misp-circl-feed/feeds/circl/misp/5d498330-f574-4889-bcc9-c53c950d210f.json

5791 lines
No EOL
248 KiB
JSON

{
"type": "bundle",
"id": "bundle--5d498330-f574-4889-bcc9-c53c950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:35:08.000Z",
"modified": "2019-08-23T09:35:08.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5d498330-f574-4889-bcc9-c53c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:35:08.000Z",
"modified": "2019-08-23T09:35:08.000Z",
"name": "OSINT - Sharpening the Machete",
"published": "2019-08-23T09:35:22Z",
"object_refs": [
"observed-data--5d49833d-2ac8-489d-a0bb-4535950d210f",
"url--5d49833d-2ac8-489d-a0bb-4535950d210f",
"observed-data--5d4988ee-55fc-4a68-813f-44d4950d210f",
"url--5d4988ee-55fc-4a68-813f-44d4950d210f",
"indicator--5d517330-22ac-4be8-93c4-49c9950d210f",
"indicator--5d517330-1658-4540-a753-46e0950d210f",
"indicator--5d517330-bd80-44e7-91bc-438c950d210f",
"indicator--5d517330-9d60-41b3-8436-4e39950d210f",
"indicator--5d517330-25f8-447c-93fc-4b86950d210f",
"indicator--5d517330-59a8-4798-9b8f-419d950d210f",
"indicator--5d517331-6070-446d-a363-4ddf950d210f",
"indicator--5d517331-ae34-454b-b2fe-4dec950d210f",
"indicator--5d517331-4b84-4341-afd9-41a6950d210f",
"indicator--5d517331-4108-4e33-a7ac-42d2950d210f",
"indicator--5d517331-c47c-413c-8047-497e950d210f",
"indicator--5d517331-e328-4744-8529-4088950d210f",
"indicator--5d517331-d6dc-4648-9b62-4404950d210f",
"indicator--5d51737a-b680-46c6-9b58-4ff0950d210f",
"indicator--5d51737b-39c8-46cc-87bb-4342950d210f",
"indicator--5d51737b-c5d4-42e3-9991-43ca950d210f",
"indicator--5d51737b-d2ec-4a93-9e4a-4623950d210f",
"indicator--5d51737b-cb90-492c-bc50-49da950d210f",
"indicator--5d51737b-e68c-4cf8-8484-4c8f950d210f",
"x-misp-attribute--5d52631c-1110-4600-a024-d9c8950d210f",
"indicator--8a692de1-9181-4a14-b03b-33eff84dd2dd",
"indicator--33584ba5-ffb6-4b6d-a583-2ed8be8b13a8",
"indicator--b1fe24c7-e0d6-4ad6-bded-71e94646e1de",
"indicator--a438f26a-8ac2-48fa-92db-eeabe8bf2ea1",
"indicator--0c8e9a07-b77f-4d99-88bc-90e01491881d",
"indicator--ea7d0d1f-8fa6-4e26-9d70-ff1ad56265af",
"indicator--04a81d9f-75c8-44eb-8775-7938c5303ab2",
"indicator--dba87e0c-17e3-43c0-af22-6f6a55bda3e0",
"indicator--dd47f065-a663-4fbb-ad78-66fb372704ca",
"indicator--6c19c316-14d6-469a-a122-f2b13c21cc8e",
"indicator--4f751950-e0d0-400a-90e0-bbab853a48dd",
"indicator--191b4c43-86e6-402b-a206-44cbc16f8ffa",
"indicator--7acd2cf2-c80b-4dbf-850d-7168fe00298c",
"indicator--957251b4-6f97-4058-97b4-a70ed80ac6e6",
"indicator--3c0badfe-f235-436e-aad3-c91be69b2ec5",
"indicator--fe11a26b-5e51-4278-8527-77a9757e2c8d",
"indicator--c7c69120-a89c-4b14-8a38-36acd6488961",
"indicator--f708b2e6-8236-4b45-8180-28f20c5cb105",
"indicator--45b5ad6f-62d6-43e1-865e-f815a37fa34f",
"indicator--a9f76724-fbcc-43a9-aad4-6737bb8a9ece",
"indicator--0754c7c6-7a21-4a8a-be8d-32fa887c756b",
"indicator--c51b58e9-416e-43d5-9ef0-651536573149",
"indicator--a4be316a-1342-490b-935d-3cb667a02ad6",
"indicator--588bbb6f-9390-42d4-9839-3b595d31de69",
"indicator--962c51b9-615d-454d-8977-a22a1f583868",
"indicator--87939249-448c-4cb5-bf42-596cb88cb9ee",
"indicator--aee6c86f-91c9-4ed9-8a11-841fa8d848d3",
"indicator--ddb03882-2048-41c3-bb11-8dff8b9aa4ac",
"indicator--b7167cb2-4240-43fe-8821-80897f4087b3",
"indicator--05e6b2ff-953c-4841-bd39-8ad0c2e69e65",
"indicator--d04d25ce-44a8-45dc-b7ed-a0d85596a811",
"indicator--aee23dbf-5457-415c-9594-4133bf65ea0c",
"indicator--4bee8233-b6ac-45c5-881d-10c15a37a780",
"indicator--579ad8ab-1805-4eee-aa81-d0ad072ec3a8",
"indicator--68862694-1745-4e74-b07d-61b8137c6bbf",
"indicator--0f47af76-83e0-4020-b5a3-68754f9ef4af",
"indicator--39e99e19-f532-45f5-8224-c934bde72c32",
"indicator--6a2f26f5-deda-419e-bbfe-a330c3758928",
"indicator--cc82fda6-bc09-40fd-848a-45d0db504746",
"indicator--9830f7a9-07cc-49f8-8d97-dd0c94ba75d3",
"indicator--cba4d0e1-654f-4a15-81a0-e2c9945e97bb",
"indicator--a62cf322-51d8-4052-a4d6-9ce43578c2f5",
"indicator--8836295d-7d9e-4d50-a08b-b95b25c8b3c5",
"indicator--bc5d7cb4-8876-4e95-9dcd-e3a71c95396d",
"indicator--b7706f37-e171-41a3-bc49-3fde53dc498f",
"indicator--a8fe9e04-bb0d-4131-9ad6-018ec7a0ca99",
"indicator--434f775b-b36c-4fb2-8007-4e7b2e7aff88",
"indicator--dfa37ef0-abf3-46cd-88c0-a071db75f2c8",
"indicator--e03bb791-42ae-4009-83a4-15fdb9e4a56a",
"indicator--68b09380-602b-460c-b512-affb7278bf17",
"indicator--003e685d-79fb-4e9d-aa32-aae946e9c2f2",
"indicator--8a3219fe-e008-4649-9f69-ec729c23436d",
"indicator--12aea0bf-6d93-421b-a3bb-66bf707580e4",
"indicator--1970c2a4-9c10-4a8e-8d37-2e7df057cba7",
"indicator--244d330e-4a9a-42a4-a98b-c324916fc138",
"indicator--e9d12a70-06f1-46d0-b97c-3e2f8b93a3bc",
"indicator--5a90220f-2373-49bc-be7c-5b5d4734e51a",
"indicator--b3b62b88-c1f6-4f7d-9a09-1df9e947bc61",
"indicator--05981ed3-609f-46bb-b71a-df778d89535d",
"indicator--cceb870e-4117-48e0-8ce1-e1c440250917",
"indicator--93e52ad7-7f4c-47a5-99ae-8a4e6e567ec3",
"indicator--638b2381-d20d-42a0-a652-375b1fa87686",
"indicator--708dab6c-4d36-43f7-aeca-4e26adb0bb16",
"indicator--d6490a36-18cb-460b-b2b5-9a7619606148",
"indicator--b3e77c71-4406-4b96-b6e0-13ed5e4e30f4",
"indicator--90b99f0c-945a-46c6-9b0c-039cdab1dbed",
"indicator--13f08889-deee-4943-b161-0187ef57d7e1",
"indicator--c366394b-76d5-4c9b-a560-081a5370446b",
"indicator--1a9b7f44-10e5-471c-8489-09d7096dc753",
"indicator--6f54982a-7a31-4544-a758-9693169e1abf",
"indicator--4fe3a100-4b92-4752-8e50-c5c19ee6a301",
"indicator--13128f4c-5532-4b72-8d01-57a76a4d07c3",
"indicator--f63769dd-f98c-497e-a91f-99d8674be835",
"indicator--981f4ee3-dfc4-42ba-927f-6117c0001c8c",
"indicator--c58c0483-3472-4669-9d00-cae7a8fff636",
"indicator--111cb2a8-af64-43a1-8afc-ec6a7c6a5c74",
"indicator--b875174e-4422-4899-83c8-98d0b805da24",
"indicator--661c06e3-3f9d-4142-a37c-b516ec9721e6",
"indicator--d2030374-8a32-48dd-b565-da4f7e9de8eb",
"indicator--6dab62aa-030a-4e3b-a926-9820679ff41a",
"indicator--f0543d5a-af97-4bc8-8d0b-9101a0c05f34",
"indicator--dec8fd50-628a-4eb2-ba23-557d57eb9535",
"indicator--6929d2e4-27f5-464a-8b4b-2ae80e9ea564",
"indicator--1edaf6f6-1670-4f0b-aa3c-72c7a51e211b",
"indicator--1a037ed0-53ea-42a7-8694-62f4a728a7cd",
"indicator--7ac1b131-48fc-41b2-894c-c4c3c0852a4b",
"indicator--14924a9c-5c0f-425d-9531-fa15c3f1c817",
"indicator--8e9c45d9-800f-45f9-b6bf-bbde6f3649e4",
"indicator--55835c18-a3c4-456a-be2e-fafce0254df0",
"indicator--3e0f2078-e764-413e-98ff-5113ef415da8",
"indicator--31fe0063-09d0-4b0a-8188-d46e5bb46307",
"indicator--1b8256fb-12f9-4029-9e33-68d895c4e754",
"indicator--1c6174ac-7253-4918-9932-4c25d16b7fa9",
"indicator--94508ba6-a7b7-45a8-a02f-18b59d6f1774",
"indicator--8ee128fd-b41e-4e8b-a333-0597b474be67",
"indicator--7935732e-59a4-4383-9fc9-546da0ea26f9",
"indicator--52156c2a-4c6a-450f-981c-433a42dfb7aa",
"indicator--19082ad9-3e50-49f4-9018-78ff4f222c7f",
"indicator--683c399f-d3c8-4f32-8c8c-c3df2989c515",
"indicator--7647bee2-58a4-4293-94f5-1540cbe51994",
"indicator--a42282ff-d32e-48d7-afda-ca8056c40b2c",
"indicator--70f89732-c74b-4b50-860e-4fdcfbcab28b",
"indicator--cc71714f-98d6-4d0e-9047-fb16480a3d65",
"indicator--5755a9b4-0b6d-4edb-b41d-1fa6eebf677b",
"x-misp-object--57e72629-e86a-4591-b071-dc72988a11dd",
"indicator--90ba774e-2d3c-4681-aa3c-2f72306df89e",
"x-misp-object--46245f77-2cae-4804-a5d1-c6c09bb69ef8",
"indicator--f23f0b2b-985e-4e21-80dc-e59c3c28c45f",
"x-misp-object--0da0d94b-fd1a-48df-a95f-33f250100eb4",
"indicator--b05ef68e-17cd-4a85-af71-414145036bba",
"x-misp-object--6847ec0c-770d-4bb0-b6b5-64286a072bb9",
"indicator--531a0491-51fb-4487-8d23-083a61d6749c",
"x-misp-object--b5567de3-b632-4c8e-a2b2-843367a3b89c",
"indicator--6bed7582-d749-4f0e-972a-704520e046dc",
"x-misp-object--fdd40616-8544-40b7-8f04-79ab0dd41097",
"indicator--fe215d82-4e07-46c1-8545-1d395fa890ce",
"x-misp-object--f4cd93cd-e5cd-42b3-8fe9-28685d552703",
"indicator--7047fe89-3ddd-4bff-aa2a-11d986cde08b",
"x-misp-object--4cbc7e29-5a6c-4775-8002-cdba10392a10",
"indicator--50fedb9b-0e14-43fb-8512-8f989ac34305",
"x-misp-object--5028f0e4-43d2-4832-a500-813be2f633b3",
"indicator--51d2647f-b8ad-4664-a17d-7ae19f413a11",
"x-misp-object--24acd52e-a969-4d69-bb88-e57c51a43e42",
"indicator--b6decb0d-6c64-4c13-a035-00e4867fb2dd",
"x-misp-object--7f0397a0-ca35-463e-ba29-48807fde401b",
"indicator--68f1d019-274d-43e4-b014-ce9b23560d4e",
"x-misp-object--d006038d-e562-4505-aa6a-26272c6906c5",
"indicator--a5b82f72-0f15-4329-a3ae-a1443c7c20f9",
"x-misp-object--ef7058b0-ee9a-42e7-84e4-571560201656",
"indicator--a7f25b8a-bc21-44ec-88e6-fe0d358f36b5",
"x-misp-object--a15e1912-b799-484e-8596-3a929eb5b849",
"indicator--fbbe7063-4dc9-40d9-8a70-5e10d25ae1be",
"x-misp-object--3dccc6fd-ccf2-4995-8770-41075c7981c0",
"indicator--4671a7c1-3b72-427b-b486-a9076c743c39",
"x-misp-object--601cbe62-0b1b-4765-9a08-23a989a76447",
"indicator--b8629f7c-4f7b-403e-9b5e-8343238e99cf",
"x-misp-object--e400655d-93d4-46a7-9116-738530e06ea7",
"indicator--e8a2c8f3-145e-47a6-83fe-139a0629e77c",
"x-misp-object--3cf7cf8e-f19a-4306-bd46-e65583216baa",
"indicator--cd784941-a6e5-4ff2-b4d2-8e0201d5fabd",
"x-misp-object--116175d9-f786-4417-91c1-e787621fc175",
"indicator--583f80b7-150f-43b8-984c-507183734547",
"x-misp-object--7c9894ca-7a08-4157-a60a-2dbfdead61bb",
"indicator--7e7268fb-a0fc-4c93-bc16-ba606b5e988b",
"x-misp-object--8e631b4f-7877-4d15-8bae-4026529a128a",
"indicator--2b52403a-fe7b-4b5e-9b93-ca6d6eed3654",
"x-misp-object--73744f82-718a-484b-8057-e78bf0d1f92d",
"indicator--c7f78389-8821-43ca-8d46-687afc70fa6a",
"x-misp-object--b97cd856-8dae-4602-aa2f-db8daf1f1129",
"indicator--477d1696-bc96-462f-afed-7aac5dac22e3",
"x-misp-object--2d8d71da-d2e0-4004-9cc1-fc2b68fca4e3",
"indicator--2c001844-70ba-431f-b9e2-c81f88058ed8",
"x-misp-object--8aa45243-df40-4d10-bf17-d3e2599fed0a",
"indicator--58281799-2547-4047-98cd-60e10f04c1bd",
"x-misp-object--87010e33-7b38-419d-8421-5eaa07cb8c4b",
"indicator--ac105d47-7fab-4260-ad19-e2827a659096",
"x-misp-object--63dce8e1-33e9-48be-8523-b5db67038282",
"indicator--206578ce-144d-4490-b193-f64ae055a583",
"x-misp-object--0dc7048e-96ee-4e68-a2eb-403dd3883ae3",
"indicator--928ffbe0-4d94-455a-97cf-8202e79d6626",
"x-misp-object--0a71b5ae-12ea-4aa3-bb82-6f031ff3765b",
"indicator--b2e3f716-6a47-4f4c-8d2d-f329559a4cad",
"x-misp-object--56045c01-e584-420e-97ad-340f8364c026",
"indicator--2d52e790-2148-4c46-af5a-3a9cca5167c2",
"x-misp-object--924cdf00-0662-44d7-9abe-db984b87a890",
"indicator--780ea6a4-143e-435e-80ce-a9d640727387",
"x-misp-object--171b844c-e483-40b1-9be6-3a72552cad24",
"indicator--e85ade4d-1b48-4843-919b-fbb40e56ea8e",
"x-misp-object--6d64d31b-f6d3-4aab-8422-536fb14900a9",
"indicator--0435b47e-3fda-4c7f-8c7d-300f6c81e5cc",
"x-misp-object--ef0ac1b1-06ab-4882-a73a-963968e5d9d5",
"indicator--fa6162c5-05ef-48dc-9617-96c574f6f8ee",
"x-misp-object--30af6744-2ff9-4462-a0fa-be7dfcd5e537",
"indicator--41e8c744-0833-4720-abf8-e40fd4b0a6ec",
"x-misp-object--debdafab-84f5-4c5f-8f4a-3d873d95895c",
"indicator--6a1850ce-88ff-4602-b863-1c5a8eb3e7d5",
"x-misp-object--e39a8261-d7fc-4e65-a763-eb2d49bdcf6b",
"relationship--06a8ee88-32de-46f7-b629-484447824ffb",
"relationship--cbbbc58f-7f4a-432f-be32-e95e3ca4c61f",
"relationship--bff2c9c9-6ece-43d3-9a63-44b117dd0fea",
"relationship--337d4176-b297-497b-b8d1-6354d077285c",
"relationship--e2d20a05-ad56-4357-90d3-4493df082f58",
"relationship--934e3ffc-6621-4aea-878d-c13c96756157",
"relationship--a37d27d2-0491-4dbc-b17c-fb11b3831547",
"relationship--0e5483c4-78ef-43dd-912c-f6ddcbcb3dd9",
"relationship--cbe71e04-9164-4dc5-84f8-b43f24d08cf1",
"relationship--28a3b9ff-ca08-46f0-8e57-03d3e91e4d94",
"relationship--c807ce46-b8f8-43a7-8dfa-cb1bac7acd66",
"relationship--229ab8bc-40e6-4db5-bb51-e636ae35be86",
"relationship--83f2bf3f-92c6-4f82-aebb-6ce0b4755850",
"relationship--b7184d62-47d9-44f3-a86b-b63735df0671",
"relationship--c317d4b6-5dbb-4e88-8e50-c8db321b7327",
"relationship--3ee63fd8-5e77-4439-b0ee-0766a57e1af7",
"relationship--84b54e51-8b79-4049-87a0-31fb20ab31b1",
"relationship--7fb8cc6f-d399-4c5a-8265-a8ab609bc707",
"relationship--ce903a7d-f2dd-46e9-8f00-53d0c9e35c0d",
"relationship--a5389fdc-9cf8-4476-af55-f0152b907005",
"relationship--94ce788e-962c-481d-a6ab-f747583ded3b",
"relationship--cfabfd1a-d54a-4d68-b870-03b110fde348",
"relationship--af8f30b3-a0f3-4c23-8441-64832a0ccd9e",
"relationship--1cac643c-3b77-4f07-899b-cede03317941",
"relationship--ba756c6b-7c7c-4c65-b3c7-3860c1599bff",
"relationship--b53402e9-9c45-4b4f-8695-112372c06d45",
"relationship--de8b66eb-2998-45ed-80f8-79a72e9597d8",
"relationship--cd5bcce0-556b-416c-8912-6ff105754654",
"relationship--43118cd9-5f78-4e7c-8f89-9d7cc52fa152",
"relationship--eeb6bb88-3a49-4103-9927-68bfae0a7d6e",
"relationship--b9f519ab-c1e4-4d4a-ad22-3d978820e20e",
"relationship--0609b546-85a0-4800-946e-9ba1beae7f29",
"relationship--0fd8d129-8274-4cc2-ad3c-3315a2e6e8ba",
"relationship--0eaf1bbe-7c07-4983-b128-790b57dda6fb",
"relationship--33c6ada1-fee4-4481-ab7c-3ef110d881f7",
"relationship--88342bae-8e56-455f-b5c3-e121120f8505",
"relationship--1a232636-0a4e-4a58-830d-099a3ebb49cf",
"relationship--b81ebf12-0d72-418d-a30f-2e8d2cbb228a"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"misp-galaxy:malpedia=\"Machete\"",
"misp-galaxy:threat-actor=\"El Machete\"",
"misp-galaxy:mitre-attack-pattern=\"Spearphishing Attachment - T1193\"",
"misp-galaxy:mitre-attack-pattern=\"Spearphishing Link - T1192\"",
"misp-galaxy:mitre-attack-pattern=\"User Execution - T1204\"",
"misp-galaxy:mitre-attack-pattern=\"Scheduled Task - T1053\"",
"misp-galaxy:mitre-attack-pattern=\"Hidden Files and Directories - T1158\"",
"misp-galaxy:mitre-attack-pattern=\"Obfuscated Files or Information - T1027\"",
"misp-galaxy:mitre-attack-pattern=\"Software Packing - T1045\"",
"misp-galaxy:mitre-attack-pattern=\"Masquerading - T1036\"",
"misp-galaxy:mitre-attack-pattern=\"Private Keys - T1145\"",
"misp-galaxy:mitre-attack-pattern=\"Credentials in Files - T1081\"",
"misp-galaxy:mitre-attack-pattern=\"System Network Connections Discovery - T1049\"",
"misp-galaxy:mitre-attack-pattern=\"Peripheral Device Discovery - T1120\"",
"misp-galaxy:mitre-attack-pattern=\"File and Directory Discovery - T1083\"",
"misp-galaxy:mitre-attack-pattern=\"Browser Bookmark Discovery - T1217\"",
"misp-galaxy:mitre-attack-pattern=\"Process Discovery - T1057\"",
"misp-galaxy:mitre-attack-pattern=\"Application Window Discovery - T1010\"",
"misp-galaxy:mitre-attack-pattern=\"Clipboard Data - T1115\"",
"misp-galaxy:mitre-attack-pattern=\"Data from Local System - T1005\"",
"misp-galaxy:mitre-attack-pattern=\"Data from Removable Media - T1025\"",
"misp-galaxy:mitre-attack-pattern=\"Data Staged - T1074\"",
"misp-galaxy:mitre-attack-pattern=\"Input Capture - T1056\"",
"misp-galaxy:mitre-attack-pattern=\"Screen Capture - T1113\"",
"misp-galaxy:mitre-attack-pattern=\"Commonly Used Port - T1043\"",
"misp-galaxy:mitre-attack-pattern=\"Fallback Channels - T1008\"",
"misp-galaxy:mitre-attack-pattern=\"Standard Application Layer Protocol - T1071\"",
"misp-galaxy:mitre-attack-pattern=\"Remote File Copy - T1105\"",
"misp-galaxy:mitre-attack-pattern=\"Automated Exfiltration - T1020\"",
"misp-galaxy:mitre-attack-pattern=\"Data Compressed - T1002\"",
"misp-galaxy:mitre-attack-pattern=\"Data Encrypted - T1022\"",
"misp-galaxy:mitre-attack-pattern=\"Exfiltration Over Command and Control Channel - T1041\"",
"misp-galaxy:mitre-attack-pattern=\"Exfiltration Over Physical Medium - T1052\"",
"misp-galaxy:mitre-attack-pattern=\"Scheduled Transfer - T1029\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\"",
"enisa:nefarious-activity-abuse=\"spear-phishing-attacks\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5d49833d-2ac8-489d-a0bb-4535950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-06T13:40:13.000Z",
"modified": "2019-08-06T13:40:13.000Z",
"first_observed": "2019-08-06T13:40:13Z",
"last_observed": "2019-08-06T13:40:13Z",
"number_observed": 1,
"object_refs": [
"url--5d49833d-2ac8-489d-a0bb-4535950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5d49833d-2ac8-489d-a0bb-4535950d210f",
"value": "https://www.welivesecurity.com/2019/08/05/sharpening-machete-cyberespionage/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5d4988ee-55fc-4a68-813f-44d4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-06T14:04:30.000Z",
"modified": "2019-08-06T14:04:30.000Z",
"first_observed": "2019-08-06T14:04:30Z",
"last_observed": "2019-08-06T14:04:30Z",
"number_observed": 1,
"object_refs": [
"url--5d4988ee-55fc-4a68-813f-44d4950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5d4988ee-55fc-4a68-813f-44d4950d210f",
"value": "https://www.welivesecurity.com/wp-content/uploads/2019/08/ESET_Machete.pdf"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d517330-22ac-4be8-93c4-49c9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:09:52.000Z",
"modified": "2019-08-12T14:09:52.000Z",
"pattern": "[domain-name:value = 'tobabean.expert']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:09:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d517330-1658-4540-a753-46e0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:09:52.000Z",
"modified": "2019-08-12T14:09:52.000Z",
"pattern": "[domain-name:value = 'koliast.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:09:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d517330-bd80-44e7-91bc-438c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:09:52.000Z",
"modified": "2019-08-12T14:09:52.000Z",
"pattern": "[domain-name:value = 'u929489355.hostingerapp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:09:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d517330-9d60-41b3-8436-4e39950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:09:52.000Z",
"modified": "2019-08-12T14:09:52.000Z",
"pattern": "[domain-name:value = 'u154611594.hostingerapp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:09:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d517330-25f8-447c-93fc-4b86950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:09:52.000Z",
"modified": "2019-08-12T14:09:52.000Z",
"pattern": "[domain-name:value = '6e24a5fb.ngrok.io']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:09:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d517330-59a8-4798-9b8f-419d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:09:52.000Z",
"modified": "2019-08-12T14:09:52.000Z",
"pattern": "[domain-name:value = 'f9527d03.ngrok.io']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:09:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d517331-6070-446d-a363-4ddf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:09:53.000Z",
"modified": "2019-08-12T14:09:53.000Z",
"pattern": "[domain-name:value = 'adtiomtardecessd.zapto.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:09:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d517331-ae34-454b-b2fe-4dec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:09:53.000Z",
"modified": "2019-08-12T14:09:53.000Z",
"pattern": "[domain-name:value = 'mcsi.gotdns.ch']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:09:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d517331-4b84-4341-afd9-41a6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:09:53.000Z",
"modified": "2019-08-12T14:09:53.000Z",
"pattern": "[domain-name:value = 'djcaps.gotdns.ch']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:09:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d517331-4108-4e33-a7ac-42d2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:09:53.000Z",
"modified": "2019-08-12T14:09:53.000Z",
"pattern": "[domain-name:value = 'tokeiss.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:09:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d517331-c47c-413c-8047-497e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:09:53.000Z",
"modified": "2019-08-12T14:09:53.000Z",
"pattern": "[domain-name:value = 'artyomt.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:09:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d517331-e328-4744-8529-4088950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:09:53.000Z",
"modified": "2019-08-12T14:09:53.000Z",
"pattern": "[domain-name:value = 'lawyersofficial.mipropia.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:09:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d517331-d6dc-4648-9b62-4404950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:09:53.000Z",
"modified": "2019-08-12T14:09:53.000Z",
"pattern": "[domain-name:value = 'ceofanb18.mipropia.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:09:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d51737a-b680-46c6-9b58-4ff0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:11:06.000Z",
"modified": "2019-08-12T14:11:06.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.224.137.63']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:11:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d51737b-39c8-46cc-87bb-4342950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:11:07.000Z",
"modified": "2019-08-12T14:11:07.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '156.67.222.88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:11:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d51737b-c5d4-42e3-9991-43ca950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:11:07.000Z",
"modified": "2019-08-12T14:11:07.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '158.69.9.209']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:11:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d51737b-d2ec-4a93-9e4a-4623950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:11:07.000Z",
"modified": "2019-08-12T14:11:07.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '142.44.236.215']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:11:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d51737b-cb90-492c-bc50-49da950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:11:07.000Z",
"modified": "2019-08-12T14:11:07.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '199.79.63.188']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:11:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d51737b-e68c-4cf8-8484-4c8f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:11:07.000Z",
"modified": "2019-08-12T14:11:07.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.61.164.33']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:11:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5d52631c-1110-4600-a024-d9c8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-13T07:13:32.000Z",
"modified": "2019-08-13T07:13:32.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "Latin America is often overlooked when it comes to persistent threats and groups with politically motivated targets. There is, however, an ongoing case of cyberespionage against high-profile organizations that has managed to stay under the radar. The group behind these attacks has stolen gigabytes of confidential documents, mostly from Venezuelan government organizations. It is still very active at the time of this publication, regularly introducing changes to its malware, infrastructure and spearphishing campaigns.\r\n\r\nESET has been tracking a new version of Machete (the group\u00e2\u20ac\u2122s Python-based toolset) that was first seen in April 2018. While the main functionality of the backdoor remains the same as in previous versions, it has been extended with new features over the course of a year."
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8a692de1-9181-4a14-b03b-33eff84dd2dd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-08T09:14:25.000Z",
"modified": "2019-08-08T09:14:25.000Z",
"pattern": "[file:hashes.SHA1 = '048c40eb606da3def08c9f6997c1948afbbc959b' AND file:name = 'GoogleUpdate.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-08T09:14:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--33584ba5-ffb6-4b6d-a583-2ed8be8b13a8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-08T09:14:26.000Z",
"modified": "2019-08-08T09:14:26.000Z",
"pattern": "[file:hashes.SHA1 = '2e8d8508096caa38493414f6ba788d0041ea9e15' AND file:name = 'GoogleUpdate.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-08T09:14:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b1fe24c7-e0d6-4ad6-bded-71e94646e1de",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-08T09:19:49.000Z",
"modified": "2019-08-08T09:19:49.000Z",
"pattern": "[file:hashes.SHA1 = '85bdd7d871108c737701ac30c14a2d343cbdef94' AND file:name = 'GoogleUpdate.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-08T09:19:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a438f26a-8ac2-48fa-92db-eeabe8bf2ea1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-08T09:14:27.000Z",
"modified": "2019-08-08T09:14:27.000Z",
"pattern": "[file:hashes.SHA1 = '8ed8cb784512f7dadd147347fc94e945faf16338' AND file:name = 'GoogleUpdate.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-08T09:14:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0c8e9a07-b77f-4d99-88bc-90e01491881d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-08T09:14:27.000Z",
"modified": "2019-08-08T09:14:27.000Z",
"pattern": "[file:hashes.SHA1 = '9c413075aab7ef7876b8dc8d7b7c1b9b96842c6e' AND file:name = 'GoogleUpdate.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-08T09:14:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ea7d0d1f-8fa6-4e26-9d70-ff1ad56265af",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-08T09:14:28.000Z",
"modified": "2019-08-08T09:14:28.000Z",
"pattern": "[file:hashes.SHA1 = 'ab8dd6b0cc950618589603012863b57f7adb9d9b' AND file:name = 'GoogleUpdate.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-08T09:14:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--04a81d9f-75c8-44eb-8775-7938c5303ab2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T10:53:46.000Z",
"modified": "2019-08-12T10:53:46.000Z",
"pattern": "[file:hashes.SHA1 = '318496b58cf5052efd49a95c721d9165278e9fce' AND file:name = 'Chrome.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T10:53:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dba87e0c-17e3-43c0-af22-6f6a55bda3e0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T10:53:47.000Z",
"modified": "2019-08-12T10:53:47.000Z",
"pattern": "[file:hashes.SHA1 = '3bb345032b6d0226d6771ba65fe4da0faf628631' AND file:name = 'Chrome.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T10:53:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dd47f065-a663-4fbb-ad78-66fb372704ca",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T10:53:47.000Z",
"modified": "2019-08-12T10:53:47.000Z",
"pattern": "[file:hashes.SHA1 = '946a24dfbd0ae94209ef7c284d3f462548566a3c' AND file:name = 'Chrome.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T10:53:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6c19c316-14d6-469a-a122-f2b13c21cc8e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T10:53:48.000Z",
"modified": "2019-08-12T10:53:48.000Z",
"pattern": "[file:hashes.SHA1 = '984b9202a6dbd7d3dd696cae1220338a68092dc9' AND file:name = 'Chrome.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T10:53:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4f751950-e0d0-400a-90e0-bbab853a48dd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T10:53:49.000Z",
"modified": "2019-08-12T10:53:49.000Z",
"pattern": "[file:hashes.SHA1 = 'eabd45d0a86113f5ccff9fd292c1e482a5727815' AND file:name = 'Chrome.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T10:53:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--191b4c43-86e6-402b-a206-44cbc16f8ffa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T10:53:49.000Z",
"modified": "2019-08-12T10:53:49.000Z",
"pattern": "[file:hashes.SHA1 = 'f05bc018c90b560dc4932758956adffbc10588ce' AND file:name = 'Chrome.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T10:53:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7acd2cf2-c80b-4dbf-850d-7168fe00298c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T10:53:50.000Z",
"modified": "2019-08-12T10:53:50.000Z",
"pattern": "[file:hashes.SHA1 = '204a2850548e5994d4696e9002f90dfccbe2093a' AND file:name = 'GoogleCrash.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T10:53:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--957251b4-6f97-4058-97b4-a70ed80ac6e6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T10:59:38.000Z",
"modified": "2019-08-12T10:59:38.000Z",
"pattern": "[file:hashes.SHA1 = '3792588edc809270e6666a4677ec85a3400ba4cf' AND file:name = 'GoogleCrash.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T10:59:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3c0badfe-f235-436e-aad3-c91be69b2ec5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:17.000Z",
"modified": "2019-08-12T11:00:17.000Z",
"pattern": "[file:hashes.SHA1 = '4899a2c2ceceb92d2cc4ed17d092d1d599379284' AND file:name = 'GoogleCrash.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fe11a26b-5e51-4278-8527-77a9757e2c8d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:19.000Z",
"modified": "2019-08-12T11:00:19.000Z",
"pattern": "[file:hashes.SHA1 = 'a42756280aa352f4612bed85aabf7f3267e676c2' AND file:name = 'GoogleCrash.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c7c69120-a89c-4b14-8a38-36acd6488961",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:20.000Z",
"modified": "2019-08-12T11:00:20.000Z",
"pattern": "[file:hashes.SHA1 = 'a97cf05ad7f3102bde45e4b4947ed435efea1968' AND file:name = 'GoogleCrash.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f708b2e6-8236-4b45-8180-28f20c5cb105",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:20.000Z",
"modified": "2019-08-12T11:00:20.000Z",
"pattern": "[file:hashes.SHA1 = '00397da69b8e748720aedfd80d78166573c33ec8' AND file:name = 'ders.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--45b5ad6f-62d6-43e1-865e-f815a37fa34f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:21.000Z",
"modified": "2019-08-12T11:00:21.000Z",
"pattern": "[file:hashes.SHA1 = '03929a5530639c1d9dbd395a298c59fd7eff1dec' AND file:name = 'chrome.sfx.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a9f76724-fbcc-43a9-aad4-6737bb8a9ece",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:21.000Z",
"modified": "2019-08-12T11:00:21.000Z",
"pattern": "[file:hashes.SHA1 = '0922defb82ff1140bbe3481bab27564bb966d50b' AND file:name = 'ChrOme_UpdAte.sfx.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0754c7c6-7a21-4a8a-be8d-32fa887c756b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:22.000Z",
"modified": "2019-08-12T11:00:22.000Z",
"pattern": "[file:hashes.SHA1 = '0ac64e08e63601ad9d6a4ef019e5b374784af80a' AND file:name = 'chrome.sfx.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c51b58e9-416e-43d5-9ef0-651536573149",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:22.000Z",
"modified": "2019-08-12T11:00:22.000Z",
"pattern": "[file:hashes.SHA1 = '0ba5bce133b50ef80fd9241c3ea5cb9135ca4eb1' AND file:name = 'ders.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a4be316a-1342-490b-935d-3cb667a02ad6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:23.000Z",
"modified": "2019-08-12T11:00:23.000Z",
"pattern": "[file:hashes.SHA1 = '161629f63422ab34108854662313f87a278dd7f5' AND file:name = 'chrome.sfx.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--588bbb6f-9390-42d4-9839-3b595d31de69",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:24.000Z",
"modified": "2019-08-12T11:00:24.000Z",
"pattern": "[file:hashes.SHA1 = '24752dab28c3add4c31591f2ec480ce3ca83e0aa' AND file:name = 'python27.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--962c51b9-615d-454d-8977-a22a1f583868",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:24.000Z",
"modified": "2019-08-12T11:00:24.000Z",
"pattern": "[file:hashes.SHA1 = '341f2efa0fd11b4480d8503bfb81c62af667d72d' AND file:name = 'chrome_Up.sfx.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--87939249-448c-4cb5-bf42-596cb88cb9ee",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:25.000Z",
"modified": "2019-08-12T11:00:25.000Z",
"pattern": "[file:hashes.SHA1 = '4c130aa110b290a0cf4ff1c099ea2a705081a9cb' AND file:name = 'Chrome_Update.sfx.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aee6c86f-91c9-4ed9-8a11-841fa8d848d3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:25.000Z",
"modified": "2019-08-12T11:00:25.000Z",
"pattern": "[file:hashes.SHA1 = '50c23690c23ee070ad3a20fced7311bfdf098833' AND file:name = 'ders.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ddb03882-2048-41c3-bb11-8dff8b9aa4ac",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:26.000Z",
"modified": "2019-08-12T11:00:26.000Z",
"pattern": "[file:hashes.SHA1 = '67ecbc1e9a66719c599e6dded33a85f70daca13e' AND file:name = 'chrome.sfx.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b7167cb2-4240-43fe-8821-80897f4087b3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:26.000Z",
"modified": "2019-08-12T11:00:26.000Z",
"pattern": "[file:hashes.SHA1 = '6a69a2a2d4a2f8690b71386f0f092b04ea5a647d' AND file:name = 'ders.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--05e6b2ff-953c-4841-bd39-8ad0c2e69e65",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:27.000Z",
"modified": "2019-08-12T11:00:27.000Z",
"pattern": "[file:hashes.SHA1 = '92c56af6815597c0135c21ef5a35d41b0e2a460f' AND file:name = 'Python_27.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d04d25ce-44a8-45dc-b7ed-a0d85596a811",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:27.000Z",
"modified": "2019-08-12T11:00:27.000Z",
"pattern": "[file:hashes.SHA1 = '9e52e1c015b97d4fb2cac888f8fc69d729af78f5' AND file:name = 'finaser.aes']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aee23dbf-5457-415c-9594-4133bf65ea0c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:28.000Z",
"modified": "2019-08-12T11:00:28.000Z",
"pattern": "[file:hashes.SHA1 = 'a48a71b9d1c00a683397f97c02e0dbb3f4606863' AND file:name = 'ders.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4bee8233-b6ac-45c5-881d-10c15a37a780",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:29.000Z",
"modified": "2019-08-12T11:00:29.000Z",
"pattern": "[file:hashes.SHA1 = 'b6e436a0fff117a1c3d3d70947f62d4cac66c95e' AND file:name = 'ders.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--579ad8ab-1805-4eee-aa81-d0ad072ec3a8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:29.000Z",
"modified": "2019-08-12T11:00:29.000Z",
"pattern": "[file:hashes.SHA1 = 'c4accf6071f51ade102190c6fa350435fc202654' AND file:name = 'Python.27.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--68862694-1745-4e74-b07d-61b8137c6bbf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:30.000Z",
"modified": "2019-08-12T11:00:30.000Z",
"pattern": "[file:hashes.SHA1 = 'd5238cde036eefcc6d8d686b3a00247f27da894c' AND file:name = 'Python.27.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0f47af76-83e0-4020-b5a3-68754f9ef4af",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:30.000Z",
"modified": "2019-08-12T11:00:30.000Z",
"pattern": "[file:hashes.SHA1 = 'dda105d8d894f73b16518d546270e4f783cb5178' AND file:name = 'python27.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--39e99e19-f532-45f5-8224-c934bde72c32",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:31.000Z",
"modified": "2019-08-12T11:00:31.000Z",
"pattern": "[file:hashes.SHA1 = 'e85c1ef38c39b6087ea9ac8171ddd1416b9a5306' AND file:name = 'python27.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6a2f26f5-deda-419e-bbfe-a330c3758928",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:31.000Z",
"modified": "2019-08-12T11:00:31.000Z",
"pattern": "[file:hashes.SHA1 = 'fd52b10e9d4e5d343e589627444a6766357d5e47' AND file:name = 'Security.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cc82fda6-bc09-40fd-848a-45d0db504746",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:33.000Z",
"modified": "2019-08-12T11:00:33.000Z",
"pattern": "[file:hashes.SHA1 = '69109287d41c002fa70bb3d6238c4056b2b24b2f' AND file:name = 'Mapa_monitoreo_WRF_ind02052018.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9830f7a9-07cc-49f8-8d97-dd0c94ba75d3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:34.000Z",
"modified": "2019-08-12T11:00:34.000Z",
"pattern": "[file:hashes.SHA1 = '89c0fdeed36a69099e935a590a103339b0cbe525' AND file:name = 'Mapa_monitoreo_WRF_ind02052018.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cba4d0e1-654f-4a15-81a0-e2c9945e97bb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:34.000Z",
"modified": "2019-08-12T11:00:34.000Z",
"pattern": "[file:hashes.SHA1 = '9ea7832d83c74c839a49580b4211e627a24571be' AND file:name = 'Programa Formacion en Contratacion Publica.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a62cf322-51d8-4052-a4d6-9ce43578c2f5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:35.000Z",
"modified": "2019-08-12T11:00:35.000Z",
"pattern": "[file:hashes.SHA1 = 'bfd0cbef5b9c329792b38274474f04bd8109df66' AND file:name = 'RGMA0_1_629.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8836295d-7d9e-4d50-a08b-b95b25c8b3c5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:36.000Z",
"modified": "2019-08-12T11:00:36.000Z",
"pattern": "[file:hashes.SHA1 = 'fde89fcec30fcaabb3d42ed87180843f3e760cd8' AND file:name = 'Mapa_monitoreo_WRF_ind02052018.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bc5d7cb4-8876-4e95-9dcd-e3a71c95396d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:36.000Z",
"modified": "2019-08-12T11:00:36.000Z",
"pattern": "[file:hashes.SHA1 = '52b680f472ae463436979da325db7ad64d5af1ef' AND file:name = 'Mapa_monitoreo_WRF_ind02052018.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b7706f37-e171-41a3-bc49-3fde53dc498f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:40.000Z",
"modified": "2019-08-12T11:00:40.000Z",
"pattern": "[file:hashes.SHA1 = 'fb871aaca0ddcf2f009a2d11ecf672cfb61b7357' AND file:name = 'CALENDARIO_ACTIVIDADES_COLCO_EC.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a8fe9e04-bb0d-4131-9ad6-018ec7a0ca99",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:41.000Z",
"modified": "2019-08-12T11:00:41.000Z",
"pattern": "[file:hashes.SHA1 = '9912bdbe08179122dc3797a2585d463573d1b5a5' AND file:name = '04Down.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--434f775b-b36c-4fb2-8007-4e7b2e7aff88",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:42.000Z",
"modified": "2019-08-12T11:00:42.000Z",
"pattern": "[file:hashes.SHA1 = 'ab16808b5b4706b6265c5ff5fef8b8460c8a51f8' AND file:name = '4Down.sfx.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dfa37ef0-abf3-46cd-88c0-a071db75f2c8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:42.000Z",
"modified": "2019-08-12T11:00:42.000Z",
"pattern": "[file:hashes.SHA1 = 'bdaab0b356ec9fe61fee1723e1dd52e39ddc6699' AND file:name = '04Down.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e03bb791-42ae-4009-83a4-15fdb9e4a56a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:43.000Z",
"modified": "2019-08-12T11:00:43.000Z",
"pattern": "[file:hashes.SHA1 = 'ded6509458df62d3ce60c68f3a2a87e59f1f96be' AND file:name = 'Down.sfx.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--68b09380-602b-460c-b512-affb7278bf17",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:43.000Z",
"modified": "2019-08-12T11:00:43.000Z",
"pattern": "[file:hashes.SHA1 = '2b7404f6b0075bc1192d61d4af135d521d5f08a3' AND file:name = 'RdrCEF.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--003e685d-79fb-4e9d-aa32-aae946e9c2f2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:44.000Z",
"modified": "2019-08-12T11:00:44.000Z",
"pattern": "[file:hashes.SHA1 = '53102e57b40feacb64566c26d101d9242dece77c' AND file:name = 'Down.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8a3219fe-e008-4649-9f69-ec729c23436d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:45.000Z",
"modified": "2019-08-12T11:00:45.000Z",
"pattern": "[file:hashes.SHA1 = '56e8743e0773286a4b9e055147d96d53a43beca1' AND file:name = 'Down.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--12aea0bf-6d93-421b-a3bb-66bf707580e4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:45.000Z",
"modified": "2019-08-12T11:00:45.000Z",
"pattern": "[file:hashes.SHA1 = '71f69f04307c8f5675dcadeaa80b8c2b95691b01' AND file:name = 'Down.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1970c2a4-9c10-4a8e-8d37-2e7df057cba7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:46.000Z",
"modified": "2019-08-12T11:00:46.000Z",
"pattern": "[file:hashes.SHA1 = '904137b61f1ded66c8ca76ebf198dec1b638b5d4' AND file:name = 'Down.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--244d330e-4a9a-42a4-a98b-c324916fc138",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:46.000Z",
"modified": "2019-08-12T11:00:46.000Z",
"pattern": "[file:hashes.SHA1 = 'fbb485b40477f5a014e7096747b1b4a494ce50ef' AND file:name = 'Down.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e9d12a70-06f1-46d0-b97c-3e2f8b93a3bc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:47.000Z",
"modified": "2019-08-12T11:00:47.000Z",
"pattern": "[file:hashes.SHA1 = '0468d3776435e527dba52b9da61d38c076dda09a' AND file:name = 'FORMATO UNICO DE RENDIMIENTO OPERATIVO GNB 11JUNIO2019 CZGNB-13 xlsx.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a90220f-2373-49bc-be7c-5b5d4734e51a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:47.000Z",
"modified": "2019-08-12T11:00:47.000Z",
"pattern": "[file:hashes.SHA1 = '10eb152039cb0a379daab272151bc1baa8c6d4db' AND file:name = 'Radiograma 004026_pdf.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b3b62b88-c1f6-4f7d-9a09-1df9e947bc61",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T11:00:47.000Z",
"modified": "2019-08-12T11:00:47.000Z",
"pattern": "[file:hashes.SHA1 = '173664de0a9a08218098abfb86d2c64f25b5ee37' AND file:name = 'Dise\u00c3\u00b1o_pptx.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T11:00:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--05981ed3-609f-46bb-b71a-df778d89535d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:38.000Z",
"modified": "2019-08-12T13:50:38.000Z",
"pattern": "[file:hashes.SHA1 = '29ea8a983e56229ac69fff9958319b66c006020b' AND file:name = 'RDGMA 1101 001 jpg.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cceb870e-4117-48e0-8ce1-e1c440250917",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:38.000Z",
"modified": "2019-08-12T13:50:38.000Z",
"pattern": "[file:hashes.SHA1 = '3562cb8d37e68025787c31a0b4654a1ce209e62f' AND file:name = '20190611101428 pdf.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--93e52ad7-7f4c-47a5-99ae-8a4e6e567ec3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:39.000Z",
"modified": "2019-08-12T13:50:39.000Z",
"pattern": "[file:hashes.SHA1 = '35e4ecb61f1fa09bec8a4528c592d982d33b6c6b' AND file:name = 'INVITADOS_MEXICANOS.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--638b2381-d20d-42a0-a652-375b1fa87686",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:40.000Z",
"modified": "2019-08-12T13:50:40.000Z",
"pattern": "[file:hashes.SHA1 = '5c56ac14ca7159804a9d53fe037cfd0d99d45ab1' AND file:name = 'JUNIO_19_PROPUESTA_CLARO_RENOVACION.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--708dab6c-4d36-43f7-aeca-4e26adb0bb16",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:40.000Z",
"modified": "2019-08-12T13:50:40.000Z",
"pattern": "[file:hashes.SHA1 = '61de62436b3806a3a645c96677d7ad9d802e30a8' AND file:name = 'FORMATO DE NOVEDADES PARA DC PERSONAL xls.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d6490a36-18cb-460b-b2b5-9a7619606148",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:41.000Z",
"modified": "2019-08-12T13:50:41.000Z",
"pattern": "[file:hashes.SHA1 = '62800d245a3726ca390d08b7bf17fe2c37f2b3cf' AND file:name = '20190611101331.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b3e77c71-4406-4b96-b6e0-13ed5e4e30f4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:41.000Z",
"modified": "2019-08-12T13:50:41.000Z",
"pattern": "[file:hashes.SHA1 = '64f1322bf2a898278aa1e73803fdd500b6e5e7c7' AND file:name = 'RAD_N_0961_21MAY19.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--90b99f0c-945a-46c6-9b0c-039cdab1dbed",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:42.000Z",
"modified": "2019-08-12T13:50:42.000Z",
"pattern": "[file:hashes.SHA1 = '79ac512389ef9e27a3598ca2968573db4f5fd58f' AND file:name = 'RAD OFL0120_jpg.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--13f08889-deee-4943-b161-0187ef57d7e1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:42.000Z",
"modified": "2019-08-12T13:50:42.000Z",
"pattern": "[file:hashes.SHA1 = '7a1ad75a1aa73ec72ee21b213fcca55d57a0cd58' AND file:name = 'S_E_ARLETTE_MARENCO_NOTA_INFORMANDO_TER-MINO_DE_MISION_001.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c366394b-76d5-4c9b-a560-081a5370446b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:43.000Z",
"modified": "2019-08-12T13:50:43.000Z",
"pattern": "[file:hashes.SHA1 = '8e0ac29b8bd0c086b20c23b254cf047aa30a0529' AND file:name = '07_1379.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1a9b7f44-10e5-471c-8489-09d7096dc753",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:43.000Z",
"modified": "2019-08-12T13:50:43.000Z",
"pattern": "[file:hashes.SHA1 = '91f2c7eed2ee92d11bc6b8fd8d3cba0b02c8d074' AND file:name = 'Blason.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6f54982a-7a31-4544-a758-9693169e1abf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:44.000Z",
"modified": "2019-08-12T13:50:44.000Z",
"pattern": "[file:hashes.SHA1 = '97edcdfd6e674591c1e809381c7e68f11dfa81fc' AND file:name = '08_1159.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4fe3a100-4b92-4752-8e50-c5c19ee6a301",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:45.000Z",
"modified": "2019-08-12T13:50:45.000Z",
"pattern": "[file:hashes.SHA1 = '9d65b55168526161a79f4743a37b1a7358c67037' AND file:name = 'INSTRUCCIONES DEL JSO 08JUN19 docx.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--13128f4c-5532-4b72-8d01-57a76a4d07c3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:46.000Z",
"modified": "2019-08-12T13:50:46.000Z",
"pattern": "[file:hashes.SHA1 = 'a94916f9696d861fe040891634b3f2da09557f13' AND file:name = 'REPORTE OPERACIONAL 10JUN19 pdf.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f63769dd-f98c-497e-a91f-99d8674be835",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:46.000Z",
"modified": "2019-08-12T13:50:46.000Z",
"pattern": "[file:hashes.SHA1 = 'b451f623fe9f315eb886b83f27139fc236a07ec9' AND file:name = '20190611101428.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--981f4ee3-dfc4-42ba-927f-6117c0001c8c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:47.000Z",
"modified": "2019-08-12T13:50:47.000Z",
"pattern": "[file:hashes.SHA1 = 'c39b9d966aed0372619b3989995ab9ad12f94d38' AND file:name = 'NOTA_CICR_00079.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c58c0483-3472-4669-9d00-cae7a8fff636",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:47.000Z",
"modified": "2019-08-12T13:50:47.000Z",
"pattern": "[file:hashes.SHA1 = 'cf10e0313177ff4c9c588232218078eb870c0079' AND file:name = 'BOLETA DE PERMISO NELSON GUERERE docx.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--111cb2a8-af64-43a1-8afc-ec6a7c6a5c74",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:48.000Z",
"modified": "2019-08-12T13:50:48.000Z",
"pattern": "[file:hashes.SHA1 = 'e8bbcb0f6538d1543bfa3f7a66f20155ebc2bcc8' AND file:name = 'JUNIO_27_PROPUESTA_CLARO_RENOVACION.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b875174e-4422-4899-83c8-98d0b805da24",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:49.000Z",
"modified": "2019-08-12T13:50:49.000Z",
"pattern": "[file:hashes.SHA1 = 'ea3d823df9f0e41ad1da2fd3492b418693bed8bd' AND file:name = '20190611101331 pdf.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--661c06e3-3f9d-4142-a37c-b516ec9721e6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:49.000Z",
"modified": "2019-08-12T13:50:49.000Z",
"pattern": "[file:hashes.SHA1 = 'eb82401ce6b2497aeb1fc666697d7d9ce66e4d5b' AND file:name = 'Asimilacion.scr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d2030374-8a32-48dd-b565-da4f7e9de8eb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:50.000Z",
"modified": "2019-08-12T13:50:50.000Z",
"pattern": "[file:hashes.SHA1 = '1b3723651e1d321d4f34f2a243d7751d17288257' AND file:name = '_hashlbi.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6dab62aa-030a-4e3b-a926-9820679ff41a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:50.000Z",
"modified": "2019-08-12T13:50:50.000Z",
"pattern": "[file:hashes.SHA1 = '7ffb9c7da20c536b694e78538b65726eacb1b055' AND file:name = '_hashlbi.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f0543d5a-af97-4bc8-8d0b-9101a0c05f34",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:51.000Z",
"modified": "2019-08-12T13:50:51.000Z",
"pattern": "[file:hashes.SHA1 = 'b1adf4b46350fb801ce54da9c93a4ef79674f3f5' AND file:name = '_hashlbi.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dec8fd50-628a-4eb2-ba23-557d57eb9535",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:51.000Z",
"modified": "2019-08-12T13:50:51.000Z",
"pattern": "[file:hashes.SHA1 = '0c33b75f6c4fc0413abdbcda1c5e18c907f13dc3' AND file:name = '_bsdbd.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6929d2e4-27f5-464a-8b4b-2ae80e9ea564",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:52.000Z",
"modified": "2019-08-12T13:50:52.000Z",
"pattern": "[file:hashes.SHA1 = '314d9b4c25dd69453d86e4c7062dce6dedda0533' AND file:name = '_bsdbd.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1edaf6f6-1670-4f0b-aa3c-72c7a51e211b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:53.000Z",
"modified": "2019-08-12T13:50:53.000Z",
"pattern": "[file:hashes.SHA1 = 'd4cf22f3db78bdc1ceb55431857d88166ce677d4' AND file:name = '_bsdbd.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1a037ed0-53ea-42a7-8694-62f4a728a7cd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:53.000Z",
"modified": "2019-08-12T13:50:53.000Z",
"pattern": "[file:hashes.SHA1 = '26fb301af7393b5e564b8c802f5795edebd7cecf' AND file:name = '_clypes.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7ac1b131-48fc-41b2-894c-c4c3c0852a4b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:53.000Z",
"modified": "2019-08-12T13:50:53.000Z",
"pattern": "[file:hashes.SHA1 = '979859b5a177650ef0549c81fd66d36e9dea8078' AND file:name = '_clypes.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--14924a9c-5c0f-425d-9531-fa15c3f1c817",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:54.000Z",
"modified": "2019-08-12T13:50:54.000Z",
"pattern": "[file:hashes.SHA1 = 'a07e38df9887ea7811369cd72c57fd6d44523cd6' AND file:name = '_clypes.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8e9c45d9-800f-45f9-b6bf-bbde6f3649e4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:55.000Z",
"modified": "2019-08-12T13:50:55.000Z",
"pattern": "[file:hashes.SHA1 = '07e383e9ff04f587769845306dc4bfe75630baaa' AND file:name = '_elementree.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55835c18-a3c4-456a-be2e-fafce0254df0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:56.000Z",
"modified": "2019-08-12T13:50:56.000Z",
"pattern": "[file:hashes.SHA1 = '3b6f5cb20ff3ac0ee3813a68a937aae92ebc46d3' AND file:name = '_elementree.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3e0f2078-e764-413e-98ff-5113ef415da8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:56.000Z",
"modified": "2019-08-12T13:50:56.000Z",
"pattern": "[file:hashes.SHA1 = '56765b7511372a8e9be017f48a764d141f485474' AND file:name = '_elementree.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--31fe0063-09d0-4b0a-8188-d46e5bb46307",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:57.000Z",
"modified": "2019-08-12T13:50:57.000Z",
"pattern": "[file:hashes.SHA1 = 'cf2dc40926d8747aec572dfd711bbfd766aadb10' AND file:name = '_elementree.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1b8256fb-12f9-4029-9e33-68d895c4e754",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:57.000Z",
"modified": "2019-08-12T13:50:57.000Z",
"pattern": "[file:hashes.SHA1 = '6b42091ca2f89a59f4e27e30acdacf32eb83f824' AND file:name = '_mssi.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1c6174ac-7253-4918-9932-4c25d16b7fa9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:58.000Z",
"modified": "2019-08-12T13:50:58.000Z",
"pattern": "[file:hashes.SHA1 = '708f159f2cfe22ff0c4464f2fedaa0501868bdd8' AND file:name = '_mssi.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--94508ba6-a7b7-45a8-a02f-18b59d6f1774",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:58.000Z",
"modified": "2019-08-12T13:50:58.000Z",
"pattern": "[file:hashes.SHA1 = 'de639618b550dbe9071e999aaa5b4fc81f63a5a6' AND file:name = '_mssi.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8ee128fd-b41e-4e8b-a333-0597b474be67",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:50:59.000Z",
"modified": "2019-08-12T13:50:59.000Z",
"pattern": "[file:hashes.SHA1 = '0b6f61af3e2c6551f15e0f888177eec91f20ba99' AND file:name = '_multiproccessing.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:50:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7935732e-59a4-4383-9fc9-546da0ea26f9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:51:00.000Z",
"modified": "2019-08-12T13:51:00.000Z",
"pattern": "[file:hashes.SHA1 = '76aabc0af5d487a80bcba19555191b46766139fa' AND file:name = '_multiproccessing.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:51:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--52156c2a-4c6a-450f-981c-433a42dfb7aa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:51:00.000Z",
"modified": "2019-08-12T13:51:00.000Z",
"pattern": "[file:hashes.SHA1 = '7ff87649ca1d9178a02cd9942856d1b590652c6e' AND file:name = '_multiproccessing.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:51:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--19082ad9-3e50-49f4-9018-78ff4f222c7f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:51:01.000Z",
"modified": "2019-08-12T13:51:01.000Z",
"pattern": "[file:hashes.SHA1 = '8692eb1e620f2bcddaf28f0cb726cec2aa1c230d' AND file:name = '_multiproccessing.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:51:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--683c399f-d3c8-4f32-8c8c-c3df2989c515",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:51:01.000Z",
"modified": "2019-08-12T13:51:01.000Z",
"pattern": "[file:hashes.SHA1 = '8af19aa3f18cb35f12ee3966931e11799c3ac5a4' AND file:name = '_multiproccessing.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:51:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7647bee2-58a4-4293-94f5-1540cbe51994",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T13:51:01.000Z",
"modified": "2019-08-12T13:51:01.000Z",
"pattern": "[file:hashes.SHA1 = 'e1bc4ec7f82fa06924dc4b43fbbb485d8c86d9cd' AND file:name = '_multiproccessing.pyw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T13:51:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a42282ff-d32e-48d7-afda-ca8056c40b2c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:10:37.000Z",
"modified": "2019-08-12T14:10:37.000Z",
"pattern": "[file:hashes.SHA1 = 'a19648a5576e0b9fc449d89addc569ba1350ecff']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:10:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--70f89732-c74b-4b50-860e-4fdcfbcab28b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:10:38.000Z",
"modified": "2019-08-12T14:10:38.000Z",
"pattern": "[file:hashes.SHA1 = '442e6cc28d118cfaf1a5482e2000c7dc00d9a7b9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:10:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cc71714f-98d6-4d0e-9047-fb16480a3d65",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-12T14:10:38.000Z",
"modified": "2019-08-12T14:10:38.000Z",
"pattern": "[file:hashes.SHA1 = '212f3697117d17ec3f299d037845cf3db20ce88a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-12T14:10:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5755a9b4-0b6d-4edb-b41d-1fa6eebf677b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:39.000Z",
"modified": "2019-08-23T09:33:39.000Z",
"pattern": "[file:hashes.MD5 = 'c8ca25bd428818277968ac3239cfc573' AND file:hashes.SHA1 = 'a42756280aa352f4612bed85aabf7f3267e676c2' AND file:hashes.SHA256 = '3cf929b0a52e297d8d24af326f94f7114913a285f2f859ba7d4be38bd425fedd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--57e72629-e86a-4591-b071-dc72988a11dd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:40.000Z",
"modified": "2019-08-23T09:33:40.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-07T06:30:18",
"category": "Other",
"uuid": "16e71265-a838-4f9e-99b4-48db8a7350d1"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/3cf929b0a52e297d8d24af326f94f7114913a285f2f859ba7d4be38bd425fedd/analysis/1565159418/",
"category": "Payload delivery",
"uuid": "170d2949-1c3d-48ac-a9cc-77caa6912374"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "8/67",
"category": "Payload delivery",
"uuid": "8e373bd7-6180-42ba-b287-0f4813c31d2d"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--90ba774e-2d3c-4681-aa3c-2f72306df89e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:41.000Z",
"modified": "2019-08-23T09:33:41.000Z",
"pattern": "[file:hashes.MD5 = '3239f2d8acee4742f9b4d919e61b8983' AND file:hashes.SHA1 = '4899a2c2ceceb92d2cc4ed17d092d1d599379284' AND file:hashes.SHA256 = '2e3dc1c6b6c5d9015a18d6ee3578381eeefffd5126abf87635f448006c63f58c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--46245f77-2cae-4804-a5d1-c6c09bb69ef8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:41.000Z",
"modified": "2019-08-23T09:33:41.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-09T16:22:18",
"category": "Other",
"uuid": "8ac9b96c-780d-43c5-ab9a-e5d07d149620"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/2e3dc1c6b6c5d9015a18d6ee3578381eeefffd5126abf87635f448006c63f58c/analysis/1565367738/",
"category": "Payload delivery",
"uuid": "a788f6e0-08f3-4844-aab6-a9b7c5e02386"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "14/66",
"category": "Payload delivery",
"uuid": "1e920924-74ad-4ecd-9964-8b93c3869666"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f23f0b2b-985e-4e21-80dc-e59c3c28c45f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:41.000Z",
"modified": "2019-08-23T09:33:41.000Z",
"pattern": "[file:hashes.MD5 = '4bfd79b34234060f9d4dc26bd23c67c9' AND file:hashes.SHA1 = 'a97cf05ad7f3102bde45e4b4947ed435efea1968' AND file:hashes.SHA256 = '1b6926c9fcea7681c6ed4f62b404e8a1c332fbbc26e872ddb53afc6e818f1cd4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--0da0d94b-fd1a-48df-a95f-33f250100eb4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:41.000Z",
"modified": "2019-08-23T09:33:41.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-06T00:39:40",
"category": "Other",
"uuid": "a54da0c4-02da-4ca0-8f17-bdb8ee6eea1d"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/1b6926c9fcea7681c6ed4f62b404e8a1c332fbbc26e872ddb53afc6e818f1cd4/analysis/1565051980/",
"category": "Payload delivery",
"uuid": "889c7867-90a4-453f-9697-08f66acc5729"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "5/73",
"category": "Payload delivery",
"uuid": "255635cd-f3b4-4d57-a4df-462db4c66801"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b05ef68e-17cd-4a85-af71-414145036bba",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:41.000Z",
"modified": "2019-08-23T09:33:41.000Z",
"pattern": "[file:hashes.MD5 = 'ca0bdef2b365c70733aa61ad2224475b' AND file:hashes.SHA1 = 'e8bbcb0f6538d1543bfa3f7a66f20155ebc2bcc8' AND file:hashes.SHA256 = 'a2c938629dd6a1b3061603e212fbec11cd5a499b52acff25d93448c326d314f0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--6847ec0c-770d-4bb0-b6b5-64286a072bb9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:41.000Z",
"modified": "2019-08-23T09:33:41.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-06T12:02:11",
"category": "Other",
"uuid": "78b95690-31cf-46e3-a7b1-09f0245658aa"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/a2c938629dd6a1b3061603e212fbec11cd5a499b52acff25d93448c326d314f0/analysis/1565092931/",
"category": "Payload delivery",
"uuid": "f9d4f0e9-6bb1-49b3-b819-968be3b0ef79"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "23/62",
"category": "Payload delivery",
"uuid": "bf93c74b-63c5-4894-a6a4-b8e08f530058"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--531a0491-51fb-4487-8d23-083a61d6749c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:42.000Z",
"modified": "2019-08-23T09:33:42.000Z",
"pattern": "[file:hashes.MD5 = '69e8e8258fbda29a140fb820c93afbcc' AND file:hashes.SHA1 = '67ecbc1e9a66719c599e6dded33a85f70daca13e' AND file:hashes.SHA256 = 'e52516e6881c7b073d68903099db0c85ddf465c71054e9da639f66a62d0cc528']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--b5567de3-b632-4c8e-a2b2-843367a3b89c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:42.000Z",
"modified": "2019-08-23T09:33:42.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-16T10:42:18",
"category": "Other",
"uuid": "294a9cbf-196c-4886-a723-d133defb95cf"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/e52516e6881c7b073d68903099db0c85ddf465c71054e9da639f66a62d0cc528/analysis/1565952138/",
"category": "Payload delivery",
"uuid": "0c69ff89-5fc6-4a8a-83ff-2d9fe5f88468"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "41/70",
"category": "Payload delivery",
"uuid": "19dc37b7-9d14-442e-8537-21aff19abb8f"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6bed7582-d749-4f0e-972a-704520e046dc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:42.000Z",
"modified": "2019-08-23T09:33:42.000Z",
"pattern": "[file:hashes.MD5 = '19b049ab19fd3e8c6f5b36c6a41024fe' AND file:hashes.SHA1 = '97edcdfd6e674591c1e809381c7e68f11dfa81fc' AND file:hashes.SHA256 = '217c351a6b80b94b933c6429b27c205466381f72485398f452b18cdd6bb97cc7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--fdd40616-8544-40b7-8f04-79ab0dd41097",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:42.000Z",
"modified": "2019-08-23T09:33:42.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-20T15:42:21",
"category": "Other",
"uuid": "4a3be05f-8620-40c3-bfb1-be0cd9a14c99"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/217c351a6b80b94b933c6429b27c205466381f72485398f452b18cdd6bb97cc7/analysis/1566315741/",
"category": "Payload delivery",
"uuid": "da9d743d-d207-439e-9fef-2b9812a1f478"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "33/69",
"category": "Payload delivery",
"uuid": "527111d0-8515-4364-9465-1cc4e24e2822"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fe215d82-4e07-46c1-8545-1d395fa890ce",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:43.000Z",
"modified": "2019-08-23T09:33:43.000Z",
"pattern": "[file:hashes.MD5 = 'f84f600384a857b583fa5d24de290de4' AND file:hashes.SHA1 = 'a19648a5576e0b9fc449d89addc569ba1350ecff' AND file:hashes.SHA256 = '9445e4f838103f8032646a37074cf8900c0165088d9f88438c8ea93f21576811']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--f4cd93cd-e5cd-42b3-8fe9-28685d552703",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:43.000Z",
"modified": "2019-08-23T09:33:43.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-20T15:42:17",
"category": "Other",
"uuid": "ba5bab65-12eb-47dc-ad32-5435d5704253"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/9445e4f838103f8032646a37074cf8900c0165088d9f88438c8ea93f21576811/analysis/1566315737/",
"category": "Payload delivery",
"uuid": "877c5e64-aafb-4795-b634-911d36bbd8c5"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "39/69",
"category": "Payload delivery",
"uuid": "bdaa0ade-94b4-42fa-aab5-a94291a17081"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7047fe89-3ddd-4bff-aa2a-11d986cde08b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:43.000Z",
"modified": "2019-08-23T09:33:43.000Z",
"pattern": "[file:hashes.MD5 = '04fa52b44178bec611232d260ec18c03' AND file:hashes.SHA1 = 'dda105d8d894f73b16518d546270e4f783cb5178' AND file:hashes.SHA256 = '2674fc7ac47f8a0b5ff07335a18fb9168c532ea3690d2ddacb0f9486711eeeb1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--4cbc7e29-5a6c-4775-8002-cdba10392a10",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:43.000Z",
"modified": "2019-08-23T09:33:43.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-20T15:42:17",
"category": "Other",
"uuid": "3a0c915a-3958-4817-824e-21c93a3e03af"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/2674fc7ac47f8a0b5ff07335a18fb9168c532ea3690d2ddacb0f9486711eeeb1/analysis/1566315737/",
"category": "Payload delivery",
"uuid": "5b1a2506-a2cb-4b11-ad1d-cb0a5bb8184b"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "37/67",
"category": "Payload delivery",
"uuid": "c0c12f49-c195-43c7-83a6-9d0aa86e7201"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--50fedb9b-0e14-43fb-8512-8f989ac34305",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:44.000Z",
"modified": "2019-08-23T09:33:44.000Z",
"pattern": "[file:hashes.MD5 = '7163167a07b2ba31d6064297167cc19f' AND file:hashes.SHA1 = 'bfd0cbef5b9c329792b38274474f04bd8109df66' AND file:hashes.SHA256 = 'b4919db508e9d54c77ff101c0e1155a6ab4e12e61a16708810fdc5c2d23f3e43']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--5028f0e4-43d2-4832-a500-813be2f633b3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:44.000Z",
"modified": "2019-08-23T09:33:44.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-14T15:50:08",
"category": "Other",
"uuid": "a90202a3-93b9-4d67-9b6c-e06361e1d187"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/b4919db508e9d54c77ff101c0e1155a6ab4e12e61a16708810fdc5c2d23f3e43/analysis/1565797808/",
"category": "Payload delivery",
"uuid": "3b7e9886-4153-4c8a-adeb-f7ed1c68e48f"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "38/66",
"category": "Payload delivery",
"uuid": "ee1a20eb-cc0b-4983-a26a-49b7379fd6a0"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--51d2647f-b8ad-4664-a17d-7ae19f413a11",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:44.000Z",
"modified": "2019-08-23T09:33:44.000Z",
"pattern": "[file:hashes.MD5 = '33aac948ba9f11ff8e8fba02127e2c34' AND file:hashes.SHA1 = '85bdd7d871108c737701ac30c14a2d343cbdef94' AND file:hashes.SHA256 = '60c1c4fbeeb9629a0867e091c6012765507797e5f7f9eb42701bc41dcc2f811d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--24acd52e-a969-4d69-bb88-e57c51a43e42",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:44.000Z",
"modified": "2019-08-23T09:33:44.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-07T04:53:37",
"category": "Other",
"uuid": "219060ce-47cc-4ca5-9c7a-16d761b1299f"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/60c1c4fbeeb9629a0867e091c6012765507797e5f7f9eb42701bc41dcc2f811d/analysis/1565153617/",
"category": "Payload delivery",
"uuid": "fe7003d9-62e1-4819-90d4-b4945ccdf90e"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "14/73",
"category": "Payload delivery",
"uuid": "7c17bc6d-f8dd-4585-b5fe-c90096f32550"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b6decb0d-6c64-4c13-a035-00e4867fb2dd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:44.000Z",
"modified": "2019-08-23T09:33:44.000Z",
"pattern": "[file:hashes.MD5 = '8d92e51008d4ec7530bb16b3caa63fbb' AND file:hashes.SHA1 = '341f2efa0fd11b4480d8503bfb81c62af667d72d' AND file:hashes.SHA256 = '8bd1d2d8b037df18c1f0345b092434e2055f2ac01c7a86decc2c0f35685227ef']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--7f0397a0-ca35-463e-ba29-48807fde401b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:45.000Z",
"modified": "2019-08-23T09:33:45.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-06T00:39:47",
"category": "Other",
"uuid": "83ebad06-2bae-4a9b-96d5-2bd4e40dd638"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/8bd1d2d8b037df18c1f0345b092434e2055f2ac01c7a86decc2c0f35685227ef/analysis/1565051987/",
"category": "Payload delivery",
"uuid": "5bb822f7-3f6b-4881-a172-057784d4c6eb"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "28/71",
"category": "Payload delivery",
"uuid": "dbd8d2f0-9510-45c1-ab41-c62dbf5800ed"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--68f1d019-274d-43e4-b014-ce9b23560d4e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:45.000Z",
"modified": "2019-08-23T09:33:45.000Z",
"pattern": "[file:hashes.MD5 = 'c312d1a4ac706d910c611ad8f600fe68' AND file:hashes.SHA1 = '984b9202a6dbd7d3dd696cae1220338a68092dc9' AND file:hashes.SHA256 = 'da31a5bfc103a47899171289ead4b53735b736766cb8501f5a5164097889a518']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--d006038d-e562-4505-aa6a-26272c6906c5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:45.000Z",
"modified": "2019-08-23T09:33:45.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-08T01:57:24",
"category": "Other",
"uuid": "53d53b85-9e84-44e4-969d-9e29438cf291"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/da31a5bfc103a47899171289ead4b53735b736766cb8501f5a5164097889a518/analysis/1565229444/",
"category": "Payload delivery",
"uuid": "2bec80c0-cea9-452e-9617-0a94082f4eb8"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "18/71",
"category": "Payload delivery",
"uuid": "2774491e-f14f-4e59-b8d1-9768d3d9056a"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a5b82f72-0f15-4329-a3ae-a1443c7c20f9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:45.000Z",
"modified": "2019-08-23T09:33:45.000Z",
"pattern": "[file:hashes.MD5 = 'ec9e0092505743e000bd95c3e4677aff' AND file:hashes.SHA1 = '62800d245a3726ca390d08b7bf17fe2c37f2b3cf' AND file:hashes.SHA256 = 'fdc8f48fcf98ce9eb4d9bc4633dec64a26019a6e3738641eefbbc087e32f4bd1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--ef7058b0-ee9a-42e7-84e4-571560201656",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:46.000Z",
"modified": "2019-08-23T09:33:46.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-06T00:39:54",
"category": "Other",
"uuid": "c6b26a28-5edd-40de-ad18-bb0c215ac34d"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/fdc8f48fcf98ce9eb4d9bc4633dec64a26019a6e3738641eefbbc087e32f4bd1/analysis/1565051994/",
"category": "Payload delivery",
"uuid": "ed4fab8d-0c41-4b01-a8e7-2bf647460b0f"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "24/69",
"category": "Payload delivery",
"uuid": "30d2cff9-88a6-4ed3-abf4-96ab979282a8"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a7f25b8a-bc21-44ec-88e6-fe0d358f36b5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:46.000Z",
"modified": "2019-08-23T09:33:46.000Z",
"pattern": "[file:hashes.MD5 = '624a23ea378b4422beb4189ac75a478d' AND file:hashes.SHA1 = '904137b61f1ded66c8ca76ebf198dec1b638b5d4' AND file:hashes.SHA256 = 'fdb55a207260a62b190f307fe6021158f45fd8342718e60018467129424b10d4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--a15e1912-b799-484e-8596-3a929eb5b849",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:46.000Z",
"modified": "2019-08-23T09:33:46.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-07T02:34:38",
"category": "Other",
"uuid": "fa27b39d-1e85-43ec-88d6-52a8038374f2"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/fdb55a207260a62b190f307fe6021158f45fd8342718e60018467129424b10d4/analysis/1565145278/",
"category": "Payload delivery",
"uuid": "57752b95-4183-4d8c-bf10-6aab97c03a48"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "35/66",
"category": "Payload delivery",
"uuid": "a70a2829-6306-4be7-ad16-76e4b3ae29ca"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fbbe7063-4dc9-40d9-8a70-5e10d25ae1be",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:46.000Z",
"modified": "2019-08-23T09:33:46.000Z",
"pattern": "[file:hashes.MD5 = 'f76ee4d0e496fd22bc87e685653a296b' AND file:hashes.SHA1 = '204a2850548e5994d4696e9002f90dfccbe2093a' AND file:hashes.SHA256 = '83a40a07de648eaeaac0d3675a692def343a32dbf03655befe2a91a7bf221257']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--3dccc6fd-ccf2-4995-8770-41075c7981c0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:47.000Z",
"modified": "2019-08-23T09:33:47.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-16T11:50:35",
"category": "Other",
"uuid": "70af704c-fbf7-47e7-b4a4-be254b7b4c8a"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/83a40a07de648eaeaac0d3675a692def343a32dbf03655befe2a91a7bf221257/analysis/1565956235/",
"category": "Payload delivery",
"uuid": "e10eaccb-73be-4264-a23f-724c4bea7914"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "32/68",
"category": "Payload delivery",
"uuid": "ff2dac80-68f8-450a-bf65-3757bd5e77c0"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4671a7c1-3b72-427b-b486-a9076c743c39",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:47.000Z",
"modified": "2019-08-23T09:33:47.000Z",
"pattern": "[file:hashes.MD5 = 'a3f35e1ec2a70df31296deef93129904' AND file:hashes.SHA1 = 'eabd45d0a86113f5ccff9fd292c1e482a5727815' AND file:hashes.SHA256 = '470aaf51761c15d9942aa156a9a6cc07fde5b1be54e73692ec71567df8a387b6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--601cbe62-0b1b-4765-9a08-23a989a76447",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:47.000Z",
"modified": "2019-08-23T09:33:47.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-06T00:39:44",
"category": "Other",
"uuid": "0a76d50d-7732-4ca0-85ee-d66016d2fddd"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/470aaf51761c15d9942aa156a9a6cc07fde5b1be54e73692ec71567df8a387b6/analysis/1565051984/",
"category": "Payload delivery",
"uuid": "130e74c3-5eb2-4057-826a-e755c8190225"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "7/71",
"category": "Payload delivery",
"uuid": "0bd98a79-8f30-4041-bc0d-dc6e6bc2beae"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b8629f7c-4f7b-403e-9b5e-8343238e99cf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:47.000Z",
"modified": "2019-08-23T09:33:47.000Z",
"pattern": "[file:hashes.MD5 = '95a9f742768e75c5ac4614ed0645c510' AND file:hashes.SHA1 = '212f3697117d17ec3f299d037845cf3db20ce88a' AND file:hashes.SHA256 = 'ce2eee86b841a8db264b93cd2e7a791102b05f7d6e2a0a2850cd02be86e7bb3c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e400655d-93d4-46a7-9116-738530e06ea7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:47.000Z",
"modified": "2019-08-23T09:33:47.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-22T18:46:16",
"category": "Other",
"uuid": "2c293c03-35c5-46fb-82c3-94527dc522bc"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/ce2eee86b841a8db264b93cd2e7a791102b05f7d6e2a0a2850cd02be86e7bb3c/analysis/1566499576/",
"category": "Payload delivery",
"uuid": "aa385878-0160-488b-b432-3611843e48db"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "31/69",
"category": "Payload delivery",
"uuid": "dd913565-aaec-4b25-83fd-7ff0a49706bf"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e8a2c8f3-145e-47a6-83fe-139a0629e77c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:48.000Z",
"modified": "2019-08-23T09:33:48.000Z",
"pattern": "[file:hashes.MD5 = 'dd4389198abe57219d74928d6e775f6b' AND file:hashes.SHA1 = 'ded6509458df62d3ce60c68f3a2a87e59f1f96be' AND file:hashes.SHA256 = '82535c7c8c1d8d49ffefe1731c7a57b9e78fd96a864c39cdc4296b5d3afb5503']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--3cf7cf8e-f19a-4306-bd46-e65583216baa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:48.000Z",
"modified": "2019-08-23T09:33:48.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-22T08:12:24",
"category": "Other",
"uuid": "2e203312-afc1-41aa-8d9c-307a0bdfe179"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/82535c7c8c1d8d49ffefe1731c7a57b9e78fd96a864c39cdc4296b5d3afb5503/analysis/1566461544/",
"category": "Payload delivery",
"uuid": "d3b34e11-ebaa-4824-a540-bbf287bc401f"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "38/67",
"category": "Payload delivery",
"uuid": "c02cb983-e0e4-4d5c-9938-aeb916fbd602"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cd784941-a6e5-4ff2-b4d2-8e0201d5fabd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:48.000Z",
"modified": "2019-08-23T09:33:48.000Z",
"pattern": "[file:hashes.MD5 = 'b9806b73c97d1eab5c4dde19fb20a403' AND file:hashes.SHA1 = '03929a5530639c1d9dbd395a298c59fd7eff1dec' AND file:hashes.SHA256 = '14996a7f925bb15609d7d10a15813054ffbff083291925417ecaf257e38e5fa9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--116175d9-f786-4417-91c1-e787621fc175",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:48.000Z",
"modified": "2019-08-23T09:33:48.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-22T14:12:20",
"category": "Other",
"uuid": "b0318569-a903-42a8-93de-dca09af7e090"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/14996a7f925bb15609d7d10a15813054ffbff083291925417ecaf257e38e5fa9/analysis/1566483140/",
"category": "Payload delivery",
"uuid": "b799a68a-ee70-474a-a245-da4ede841dbf"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "42/69",
"category": "Payload delivery",
"uuid": "e74ef843-3680-41d3-b7db-1b0b83d01166"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--583f80b7-150f-43b8-984c-507183734547",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:49.000Z",
"modified": "2019-08-23T09:33:49.000Z",
"pattern": "[file:hashes.MD5 = 'fd301450a00094407729b9139c6c544a' AND file:hashes.SHA1 = 'b6e436a0fff117a1c3d3d70947f62d4cac66c95e' AND file:hashes.SHA256 = '242a1b8f9253b678c03507f137ade7a369c43964a9e2ee21b88289feeb61d208']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--7c9894ca-7a08-4157-a60a-2dbfdead61bb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:51.000Z",
"modified": "2019-08-23T09:33:51.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-14T06:12:12",
"category": "Other",
"uuid": "97cc9c37-8a59-4b7b-a326-5bd60584ea2b"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/242a1b8f9253b678c03507f137ade7a369c43964a9e2ee21b88289feeb61d208/analysis/1565763132/",
"category": "Payload delivery",
"uuid": "6cb2c50f-c405-48f2-a762-d671baef749a"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "31/70",
"category": "Payload delivery",
"uuid": "0bc7ec5f-3179-44d6-bdf4-725b3ff81715"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7e7268fb-a0fc-4c93-bc16-ba606b5e988b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:52.000Z",
"modified": "2019-08-23T09:33:52.000Z",
"pattern": "[file:hashes.MD5 = '4da12f54f0b7413d04f6832d26ee4633' AND file:hashes.SHA1 = '0ac64e08e63601ad9d6a4ef019e5b374784af80a' AND file:hashes.SHA256 = '86fca593acbcac34c59797cb38d5ca32986f66555875c79648cc57d3a443a46d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--8e631b4f-7877-4d15-8bae-4026529a128a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:52.000Z",
"modified": "2019-08-23T09:33:52.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-14T06:10:43",
"category": "Other",
"uuid": "45d6a88e-cb2a-4a2a-bc10-acfdc2242299"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/86fca593acbcac34c59797cb38d5ca32986f66555875c79648cc57d3a443a46d/analysis/1565763043/",
"category": "Payload delivery",
"uuid": "33a390cf-e3e9-4759-9fbe-070928b8502e"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "34/67",
"category": "Payload delivery",
"uuid": "634fb5ab-2337-4cf5-a1b8-0a94da62accc"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2b52403a-fe7b-4b5e-9b93-ca6d6eed3654",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:52.000Z",
"modified": "2019-08-23T09:33:52.000Z",
"pattern": "[file:hashes.MD5 = '9bc58a40aa36674fe4a44abfd938a8db' AND file:hashes.SHA1 = '2b7404f6b0075bc1192d61d4af135d521d5f08a3' AND file:hashes.SHA256 = '446b37b0b0ffcb59ae0df18cf9125f62e128d475eb8f5a9a2caa7a3c3448565d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--73744f82-718a-484b-8057-e78bf0d1f92d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:52.000Z",
"modified": "2019-08-23T09:33:52.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-06T00:39:44",
"category": "Other",
"uuid": "0a3f9499-cb4c-4465-8a81-cf1449a787d2"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/446b37b0b0ffcb59ae0df18cf9125f62e128d475eb8f5a9a2caa7a3c3448565d/analysis/1565051984/",
"category": "Payload delivery",
"uuid": "2138e29b-82c9-416c-88bd-1a2e06ddf352"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "33/71",
"category": "Payload delivery",
"uuid": "f87df041-8e64-402b-9fd2-90d3a7441ed9"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c7f78389-8821-43ca-8d46-687afc70fa6a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:53.000Z",
"modified": "2019-08-23T09:33:53.000Z",
"pattern": "[file:hashes.MD5 = '33edc43992137c0d4b07a4c1ed389e1e' AND file:hashes.SHA1 = '4c130aa110b290a0cf4ff1c099ea2a705081a9cb' AND file:hashes.SHA256 = '590bfc6b7fbd89e629e551fa9d70f1cdc0773d73dfea503d204a05014a8f0191']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--b97cd856-8dae-4602-aa2f-db8daf1f1129",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:53.000Z",
"modified": "2019-08-23T09:33:53.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-06T00:39:45",
"category": "Other",
"uuid": "c6f36377-9234-426a-8fca-68c4bcc1eb56"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/590bfc6b7fbd89e629e551fa9d70f1cdc0773d73dfea503d204a05014a8f0191/analysis/1565051985/",
"category": "Payload delivery",
"uuid": "8c941c57-845a-4350-9a91-f53cc2b55ac4"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "25/69",
"category": "Payload delivery",
"uuid": "fa07a4cc-cc41-4975-bf41-8004cf0077c0"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--477d1696-bc96-462f-afed-7aac5dac22e3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:53.000Z",
"modified": "2019-08-23T09:33:53.000Z",
"pattern": "[file:hashes.MD5 = '22b2718408aa6dbbfb05066325838468' AND file:hashes.SHA1 = '442e6cc28d118cfaf1a5482e2000c7dc00d9a7b9' AND file:hashes.SHA256 = '1c0a896f8627e0974e113143fe0d9d7991ca170d250eec92359ec00b3296db82']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--2d8d71da-d2e0-4004-9cc1-fc2b68fca4e3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:53.000Z",
"modified": "2019-08-23T09:33:53.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-06T00:39:40",
"category": "Other",
"uuid": "ad9aed51-be2a-46dd-a742-c6a015593afe"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/1c0a896f8627e0974e113143fe0d9d7991ca170d250eec92359ec00b3296db82/analysis/1565051980/",
"category": "Payload delivery",
"uuid": "463bca38-c5db-45cf-b071-3a5f94bfe081"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "16/72",
"category": "Payload delivery",
"uuid": "7c62ad0a-b7ac-422c-abce-155d4a93cfb2"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2c001844-70ba-431f-b9e2-c81f88058ed8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:53.000Z",
"modified": "2019-08-23T09:33:53.000Z",
"pattern": "[file:hashes.MD5 = '6370323a5960f06b77a61487b75aabe3' AND file:hashes.SHA1 = '3bb345032b6d0226d6771ba65fe4da0faf628631' AND file:hashes.SHA256 = 'cd43a176d2476cd717395a5d106cc4bc48aa4ca9b3a4e2047426c6f9aa045ea0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--8aa45243-df40-4d10-bf17-d3e2599fed0a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:54.000Z",
"modified": "2019-08-23T09:33:54.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-22T14:12:48",
"category": "Other",
"uuid": "7c423234-eff8-4a80-837c-88b7c3d8e4b0"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/cd43a176d2476cd717395a5d106cc4bc48aa4ca9b3a4e2047426c6f9aa045ea0/analysis/1566483168/",
"category": "Payload delivery",
"uuid": "55977d96-b891-4b8c-a209-037aaf4a20d0"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "32/69",
"category": "Payload delivery",
"uuid": "88b8201a-6590-44c4-8415-e0ed322698bc"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--58281799-2547-4047-98cd-60e10f04c1bd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:54.000Z",
"modified": "2019-08-23T09:33:54.000Z",
"pattern": "[file:hashes.MD5 = '15e50c8efe8f72064d51fc04437bed26' AND file:hashes.SHA1 = '8ed8cb784512f7dadd147347fc94e945faf16338' AND file:hashes.SHA256 = '337016b4f74c35030c825bffb7e5bfb56e61c8522183ce14a995ea9e032e7505']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--87010e33-7b38-419d-8421-5eaa07cb8c4b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:54.000Z",
"modified": "2019-08-23T09:33:54.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-06T00:39:42",
"category": "Other",
"uuid": "8e530b7b-d673-41d1-8fc0-31c2d6b98b6e"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/337016b4f74c35030c825bffb7e5bfb56e61c8522183ce14a995ea9e032e7505/analysis/1565051982/",
"category": "Payload delivery",
"uuid": "7cb2e7db-f8be-4f73-84bb-d4b9479ccede"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "4/72",
"category": "Payload delivery",
"uuid": "7d9d1334-1e67-4587-89e4-fefc1747c19f"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ac105d47-7fab-4260-ad19-e2827a659096",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:54.000Z",
"modified": "2019-08-23T09:33:54.000Z",
"pattern": "[file:hashes.MD5 = '48e6c558a87577281a6b1f37e426f8ed' AND file:hashes.SHA1 = '946a24dfbd0ae94209ef7c284d3f462548566a3c' AND file:hashes.SHA256 = '3a4d8962e6deb2c0bf79b039695d25db85ac91f5b46e86397190b8c4a0ad95ef']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--63dce8e1-33e9-48be-8523-b5db67038282",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:55.000Z",
"modified": "2019-08-23T09:33:55.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-06T00:39:42",
"category": "Other",
"uuid": "f153494c-3b6b-4b22-b71a-34646d965d1e"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/3a4d8962e6deb2c0bf79b039695d25db85ac91f5b46e86397190b8c4a0ad95ef/analysis/1565051982/",
"category": "Payload delivery",
"uuid": "3ced7f8f-fcf5-4de2-96ed-d9edf0311de3"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "8/71",
"category": "Payload delivery",
"uuid": "d7483c8e-d038-4ba3-9e98-9cf015824ac9"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--206578ce-144d-4490-b193-f64ae055a583",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:55.000Z",
"modified": "2019-08-23T09:33:55.000Z",
"pattern": "[file:hashes.MD5 = '396b6502c46b45d9f5efff728fa27055' AND file:hashes.SHA1 = 'f05bc018c90b560dc4932758956adffbc10588ce' AND file:hashes.SHA256 = '7980a1af165c711aaafcd1e60151cb66a58f4ccd3a0394fbecf2ba903ad50b55']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--0dc7048e-96ee-4e68-a2eb-403dd3883ae3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:55.000Z",
"modified": "2019-08-23T09:33:55.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-06T00:39:45",
"category": "Other",
"uuid": "4dd18883-857f-44f7-8f46-86510c0528ec"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/7980a1af165c711aaafcd1e60151cb66a58f4ccd3a0394fbecf2ba903ad50b55/analysis/1565051985/",
"category": "Payload delivery",
"uuid": "883d7cd4-16f2-4eb4-98a1-6ee7fdf566a3"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "4/71",
"category": "Payload delivery",
"uuid": "35c1a363-34b0-4f3d-9e48-fb1e4be6a548"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--928ffbe0-4d94-455a-97cf-8202e79d6626",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:56.000Z",
"modified": "2019-08-23T09:33:56.000Z",
"pattern": "[file:hashes.MD5 = '1acc3b68da6b0a800cd58af30d47b01e' AND file:hashes.SHA1 = '9c413075aab7ef7876b8dc8d7b7c1b9b96842c6e' AND file:hashes.SHA256 = 'f1d4cc1e08d99497e19a29f9f915b813611b1f569a961bb7bd1ebc41a0b5af08']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--0a71b5ae-12ea-4aa3-bb82-6f031ff3765b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:57.000Z",
"modified": "2019-08-23T09:33:57.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-06T00:39:52",
"category": "Other",
"uuid": "197c6b8b-8408-4769-acbb-f4dfdcc9dac0"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/f1d4cc1e08d99497e19a29f9f915b813611b1f569a961bb7bd1ebc41a0b5af08/analysis/1565051992/",
"category": "Payload delivery",
"uuid": "10aa9680-4f6f-4568-a5fc-274bf7e91101"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "9/71",
"category": "Payload delivery",
"uuid": "0c650060-f835-4d2f-a161-2836b9f2d7a0"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b2e3f716-6a47-4f4c-8d2d-f329559a4cad",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:57.000Z",
"modified": "2019-08-23T09:33:57.000Z",
"pattern": "[file:hashes.MD5 = 'b2975864ad694469b04165bd09277421' AND file:hashes.SHA1 = '0922defb82ff1140bbe3481bab27564bb966d50b' AND file:hashes.SHA256 = '0e0181499e50fb9ce8029767afdcf60ce21eea2819ce7ada1a3def4d8899c7dc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--56045c01-e584-420e-97ad-340f8364c026",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:57.000Z",
"modified": "2019-08-23T09:33:57.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-06T00:39:41",
"category": "Other",
"uuid": "962d2dae-deae-49fe-9bc2-23c4a3f46cad"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/0e0181499e50fb9ce8029767afdcf60ce21eea2819ce7ada1a3def4d8899c7dc/analysis/1565051981/",
"category": "Payload delivery",
"uuid": "6666edb2-556e-4e0c-aced-1f03fb89648f"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "21/71",
"category": "Payload delivery",
"uuid": "78f14ca4-ded4-4fa4-afa8-a4ca6ea0fa4c"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2d52e790-2148-4c46-af5a-3a9cca5167c2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:58.000Z",
"modified": "2019-08-23T09:33:58.000Z",
"pattern": "[file:hashes.MD5 = '5a46d793cf82822cb334b70609a9acd7' AND file:hashes.SHA1 = '56e8743e0773286a4b9e055147d96d53a43beca1' AND file:hashes.SHA256 = 'cde4b654e9bb29d3ace2b3dcd3520039bf8b42f905ac8d9e77845d8b911846e8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--924cdf00-0662-44d7-9abe-db984b87a890",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:58.000Z",
"modified": "2019-08-23T09:33:58.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-06T00:39:50",
"category": "Other",
"uuid": "17dadadd-111e-46a8-92b3-1fe16369945a"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/cde4b654e9bb29d3ace2b3dcd3520039bf8b42f905ac8d9e77845d8b911846e8/analysis/1565051990/",
"category": "Payload delivery",
"uuid": "baef6a31-bc30-4c2a-a6d8-e0539ef8dc11"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "37/70",
"category": "Payload delivery",
"uuid": "026e02d8-4c19-4f54-969d-6572c629dcff"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--780ea6a4-143e-435e-80ce-a9d640727387",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:58.000Z",
"modified": "2019-08-23T09:33:58.000Z",
"pattern": "[file:hashes.MD5 = '2adb5b013ba4de9a20c7c9e185930675' AND file:hashes.SHA1 = '173664de0a9a08218098abfb86d2c64f25b5ee37' AND file:hashes.SHA256 = 'eecb72fdd8f19a6ec78b27f47aa978eefbaf0c80c85481292b91e8010da95bd0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--171b844c-e483-40b1-9be6-3a72552cad24",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:59.000Z",
"modified": "2019-08-23T09:33:59.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-06T00:39:52",
"category": "Other",
"uuid": "69c83f72-bdb7-4652-b926-6a2e851907a5"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/eecb72fdd8f19a6ec78b27f47aa978eefbaf0c80c85481292b91e8010da95bd0/analysis/1565051992/",
"category": "Payload delivery",
"uuid": "702ec67b-808d-45e2-aa3d-96bc5dc257fb"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "17/71",
"category": "Payload delivery",
"uuid": "29ca6fa8-ca51-42c3-b074-5072810b5798"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e85ade4d-1b48-4843-919b-fbb40e56ea8e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:59.000Z",
"modified": "2019-08-23T09:33:59.000Z",
"pattern": "[file:hashes.MD5 = 'de8b61ae73f510eba526684f85b7cacb' AND file:hashes.SHA1 = '71f69f04307c8f5675dcadeaa80b8c2b95691b01' AND file:hashes.SHA256 = '433d0ca49bf2d80f3d61dcf97cd5af0ee52be83d5f8a070560cbf26ff840a676']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:33:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--6d64d31b-f6d3-4aab-8422-536fb14900a9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:33:59.000Z",
"modified": "2019-08-23T09:33:59.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-20T16:43:56",
"category": "Other",
"uuid": "a749b13e-1cfc-4d34-8a55-fbe15a6a1b0f"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/433d0ca49bf2d80f3d61dcf97cd5af0ee52be83d5f8a070560cbf26ff840a676/analysis/1566319436/",
"category": "Payload delivery",
"uuid": "51849d9a-e13d-43e3-a26d-f0d4393471d5"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "37/69",
"category": "Payload delivery",
"uuid": "409c26da-bc69-40f8-adab-b2533fb55f6a"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0435b47e-3fda-4c7f-8c7d-300f6c81e5cc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:34:00.000Z",
"modified": "2019-08-23T09:34:00.000Z",
"pattern": "[file:hashes.MD5 = 'bdede8c167b85250401c7605d81d05f2' AND file:hashes.SHA1 = 'fbb485b40477f5a014e7096747b1b4a494ce50ef' AND file:hashes.SHA256 = '57566f1261b6b05e14aa9b579a7f5cbc2feb361baf897600eaa07da863532eb6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:34:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--ef0ac1b1-06ab-4882-a73a-963968e5d9d5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:34:00.000Z",
"modified": "2019-08-23T09:34:00.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-06T00:39:45",
"category": "Other",
"uuid": "94762121-aaee-40e3-9e1c-53a94ef7f108"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/57566f1261b6b05e14aa9b579a7f5cbc2feb361baf897600eaa07da863532eb6/analysis/1565051985/",
"category": "Payload delivery",
"uuid": "baf99690-03f5-49a4-8f2b-6448cd8e0c31"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "32/71",
"category": "Payload delivery",
"uuid": "b6cfd9ef-a7c3-4d1f-9ce0-c8a4de6257d1"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fa6162c5-05ef-48dc-9617-96c574f6f8ee",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:34:00.000Z",
"modified": "2019-08-23T09:34:00.000Z",
"pattern": "[file:hashes.MD5 = 'a23d27688c57fb8d1b4979c4643c7dbc' AND file:hashes.SHA1 = '53102e57b40feacb64566c26d101d9242dece77c' AND file:hashes.SHA256 = 'd945cca810a8eb7c3e778515c28ceabae296378e5558bc40b125a8df3d4d6fa5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:34:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--30af6744-2ff9-4462-a0fa-be7dfcd5e537",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:34:00.000Z",
"modified": "2019-08-23T09:34:00.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-06T12:02:06",
"category": "Other",
"uuid": "356119c2-4238-44fd-85a9-44e7a88bf048"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/d945cca810a8eb7c3e778515c28ceabae296378e5558bc40b125a8df3d4d6fa5/analysis/1565092926/",
"category": "Payload delivery",
"uuid": "5ee8ca89-dbc7-425e-968e-7f9a4073d9ba"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "37/66",
"category": "Payload delivery",
"uuid": "784cb14b-2405-4a42-90cd-513689cb429b"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--41e8c744-0833-4720-abf8-e40fd4b0a6ec",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:34:00.000Z",
"modified": "2019-08-23T09:34:00.000Z",
"pattern": "[file:hashes.MD5 = '84d0eb92a62f095271fd7a22352144d4' AND file:hashes.SHA1 = '048c40eb606da3def08c9f6997c1948afbbc959b' AND file:hashes.SHA256 = '5aa84aa5c90ec34b7f7d75eb350349ae3aa5060f3ad6dd0520e851626e9f8354']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:34:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--debdafab-84f5-4c5f-8f4a-3d873d95895c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:34:01.000Z",
"modified": "2019-08-23T09:34:01.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-13T12:22:09",
"category": "Other",
"uuid": "4dcdd982-7bae-4fa3-aab4-a7bba1a08e35"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/5aa84aa5c90ec34b7f7d75eb350349ae3aa5060f3ad6dd0520e851626e9f8354/analysis/1565698929/",
"category": "Payload delivery",
"uuid": "e3705fc2-0b09-44d9-aae2-674202792f4a"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "37/70",
"category": "Payload delivery",
"uuid": "1f05cf26-dc13-4a0f-ac1e-8b8e7bd557fc"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6a1850ce-88ff-4602-b863-1c5a8eb3e7d5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:34:01.000Z",
"modified": "2019-08-23T09:34:01.000Z",
"pattern": "[file:hashes.MD5 = '9eb9af0f63644fee49d083c1c330226b' AND file:hashes.SHA1 = '79ac512389ef9e27a3598ca2968573db4f5fd58f' AND file:hashes.SHA256 = 'defebfcc7affc31a00400e387b1994baf1d75704aa682803584e2c87ad154ec1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-08-23T09:34:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--e39a8261-d7fc-4e65-a763-eb2d49bdcf6b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-08-23T09:34:01.000Z",
"modified": "2019-08-23T09:34:01.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2019-08-06T00:39:51",
"category": "Other",
"uuid": "7fd29b15-6b70-40b6-8308-816eee3a7113"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/file/defebfcc7affc31a00400e387b1994baf1d75704aa682803584e2c87ad154ec1/analysis/1565051991/",
"category": "Payload delivery",
"uuid": "86fb6e82-743e-41fa-8f4b-b06cc7c61b88"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "31/69",
"category": "Payload delivery",
"uuid": "4e46ad7a-a5d9-46fc-bf0d-7efc850aa1dc"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--06a8ee88-32de-46f7-b629-484447824ffb",
"created": "2019-08-08T09:19:49.000Z",
"modified": "2019-08-08T09:19:49.000Z",
"relationship_type": "drops",
"source_ref": "indicator--b1fe24c7-e0d6-4ad6-bded-71e94646e1de",
"target_ref": "indicator--33584ba5-ffb6-4b6d-a583-2ed8be8b13a8"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--cbbbc58f-7f4a-432f-be32-e95e3ca4c61f",
"created": "2019-08-23T09:34:01.000Z",
"modified": "2019-08-23T09:34:01.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--5755a9b4-0b6d-4edb-b41d-1fa6eebf677b",
"target_ref": "x-misp-object--57e72629-e86a-4591-b071-dc72988a11dd"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--bff2c9c9-6ece-43d3-9a63-44b117dd0fea",
"created": "2019-08-23T09:34:01.000Z",
"modified": "2019-08-23T09:34:01.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--90ba774e-2d3c-4681-aa3c-2f72306df89e",
"target_ref": "x-misp-object--46245f77-2cae-4804-a5d1-c6c09bb69ef8"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--337d4176-b297-497b-b8d1-6354d077285c",
"created": "2019-08-23T09:34:01.000Z",
"modified": "2019-08-23T09:34:01.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--f23f0b2b-985e-4e21-80dc-e59c3c28c45f",
"target_ref": "x-misp-object--0da0d94b-fd1a-48df-a95f-33f250100eb4"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--e2d20a05-ad56-4357-90d3-4493df082f58",
"created": "2019-08-23T09:34:01.000Z",
"modified": "2019-08-23T09:34:01.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--b05ef68e-17cd-4a85-af71-414145036bba",
"target_ref": "x-misp-object--6847ec0c-770d-4bb0-b6b5-64286a072bb9"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--934e3ffc-6621-4aea-878d-c13c96756157",
"created": "2019-08-23T09:34:02.000Z",
"modified": "2019-08-23T09:34:02.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--531a0491-51fb-4487-8d23-083a61d6749c",
"target_ref": "x-misp-object--b5567de3-b632-4c8e-a2b2-843367a3b89c"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--a37d27d2-0491-4dbc-b17c-fb11b3831547",
"created": "2019-08-23T09:34:02.000Z",
"modified": "2019-08-23T09:34:02.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--6bed7582-d749-4f0e-972a-704520e046dc",
"target_ref": "x-misp-object--fdd40616-8544-40b7-8f04-79ab0dd41097"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--0e5483c4-78ef-43dd-912c-f6ddcbcb3dd9",
"created": "2019-08-23T09:34:02.000Z",
"modified": "2019-08-23T09:34:02.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--fe215d82-4e07-46c1-8545-1d395fa890ce",
"target_ref": "x-misp-object--f4cd93cd-e5cd-42b3-8fe9-28685d552703"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--cbe71e04-9164-4dc5-84f8-b43f24d08cf1",
"created": "2019-08-23T09:34:02.000Z",
"modified": "2019-08-23T09:34:02.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--7047fe89-3ddd-4bff-aa2a-11d986cde08b",
"target_ref": "x-misp-object--4cbc7e29-5a6c-4775-8002-cdba10392a10"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--28a3b9ff-ca08-46f0-8e57-03d3e91e4d94",
"created": "2019-08-23T09:34:02.000Z",
"modified": "2019-08-23T09:34:02.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--50fedb9b-0e14-43fb-8512-8f989ac34305",
"target_ref": "x-misp-object--5028f0e4-43d2-4832-a500-813be2f633b3"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--c807ce46-b8f8-43a7-8dfa-cb1bac7acd66",
"created": "2019-08-23T09:34:02.000Z",
"modified": "2019-08-23T09:34:02.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--51d2647f-b8ad-4664-a17d-7ae19f413a11",
"target_ref": "x-misp-object--24acd52e-a969-4d69-bb88-e57c51a43e42"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--229ab8bc-40e6-4db5-bb51-e636ae35be86",
"created": "2019-08-23T09:34:02.000Z",
"modified": "2019-08-23T09:34:02.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--b6decb0d-6c64-4c13-a035-00e4867fb2dd",
"target_ref": "x-misp-object--7f0397a0-ca35-463e-ba29-48807fde401b"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--83f2bf3f-92c6-4f82-aebb-6ce0b4755850",
"created": "2019-08-23T09:34:02.000Z",
"modified": "2019-08-23T09:34:02.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--68f1d019-274d-43e4-b014-ce9b23560d4e",
"target_ref": "x-misp-object--d006038d-e562-4505-aa6a-26272c6906c5"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--b7184d62-47d9-44f3-a86b-b63735df0671",
"created": "2019-08-23T09:34:02.000Z",
"modified": "2019-08-23T09:34:02.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--a5b82f72-0f15-4329-a3ae-a1443c7c20f9",
"target_ref": "x-misp-object--ef7058b0-ee9a-42e7-84e4-571560201656"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--c317d4b6-5dbb-4e88-8e50-c8db321b7327",
"created": "2019-08-23T09:34:02.000Z",
"modified": "2019-08-23T09:34:02.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--a7f25b8a-bc21-44ec-88e6-fe0d358f36b5",
"target_ref": "x-misp-object--a15e1912-b799-484e-8596-3a929eb5b849"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--3ee63fd8-5e77-4439-b0ee-0766a57e1af7",
"created": "2019-08-23T09:34:02.000Z",
"modified": "2019-08-23T09:34:02.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--fbbe7063-4dc9-40d9-8a70-5e10d25ae1be",
"target_ref": "x-misp-object--3dccc6fd-ccf2-4995-8770-41075c7981c0"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--84b54e51-8b79-4049-87a0-31fb20ab31b1",
"created": "2019-08-23T09:34:02.000Z",
"modified": "2019-08-23T09:34:02.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--4671a7c1-3b72-427b-b486-a9076c743c39",
"target_ref": "x-misp-object--601cbe62-0b1b-4765-9a08-23a989a76447"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--7fb8cc6f-d399-4c5a-8265-a8ab609bc707",
"created": "2019-08-23T09:34:02.000Z",
"modified": "2019-08-23T09:34:02.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--b8629f7c-4f7b-403e-9b5e-8343238e99cf",
"target_ref": "x-misp-object--e400655d-93d4-46a7-9116-738530e06ea7"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--ce903a7d-f2dd-46e9-8f00-53d0c9e35c0d",
"created": "2019-08-23T09:34:03.000Z",
"modified": "2019-08-23T09:34:03.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--e8a2c8f3-145e-47a6-83fe-139a0629e77c",
"target_ref": "x-misp-object--3cf7cf8e-f19a-4306-bd46-e65583216baa"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--a5389fdc-9cf8-4476-af55-f0152b907005",
"created": "2019-08-23T09:34:03.000Z",
"modified": "2019-08-23T09:34:03.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--cd784941-a6e5-4ff2-b4d2-8e0201d5fabd",
"target_ref": "x-misp-object--116175d9-f786-4417-91c1-e787621fc175"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--94ce788e-962c-481d-a6ab-f747583ded3b",
"created": "2019-08-23T09:34:03.000Z",
"modified": "2019-08-23T09:34:03.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--583f80b7-150f-43b8-984c-507183734547",
"target_ref": "x-misp-object--7c9894ca-7a08-4157-a60a-2dbfdead61bb"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--cfabfd1a-d54a-4d68-b870-03b110fde348",
"created": "2019-08-23T09:34:03.000Z",
"modified": "2019-08-23T09:34:03.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--7e7268fb-a0fc-4c93-bc16-ba606b5e988b",
"target_ref": "x-misp-object--8e631b4f-7877-4d15-8bae-4026529a128a"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--af8f30b3-a0f3-4c23-8441-64832a0ccd9e",
"created": "2019-08-23T09:34:03.000Z",
"modified": "2019-08-23T09:34:03.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--2b52403a-fe7b-4b5e-9b93-ca6d6eed3654",
"target_ref": "x-misp-object--73744f82-718a-484b-8057-e78bf0d1f92d"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--1cac643c-3b77-4f07-899b-cede03317941",
"created": "2019-08-23T09:34:03.000Z",
"modified": "2019-08-23T09:34:03.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--c7f78389-8821-43ca-8d46-687afc70fa6a",
"target_ref": "x-misp-object--b97cd856-8dae-4602-aa2f-db8daf1f1129"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--ba756c6b-7c7c-4c65-b3c7-3860c1599bff",
"created": "2019-08-23T09:34:03.000Z",
"modified": "2019-08-23T09:34:03.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--477d1696-bc96-462f-afed-7aac5dac22e3",
"target_ref": "x-misp-object--2d8d71da-d2e0-4004-9cc1-fc2b68fca4e3"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--b53402e9-9c45-4b4f-8695-112372c06d45",
"created": "2019-08-23T09:34:03.000Z",
"modified": "2019-08-23T09:34:03.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--2c001844-70ba-431f-b9e2-c81f88058ed8",
"target_ref": "x-misp-object--8aa45243-df40-4d10-bf17-d3e2599fed0a"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--de8b66eb-2998-45ed-80f8-79a72e9597d8",
"created": "2019-08-23T09:34:03.000Z",
"modified": "2019-08-23T09:34:03.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--58281799-2547-4047-98cd-60e10f04c1bd",
"target_ref": "x-misp-object--87010e33-7b38-419d-8421-5eaa07cb8c4b"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--cd5bcce0-556b-416c-8912-6ff105754654",
"created": "2019-08-23T09:34:03.000Z",
"modified": "2019-08-23T09:34:03.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--ac105d47-7fab-4260-ad19-e2827a659096",
"target_ref": "x-misp-object--63dce8e1-33e9-48be-8523-b5db67038282"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--43118cd9-5f78-4e7c-8f89-9d7cc52fa152",
"created": "2019-08-23T09:34:03.000Z",
"modified": "2019-08-23T09:34:03.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--206578ce-144d-4490-b193-f64ae055a583",
"target_ref": "x-misp-object--0dc7048e-96ee-4e68-a2eb-403dd3883ae3"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--eeb6bb88-3a49-4103-9927-68bfae0a7d6e",
"created": "2019-08-23T09:34:04.000Z",
"modified": "2019-08-23T09:34:04.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--928ffbe0-4d94-455a-97cf-8202e79d6626",
"target_ref": "x-misp-object--0a71b5ae-12ea-4aa3-bb82-6f031ff3765b"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--b9f519ab-c1e4-4d4a-ad22-3d978820e20e",
"created": "2019-08-23T09:34:04.000Z",
"modified": "2019-08-23T09:34:04.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--b2e3f716-6a47-4f4c-8d2d-f329559a4cad",
"target_ref": "x-misp-object--56045c01-e584-420e-97ad-340f8364c026"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--0609b546-85a0-4800-946e-9ba1beae7f29",
"created": "2019-08-23T09:34:04.000Z",
"modified": "2019-08-23T09:34:04.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--2d52e790-2148-4c46-af5a-3a9cca5167c2",
"target_ref": "x-misp-object--924cdf00-0662-44d7-9abe-db984b87a890"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--0fd8d129-8274-4cc2-ad3c-3315a2e6e8ba",
"created": "2019-08-23T09:34:04.000Z",
"modified": "2019-08-23T09:34:04.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--780ea6a4-143e-435e-80ce-a9d640727387",
"target_ref": "x-misp-object--171b844c-e483-40b1-9be6-3a72552cad24"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--0eaf1bbe-7c07-4983-b128-790b57dda6fb",
"created": "2019-08-23T09:34:04.000Z",
"modified": "2019-08-23T09:34:04.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--e85ade4d-1b48-4843-919b-fbb40e56ea8e",
"target_ref": "x-misp-object--6d64d31b-f6d3-4aab-8422-536fb14900a9"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--33c6ada1-fee4-4481-ab7c-3ef110d881f7",
"created": "2019-08-23T09:34:04.000Z",
"modified": "2019-08-23T09:34:04.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--0435b47e-3fda-4c7f-8c7d-300f6c81e5cc",
"target_ref": "x-misp-object--ef0ac1b1-06ab-4882-a73a-963968e5d9d5"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--88342bae-8e56-455f-b5c3-e121120f8505",
"created": "2019-08-23T09:34:04.000Z",
"modified": "2019-08-23T09:34:04.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--fa6162c5-05ef-48dc-9617-96c574f6f8ee",
"target_ref": "x-misp-object--30af6744-2ff9-4462-a0fa-be7dfcd5e537"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--1a232636-0a4e-4a58-830d-099a3ebb49cf",
"created": "2019-08-23T09:34:04.000Z",
"modified": "2019-08-23T09:34:04.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--41e8c744-0833-4720-abf8-e40fd4b0a6ec",
"target_ref": "x-misp-object--debdafab-84f5-4c5f-8f4a-3d873d95895c"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--b81ebf12-0d72-418d-a30f-2e8d2cbb228a",
"created": "2019-08-23T09:34:04.000Z",
"modified": "2019-08-23T09:34:04.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--6a1850ce-88ff-4602-b863-1c5a8eb3e7d5",
"target_ref": "x-misp-object--e39a8261-d7fc-4e65-a763-eb2d49bdcf6b"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}