e0659ac76d040f845a5d1035f6fb52c07d452268080/analysis/1520425634/",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "1450d2d2-ca82-4fcb-bc64-55845f1f63f0"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/68",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "4e0f19c4-7b1a-46d5-81d0-45192b3c5258"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--7efa6bfe-0403-4c88-9574-51082d33ae16",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:23.000Z",
|
|
"modified": "2019-06-24T10:06:23.000Z",
|
|
"pattern": "[file:hashes.MD5 = '9345fecf6526dd824c4554a965fd8ed0' AND file:hashes.SHA1 = 'b38f7ab840943d90886a11344ce5113405c57391' AND file:hashes.SHA256 = '5b0cbc9ffc804a87e657989eb8d4dbf0db2e9f838ee0c904e5b295ae0cd77cf0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:06:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--db7648f2-19ba-4594-9798-579a888aa535",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:24.000Z",
|
|
"modified": "2019-06-24T10:06:24.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-06-24T08:14:05",
|
|
"category": "Other",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "62dfe760-984e-4eb5-a5ff-b40f060b1640"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/5b0cbc9ffc804a87e657989eb8d4dbf0db2e9f838ee0c904e5b295ae0cd77cf0/analysis/1561364045/",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "aa2f957e-ddb4-4d0e-8ba6-4468225bf27c"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "16/70",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "ab245b26-f046-49b8-b0e8-bc9ae1130357"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--90a41b1c-dd6f-4264-abc7-31372e4cb611",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:24.000Z",
|
|
"modified": "2019-06-24T10:06:24.000Z",
|
|
"pattern": "[file:hashes.MD5 = '236b4c24d8c21081b2d4555c97caf81f' AND file:hashes.SHA1 = '77c3f37021e1389f7f37942c1ac739e3d59903e3' AND file:hashes.SHA256 = '42746e8f39ac613d17ed3e66032a953d190495f9dfd3baff23b192e825c5330a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:06:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--3b0fc520-fc60-4042-a9c3-0ed308468809",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:24.000Z",
|
|
"modified": "2019-06-24T10:06:24.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-01-28T17:27:08",
|
|
"category": "Other",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "971c0648-fcc4-41f3-abc9-ff1df83827ef"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/42746e8f39ac613d17ed3e66032a953d190495f9dfd3baff23b192e825c5330a/analysis/1517160428/",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "a58c70bc-5d01-4817-89ea-aea12d3be3a6"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/66",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "a8fce262-c9be-464b-8e1e-bb25b2956003"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--c58b70f1-7199-48e2-9325-242b34f59df7",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:25.000Z",
|
|
"modified": "2019-06-24T10:06:25.000Z",
|
|
"pattern": "[file:hashes.MD5 = '604ee583a7afcfe26850722702dcf71c' AND file:hashes.SHA1 = '4f94e277bb93dfa35b9aa9e7fe3fe506a60b2579' AND file:hashes.SHA256 = '74e135349aca525b39219e6260e371065f2d0da625cebf54cbc258e5fc89c2bb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:06:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--2363af85-ce15-4491-98ef-b5109c7f9e3a",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:25.000Z",
|
|
"modified": "2019-06-24T10:06:25.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-06-24T06:20:48",
|
|
"category": "Other",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "275d7278-b07d-4caa-ada8-7692e08208ab"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/74e135349aca525b39219e6260e371065f2d0da625cebf54cbc258e5fc89c2bb/analysis/1561357248/",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "d48a2b53-ba80-4d2f-90a4-9211dba387c4"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "15/68",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "4bd24e8b-cc6e-44af-93ed-6bba2a97926a"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--6c35f8b2-be3b-4ee0-86a4-44cadfe24502",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:25.000Z",
|
|
"modified": "2019-06-24T10:06:25.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b4abcaa84aa2b70b029d875179e89a52' AND file:hashes.SHA1 = 'cd5afa7d5fb1976267f7892f530c90898463267d' AND file:hashes.SHA256 = 'c7bfe41bca92e8fb1e50e71c977d05e1f36cf69e05d83a6333562b98792aa4d8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:06:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--db7ffcf5-82f6-4062-9e71-117cfa5e11bf",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:25.000Z",
|
|
"modified": "2019-06-24T10:06:25.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-04-27T11:37:47",
|
|
"category": "Other",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "55c7ea9a-022e-4858-a901-4ec28c62ed66"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/c7bfe41bca92e8fb1e50e71c977d05e1f36cf69e05d83a6333562b98792aa4d8/analysis/1556365067/",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "33e035a3-5323-40da-bdac-60c272341b93"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/72",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "9e4db766-f7f1-4a86-b359-8787fec3abec"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--a3d8ece6-076d-4e93-817c-e52f99d7bc91",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:26.000Z",
|
|
"modified": "2019-06-24T10:06:26.000Z",
|
|
"pattern": "[file:hashes.MD5 = '29e033f7c1617337d8cea7e9b799b73a' AND file:hashes.SHA1 = '26bb3217cbb55820aeb4a0b0769178646a96c7a8' AND file:hashes.SHA256 = 'e82bc26207786dc9b539f51dc4040840cc33df962b7bcd0965eb9580cf3563eb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:06:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--ae889334-b1e2-420a-a6f9-fa7b9cac3dd4",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:26.000Z",
|
|
"modified": "2019-06-24T10:06:26.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-02-19T04:21:00",
|
|
"category": "Other",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "8959fdf7-2fdd-401b-a528-34d7382063c9"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/e82bc26207786dc9b539f51dc4040840cc33df962b7bcd0965eb9580cf3563eb/analysis/1519014060/",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "0d396da5-90ec-4157-b5d3-65ac0dbbd59b"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/68",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "b24e2232-b534-45c9-a424-0120603d130a"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--c65542a4-ff6d-4b6e-ac43-250a1934f1ca",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:26.000Z",
|
|
"modified": "2019-06-24T10:06:26.000Z",
|
|
"pattern": "[file:hashes.MD5 = '3fa74cef2a744af4658a8a637079fdea' AND file:hashes.SHA1 = 'dabbca5b727e1778bcea0d0c7064ba0e582c8dc3' AND file:hashes.SHA256 = '06ecc4e30d19a68948bd40f8fd2519a51e83e67d11267cc65888bf6b9688064e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:06:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--065b2da9-fbc7-437d-9f97-12708be65916",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:26.000Z",
|
|
"modified": "2019-06-24T10:06:26.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-06-24T07:23:57",
|
|
"category": "Other",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "2ce98037-8e93-47c7-8ce0-d90847571b9c"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/06ecc4e30d19a68948bd40f8fd2519a51e83e67d11267cc65888bf6b9688064e/analysis/1561361037/",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "8a2245af-145f-4f8b-b0db-b637337c8f60"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "9/70",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "48b46bda-a8d6-4f5d-879b-c9dbae138dff"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--ca75b7ba-1603-4c52-8509-c0416e6a8d75",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:27.000Z",
|
|
"modified": "2019-06-24T10:06:27.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8989672db4d283f6c8e5b97eda426ef4' AND file:hashes.SHA1 = '7cae4abd0b632e822d3163bf62435e658cab76c4' AND file:hashes.SHA256 = 'c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:06:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--52acc3e5-56f7-4a09-9b95-111eadc88a30",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:27.000Z",
|
|
"modified": "2019-06-24T10:06:27.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-06-24T08:53:28",
|
|
"category": "Other",
|
|
"uuid": "42011254-d61b-4f92-9e90-b80437193e7e"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3/analysis/1561366408/",
|
|
"category": "Payload delivery",
|
|
"uuid": "1835e037-f81d-4163-a750-6bcc104b4b91"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "9/72",
|
|
"category": "Payload delivery",
|
|
"uuid": "8812b962-73d6-48da-be8a-657181a5aaba"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--b7b34087-2523-4f90-834c-4c39d1f9fd80",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:27.000Z",
|
|
"modified": "2019-06-24T10:06:27.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'daf9990d0087f355bd48691d7aa7fec2' AND file:hashes.SHA1 = '42663d524bc1d0e061544a7d441708f632cc5b0b' AND file:hashes.SHA256 = 'fd43d3f491eb73af2c4499f0e12e0dadb4134d6fa713972dcfd225958e53edae']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:06:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--3fdf498f-9cf6-4d8a-9c33-3c8c79f978ac",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:27.000Z",
|
|
"modified": "2019-06-24T10:06:27.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-01-31T13:31:28",
|
|
"category": "Other",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "dd981624-faca-4657-86b9-ea74065a9534"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/fd43d3f491eb73af2c4499f0e12e0dadb4134d6fa713972dcfd225958e53edae/analysis/1548941488/",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "d36e55a7-e915-4592-a1f6-b12f80d964ca"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/71",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "43784ef4-34c5-4325-b1f8-be94f3324b99"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--c8c8015e-e4f3-4972-9e38-68844fc75b94",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:28.000Z",
|
|
"modified": "2019-06-24T10:06:28.000Z",
|
|
"pattern": "[file:hashes.MD5 = '785a43c266110a23eeda98d025ee8355' AND file:hashes.SHA1 = 'e361ccf82aeacc043b6b96a4d9bff52e2faabce8' AND file:hashes.SHA256 = '2131fa07ecb0799ebdca4607133b688bdb6987deed9df117aa804483a900700a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:06:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--33dd33ef-deb9-45a1-86ef-a95c874fe704",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:28.000Z",
|
|
"modified": "2019-06-24T10:06:28.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-06-18T23:15:53",
|
|
"category": "Other",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "cf38cd9c-89f6-47d2-9656-884640682d9b"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/2131fa07ecb0799ebdca4607133b688bdb6987deed9df117aa804483a900700a/analysis/1560899753/",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "dd0cbb07-4ab3-4c9a-a69d-2ddd63446f33"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/70",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "b026bd6c-d16b-4765-bf2a-f1b2ddd0c436"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--6c7582dd-51b6-4f33-b7c7-1d38cb37d2fd",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:29.000Z",
|
|
"modified": "2019-06-24T10:06:29.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'e51f59de0ec12c91bfc0781c19b56d46' AND file:hashes.SHA1 = '0599bcee54874f5549c9ec322ce39958fc940cf6' AND file:hashes.SHA256 = 'f39ee72b2cd385cfb7bfdd10a7189c48c5f8dcdd06d52cb6067e9856b8fde8e4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:06:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--21605925-6731-40ca-839d-27014ce56478",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:29.000Z",
|
|
"modified": "2019-06-24T10:06:29.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-06-24T06:02:33",
|
|
"category": "Other",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "e0cd214b-b04b-4df9-84e1-8456e27ae039"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/f39ee72b2cd385cfb7bfdd10a7189c48c5f8dcdd06d52cb6067e9856b8fde8e4/analysis/1561356153/",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "c99de52c-6122-4026-9416-4599a493ae3d"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "18/69",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "4d61cfce-0b8a-4d19-a2c4-1c82908fd964"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--fa65035d-0778-4816-b10f-b68db668549c",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:29.000Z",
|
|
"modified": "2019-06-24T10:06:29.000Z",
|
|
"pattern": "[file:hashes.MD5 = '75c404a2f5ec2bc7fa97609d6f3cd79d' AND file:hashes.SHA1 = '111041a42ec79e4c585ad21266a0d0642f892017' AND file:hashes.SHA256 = '75238f0112ba8bdb192f7db0e3a8cdb937294d09d108713c3ac71e38d6aa282b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:06:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--74c01042-8a35-49a1-8d8f-3bf768d9ad88",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:29.000Z",
|
|
"modified": "2019-06-24T10:06:29.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-06-24T07:33:28",
|
|
"category": "Other",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "7cf1c4ba-f81d-471b-b6e1-d2ebb5b74820"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/75238f0112ba8bdb192f7db0e3a8cdb937294d09d108713c3ac71e38d6aa282b/analysis/1561361608/",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "30bb1459-9ebd-4deb-8245-4a73daef88e4"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "15/70",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "5c81c225-7d7c-4fbb-912e-8bff50a2773e"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--1ce52f7f-f76b-421c-957d-461143d8f1db",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:29.000Z",
|
|
"modified": "2019-06-24T10:06:29.000Z",
|
|
"pattern": "[file:hashes.MD5 = '469012ef3f2f35bcdbd0b72e8cffa0a0' AND file:hashes.SHA1 = '4d983189d089865b14a7870d59a761bc352afd7e' AND file:hashes.SHA256 = '20a4730fb7eb79a85b02dc8e2ef185f4f5b2e3b0c53ffeba65d77dace18f8596']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:06:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--6306d01a-00de-483a-b6fb-b82582968cbd",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:30.000Z",
|
|
"modified": "2019-06-24T10:06:30.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-28T13:26:47",
|
|
"category": "Other",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "49f7b085-7537-486a-91c9-7424b5aec7b2"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/20a4730fb7eb79a85b02dc8e2ef185f4f5b2e3b0c53ffeba65d77dace18f8596/analysis/1522243607/",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "39e8d20b-60c9-4372-af38-9eb6fbadef38"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "1/58",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "a274d2ce-f7cb-4e03-ae3e-01a11b934d98"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--ffe83192-dacd-4f72-a61b-b20d25900bf5",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:30.000Z",
|
|
"modified": "2019-06-24T10:06:30.000Z",
|
|
"pattern": "[file:hashes.MD5 = '810758799934c8a3b6560e572beb303b' AND file:hashes.SHA1 = 'e1d16422934f30f35427acd7b044537d01c5392f' AND file:hashes.SHA256 = 'fee3b8f29ced54cd36da1c6263ec22739f1f545781485553d69769bae81452f1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:06:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--cece1d62-a9ee-415c-b2d2-f336e70d73c8",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:30.000Z",
|
|
"modified": "2019-06-24T10:06:30.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-12-24T02:49:43",
|
|
"category": "Other",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "c79f56f3-fd19-4ee0-87c9-deda5bfbd0a3"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/fee3b8f29ced54cd36da1c6263ec22739f1f545781485553d69769bae81452f1/analysis/1545619783/",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "03efdde6-41a1-430a-a188-c9f6e4e2074f"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "1/71",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "c612000d-f886-4fb5-9b38-6f65356b010f"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--c10ef3c3-4023-44e9-97bc-923cce79333f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:30.000Z",
|
|
"modified": "2019-06-24T10:06:30.000Z",
|
|
"pattern": "[file:hashes.MD5 = '047ea9967c5a424401e2363a00420b9c' AND file:hashes.SHA1 = '7b69ccfa700fab951c964a2b58e37245a0c8185e' AND file:hashes.SHA256 = 'b1f443b93048da15ce9c875c2d47cc098d4677f45d04baecfe19f7c0deea5230']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:06:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--47d0ede0-654e-455f-88d8-a9437d6de5ee",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:31.000Z",
|
|
"modified": "2019-06-24T10:06:31.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-06-24T01:45:48",
|
|
"category": "Other",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "7ba9b985-86bd-4a6e-a487-7e63c7a796dc"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/b1f443b93048da15ce9c875c2d47cc098d4677f45d04baecfe19f7c0deea5230/analysis/1561340748/",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "0eb9a820-da56-4eae-8107-aa57874b34ed"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "10/67",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "69d3c2ec-4045-48ee-b2e8-f1f29fe44543"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--88ff7349-f299-4e93-bbd6-e20983e8ed8e",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:31.000Z",
|
|
"modified": "2019-06-24T10:06:31.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'fa0cb1b4b7ccf8b8103961bbb3389799' AND file:hashes.SHA1 = '9434b5c1961f80fb309686f055cf5a6fca33e584' AND file:hashes.SHA256 = 'f3de0fd3a162cbc36086793450ee7fa163bda2afc987f151ffa7f2e76fed31ac']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:06:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--d91e91e4-1a4a-45f6-8711-5d1490d26630",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:32.000Z",
|
|
"modified": "2019-06-24T10:06:32.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-06-24T05:12:05",
|
|
"category": "Other",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "a090ceea-b605-4cc3-9c8c-27437e17c6f3"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/f3de0fd3a162cbc36086793450ee7fa163bda2afc987f151ffa7f2e76fed31ac/analysis/1561353125/",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "892baa9d-d0ba-4a2e-9da4-078533e365fe"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "17/71",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "6e17e7c2-db13-4da4-a44e-1398a232bc83"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--f644c6a7-515d-4dfc-8680-17f45d376d0b",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:32.000Z",
|
|
"modified": "2019-06-24T10:06:32.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c756e930fe90463d8cc05eeb791b7003' AND file:hashes.SHA1 = 'bd1ccc005b794e8e009c347837bb2d520de222fa' AND file:hashes.SHA256 = '68119bdc5aabd1ff246318d16c70dc894bb7e13e72e1e754afc2d9ecdf66d602']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:06:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--81d23148-fa66-4de6-b534-ca97bc2763cd",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:32.000Z",
|
|
"modified": "2019-06-24T10:06:32.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2019-06-24T09:11:31",
|
|
"category": "Other",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "21b67394-c1d9-4e0e-bf9e-2ea93014d08e"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/68119bdc5aabd1ff246318d16c70dc894bb7e13e72e1e754afc2d9ecdf66d602/analysis/1561367491/",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "d5e34d6b-e6c9-419b-9be6-fd4d6a4f51a7"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "14/69",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "2b4942ef-85a4-402d-bf1c-a7cebf289d06"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--ad82fd5d-18fa-41dc-9415-0c43b49f757d",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:32.000Z",
|
|
"modified": "2019-06-24T10:06:32.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b9fbb85b713a6a9df88592fb0a66cf20' AND file:hashes.SHA1 = '5773cd6c7300a18e3b2e60531f9033ad7a047563' AND file:hashes.SHA256 = 'd539f4051bd555b5d365f873f3b5f42dd697217c2da20502a0319d5a2cbaf983']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2019-06-24T10:06:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--043507f2-5a95-46e8-ae78-ea3a943a5dc5",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2019-06-24T10:06:33.000Z",
|
|
"modified": "2019-06-24T10:06:33.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-03T05:33:38",
|
|
"category": "Other",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "4c906868-98d4-40b8-8213-f3754a672419"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/d539f4051bd555b5d365f873f3b5f42dd697217c2da20502a0319d5a2cbaf983/analysis/1520055218/",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "6fd2097c-6a87-4a21-a372-a4678498ee64"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/68",
|
|
"category": "Payload delivery",
|
|
"comment": "Expanded from c6b68af5a397b24d5573bbcbb6abd8ffe45550e428f2649e7ce99f6ae15148d3 (VT Similar files)",
|
|
"uuid": "a6b829f7-6716-4ad9-8b6e-cff5973d7206"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--7a3bc6dd-681e-4682-b1bb-2e3b2bd1055f",
|
|
"created": "2019-06-24T10:06:33.000Z",
|
|
"modified": "2019-06-24T10:06:33.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--67ed59a2-66f4-4c95-8b12-7679358cc061",
|
|
"target_ref": "x-misp-object--68ee7f9d-3892-4898-9f9a-27eb405ea646"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--14a93aff-8488-46d6-93a6-14fdcca34598",
|
|
"created": "2019-06-24T10:06:33.000Z",
|
|
"modified": "2019-06-24T10:06:33.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--6b7dc6c8-405a-491a-941e-0838ac468eb8",
|
|
"target_ref": "x-misp-object--27f8ac92-a4ae-40ae-8106-a2a1d3289cac"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--4ec5608f-a984-4fc8-acba-4c00ae54c676",
|
|
"created": "2019-06-24T10:06:33.000Z",
|
|
"modified": "2019-06-24T10:06:33.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--dc9a1181-16f6-4df6-ad77-b57aa97fb01b",
|
|
"target_ref": "x-misp-object--02f369b7-41f1-4700-87fb-dc09d8e8c079"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--c01ef570-db25-42bf-a4ee-598a833815e6",
|
|
"created": "2019-06-24T10:06:33.000Z",
|
|
"modified": "2019-06-24T10:06:33.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--7efa6bfe-0403-4c88-9574-51082d33ae16",
|
|
"target_ref": "x-misp-object--db7648f2-19ba-4594-9798-579a888aa535"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--583398cd-eff1-4d6b-a192-266f8bcdc52d",
|
|
"created": "2019-06-24T10:06:34.000Z",
|
|
"modified": "2019-06-24T10:06:34.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--90a41b1c-dd6f-4264-abc7-31372e4cb611",
|
|
"target_ref": "x-misp-object--3b0fc520-fc60-4042-a9c3-0ed308468809"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--76493eac-cf14-4d32-a434-ea1031f23b12",
|
|
"created": "2019-06-24T10:06:34.000Z",
|
|
"modified": "2019-06-24T10:06:34.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--c58b70f1-7199-48e2-9325-242b34f59df7",
|
|
"target_ref": "x-misp-object--2363af85-ce15-4491-98ef-b5109c7f9e3a"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--eeb19999-0ce6-4d1d-a19e-20e2a90990bb",
|
|
"created": "2019-06-24T10:06:34.000Z",
|
|
"modified": "2019-06-24T10:06:34.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--6c35f8b2-be3b-4ee0-86a4-44cadfe24502",
|
|
"target_ref": "x-misp-object--db7ffcf5-82f6-4062-9e71-117cfa5e11bf"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--5f313afa-f73c-4aee-b5dd-ae3091ef6e1a",
|
|
"created": "2019-06-24T10:06:34.000Z",
|
|
"modified": "2019-06-24T10:06:34.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--a3d8ece6-076d-4e93-817c-e52f99d7bc91",
|
|
"target_ref": "x-misp-object--ae889334-b1e2-420a-a6f9-fa7b9cac3dd4"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--e4abe958-7496-445a-a436-ba192a9c05db",
|
|
"created": "2019-06-24T10:06:34.000Z",
|
|
"modified": "2019-06-24T10:06:34.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--c65542a4-ff6d-4b6e-ac43-250a1934f1ca",
|
|
"target_ref": "x-misp-object--065b2da9-fbc7-437d-9f97-12708be65916"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--e78813fd-4ca4-4c70-a86d-7c58931b302b",
|
|
"created": "2019-06-24T10:06:34.000Z",
|
|
"modified": "2019-06-24T10:06:34.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--ca75b7ba-1603-4c52-8509-c0416e6a8d75",
|
|
"target_ref": "x-misp-object--52acc3e5-56f7-4a09-9b95-111eadc88a30"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--89a060d7-7284-4c43-a03a-b81c94699095",
|
|
"created": "2019-06-24T10:06:34.000Z",
|
|
"modified": "2019-06-24T10:06:34.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--b7b34087-2523-4f90-834c-4c39d1f9fd80",
|
|
"target_ref": "x-misp-object--3fdf498f-9cf6-4d8a-9c33-3c8c79f978ac"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--ab81409d-a683-48a8-b080-ef356dc5b5d4",
|
|
"created": "2019-06-24T10:06:34.000Z",
|
|
"modified": "2019-06-24T10:06:34.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--c8c8015e-e4f3-4972-9e38-68844fc75b94",
|
|
"target_ref": "x-misp-object--33dd33ef-deb9-45a1-86ef-a95c874fe704"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--cb6fbe94-23af-4037-aafd-c18d30828307",
|
|
"created": "2019-06-24T10:06:34.000Z",
|
|
"modified": "2019-06-24T10:06:34.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--6c7582dd-51b6-4f33-b7c7-1d38cb37d2fd",
|
|
"target_ref": "x-misp-object--21605925-6731-40ca-839d-27014ce56478"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--b2571e0d-2841-49c8-a074-85e2dcc265d3",
|
|
"created": "2019-06-24T10:06:34.000Z",
|
|
"modified": "2019-06-24T10:06:34.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--fa65035d-0778-4816-b10f-b68db668549c",
|
|
"target_ref": "x-misp-object--74c01042-8a35-49a1-8d8f-3bf768d9ad88"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--4a346e1c-742a-49ec-ac63-c45be30ae429",
|
|
"created": "2019-06-24T10:06:34.000Z",
|
|
"modified": "2019-06-24T10:06:34.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--1ce52f7f-f76b-421c-957d-461143d8f1db",
|
|
"target_ref": "x-misp-object--6306d01a-00de-483a-b6fb-b82582968cbd"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--9bd65a6c-d970-4779-b9bf-4e6ad5c2f144",
|
|
"created": "2019-06-24T10:06:34.000Z",
|
|
"modified": "2019-06-24T10:06:34.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--ffe83192-dacd-4f72-a61b-b20d25900bf5",
|
|
"target_ref": "x-misp-object--cece1d62-a9ee-415c-b2d2-f336e70d73c8"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--f237c23d-45bf-4c52-a8dd-5a76e50c2af0",
|
|
"created": "2019-06-24T10:06:35.000Z",
|
|
"modified": "2019-06-24T10:06:35.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--c10ef3c3-4023-44e9-97bc-923cce79333f",
|
|
"target_ref": "x-misp-object--47d0ede0-654e-455f-88d8-a9437d6de5ee"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--cc1f1ad8-1117-4552-b3fa-74f6a56ea5e3",
|
|
"created": "2019-06-24T10:06:35.000Z",
|
|
"modified": "2019-06-24T10:06:35.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--88ff7349-f299-4e93-bbd6-e20983e8ed8e",
|
|
"target_ref": "x-misp-object--d91e91e4-1a4a-45f6-8711-5d1490d26630"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--62ff35b0-c4a0-4c17-8b58-997febf9fa89",
|
|
"created": "2019-06-24T10:06:35.000Z",
|
|
"modified": "2019-06-24T10:06:35.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--f644c6a7-515d-4dfc-8680-17f45d376d0b",
|
|
"target_ref": "x-misp-object--81d23148-fa66-4de6-b534-ca97bc2763cd"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--9fd5b74a-fe22-4d6e-846d-5dffca6596e6",
|
|
"created": "2019-06-24T10:06:35.000Z",
|
|
"modified": "2019-06-24T10:06:35.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--ad82fd5d-18fa-41dc-9415-0c43b49f757d",
|
|
"target_ref": "x-misp-object--043507f2-5a95-46e8-ae78-ea3a943a5dc5"
|
|
},
|
|
{
|
|
"type": "marking-definition",
|
|
"spec_version": "2.1",
|
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
|
"created": "2017-01-20T00:00:00.000Z",
|
|
"definition_type": "tlp",
|
|
"name": "TLP:WHITE",
|
|
"definition": {
|
|
"tlp": "white"
|
|
}
|
|
}
|
|
]
|
|
} |